From patchwork Wed Aug 17 06:55:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 115195 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 54C5DA0032; Wed, 17 Aug 2022 10:04:34 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 0AC4841155; Wed, 17 Aug 2022 10:04:31 +0200 (CEST) Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by mails.dpdk.org (Postfix) with ESMTP id BFFC14068E for ; Wed, 17 Aug 2022 10:04:28 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1660723468; x=1692259468; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=GZ49nkyx99W39vVBKDAEeIqZ/x2BzpnXPfZLL9Mk14Q=; b=bw6nYZu0HyuHkLZoXSC63xctrgTO8C0B1V0iZSsxpE4NCjJRDO8Aj+dG CSDGcTWWnbmhNSJ8xajK4uG7XHzvX8y5CFuq5XhSyEMx8uxYqcmUwLdEf an4qVUpDoI6nVj9C84xb+vxx0tvDETNdvJQLaaId6PtgwqtTstAhs8RbZ BHMPSIPy/aSiVz1ZE7orpN8k85mDnziFsbDciZIfZRiDE+9UyzTRGOOc3 D0fJPkR71IZDXDKfKoPlm3xaO6MkH+FvVGSYsRugCVlFk6NXVLZ1aBfMX VeNxHjUQ8cW6OJEtJgZOF8qozxSzJsRUxGvYDXZxrYNpFQ6PSeV93my77 w==; X-IronPort-AV: E=McAfee;i="6400,9594,10441"; a="354176545" X-IronPort-AV: E=Sophos;i="5.93,242,1654585200"; d="scan'208";a="354176545" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Aug 2022 01:04:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,242,1654585200"; d="scan'208";a="733595818" Received: from silpixa00399302.ir.intel.com ([10.237.214.136]) by orsmga004.jf.intel.com with ESMTP; 17 Aug 2022 01:04:26 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, kai.ji@intel.com, Arek Kusztal Subject: [PATCH 1/3] crypto/qat: make immutable parameters constant Date: Wed, 17 Aug 2022 07:55:34 +0100 Message-Id: <20220817065536.79716-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20220817065536.79716-1-arkadiuszx.kusztal@intel.com> References: <20220817065536.79716-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org All pointers passed to functions that are not supposed to have its data changed should be marked as constant. Additionally session field should be checked only in with session case. Signed-off-by: Arek Kusztal Acked-by: Ciara Power --- drivers/common/qat/qat_adf/qat_pke.h | 16 ++--- drivers/crypto/qat/qat_asym.c | 133 ++++++++++++++++++----------------- drivers/crypto/qat/qat_ec.h | 2 +- 3 files changed, 76 insertions(+), 75 deletions(-) diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h index 6c12bfd989..00e2b776dc 100644 --- a/drivers/common/qat/qat_adf/qat_pke.h +++ b/drivers/common/qat/qat_adf/qat_pke.h @@ -50,13 +50,13 @@ get_modexp_function2(uint32_t bytesize) } static struct qat_asym_function -get_modexp_function(struct rte_crypto_asym_xform *xform) +get_modexp_function(const struct rte_crypto_asym_xform *xform) { return get_modexp_function2(xform->modex.modulus.length); } static struct qat_asym_function -get_modinv_function(struct rte_crypto_asym_xform *xform) +get_modinv_function(const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function = { }; @@ -137,7 +137,7 @@ get_modinv_function(struct rte_crypto_asym_xform *xform) } static struct qat_asym_function -get_rsa_enc_function(struct rte_crypto_asym_xform *xform) +get_rsa_enc_function(const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function = { }; @@ -164,7 +164,7 @@ get_rsa_enc_function(struct rte_crypto_asym_xform *xform) } static struct qat_asym_function -get_rsa_dec_function(struct rte_crypto_asym_xform *xform) +get_rsa_dec_function(const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function = { }; @@ -191,7 +191,7 @@ get_rsa_dec_function(struct rte_crypto_asym_xform *xform) } static struct qat_asym_function -get_rsa_crt_function(struct rte_crypto_asym_xform *xform) +get_rsa_crt_function(const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function = { }; int nlen = xform->rsa.qt.p.length * 2; @@ -219,7 +219,7 @@ get_rsa_crt_function(struct rte_crypto_asym_xform *xform) } static struct qat_asym_function -get_ecdsa_verify_function(struct rte_crypto_asym_xform *xform) +get_ecdsa_verify_function(const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; @@ -243,7 +243,7 @@ get_ecdsa_verify_function(struct rte_crypto_asym_xform *xform) } static struct qat_asym_function -get_ecdsa_function(struct rte_crypto_asym_xform *xform) +get_ecdsa_function(const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; @@ -267,7 +267,7 @@ get_ecdsa_function(struct rte_crypto_asym_xform *xform) } static struct qat_asym_function -get_ecpm_function(struct rte_crypto_asym_xform *xform) +get_ecpm_function(const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 19931791c4..374452020a 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -129,7 +129,7 @@ cleanup_crt(struct qat_asym_op_cookie *cookie, static void cleanup(struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform, int alg_size) + const struct rte_crypto_asym_xform *xform, int alg_size) { if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) cleanup_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS, @@ -175,7 +175,7 @@ check_zero(rte_crypto_param n) } static struct qat_asym_function -get_asym_function(struct rte_crypto_asym_xform *xform) +get_asym_function(const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; @@ -195,10 +195,10 @@ get_asym_function(struct rte_crypto_asym_xform *xform) } static int -modexp_set_input(struct rte_crypto_asym_op *asym_op, - struct icp_qat_fw_pke_request *qat_req, +modexp_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; uint32_t alg_bytesize, func_id, in_bytesize; @@ -245,8 +245,8 @@ modexp_set_input(struct rte_crypto_asym_op *asym_op, static uint8_t modexp_collect(struct rte_crypto_asym_op *asym_op, - struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_xform *xform) { rte_crypto_param n = xform->modex.modulus; uint32_t alg_bytesize = cookie->alg_bytesize; @@ -265,10 +265,10 @@ modexp_collect(struct rte_crypto_asym_op *asym_op, } static int -modinv_set_input(struct rte_crypto_asym_op *asym_op, - struct icp_qat_fw_pke_request *qat_req, +modinv_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; uint32_t alg_bytesize, func_id; @@ -305,8 +305,8 @@ modinv_set_input(struct rte_crypto_asym_op *asym_op, static uint8_t modinv_collect(struct rte_crypto_asym_op *asym_op, - struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_xform *xform) { rte_crypto_param n = xform->modinv.modulus; uint8_t *modinv_result = asym_op->modinv.result.data; @@ -326,10 +326,10 @@ modinv_collect(struct rte_crypto_asym_op *asym_op, } static int -rsa_set_pub_input(struct rte_crypto_asym_op *asym_op, - struct icp_qat_fw_pke_request *qat_req, +rsa_set_pub_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; uint32_t alg_bytesize, func_id; @@ -382,10 +382,10 @@ rsa_set_pub_input(struct rte_crypto_asym_op *asym_op, } static int -rsa_set_priv_input(struct rte_crypto_asym_op *asym_op, - struct icp_qat_fw_pke_request *qat_req, +rsa_set_priv_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; uint32_t alg_bytesize, func_id; @@ -475,10 +475,10 @@ rsa_set_priv_input(struct rte_crypto_asym_op *asym_op, } static int -rsa_set_input(struct rte_crypto_asym_op *asym_op, - struct icp_qat_fw_pke_request *qat_req, +rsa_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) { qat_req->input_param_count = QAT_ASYM_RSA_NUM_IN_PARAMS; @@ -488,15 +488,15 @@ rsa_set_input(struct rte_crypto_asym_op *asym_op, if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT || asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) { - return rsa_set_pub_input(asym_op, qat_req, cookie, xform); + return rsa_set_pub_input(qat_req, cookie, asym_op, xform); } else { - return rsa_set_priv_input(asym_op, qat_req, cookie, xform); + return rsa_set_priv_input(qat_req, cookie, asym_op, xform); } } static uint8_t rsa_collect(struct rte_crypto_asym_op *asym_op, - struct qat_asym_op_cookie *cookie) + const struct qat_asym_op_cookie *cookie) { uint32_t alg_bytesize = cookie->alg_bytesize; @@ -560,10 +560,10 @@ rsa_collect(struct rte_crypto_asym_op *asym_op, } static int -ecdsa_set_input(struct rte_crypto_asym_op *asym_op, - struct icp_qat_fw_pke_request *qat_req, +ecdsa_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; uint32_t qat_func_alignsize, func_id; @@ -663,7 +663,7 @@ ecdsa_set_input(struct rte_crypto_asym_op *asym_op, static uint8_t ecdsa_collect(struct rte_crypto_asym_op *asym_op, - struct qat_asym_op_cookie *cookie) + const struct qat_asym_op_cookie *cookie) { uint32_t alg_bytesize = cookie->alg_bytesize; uint32_t qat_func_alignsize = cookie->qat_func_alignsize; @@ -687,10 +687,10 @@ ecdsa_collect(struct rte_crypto_asym_op *asym_op, } static int -ecpm_set_input(struct rte_crypto_asym_op *asym_op, - struct icp_qat_fw_pke_request *qat_req, +ecpm_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function; uint32_t qat_func_alignsize, func_id; @@ -739,7 +739,7 @@ ecpm_set_input(struct rte_crypto_asym_op *asym_op, static uint8_t ecpm_collect(struct rte_crypto_asym_op *asym_op, - struct qat_asym_op_cookie *cookie) + const struct qat_asym_op_cookie *cookie) { uint8_t *x = asym_op->ecpm.r.x.data; uint8_t *y = asym_op->ecpm.r.y.data; @@ -760,27 +760,27 @@ ecpm_collect(struct rte_crypto_asym_op *asym_op, } static int -asym_set_input(struct rte_crypto_asym_op *asym_op, - struct icp_qat_fw_pke_request *qat_req, +asym_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) { switch (xform->xform_type) { case RTE_CRYPTO_ASYM_XFORM_MODEX: - return modexp_set_input(asym_op, qat_req, - cookie, xform); + return modexp_set_input(qat_req, cookie, + asym_op, xform); case RTE_CRYPTO_ASYM_XFORM_MODINV: - return modinv_set_input(asym_op, qat_req, - cookie, xform); + return modinv_set_input(qat_req, cookie, + asym_op, xform); case RTE_CRYPTO_ASYM_XFORM_RSA: - return rsa_set_input(asym_op, qat_req, - cookie, xform); + return rsa_set_input(qat_req, cookie, + asym_op, xform); case RTE_CRYPTO_ASYM_XFORM_ECDSA: - return ecdsa_set_input(asym_op, qat_req, - cookie, xform); + return ecdsa_set_input(qat_req, cookie, + asym_op, xform); case RTE_CRYPTO_ASYM_XFORM_ECPM: - return ecpm_set_input(asym_op, qat_req, - cookie, xform); + return ecpm_set_input(qat_req, cookie, + asym_op, xform); default: QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform"); return -EINVAL; @@ -790,28 +790,28 @@ asym_set_input(struct rte_crypto_asym_op *asym_op, static int qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie, - __rte_unused uint64_t *opaque, + __rte_unused uint64_t *opaque_data, __rte_unused enum qat_device_gen qat_dev_gen) { struct rte_crypto_op *op = (struct rte_crypto_op *)in_op; - struct rte_crypto_asym_op *asym_op = op->asym; struct icp_qat_fw_pke_request *qat_req = (struct icp_qat_fw_pke_request *)out_msg; struct qat_asym_op_cookie *cookie = (struct qat_asym_op_cookie *)op_cookie; - struct rte_crypto_asym_xform *xform; - struct qat_asym_session *qat_session = (struct qat_asym_session *) - op->asym->session->sess_private_data; - int err = 0; - - if (unlikely(qat_session == NULL)) { - QAT_DP_LOG(ERR, "Session was not created for this device"); - goto error; - } + const struct qat_asym_session *qat_session; + const struct rte_crypto_asym_xform *xform; + int error_no = 0; op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; switch (op->sess_type) { case RTE_CRYPTO_OP_WITH_SESSION: + qat_session = (struct qat_asym_session *) + op->asym->session->sess_private_data; + if (unlikely(qat_session == NULL)) { + QAT_DP_LOG(ERR, + "Session was not created for this device"); + goto error; + } request_init(qat_req); xform = &qat_session->xform; break; @@ -824,9 +824,9 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie, op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION; goto error; } - err = asym_set_input(asym_op, qat_req, cookie, - xform); - if (err) { + error_no = asym_set_input(qat_req, cookie, + op->asym, xform); + if (error_no) { op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; goto error; } @@ -844,15 +844,15 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie, qat_req->output_param_count = 0; qat_req->input_param_count = 0; qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL; - cookie->error |= err; + cookie->error |= error_no; return 0; } static uint8_t qat_asym_collect_response(struct rte_crypto_op *op, - struct qat_asym_op_cookie *cookie, - struct rte_crypto_asym_xform *xform) + const struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_xform *xform) { struct rte_crypto_asym_op *asym_op = op->asym; @@ -877,14 +877,13 @@ static int qat_asym_process_response(void **out_op, uint8_t *resp, void *op_cookie, __rte_unused uint64_t *dequeue_err_count) { - struct icp_qat_fw_pke_resp *resp_msg = + const struct icp_qat_fw_pke_resp *resp_msg = (struct icp_qat_fw_pke_resp *)resp; struct rte_crypto_op *op = (struct rte_crypto_op *)(uintptr_t) (resp_msg->opaque); struct qat_asym_op_cookie *cookie = op_cookie; - struct rte_crypto_asym_xform *xform; - struct qat_asym_session *qat_session = (struct qat_asym_session *) - op->asym->session->sess_private_data; + const struct rte_crypto_asym_xform *xform; + const struct qat_asym_session *qat_session; if (cookie->error) { cookie->error = 0; @@ -909,6 +908,8 @@ qat_asym_process_response(void **out_op, uint8_t *resp, switch (op->sess_type) { case RTE_CRYPTO_OP_WITH_SESSION: + qat_session = (struct qat_asym_session *) + op->asym->session->sess_private_data; xform = &qat_session->xform; break; case RTE_CRYPTO_OP_SESSIONLESS: diff --git a/drivers/crypto/qat/qat_ec.h b/drivers/crypto/qat/qat_ec.h index bbd0b31949..0e02722c18 100644 --- a/drivers/crypto/qat/qat_ec.h +++ b/drivers/crypto/qat/qat_ec.h @@ -264,7 +264,7 @@ static struct elliptic_curve curve[] = { }; static int -pick_curve(struct rte_crypto_asym_xform *xform) +pick_curve(const struct rte_crypto_asym_xform *xform) { switch (xform->ec.curve_id) { case RTE_CRYPTO_EC_GROUP_SECP256R1: From patchwork Wed Aug 17 06:55:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 115196 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 52470A0032; Wed, 17 Aug 2022 10:04:42 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 58C32427F4; Wed, 17 Aug 2022 10:04:33 +0200 (CEST) Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by mails.dpdk.org (Postfix) with ESMTP id D7DD141147 for ; Wed, 17 Aug 2022 10:04:30 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1660723471; x=1692259471; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=kXyAsGJVAWAjAcioPPGtGAvWsVOjpUUKuunwvUFfOeE=; b=fy8aOI1GwsCJ7FmGbzC1NnqynPCa8Cv7rFAGJNQGmUHNCEjRm4fdPx1Q aa3ihq4V1duB4+KCj2lpAJsFAEzbLyf2+fgpOOQnGugNqRVCfQAx2U4l6 8l5y4ikAXGqzXGCi26DSycv7487hEHfqRUr2fmA4E7/7eg518oACEoUSy ZW+/guesbSKeSYGHi4f+abju2KmnvsQ1dzfA7FPHTUWNeWFM9VWMTIlZE JwonqTR9WsZwHHZKZp9Y7xeDqw5LiwSYibhCHQcfNhjatpnApNAaaM4f+ 1C9T09gUu9E9qbJ6OAHZAkqEDFoRGa9pcpXKzZqcOHtj0YESaVSJcVe/t w==; X-IronPort-AV: E=McAfee;i="6400,9594,10441"; a="354176555" X-IronPort-AV: E=Sophos;i="5.93,242,1654585200"; d="scan'208";a="354176555" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Aug 2022 01:04:30 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,242,1654585200"; d="scan'208";a="733595835" Received: from silpixa00399302.ir.intel.com ([10.237.214.136]) by orsmga004.jf.intel.com with ESMTP; 17 Aug 2022 01:04:29 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, kai.ji@intel.com, Arek Kusztal Subject: [PATCH 2/3] crypto/qat: add ecdh key exchange algorithm Date: Wed, 17 Aug 2022 07:55:35 +0100 Message-Id: <20220817065536.79716-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20220817065536.79716-1-arkadiuszx.kusztal@intel.com> References: <20220817065536.79716-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit adds ECDH algorithm to Intel QuickAssist Technology driver. Signed-off-by: Arek Kusztal --- drivers/crypto/qat/qat_asym.c | 94 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 374452020a..34fb3f5a45 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -760,6 +760,95 @@ ecpm_collect(struct rte_crypto_asym_op *asym_op, } static int +ecdh_set_input(struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) +{ + struct qat_asym_function qat_function; + uint32_t qat_func_alignsize, func_id; + int curve_id; + + curve_id = pick_curve(xform); + if (curve_id < 0) { + QAT_LOG(DEBUG, "Incorrect elliptic curve"); + return -EINVAL; + } + + qat_function = get_ecpm_function(xform); + func_id = qat_function.func_id; + if (func_id == 0) { + QAT_LOG(ERR, "Cannot obtain functionality id"); + return -EINVAL; + } + qat_func_alignsize = RTE_ALIGN_CEIL(qat_function.bytesize, 8); + + if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) { + SET_PKE_LN(asym_op->ecdh.priv_key, qat_func_alignsize, 0); + SET_PKE_LN_EC(curve[curve_id], x, 1); + SET_PKE_LN_EC(curve[curve_id], y, 2); + } else { + SET_PKE_LN(asym_op->ecdh.priv_key, qat_func_alignsize, 0); + SET_PKE_LN(asym_op->ecdh.pub_key.x, qat_func_alignsize, 1); + SET_PKE_LN(asym_op->ecdh.pub_key.y, qat_func_alignsize, 2); + } + SET_PKE_LN_EC(curve[curve_id], a, 3); + SET_PKE_LN_EC(curve[curve_id], b, 4); + SET_PKE_LN_EC(curve[curve_id], p, 5); + SET_PKE_LN_EC(curve[curve_id], h, 6); + + cookie->alg_bytesize = curve[curve_id].bytesize; + cookie->qat_func_alignsize = qat_func_alignsize; + qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = + QAT_ASYM_ECPM_IN_PARAMS; + qat_req->output_param_count = + QAT_ASYM_ECPM_OUT_PARAMS; + + HEXDUMP("k", cookie->input_array[0], qat_func_alignsize); + HEXDUMP("xG", cookie->input_array[1], qat_func_alignsize); + HEXDUMP("yG", cookie->input_array[2], qat_func_alignsize); + HEXDUMP("a", cookie->input_array[3], qat_func_alignsize); + HEXDUMP("b", cookie->input_array[4], qat_func_alignsize); + HEXDUMP("q", cookie->input_array[5], qat_func_alignsize); + HEXDUMP("h", cookie->input_array[6], qat_func_alignsize); + + return 0; +} + +static uint8_t +ecdh_collect(struct rte_crypto_asym_op *asym_op, + const struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_xform *xform) +{ + uint8_t *x, *y; + uint32_t alg_bytesize = cookie->alg_bytesize; + uint32_t qat_func_alignsize = cookie->qat_func_alignsize; + uint32_t ltrim = qat_func_alignsize - alg_bytesize; + + if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) { + asym_op->ecdh.pub_key.x.length = alg_bytesize; + asym_op->ecdh.pub_key.y.length = alg_bytesize; + x = asym_op->ecdh.pub_key.x.data; + y = asym_op->ecdh.pub_key.y.data; + } else { + asym_op->ecdh.shared_secret.x.length = alg_bytesize; + asym_op->ecdh.shared_secret.y.length = alg_bytesize; + x = asym_op->ecdh.shared_secret.x.data; + y = asym_op->ecdh.shared_secret.y.data; + } + + rte_memcpy(x, &cookie->output_array[0][ltrim], alg_bytesize); + rte_memcpy(y, &cookie->output_array[1][ltrim], alg_bytesize); + + HEXDUMP("X", cookie->output_array[0], + qat_func_alignsize); + HEXDUMP("Y", cookie->output_array[1], + qat_func_alignsize); + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + +static int asym_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, const struct rte_crypto_asym_op *asym_op, @@ -781,6 +870,9 @@ asym_set_input(struct icp_qat_fw_pke_request *qat_req, case RTE_CRYPTO_ASYM_XFORM_ECPM: return ecpm_set_input(qat_req, cookie, asym_op, xform); + case RTE_CRYPTO_ASYM_XFORM_ECDH: + return ecdh_set_input(qat_req, cookie, + asym_op, xform); default: QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform"); return -EINVAL; @@ -867,6 +959,8 @@ qat_asym_collect_response(struct rte_crypto_op *op, return ecdsa_collect(asym_op, cookie); case RTE_CRYPTO_ASYM_XFORM_ECPM: return ecpm_collect(asym_op, cookie); + case RTE_CRYPTO_ASYM_XFORM_ECDH: + return ecdh_collect(asym_op, cookie, xform); default: QAT_LOG(ERR, "Not supported xform type"); return RTE_CRYPTO_OP_STATUS_ERROR; From patchwork Wed Aug 17 06:55:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 115197 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 71C94A0032; Wed, 17 Aug 2022 10:04:47 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 65F9F41611; Wed, 17 Aug 2022 10:04:35 +0200 (CEST) Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by mails.dpdk.org (Postfix) with ESMTP id E2076427ED for ; Wed, 17 Aug 2022 10:04:32 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1660723473; x=1692259473; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=9Cdra7zbAC0Ny2MJrGTRUKrmwHoS2+kdkRI4Ya7XB5o=; b=GNjb7JeQYci/W4nMM3BonXNo3JXVod5AFDPu8PDV6I1ue1ddWwspbSFC LRyCbO8iBeCLyr/4/H+RPpHSSNmGT2dJfFhKj5f6nk1zrkAYiyb6q8Khj nBEQp/htdmDJdO5IZVrkcZy3E11nR7cyG8Oq/yIWzv8imCWM7mjeEL99i Nx7M9nBf/KftTM9dYBm13+nmsCn1/8hYRVY5VxJlGiXGXyDjMHlMcjfU1 VKPlg8/6kMhLNDeR+ZJaJe4N9WrhA3bzMMrUTuJ/IpduylBc/3yG176pA Xa70qot8NCbCtlzekw1Ix/JvUxE10ClgjRhwLt5z4IACHO/OnjItS5OIC Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10441"; a="354176580" X-IronPort-AV: E=Sophos;i="5.93,242,1654585200"; d="scan'208";a="354176580" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Aug 2022 01:04:32 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,242,1654585200"; d="scan'208";a="733595845" Received: from silpixa00399302.ir.intel.com ([10.237.214.136]) by orsmga004.jf.intel.com with ESMTP; 17 Aug 2022 01:04:31 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, kai.ji@intel.com, Arek Kusztal Subject: [PATCH 3/3] crypto/qat: add ecdh public key verification Date: Wed, 17 Aug 2022 07:55:36 +0100 Message-Id: <20220817065536.79716-4-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20220817065536.79716-1-arkadiuszx.kusztal@intel.com> References: <20220817065536.79716-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit adds verification option for elliptic curve points when used along ECDH algorithm. Signed-off-by: Arek Kusztal --- drivers/common/qat/qat_adf/qat_pke.h | 24 +++++++++++++++ drivers/crypto/qat/qat_asym.c | 58 +++++++++++++++++++++++++++++++++++- 2 files changed, 81 insertions(+), 1 deletion(-) diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h index 00e2b776dc..4b09e76dbb 100644 --- a/drivers/common/qat/qat_adf/qat_pke.h +++ b/drivers/common/qat/qat_adf/qat_pke.h @@ -290,4 +290,28 @@ get_ecpm_function(const struct rte_crypto_asym_xform *xform) return qat_function; } +static struct qat_asym_function +get_ec_verify_function(const struct rte_crypto_asym_xform *xform) +{ + struct qat_asym_function qat_function; + + switch (xform->ec.curve_id) { + case RTE_CRYPTO_EC_GROUP_SECP256R1: + qat_function.func_id = MATHS_POINT_VERIFY_GFP_L256; + qat_function.bytesize = 32; + break; + case RTE_CRYPTO_EC_GROUP_SECP384R1: + qat_function.func_id = MATHS_POINT_VERIFY_GFP_L512; + qat_function.bytesize = 64; + break; + case RTE_CRYPTO_EC_GROUP_SECP521R1: + qat_function.func_id = MATHS_POINT_VERIFY_GFP_521; + qat_function.bytesize = 66; + break; + default: + qat_function.func_id = 0; + } + return qat_function; +} + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 34fb3f5a45..33e6ca045f 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -816,6 +816,53 @@ ecdh_set_input(struct icp_qat_fw_pke_request *qat_req, return 0; } +static int +ecdh_verify_set_input(struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) +{ + struct qat_asym_function qat_function; + uint32_t qat_func_alignsize, func_id; + int curve_id; + + curve_id = pick_curve(xform); + if (curve_id < 0) { + QAT_LOG(DEBUG, "Incorrect elliptic curve"); + return -EINVAL; + } + + qat_function = get_ec_verify_function(xform); + func_id = qat_function.func_id; + if (func_id == 0) { + QAT_LOG(ERR, "Cannot obtain functionality id"); + return -EINVAL; + } + qat_func_alignsize = RTE_ALIGN_CEIL(qat_function.bytesize, 8); + + SET_PKE_LN(asym_op->ecdh.pub_key.x, qat_func_alignsize, 0); + SET_PKE_LN(asym_op->ecdh.pub_key.y, qat_func_alignsize, 1); + SET_PKE_LN_EC(curve[curve_id], p, 2); + SET_PKE_LN_EC(curve[curve_id], a, 3); + SET_PKE_LN_EC(curve[curve_id], b, 4); + + cookie->alg_bytesize = curve[curve_id].bytesize; + cookie->qat_func_alignsize = qat_func_alignsize; + qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = + 5; + qat_req->output_param_count = + 0; + + HEXDUMP("x", cookie->input_array[0], qat_func_alignsize); + HEXDUMP("y", cookie->input_array[1], qat_func_alignsize); + HEXDUMP("p", cookie->input_array[2], qat_func_alignsize); + HEXDUMP("a", cookie->input_array[3], qat_func_alignsize); + HEXDUMP("b", cookie->input_array[4], qat_func_alignsize); + + return 0; +} + static uint8_t ecdh_collect(struct rte_crypto_asym_op *asym_op, const struct qat_asym_op_cookie *cookie, @@ -826,6 +873,9 @@ ecdh_collect(struct rte_crypto_asym_op *asym_op, uint32_t qat_func_alignsize = cookie->qat_func_alignsize; uint32_t ltrim = qat_func_alignsize - alg_bytesize; + if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY) + return RTE_CRYPTO_OP_STATUS_SUCCESS; + if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) { asym_op->ecdh.pub_key.x.length = alg_bytesize; asym_op->ecdh.pub_key.y.length = alg_bytesize; @@ -871,8 +921,14 @@ asym_set_input(struct icp_qat_fw_pke_request *qat_req, return ecpm_set_input(qat_req, cookie, asym_op, xform); case RTE_CRYPTO_ASYM_XFORM_ECDH: - return ecdh_set_input(qat_req, cookie, + if (asym_op->ecdh.ke_type == + RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY) { + return ecdh_verify_set_input(qat_req, cookie, asym_op, xform); + } else { + return ecdh_set_input(qat_req, cookie, + asym_op, xform); + } default: QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform"); return -EINVAL;