* [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms
@ 2022-02-21 10:48 Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 1/5] crypto/qat: refactor asymmetric crypto functions Arek Kusztal
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: Arek Kusztal @ 2022-02-21 10:48 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patchset adds following asymmetric crypto algorithms to Intel QuickAssist Technology driver:
- ECDSA
- ECPM
Code also was refactored to be more readable and easier scalable.
v2:
- add actual implementation
v3:
- rebase against newest changes
Depends-on: patch-107793 ("crypto: fix misspelled key in qt format")
Depends-on: series-21741 ("drivers/qat: QAT symmetric crypto datapatch rework")
Arek Kusztal (5):
crypto/qat: refactor asymmetric crypto functions
crypto/qat: add named elliptic curves
crypto/qat: add ecdsa algorithm
crypto/qat: add ecpm algorithm
crypto/qat: refactor asymmetric session
doc/guides/cryptodevs/qat.rst | 3 +
doc/guides/rel_notes/release_22_03.rst | 10 +
drivers/common/qat/qat_adf/qat_pke.h | 275 ++++
.../qat/qat_adf/qat_pke_functionality_arrays.h | 79 -
drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 1 -
drivers/crypto/qat/qat_asym.c | 1673 +++++++++++++-------
drivers/crypto/qat/qat_asym.h | 24 +-
drivers/crypto/qat/qat_ec.h | 206 +++
8 files changed, 1563 insertions(+), 708 deletions(-)
create mode 100644 drivers/common/qat/qat_adf/qat_pke.h
delete mode 100644 drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
create mode 100644 drivers/crypto/qat/qat_ec.h
--
2.13.6
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v3 1/5] crypto/qat: refactor asymmetric crypto functions
2022-02-21 10:48 [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
@ 2022-02-21 10:48 ` Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 2/5] crypto/qat: add named elliptic curves Arek Kusztal
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Arek Kusztal @ 2022-02-21 10:48 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This commit refactors asummetric crypto functions
in Intel QuickAssist Technology PMD.
Functions right now are shorter and far easier readable,
plus it facilitates addition of new algorithms.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/qat.rst | 1 +
drivers/common/qat/qat_adf/qat_pke.h | 215 ++++
.../qat/qat_adf/qat_pke_functionality_arrays.h | 79 --
drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 1 -
drivers/crypto/qat/qat_asym.c | 1130 +++++++++-----------
drivers/crypto/qat/qat_asym.h | 16 +-
6 files changed, 734 insertions(+), 708 deletions(-)
create mode 100644 drivers/common/qat/qat_adf/qat_pke.h
delete mode 100644 drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 88a50b2816..452bc843c2 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -174,6 +174,7 @@ The QAT ASYM PMD has support for:
* ``RTE_CRYPTO_ASYM_XFORM_MODEX``
* ``RTE_CRYPTO_ASYM_XFORM_MODINV``
+* ``RTE_CRYPTO_ASYM_XFORM_RSA``
Limitations
~~~~~~~~~~~
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
new file mode 100644
index 0000000000..82bb1ee55e
--- /dev/null
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -0,0 +1,215 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2021-2022 Intel Corporation
+ */
+
+#ifndef _QAT_PKE_FUNCTIONALITY_ARRAYS_H_
+#define _QAT_PKE_FUNCTIONALITY_ARRAYS_H_
+
+#include "icp_qat_fw_mmp_ids.h"
+
+/*
+ * Modular exponentiation functionality IDs
+ */
+
+struct qat_asym_function {
+ uint32_t func_id;
+ uint32_t bytesize;
+};
+
+static struct qat_asym_function
+get_modexp_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+
+ if (xform->modex.modulus.length <= 64) {
+ qat_function.func_id = MATHS_MODEXP_L512;
+ qat_function.bytesize = 64;
+ } else if (xform->modex.modulus.length <= 128) {
+ qat_function.func_id = MATHS_MODEXP_L1024;
+ qat_function.bytesize = 128;
+ } else if (xform->modex.modulus.length <= 192) {
+ qat_function.func_id = MATHS_MODEXP_L1536;
+ qat_function.bytesize = 192;
+ } else if (xform->modex.modulus.length <= 256) {
+ qat_function.func_id = MATHS_MODEXP_L2048;
+ qat_function.bytesize = 256;
+ } else if (xform->modex.modulus.length <= 320) {
+ qat_function.func_id = MATHS_MODEXP_L2560;
+ qat_function.bytesize = 320;
+ } else if (xform->modex.modulus.length <= 384) {
+ qat_function.func_id = MATHS_MODEXP_L3072;
+ qat_function.bytesize = 384;
+ } else if (xform->modex.modulus.length <= 448) {
+ qat_function.func_id = MATHS_MODEXP_L3584;
+ qat_function.bytesize = 448;
+ } else if (xform->modex.modulus.length <= 512) {
+ qat_function.func_id = MATHS_MODEXP_L4096;
+ qat_function.bytesize = 512;
+ }
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_modinv_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+
+ if (xform->modinv.modulus.data[
+ xform->modinv.modulus.length - 1] & 0x01) {
+ if (xform->modex.modulus.length <= 16) {
+ qat_function.func_id = MATHS_MODINV_ODD_L128;
+ qat_function.bytesize = 16;
+ } else if (xform->modex.modulus.length <= 24) {
+ qat_function.func_id = MATHS_MODINV_ODD_L192;
+ qat_function.bytesize = 24;
+ } else if (xform->modex.modulus.length <= 32) {
+ qat_function.func_id = MATHS_MODINV_ODD_L256;
+ qat_function.bytesize = 32;
+ } else if (xform->modex.modulus.length <= 48) {
+ qat_function.func_id = MATHS_MODINV_ODD_L384;
+ qat_function.bytesize = 48;
+ } else if (xform->modex.modulus.length <= 64) {
+ qat_function.func_id = MATHS_MODINV_ODD_L512;
+ qat_function.bytesize = 64;
+ } else if (xform->modex.modulus.length <= 96) {
+ qat_function.func_id = MATHS_MODINV_ODD_L768;
+ qat_function.bytesize = 96;
+ } else if (xform->modex.modulus.length <= 128) {
+ qat_function.func_id = MATHS_MODINV_ODD_L1024;
+ qat_function.bytesize = 128;
+ } else if (xform->modex.modulus.length <= 192) {
+ qat_function.func_id = MATHS_MODINV_ODD_L1536;
+ qat_function.bytesize = 192;
+ } else if (xform->modex.modulus.length <= 256) {
+ qat_function.func_id = MATHS_MODINV_ODD_L2048;
+ qat_function.bytesize = 256;
+ } else if (xform->modex.modulus.length <= 384) {
+ qat_function.func_id = MATHS_MODINV_ODD_L3072;
+ qat_function.bytesize = 384;
+ } else if (xform->modex.modulus.length <= 512) {
+ qat_function.func_id = MATHS_MODINV_ODD_L4096;
+ qat_function.bytesize = 512;
+ }
+ } else {
+ if (xform->modex.modulus.length <= 16) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L128;
+ qat_function.bytesize = 16;
+ } else if (xform->modex.modulus.length <= 24) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L192;
+ qat_function.bytesize = 24;
+ } else if (xform->modex.modulus.length <= 32) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L256;
+ qat_function.bytesize = 32;
+ } else if (xform->modex.modulus.length <= 48) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L384;
+ qat_function.bytesize = 48;
+ } else if (xform->modex.modulus.length <= 64) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L512;
+ qat_function.bytesize = 64;
+ } else if (xform->modex.modulus.length <= 96) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L768;
+ qat_function.bytesize = 96;
+ } else if (xform->modex.modulus.length <= 128) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L1024;
+ qat_function.bytesize = 128;
+ } else if (xform->modex.modulus.length <= 192) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L1536;
+ qat_function.bytesize = 192;
+ } else if (xform->modex.modulus.length <= 256) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L2048;
+ qat_function.bytesize = 256;
+ } else if (xform->modex.modulus.length <= 384) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L3072;
+ qat_function.bytesize = 384;
+ } else if (xform->modex.modulus.length <= 512) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L4096;
+ qat_function.bytesize = 512;
+ }
+ }
+
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_rsa_enc_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+
+ if (xform->rsa.n.length <= 64) {
+ qat_function.func_id = PKE_RSA_EP_512;
+ qat_function.bytesize = 64;
+ } else if (xform->rsa.n.length <= 128) {
+ qat_function.func_id = PKE_RSA_EP_1024;
+ qat_function.bytesize = 128;
+ } else if (xform->rsa.n.length <= 192) {
+ qat_function.func_id = PKE_RSA_EP_1536;
+ qat_function.bytesize = 192;
+ } else if (xform->rsa.n.length <= 256) {
+ qat_function.func_id = PKE_RSA_EP_2048;
+ qat_function.bytesize = 256;
+ } else if (xform->rsa.n.length <= 384) {
+ qat_function.func_id = PKE_RSA_EP_3072;
+ qat_function.bytesize = 384;
+ } else if (xform->rsa.n.length <= 512) {
+ qat_function.func_id = PKE_RSA_EP_4096;
+ qat_function.bytesize = 512;
+ }
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_rsa_dec_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+
+ if (xform->rsa.n.length <= 64) {
+ qat_function.func_id = PKE_RSA_DP1_512;
+ qat_function.bytesize = 64;
+ } else if (xform->rsa.n.length <= 128) {
+ qat_function.func_id = PKE_RSA_DP1_1024;
+ qat_function.bytesize = 128;
+ } else if (xform->rsa.n.length <= 192) {
+ qat_function.func_id = PKE_RSA_DP1_1536;
+ qat_function.bytesize = 192;
+ } else if (xform->rsa.n.length <= 256) {
+ qat_function.func_id = PKE_RSA_DP1_2048;
+ qat_function.bytesize = 256;
+ } else if (xform->rsa.n.length <= 384) {
+ qat_function.func_id = PKE_RSA_DP1_3072;
+ qat_function.bytesize = 384;
+ } else if (xform->rsa.n.length <= 512) {
+ qat_function.func_id = PKE_RSA_DP1_4096;
+ qat_function.bytesize = 512;
+ }
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_rsa_crt_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+ int nlen = xform->rsa.qt.p.length * 2;
+
+ if (nlen <= 64) {
+ qat_function.func_id = PKE_RSA_DP2_512;
+ qat_function.bytesize = 64;
+ } else if (nlen <= 128) {
+ qat_function.func_id = PKE_RSA_DP2_1024;
+ qat_function.bytesize = 128;
+ } else if (nlen <= 192) {
+ qat_function.func_id = PKE_RSA_DP2_1536;
+ qat_function.bytesize = 192;
+ } else if (nlen <= 256) {
+ qat_function.func_id = PKE_RSA_DP2_2048;
+ qat_function.bytesize = 256;
+ } else if (nlen <= 384) {
+ qat_function.func_id = PKE_RSA_DP2_3072;
+ qat_function.bytesize = 384;
+ } else if (nlen <= 512) {
+ qat_function.func_id = PKE_RSA_DP2_4096;
+ qat_function.bytesize = 512;
+ }
+ return qat_function;
+}
+
+#endif
diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
deleted file mode 100644
index 42ffbbadd0..0000000000
--- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2019 Intel Corporation
- */
-
-#ifndef _QAT_PKE_FUNCTIONALITY_ARRAYS_H_
-#define _QAT_PKE_FUNCTIONALITY_ARRAYS_H_
-
-#include "icp_qat_fw_mmp_ids.h"
-
-/*
- * Modular exponentiation functionality IDs
- */
-static const uint32_t MOD_EXP_SIZE[][2] = {
- { 512, MATHS_MODEXP_L512 },
- { 1024, MATHS_MODEXP_L1024 },
- { 1536, MATHS_MODEXP_L1536 },
- { 2048, MATHS_MODEXP_L2048 },
- { 2560, MATHS_MODEXP_L2560 },
- { 3072, MATHS_MODEXP_L3072 },
- { 3584, MATHS_MODEXP_L3584 },
- { 4096, MATHS_MODEXP_L4096 }
-};
-
-static const uint32_t MOD_INV_IDS_ODD[][2] = {
- { 128, MATHS_MODINV_ODD_L128 },
- { 192, MATHS_MODINV_ODD_L192 },
- { 256, MATHS_MODINV_ODD_L256 },
- { 384, MATHS_MODINV_ODD_L384 },
- { 512, MATHS_MODINV_ODD_L512 },
- { 768, MATHS_MODINV_ODD_L768 },
- { 1024, MATHS_MODINV_ODD_L1024 },
- { 1536, MATHS_MODINV_ODD_L1536 },
- { 2048, MATHS_MODINV_ODD_L2048 },
- { 3072, MATHS_MODINV_ODD_L3072 },
- { 4096, MATHS_MODINV_ODD_L4096 },
-};
-
-static const uint32_t MOD_INV_IDS_EVEN[][2] = {
- { 128, MATHS_MODINV_EVEN_L128 },
- { 192, MATHS_MODINV_EVEN_L192 },
- { 256, MATHS_MODINV_EVEN_L256 },
- { 384, MATHS_MODINV_EVEN_L384 },
- { 512, MATHS_MODINV_EVEN_L512 },
- { 768, MATHS_MODINV_EVEN_L768 },
- { 1024, MATHS_MODINV_EVEN_L1024 },
- { 1536, MATHS_MODINV_EVEN_L1536 },
- { 2048, MATHS_MODINV_EVEN_L2048 },
- { 3072, MATHS_MODINV_EVEN_L3072 },
- { 4096, MATHS_MODINV_EVEN_L4096 },
-};
-
-static const uint32_t RSA_ENC_IDS[][2] = {
- { 512, PKE_RSA_EP_512 },
- { 1024, PKE_RSA_EP_1024 },
- { 1536, PKE_RSA_EP_1536 },
- { 2048, PKE_RSA_EP_2048 },
- { 3072, PKE_RSA_EP_3072 },
- { 4096, PKE_RSA_EP_4096 },
-};
-
-static const uint32_t RSA_DEC_IDS[][2] = {
- { 512, PKE_RSA_DP1_512 },
- { 1024, PKE_RSA_DP1_1024 },
- { 1536, PKE_RSA_DP1_1536 },
- { 2048, PKE_RSA_DP1_2048 },
- { 3072, PKE_RSA_DP1_3072 },
- { 4096, PKE_RSA_DP1_4096 },
-};
-
-static const uint32_t RSA_DEC_CRT_IDS[][2] = {
- { 512, PKE_RSA_DP2_512 },
- { 1024, PKE_RSA_DP2_1024 },
- { 1536, PKE_RSA_DP2_1536 },
- { 2048, PKE_RSA_DP2_2048 },
- { 3072, PKE_RSA_DP2_3072 },
- { 4096, PKE_RSA_DP2_4096 },
-};
-
-#endif
diff --git a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
index 01a897a21f..4499fdaf2d 100644
--- a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
+++ b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
@@ -7,7 +7,6 @@
#include "qat_asym.h"
#include "qat_crypto.h"
#include "qat_crypto_pmd_gens.h"
-#include "qat_pke_functionality_arrays.h"
struct rte_cryptodev_ops qat_asym_crypto_ops_gen1 = {
/* Device related operations */
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 6e65950baf..56dc0019dc 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -6,45 +6,18 @@
#include <cryptodev_pmd.h>
-#include "icp_qat_fw_pke.h"
-#include "icp_qat_fw.h"
-#include "qat_pke_functionality_arrays.h"
-
#include "qat_device.h"
-
#include "qat_logs.h"
+
#include "qat_asym.h"
+#include "icp_qat_fw_pke.h"
+#include "icp_qat_fw.h"
+#include "qat_pke.h"
uint8_t qat_asym_driver_id;
struct qat_crypto_gen_dev_ops qat_asym_gen_dev_ops[QAT_N_GENS];
-void
-qat_asym_init_op_cookie(void *op_cookie)
-{
- int j;
- struct qat_asym_op_cookie *cookie = op_cookie;
-
- cookie->input_addr = rte_mempool_virt2iova(cookie) +
- offsetof(struct qat_asym_op_cookie,
- input_params_ptrs);
-
- cookie->output_addr = rte_mempool_virt2iova(cookie) +
- offsetof(struct qat_asym_op_cookie,
- output_params_ptrs);
-
- for (j = 0; j < 8; j++) {
- cookie->input_params_ptrs[j] =
- rte_mempool_virt2iova(cookie) +
- offsetof(struct qat_asym_op_cookie,
- input_array[j]);
- cookie->output_params_ptrs[j] =
- rte_mempool_virt2iova(cookie) +
- offsetof(struct qat_asym_op_cookie,
- output_array[j]);
- }
-}
-
/* An rte_driver is needed in the registration of both the device and the driver
* with cryptodev.
* The actual qat pci's rte_driver can't be used as its name represents
@@ -57,8 +30,52 @@ static const struct rte_driver cryptodev_qat_asym_driver = {
.alias = qat_asym_drv_name
};
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+#define HEXDUMP(name, where, size) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
+ where, size)
+#define HEXDUMP_OFF(name, where, size, idx) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
+ &where[idx * size], size)
+#else
+#define HEXDUMP(name, where, size)
+#define HEXDUMP_OFF(name, where, size, idx)
+#endif
-static void qat_clear_arrays(struct qat_asym_op_cookie *cookie,
+#define CHECK_IF_NOT_EMPTY(param, name, pname, status) \
+ do { \
+ if (param.length == 0) { \
+ QAT_LOG(ERR, \
+ "Invalid " name \
+ " input parameter, zero length " pname \
+ ); \
+ status = -EINVAL; \
+ } else if (check_zero(param)) { \
+ QAT_LOG(ERR, \
+ "Invalid " name " input parameter, empty " \
+ pname ", length = %d", \
+ (int)param.length \
+ ); \
+ status = -EINVAL; \
+ } \
+ } while (0)
+
+#define SET_PKE_LN(where, what, how, idx) \
+ rte_memcpy(where[idx] + how - \
+ what.length, \
+ what.data, \
+ what.length)
+
+static void
+request_init(struct icp_qat_fw_pke_request *qat_req)
+{
+ memset(qat_req, 0, sizeof(*qat_req));
+ qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_CPM_FW_PKE;
+ qat_req->pke_hdr.hdr_flags =
+ ICP_QAT_FW_COMN_HDR_FLAGS_BUILD
+ (ICP_QAT_FW_COMN_REQ_FLAG_SET);
+}
+
+static void
+cleanup_arrays(struct qat_asym_op_cookie *cookie,
int in_count, int out_count, int alg_size)
{
int i;
@@ -69,7 +86,8 @@ static void qat_clear_arrays(struct qat_asym_op_cookie *cookie,
memset(cookie->output_array[i], 0x0, alg_size);
}
-static void qat_clear_arrays_crt(struct qat_asym_op_cookie *cookie,
+static void
+cleanup_crt(struct qat_asym_op_cookie *cookie,
int alg_size)
{
int i;
@@ -81,469 +99,490 @@ static void qat_clear_arrays_crt(struct qat_asym_op_cookie *cookie,
memset(cookie->output_array[i], 0x0, alg_size);
}
-static void qat_clear_arrays_by_alg(struct qat_asym_op_cookie *cookie,
+static void
+cleanup(struct qat_asym_op_cookie *cookie,
struct rte_crypto_asym_xform *xform, int alg_size)
{
if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX)
- qat_clear_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS,
+ cleanup_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS,
QAT_ASYM_MODEXP_NUM_OUT_PARAMS, alg_size);
else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV)
- qat_clear_arrays(cookie, QAT_ASYM_MODINV_NUM_IN_PARAMS,
+ cleanup_arrays(cookie, QAT_ASYM_MODINV_NUM_IN_PARAMS,
QAT_ASYM_MODINV_NUM_OUT_PARAMS, alg_size);
else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_QT)
- qat_clear_arrays_crt(cookie, alg_size);
+ cleanup_crt(cookie, alg_size);
else {
- qat_clear_arrays(cookie, QAT_ASYM_RSA_NUM_IN_PARAMS,
+ cleanup_arrays(cookie, QAT_ASYM_RSA_NUM_IN_PARAMS,
QAT_ASYM_RSA_NUM_OUT_PARAMS, alg_size);
}
}
}
-#define qat_asym_sz_2param(arg) (arg, sizeof(arg)/sizeof(*arg))
-
static int
-qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
- size_t arr_sz, size_t *size, uint32_t *func_id)
+check_zero(rte_crypto_param n)
{
- size_t i;
+ int i, len = n.length;
- for (i = 0; i < arr_sz; i++) {
- if (*size <= arr[i][0]) {
- *size = arr[i][0];
- *func_id = arr[i][1];
- return 0;
+ if (len < 8) {
+ for (i = len - 1; i >= 0; i--) {
+ if (n.data[i] != 0x0)
+ return 0;
}
- }
- return -1;
+ } else if (len == 8 && *(uint64_t *)&n.data[len - 8] == 0) {
+ return 1;
+ } else if (*(uint64_t *)&n.data[len - 8] == 0) {
+ for (i = len - 9; i >= 0; i--) {
+ if (n.data[i] != 0x0)
+ return 0;
+ }
+ } else
+ return 0;
+
+ return 1;
}
-static size_t
-max_of(int n, ...)
+static struct qat_asym_function
+get_asym_function(struct rte_crypto_asym_xform *xform)
{
- va_list args;
- size_t len = 0, num;
- int i;
+ struct qat_asym_function qat_function;
+
+ switch (xform->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ qat_function = get_modexp_function(xform);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ qat_function = get_modinv_function(xform);
+ break;
+ default:
+ qat_function.func_id = 0;
+ break;
+ }
- va_start(args, n);
- len = va_arg(args, size_t);
+ return qat_function;
+}
- for (i = 0; i < n - 1; i++) {
- num = va_arg(args, size_t);
- if (num > len)
- len = num;
+static int
+modexp_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, func_id;
+ int status = 0;
+
+ CHECK_IF_NOT_EMPTY(xform->modex.modulus, "mod exp",
+ "modulus", status);
+ CHECK_IF_NOT_EMPTY(xform->modex.exponent, "mod exp",
+ "exponent", status);
+ if (status)
+ return status;
+
+ qat_function = get_asym_function(xform);
+ func_id = qat_function.func_id;
+ if (qat_function.func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
}
- va_end(args);
+ alg_bytesize = qat_function.bytesize;
+
+ SET_PKE_LN(cookie->input_array, asym_op->modex.base,
+ alg_bytesize, 0);
+ SET_PKE_LN(cookie->input_array, xform->modex.exponent,
+ alg_bytesize, 1);
+ SET_PKE_LN(cookie->input_array, xform->modex.modulus,
+ alg_bytesize, 2);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count = QAT_ASYM_MODEXP_NUM_IN_PARAMS;
+ qat_req->output_param_count = QAT_ASYM_MODEXP_NUM_OUT_PARAMS;
- return len;
+ HEXDUMP("ModExp base", cookie->input_array[0], alg_bytesize);
+ HEXDUMP("ModExp exponent", cookie->input_array[1], alg_bytesize);
+ HEXDUMP("ModExp modulus", cookie->input_array[2], alg_bytesize);
+
+ return status;
}
-static int
-qat_asym_check_nonzero(rte_crypto_param n)
+static uint8_t
+modexp_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
{
- if (n.length < 8) {
- /* Not a case for any cryptographic function except for DH
- * generator which very often can be of one byte length
- */
- size_t i;
-
- if (n.data[n.length - 1] == 0x0) {
- for (i = 0; i < n.length - 1; i++)
- if (n.data[i] != 0x0)
- break;
- if (i == n.length - 1)
- return -(EINVAL);
- }
- } else if (*(uint64_t *)&n.data[
- n.length - 8] == 0) {
- /* Very likely it is zeroed modulus */
- size_t i;
+ rte_crypto_param n = xform->modex.modulus;
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+ uint8_t *modexp_result = asym_op->modex.result.data;
+
+ rte_memcpy(modexp_result,
+ cookie->output_array[0] + alg_bytesize
+ - n.length, n.length);
+ HEXDUMP("ModExp result", cookie->output_array[0],
+ alg_bytesize);
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
- for (i = 0; i < n.length - 8; i++)
- if (n.data[i] != 0x0)
- break;
- if (i == n.length - 8)
- return -(EINVAL);
+static int
+modinv_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, func_id;
+ int status = 0;
+
+ CHECK_IF_NOT_EMPTY(xform->modex.modulus, "mod inv",
+ "modulus", status);
+ if (status)
+ return status;
+
+ qat_function = get_asym_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
}
+ alg_bytesize = qat_function.bytesize;
+
+ SET_PKE_LN(cookie->input_array, asym_op->modinv.base,
+ alg_bytesize, 0);
+ SET_PKE_LN(cookie->input_array, xform->modinv.modulus,
+ alg_bytesize, 1);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_MODINV_NUM_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_MODINV_NUM_OUT_PARAMS;
+
+ HEXDUMP("ModInv base", cookie->input_array[0], alg_bytesize);
+ HEXDUMP("ModInv modulus", cookie->input_array[1], alg_bytesize);
return 0;
}
+static uint8_t
+modinv_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ rte_crypto_param n = xform->modinv.modulus;
+ uint8_t *modinv_result = asym_op->modinv.result.data;
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+
+ rte_memcpy(modinv_result + (asym_op->modinv.result.length
+ - n.length),
+ cookie->output_array[0] + alg_bytesize
+ - n.length, n.length);
+ HEXDUMP("ModInv result", cookie->output_array[0],
+ alg_bytesize);
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
static int
-qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op,
+rsa_set_pub_input(struct rte_crypto_asym_op *asym_op,
struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
struct rte_crypto_asym_xform *xform)
{
- int err = 0;
- size_t alg_size;
- size_t alg_size_in_bytes;
- uint32_t func_id = 0;
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, func_id;
+ int status = 0;
+
+ qat_function = get_rsa_enc_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
- if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
- err = qat_asym_check_nonzero(xform->modex.modulus);
- if (err) {
- QAT_LOG(ERR, "Empty modulus in modular exponentiation,"
- " aborting this operation");
- return err;
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ SET_PKE_LN(cookie->input_array, asym_op->rsa.message,
+ alg_bytesize, 0);
+ break;
+ default:
+ QAT_LOG(ERR,
+ "Invalid RSA padding (Encryption)"
+ );
+ return -EINVAL;
+ }
+ HEXDUMP("RSA Message", cookie->input_array[0], alg_bytesize);
+ } else {
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ SET_PKE_LN(cookie->input_array, asym_op->rsa.sign,
+ alg_bytesize, 0);
+ break;
+ default:
+ QAT_LOG(ERR,
+ "Invalid RSA padding (Verify)");
+ return -EINVAL;
}
+ HEXDUMP("RSA Signature", cookie->input_array[0],
+ alg_bytesize);
+ }
- alg_size_in_bytes = max_of(3, asym_op->modex.base.length,
- xform->modex.exponent.length,
- xform->modex.modulus.length);
- alg_size = alg_size_in_bytes << 3;
+ SET_PKE_LN(cookie->input_array, xform->rsa.e,
+ alg_bytesize, 1);
+ SET_PKE_LN(cookie->input_array, xform->rsa.n,
+ alg_bytesize, 2);
- if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE,
- sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
- alg_size_in_bytes = alg_size >> 3;
- rte_memcpy(cookie->input_array[0] + alg_size_in_bytes -
- asym_op->modex.base.length
- , asym_op->modex.base.data,
- asym_op->modex.base.length);
- rte_memcpy(cookie->input_array[1] + alg_size_in_bytes -
- xform->modex.exponent.length
- , xform->modex.exponent.data,
- xform->modex.exponent.length);
- rte_memcpy(cookie->input_array[2] + alg_size_in_bytes -
- xform->modex.modulus.length,
- xform->modex.modulus.data,
- xform->modex.modulus.length);
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
- qat_req->input_param_count = QAT_ASYM_MODEXP_NUM_IN_PARAMS;
- qat_req->output_param_count = QAT_ASYM_MODEXP_NUM_OUT_PARAMS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp base",
- cookie->input_array[0],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp exponent",
- cookie->input_array[1],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, " ModExpmodulus",
- cookie->input_array[2],
- alg_size_in_bytes);
-#endif
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
- err = qat_asym_check_nonzero(xform->modinv.modulus);
- if (err) {
- QAT_LOG(ERR, "Empty modulus in modular multiplicative"
- " inverse, aborting this operation");
- return err;
+ HEXDUMP("RSA Public Key", cookie->input_array[1], alg_bytesize);
+ HEXDUMP("RSA Modulus", cookie->input_array[2], alg_bytesize);
+
+ return status;
+}
+
+static int
+rsa_set_priv_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, func_id;
+ int status = 0;
+
+ if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_QT) {
+ qat_function = get_rsa_crt_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
}
+ alg_bytesize = qat_function.bytesize;
+ qat_req->input_param_count =
+ QAT_ASYM_RSA_QT_NUM_IN_PARAMS;
+
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.p,
+ (alg_bytesize >> 1), 1);
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.q,
+ (alg_bytesize >> 1), 2);
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.dP,
+ (alg_bytesize >> 1), 3);
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.dQ,
+ (alg_bytesize >> 1), 4);
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.qInv,
+ (alg_bytesize >> 1), 5);
+
+ HEXDUMP("RSA p", cookie->input_array[1],
+ alg_bytesize);
+ HEXDUMP("RSA q", cookie->input_array[2],
+ alg_bytesize);
+ HEXDUMP("RSA dP", cookie->input_array[3],
+ alg_bytesize);
+ HEXDUMP("RSA dQ", cookie->input_array[4],
+ alg_bytesize);
+ HEXDUMP("RSA qInv", cookie->input_array[5],
+ alg_bytesize);
+ } else if (xform->rsa.key_type ==
+ RTE_RSA_KEY_TYPE_EXP) {
+ qat_function = get_rsa_dec_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
- alg_size_in_bytes = max_of(2, asym_op->modinv.base.length,
- xform->modinv.modulus.length);
- alg_size = alg_size_in_bytes << 3;
-
- if (xform->modinv.modulus.data[
- xform->modinv.modulus.length - 1] & 0x01) {
- if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_ODD,
- sizeof(MOD_INV_IDS_ODD)/
- sizeof(*MOD_INV_IDS_ODD),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
- } else {
- if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_EVEN,
- sizeof(MOD_INV_IDS_EVEN)/
- sizeof(*MOD_INV_IDS_EVEN),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
+ SET_PKE_LN(cookie->input_array, xform->rsa.d,
+ alg_bytesize, 1);
+ SET_PKE_LN(cookie->input_array, xform->rsa.n,
+ alg_bytesize, 2);
+
+ HEXDUMP("RSA d", cookie->input_array[1],
+ alg_bytesize);
+ HEXDUMP("RSA n", cookie->input_array[2],
+ alg_bytesize);
+ } else {
+ QAT_LOG(ERR, "Invalid RSA key type");
+ return -EINVAL;
+ }
+
+ if (asym_op->rsa.op_type ==
+ RTE_CRYPTO_ASYM_OP_DECRYPT) {
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ SET_PKE_LN(cookie->input_array, asym_op->rsa.cipher,
+ alg_bytesize, 0);
+ HEXDUMP("RSA ciphertext", cookie->input_array[0],
+ alg_bytesize);
+ break;
+ default:
+ QAT_LOG(ERR,
+ "Invalid padding of RSA (Decrypt)");
+ return -(EINVAL);
}
- alg_size_in_bytes = alg_size >> 3;
- rte_memcpy(cookie->input_array[0] + alg_size_in_bytes -
- asym_op->modinv.base.length
- , asym_op->modinv.base.data,
- asym_op->modinv.base.length);
- rte_memcpy(cookie->input_array[1] + alg_size_in_bytes -
- xform->modinv.modulus.length
- , xform->modinv.modulus.data,
- xform->modinv.modulus.length);
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
- qat_req->input_param_count =
- QAT_ASYM_MODINV_NUM_IN_PARAMS;
- qat_req->output_param_count =
- QAT_ASYM_MODINV_NUM_OUT_PARAMS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv base",
- cookie->input_array[0],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv modulus",
- cookie->input_array[1],
- alg_size_in_bytes);
-#endif
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
- err = qat_asym_check_nonzero(xform->rsa.n);
- if (err) {
- QAT_LOG(ERR, "Empty modulus in RSA"
- " inverse, aborting this operation");
- return err;
+ } else if (asym_op->rsa.op_type ==
+ RTE_CRYPTO_ASYM_OP_SIGN) {
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ SET_PKE_LN(cookie->input_array, asym_op->rsa.message,
+ alg_bytesize, 0);
+ HEXDUMP("RSA text to be signed", cookie->input_array[0],
+ alg_bytesize);
+ break;
+ default:
+ QAT_LOG(ERR,
+ "Invalid padding of RSA (Signature)");
+ return -(EINVAL);
}
+ }
- alg_size_in_bytes = xform->rsa.n.length;
- alg_size = alg_size_in_bytes << 3;
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ return status;
+}
- qat_req->input_param_count =
- QAT_ASYM_RSA_NUM_IN_PARAMS;
- qat_req->output_param_count =
- QAT_ASYM_RSA_NUM_OUT_PARAMS;
-
- if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
- asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_VERIFY) {
-
- if (qat_asym_get_sz_and_func_id(RSA_ENC_IDS,
- sizeof(RSA_ENC_IDS)/
- sizeof(*RSA_ENC_IDS),
- &alg_size, &func_id)) {
- err = -(EINVAL);
- QAT_LOG(ERR,
- "Not supported RSA parameter size (key)");
- return err;
- }
- alg_size_in_bytes = alg_size >> 3;
- if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(cookie->input_array[0] +
- alg_size_in_bytes -
- asym_op->rsa.message.length
- , asym_op->rsa.message.data,
- asym_op->rsa.message.length);
- break;
- default:
- err = -(EINVAL);
- QAT_LOG(ERR,
- "Invalid RSA padding (Encryption)");
- return err;
- }
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Message",
- cookie->input_array[0],
- alg_size_in_bytes);
-#endif
- } else {
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(cookie->input_array[0],
- asym_op->rsa.sign.data,
- alg_size_in_bytes);
- break;
- default:
- err = -(EINVAL);
- QAT_LOG(ERR,
- "Invalid RSA padding (Verify)");
- return err;
- }
+static int
+rsa_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ qat_req->input_param_count =
+ QAT_ASYM_RSA_NUM_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_RSA_NUM_OUT_PARAMS;
+
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
+ asym_op->rsa.op_type ==
+ RTE_CRYPTO_ASYM_OP_VERIFY) {
+ return rsa_set_pub_input(asym_op, qat_req, cookie, xform);
+ } else {
+ return rsa_set_priv_input(asym_op, qat_req, cookie, xform);
+ }
+}
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, " RSA Signature",
- cookie->input_array[0],
- alg_size_in_bytes);
-#endif
+static uint8_t
+rsa_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie)
+{
+ uint32_t alg_bytesize = cookie->alg_bytesize;
- }
- rte_memcpy(cookie->input_array[1] +
- alg_size_in_bytes -
- xform->rsa.e.length
- , xform->rsa.e.data,
- xform->rsa.e.length);
- rte_memcpy(cookie->input_array[2] +
- alg_size_in_bytes -
- xform->rsa.n.length,
- xform->rsa.n.data,
- xform->rsa.n.length);
-
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
+ asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) {
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Public Key",
- cookie->input_array[1], alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Modulus",
- cookie->input_array[2], alg_size_in_bytes);
-#endif
- } else {
- if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_DECRYPT) {
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(cookie->input_array[0]
- + alg_size_in_bytes -
- asym_op->rsa.cipher.length,
- asym_op->rsa.cipher.data,
- asym_op->rsa.cipher.length);
- break;
- default:
- QAT_LOG(ERR,
- "Invalid padding of RSA (Decrypt)");
- return -(EINVAL);
- }
-
- } else if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_SIGN) {
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(cookie->input_array[0]
- + alg_size_in_bytes -
- asym_op->rsa.message.length,
- asym_op->rsa.message.data,
- asym_op->rsa.message.length);
- break;
- default:
- QAT_LOG(ERR,
- "Invalid padding of RSA (Signature)");
- return -(EINVAL);
- }
- }
- if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_QT) {
-
- qat_req->input_param_count =
- QAT_ASYM_RSA_QT_NUM_IN_PARAMS;
- if (qat_asym_get_sz_and_func_id(RSA_DEC_CRT_IDS,
- sizeof(RSA_DEC_CRT_IDS)/
- sizeof(*RSA_DEC_CRT_IDS),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
- alg_size_in_bytes = alg_size >> 3;
-
- rte_memcpy(cookie->input_array[1] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.p.length
- , xform->rsa.qt.p.data,
- xform->rsa.qt.p.length);
- rte_memcpy(cookie->input_array[2] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.q.length
- , xform->rsa.qt.q.data,
- xform->rsa.qt.q.length);
- rte_memcpy(cookie->input_array[3] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.dP.length
- , xform->rsa.qt.dP.data,
- xform->rsa.qt.dP.length);
- rte_memcpy(cookie->input_array[4] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.dQ.length
- , xform->rsa.qt.dQ.data,
- xform->rsa.qt.dQ.length);
- rte_memcpy(cookie->input_array[5] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.qInv.length
- , xform->rsa.qt.qInv.data,
- xform->rsa.qt.qInv.length);
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
+ if (asym_op->rsa.op_type ==
+ RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+ uint8_t *rsa_result = asym_op->rsa.cipher.data;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "C",
- cookie->input_array[0],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "p",
- cookie->input_array[1],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "q",
- cookie->input_array[2],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG,
- "dP", cookie->input_array[3],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG,
- "dQ", cookie->input_array[4],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG,
- "qInv", cookie->input_array[5],
- alg_size_in_bytes);
-#endif
- } else if (xform->rsa.key_type ==
- RTE_RSA_KEY_TYPE_EXP) {
- if (qat_asym_get_sz_and_func_id(
- RSA_DEC_IDS,
- sizeof(RSA_DEC_IDS)/
- sizeof(*RSA_DEC_IDS),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
- alg_size_in_bytes = alg_size >> 3;
- rte_memcpy(cookie->input_array[1] +
- alg_size_in_bytes -
- xform->rsa.d.length,
- xform->rsa.d.data,
- xform->rsa.d.length);
- rte_memcpy(cookie->input_array[2] +
- alg_size_in_bytes -
- xform->rsa.n.length,
- xform->rsa.n.data,
- xform->rsa.n.length);
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA ciphertext",
- cookie->input_array[0],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA d", cookie->input_array[1],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA n", cookie->input_array[2],
- alg_size_in_bytes);
-#endif
+ rte_memcpy(rsa_result,
+ cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("RSA Encrypted data", cookie->output_array[0],
+ alg_bytesize);
+ } else {
+ uint8_t *rsa_result = asym_op->rsa.cipher.data;
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
- } else {
- QAT_LOG(ERR, "Invalid RSA key type");
- return -(EINVAL);
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ rte_memcpy(rsa_result,
+ cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("RSA signature",
+ cookie->output_array[0],
+ alg_bytesize);
+ break;
+ default:
+ QAT_LOG(ERR, "Padding not supported");
+ return RTE_CRYPTO_OP_STATUS_ERROR;
}
}
} else {
- QAT_LOG(ERR, "Invalid asymmetric crypto xform");
- return -(EINVAL);
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
+ uint8_t *rsa_result = asym_op->rsa.message.data;
+
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ rte_memcpy(rsa_result,
+ cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("RSA Decrypted Message",
+ cookie->output_array[0],
+ alg_bytesize);
+ break;
+ default:
+ QAT_LOG(ERR, "Padding not supported");
+ return RTE_CRYPTO_OP_STATUS_ERROR;
+ }
+ } else {
+ uint8_t *rsa_result = asym_op->rsa.sign.data;
+
+ rte_memcpy(rsa_result,
+ cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("RSA Signature", cookie->output_array[0],
+ alg_bytesize);
+ }
}
- return 0;
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
}
-static __rte_always_inline int
+
+static int
+asym_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ switch (xform->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ return modexp_set_input(asym_op, qat_req,
+ cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ return modinv_set_input(asym_op, qat_req,
+ cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ return rsa_set_input(asym_op, qat_req,
+ cookie, xform);
+ default:
+ QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
+ return -EINVAL;
+ }
+ return 1;
+}
+
+static int
qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
- __rte_unused uint64_t *opaque,
- __rte_unused enum qat_device_gen dev_gen)
+ __rte_unused uint64_t *opaque,
+ __rte_unused enum qat_device_gen qat_dev_gen)
{
- struct qat_asym_session *ctx;
struct rte_crypto_op *op = (struct rte_crypto_op *)in_op;
struct rte_crypto_asym_op *asym_op = op->asym;
struct icp_qat_fw_pke_request *qat_req =
(struct icp_qat_fw_pke_request *)out_msg;
struct qat_asym_op_cookie *cookie =
- (struct qat_asym_op_cookie *)op_cookie;
+ (struct qat_asym_op_cookie *)op_cookie;
int err = 0;
op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
- if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
- ctx = (struct qat_asym_session *)
- op->asym->session->sess_private_data;
- if (unlikely(ctx == NULL)) {
- QAT_LOG(ERR, "Session has not been created for this device");
- goto error;
- }
- rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl));
- err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform);
- if (err) {
- op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
- goto error;
- }
- } else if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
- qat_fill_req_tmpl(qat_req);
- err = qat_asym_fill_arrays(asym_op, qat_req, cookie,
+ switch (op->sess_type) {
+ case RTE_CRYPTO_OP_WITH_SESSION:
+ QAT_LOG(ERR,
+ "QAT asymmetric crypto PMD does not support session"
+ );
+ goto error;
+ case RTE_CRYPTO_OP_SESSIONLESS:
+ request_init(qat_req);
+ err = asym_set_input(asym_op, qat_req, cookie,
op->asym->xform);
if (err) {
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
goto error;
}
- } else {
+ break;
+ default:
QAT_DP_LOG(ERR, "Invalid session/xform settings");
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
goto error;
@@ -553,21 +592,12 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
qat_req->pke_mid.src_data_addr = cookie->input_addr;
qat_req->pke_mid.dest_data_addr = cookie->output_addr;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req,
- sizeof(struct icp_qat_fw_pke_request));
-#endif
+ HEXDUMP("qat_req:", qat_req, sizeof(struct icp_qat_fw_pke_request));
return 0;
error:
-
qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op;
-
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req,
- sizeof(struct icp_qat_fw_pke_request));
-#endif
-
+ HEXDUMP("qat_req:", qat_req, sizeof(struct icp_qat_fw_pke_request));
qat_req->output_param_count = 0;
qat_req->input_param_count = 0;
qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL;
@@ -576,144 +606,30 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
return 0;
}
-static void qat_asym_collect_response(struct rte_crypto_op *rx_op,
+static uint8_t
+qat_asym_collect_response(struct rte_crypto_op *rx_op,
struct qat_asym_op_cookie *cookie,
struct rte_crypto_asym_xform *xform)
{
- size_t alg_size, alg_size_in_bytes = 0;
struct rte_crypto_asym_op *asym_op = rx_op->asym;
- if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
- rte_crypto_param n = xform->modex.modulus;
-
- alg_size = cookie->alg_size;
- alg_size_in_bytes = alg_size >> 3;
- uint8_t *modexp_result = asym_op->modex.result.data;
-
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
- rte_memcpy(modexp_result +
- (asym_op->modex.result.length -
- n.length),
- cookie->output_array[0] + alg_size_in_bytes
- - n.length, n.length
- );
- rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp result",
- cookie->output_array[0],
- alg_size_in_bytes);
-
-#endif
- }
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
- rte_crypto_param n = xform->modinv.modulus;
-
- alg_size = cookie->alg_size;
- alg_size_in_bytes = alg_size >> 3;
- uint8_t *modinv_result = asym_op->modinv.result.data;
-
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
- rte_memcpy(modinv_result + (asym_op->modinv.result.length
- - n.length),
- cookie->output_array[0] + alg_size_in_bytes
- - n.length, n.length);
- rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv result",
- cookie->output_array[0],
- alg_size_in_bytes);
-#endif
- }
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
-
- alg_size = cookie->alg_size;
- alg_size_in_bytes = alg_size >> 3;
- if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
- asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_VERIFY) {
- if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_ENCRYPT) {
- uint8_t *rsa_result = asym_op->rsa.cipher.data;
-
- rte_memcpy(rsa_result,
- cookie->output_array[0],
- alg_size_in_bytes);
- rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Encrypted data",
- cookie->output_array[0],
- alg_size_in_bytes);
-#endif
- } else if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_VERIFY) {
- uint8_t *rsa_result = asym_op->rsa.cipher.data;
-
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(rsa_result,
- cookie->output_array[0],
- alg_size_in_bytes);
- rx_op->status =
- RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature",
- cookie->output_array[0],
- alg_size_in_bytes);
-#endif
- break;
- default:
- QAT_LOG(ERR, "Padding not supported");
- rx_op->status =
- RTE_CRYPTO_OP_STATUS_ERROR;
- break;
- }
- }
- } else {
- if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_DECRYPT) {
- uint8_t *rsa_result = asym_op->rsa.message.data;
-
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(rsa_result,
- cookie->output_array[0],
- alg_size_in_bytes);
- rx_op->status =
- RTE_CRYPTO_OP_STATUS_SUCCESS;
- break;
- default:
- QAT_LOG(ERR, "Padding not supported");
- rx_op->status =
- RTE_CRYPTO_OP_STATUS_ERROR;
- break;
- }
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Decrypted Message",
- rsa_result, alg_size_in_bytes);
-#endif
- } else if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
- uint8_t *rsa_result = asym_op->rsa.sign.data;
-
- rte_memcpy(rsa_result,
- cookie->output_array[0],
- alg_size_in_bytes);
- rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature",
- cookie->output_array[0],
- alg_size_in_bytes);
-#endif
- }
- }
+ switch (xform->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ return modexp_collect(asym_op, cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ return modinv_collect(asym_op, cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ return rsa_collect(asym_op, cookie);
+ default:
+ QAT_LOG(ERR, "Not supported xform type");
+ return RTE_CRYPTO_OP_STATUS_ERROR;
}
- qat_clear_arrays_by_alg(cookie, xform, alg_size_in_bytes);
}
-int
+static int
qat_asym_process_response(void **op, uint8_t *resp,
void *op_cookie, __rte_unused uint64_t *dequeue_err_count)
{
- struct qat_asym_session *ctx;
struct icp_qat_fw_pke_resp *resp_msg =
(struct icp_qat_fw_pke_resp *)resp;
struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t)
@@ -740,78 +656,40 @@ qat_asym_process_response(void **op, uint8_t *resp,
" returned error");
}
}
-
- if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
- ctx = (struct qat_asym_session *)
- rx_op->asym->session->sess_private_data;
- qat_asym_collect_response(rx_op, cookie, ctx->xform);
- } else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
- qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform);
+ if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
+ rx_op->status = qat_asym_collect_response(rx_op,
+ cookie, rx_op->asym->xform);
+ cleanup(cookie, rx_op->asym->xform,
+ cookie->alg_bytesize);
}
- *op = rx_op;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "resp_msg:", resp_msg,
- sizeof(struct icp_qat_fw_pke_resp));
-#endif
+ *op = rx_op;
+ HEXDUMP("resp_msg:", resp_msg, sizeof(struct icp_qat_fw_pke_resp));
return 1;
}
int
qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
- struct rte_crypto_asym_xform *xform,
- struct rte_cryptodev_asym_session *sess)
+ struct rte_crypto_asym_xform *xform __rte_unused,
+ struct rte_cryptodev_asym_session *sess __rte_unused)
{
- struct qat_asym_session *session;
-
- session = (struct qat_asym_session *) sess->sess_private_data;
- if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
- if (xform->modex.exponent.length == 0 ||
- xform->modex.modulus.length == 0) {
- QAT_LOG(ERR, "Invalid mod exp input parameter");
- return -EINVAL;
- }
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
- if (xform->modinv.modulus.length == 0) {
- QAT_LOG(ERR, "Invalid mod inv input parameter");
- return -EINVAL;
- }
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
- if (xform->rsa.n.length == 0) {
- QAT_LOG(ERR, "Invalid rsa input parameter");
- return -EINVAL;
- }
- } else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
- || xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) {
- QAT_LOG(ERR, "Invalid asymmetric crypto xform");
- return -EINVAL;
- } else {
- QAT_LOG(ERR, "Asymmetric crypto xform not implemented");
- return -EINVAL;
- }
-
- session->xform = xform;
- qat_asym_build_req_tmpl(session);
-
- return 0;
+ QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
+ return -ENOTSUP;
}
-unsigned int qat_asym_session_get_private_size(
- struct rte_cryptodev *dev __rte_unused)
+unsigned int
+qat_asym_session_get_private_size(struct rte_cryptodev *dev __rte_unused)
{
- return RTE_ALIGN_CEIL(sizeof(struct qat_asym_session), 8);
+ QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
+ return 0;
}
void
-qat_asym_session_clear(struct rte_cryptodev *dev,
- struct rte_cryptodev_asym_session *sess)
+qat_asym_session_clear(struct rte_cryptodev *dev __rte_unused,
+ struct rte_cryptodev_asym_session *sess __rte_unused)
{
- void *sess_priv = sess->sess_private_data;
- struct qat_asym_session *s = (struct qat_asym_session *)sess_priv;
-
- if (sess_priv)
- memset(s, 0, qat_asym_session_get_private_size(dev));
+ QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
}
static uint16_t
@@ -830,6 +708,32 @@ qat_asym_crypto_dequeue_op_burst(void *qp, struct rte_crypto_op **ops,
nb_ops);
}
+void
+qat_asym_init_op_cookie(void *op_cookie)
+{
+ int j;
+ struct qat_asym_op_cookie *cookie = op_cookie;
+
+ cookie->input_addr = rte_mempool_virt2iova(cookie) +
+ offsetof(struct qat_asym_op_cookie,
+ input_params_ptrs);
+
+ cookie->output_addr = rte_mempool_virt2iova(cookie) +
+ offsetof(struct qat_asym_op_cookie,
+ output_params_ptrs);
+
+ for (j = 0; j < 8; j++) {
+ cookie->input_params_ptrs[j] =
+ rte_mempool_virt2iova(cookie) +
+ offsetof(struct qat_asym_op_cookie,
+ input_array[j]);
+ cookie->output_params_ptrs[j] =
+ rte_mempool_virt2iova(cookie) +
+ offsetof(struct qat_asym_op_cookie,
+ output_array[j]);
+ }
+}
+
int
qat_asym_dev_create(struct qat_pci_device *qat_pci_dev,
struct qat_dev_cmd_param *qat_dev_cmd_param)
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index 78caa5649c..cb7102aa3b 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -52,7 +52,7 @@ typedef uint64_t large_int_ptr;
}
struct qat_asym_op_cookie {
- size_t alg_size;
+ size_t alg_bytesize;
uint64_t error;
rte_iova_t input_addr;
rte_iova_t output_addr;
@@ -103,20 +103,6 @@ void
qat_asym_session_clear(struct rte_cryptodev *dev,
struct rte_cryptodev_asym_session *sess);
-/*
- * Process PKE response received from outgoing queue of QAT
- *
- * @param op a ptr to the rte_crypto_op referred to by
- * the response message is returned in this param
- * @param resp icp_qat_fw_pke_resp message received from
- * outgoing fw message queue
- * @param op_cookie Cookie pointer that holds private metadata
- *
- */
-int
-qat_asym_process_response(void **op, uint8_t *resp,
- void *op_cookie, __rte_unused uint64_t *dequeue_err_count);
-
void
qat_asym_init_op_cookie(void *cookie);
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v3 2/5] crypto/qat: add named elliptic curves
2022-02-21 10:48 [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 1/5] crypto/qat: refactor asymmetric crypto functions Arek Kusztal
@ 2022-02-21 10:48 ` Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 3/5] crypto/qat: add ecdsa algorithm Arek Kusztal
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Arek Kusztal @ 2022-02-21 10:48 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patch adds secp256r1 and secp521r1 elliptic curves to Intel
QuickAssist Technology PMD.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/qat/qat_asym.c | 15 +++
drivers/crypto/qat/qat_ec.h | 206 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 221 insertions(+)
create mode 100644 drivers/crypto/qat/qat_ec.h
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 56dc0019dc..0a5831f531 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -13,6 +13,7 @@
#include "icp_qat_fw_pke.h"
#include "icp_qat_fw.h"
#include "qat_pke.h"
+#include "qat_ec.h"
uint8_t qat_asym_driver_id;
@@ -64,6 +65,20 @@ static const struct rte_driver cryptodev_qat_asym_driver = {
what.data, \
what.length)
+#define SET_PKE_LN_9A(where, what, how, idx) \
+ rte_memcpy(&where[idx * RTE_ALIGN_CEIL(how, 8)] + \
+ RTE_ALIGN_CEIL(how, 8) - \
+ what.length, \
+ what.data, \
+ what.length)
+
+#define SET_PKE_LN_EC(where, what, how, idx) \
+ rte_memcpy(&where[idx * RTE_ALIGN_CEIL(how, 8)] + \
+ RTE_ALIGN_CEIL(how, 8) - \
+ how, \
+ what.data, \
+ how)
+
static void
request_init(struct icp_qat_fw_pke_request *qat_req)
{
diff --git a/drivers/crypto/qat/qat_ec.h b/drivers/crypto/qat/qat_ec.h
new file mode 100644
index 0000000000..c2f3ce93d2
--- /dev/null
+++ b/drivers/crypto/qat/qat_ec.h
@@ -0,0 +1,206 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2021-2022 Intel Corporation
+ */
+
+#ifndef _QAT_EC_H_
+#define _QAT_EC_H_
+
+#define EC_MAX_SIZE 571
+
+#include <rte_crypto_asym.h>
+
+typedef struct {
+ uint8_t data[(EC_MAX_SIZE >> 3) + 1];
+} buffer;
+
+enum EC_NAME {
+ SECP256R1 = 1,
+ SECP384R1,
+ SECP521R1,
+};
+
+struct elliptic_curve {
+ const char *name;
+ uint32_t bytesize;
+ buffer x;
+ buffer y;
+ buffer n;
+ buffer p;
+ buffer a;
+ buffer b;
+ buffer h;
+};
+
+static struct elliptic_curve __rte_unused curve[] = {
+ [SECP256R1] = {
+ .name = "secp256r1",
+ .bytesize = 32,
+ .x = {
+ .data = {
+ 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47,
+ 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2,
+ 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
+ 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
+ },
+ },
+ .y = {
+ .data = {
+ 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B,
+ 0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16,
+ 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE,
+ 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5,
+ },
+ },
+ .n = {
+ .data = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
+ 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51,
+ },
+ },
+ .p = {
+ .data = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ },
+ },
+ .a = {
+ .data = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ },
+ },
+ .b = {
+ .data = {
+ 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7,
+ 0xB3, 0xEB, 0xBD, 0x55, 0x76, 0x98, 0x86, 0xBC,
+ 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
+ 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
+ },
+ },
+ .h = {
+ .data = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ },
+ },
+ },
+
+ [SECP521R1] = {
+ .name = "secp521r1",
+ .bytesize = 66,
+ .x = {
+ .data = {
+ 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04,
+ 0xE9, 0xCD, 0x9E, 0x3E, 0xCB, 0x66, 0x23, 0x95,
+ 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
+ 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D,
+ 0x3D, 0xBA, 0xA1, 0x4B, 0x5E, 0x77, 0xEF, 0xE7,
+ 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
+ 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A,
+ 0x42, 0x9B, 0xF9, 0x7E, 0x7E, 0x31, 0xC2, 0xE5,
+ 0xBD, 0x66,
+ },
+ },
+ .y = {
+ .data = {
+ 0x01, 0x18, 0x39, 0x29, 0x6A, 0x78, 0x9A, 0x3B,
+ 0xC0, 0x04, 0x5C, 0x8A, 0x5F, 0xB4, 0x2C, 0x7D,
+ 0x1B, 0xD9, 0x98, 0xF5, 0x44, 0x49, 0x57, 0x9B,
+ 0x44, 0x68, 0x17, 0xAF, 0xBD, 0x17, 0x27, 0x3E,
+ 0x66, 0x2C, 0x97, 0xEE, 0x72, 0x99, 0x5E, 0xF4,
+ 0x26, 0x40, 0xC5, 0x50, 0xB9, 0x01, 0x3F, 0xAD,
+ 0x07, 0x61, 0x35, 0x3C, 0x70, 0x86, 0xA2, 0x72,
+ 0xC2, 0x40, 0x88, 0xBE, 0x94, 0x76, 0x9F, 0xD1,
+ 0x66, 0x50,
+ },
+ },
+ .n = {
+ .data = {
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFA, 0x51, 0x86, 0x87, 0x83, 0xBF, 0x2F,
+ 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
+ 0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C,
+ 0x47, 0xAE, 0xBB, 0x6F, 0xB7, 0x1E, 0x91, 0x38,
+ 0x64, 0x09,
+ },
+ },
+ .p = {
+ .data = {
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF,
+ },
+ },
+ .a = {
+ .data = {
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFC,
+ },
+ },
+ .b = {
+ .data = {
+ 0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C,
+ 0x9A, 0x1F, 0x92, 0x9A, 0x21, 0xA0, 0xB6, 0x85,
+ 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
+ 0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1,
+ 0x09, 0xE1, 0x56, 0x19, 0x39, 0x51, 0xEC, 0x7E,
+ 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
+ 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C,
+ 0x34, 0xF1, 0xEF, 0x45, 0x1F, 0xD4, 0x6B, 0x50,
+ 0x3F, 0x00,
+ },
+ },
+ .h = {
+ .data = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x01,
+ },
+ },
+ }
+};
+
+static int __rte_unused
+pick_curve(struct rte_crypto_asym_xform *xform)
+{
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ return SECP256R1;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ return SECP521R1;
+ default:
+ return -1;
+ }
+}
+
+#endif
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v3 3/5] crypto/qat: add ecdsa algorithm
2022-02-21 10:48 [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 1/5] crypto/qat: refactor asymmetric crypto functions Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 2/5] crypto/qat: add named elliptic curves Arek Kusztal
@ 2022-02-21 10:48 ` Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 4/5] crypto/qat: add ecpm algorithm Arek Kusztal
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Arek Kusztal @ 2022-02-21 10:48 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patch adds ECDSA algorithm to Intel
QuickAssist Technology PMD.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/qat.rst | 1 +
doc/guides/rel_notes/release_22_03.rst | 5 ++
drivers/common/qat/qat_adf/qat_pke.h | 40 +++++++++
drivers/crypto/qat/qat_asym.c | 148 +++++++++++++++++++++++++++++++++
drivers/crypto/qat/qat_asym.h | 4 +
5 files changed, 198 insertions(+)
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 452bc843c2..593c2471ed 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -175,6 +175,7 @@ The QAT ASYM PMD has support for:
* ``RTE_CRYPTO_ASYM_XFORM_MODEX``
* ``RTE_CRYPTO_ASYM_XFORM_MODINV``
* ``RTE_CRYPTO_ASYM_XFORM_RSA``
+* ``RTE_CRYPTO_ASYM_XFORM_ECDSA``
Limitations
~~~~~~~~~~~
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index ff3095d742..c060cb562a 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -149,6 +149,11 @@ New Features
* Called ``rte_ipv4/6_udptcp_cksum_mbuf()`` functions in testpmd csum mode
to support software UDP/TCP checksum over multiple segments.
+* **Updated Intel QuickAssist Technology asymmetric crypto PMD.**
+
+ * ECDSA algorithm is now supported by Intel QuickAssist
+ Technology asymmetric crypto PMD.
+
Removed Items
-------------
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
index 82bb1ee55e..1fe5f6bd8e 100644
--- a/drivers/common/qat/qat_adf/qat_pke.h
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -212,4 +212,44 @@ get_rsa_crt_function(struct rte_crypto_asym_xform *xform)
return qat_function;
}
+static struct qat_asym_function
+get_ecdsa_verify_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ qat_function.func_id = PKE_ECDSA_VERIFY_GFP_L256;
+ qat_function.bytesize = 32;
+ break;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ qat_function.func_id = PKE_ECDSA_VERIFY_GFP_521;
+ qat_function.bytesize = 66;
+ break;
+ default:
+ qat_function.func_id = 0;
+ }
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_ecdsa_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ qat_function.func_id = PKE_ECDSA_SIGN_RS_GFP_L256;
+ qat_function.bytesize = 32;
+ break;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ qat_function.func_id = PKE_ECDSA_SIGN_RS_GFP_521;
+ qat_function.bytesize = 66;
+ break;
+ default:
+ qat_function.func_id = 0;
+ }
+ return qat_function;
+}
+
#endif
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 0a5831f531..24dd3ee57f 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -31,14 +31,24 @@ static const struct rte_driver cryptodev_qat_asym_driver = {
.alias = qat_asym_drv_name
};
+/*
+ * Macros with suffix _F are used with some of predefinded identifiers:
+ * - cookie->input_buffer
+ * - qat_alg_bytesize
+ */
#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
#define HEXDUMP(name, where, size) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
where, size)
#define HEXDUMP_OFF(name, where, size, idx) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
&where[idx * size], size)
+
+#define HEXDUMP_OFF_F(name, idx) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
+ &cookie->input_buffer[idx * qat_alg_bytesize], \
+ qat_alg_bytesize)
#else
#define HEXDUMP(name, where, size)
#define HEXDUMP_OFF(name, where, size, idx)
+#define HEXDUMP_OFF_F(name, idx)
#endif
#define CHECK_IF_NOT_EMPTY(param, name, pname, status) \
@@ -79,6 +89,17 @@ static const struct rte_driver cryptodev_qat_asym_driver = {
what.data, \
how)
+#define SET_PKE_LN_9A_F(what, idx) \
+ rte_memcpy(&cookie->input_buffer[idx * qat_alg_bytesize] + \
+ qat_alg_bytesize - what.length, \
+ what.data, what.length)
+
+#define SET_PKE_LN_EC_F(what, how, idx) \
+ rte_memcpy(&cookie->input_buffer[idx * \
+ RTE_ALIGN_CEIL(how, 8)] + \
+ RTE_ALIGN_CEIL(how, 8) - how, \
+ what.data, how)
+
static void
request_init(struct icp_qat_fw_pke_request *qat_req)
{
@@ -544,6 +565,128 @@ rsa_collect(struct rte_crypto_asym_op *asym_op,
return RTE_CRYPTO_OP_STATUS_SUCCESS;
}
+static int
+ecdsa_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, qat_alg_bytesize, func_id;
+ int curve_id;
+
+ curve_id = pick_curve(xform);
+ if (curve_id < 0) {
+ QAT_LOG(ERR, "Incorrect elliptic curve");
+ return -EINVAL;
+ }
+
+ switch (asym_op->ecdsa.op_type) {
+ case RTE_CRYPTO_ASYM_OP_SIGN:
+ qat_function = get_ecdsa_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+ qat_alg_bytesize = RTE_ALIGN_CEIL(alg_bytesize, 8);
+
+ SET_PKE_LN_9A_F(asym_op->ecdsa.pkey, 0);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.message, 1);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.k, 2);
+ SET_PKE_LN_EC_F(curve[curve_id].b, alg_bytesize, 3);
+ SET_PKE_LN_EC_F(curve[curve_id].a, alg_bytesize, 4);
+ SET_PKE_LN_EC_F(curve[curve_id].p, alg_bytesize, 5);
+ SET_PKE_LN_EC_F(curve[curve_id].n, alg_bytesize, 6);
+ SET_PKE_LN_EC_F(curve[curve_id].y, alg_bytesize, 7);
+ SET_PKE_LN_EC_F(curve[curve_id].x, alg_bytesize, 8);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_ECDSA_RS_SIGN_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_ECDSA_RS_SIGN_OUT_PARAMS;
+
+ HEXDUMP_OFF_F("ECDSA d", 0);
+ HEXDUMP_OFF_F("ECDSA e", 1);
+ HEXDUMP_OFF_F("ECDSA k", 2);
+ HEXDUMP_OFF_F("ECDSA b", 3);
+ HEXDUMP_OFF_F("ECDSA a", 4);
+ HEXDUMP_OFF_F("ECDSA n", 5);
+ HEXDUMP_OFF_F("ECDSA y", 6);
+ HEXDUMP_OFF_F("ECDSA x", 7);
+ break;
+ case RTE_CRYPTO_ASYM_OP_VERIFY:
+ qat_function = get_ecdsa_verify_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+ qat_alg_bytesize = RTE_ALIGN_CEIL(alg_bytesize, 8);
+
+ SET_PKE_LN_9A_F(asym_op->ecdsa.message, 10);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.s, 9);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.r, 8);
+ SET_PKE_LN_EC_F(curve[curve_id].n, alg_bytesize, 7);
+ SET_PKE_LN_EC_F(curve[curve_id].x, alg_bytesize, 6);
+ SET_PKE_LN_EC_F(curve[curve_id].y, alg_bytesize, 5);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.q.x, 4);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.q.y, 3);
+ SET_PKE_LN_EC_F(curve[curve_id].a, alg_bytesize, 2);
+ SET_PKE_LN_EC_F(curve[curve_id].b, alg_bytesize, 1);
+ SET_PKE_LN_EC_F(curve[curve_id].p, alg_bytesize, 0);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_ECDSA_RS_VERIFY_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_ECDSA_RS_VERIFY_OUT_PARAMS;
+
+ HEXDUMP_OFF_F("e", 0);
+ HEXDUMP_OFF_F("s", 1);
+ HEXDUMP_OFF_F("r", 2);
+ HEXDUMP_OFF_F("n", 3);
+ HEXDUMP_OFF_F("xG", 4);
+ HEXDUMP_OFF_F("yG", 5);
+ HEXDUMP_OFF_F("xQ", 6);
+ HEXDUMP_OFF_F("yQ", 7);
+ HEXDUMP_OFF_F("a", 8);
+ HEXDUMP_OFF_F("b", 9);
+ HEXDUMP_OFF_F("q", 10);
+ break;
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+
+static uint8_t
+ecdsa_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie)
+{
+ uint32_t alg_bytesize = RTE_ALIGN_CEIL(cookie->alg_bytesize, 8);
+
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
+ uint8_t *r = asym_op->ecdsa.r.data;
+ uint8_t *s = asym_op->ecdsa.s.data;
+
+ asym_op->ecdsa.r.length = alg_bytesize;
+ asym_op->ecdsa.s.length = alg_bytesize;
+ rte_memcpy(r, cookie->output_array[0], alg_bytesize);
+ rte_memcpy(s, cookie->output_array[1], alg_bytesize);
+ HEXDUMP("R", cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("S", cookie->output_array[1],
+ alg_bytesize);
+ }
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
static int
asym_set_input(struct rte_crypto_asym_op *asym_op,
@@ -561,6 +704,9 @@ asym_set_input(struct rte_crypto_asym_op *asym_op,
case RTE_CRYPTO_ASYM_XFORM_RSA:
return rsa_set_input(asym_op, qat_req,
cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_ECDSA:
+ return ecdsa_set_input(asym_op, qat_req,
+ cookie, xform);
default:
QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
return -EINVAL;
@@ -635,6 +781,8 @@ qat_asym_collect_response(struct rte_crypto_op *rx_op,
return modinv_collect(asym_op, cookie, xform);
case RTE_CRYPTO_ASYM_XFORM_RSA:
return rsa_collect(asym_op, cookie);
+ case RTE_CRYPTO_ASYM_XFORM_ECDSA:
+ return ecdsa_collect(asym_op, cookie);
default:
QAT_LOG(ERR, "Not supported xform type");
return RTE_CRYPTO_OP_STATUS_ERROR;
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index cb7102aa3b..5e926125f2 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -28,6 +28,10 @@ typedef uint64_t large_int_ptr;
#define QAT_ASYM_RSA_NUM_IN_PARAMS 3
#define QAT_ASYM_RSA_NUM_OUT_PARAMS 1
#define QAT_ASYM_RSA_QT_NUM_IN_PARAMS 6
+#define QAT_ASYM_ECDSA_RS_SIGN_IN_PARAMS 1
+#define QAT_ASYM_ECDSA_RS_SIGN_OUT_PARAMS 2
+#define QAT_ASYM_ECDSA_RS_VERIFY_IN_PARAMS 1
+#define QAT_ASYM_ECDSA_RS_VERIFY_OUT_PARAMS 0
/**
* helper function to add an asym capability
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v3 4/5] crypto/qat: add ecpm algorithm
2022-02-21 10:48 [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
` (2 preceding siblings ...)
2022-02-21 10:48 ` [PATCH v3 3/5] crypto/qat: add ecdsa algorithm Arek Kusztal
@ 2022-02-21 10:48 ` Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 5/5] crypto/qat: refactor asymmetric session Arek Kusztal
2022-02-23 9:19 ` [EXT] [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Akhil Goyal
5 siblings, 0 replies; 7+ messages in thread
From: Arek Kusztal @ 2022-02-21 10:48 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patch adds Elliptic Curve Multiplication
algorithm to Intel QuickAssist Technology PMD.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/qat.rst | 1 +
doc/guides/rel_notes/release_22_03.rst | 5 ++
drivers/common/qat/qat_adf/qat_pke.h | 20 ++++++++
drivers/crypto/qat/qat_asym.c | 85 +++++++++++++++++++++++++++++++++-
drivers/crypto/qat/qat_asym.h | 2 +
5 files changed, 112 insertions(+), 1 deletion(-)
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 593c2471ed..785e041324 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -176,6 +176,7 @@ The QAT ASYM PMD has support for:
* ``RTE_CRYPTO_ASYM_XFORM_MODINV``
* ``RTE_CRYPTO_ASYM_XFORM_RSA``
* ``RTE_CRYPTO_ASYM_XFORM_ECDSA``
+* ``RTE_CRYPTO_ASYM_XFORM_ECPM``
Limitations
~~~~~~~~~~~
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index c060cb562a..dc26157819 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -154,6 +154,11 @@ New Features
* ECDSA algorithm is now supported by Intel QuickAssist
Technology asymmetric crypto PMD.
+* **Updated Intel QuickAssist Technology asymmetric crypto PMD.**
+
+ * ECPM algorithm is now supported by Intel QuickAssist
+ Technology asymmetric crypto PMD.
+
Removed Items
-------------
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
index 1fe5f6bd8e..092fc373de 100644
--- a/drivers/common/qat/qat_adf/qat_pke.h
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -252,4 +252,24 @@ get_ecdsa_function(struct rte_crypto_asym_xform *xform)
return qat_function;
}
+static struct qat_asym_function
+get_ecpm_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ qat_function.func_id = MATHS_POINT_MULTIPLICATION_GFP_L256;
+ qat_function.bytesize = 32;
+ break;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ qat_function.func_id = MATHS_POINT_MULTIPLICATION_GFP_521;
+ qat_function.bytesize = 66;
+ break;
+ default:
+ qat_function.func_id = 0;
+ }
+ return qat_function;
+}
+
#endif
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 24dd3ee57f..af96cc6bd2 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -83,7 +83,7 @@ static const struct rte_driver cryptodev_qat_asym_driver = {
what.length)
#define SET_PKE_LN_EC(where, what, how, idx) \
- rte_memcpy(&where[idx * RTE_ALIGN_CEIL(how, 8)] + \
+ rte_memcpy(where[idx] + \
RTE_ALIGN_CEIL(how, 8) - \
how, \
what.data, \
@@ -689,6 +689,84 @@ ecdsa_collect(struct rte_crypto_asym_op *asym_op,
}
static int
+ecpm_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, __rte_unused qat_alg_bytesize, func_id;
+ int curve_id;
+
+ curve_id = pick_curve(xform);
+ if (curve_id < 0) {
+ QAT_LOG(ERR, "Incorrect elliptic curve");
+ return -EINVAL;
+ }
+
+ qat_function = get_ecpm_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+ qat_alg_bytesize = RTE_ALIGN_CEIL(alg_bytesize, 8);
+
+ SET_PKE_LN(cookie->input_array, asym_op->ecpm.scalar,
+ alg_bytesize, 0);
+ SET_PKE_LN(cookie->input_array, asym_op->ecpm.p.x,
+ alg_bytesize, 1);
+ SET_PKE_LN(cookie->input_array, asym_op->ecpm.p.y,
+ alg_bytesize, 2);
+ SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].a,
+ alg_bytesize, 3);
+ SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].b,
+ alg_bytesize, 4);
+ SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].p,
+ alg_bytesize, 5);
+ SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].h,
+ alg_bytesize, 6);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_ECPM_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_ECPM_OUT_PARAMS;
+
+ HEXDUMP("k", cookie->input_array[0], qat_alg_bytesize);
+ HEXDUMP("xG", cookie->input_array[1], qat_alg_bytesize);
+ HEXDUMP("yG", cookie->input_array[2], qat_alg_bytesize);
+ HEXDUMP("a", cookie->input_array[3], qat_alg_bytesize);
+ HEXDUMP("b", cookie->input_array[4], qat_alg_bytesize);
+ HEXDUMP("q", cookie->input_array[5], qat_alg_bytesize);
+ HEXDUMP("h", cookie->input_array[6], qat_alg_bytesize);
+
+ return 0;
+}
+
+static uint8_t
+ecpm_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie)
+{
+ uint8_t *r = asym_op->ecpm.r.x.data;
+ uint8_t *s = asym_op->ecpm.r.y.data;
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+
+ asym_op->ecpm.r.x.length = alg_bytesize;
+ asym_op->ecpm.r.y.length = alg_bytesize;
+ rte_memcpy(r, cookie->output_array[0], alg_bytesize);
+ rte_memcpy(s, cookie->output_array[1], alg_bytesize);
+
+ HEXDUMP("rX", cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("rY", cookie->output_array[1],
+ alg_bytesize);
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+static int
asym_set_input(struct rte_crypto_asym_op *asym_op,
struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
@@ -707,6 +785,9 @@ asym_set_input(struct rte_crypto_asym_op *asym_op,
case RTE_CRYPTO_ASYM_XFORM_ECDSA:
return ecdsa_set_input(asym_op, qat_req,
cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_ECPM:
+ return ecpm_set_input(asym_op, qat_req,
+ cookie, xform);
default:
QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
return -EINVAL;
@@ -783,6 +864,8 @@ qat_asym_collect_response(struct rte_crypto_op *rx_op,
return rsa_collect(asym_op, cookie);
case RTE_CRYPTO_ASYM_XFORM_ECDSA:
return ecdsa_collect(asym_op, cookie);
+ case RTE_CRYPTO_ASYM_XFORM_ECPM:
+ return ecpm_collect(asym_op, cookie);
default:
QAT_LOG(ERR, "Not supported xform type");
return RTE_CRYPTO_OP_STATUS_ERROR;
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index 5e926125f2..6267c53bea 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -32,6 +32,8 @@ typedef uint64_t large_int_ptr;
#define QAT_ASYM_ECDSA_RS_SIGN_OUT_PARAMS 2
#define QAT_ASYM_ECDSA_RS_VERIFY_IN_PARAMS 1
#define QAT_ASYM_ECDSA_RS_VERIFY_OUT_PARAMS 0
+#define QAT_ASYM_ECPM_IN_PARAMS 7
+#define QAT_ASYM_ECPM_OUT_PARAMS 2
/**
* helper function to add an asym capability
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH v3 5/5] crypto/qat: refactor asymmetric session
2022-02-21 10:48 [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
` (3 preceding siblings ...)
2022-02-21 10:48 ` [PATCH v3 4/5] crypto/qat: add ecpm algorithm Arek Kusztal
@ 2022-02-21 10:48 ` Arek Kusztal
2022-02-23 9:19 ` [EXT] [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Akhil Goyal
5 siblings, 0 replies; 7+ messages in thread
From: Arek Kusztal @ 2022-02-21 10:48 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patch refactors asymmetric session in Intel
QuickAssist Technology PMD and fixes some issues
with xform. Code will be now bit more scalable,
and easier readable.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/qat/qat_asym.c | 423 +++++++++++++++++++++++++++++++++++-------
drivers/crypto/qat/qat_asym.h | 2 +-
drivers/crypto/qat/qat_ec.h | 4 +-
3 files changed, 364 insertions(+), 65 deletions(-)
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index af96cc6bd2..badf018f13 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -647,17 +647,17 @@ ecdsa_set_input(struct rte_crypto_asym_op *asym_op,
qat_req->output_param_count =
QAT_ASYM_ECDSA_RS_VERIFY_OUT_PARAMS;
- HEXDUMP_OFF_F("e", 0);
- HEXDUMP_OFF_F("s", 1);
- HEXDUMP_OFF_F("r", 2);
- HEXDUMP_OFF_F("n", 3);
- HEXDUMP_OFF_F("xG", 4);
+ HEXDUMP_OFF_F("p", 0);
+ HEXDUMP_OFF_F("b", 1);
+ HEXDUMP_OFF_F("a", 2);
+ HEXDUMP_OFF_F("y", 3);
+ HEXDUMP_OFF_F("x", 4);
HEXDUMP_OFF_F("yG", 5);
- HEXDUMP_OFF_F("xQ", 6);
- HEXDUMP_OFF_F("yQ", 7);
- HEXDUMP_OFF_F("a", 8);
- HEXDUMP_OFF_F("b", 9);
- HEXDUMP_OFF_F("q", 10);
+ HEXDUMP_OFF_F("xG", 6);
+ HEXDUMP_OFF_F("n", 7);
+ HEXDUMP_OFF_F("r", 8);
+ HEXDUMP_OFF_F("s", 9);
+ HEXDUMP_OFF_F("e", 10);
break;
default:
return -1;
@@ -670,7 +670,9 @@ static uint8_t
ecdsa_collect(struct rte_crypto_asym_op *asym_op,
struct qat_asym_op_cookie *cookie)
{
- uint32_t alg_bytesize = RTE_ALIGN_CEIL(cookie->alg_bytesize, 8);
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+ uint32_t qat_alg_bytesize = RTE_ALIGN_CEIL(cookie->alg_bytesize, 8);
+ uint32_t ltrim = qat_alg_bytesize - alg_bytesize;
if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
uint8_t *r = asym_op->ecdsa.r.data;
@@ -678,8 +680,9 @@ ecdsa_collect(struct rte_crypto_asym_op *asym_op,
asym_op->ecdsa.r.length = alg_bytesize;
asym_op->ecdsa.s.length = alg_bytesize;
- rte_memcpy(r, cookie->output_array[0], alg_bytesize);
- rte_memcpy(s, cookie->output_array[1], alg_bytesize);
+ rte_memcpy(r, &cookie->output_array[0][ltrim], alg_bytesize);
+ rte_memcpy(s, &cookie->output_array[1][ltrim], alg_bytesize);
+
HEXDUMP("R", cookie->output_array[0],
alg_bytesize);
HEXDUMP("S", cookie->output_array[1],
@@ -713,19 +716,19 @@ ecpm_set_input(struct rte_crypto_asym_op *asym_op,
alg_bytesize = qat_function.bytesize;
qat_alg_bytesize = RTE_ALIGN_CEIL(alg_bytesize, 8);
- SET_PKE_LN(cookie->input_array, asym_op->ecpm.scalar,
- alg_bytesize, 0);
- SET_PKE_LN(cookie->input_array, asym_op->ecpm.p.x,
- alg_bytesize, 1);
- SET_PKE_LN(cookie->input_array, asym_op->ecpm.p.y,
- alg_bytesize, 2);
- SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].a,
+ SET_PKE_LN_EC(cookie->input_array, asym_op->ecpm.scalar,
+ asym_op->ecpm.scalar.length, 0);
+ SET_PKE_LN_EC(cookie->input_array, asym_op->ecpm.p.x,
+ asym_op->ecpm.p.x.length, 1);
+ SET_PKE_LN_EC(cookie->input_array, asym_op->ecpm.p.y,
+ asym_op->ecpm.p.y.length, 2);
+ SET_PKE_LN_EC(cookie->input_array, curve[curve_id].a,
alg_bytesize, 3);
- SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].b,
+ SET_PKE_LN_EC(cookie->input_array, curve[curve_id].b,
alg_bytesize, 4);
- SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].p,
+ SET_PKE_LN_EC(cookie->input_array, curve[curve_id].p,
alg_bytesize, 5);
- SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].h,
+ SET_PKE_LN_EC(cookie->input_array, curve[curve_id].h,
alg_bytesize, 6);
cookie->alg_bytesize = alg_bytesize;
@@ -750,14 +753,16 @@ static uint8_t
ecpm_collect(struct rte_crypto_asym_op *asym_op,
struct qat_asym_op_cookie *cookie)
{
- uint8_t *r = asym_op->ecpm.r.x.data;
- uint8_t *s = asym_op->ecpm.r.y.data;
+ uint8_t *x = asym_op->ecpm.r.x.data;
+ uint8_t *y = asym_op->ecpm.r.y.data;
uint32_t alg_bytesize = cookie->alg_bytesize;
+ uint32_t qat_alg_bytesize = RTE_ALIGN_CEIL(cookie->alg_bytesize, 8);
+ uint32_t ltrim = qat_alg_bytesize - alg_bytesize;
asym_op->ecpm.r.x.length = alg_bytesize;
asym_op->ecpm.r.y.length = alg_bytesize;
- rte_memcpy(r, cookie->output_array[0], alg_bytesize);
- rte_memcpy(s, cookie->output_array[1], alg_bytesize);
+ rte_memcpy(x, &cookie->output_array[0][ltrim], alg_bytesize);
+ rte_memcpy(y, &cookie->output_array[1][ltrim], alg_bytesize);
HEXDUMP("rX", cookie->output_array[0],
alg_bytesize);
@@ -806,29 +811,37 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
(struct icp_qat_fw_pke_request *)out_msg;
struct qat_asym_op_cookie *cookie =
(struct qat_asym_op_cookie *)op_cookie;
+ struct rte_crypto_asym_xform *xform;
+ struct qat_asym_session *qat_session = (struct qat_asym_session *)
+ op->asym->session->sess_private_data;
int err = 0;
+ if (unlikely(qat_session == NULL)) {
+ QAT_DP_LOG(ERR, "Session was not created for this device");
+ goto error;
+ }
+
op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
switch (op->sess_type) {
case RTE_CRYPTO_OP_WITH_SESSION:
- QAT_LOG(ERR,
- "QAT asymmetric crypto PMD does not support session"
- );
- goto error;
+ request_init(qat_req);
+ xform = &qat_session->xform;
+ break;
case RTE_CRYPTO_OP_SESSIONLESS:
request_init(qat_req);
- err = asym_set_input(asym_op, qat_req, cookie,
- op->asym->xform);
- if (err) {
- op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
- goto error;
- }
+ xform = op->asym->xform;
break;
default:
QAT_DP_LOG(ERR, "Invalid session/xform settings");
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
goto error;
}
+ err = asym_set_input(asym_op, qat_req, cookie,
+ xform);
+ if (err) {
+ op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
+ goto error;
+ }
qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op;
qat_req->pke_mid.src_data_addr = cookie->input_addr;
@@ -849,11 +862,11 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
}
static uint8_t
-qat_asym_collect_response(struct rte_crypto_op *rx_op,
+qat_asym_collect_response(struct rte_crypto_op *op,
struct qat_asym_op_cookie *cookie,
struct rte_crypto_asym_xform *xform)
{
- struct rte_crypto_asym_op *asym_op = rx_op->asym;
+ struct rte_crypto_asym_op *asym_op = op->asym;
switch (xform->xform_type) {
case RTE_CRYPTO_ASYM_XFORM_MODEX:
@@ -873,69 +886,355 @@ qat_asym_collect_response(struct rte_crypto_op *rx_op,
}
static int
-qat_asym_process_response(void **op, uint8_t *resp,
+qat_asym_process_response(void **out_op, uint8_t *resp,
void *op_cookie, __rte_unused uint64_t *dequeue_err_count)
{
struct icp_qat_fw_pke_resp *resp_msg =
(struct icp_qat_fw_pke_resp *)resp;
- struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t)
+ struct rte_crypto_op *op = (struct rte_crypto_op *)(uintptr_t)
(resp_msg->opaque);
struct qat_asym_op_cookie *cookie = op_cookie;
+ struct rte_crypto_asym_xform *xform;
+ struct qat_asym_session *qat_session = (struct qat_asym_session *)
+ op->asym->session->sess_private_data;
if (cookie->error) {
cookie->error = 0;
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
- rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+ if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+ op->status = RTE_CRYPTO_OP_STATUS_ERROR;
QAT_DP_LOG(ERR, "Cookie status returned error");
} else {
if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET(
resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) {
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
- rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+ if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+ op->status = RTE_CRYPTO_OP_STATUS_ERROR;
QAT_DP_LOG(ERR, "Asymmetric response status"
" returned error");
}
if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) {
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
- rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+ if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+ op->status = RTE_CRYPTO_OP_STATUS_ERROR;
QAT_DP_LOG(ERR, "Asymmetric common status"
" returned error");
}
}
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
- rx_op->status = qat_asym_collect_response(rx_op,
- cookie, rx_op->asym->xform);
- cleanup(cookie, rx_op->asym->xform,
- cookie->alg_bytesize);
+
+ switch (op->sess_type) {
+ case RTE_CRYPTO_OP_WITH_SESSION:
+ xform = &qat_session->xform;
+ break;
+ case RTE_CRYPTO_OP_SESSIONLESS:
+ xform = op->asym->xform;
+ break;
+ default:
+ QAT_DP_LOG(ERR,
+ "Invalid session/xform settings in response ring!");
+ op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
+ }
+
+ if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
+ op->status = qat_asym_collect_response(op,
+ cookie, xform);
+ cleanup(cookie, xform, cookie->alg_bytesize);
}
- *op = rx_op;
+ *out_op = op;
HEXDUMP("resp_msg:", resp_msg, sizeof(struct icp_qat_fw_pke_resp));
return 1;
}
+static int
+session_set_modexp(struct qat_asym_session *qat_session,
+ struct rte_crypto_asym_xform *xform)
+{
+ uint8_t *modulus = xform->modex.modulus.data;
+ uint8_t *exponent = xform->modex.exponent.data;
+
+ qat_session->xform.modex.modulus.data =
+ rte_malloc(NULL, xform->modex.modulus.length, 0);
+ if (qat_session->xform.modex.modulus.data == NULL)
+ return -ENOMEM;
+ qat_session->xform.modex.modulus.length = xform->modex.modulus.length;
+ qat_session->xform.modex.exponent.data = rte_malloc(NULL,
+ xform->modex.exponent.length, 0);
+ if (qat_session->xform.modex.exponent.data == NULL) {
+ rte_free(qat_session->xform.modex.exponent.data);
+ return -ENOMEM;
+ }
+ qat_session->xform.modex.exponent.length = xform->modex.exponent.length;
+
+ rte_memcpy(qat_session->xform.modex.modulus.data, modulus,
+ xform->modex.modulus.length);
+ rte_memcpy(qat_session->xform.modex.exponent.data, exponent,
+ xform->modex.exponent.length);
+
+ return 0;
+}
+
+static int
+session_set_modinv(struct qat_asym_session *qat_session,
+ struct rte_crypto_asym_xform *xform)
+{
+ uint8_t *modulus = xform->modinv.modulus.data;
+
+ qat_session->xform.modinv.modulus.data =
+ rte_malloc(NULL, xform->modinv.modulus.length, 0);
+ if (qat_session->xform.modinv.modulus.data == NULL)
+ return -ENOMEM;
+ qat_session->xform.modinv.modulus.length = xform->modinv.modulus.length;
+
+ rte_memcpy(qat_session->xform.modinv.modulus.data, modulus,
+ xform->modinv.modulus.length);
+
+ return 0;
+}
+
+static int
+session_set_rsa(struct qat_asym_session *qat_session,
+ struct rte_crypto_asym_xform *xform)
+{
+ uint8_t *n = xform->rsa.n.data;
+ uint8_t *e = xform->rsa.e.data;
+ int ret = 0;
+
+ qat_session->xform.rsa.key_type = xform->rsa.key_type;
+
+ qat_session->xform.rsa.n.data =
+ rte_malloc(NULL, xform->rsa.n.length, 0);
+ if (qat_session->xform.rsa.n.data == NULL)
+ return -ENOMEM;
+ qat_session->xform.rsa.n.length =
+ xform->rsa.n.length;
+
+ qat_session->xform.rsa.e.data =
+ rte_malloc(NULL, xform->rsa.e.length, 0);
+ if (qat_session->xform.rsa.e.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.e.length =
+ xform->rsa.e.length;
+
+ if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_QT) {
+ uint8_t *p = xform->rsa.qt.p.data;
+ uint8_t *q = xform->rsa.qt.q.data;
+ uint8_t *dP = xform->rsa.qt.dP.data;
+ uint8_t *dQ = xform->rsa.qt.dQ.data;
+ uint8_t *qInv = xform->rsa.qt.qInv.data;
+
+ qat_session->xform.rsa.qt.p.data =
+ rte_malloc(NULL, xform->rsa.qt.p.length, 0);
+ if (qat_session->xform.rsa.qt.p.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.p.length =
+ xform->rsa.qt.p.length;
+
+ qat_session->xform.rsa.qt.q.data =
+ rte_malloc(NULL, xform->rsa.qt.q.length, 0);
+ if (qat_session->xform.rsa.qt.q.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.q.length =
+ xform->rsa.qt.q.length;
+
+ qat_session->xform.rsa.qt.dP.data =
+ rte_malloc(NULL, xform->rsa.qt.dP.length, 0);
+ if (qat_session->xform.rsa.qt.dP.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.dP.length =
+ xform->rsa.qt.dP.length;
+
+ qat_session->xform.rsa.qt.dQ.data =
+ rte_malloc(NULL, xform->rsa.qt.dQ.length, 0);
+ if (qat_session->xform.rsa.qt.dQ.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.dQ.length =
+ xform->rsa.qt.dQ.length;
+
+ qat_session->xform.rsa.qt.qInv.data =
+ rte_malloc(NULL, xform->rsa.qt.qInv.length, 0);
+ if (qat_session->xform.rsa.qt.qInv.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.qInv.length =
+ xform->rsa.qt.qInv.length;
+
+ rte_memcpy(qat_session->xform.rsa.qt.p.data, p,
+ xform->rsa.qt.p.length);
+ rte_memcpy(qat_session->xform.rsa.qt.q.data, q,
+ xform->rsa.qt.q.length);
+ rte_memcpy(qat_session->xform.rsa.qt.dP.data, dP,
+ xform->rsa.qt.dP.length);
+ rte_memcpy(qat_session->xform.rsa.qt.dQ.data, dQ,
+ xform->rsa.qt.dQ.length);
+ rte_memcpy(qat_session->xform.rsa.qt.qInv.data, qInv,
+ xform->rsa.qt.qInv.length);
+
+ } else {
+ uint8_t *d = xform->rsa.d.data;
+
+ qat_session->xform.rsa.d.data =
+ rte_malloc(NULL, xform->rsa.d.length, 0);
+ if (qat_session->xform.rsa.d.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.d.length =
+ xform->rsa.d.length;
+ rte_memcpy(qat_session->xform.rsa.d.data, d,
+ xform->rsa.d.length);
+ }
+
+ rte_memcpy(qat_session->xform.rsa.n.data, n,
+ xform->rsa.n.length);
+ rte_memcpy(qat_session->xform.rsa.e.data, e,
+ xform->rsa.e.length);
+
+ return 0;
+
+err:
+ rte_free(qat_session->xform.rsa.n.data);
+ rte_free(qat_session->xform.rsa.e.data);
+ rte_free(qat_session->xform.rsa.d.data);
+ rte_free(qat_session->xform.rsa.qt.p.data);
+ rte_free(qat_session->xform.rsa.qt.q.data);
+ rte_free(qat_session->xform.rsa.qt.dP.data);
+ rte_free(qat_session->xform.rsa.qt.dQ.data);
+ rte_free(qat_session->xform.rsa.qt.qInv.data);
+ return ret;
+}
+
+static void
+session_set_ecdsa(struct qat_asym_session *qat_session,
+ struct rte_crypto_asym_xform *xform)
+{
+ qat_session->xform.ec.curve_id = xform->ec.curve_id;
+}
+
int
qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
- struct rte_crypto_asym_xform *xform __rte_unused,
- struct rte_cryptodev_asym_session *sess __rte_unused)
+ struct rte_crypto_asym_xform *xform,
+ struct rte_cryptodev_asym_session *session)
{
- QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
- return -ENOTSUP;
+ struct qat_asym_session *qat_session;
+ int ret = 0;
+
+ qat_session = (struct qat_asym_session *) session->sess_private_data;
+ memset(qat_session, 0, sizeof(*qat_session));
+
+ qat_session->xform.xform_type = xform->xform_type;
+ switch (xform->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ ret = session_set_modexp(qat_session, xform);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ ret = session_set_modinv(qat_session, xform);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ ret = session_set_rsa(qat_session, xform);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_ECDSA:
+ case RTE_CRYPTO_ASYM_XFORM_ECPM:
+ session_set_ecdsa(qat_session, xform);
+ break;
+ default:
+ ret = -ENOTSUP;
+ }
+
+ if (ret) {
+ QAT_LOG(ERR, "Unsupported xform type");
+ return ret;
+ }
+
+ return 0;
}
unsigned int
qat_asym_session_get_private_size(struct rte_cryptodev *dev __rte_unused)
{
- QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
- return 0;
+ return RTE_ALIGN_CEIL(sizeof(struct qat_asym_session), 8);
+}
+
+static void
+session_clear_modexp(struct rte_crypto_modex_xform *modex)
+{
+ memset(modex->modulus.data, 0, modex->modulus.length);
+ rte_free(modex->modulus.data);
+ memset(modex->exponent.data, 0, modex->exponent.length);
+ rte_free(modex->exponent.data);
+}
+
+static void
+session_clear_modinv(struct rte_crypto_modinv_xform *modinv)
+{
+ memset(modinv->modulus.data, 0, modinv->modulus.length);
+ rte_free(modinv->modulus.data);
+}
+
+static void
+session_clear_rsa(struct rte_crypto_rsa_xform *rsa)
+{
+ return;
+ memset(rsa->n.data, 0, rsa->n.length);
+ rte_free(rsa->n.data);
+ memset(rsa->e.data, 0, rsa->e.length);
+ rte_free(rsa->e.data);
+ if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) {
+ memset(rsa->d.data, 0, rsa->d.length);
+ rte_free(rsa->d.data);
+ } else {
+ memset(rsa->qt.p.data, 0, rsa->qt.p.length);
+ rte_free(rsa->qt.p.data);
+ memset(rsa->qt.q.data, 0, rsa->qt.q.length);
+ rte_free(rsa->qt.q.data);
+ memset(rsa->qt.dP.data, 0, rsa->qt.dP.length);
+ rte_free(rsa->qt.dP.data);
+ memset(rsa->qt.dQ.data, 0, rsa->qt.dQ.length);
+ rte_free(rsa->qt.dQ.data);
+ memset(rsa->qt.qInv.data, 0, rsa->qt.qInv.length);
+ rte_free(rsa->qt.qInv.data);
+ }
+}
+
+static void
+session_clear_xform(struct qat_asym_session *qat_session)
+{
+ switch (qat_session->xform.xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ session_clear_modexp(&qat_session->xform.modex);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ session_clear_modinv(&qat_session->xform.modinv);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ session_clear_rsa(&qat_session->xform.rsa);
+ break;
+ default:
+ break;
+ }
}
void
-qat_asym_session_clear(struct rte_cryptodev *dev __rte_unused,
- struct rte_cryptodev_asym_session *sess __rte_unused)
+qat_asym_session_clear(struct rte_cryptodev *dev,
+ struct rte_cryptodev_asym_session *session)
{
- QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
+ void *sess_priv = session->sess_private_data;
+ struct qat_asym_session *qat_session =
+ (struct qat_asym_session *)sess_priv;
+
+ if (sess_priv) {
+ session_clear_xform(qat_session);
+ memset(qat_session, 0, qat_asym_session_get_private_size(dev));
+ }
}
static uint16_t
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index 6267c53bea..b1d403486f 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -73,7 +73,7 @@ struct qat_asym_op_cookie {
struct qat_asym_session {
struct icp_qat_fw_pke_request req_tmpl;
- struct rte_crypto_asym_xform *xform;
+ struct rte_crypto_asym_xform xform;
};
static inline void
diff --git a/drivers/crypto/qat/qat_ec.h b/drivers/crypto/qat/qat_ec.h
index c2f3ce93d2..a310e3f4d3 100644
--- a/drivers/crypto/qat/qat_ec.h
+++ b/drivers/crypto/qat/qat_ec.h
@@ -31,7 +31,7 @@ struct elliptic_curve {
buffer h;
};
-static struct elliptic_curve __rte_unused curve[] = {
+static struct elliptic_curve curve[] = {
[SECP256R1] = {
.name = "secp256r1",
.bytesize = 32,
@@ -190,7 +190,7 @@ static struct elliptic_curve __rte_unused curve[] = {
}
};
-static int __rte_unused
+static int
pick_curve(struct rte_crypto_asym_xform *xform)
{
switch (xform->ec.curve_id) {
--
2.13.6
^ permalink raw reply related [flat|nested] 7+ messages in thread
* RE: [EXT] [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms
2022-02-21 10:48 [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
` (4 preceding siblings ...)
2022-02-21 10:48 ` [PATCH v3 5/5] crypto/qat: refactor asymmetric session Arek Kusztal
@ 2022-02-23 9:19 ` Akhil Goyal
5 siblings, 0 replies; 7+ messages in thread
From: Akhil Goyal @ 2022-02-23 9:19 UTC (permalink / raw)
To: Arek Kusztal, dev; +Cc: roy.fan.zhang
> This patchset adds following asymmetric crypto algorithms to Intel QuickAssist
> Technology driver:
> - ECDSA
> - ECPM
>
> Code also was refactored to be more readable and easier scalable.
>
> v2:
> - add actual implementation
> v3:
> - rebase against newest changes
>
> Depends-on: patch-107793 ("crypto: fix misspelled key in qt format")
> Depends-on: series-21741 ("drivers/qat: QAT symmetric crypto datapatch
> rework")
>
Applied to dpdk-next-crypto
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2022-02-23 9:19 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-21 10:48 [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 1/5] crypto/qat: refactor asymmetric crypto functions Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 2/5] crypto/qat: add named elliptic curves Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 3/5] crypto/qat: add ecdsa algorithm Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 4/5] crypto/qat: add ecpm algorithm Arek Kusztal
2022-02-21 10:48 ` [PATCH v3 5/5] crypto/qat: refactor asymmetric session Arek Kusztal
2022-02-23 9:19 ` [EXT] [PATCH v3 0/5] crypto/qat: add asymmetric crypto algorithms Akhil Goyal
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.