[PATCH] crypto/qat: remove openssl 3.0 deprecated functions

DPDK patches and discussions
 help / color / mirror / Atom feed

* [PATCH] crypto/qat: remove openssl 3.0 deprecated functions
@ 2021-12-28 10:08 Arek Kusztal
  2023-02-01 14:36 ` [EXT] " Akhil Goyal
  0 siblings, 1 reply; 2+ messages in thread
From: Arek Kusztal @ 2021-12-28 10:08 UTC (permalink / raw)
  To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal

This commit removes OpenSSL 3.0 deprecated functions
from Intel QuickAssist Technology PMD. It does not remove
all deprecated functions, this will be added in later versions.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 drivers/crypto/qat/qat_sym_session.c | 47 ++++++++++++++++++------------------
 1 file changed, 23 insertions(+), 24 deletions(-)

diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 8ca475ca8b..57deddba85 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -72,6 +72,26 @@ qat_sym_cd_auth_set(struct qat_sym_session *cdesc,
 static void
 qat_sym_session_init_common_hdr(struct qat_sym_session *session);
 
+/* AES helper function */
+static int
+aes_encrypt(const uint8_t *key, uint8_t *in, uint8_t *out)
+{
+	int outlen;
+	EVP_CIPHER_CTX *ctx;
+
+	ctx = EVP_CIPHER_CTX_new();
+	if (ctx == NULL) {
+		QAT_LOG(ERR, "EVP_CIPHER_CTX_new error");
+		return -1;
+	}
+	EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key, NULL);
+	if (!EVP_EncryptUpdate(ctx, out, &outlen, in, 16)) {
+		QAT_LOG(ERR, "EVP_EncryptUpdate error");
+		return -1;
+	}
+	return 0;
+}
+
 /* Req/cd init functions */
 
 static void
@@ -1309,7 +1329,6 @@ static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 
 		/* CMAC */
 		if (aes_cmac) {
-			AES_KEY enc_key;
 			uint8_t *in = NULL;
 			uint8_t k0[ICP_QAT_HW_AES_128_KEY_SZ];
 			uint8_t *k1, *k2;
@@ -1327,14 +1346,8 @@ static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 			rte_memcpy(in, AES_CMAC_SEED,
 				   ICP_QAT_HW_AES_128_KEY_SZ);
 			rte_memcpy(p_state_buf, auth_key, auth_keylen);
-
-			if (AES_set_encrypt_key(auth_key, auth_keylen << 3,
-				&enc_key) != 0) {
-				rte_free(in);
+			if (aes_encrypt(auth_key, in, k0) < 0)
 				return -EFAULT;
-			}
-
-			AES_encrypt(in, k0, &enc_key);
 
 			k1 = p_state_buf + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ;
 			k2 = k1 + ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ;
@@ -1360,7 +1373,6 @@ static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 			uint8_t *in = NULL;
 			uint8_t *out = p_state_buf;
 			int x;
-			AES_KEY enc_key;
 
 			in = rte_zmalloc("working mem for key",
 					ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ, 16);
@@ -1372,17 +1384,8 @@ static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 			rte_memcpy(in, qat_aes_xcbc_key_seed,
 					ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ);
 			for (x = 0; x < HASH_XCBC_PRECOMP_KEY_NUM; x++) {
-				if (AES_set_encrypt_key(auth_key,
-							auth_keylen << 3,
-							&enc_key) != 0) {
-					rte_free(in -
-					  (x * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ));
-					memset(out -
-					   (x * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ),
-					  0, ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ);
+				if (aes_encrypt(auth_key, in, out) < 0)
 					return -EFAULT;
-				}
-				AES_encrypt(in, out, &enc_key);
 				in += ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ;
 				out += ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ;
 			}
@@ -1395,7 +1398,6 @@ static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 		(hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_64)) {
 		uint8_t *in = NULL;
 		uint8_t *out = p_state_buf;
-		AES_KEY enc_key;
 
 		memset(p_state_buf, 0, ICP_QAT_HW_GALOIS_H_SZ +
 				ICP_QAT_HW_GALOIS_LEN_A_SZ +
@@ -1408,11 +1410,8 @@ static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 		}
 
 		memset(in, 0, ICP_QAT_HW_GALOIS_H_SZ);
-		if (AES_set_encrypt_key(auth_key, auth_keylen << 3,
-			&enc_key) != 0) {
+		if (aes_encrypt(auth_key, in, out) < 0)
 			return -EFAULT;
-		}
-		AES_encrypt(in, out, &enc_key);
 		*p_state_len = ICP_QAT_HW_GALOIS_H_SZ +
 				ICP_QAT_HW_GALOIS_LEN_A_SZ +
 				ICP_QAT_HW_GALOIS_E_CTR0_SZ;
-- 
2.13.6


^ permalink raw reply	[flat|nested] 2+ messages in thread

* RE: [EXT] [PATCH] crypto/qat: remove openssl 3.0 deprecated functions
  2021-12-28 10:08 [PATCH] crypto/qat: remove openssl 3.0 deprecated functions Arek Kusztal
@ 2023-02-01 14:36 ` Akhil Goyal
  0 siblings, 0 replies; 2+ messages in thread
From: Akhil Goyal @ 2023-02-01 14:36 UTC (permalink / raw)
  To: Arek Kusztal, dev, Kai Ji; +Cc: Fan Zhang

> This commit removes OpenSSL 3.0 deprecated functions
> from Intel QuickAssist Technology PMD. It does not remove
> all deprecated functions, this will be added in later versions.
> 
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Reviews please.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-02-01 14:36 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-28 10:08 [PATCH] crypto/qat: remove openssl 3.0 deprecated functions Arek Kusztal
2023-02-01 14:36 ` [EXT] " Akhil Goyal

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).