* [PATCH v2 0/5] crypto/qat: add asymmetric crypto algorithms
@ 2022-02-09 14:00 Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 1/5] crypto/qat: refactor asymmetric crypto functions Arek Kusztal
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Arek Kusztal @ 2022-02-09 14:00 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patchset adds following asymmetric crypto algorithms to Intel QuickAssist Technology driver:
- ECDSA
- ECPM
Code also was refactored to be more readable and easier scalable.
v2:
- add actual implementation
Arek Kusztal (5):
crypto/qat: refactor asymmetric crypto functions
crypto/qat: add named elliptic curves
crypto/qat: add ecdsa algorithm
crypto/qat: add ecpm algorithm
crypto/qat: refactor asymmetric session
doc/guides/cryptodevs/qat.rst | 3 +
doc/guides/rel_notes/release_22_03.rst | 10 +
drivers/common/qat/qat_adf/qat_pke.h | 275 ++++
.../qat/qat_adf/qat_pke_functionality_arrays.h | 79 -
drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 1 -
drivers/crypto/qat/qat_asym.c | 1662 ++++++++++++--------
drivers/crypto/qat/qat_asym.h | 10 +-
drivers/crypto/qat/qat_ec.h | 206 +++
8 files changed, 1544 insertions(+), 702 deletions(-)
create mode 100644 drivers/common/qat/qat_adf/qat_pke.h
delete mode 100644 drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
create mode 100644 drivers/crypto/qat/qat_ec.h
--
2.13.6
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 1/5] crypto/qat: refactor asymmetric crypto functions
2022-02-09 14:00 [PATCH v2 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
@ 2022-02-09 14:00 ` Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 2/5] crypto/qat: add named elliptic curves Arek Kusztal
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Arek Kusztal @ 2022-02-09 14:00 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This commit refactors asummetric crypto functions
in Intel QuickAssist Technology PMD.
Functions right now are shorter and far easier readable,
plus it facilitates addition of new algorithms.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/qat.rst | 1 +
drivers/common/qat/qat_adf/qat_pke.h | 215 ++++
.../qat/qat_adf/qat_pke_functionality_arrays.h | 79 --
drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 1 -
drivers/crypto/qat/qat_asym.c | 1123 +++++++++-----------
drivers/crypto/qat/qat_asym.h | 2 +-
6 files changed, 710 insertions(+), 711 deletions(-)
create mode 100644 drivers/common/qat/qat_adf/qat_pke.h
delete mode 100644 drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 666a01df33..4428b89195 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -174,6 +174,7 @@ The QAT ASYM PMD has support for:
* ``RTE_CRYPTO_ASYM_XFORM_MODEX``
* ``RTE_CRYPTO_ASYM_XFORM_MODINV``
+* ``RTE_CRYPTO_ASYM_XFORM_RSA``
Limitations
~~~~~~~~~~~
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
new file mode 100644
index 0000000000..82bb1ee55e
--- /dev/null
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -0,0 +1,215 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2021-2022 Intel Corporation
+ */
+
+#ifndef _QAT_PKE_FUNCTIONALITY_ARRAYS_H_
+#define _QAT_PKE_FUNCTIONALITY_ARRAYS_H_
+
+#include "icp_qat_fw_mmp_ids.h"
+
+/*
+ * Modular exponentiation functionality IDs
+ */
+
+struct qat_asym_function {
+ uint32_t func_id;
+ uint32_t bytesize;
+};
+
+static struct qat_asym_function
+get_modexp_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+
+ if (xform->modex.modulus.length <= 64) {
+ qat_function.func_id = MATHS_MODEXP_L512;
+ qat_function.bytesize = 64;
+ } else if (xform->modex.modulus.length <= 128) {
+ qat_function.func_id = MATHS_MODEXP_L1024;
+ qat_function.bytesize = 128;
+ } else if (xform->modex.modulus.length <= 192) {
+ qat_function.func_id = MATHS_MODEXP_L1536;
+ qat_function.bytesize = 192;
+ } else if (xform->modex.modulus.length <= 256) {
+ qat_function.func_id = MATHS_MODEXP_L2048;
+ qat_function.bytesize = 256;
+ } else if (xform->modex.modulus.length <= 320) {
+ qat_function.func_id = MATHS_MODEXP_L2560;
+ qat_function.bytesize = 320;
+ } else if (xform->modex.modulus.length <= 384) {
+ qat_function.func_id = MATHS_MODEXP_L3072;
+ qat_function.bytesize = 384;
+ } else if (xform->modex.modulus.length <= 448) {
+ qat_function.func_id = MATHS_MODEXP_L3584;
+ qat_function.bytesize = 448;
+ } else if (xform->modex.modulus.length <= 512) {
+ qat_function.func_id = MATHS_MODEXP_L4096;
+ qat_function.bytesize = 512;
+ }
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_modinv_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+
+ if (xform->modinv.modulus.data[
+ xform->modinv.modulus.length - 1] & 0x01) {
+ if (xform->modex.modulus.length <= 16) {
+ qat_function.func_id = MATHS_MODINV_ODD_L128;
+ qat_function.bytesize = 16;
+ } else if (xform->modex.modulus.length <= 24) {
+ qat_function.func_id = MATHS_MODINV_ODD_L192;
+ qat_function.bytesize = 24;
+ } else if (xform->modex.modulus.length <= 32) {
+ qat_function.func_id = MATHS_MODINV_ODD_L256;
+ qat_function.bytesize = 32;
+ } else if (xform->modex.modulus.length <= 48) {
+ qat_function.func_id = MATHS_MODINV_ODD_L384;
+ qat_function.bytesize = 48;
+ } else if (xform->modex.modulus.length <= 64) {
+ qat_function.func_id = MATHS_MODINV_ODD_L512;
+ qat_function.bytesize = 64;
+ } else if (xform->modex.modulus.length <= 96) {
+ qat_function.func_id = MATHS_MODINV_ODD_L768;
+ qat_function.bytesize = 96;
+ } else if (xform->modex.modulus.length <= 128) {
+ qat_function.func_id = MATHS_MODINV_ODD_L1024;
+ qat_function.bytesize = 128;
+ } else if (xform->modex.modulus.length <= 192) {
+ qat_function.func_id = MATHS_MODINV_ODD_L1536;
+ qat_function.bytesize = 192;
+ } else if (xform->modex.modulus.length <= 256) {
+ qat_function.func_id = MATHS_MODINV_ODD_L2048;
+ qat_function.bytesize = 256;
+ } else if (xform->modex.modulus.length <= 384) {
+ qat_function.func_id = MATHS_MODINV_ODD_L3072;
+ qat_function.bytesize = 384;
+ } else if (xform->modex.modulus.length <= 512) {
+ qat_function.func_id = MATHS_MODINV_ODD_L4096;
+ qat_function.bytesize = 512;
+ }
+ } else {
+ if (xform->modex.modulus.length <= 16) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L128;
+ qat_function.bytesize = 16;
+ } else if (xform->modex.modulus.length <= 24) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L192;
+ qat_function.bytesize = 24;
+ } else if (xform->modex.modulus.length <= 32) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L256;
+ qat_function.bytesize = 32;
+ } else if (xform->modex.modulus.length <= 48) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L384;
+ qat_function.bytesize = 48;
+ } else if (xform->modex.modulus.length <= 64) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L512;
+ qat_function.bytesize = 64;
+ } else if (xform->modex.modulus.length <= 96) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L768;
+ qat_function.bytesize = 96;
+ } else if (xform->modex.modulus.length <= 128) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L1024;
+ qat_function.bytesize = 128;
+ } else if (xform->modex.modulus.length <= 192) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L1536;
+ qat_function.bytesize = 192;
+ } else if (xform->modex.modulus.length <= 256) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L2048;
+ qat_function.bytesize = 256;
+ } else if (xform->modex.modulus.length <= 384) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L3072;
+ qat_function.bytesize = 384;
+ } else if (xform->modex.modulus.length <= 512) {
+ qat_function.func_id = MATHS_MODINV_EVEN_L4096;
+ qat_function.bytesize = 512;
+ }
+ }
+
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_rsa_enc_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+
+ if (xform->rsa.n.length <= 64) {
+ qat_function.func_id = PKE_RSA_EP_512;
+ qat_function.bytesize = 64;
+ } else if (xform->rsa.n.length <= 128) {
+ qat_function.func_id = PKE_RSA_EP_1024;
+ qat_function.bytesize = 128;
+ } else if (xform->rsa.n.length <= 192) {
+ qat_function.func_id = PKE_RSA_EP_1536;
+ qat_function.bytesize = 192;
+ } else if (xform->rsa.n.length <= 256) {
+ qat_function.func_id = PKE_RSA_EP_2048;
+ qat_function.bytesize = 256;
+ } else if (xform->rsa.n.length <= 384) {
+ qat_function.func_id = PKE_RSA_EP_3072;
+ qat_function.bytesize = 384;
+ } else if (xform->rsa.n.length <= 512) {
+ qat_function.func_id = PKE_RSA_EP_4096;
+ qat_function.bytesize = 512;
+ }
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_rsa_dec_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+
+ if (xform->rsa.n.length <= 64) {
+ qat_function.func_id = PKE_RSA_DP1_512;
+ qat_function.bytesize = 64;
+ } else if (xform->rsa.n.length <= 128) {
+ qat_function.func_id = PKE_RSA_DP1_1024;
+ qat_function.bytesize = 128;
+ } else if (xform->rsa.n.length <= 192) {
+ qat_function.func_id = PKE_RSA_DP1_1536;
+ qat_function.bytesize = 192;
+ } else if (xform->rsa.n.length <= 256) {
+ qat_function.func_id = PKE_RSA_DP1_2048;
+ qat_function.bytesize = 256;
+ } else if (xform->rsa.n.length <= 384) {
+ qat_function.func_id = PKE_RSA_DP1_3072;
+ qat_function.bytesize = 384;
+ } else if (xform->rsa.n.length <= 512) {
+ qat_function.func_id = PKE_RSA_DP1_4096;
+ qat_function.bytesize = 512;
+ }
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_rsa_crt_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function = { };
+ int nlen = xform->rsa.qt.p.length * 2;
+
+ if (nlen <= 64) {
+ qat_function.func_id = PKE_RSA_DP2_512;
+ qat_function.bytesize = 64;
+ } else if (nlen <= 128) {
+ qat_function.func_id = PKE_RSA_DP2_1024;
+ qat_function.bytesize = 128;
+ } else if (nlen <= 192) {
+ qat_function.func_id = PKE_RSA_DP2_1536;
+ qat_function.bytesize = 192;
+ } else if (nlen <= 256) {
+ qat_function.func_id = PKE_RSA_DP2_2048;
+ qat_function.bytesize = 256;
+ } else if (nlen <= 384) {
+ qat_function.func_id = PKE_RSA_DP2_3072;
+ qat_function.bytesize = 384;
+ } else if (nlen <= 512) {
+ qat_function.func_id = PKE_RSA_DP2_4096;
+ qat_function.bytesize = 512;
+ }
+ return qat_function;
+}
+
+#endif
diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
deleted file mode 100644
index 42ffbbadd0..0000000000
--- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2019 Intel Corporation
- */
-
-#ifndef _QAT_PKE_FUNCTIONALITY_ARRAYS_H_
-#define _QAT_PKE_FUNCTIONALITY_ARRAYS_H_
-
-#include "icp_qat_fw_mmp_ids.h"
-
-/*
- * Modular exponentiation functionality IDs
- */
-static const uint32_t MOD_EXP_SIZE[][2] = {
- { 512, MATHS_MODEXP_L512 },
- { 1024, MATHS_MODEXP_L1024 },
- { 1536, MATHS_MODEXP_L1536 },
- { 2048, MATHS_MODEXP_L2048 },
- { 2560, MATHS_MODEXP_L2560 },
- { 3072, MATHS_MODEXP_L3072 },
- { 3584, MATHS_MODEXP_L3584 },
- { 4096, MATHS_MODEXP_L4096 }
-};
-
-static const uint32_t MOD_INV_IDS_ODD[][2] = {
- { 128, MATHS_MODINV_ODD_L128 },
- { 192, MATHS_MODINV_ODD_L192 },
- { 256, MATHS_MODINV_ODD_L256 },
- { 384, MATHS_MODINV_ODD_L384 },
- { 512, MATHS_MODINV_ODD_L512 },
- { 768, MATHS_MODINV_ODD_L768 },
- { 1024, MATHS_MODINV_ODD_L1024 },
- { 1536, MATHS_MODINV_ODD_L1536 },
- { 2048, MATHS_MODINV_ODD_L2048 },
- { 3072, MATHS_MODINV_ODD_L3072 },
- { 4096, MATHS_MODINV_ODD_L4096 },
-};
-
-static const uint32_t MOD_INV_IDS_EVEN[][2] = {
- { 128, MATHS_MODINV_EVEN_L128 },
- { 192, MATHS_MODINV_EVEN_L192 },
- { 256, MATHS_MODINV_EVEN_L256 },
- { 384, MATHS_MODINV_EVEN_L384 },
- { 512, MATHS_MODINV_EVEN_L512 },
- { 768, MATHS_MODINV_EVEN_L768 },
- { 1024, MATHS_MODINV_EVEN_L1024 },
- { 1536, MATHS_MODINV_EVEN_L1536 },
- { 2048, MATHS_MODINV_EVEN_L2048 },
- { 3072, MATHS_MODINV_EVEN_L3072 },
- { 4096, MATHS_MODINV_EVEN_L4096 },
-};
-
-static const uint32_t RSA_ENC_IDS[][2] = {
- { 512, PKE_RSA_EP_512 },
- { 1024, PKE_RSA_EP_1024 },
- { 1536, PKE_RSA_EP_1536 },
- { 2048, PKE_RSA_EP_2048 },
- { 3072, PKE_RSA_EP_3072 },
- { 4096, PKE_RSA_EP_4096 },
-};
-
-static const uint32_t RSA_DEC_IDS[][2] = {
- { 512, PKE_RSA_DP1_512 },
- { 1024, PKE_RSA_DP1_1024 },
- { 1536, PKE_RSA_DP1_1536 },
- { 2048, PKE_RSA_DP1_2048 },
- { 3072, PKE_RSA_DP1_3072 },
- { 4096, PKE_RSA_DP1_4096 },
-};
-
-static const uint32_t RSA_DEC_CRT_IDS[][2] = {
- { 512, PKE_RSA_DP2_512 },
- { 1024, PKE_RSA_DP2_1024 },
- { 1536, PKE_RSA_DP2_1536 },
- { 2048, PKE_RSA_DP2_2048 },
- { 3072, PKE_RSA_DP2_3072 },
- { 4096, PKE_RSA_DP2_4096 },
-};
-
-#endif
diff --git a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
index 9ed1f21d9d..c3cee42c28 100644
--- a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
+++ b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
@@ -7,7 +7,6 @@
#include "qat_asym.h"
#include "qat_crypto.h"
#include "qat_crypto_pmd_gens.h"
-#include "qat_pke_functionality_arrays.h"
struct rte_cryptodev_ops qat_asym_crypto_ops_gen1 = {
/* Device related operations */
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 09d8761c5f..9b4c579a9d 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2019 Intel Corporation
+ * Copyright(c) 2019-2022 Intel Corporation
*/
#include <stdarg.h>
@@ -7,64 +7,54 @@
#include "qat_asym.h"
#include "icp_qat_fw_pke.h"
#include "icp_qat_fw.h"
-#include "qat_pke_functionality_arrays.h"
+#include "qat_pke.h"
-#define qat_asym_sz_2param(arg) (arg, sizeof(arg)/sizeof(*arg))
-
-static int qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
- size_t arr_sz, size_t *size, uint32_t *func_id)
-{
- size_t i;
-
- for (i = 0; i < arr_sz; i++) {
- if (*size <= arr[i][0]) {
- *size = arr[i][0];
- *func_id = arr[i][1];
- return 0;
- }
- }
- return -1;
-}
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+#define HEXDUMP(name, where, size) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
+ where, size)
+#define HEXDUMP_OFF(name, where, size, idx) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
+ &where[idx * size], size)
+#else
+#define HEXDUMP(name, where, size)
+#define HEXDUMP_OFF(name, where, size, idx)
+#endif
-static inline void qat_fill_req_tmpl(struct icp_qat_fw_pke_request *qat_req)
+#define CHECK_IF_NOT_EMPTY(param, name, pname, status) \
+ do { \
+ if (param.length == 0) { \
+ QAT_LOG(ERR, \
+ "Invalid " name \
+ " input parameter, zero length " pname \
+ ); \
+ status = -EINVAL; \
+ } else if (check_zero(param)) { \
+ QAT_LOG(ERR, \
+ "Invalid " name " input parameter, empty " \
+ pname ", length = %d", \
+ (int)param.length \
+ ); \
+ status = -EINVAL; \
+ } \
+ } while (0)
+
+#define SET_PKE_LN(where, what, how, idx) \
+ rte_memcpy(where[idx] + how - \
+ what.length, \
+ what.data, \
+ what.length)
+
+static void
+request_init(struct icp_qat_fw_pke_request *qat_req)
{
memset(qat_req, 0, sizeof(*qat_req));
qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_CPM_FW_PKE;
-
qat_req->pke_hdr.hdr_flags =
ICP_QAT_FW_COMN_HDR_FLAGS_BUILD
(ICP_QAT_FW_COMN_REQ_FLAG_SET);
}
-static inline void qat_asym_build_req_tmpl(void *sess_private_data)
-{
- struct icp_qat_fw_pke_request *qat_req;
- struct qat_asym_session *session = sess_private_data;
-
- qat_req = &session->req_tmpl;
- qat_fill_req_tmpl(qat_req);
-}
-
-static size_t max_of(int n, ...)
-{
- va_list args;
- size_t len = 0, num;
- int i;
-
- va_start(args, n);
- len = va_arg(args, size_t);
-
- for (i = 0; i < n - 1; i++) {
- num = va_arg(args, size_t);
- if (num > len)
- len = num;
- }
- va_end(args);
-
- return len;
-}
-
-static void qat_clear_arrays(struct qat_asym_op_cookie *cookie,
+static void
+cleanup_arrays(struct qat_asym_op_cookie *cookie,
int in_count, int out_count, int alg_size)
{
int i;
@@ -75,7 +65,8 @@ static void qat_clear_arrays(struct qat_asym_op_cookie *cookie,
memset(cookie->output_array[i], 0x0, alg_size);
}
-static void qat_clear_arrays_crt(struct qat_asym_op_cookie *cookie,
+static void
+cleanup_crt(struct qat_asym_op_cookie *cookie,
int alg_size)
{
int i;
@@ -87,432 +78,489 @@ static void qat_clear_arrays_crt(struct qat_asym_op_cookie *cookie,
memset(cookie->output_array[i], 0x0, alg_size);
}
-static void qat_clear_arrays_by_alg(struct qat_asym_op_cookie *cookie,
+static void
+cleanup(struct qat_asym_op_cookie *cookie,
struct rte_crypto_asym_xform *xform, int alg_size)
{
if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX)
- qat_clear_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS,
+ cleanup_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS,
QAT_ASYM_MODEXP_NUM_OUT_PARAMS, alg_size);
else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV)
- qat_clear_arrays(cookie, QAT_ASYM_MODINV_NUM_IN_PARAMS,
+ cleanup_arrays(cookie, QAT_ASYM_MODINV_NUM_IN_PARAMS,
QAT_ASYM_MODINV_NUM_OUT_PARAMS, alg_size);
else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT)
- qat_clear_arrays_crt(cookie, alg_size);
+ cleanup_crt(cookie, alg_size);
else {
- qat_clear_arrays(cookie, QAT_ASYM_RSA_NUM_IN_PARAMS,
+ cleanup_arrays(cookie, QAT_ASYM_RSA_NUM_IN_PARAMS,
QAT_ASYM_RSA_NUM_OUT_PARAMS, alg_size);
}
}
}
-static int qat_asym_check_nonzero(rte_crypto_param n)
+static int
+check_zero(rte_crypto_param n)
{
- if (n.length < 8) {
- /* Not a case for any cryptographic function except for DH
- * generator which very often can be of one byte length
- */
- size_t i;
-
- if (n.data[n.length - 1] == 0x0) {
- for (i = 0; i < n.length - 1; i++)
- if (n.data[i] != 0x0)
- break;
- if (i == n.length - 1)
- return -(EINVAL);
- }
- } else if (*(uint64_t *)&n.data[
- n.length - 8] == 0) {
- /* Very likely it is zeroed modulus */
- size_t i;
+ int i, len = n.length;
- for (i = 0; i < n.length - 8; i++)
+ if (len < 8) {
+ for (i = len - 1; i >= 0; i--) {
if (n.data[i] != 0x0)
- break;
- if (i == n.length - 8)
- return -(EINVAL);
+ return 0;
+ }
+ } else if (len == 8 && *(uint64_t *)&n.data[len - 8] == 0) {
+ return 1;
+ } else if (*(uint64_t *)&n.data[len - 8] == 0) {
+ for (i = len - 9; i >= 0; i--) {
+ if (n.data[i] != 0x0)
+ return 0;
+ }
+ } else
+ return 0;
+
+ return 1;
+}
+
+static struct qat_asym_function
+get_asym_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+
+ switch (xform->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ qat_function = get_modexp_function(xform);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ qat_function = get_modinv_function(xform);
+ break;
+ default:
+ qat_function.func_id = 0;
+ break;
}
- return 0;
+ return qat_function;
}
static int
-qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op,
+modexp_set_input(struct rte_crypto_asym_op *asym_op,
struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
struct rte_crypto_asym_xform *xform)
{
- int err = 0;
- size_t alg_size;
- size_t alg_size_in_bytes;
- uint32_t func_id = 0;
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, func_id;
+ int status = 0;
+
+ CHECK_IF_NOT_EMPTY(xform->modex.modulus, "mod exp",
+ "modulus", status);
+ CHECK_IF_NOT_EMPTY(xform->modex.exponent, "mod exp",
+ "exponent", status);
+ if (status)
+ return status;
+
+ qat_function = get_asym_function(xform);
+ func_id = qat_function.func_id;
+ if (qat_function.func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
- if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
- err = qat_asym_check_nonzero(xform->modex.modulus);
- if (err) {
- QAT_LOG(ERR, "Empty modulus in modular exponentiation,"
- " aborting this operation");
- return err;
- }
+ SET_PKE_LN(cookie->input_array, asym_op->modex.base,
+ alg_bytesize, 0);
+ SET_PKE_LN(cookie->input_array, xform->modex.exponent,
+ alg_bytesize, 1);
+ SET_PKE_LN(cookie->input_array, xform->modex.modulus,
+ alg_bytesize, 2);
- alg_size_in_bytes = max_of(3, asym_op->modex.base.length,
- xform->modex.exponent.length,
- xform->modex.modulus.length);
- alg_size = alg_size_in_bytes << 3;
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count = QAT_ASYM_MODEXP_NUM_IN_PARAMS;
+ qat_req->output_param_count = QAT_ASYM_MODEXP_NUM_OUT_PARAMS;
- if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE,
- sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE),
- &alg_size, &func_id)) {
- return -(EINVAL);
+ HEXDUMP("ModExp base", cookie->input_array[0], alg_bytesize);
+ HEXDUMP("ModExp exponent", cookie->input_array[1], alg_bytesize);
+ HEXDUMP("ModExp modulus", cookie->input_array[2], alg_bytesize);
+
+ return status;
+}
+
+static uint8_t
+modexp_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ rte_crypto_param n = xform->modex.modulus;
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+ uint8_t *modexp_result = asym_op->modex.result.data;
+
+ rte_memcpy(modexp_result,
+ cookie->output_array[0] + alg_bytesize
+ - n.length, n.length);
+ HEXDUMP("ModExp result", cookie->output_array[0],
+ alg_bytesize);
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+static int
+modinv_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, func_id;
+ int status = 0;
+
+ CHECK_IF_NOT_EMPTY(xform->modex.modulus, "mod inv",
+ "modulus", status);
+ if (status)
+ return status;
+
+ qat_function = get_asym_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+
+ SET_PKE_LN(cookie->input_array, asym_op->modinv.base,
+ alg_bytesize, 0);
+ SET_PKE_LN(cookie->input_array, xform->modinv.modulus,
+ alg_bytesize, 1);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_MODINV_NUM_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_MODINV_NUM_OUT_PARAMS;
+
+ HEXDUMP("ModInv base", cookie->input_array[0], alg_bytesize);
+ HEXDUMP("ModInv modulus", cookie->input_array[1], alg_bytesize);
+
+ return 0;
+}
+
+static uint8_t
+modinv_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ rte_crypto_param n = xform->modinv.modulus;
+ uint8_t *modinv_result = asym_op->modinv.result.data;
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+
+ rte_memcpy(modinv_result + (asym_op->modinv.result.length
+ - n.length),
+ cookie->output_array[0] + alg_bytesize
+ - n.length, n.length);
+ HEXDUMP("ModInv result", cookie->output_array[0],
+ alg_bytesize);
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+static int
+rsa_set_pub_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, func_id;
+ int status = 0;
+
+ qat_function = get_rsa_enc_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ SET_PKE_LN(cookie->input_array, asym_op->rsa.message,
+ alg_bytesize, 0);
+ break;
+ default:
+ QAT_LOG(ERR,
+ "Invalid RSA padding (Encryption)"
+ );
+ return -EINVAL;
}
+ HEXDUMP("RSA Message", cookie->input_array[0], alg_bytesize);
+ } else {
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ SET_PKE_LN(cookie->input_array, asym_op->rsa.sign,
+ alg_bytesize, 0);
+ break;
+ default:
+ QAT_LOG(ERR,
+ "Invalid RSA padding (Verify)");
+ return -EINVAL;
+ }
+ HEXDUMP("RSA Signature", cookie->input_array[0],
+ alg_bytesize);
+ }
- alg_size_in_bytes = alg_size >> 3;
- rte_memcpy(cookie->input_array[0] + alg_size_in_bytes -
- asym_op->modex.base.length
- , asym_op->modex.base.data,
- asym_op->modex.base.length);
- rte_memcpy(cookie->input_array[1] + alg_size_in_bytes -
- xform->modex.exponent.length
- , xform->modex.exponent.data,
- xform->modex.exponent.length);
- rte_memcpy(cookie->input_array[2] + alg_size_in_bytes -
- xform->modex.modulus.length,
- xform->modex.modulus.data,
- xform->modex.modulus.length);
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
- qat_req->input_param_count = QAT_ASYM_MODEXP_NUM_IN_PARAMS;
- qat_req->output_param_count = QAT_ASYM_MODEXP_NUM_OUT_PARAMS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp base",
- cookie->input_array[0],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp exponent",
- cookie->input_array[1],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, " ModExpmodulus",
- cookie->input_array[2],
- alg_size_in_bytes);
-#endif
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
- err = qat_asym_check_nonzero(xform->modinv.modulus);
- if (err) {
- QAT_LOG(ERR, "Empty modulus in modular multiplicative"
- " inverse, aborting this operation");
- return err;
+ SET_PKE_LN(cookie->input_array, xform->rsa.e,
+ alg_bytesize, 1);
+ SET_PKE_LN(cookie->input_array, xform->rsa.n,
+ alg_bytesize, 2);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+
+ HEXDUMP("RSA Public Key", cookie->input_array[1], alg_bytesize);
+ HEXDUMP("RSA Modulus", cookie->input_array[2], alg_bytesize);
+
+ return status;
+}
+
+static int
+rsa_set_priv_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, func_id;
+ int status = 0;
+
+ if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) {
+ qat_function = get_rsa_crt_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+ qat_req->input_param_count =
+ QAT_ASYM_RSA_QT_NUM_IN_PARAMS;
+
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.p,
+ (alg_bytesize >> 1), 1);
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.q,
+ (alg_bytesize >> 1), 2);
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.dP,
+ (alg_bytesize >> 1), 3);
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.dQ,
+ (alg_bytesize >> 1), 4);
+ SET_PKE_LN(cookie->input_array, xform->rsa.qt.qInv,
+ (alg_bytesize >> 1), 5);
+
+ HEXDUMP("RSA p", cookie->input_array[1],
+ alg_bytesize);
+ HEXDUMP("RSA q", cookie->input_array[2],
+ alg_bytesize);
+ HEXDUMP("RSA dP", cookie->input_array[3],
+ alg_bytesize);
+ HEXDUMP("RSA dQ", cookie->input_array[4],
+ alg_bytesize);
+ HEXDUMP("RSA qInv", cookie->input_array[5],
+ alg_bytesize);
+ } else if (xform->rsa.key_type ==
+ RTE_RSA_KEY_TYPE_EXP) {
+ qat_function = get_rsa_dec_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
}
+ alg_bytesize = qat_function.bytesize;
- alg_size_in_bytes = max_of(2, asym_op->modinv.base.length,
- xform->modinv.modulus.length);
- alg_size = alg_size_in_bytes << 3;
-
- if (xform->modinv.modulus.data[
- xform->modinv.modulus.length - 1] & 0x01) {
- if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_ODD,
- sizeof(MOD_INV_IDS_ODD)/
- sizeof(*MOD_INV_IDS_ODD),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
- } else {
- if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_EVEN,
- sizeof(MOD_INV_IDS_EVEN)/
- sizeof(*MOD_INV_IDS_EVEN),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
+ SET_PKE_LN(cookie->input_array, xform->rsa.d,
+ alg_bytesize, 1);
+ SET_PKE_LN(cookie->input_array, xform->rsa.n,
+ alg_bytesize, 2);
+
+ HEXDUMP("RSA d", cookie->input_array[1],
+ alg_bytesize);
+ HEXDUMP("RSA n", cookie->input_array[2],
+ alg_bytesize);
+ } else {
+ QAT_LOG(ERR, "Invalid RSA key type");
+ return -EINVAL;
+ }
+
+ if (asym_op->rsa.op_type ==
+ RTE_CRYPTO_ASYM_OP_DECRYPT) {
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ SET_PKE_LN(cookie->input_array, asym_op->rsa.cipher,
+ alg_bytesize, 0);
+ HEXDUMP("RSA ciphertext", cookie->input_array[0],
+ alg_bytesize);
+ break;
+ default:
+ QAT_LOG(ERR,
+ "Invalid padding of RSA (Decrypt)");
+ return -(EINVAL);
}
- alg_size_in_bytes = alg_size >> 3;
- rte_memcpy(cookie->input_array[0] + alg_size_in_bytes -
- asym_op->modinv.base.length
- , asym_op->modinv.base.data,
- asym_op->modinv.base.length);
- rte_memcpy(cookie->input_array[1] + alg_size_in_bytes -
- xform->modinv.modulus.length
- , xform->modinv.modulus.data,
- xform->modinv.modulus.length);
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
- qat_req->input_param_count =
- QAT_ASYM_MODINV_NUM_IN_PARAMS;
- qat_req->output_param_count =
- QAT_ASYM_MODINV_NUM_OUT_PARAMS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv base",
- cookie->input_array[0],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv modulus",
- cookie->input_array[1],
- alg_size_in_bytes);
-#endif
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
- err = qat_asym_check_nonzero(xform->rsa.n);
- if (err) {
- QAT_LOG(ERR, "Empty modulus in RSA"
- " inverse, aborting this operation");
- return err;
+ } else if (asym_op->rsa.op_type ==
+ RTE_CRYPTO_ASYM_OP_SIGN) {
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ SET_PKE_LN(cookie->input_array, asym_op->rsa.message,
+ alg_bytesize, 0);
+ HEXDUMP("RSA text to be signed", cookie->input_array[0],
+ alg_bytesize);
+ break;
+ default:
+ QAT_LOG(ERR,
+ "Invalid padding of RSA (Signature)");
+ return -(EINVAL);
}
+ }
- alg_size_in_bytes = xform->rsa.n.length;
- alg_size = alg_size_in_bytes << 3;
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ return status;
+}
- qat_req->input_param_count =
- QAT_ASYM_RSA_NUM_IN_PARAMS;
- qat_req->output_param_count =
- QAT_ASYM_RSA_NUM_OUT_PARAMS;
-
- if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
- asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_VERIFY) {
-
- if (qat_asym_get_sz_and_func_id(RSA_ENC_IDS,
- sizeof(RSA_ENC_IDS)/
- sizeof(*RSA_ENC_IDS),
- &alg_size, &func_id)) {
- err = -(EINVAL);
- QAT_LOG(ERR,
- "Not supported RSA parameter size (key)");
- return err;
- }
- alg_size_in_bytes = alg_size >> 3;
- if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(cookie->input_array[0] +
- alg_size_in_bytes -
- asym_op->rsa.message.length
- , asym_op->rsa.message.data,
- asym_op->rsa.message.length);
- break;
- default:
- err = -(EINVAL);
- QAT_LOG(ERR,
- "Invalid RSA padding (Encryption)");
- return err;
- }
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Message",
- cookie->input_array[0],
- alg_size_in_bytes);
-#endif
- } else {
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(cookie->input_array[0],
- asym_op->rsa.sign.data,
- alg_size_in_bytes);
- break;
- default:
- err = -(EINVAL);
- QAT_LOG(ERR,
- "Invalid RSA padding (Verify)");
- return err;
- }
+static int
+rsa_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ qat_req->input_param_count =
+ QAT_ASYM_RSA_NUM_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_RSA_NUM_OUT_PARAMS;
+
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
+ asym_op->rsa.op_type ==
+ RTE_CRYPTO_ASYM_OP_VERIFY) {
+ return rsa_set_pub_input(asym_op, qat_req, cookie, xform);
+ } else {
+ return rsa_set_priv_input(asym_op, qat_req, cookie, xform);
+ }
+}
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, " RSA Signature",
- cookie->input_array[0],
- alg_size_in_bytes);
-#endif
+static uint8_t
+rsa_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie)
+{
+ uint32_t alg_bytesize = cookie->alg_bytesize;
- }
- rte_memcpy(cookie->input_array[1] +
- alg_size_in_bytes -
- xform->rsa.e.length
- , xform->rsa.e.data,
- xform->rsa.e.length);
- rte_memcpy(cookie->input_array[2] +
- alg_size_in_bytes -
- xform->rsa.n.length,
- xform->rsa.n.data,
- xform->rsa.n.length);
-
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
+ asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) {
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Public Key",
- cookie->input_array[1], alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Modulus",
- cookie->input_array[2], alg_size_in_bytes);
-#endif
- } else {
- if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_DECRYPT) {
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(cookie->input_array[0]
- + alg_size_in_bytes -
- asym_op->rsa.cipher.length,
- asym_op->rsa.cipher.data,
- asym_op->rsa.cipher.length);
- break;
- default:
- QAT_LOG(ERR,
- "Invalid padding of RSA (Decrypt)");
- return -(EINVAL);
- }
-
- } else if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_SIGN) {
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(cookie->input_array[0]
- + alg_size_in_bytes -
- asym_op->rsa.message.length,
- asym_op->rsa.message.data,
- asym_op->rsa.message.length);
- break;
- default:
- QAT_LOG(ERR,
- "Invalid padding of RSA (Signature)");
- return -(EINVAL);
- }
- }
- if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) {
-
- qat_req->input_param_count =
- QAT_ASYM_RSA_QT_NUM_IN_PARAMS;
- if (qat_asym_get_sz_and_func_id(RSA_DEC_CRT_IDS,
- sizeof(RSA_DEC_CRT_IDS)/
- sizeof(*RSA_DEC_CRT_IDS),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
- alg_size_in_bytes = alg_size >> 3;
-
- rte_memcpy(cookie->input_array[1] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.p.length
- , xform->rsa.qt.p.data,
- xform->rsa.qt.p.length);
- rte_memcpy(cookie->input_array[2] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.q.length
- , xform->rsa.qt.q.data,
- xform->rsa.qt.q.length);
- rte_memcpy(cookie->input_array[3] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.dP.length
- , xform->rsa.qt.dP.data,
- xform->rsa.qt.dP.length);
- rte_memcpy(cookie->input_array[4] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.dQ.length
- , xform->rsa.qt.dQ.data,
- xform->rsa.qt.dQ.length);
- rte_memcpy(cookie->input_array[5] +
- (alg_size_in_bytes >> 1) -
- xform->rsa.qt.qInv.length
- , xform->rsa.qt.qInv.data,
- xform->rsa.qt.qInv.length);
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
+ if (asym_op->rsa.op_type ==
+ RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+ uint8_t *rsa_result = asym_op->rsa.cipher.data;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "C",
- cookie->input_array[0],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "p",
- cookie->input_array[1],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "q",
- cookie->input_array[2],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG,
- "dP", cookie->input_array[3],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG,
- "dQ", cookie->input_array[4],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG,
- "qInv", cookie->input_array[5],
- alg_size_in_bytes);
-#endif
- } else if (xform->rsa.key_type ==
- RTE_RSA_KEY_TYPE_EXP) {
- if (qat_asym_get_sz_and_func_id(
- RSA_DEC_IDS,
- sizeof(RSA_DEC_IDS)/
- sizeof(*RSA_DEC_IDS),
- &alg_size, &func_id)) {
- return -(EINVAL);
- }
- alg_size_in_bytes = alg_size >> 3;
- rte_memcpy(cookie->input_array[1] +
- alg_size_in_bytes -
- xform->rsa.d.length,
- xform->rsa.d.data,
- xform->rsa.d.length);
- rte_memcpy(cookie->input_array[2] +
- alg_size_in_bytes -
- xform->rsa.n.length,
- xform->rsa.n.data,
- xform->rsa.n.length);
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA ciphertext",
- cookie->input_array[0],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA d", cookie->input_array[1],
- alg_size_in_bytes);
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA n", cookie->input_array[2],
- alg_size_in_bytes);
-#endif
+ rte_memcpy(rsa_result,
+ cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("RSA Encrypted data", cookie->output_array[0],
+ alg_bytesize);
+ } else {
+ uint8_t *rsa_result = asym_op->rsa.cipher.data;
- cookie->alg_size = alg_size;
- qat_req->pke_hdr.cd_pars.func_id = func_id;
- } else {
- QAT_LOG(ERR, "Invalid RSA key type");
- return -(EINVAL);
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ rte_memcpy(rsa_result,
+ cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("RSA signature",
+ cookie->output_array[0],
+ alg_bytesize);
+ break;
+ default:
+ QAT_LOG(ERR, "Padding not supported");
+ return RTE_CRYPTO_OP_STATUS_ERROR;
}
}
} else {
- QAT_LOG(ERR, "Invalid asymmetric crypto xform");
- return -(EINVAL);
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
+ uint8_t *rsa_result = asym_op->rsa.message.data;
+
+ switch (asym_op->rsa.pad) {
+ case RTE_CRYPTO_RSA_PADDING_NONE:
+ rte_memcpy(rsa_result,
+ cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("RSA Decrypted Message",
+ cookie->output_array[0],
+ alg_bytesize);
+ break;
+ default:
+ QAT_LOG(ERR, "Padding not supported");
+ return RTE_CRYPTO_OP_STATUS_ERROR;
+ }
+ } else {
+ uint8_t *rsa_result = asym_op->rsa.sign.data;
+
+ rte_memcpy(rsa_result,
+ cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("RSA Signature", cookie->output_array[0],
+ alg_bytesize);
+ }
}
- return 0;
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+
+static int
+asym_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ switch (xform->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ return modexp_set_input(asym_op, qat_req,
+ cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ return modinv_set_input(asym_op, qat_req,
+ cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ return rsa_set_input(asym_op, qat_req,
+ cookie, xform);
+ default:
+ QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
+ return -EINVAL;
+ }
+ return 1;
}
int
-qat_asym_build_request(void *in_op,
- uint8_t *out_msg,
- void *op_cookie,
+qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
__rte_unused enum qat_device_gen qat_dev_gen)
{
- struct qat_asym_session *ctx;
struct rte_crypto_op *op = (struct rte_crypto_op *)in_op;
struct rte_crypto_asym_op *asym_op = op->asym;
struct icp_qat_fw_pke_request *qat_req =
(struct icp_qat_fw_pke_request *)out_msg;
struct qat_asym_op_cookie *cookie =
- (struct qat_asym_op_cookie *)op_cookie;
+ (struct qat_asym_op_cookie *)op_cookie;
int err = 0;
op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
- if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
- ctx = (struct qat_asym_session *)
- get_asym_session_private_data(
- op->asym->session, qat_asym_driver_id);
- if (unlikely(ctx == NULL)) {
- QAT_LOG(ERR, "Session has not been created for this device");
- goto error;
- }
- rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl));
- err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform);
- if (err) {
- op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
- goto error;
- }
- } else if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
- qat_fill_req_tmpl(qat_req);
- err = qat_asym_fill_arrays(asym_op, qat_req, cookie,
+ switch (op->sess_type) {
+ case RTE_CRYPTO_OP_WITH_SESSION:
+ QAT_LOG(ERR,
+ "QAT asymmetric crypto PMD does not support session"
+ );
+ goto error;
+ case RTE_CRYPTO_OP_SESSIONLESS:
+ request_init(qat_req);
+ err = asym_set_input(asym_op, qat_req, cookie,
op->asym->xform);
if (err) {
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
goto error;
}
- } else {
+ break;
+ default:
QAT_DP_LOG(ERR, "Invalid session/xform settings");
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
goto error;
@@ -522,21 +570,12 @@ qat_asym_build_request(void *in_op,
qat_req->pke_mid.src_data_addr = cookie->input_addr;
qat_req->pke_mid.dest_data_addr = cookie->output_addr;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req,
- sizeof(struct icp_qat_fw_pke_request));
-#endif
+ HEXDUMP("qat_req:", qat_req, sizeof(struct icp_qat_fw_pke_request));
return 0;
error:
-
qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op;
-
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req,
- sizeof(struct icp_qat_fw_pke_request));
-#endif
-
+ HEXDUMP("qat_req:", qat_req, sizeof(struct icp_qat_fw_pke_request));
qat_req->output_param_count = 0;
qat_req->input_param_count = 0;
qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL;
@@ -545,144 +584,30 @@ qat_asym_build_request(void *in_op,
return 0;
}
-static void qat_asym_collect_response(struct rte_crypto_op *rx_op,
+static uint8_t
+qat_asym_collect_response(struct rte_crypto_op *rx_op,
struct qat_asym_op_cookie *cookie,
struct rte_crypto_asym_xform *xform)
{
- size_t alg_size, alg_size_in_bytes = 0;
struct rte_crypto_asym_op *asym_op = rx_op->asym;
- if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
- rte_crypto_param n = xform->modex.modulus;
-
- alg_size = cookie->alg_size;
- alg_size_in_bytes = alg_size >> 3;
- uint8_t *modexp_result = asym_op->modex.result.data;
-
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
- rte_memcpy(modexp_result +
- (asym_op->modex.result.length -
- n.length),
- cookie->output_array[0] + alg_size_in_bytes
- - n.length, n.length
- );
- rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp result",
- cookie->output_array[0],
- alg_size_in_bytes);
-
-#endif
- }
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
- rte_crypto_param n = xform->modinv.modulus;
-
- alg_size = cookie->alg_size;
- alg_size_in_bytes = alg_size >> 3;
- uint8_t *modinv_result = asym_op->modinv.result.data;
-
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
- rte_memcpy(modinv_result + (asym_op->modinv.result.length
- - n.length),
- cookie->output_array[0] + alg_size_in_bytes
- - n.length, n.length);
- rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv result",
- cookie->output_array[0],
- alg_size_in_bytes);
-#endif
- }
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
-
- alg_size = cookie->alg_size;
- alg_size_in_bytes = alg_size >> 3;
- if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
- asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_VERIFY) {
- if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_ENCRYPT) {
- uint8_t *rsa_result = asym_op->rsa.cipher.data;
-
- rte_memcpy(rsa_result,
- cookie->output_array[0],
- alg_size_in_bytes);
- rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Encrypted data",
- cookie->output_array[0],
- alg_size_in_bytes);
-#endif
- } else if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_VERIFY) {
- uint8_t *rsa_result = asym_op->rsa.cipher.data;
-
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(rsa_result,
- cookie->output_array[0],
- alg_size_in_bytes);
- rx_op->status =
- RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature",
- cookie->output_array[0],
- alg_size_in_bytes);
-#endif
- break;
- default:
- QAT_LOG(ERR, "Padding not supported");
- rx_op->status =
- RTE_CRYPTO_OP_STATUS_ERROR;
- break;
- }
- }
- } else {
- if (asym_op->rsa.op_type ==
- RTE_CRYPTO_ASYM_OP_DECRYPT) {
- uint8_t *rsa_result = asym_op->rsa.message.data;
-
- switch (asym_op->rsa.pad) {
- case RTE_CRYPTO_RSA_PADDING_NONE:
- rte_memcpy(rsa_result,
- cookie->output_array[0],
- alg_size_in_bytes);
- rx_op->status =
- RTE_CRYPTO_OP_STATUS_SUCCESS;
- break;
- default:
- QAT_LOG(ERR, "Padding not supported");
- rx_op->status =
- RTE_CRYPTO_OP_STATUS_ERROR;
- break;
- }
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Decrypted Message",
- rsa_result, alg_size_in_bytes);
-#endif
- } else if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
- uint8_t *rsa_result = asym_op->rsa.sign.data;
-
- rte_memcpy(rsa_result,
- cookie->output_array[0],
- alg_size_in_bytes);
- rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature",
- cookie->output_array[0],
- alg_size_in_bytes);
-#endif
- }
- }
+ switch (xform->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ return modexp_collect(asym_op, cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ return modinv_collect(asym_op, cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ return rsa_collect(asym_op, cookie);
+ default:
+ QAT_LOG(ERR, "Not supported xform type");
+ return RTE_CRYPTO_OP_STATUS_ERROR;
}
- qat_clear_arrays_by_alg(cookie, xform, alg_size_in_bytes);
}
void
qat_asym_process_response(void **op, uint8_t *resp,
void *op_cookie)
{
- struct qat_asym_session *ctx;
struct icp_qat_fw_pke_resp *resp_msg =
(struct icp_qat_fw_pke_resp *)resp;
struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t)
@@ -709,99 +634,37 @@ qat_asym_process_response(void **op, uint8_t *resp,
" returned error");
}
}
-
- if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
- ctx = (struct qat_asym_session *)get_asym_session_private_data(
- rx_op->asym->session, qat_asym_driver_id);
- qat_asym_collect_response(rx_op, cookie, ctx->xform);
- } else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
- qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform);
+ if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
+ rx_op->status = qat_asym_collect_response(rx_op,
+ cookie, rx_op->asym->xform);
+ cleanup(cookie, rx_op->asym->xform,
+ cookie->alg_bytesize);
}
- *op = rx_op;
-#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
- QAT_DP_HEXDUMP_LOG(DEBUG, "resp_msg:", resp_msg,
- sizeof(struct icp_qat_fw_pke_resp));
-#endif
+ *op = rx_op;
+ HEXDUMP("resp_msg:", resp_msg, sizeof(struct icp_qat_fw_pke_resp));
}
int
-qat_asym_session_configure(struct rte_cryptodev *dev,
- struct rte_crypto_asym_xform *xform,
- struct rte_cryptodev_asym_session *sess,
- struct rte_mempool *mempool)
+qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
+ struct rte_crypto_asym_xform *xform __rte_unused,
+ struct rte_cryptodev_asym_session *sess __rte_unused,
+ struct rte_mempool *mempool __rte_unused)
{
- int err = 0;
- void *sess_private_data;
- struct qat_asym_session *session;
-
- if (rte_mempool_get(mempool, &sess_private_data)) {
- QAT_LOG(ERR,
- "Couldn't get object from session mempool");
- return -ENOMEM;
- }
-
- session = sess_private_data;
- if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
- if (xform->modex.exponent.length == 0 ||
- xform->modex.modulus.length == 0) {
- QAT_LOG(ERR, "Invalid mod exp input parameter");
- err = -EINVAL;
- goto error;
- }
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
- if (xform->modinv.modulus.length == 0) {
- QAT_LOG(ERR, "Invalid mod inv input parameter");
- err = -EINVAL;
- goto error;
- }
- } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
- if (xform->rsa.n.length == 0) {
- QAT_LOG(ERR, "Invalid rsa input parameter");
- err = -EINVAL;
- goto error;
- }
- } else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
- || xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) {
- QAT_LOG(ERR, "Invalid asymmetric crypto xform");
- err = -EINVAL;
- goto error;
- } else {
- QAT_LOG(ERR, "Asymmetric crypto xform not implemented");
- err = -EINVAL;
- goto error;
- }
-
- session->xform = xform;
- qat_asym_build_req_tmpl(sess_private_data);
- set_asym_session_private_data(sess, dev->driver_id,
- sess_private_data);
-
- return 0;
-error:
- rte_mempool_put(mempool, sess_private_data);
- return err;
+ QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
+ return -ENOTSUP;
}
-unsigned int qat_asym_session_get_private_size(
- struct rte_cryptodev *dev __rte_unused)
+unsigned int
+qat_asym_session_get_private_size(struct rte_cryptodev *dev __rte_unused)
{
- return RTE_ALIGN_CEIL(sizeof(struct qat_asym_session), 8);
+ QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
+ return 0;
}
void
-qat_asym_session_clear(struct rte_cryptodev *dev,
- struct rte_cryptodev_asym_session *sess)
+qat_asym_session_clear(struct rte_cryptodev *dev __rte_unused,
+ struct rte_cryptodev_asym_session *sess __rte_unused)
{
- uint8_t index = dev->driver_id;
- void *sess_priv = get_asym_session_private_data(sess, index);
- struct qat_asym_session *s = (struct qat_asym_session *)sess_priv;
-
- if (sess_priv) {
- memset(s, 0, qat_asym_session_get_private_size(dev));
- struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-
- set_asym_session_private_data(sess, index, NULL);
- rte_mempool_put(sess_mp, sess_priv);
- }
+ QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
}
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index 308b6b2e0b..ed4367ac4d 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -27,7 +27,7 @@ typedef uint64_t large_int_ptr;
#define QAT_ASYM_RSA_QT_NUM_IN_PARAMS 6
struct qat_asym_op_cookie {
- size_t alg_size;
+ size_t alg_bytesize;
uint64_t error;
rte_iova_t input_addr;
rte_iova_t output_addr;
--
2.13.6
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 2/5] crypto/qat: add named elliptic curves
2022-02-09 14:00 [PATCH v2 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 1/5] crypto/qat: refactor asymmetric crypto functions Arek Kusztal
@ 2022-02-09 14:00 ` Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 3/5] crypto/qat: add ecdsa algorithm Arek Kusztal
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Arek Kusztal @ 2022-02-09 14:00 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patch adds secp256r1 and secp521r1 elliptic curves to Intel
QuickAssist Technology PMD.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/qat/qat_asym.c | 15 +++
drivers/crypto/qat/qat_ec.h | 206 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 221 insertions(+)
create mode 100644 drivers/crypto/qat/qat_ec.h
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 9b4c579a9d..fe93e263d0 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -8,6 +8,7 @@
#include "icp_qat_fw_pke.h"
#include "icp_qat_fw.h"
#include "qat_pke.h"
+#include "qat_ec.h"
#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
#define HEXDUMP(name, where, size) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
@@ -43,6 +44,20 @@
what.data, \
what.length)
+#define SET_PKE_LN_9A(where, what, how, idx) \
+ rte_memcpy(&where[idx * RTE_ALIGN_CEIL(how, 8)] + \
+ RTE_ALIGN_CEIL(how, 8) - \
+ what.length, \
+ what.data, \
+ what.length)
+
+#define SET_PKE_LN_EC(where, what, how, idx) \
+ rte_memcpy(&where[idx * RTE_ALIGN_CEIL(how, 8)] + \
+ RTE_ALIGN_CEIL(how, 8) - \
+ how, \
+ what.data, \
+ how)
+
static void
request_init(struct icp_qat_fw_pke_request *qat_req)
{
diff --git a/drivers/crypto/qat/qat_ec.h b/drivers/crypto/qat/qat_ec.h
new file mode 100644
index 0000000000..c2f3ce93d2
--- /dev/null
+++ b/drivers/crypto/qat/qat_ec.h
@@ -0,0 +1,206 @@
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2021-2022 Intel Corporation
+ */
+
+#ifndef _QAT_EC_H_
+#define _QAT_EC_H_
+
+#define EC_MAX_SIZE 571
+
+#include <rte_crypto_asym.h>
+
+typedef struct {
+ uint8_t data[(EC_MAX_SIZE >> 3) + 1];
+} buffer;
+
+enum EC_NAME {
+ SECP256R1 = 1,
+ SECP384R1,
+ SECP521R1,
+};
+
+struct elliptic_curve {
+ const char *name;
+ uint32_t bytesize;
+ buffer x;
+ buffer y;
+ buffer n;
+ buffer p;
+ buffer a;
+ buffer b;
+ buffer h;
+};
+
+static struct elliptic_curve __rte_unused curve[] = {
+ [SECP256R1] = {
+ .name = "secp256r1",
+ .bytesize = 32,
+ .x = {
+ .data = {
+ 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47,
+ 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2,
+ 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
+ 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
+ },
+ },
+ .y = {
+ .data = {
+ 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B,
+ 0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16,
+ 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE,
+ 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5,
+ },
+ },
+ .n = {
+ .data = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
+ 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51,
+ },
+ },
+ .p = {
+ .data = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ },
+ },
+ .a = {
+ .data = {
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+ },
+ },
+ .b = {
+ .data = {
+ 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7,
+ 0xB3, 0xEB, 0xBD, 0x55, 0x76, 0x98, 0x86, 0xBC,
+ 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
+ 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
+ },
+ },
+ .h = {
+ .data = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+ },
+ },
+ },
+
+ [SECP521R1] = {
+ .name = "secp521r1",
+ .bytesize = 66,
+ .x = {
+ .data = {
+ 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04,
+ 0xE9, 0xCD, 0x9E, 0x3E, 0xCB, 0x66, 0x23, 0x95,
+ 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
+ 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D,
+ 0x3D, 0xBA, 0xA1, 0x4B, 0x5E, 0x77, 0xEF, 0xE7,
+ 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
+ 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A,
+ 0x42, 0x9B, 0xF9, 0x7E, 0x7E, 0x31, 0xC2, 0xE5,
+ 0xBD, 0x66,
+ },
+ },
+ .y = {
+ .data = {
+ 0x01, 0x18, 0x39, 0x29, 0x6A, 0x78, 0x9A, 0x3B,
+ 0xC0, 0x04, 0x5C, 0x8A, 0x5F, 0xB4, 0x2C, 0x7D,
+ 0x1B, 0xD9, 0x98, 0xF5, 0x44, 0x49, 0x57, 0x9B,
+ 0x44, 0x68, 0x17, 0xAF, 0xBD, 0x17, 0x27, 0x3E,
+ 0x66, 0x2C, 0x97, 0xEE, 0x72, 0x99, 0x5E, 0xF4,
+ 0x26, 0x40, 0xC5, 0x50, 0xB9, 0x01, 0x3F, 0xAD,
+ 0x07, 0x61, 0x35, 0x3C, 0x70, 0x86, 0xA2, 0x72,
+ 0xC2, 0x40, 0x88, 0xBE, 0x94, 0x76, 0x9F, 0xD1,
+ 0x66, 0x50,
+ },
+ },
+ .n = {
+ .data = {
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFA, 0x51, 0x86, 0x87, 0x83, 0xBF, 0x2F,
+ 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
+ 0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C,
+ 0x47, 0xAE, 0xBB, 0x6F, 0xB7, 0x1E, 0x91, 0x38,
+ 0x64, 0x09,
+ },
+ },
+ .p = {
+ .data = {
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF,
+ },
+ },
+ .a = {
+ .data = {
+ 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFC,
+ },
+ },
+ .b = {
+ .data = {
+ 0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C,
+ 0x9A, 0x1F, 0x92, 0x9A, 0x21, 0xA0, 0xB6, 0x85,
+ 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
+ 0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1,
+ 0x09, 0xE1, 0x56, 0x19, 0x39, 0x51, 0xEC, 0x7E,
+ 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
+ 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C,
+ 0x34, 0xF1, 0xEF, 0x45, 0x1F, 0xD4, 0x6B, 0x50,
+ 0x3F, 0x00,
+ },
+ },
+ .h = {
+ .data = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x01,
+ },
+ },
+ }
+};
+
+static int __rte_unused
+pick_curve(struct rte_crypto_asym_xform *xform)
+{
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ return SECP256R1;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ return SECP521R1;
+ default:
+ return -1;
+ }
+}
+
+#endif
--
2.13.6
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 3/5] crypto/qat: add ecdsa algorithm
2022-02-09 14:00 [PATCH v2 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 1/5] crypto/qat: refactor asymmetric crypto functions Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 2/5] crypto/qat: add named elliptic curves Arek Kusztal
@ 2022-02-09 14:00 ` Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 4/5] crypto/qat: add ecpm algorithm Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 5/5] crypto/qat: refactor asymmetric session Arek Kusztal
4 siblings, 0 replies; 6+ messages in thread
From: Arek Kusztal @ 2022-02-09 14:00 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patch adds ECDSA algorithm to Intel
QuickAssist Technology PMD.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/qat.rst | 1 +
doc/guides/rel_notes/release_22_03.rst | 5 ++
drivers/common/qat/qat_adf/qat_pke.h | 40 +++++++++
drivers/crypto/qat/qat_asym.c | 148 +++++++++++++++++++++++++++++++++
drivers/crypto/qat/qat_asym.h | 4 +
5 files changed, 198 insertions(+)
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 4428b89195..0f8fecf4df 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -175,6 +175,7 @@ The QAT ASYM PMD has support for:
* ``RTE_CRYPTO_ASYM_XFORM_MODEX``
* ``RTE_CRYPTO_ASYM_XFORM_MODINV``
* ``RTE_CRYPTO_ASYM_XFORM_RSA``
+* ``RTE_CRYPTO_ASYM_XFORM_ECDSA``
Limitations
~~~~~~~~~~~
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 746f50e84f..1d7e0c1425 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -73,6 +73,11 @@ New Features
The new API ``rte_event_eth_rx_adapter_event_port_get()`` was added.
+* **Updated Intel QuickAssist Technology asymmetric crypto PMD.**
+
+ * ECDSA algorithm is now supported by Intel QuickAssist
+ Technology asymmetric crypto PMD.
+
Removed Items
-------------
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
index 82bb1ee55e..1fe5f6bd8e 100644
--- a/drivers/common/qat/qat_adf/qat_pke.h
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -212,4 +212,44 @@ get_rsa_crt_function(struct rte_crypto_asym_xform *xform)
return qat_function;
}
+static struct qat_asym_function
+get_ecdsa_verify_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ qat_function.func_id = PKE_ECDSA_VERIFY_GFP_L256;
+ qat_function.bytesize = 32;
+ break;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ qat_function.func_id = PKE_ECDSA_VERIFY_GFP_521;
+ qat_function.bytesize = 66;
+ break;
+ default:
+ qat_function.func_id = 0;
+ }
+ return qat_function;
+}
+
+static struct qat_asym_function
+get_ecdsa_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ qat_function.func_id = PKE_ECDSA_SIGN_RS_GFP_L256;
+ qat_function.bytesize = 32;
+ break;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ qat_function.func_id = PKE_ECDSA_SIGN_RS_GFP_521;
+ qat_function.bytesize = 66;
+ break;
+ default:
+ qat_function.func_id = 0;
+ }
+ return qat_function;
+}
+
#endif
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index fe93e263d0..59e7c5140c 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -10,14 +10,24 @@
#include "qat_pke.h"
#include "qat_ec.h"
+/*
+ * Macros with suffix _F are used with some of predefinded identifiers:
+ * - cookie->input_buffer
+ * - qat_alg_bytesize
+ */
#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
#define HEXDUMP(name, where, size) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
where, size)
#define HEXDUMP_OFF(name, where, size, idx) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
&where[idx * size], size)
+
+#define HEXDUMP_OFF_F(name, idx) QAT_DP_HEXDUMP_LOG(DEBUG, name, \
+ &cookie->input_buffer[idx * qat_alg_bytesize], \
+ qat_alg_bytesize)
#else
#define HEXDUMP(name, where, size)
#define HEXDUMP_OFF(name, where, size, idx)
+#define HEXDUMP_OFF_F(name, idx)
#endif
#define CHECK_IF_NOT_EMPTY(param, name, pname, status) \
@@ -58,6 +68,17 @@
what.data, \
how)
+#define SET_PKE_LN_9A_F(what, idx) \
+ rte_memcpy(&cookie->input_buffer[idx * qat_alg_bytesize] + \
+ qat_alg_bytesize - what.length, \
+ what.data, what.length)
+
+#define SET_PKE_LN_EC_F(what, how, idx) \
+ rte_memcpy(&cookie->input_buffer[idx * \
+ RTE_ALIGN_CEIL(how, 8)] + \
+ RTE_ALIGN_CEIL(how, 8) - how, \
+ what.data, how)
+
static void
request_init(struct icp_qat_fw_pke_request *qat_req)
{
@@ -523,6 +544,128 @@ rsa_collect(struct rte_crypto_asym_op *asym_op,
return RTE_CRYPTO_OP_STATUS_SUCCESS;
}
+static int
+ecdsa_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, qat_alg_bytesize, func_id;
+ int curve_id;
+
+ curve_id = pick_curve(xform);
+ if (curve_id < 0) {
+ QAT_LOG(ERR, "Incorrect elliptic curve");
+ return -EINVAL;
+ }
+
+ switch (asym_op->ecdsa.op_type) {
+ case RTE_CRYPTO_ASYM_OP_SIGN:
+ qat_function = get_ecdsa_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+ qat_alg_bytesize = RTE_ALIGN_CEIL(alg_bytesize, 8);
+
+ SET_PKE_LN_9A_F(asym_op->ecdsa.pkey, 0);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.message, 1);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.k, 2);
+ SET_PKE_LN_EC_F(curve[curve_id].b, alg_bytesize, 3);
+ SET_PKE_LN_EC_F(curve[curve_id].a, alg_bytesize, 4);
+ SET_PKE_LN_EC_F(curve[curve_id].p, alg_bytesize, 5);
+ SET_PKE_LN_EC_F(curve[curve_id].n, alg_bytesize, 6);
+ SET_PKE_LN_EC_F(curve[curve_id].y, alg_bytesize, 7);
+ SET_PKE_LN_EC_F(curve[curve_id].x, alg_bytesize, 8);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_ECDSA_RS_SIGN_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_ECDSA_RS_SIGN_OUT_PARAMS;
+
+ HEXDUMP_OFF_F("ECDSA d", 0);
+ HEXDUMP_OFF_F("ECDSA e", 1);
+ HEXDUMP_OFF_F("ECDSA k", 2);
+ HEXDUMP_OFF_F("ECDSA b", 3);
+ HEXDUMP_OFF_F("ECDSA a", 4);
+ HEXDUMP_OFF_F("ECDSA n", 5);
+ HEXDUMP_OFF_F("ECDSA y", 6);
+ HEXDUMP_OFF_F("ECDSA x", 7);
+ break;
+ case RTE_CRYPTO_ASYM_OP_VERIFY:
+ qat_function = get_ecdsa_verify_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+ qat_alg_bytesize = RTE_ALIGN_CEIL(alg_bytesize, 8);
+
+ SET_PKE_LN_9A_F(asym_op->ecdsa.message, 10);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.s, 9);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.r, 8);
+ SET_PKE_LN_EC_F(curve[curve_id].n, alg_bytesize, 7);
+ SET_PKE_LN_EC_F(curve[curve_id].x, alg_bytesize, 6);
+ SET_PKE_LN_EC_F(curve[curve_id].y, alg_bytesize, 5);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.q.x, 4);
+ SET_PKE_LN_9A_F(asym_op->ecdsa.q.y, 3);
+ SET_PKE_LN_EC_F(curve[curve_id].a, alg_bytesize, 2);
+ SET_PKE_LN_EC_F(curve[curve_id].b, alg_bytesize, 1);
+ SET_PKE_LN_EC_F(curve[curve_id].p, alg_bytesize, 0);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_ECDSA_RS_VERIFY_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_ECDSA_RS_VERIFY_OUT_PARAMS;
+
+ HEXDUMP_OFF_F("e", 0);
+ HEXDUMP_OFF_F("s", 1);
+ HEXDUMP_OFF_F("r", 2);
+ HEXDUMP_OFF_F("n", 3);
+ HEXDUMP_OFF_F("xG", 4);
+ HEXDUMP_OFF_F("yG", 5);
+ HEXDUMP_OFF_F("xQ", 6);
+ HEXDUMP_OFF_F("yQ", 7);
+ HEXDUMP_OFF_F("a", 8);
+ HEXDUMP_OFF_F("b", 9);
+ HEXDUMP_OFF_F("q", 10);
+ break;
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+
+static uint8_t
+ecdsa_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie)
+{
+ uint32_t alg_bytesize = RTE_ALIGN_CEIL(cookie->alg_bytesize, 8);
+
+ if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
+ uint8_t *r = asym_op->ecdsa.r.data;
+ uint8_t *s = asym_op->ecdsa.s.data;
+
+ asym_op->ecdsa.r.length = alg_bytesize;
+ asym_op->ecdsa.s.length = alg_bytesize;
+ rte_memcpy(r, cookie->output_array[0], alg_bytesize);
+ rte_memcpy(s, cookie->output_array[1], alg_bytesize);
+ HEXDUMP("R", cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("S", cookie->output_array[1],
+ alg_bytesize);
+ }
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
static int
asym_set_input(struct rte_crypto_asym_op *asym_op,
@@ -540,6 +683,9 @@ asym_set_input(struct rte_crypto_asym_op *asym_op,
case RTE_CRYPTO_ASYM_XFORM_RSA:
return rsa_set_input(asym_op, qat_req,
cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_ECDSA:
+ return ecdsa_set_input(asym_op, qat_req,
+ cookie, xform);
default:
QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
return -EINVAL;
@@ -613,6 +759,8 @@ qat_asym_collect_response(struct rte_crypto_op *rx_op,
return modinv_collect(asym_op, cookie, xform);
case RTE_CRYPTO_ASYM_XFORM_RSA:
return rsa_collect(asym_op, cookie);
+ case RTE_CRYPTO_ASYM_XFORM_ECDSA:
+ return ecdsa_collect(asym_op, cookie);
default:
QAT_LOG(ERR, "Not supported xform type");
return RTE_CRYPTO_OP_STATUS_ERROR;
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index ed4367ac4d..9344e48eb4 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -25,6 +25,10 @@ typedef uint64_t large_int_ptr;
#define QAT_ASYM_RSA_NUM_IN_PARAMS 3
#define QAT_ASYM_RSA_NUM_OUT_PARAMS 1
#define QAT_ASYM_RSA_QT_NUM_IN_PARAMS 6
+#define QAT_ASYM_ECDSA_RS_SIGN_IN_PARAMS 1
+#define QAT_ASYM_ECDSA_RS_SIGN_OUT_PARAMS 2
+#define QAT_ASYM_ECDSA_RS_VERIFY_IN_PARAMS 1
+#define QAT_ASYM_ECDSA_RS_VERIFY_OUT_PARAMS 0
struct qat_asym_op_cookie {
size_t alg_bytesize;
--
2.13.6
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 4/5] crypto/qat: add ecpm algorithm
2022-02-09 14:00 [PATCH v2 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
` (2 preceding siblings ...)
2022-02-09 14:00 ` [PATCH v2 3/5] crypto/qat: add ecdsa algorithm Arek Kusztal
@ 2022-02-09 14:00 ` Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 5/5] crypto/qat: refactor asymmetric session Arek Kusztal
4 siblings, 0 replies; 6+ messages in thread
From: Arek Kusztal @ 2022-02-09 14:00 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patch adds Elliptic Curve Multiplication
algorithm to Intel QuickAssist Technology PMD.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/qat.rst | 1 +
doc/guides/rel_notes/release_22_03.rst | 5 ++
drivers/common/qat/qat_adf/qat_pke.h | 20 ++++++++
drivers/crypto/qat/qat_asym.c | 85 +++++++++++++++++++++++++++++++++-
drivers/crypto/qat/qat_asym.h | 2 +
5 files changed, 112 insertions(+), 1 deletion(-)
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 0f8fecf4df..c93606afea 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -176,6 +176,7 @@ The QAT ASYM PMD has support for:
* ``RTE_CRYPTO_ASYM_XFORM_MODINV``
* ``RTE_CRYPTO_ASYM_XFORM_RSA``
* ``RTE_CRYPTO_ASYM_XFORM_ECDSA``
+* ``RTE_CRYPTO_ASYM_XFORM_ECPM``
Limitations
~~~~~~~~~~~
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 1d7e0c1425..a1d0769320 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -78,6 +78,11 @@ New Features
* ECDSA algorithm is now supported by Intel QuickAssist
Technology asymmetric crypto PMD.
+* **Updated Intel QuickAssist Technology asymmetric crypto PMD.**
+
+ * ECPM algorithm is now supported by Intel QuickAssist
+ Technology asymmetric crypto PMD.
+
Removed Items
-------------
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
index 1fe5f6bd8e..092fc373de 100644
--- a/drivers/common/qat/qat_adf/qat_pke.h
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -252,4 +252,24 @@ get_ecdsa_function(struct rte_crypto_asym_xform *xform)
return qat_function;
}
+static struct qat_asym_function
+get_ecpm_function(struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+
+ switch (xform->ec.curve_id) {
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:
+ qat_function.func_id = MATHS_POINT_MULTIPLICATION_GFP_L256;
+ qat_function.bytesize = 32;
+ break;
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:
+ qat_function.func_id = MATHS_POINT_MULTIPLICATION_GFP_521;
+ qat_function.bytesize = 66;
+ break;
+ default:
+ qat_function.func_id = 0;
+ }
+ return qat_function;
+}
+
#endif
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 59e7c5140c..444c702572 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -62,7 +62,7 @@
what.length)
#define SET_PKE_LN_EC(where, what, how, idx) \
- rte_memcpy(&where[idx * RTE_ALIGN_CEIL(how, 8)] + \
+ rte_memcpy(where[idx] + \
RTE_ALIGN_CEIL(how, 8) - \
how, \
what.data, \
@@ -668,6 +668,84 @@ ecdsa_collect(struct rte_crypto_asym_op *asym_op,
}
static int
+ecpm_set_input(struct rte_crypto_asym_op *asym_op,
+ struct icp_qat_fw_pke_request *qat_req,
+ struct qat_asym_op_cookie *cookie,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct qat_asym_function qat_function;
+ uint32_t alg_bytesize, __rte_unused qat_alg_bytesize, func_id;
+ int curve_id;
+
+ curve_id = pick_curve(xform);
+ if (curve_id < 0) {
+ QAT_LOG(ERR, "Incorrect elliptic curve");
+ return -EINVAL;
+ }
+
+ qat_function = get_ecpm_function(xform);
+ func_id = qat_function.func_id;
+ if (func_id == 0) {
+ QAT_LOG(ERR, "Cannot obtain functionality id");
+ return -EINVAL;
+ }
+ alg_bytesize = qat_function.bytesize;
+ qat_alg_bytesize = RTE_ALIGN_CEIL(alg_bytesize, 8);
+
+ SET_PKE_LN(cookie->input_array, asym_op->ecpm.scalar,
+ alg_bytesize, 0);
+ SET_PKE_LN(cookie->input_array, asym_op->ecpm.p.x,
+ alg_bytesize, 1);
+ SET_PKE_LN(cookie->input_array, asym_op->ecpm.p.y,
+ alg_bytesize, 2);
+ SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].a,
+ alg_bytesize, 3);
+ SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].b,
+ alg_bytesize, 4);
+ SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].p,
+ alg_bytesize, 5);
+ SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].h,
+ alg_bytesize, 6);
+
+ cookie->alg_bytesize = alg_bytesize;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+ qat_req->input_param_count =
+ QAT_ASYM_ECPM_IN_PARAMS;
+ qat_req->output_param_count =
+ QAT_ASYM_ECPM_OUT_PARAMS;
+
+ HEXDUMP("k", cookie->input_array[0], qat_alg_bytesize);
+ HEXDUMP("xG", cookie->input_array[1], qat_alg_bytesize);
+ HEXDUMP("yG", cookie->input_array[2], qat_alg_bytesize);
+ HEXDUMP("a", cookie->input_array[3], qat_alg_bytesize);
+ HEXDUMP("b", cookie->input_array[4], qat_alg_bytesize);
+ HEXDUMP("q", cookie->input_array[5], qat_alg_bytesize);
+ HEXDUMP("h", cookie->input_array[6], qat_alg_bytesize);
+
+ return 0;
+}
+
+static uint8_t
+ecpm_collect(struct rte_crypto_asym_op *asym_op,
+ struct qat_asym_op_cookie *cookie)
+{
+ uint8_t *r = asym_op->ecpm.r.x.data;
+ uint8_t *s = asym_op->ecpm.r.y.data;
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+
+ asym_op->ecpm.r.x.length = alg_bytesize;
+ asym_op->ecpm.r.y.length = alg_bytesize;
+ rte_memcpy(r, cookie->output_array[0], alg_bytesize);
+ rte_memcpy(s, cookie->output_array[1], alg_bytesize);
+
+ HEXDUMP("rX", cookie->output_array[0],
+ alg_bytesize);
+ HEXDUMP("rY", cookie->output_array[1],
+ alg_bytesize);
+ return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+static int
asym_set_input(struct rte_crypto_asym_op *asym_op,
struct icp_qat_fw_pke_request *qat_req,
struct qat_asym_op_cookie *cookie,
@@ -686,6 +764,9 @@ asym_set_input(struct rte_crypto_asym_op *asym_op,
case RTE_CRYPTO_ASYM_XFORM_ECDSA:
return ecdsa_set_input(asym_op, qat_req,
cookie, xform);
+ case RTE_CRYPTO_ASYM_XFORM_ECPM:
+ return ecpm_set_input(asym_op, qat_req,
+ cookie, xform);
default:
QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
return -EINVAL;
@@ -761,6 +842,8 @@ qat_asym_collect_response(struct rte_crypto_op *rx_op,
return rsa_collect(asym_op, cookie);
case RTE_CRYPTO_ASYM_XFORM_ECDSA:
return ecdsa_collect(asym_op, cookie);
+ case RTE_CRYPTO_ASYM_XFORM_ECPM:
+ return ecpm_collect(asym_op, cookie);
default:
QAT_LOG(ERR, "Not supported xform type");
return RTE_CRYPTO_OP_STATUS_ERROR;
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index 9344e48eb4..e05ed7fc86 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -29,6 +29,8 @@ typedef uint64_t large_int_ptr;
#define QAT_ASYM_ECDSA_RS_SIGN_OUT_PARAMS 2
#define QAT_ASYM_ECDSA_RS_VERIFY_IN_PARAMS 1
#define QAT_ASYM_ECDSA_RS_VERIFY_OUT_PARAMS 0
+#define QAT_ASYM_ECPM_IN_PARAMS 7
+#define QAT_ASYM_ECPM_OUT_PARAMS 2
struct qat_asym_op_cookie {
size_t alg_bytesize;
--
2.13.6
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 5/5] crypto/qat: refactor asymmetric session
2022-02-09 14:00 [PATCH v2 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
` (3 preceding siblings ...)
2022-02-09 14:00 ` [PATCH v2 4/5] crypto/qat: add ecpm algorithm Arek Kusztal
@ 2022-02-09 14:00 ` Arek Kusztal
4 siblings, 0 replies; 6+ messages in thread
From: Arek Kusztal @ 2022-02-09 14:00 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This patch refactors asymmetric session in Intel
QuickAssist Technology PMD and fixes some issues
with xform. Code will be now bit more scalable,
and easier readable.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/qat/qat_asym.c | 441 ++++++++++++++++++++++++++++++++++++------
drivers/crypto/qat/qat_asym.h | 2 +-
drivers/crypto/qat/qat_ec.h | 4 +-
3 files changed, 380 insertions(+), 67 deletions(-)
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 444c702572..8991b7c943 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -626,17 +626,17 @@ ecdsa_set_input(struct rte_crypto_asym_op *asym_op,
qat_req->output_param_count =
QAT_ASYM_ECDSA_RS_VERIFY_OUT_PARAMS;
- HEXDUMP_OFF_F("e", 0);
- HEXDUMP_OFF_F("s", 1);
- HEXDUMP_OFF_F("r", 2);
- HEXDUMP_OFF_F("n", 3);
- HEXDUMP_OFF_F("xG", 4);
+ HEXDUMP_OFF_F("p", 0);
+ HEXDUMP_OFF_F("b", 1);
+ HEXDUMP_OFF_F("a", 2);
+ HEXDUMP_OFF_F("y", 3);
+ HEXDUMP_OFF_F("x", 4);
HEXDUMP_OFF_F("yG", 5);
- HEXDUMP_OFF_F("xQ", 6);
- HEXDUMP_OFF_F("yQ", 7);
- HEXDUMP_OFF_F("a", 8);
- HEXDUMP_OFF_F("b", 9);
- HEXDUMP_OFF_F("q", 10);
+ HEXDUMP_OFF_F("xG", 6);
+ HEXDUMP_OFF_F("n", 7);
+ HEXDUMP_OFF_F("r", 8);
+ HEXDUMP_OFF_F("s", 9);
+ HEXDUMP_OFF_F("e", 10);
break;
default:
return -1;
@@ -649,7 +649,9 @@ static uint8_t
ecdsa_collect(struct rte_crypto_asym_op *asym_op,
struct qat_asym_op_cookie *cookie)
{
- uint32_t alg_bytesize = RTE_ALIGN_CEIL(cookie->alg_bytesize, 8);
+ uint32_t alg_bytesize = cookie->alg_bytesize;
+ uint32_t qat_alg_bytesize = RTE_ALIGN_CEIL(cookie->alg_bytesize, 8);
+ uint32_t ltrim = qat_alg_bytesize - alg_bytesize;
if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
uint8_t *r = asym_op->ecdsa.r.data;
@@ -657,8 +659,9 @@ ecdsa_collect(struct rte_crypto_asym_op *asym_op,
asym_op->ecdsa.r.length = alg_bytesize;
asym_op->ecdsa.s.length = alg_bytesize;
- rte_memcpy(r, cookie->output_array[0], alg_bytesize);
- rte_memcpy(s, cookie->output_array[1], alg_bytesize);
+ rte_memcpy(r, &cookie->output_array[0][ltrim], alg_bytesize);
+ rte_memcpy(s, &cookie->output_array[1][ltrim], alg_bytesize);
+
HEXDUMP("R", cookie->output_array[0],
alg_bytesize);
HEXDUMP("S", cookie->output_array[1],
@@ -692,19 +695,19 @@ ecpm_set_input(struct rte_crypto_asym_op *asym_op,
alg_bytesize = qat_function.bytesize;
qat_alg_bytesize = RTE_ALIGN_CEIL(alg_bytesize, 8);
- SET_PKE_LN(cookie->input_array, asym_op->ecpm.scalar,
- alg_bytesize, 0);
- SET_PKE_LN(cookie->input_array, asym_op->ecpm.p.x,
- alg_bytesize, 1);
- SET_PKE_LN(cookie->input_array, asym_op->ecpm.p.y,
- alg_bytesize, 2);
- SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].a,
+ SET_PKE_LN_EC(cookie->input_array, asym_op->ecpm.scalar,
+ asym_op->ecpm.scalar.length, 0);
+ SET_PKE_LN_EC(cookie->input_array, asym_op->ecpm.p.x,
+ asym_op->ecpm.p.x.length, 1);
+ SET_PKE_LN_EC(cookie->input_array, asym_op->ecpm.p.y,
+ asym_op->ecpm.p.y.length, 2);
+ SET_PKE_LN_EC(cookie->input_array, curve[curve_id].a,
alg_bytesize, 3);
- SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].b,
+ SET_PKE_LN_EC(cookie->input_array, curve[curve_id].b,
alg_bytesize, 4);
- SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].p,
+ SET_PKE_LN_EC(cookie->input_array, curve[curve_id].p,
alg_bytesize, 5);
- SET_PKE_LN_EC(cookie->input_array, curve[SECP256R1].h,
+ SET_PKE_LN_EC(cookie->input_array, curve[curve_id].h,
alg_bytesize, 6);
cookie->alg_bytesize = alg_bytesize;
@@ -729,14 +732,16 @@ static uint8_t
ecpm_collect(struct rte_crypto_asym_op *asym_op,
struct qat_asym_op_cookie *cookie)
{
- uint8_t *r = asym_op->ecpm.r.x.data;
- uint8_t *s = asym_op->ecpm.r.y.data;
+ uint8_t *x = asym_op->ecpm.r.x.data;
+ uint8_t *y = asym_op->ecpm.r.y.data;
uint32_t alg_bytesize = cookie->alg_bytesize;
+ uint32_t qat_alg_bytesize = RTE_ALIGN_CEIL(cookie->alg_bytesize, 8);
+ uint32_t ltrim = qat_alg_bytesize - alg_bytesize;
asym_op->ecpm.r.x.length = alg_bytesize;
asym_op->ecpm.r.y.length = alg_bytesize;
- rte_memcpy(r, cookie->output_array[0], alg_bytesize);
- rte_memcpy(s, cookie->output_array[1], alg_bytesize);
+ rte_memcpy(x, &cookie->output_array[0][ltrim], alg_bytesize);
+ rte_memcpy(y, &cookie->output_array[1][ltrim], alg_bytesize);
HEXDUMP("rX", cookie->output_array[0],
alg_bytesize);
@@ -784,29 +789,38 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
(struct icp_qat_fw_pke_request *)out_msg;
struct qat_asym_op_cookie *cookie =
(struct qat_asym_op_cookie *)op_cookie;
+ struct rte_crypto_asym_xform *xform;
+ struct qat_asym_session *qat_session = (struct qat_asym_session *)
+ get_asym_session_private_data(
+ op->asym->session, qat_asym_driver_id);
int err = 0;
+ if (unlikely(qat_session == NULL)) {
+ QAT_DP_LOG(ERR, "Session was not created for this device");
+ goto error;
+ }
+
op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
switch (op->sess_type) {
case RTE_CRYPTO_OP_WITH_SESSION:
- QAT_LOG(ERR,
- "QAT asymmetric crypto PMD does not support session"
- );
- goto error;
+ request_init(qat_req);
+ xform = &qat_session->xform;
+ break;
case RTE_CRYPTO_OP_SESSIONLESS:
request_init(qat_req);
- err = asym_set_input(asym_op, qat_req, cookie,
- op->asym->xform);
- if (err) {
- op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
- goto error;
- }
+ xform = op->asym->xform;
break;
default:
QAT_DP_LOG(ERR, "Invalid session/xform settings");
op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
goto error;
}
+ err = asym_set_input(asym_op, qat_req, cookie,
+ xform);
+ if (err) {
+ op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
+ goto error;
+ }
qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op;
qat_req->pke_mid.src_data_addr = cookie->input_addr;
@@ -827,11 +841,11 @@ qat_asym_build_request(void *in_op, uint8_t *out_msg, void *op_cookie,
}
static uint8_t
-qat_asym_collect_response(struct rte_crypto_op *rx_op,
+qat_asym_collect_response(struct rte_crypto_op *op,
struct qat_asym_op_cookie *cookie,
struct rte_crypto_asym_xform *xform)
{
- struct rte_crypto_asym_op *asym_op = rx_op->asym;
+ struct rte_crypto_asym_op *asym_op = op->asym;
switch (xform->xform_type) {
case RTE_CRYPTO_ASYM_XFORM_MODEX:
@@ -851,66 +865,365 @@ qat_asym_collect_response(struct rte_crypto_op *rx_op,
}
void
-qat_asym_process_response(void **op, uint8_t *resp,
+qat_asym_process_response(void **out_op, uint8_t *resp,
void *op_cookie)
{
struct icp_qat_fw_pke_resp *resp_msg =
(struct icp_qat_fw_pke_resp *)resp;
- struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t)
+ struct rte_crypto_op *op = (struct rte_crypto_op *)(uintptr_t)
(resp_msg->opaque);
struct qat_asym_op_cookie *cookie = op_cookie;
+ struct rte_crypto_asym_xform *xform;
+ struct qat_asym_session *qat_session = (struct qat_asym_session *)
+ get_asym_session_private_data(
+ op->asym->session, qat_asym_driver_id);
if (cookie->error) {
cookie->error = 0;
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
- rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+ if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+ op->status = RTE_CRYPTO_OP_STATUS_ERROR;
QAT_DP_LOG(ERR, "Cookie status returned error");
} else {
if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET(
resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) {
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
- rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+ if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+ op->status = RTE_CRYPTO_OP_STATUS_ERROR;
QAT_DP_LOG(ERR, "Asymmetric response status"
" returned error");
}
if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) {
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
- rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+ if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+ op->status = RTE_CRYPTO_OP_STATUS_ERROR;
QAT_DP_LOG(ERR, "Asymmetric common status"
" returned error");
}
}
- if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
- rx_op->status = qat_asym_collect_response(rx_op,
- cookie, rx_op->asym->xform);
- cleanup(cookie, rx_op->asym->xform,
- cookie->alg_bytesize);
+
+ switch (op->sess_type) {
+ case RTE_CRYPTO_OP_WITH_SESSION:
+ xform = &qat_session->xform;
+ break;
+ case RTE_CRYPTO_OP_SESSIONLESS:
+ xform = op->asym->xform;
+ break;
+ default:
+ QAT_DP_LOG(ERR,
+ "Invalid session/xform settings in response ring!");
+ op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
+ }
+
+ if (op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
+ op->status = qat_asym_collect_response(op,
+ cookie, xform);
+ cleanup(cookie, xform, cookie->alg_bytesize);
}
- *op = rx_op;
+ *out_op = op;
HEXDUMP("resp_msg:", resp_msg, sizeof(struct icp_qat_fw_pke_resp));
}
+static int
+session_set_modexp(struct qat_asym_session *qat_session,
+ struct rte_crypto_asym_xform *xform)
+{
+ uint8_t *modulus = xform->modex.modulus.data;
+ uint8_t *exponent = xform->modex.exponent.data;
+
+ qat_session->xform.modex.modulus.data =
+ rte_malloc(NULL, xform->modex.modulus.length, 0);
+ if (qat_session->xform.modex.modulus.data == NULL)
+ return -ENOMEM;
+ qat_session->xform.modex.modulus.length = xform->modex.modulus.length;
+ qat_session->xform.modex.exponent.data = rte_malloc(NULL,
+ xform->modex.exponent.length, 0);
+ if (qat_session->xform.modex.exponent.data == NULL) {
+ rte_free(qat_session->xform.modex.exponent.data);
+ return -ENOMEM;
+ }
+ qat_session->xform.modex.exponent.length = xform->modex.exponent.length;
+
+ rte_memcpy(qat_session->xform.modex.modulus.data, modulus,
+ xform->modex.modulus.length);
+ rte_memcpy(qat_session->xform.modex.exponent.data, exponent,
+ xform->modex.exponent.length);
+
+ return 0;
+}
+
+static int
+session_set_modinv(struct qat_asym_session *qat_session,
+ struct rte_crypto_asym_xform *xform)
+{
+ uint8_t *modulus = xform->modinv.modulus.data;
+
+ qat_session->xform.modinv.modulus.data =
+ rte_malloc(NULL, xform->modinv.modulus.length, 0);
+ if (qat_session->xform.modinv.modulus.data == NULL)
+ return -ENOMEM;
+ qat_session->xform.modinv.modulus.length = xform->modinv.modulus.length;
+
+ rte_memcpy(qat_session->xform.modinv.modulus.data, modulus,
+ xform->modinv.modulus.length);
+
+ return 0;
+}
+
+static int
+session_set_rsa(struct qat_asym_session *qat_session,
+ struct rte_crypto_asym_xform *xform)
+{
+ uint8_t *n = xform->rsa.n.data;
+ uint8_t *e = xform->rsa.e.data;
+ int ret = 0;
+
+ qat_session->xform.rsa.key_type = xform->rsa.key_type;
+
+ qat_session->xform.rsa.n.data =
+ rte_malloc(NULL, xform->rsa.n.length, 0);
+ if (qat_session->xform.rsa.n.data == NULL)
+ return -ENOMEM;
+ qat_session->xform.rsa.n.length =
+ xform->rsa.n.length;
+
+ qat_session->xform.rsa.e.data =
+ rte_malloc(NULL, xform->rsa.e.length, 0);
+ if (qat_session->xform.rsa.e.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.e.length =
+ xform->rsa.e.length;
+
+ if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) {
+ uint8_t *p = xform->rsa.qt.p.data;
+ uint8_t *q = xform->rsa.qt.q.data;
+ uint8_t *dP = xform->rsa.qt.dP.data;
+ uint8_t *dQ = xform->rsa.qt.dQ.data;
+ uint8_t *qInv = xform->rsa.qt.qInv.data;
+
+ qat_session->xform.rsa.qt.p.data =
+ rte_malloc(NULL, xform->rsa.qt.p.length, 0);
+ if (qat_session->xform.rsa.qt.p.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.p.length =
+ xform->rsa.qt.p.length;
+
+ qat_session->xform.rsa.qt.q.data =
+ rte_malloc(NULL, xform->rsa.qt.q.length, 0);
+ if (qat_session->xform.rsa.qt.q.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.q.length =
+ xform->rsa.qt.q.length;
+
+ qat_session->xform.rsa.qt.dP.data =
+ rte_malloc(NULL, xform->rsa.qt.dP.length, 0);
+ if (qat_session->xform.rsa.qt.dP.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.dP.length =
+ xform->rsa.qt.dP.length;
+
+ qat_session->xform.rsa.qt.dQ.data =
+ rte_malloc(NULL, xform->rsa.qt.dQ.length, 0);
+ if (qat_session->xform.rsa.qt.dQ.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.dQ.length =
+ xform->rsa.qt.dQ.length;
+
+ qat_session->xform.rsa.qt.qInv.data =
+ rte_malloc(NULL, xform->rsa.qt.qInv.length, 0);
+ if (qat_session->xform.rsa.qt.qInv.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.qt.qInv.length =
+ xform->rsa.qt.qInv.length;
+
+ rte_memcpy(qat_session->xform.rsa.qt.p.data, p,
+ xform->rsa.qt.p.length);
+ rte_memcpy(qat_session->xform.rsa.qt.q.data, q,
+ xform->rsa.qt.q.length);
+ rte_memcpy(qat_session->xform.rsa.qt.dP.data, dP,
+ xform->rsa.qt.dP.length);
+ rte_memcpy(qat_session->xform.rsa.qt.dQ.data, dQ,
+ xform->rsa.qt.dQ.length);
+ rte_memcpy(qat_session->xform.rsa.qt.qInv.data, qInv,
+ xform->rsa.qt.qInv.length);
+
+ } else {
+ uint8_t *d = xform->rsa.d.data;
+
+ qat_session->xform.rsa.d.data =
+ rte_malloc(NULL, xform->rsa.d.length, 0);
+ if (qat_session->xform.rsa.d.data == NULL) {
+ ret = -ENOMEM;
+ goto err;
+ }
+ qat_session->xform.rsa.d.length =
+ xform->rsa.d.length;
+ rte_memcpy(qat_session->xform.rsa.d.data, d,
+ xform->rsa.d.length);
+ }
+
+ rte_memcpy(qat_session->xform.rsa.n.data, n,
+ xform->rsa.n.length);
+ rte_memcpy(qat_session->xform.rsa.e.data, e,
+ xform->rsa.e.length);
+
+ return 0;
+
+err:
+ rte_free(qat_session->xform.rsa.n.data);
+ rte_free(qat_session->xform.rsa.e.data);
+ rte_free(qat_session->xform.rsa.d.data);
+ rte_free(qat_session->xform.rsa.qt.p.data);
+ rte_free(qat_session->xform.rsa.qt.q.data);
+ rte_free(qat_session->xform.rsa.qt.dP.data);
+ rte_free(qat_session->xform.rsa.qt.dQ.data);
+ rte_free(qat_session->xform.rsa.qt.qInv.data);
+ return ret;
+}
+
+static void
+session_set_ecdsa(struct qat_asym_session *qat_session,
+ struct rte_crypto_asym_xform *xform)
+{
+ qat_session->xform.ec.curve_id = xform->ec.curve_id;
+}
+
int
-qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
- struct rte_crypto_asym_xform *xform __rte_unused,
- struct rte_cryptodev_asym_session *sess __rte_unused,
- struct rte_mempool *mempool __rte_unused)
+qat_asym_session_configure(struct rte_cryptodev *dev,
+ struct rte_crypto_asym_xform *xform,
+ struct rte_cryptodev_asym_session *session,
+ struct rte_mempool *mempool)
{
- QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
- return -ENOTSUP;
+ struct qat_asym_session *qat_session;
+ int ret = 0;
+
+ if (rte_mempool_get(mempool, (void *)&qat_session)) {
+ QAT_LOG(ERR, "Cannot allocate asymmetric crypto session");
+ return -ENOMEM;
+ }
+
+ memset(qat_session, 0, sizeof(*qat_session));
+
+ qat_session->xform.xform_type = xform->xform_type;
+ switch (xform->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ ret = session_set_modexp(qat_session, xform);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ ret = session_set_modinv(qat_session, xform);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ ret = session_set_rsa(qat_session, xform);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_ECDSA:
+ case RTE_CRYPTO_ASYM_XFORM_ECPM:
+ session_set_ecdsa(qat_session, xform);
+ break;
+ default:
+ ret = -ENOTSUP;
+ }
+
+ if (ret) {
+ QAT_LOG(ERR, "Unsupported xform type");
+ rte_mempool_put(mempool, (void *)&qat_session);
+ return ret;
+ }
+
+ set_asym_session_private_data(session, dev->driver_id,
+ (void *)qat_session);
+ return 0;
}
unsigned int
qat_asym_session_get_private_size(struct rte_cryptodev *dev __rte_unused)
{
- QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
- return 0;
+ return RTE_ALIGN_CEIL(sizeof(struct qat_asym_session), 8);
+}
+
+static void
+session_clear_modexp(struct rte_crypto_modex_xform *modex)
+{
+ memset(modex->modulus.data, 0, modex->modulus.length);
+ rte_free(modex->modulus.data);
+ memset(modex->exponent.data, 0, modex->exponent.length);
+ rte_free(modex->exponent.data);
+}
+
+static void
+session_clear_modinv(struct rte_crypto_modinv_xform *modinv)
+{
+ memset(modinv->modulus.data, 0, modinv->modulus.length);
+ rte_free(modinv->modulus.data);
+}
+
+static void
+session_clear_rsa(struct rte_crypto_rsa_xform *rsa)
+{
+ return;
+ memset(rsa->n.data, 0, rsa->n.length);
+ rte_free(rsa->n.data);
+ memset(rsa->e.data, 0, rsa->e.length);
+ rte_free(rsa->e.data);
+ if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) {
+ memset(rsa->d.data, 0, rsa->d.length);
+ rte_free(rsa->d.data);
+ } else {
+ memset(rsa->qt.p.data, 0, rsa->qt.p.length);
+ rte_free(rsa->qt.p.data);
+ memset(rsa->qt.q.data, 0, rsa->qt.q.length);
+ rte_free(rsa->qt.q.data);
+ memset(rsa->qt.dP.data, 0, rsa->qt.dP.length);
+ rte_free(rsa->qt.dP.data);
+ memset(rsa->qt.dQ.data, 0, rsa->qt.dQ.length);
+ rte_free(rsa->qt.dQ.data);
+ memset(rsa->qt.qInv.data, 0, rsa->qt.qInv.length);
+ rte_free(rsa->qt.qInv.data);
+ }
+}
+
+static void
+session_clear_xform(struct qat_asym_session *qat_session)
+{
+ switch (qat_session->xform.xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ session_clear_modexp(&qat_session->xform.modex);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ session_clear_modinv(&qat_session->xform.modinv);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ session_clear_rsa(&qat_session->xform.rsa);
+ break;
+ default:
+ break;
+ }
}
void
-qat_asym_session_clear(struct rte_cryptodev *dev __rte_unused,
- struct rte_cryptodev_asym_session *sess __rte_unused)
+qat_asym_session_clear(struct rte_cryptodev *dev,
+ struct rte_cryptodev_asym_session *session)
{
- QAT_LOG(ERR, "QAT asymmetric PMD currently does not support session");
+ uint8_t index = dev->driver_id;
+ void *sess_priv = get_asym_session_private_data(session, index);
+ struct qat_asym_session *qat_session =
+ (struct qat_asym_session *)sess_priv;
+
+ if (sess_priv) {
+ session_clear_xform(qat_session);
+ memset(qat_session, 0, qat_asym_session_get_private_size(dev));
+ struct rte_mempool *mempool = rte_mempool_from_obj(sess_priv);
+
+ set_asym_session_private_data(session, index, NULL);
+ rte_mempool_put(mempool, sess_priv);
+ }
}
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index e05ed7fc86..4291a77df7 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -48,7 +48,7 @@ struct qat_asym_op_cookie {
struct qat_asym_session {
struct icp_qat_fw_pke_request req_tmpl;
- struct rte_crypto_asym_xform *xform;
+ struct rte_crypto_asym_xform xform;
};
int
diff --git a/drivers/crypto/qat/qat_ec.h b/drivers/crypto/qat/qat_ec.h
index c2f3ce93d2..a310e3f4d3 100644
--- a/drivers/crypto/qat/qat_ec.h
+++ b/drivers/crypto/qat/qat_ec.h
@@ -31,7 +31,7 @@ struct elliptic_curve {
buffer h;
};
-static struct elliptic_curve __rte_unused curve[] = {
+static struct elliptic_curve curve[] = {
[SECP256R1] = {
.name = "secp256r1",
.bytesize = 32,
@@ -190,7 +190,7 @@ static struct elliptic_curve __rte_unused curve[] = {
}
};
-static int __rte_unused
+static int
pick_curve(struct rte_crypto_asym_xform *xform)
{
switch (xform->ec.curve_id) {
--
2.13.6
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-02-09 14:01 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-09 14:00 [PATCH v2 0/5] crypto/qat: add asymmetric crypto algorithms Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 1/5] crypto/qat: refactor asymmetric crypto functions Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 2/5] crypto/qat: add named elliptic curves Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 3/5] crypto/qat: add ecdsa algorithm Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 4/5] crypto/qat: add ecpm algorithm Arek Kusztal
2022-02-09 14:00 ` [PATCH v2 5/5] crypto/qat: refactor asymmetric session Arek Kusztal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).