From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 760BFA0548; Wed, 12 Oct 2022 06:17:33 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 5D6E940691; Wed, 12 Oct 2022 06:17:33 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id F23E04067C for ; Wed, 12 Oct 2022 06:17:31 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29C2ACo6026867 for ; Tue, 11 Oct 2022 21:17:31 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=u71VtR6sTgj7+xsylDIq6ncaW2ClBu3uQz2oTJvfbK0=; b=HQekota804O9DkwEWgBp71xnf57019ozhnbJ9pq3XEPxG2FWzRJSzt/pVhS4g826zyeQ 54CpdQ2c4oZKKNyjMHCt6u7SW8CkwUBwiwX3WPvy5T13YljLZCeLKu6NiwDLlrXb+rAG 9I0DMumViNtW3AOxZaG7eK+HQZzcsUNeBacOd5jdIPe/5aO/3ItmI1ye1lrBCNSi5BwG mvaSBaFwyfDgpmS+ntXaoy42SNheX0U5hshaOjsH4LPjb/UyNqLhUlbXry5Ee7S0AGqM cbINaz7P6sKs7MPXIH73Zz9xgeHfPVYxlXoM3R89z7aUULWExcV4npyIHg+zRApSIpNA Ng== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3k5mjg0cdw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Tue, 11 Oct 2022 21:17:31 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 11 Oct 2022 21:17:29 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Tue, 11 Oct 2022 21:17:29 -0700 Received: from localhost.localdomain (unknown [10.28.34.38]) by maili.marvell.com (Postfix) with ESMTP id E53143F7043; Tue, 11 Oct 2022 21:17:26 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: Anoob Joseph , Ankur Dwivedi , Tejasree Kondoj , Akhil Goyal , , Gowrishankar Muthukrishnan Subject: [v3] crypto/cnxk: support exponent type private key Date: Wed, 12 Oct 2022 09:47:22 +0530 Message-ID: <20221012041722.71766-1-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221011111902.4128847-1-gmuthukrishn@marvell.com> References: <20221011111902.4128847-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: tD3vs5Ed0fwsB8KnmmVCSEBlGhcDIqiD X-Proofpoint-GUID: tD3vs5Ed0fwsB8KnmmVCSEBlGhcDIqiD X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-12_01,2022-10-11_02,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This patch adds support for RTE_RSA_KEY_TYPE_EXP in cnxk crypto driver. Signed-off-by: Gowrishankar Muthukrishnan -- v3: - .ini updates. v2: - new function to handle exp type priv key. --- doc/guides/cryptodevs/features/cn10k.ini | 2 + doc/guides/cryptodevs/features/cn9k.ini | 2 + drivers/crypto/cnxk/cnxk_ae.h | 112 +++++++++++++++++++---- drivers/crypto/cnxk/cnxk_cryptodev.c | 1 + 4 files changed, 97 insertions(+), 20 deletions(-) diff --git a/doc/guides/cryptodevs/features/cn10k.ini b/doc/guides/cryptodevs/features/cn10k.ini index 166fca5adb..6e4e0e0095 100644 --- a/doc/guides/cryptodevs/features/cn10k.ini +++ b/doc/guides/cryptodevs/features/cn10k.ini @@ -14,6 +14,8 @@ OOP SGL In LB Out = Y OOP SGL In SGL Out = Y OOP LB In LB Out = Y Symmetric sessionless = Y +RSA PRIV OP KEY EXP = Y +RSA PRIV OP KEY QT = Y Digest encrypted = Y Inner checksum = Y diff --git a/doc/guides/cryptodevs/features/cn9k.ini b/doc/guides/cryptodevs/features/cn9k.ini index c3d131db1a..f9c896f6bd 100644 --- a/doc/guides/cryptodevs/features/cn9k.ini +++ b/doc/guides/cryptodevs/features/cn9k.ini @@ -14,6 +14,8 @@ OOP SGL In LB Out = Y OOP SGL In SGL Out = Y OOP LB In LB Out = Y Symmetric sessionless = Y +RSA PRIV OP KEY EXP = Y +RSA PRIV OP KEY QT = Y Digest encrypted = Y ; diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h index 4a7ce0bf40..adf719da73 100644 --- a/drivers/crypto/cnxk/cnxk_ae.h +++ b/drivers/crypto/cnxk/cnxk_ae.h @@ -82,20 +82,31 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, struct rte_crypto_rsa_priv_key_qt qt = xform->rsa.qt; struct rte_crypto_rsa_xform *xfrm_rsa = &xform->rsa; struct rte_crypto_rsa_xform *rsa = &sess->rsa_ctx; + struct rte_crypto_param_t d = xform->rsa.d; size_t mod_len = xfrm_rsa->n.length; size_t exp_len = xfrm_rsa->e.length; uint64_t total_size; size_t len = 0; - if (qt.p.length != 0 && qt.p.data == NULL) - return -EINVAL; + /* Set private key type */ + rsa->key_type = xfrm_rsa->key_type; + + if (rsa->key_type == RTE_RSA_KEY_TYPE_QT) { + if (qt.p.length != 0 && qt.p.data == NULL) + return -EINVAL; + + /* Make sure key length used is not more than mod_len/2 */ + if (qt.p.data != NULL) + len = (((mod_len / 2) < qt.p.length) ? 0 : qt.p.length * 5); + } else if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) { + if (d.length != 0 && d.data == NULL) + return -EINVAL; - /* Make sure key length used is not more than mod_len/2 */ - if (qt.p.data != NULL) - len = (((mod_len / 2) < qt.p.length) ? 0 : qt.p.length); + len = d.length; + } /* Total size required for RSA key params(n,e,(q,dQ,p,dP,qInv)) */ - total_size = mod_len + exp_len + 5 * len; + total_size = mod_len + exp_len + len; /* Allocate buffer to hold all RSA keys */ rsa->n.data = rte_malloc(NULL, total_size, 0); @@ -107,8 +118,8 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, rsa->e.data = rsa->n.data + mod_len; memcpy(rsa->e.data, xfrm_rsa->e.data, exp_len); - /* Private key in quintuple format */ - if (len != 0) { + if (rsa->key_type == RTE_RSA_KEY_TYPE_QT) { + /* Private key in quintuple format */ rsa->qt.q.data = rsa->e.data + exp_len; memcpy(rsa->qt.q.data, qt.q.data, qt.q.length); rsa->qt.dQ.data = rsa->qt.q.data + qt.q.length; @@ -126,6 +137,11 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, rsa->qt.p.length = qt.p.length; rsa->qt.dP.length = qt.dP.length; rsa->qt.qInv.length = qt.qInv.length; + } else if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) { + /* Private key in exponent format */ + rsa->d.data = rsa->e.data + exp_len; + memcpy(rsa->d.data, d.data, d.length); + rsa->d.length = d.length; } rsa->n.length = mod_len; rsa->e.length = exp_len; @@ -316,10 +332,64 @@ cnxk_ae_rsa_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, inst->rptr = (uintptr_t)dptr; } +static __rte_always_inline void +cnxk_ae_rsa_exp_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, + struct rte_crypto_rsa_xform *rsa, rte_crypto_param *crypto_param, + struct cpt_inst_s *inst) +{ + struct rte_crypto_rsa_op_param rsa_op; + uint32_t privkey_len = rsa->d.length; + uint32_t mod_len = rsa->n.length; + union cpt_inst_w4 w4; + uint32_t in_size; + uint32_t dlen; + uint8_t *dptr; + + rsa_op = op->asym->rsa; + + /* Input buffer */ + dptr = meta_buf->vaddr; + inst->dptr = (uintptr_t)dptr; + memcpy(dptr, rsa->n.data, mod_len); + dptr += mod_len; + memcpy(dptr, rsa->d.data, privkey_len); + dptr += privkey_len; + + in_size = crypto_param->length; + memcpy(dptr, crypto_param->data, in_size); + + dptr += in_size; + dlen = mod_len + privkey_len + in_size; + + if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) { + /* Use mod_exp operation for no_padding type */ + w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX; + w4.s.param2 = privkey_len; + } else { + if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { + w4.s.opcode_minor = ROC_AE_MINOR_OP_PKCS_ENC; + /* Private key encrypt (exponent), use BT1*/ + w4.s.param2 = ROC_AE_CPT_BLOCK_TYPE1 | ((uint16_t)(privkey_len) << 1); + } else if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { + w4.s.opcode_minor = ROC_AE_MINOR_OP_PKCS_DEC; + /* Private key decrypt (exponent), use BT2 */ + w4.s.param2 = ROC_AE_CPT_BLOCK_TYPE2; + } + } + + w4.s.opcode_major = ROC_AE_MAJOR_OP_MODEX; + + w4.s.param1 = mod_len; + w4.s.dlen = dlen; + + inst->w4.u64 = w4.u64; + inst->rptr = (uintptr_t)dptr; +} + static __rte_always_inline void cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, - struct rte_crypto_rsa_xform *rsa, - rte_crypto_param *crypto_param, struct cpt_inst_s *inst) + struct rte_crypto_rsa_xform *rsa, rte_crypto_param *crypto_param, + struct cpt_inst_s *inst) { uint32_t qInv_len = rsa->qt.qInv.length; struct rte_crypto_rsa_op_param rsa_op; @@ -374,28 +444,30 @@ cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, } static __rte_always_inline int __rte_hot -cnxk_ae_enqueue_rsa_op(struct rte_crypto_op *op, - struct roc_ae_buf_ptr *meta_buf, +cnxk_ae_enqueue_rsa_op(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) { struct rte_crypto_rsa_op_param *rsa = &op->asym->rsa; + struct rte_crypto_rsa_xform *ctx = &sess->rsa_ctx; switch (rsa->op_type) { case RTE_CRYPTO_ASYM_OP_VERIFY: - cnxk_ae_rsa_prep(op, meta_buf, &sess->rsa_ctx, &rsa->sign, - inst); + cnxk_ae_rsa_prep(op, meta_buf, ctx, &rsa->sign, inst); break; case RTE_CRYPTO_ASYM_OP_ENCRYPT: - cnxk_ae_rsa_prep(op, meta_buf, &sess->rsa_ctx, &rsa->message, - inst); + cnxk_ae_rsa_prep(op, meta_buf, ctx, &rsa->message, inst); break; case RTE_CRYPTO_ASYM_OP_SIGN: - cnxk_ae_rsa_crt_prep(op, meta_buf, &sess->rsa_ctx, - &rsa->message, inst); + if (ctx->key_type == RTE_RSA_KEY_TYPE_QT) + cnxk_ae_rsa_crt_prep(op, meta_buf, ctx, &rsa->message, inst); + else + cnxk_ae_rsa_exp_prep(op, meta_buf, ctx, &rsa->message, inst); break; case RTE_CRYPTO_ASYM_OP_DECRYPT: - cnxk_ae_rsa_crt_prep(op, meta_buf, &sess->rsa_ctx, &rsa->cipher, - inst); + if (ctx->key_type == RTE_RSA_KEY_TYPE_QT) + cnxk_ae_rsa_crt_prep(op, meta_buf, ctx, &rsa->cipher, inst); + else + cnxk_ae_rsa_exp_prep(op, meta_buf, ctx, &rsa->cipher, inst); break; default: op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.c b/drivers/crypto/cnxk/cnxk_cryptodev.c index d67de54a7b..35635f7831 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev.c +++ b/drivers/crypto/cnxk/cnxk_cryptodev.c @@ -15,6 +15,7 @@ cnxk_cpt_default_ff_get(void) RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP | RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING | RTE_CRYPTODEV_FF_IN_PLACE_SGL | RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT | -- 2.25.1