From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
To: <dev@dpdk.org>
Cc: <anoobj@marvell.com>, Akhil Goyal <gakhil@marvell.com>,
Fan Zhang <fanzhang.oss@gmail.com>, Kai Ji <kai.ji@intel.com>,
Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>,
Ciara Power <ciara.power@intel.com>,
Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Subject: [PATCH v3 2/7] cryptodev: add hash algorithms in asymmetric capability
Date: Thu, 28 Sep 2023 22:39:15 +0530 [thread overview]
Message-ID: <20230928170920.1454-3-gmuthukrishn@marvell.com> (raw)
In-Reply-To: <20230928170920.1454-1-gmuthukrishn@marvell.com>
Most of the asymmetric operations start with hash of the input.
But a PMD might also support only plain input (eg openssl).
Add a new field in asymmetric capability to declare support
for hash operations that PMD can support for the asymmetric
operations. Application can skip computing hash if PMD already
supports it.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
app/test/test_cryptodev_asym.c | 52 ++++++++++++++++++--
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 1 +
lib/cryptodev/cryptodev_trace.h | 9 ++++
lib/cryptodev/cryptodev_trace_points.c | 3 ++
lib/cryptodev/rte_cryptodev.c | 16 ++++++
lib/cryptodev/rte_cryptodev.h | 19 +++++++
lib/cryptodev/version.map | 1 +
7 files changed, 97 insertions(+), 4 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 9820b80f7e..61f65823df 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -1810,8 +1810,10 @@ _test_sm2_sign(bool rnd_secret)
{
struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+ const struct rte_cryptodev_asymmetric_xform_capability *capa;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
struct rte_mempool *op_mpool = ts_params->op_mpool;
+ struct rte_cryptodev_asym_capability_idx idx;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_op *result_op = NULL;
uint8_t output_buf_r[TEST_DATA_SIZE];
@@ -1822,6 +1824,12 @@ _test_sm2_sign(bool rnd_secret)
int ret, status = TEST_SUCCESS;
void *sess = NULL;
+ /* Check SM2 capability */
+ idx.type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ capa = rte_cryptodev_asym_capability_get(dev_id, &idx);
+ if (capa == NULL)
+ return -ENOTSUP;
+
/* Setup crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (op == NULL) {
@@ -1838,7 +1846,10 @@ _test_sm2_sign(bool rnd_secret)
/* Setup asym xform */
xform.next = NULL;
xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
- xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+ xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ else
+ xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
if (ret < 0) {
@@ -1993,8 +2004,10 @@ test_sm2_verify(void)
{
struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+ const struct rte_cryptodev_asymmetric_xform_capability *capa;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
struct rte_mempool *op_mpool = ts_params->op_mpool;
+ struct rte_cryptodev_asym_capability_idx idx;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_op *result_op = NULL;
struct rte_crypto_asym_xform xform;
@@ -2003,6 +2016,12 @@ test_sm2_verify(void)
int ret, status = TEST_SUCCESS;
void *sess = NULL;
+ /* Check SM2 capability */
+ idx.type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ capa = rte_cryptodev_asym_capability_get(dev_id, &idx);
+ if (capa == NULL)
+ return -ENOTSUP;
+
/* Setup crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (op == NULL) {
@@ -2019,7 +2038,10 @@ test_sm2_verify(void)
/* Setup asym xform */
xform.next = NULL;
xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
- xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+ xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ else
+ xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
if (ret < 0) {
@@ -2094,9 +2116,11 @@ _test_sm2_enc(bool rnd_secret)
{
struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+ const struct rte_cryptodev_asymmetric_xform_capability *capa;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
struct rte_mempool *op_mpool = ts_params->op_mpool;
uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL;
+ struct rte_cryptodev_asym_capability_idx idx;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_op *result_op = NULL;
struct rte_crypto_asym_xform xform;
@@ -2105,6 +2129,12 @@ _test_sm2_enc(bool rnd_secret)
int ret, status = TEST_SUCCESS;
void *sess = NULL;
+ /* Check SM2 capability */
+ idx.type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ capa = rte_cryptodev_asym_capability_get(dev_id, &idx);
+ if (capa == NULL)
+ return -ENOTSUP;
+
/* Setup crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (op == NULL) {
@@ -2120,7 +2150,10 @@ _test_sm2_enc(bool rnd_secret)
/* Setup asym xform */
xform.next = NULL;
xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
- xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+ xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ else
+ xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
if (ret < 0) {
@@ -2273,8 +2306,10 @@ test_sm2_dec(void)
{
struct crypto_testsuite_params_asym *ts_params = &testsuite_params;
struct crypto_testsuite_sm2_params input_params = sm2_param_fp256;
+ const struct rte_cryptodev_asymmetric_xform_capability *capa;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
struct rte_mempool *op_mpool = ts_params->op_mpool;
+ struct rte_cryptodev_asym_capability_idx idx;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_op *result_op = NULL;
uint8_t output_buf_m[TEST_DATA_SIZE];
@@ -2284,6 +2319,12 @@ test_sm2_dec(void)
int ret, status = TEST_SUCCESS;
void *sess = NULL;
+ /* Check SM2 capability */
+ idx.type = RTE_CRYPTO_ASYM_XFORM_SM2;
+ capa = rte_cryptodev_asym_capability_get(dev_id, &idx);
+ if (capa == NULL)
+ return -ENOTSUP;
+
/* Setup crypto op data structure */
op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
if (op == NULL) {
@@ -2299,7 +2340,10 @@ test_sm2_dec(void)
/* Setup asym xform */
xform.next = NULL;
xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
- xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3))
+ xform.sm2.hash = RTE_CRYPTO_AUTH_SM3;
+ else
+ xform.sm2.hash = RTE_CRYPTO_AUTH_NULL;
ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
if (ret < 0) {
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 2eb450fcfd..d5dc365064 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -598,6 +598,7 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
{.asym = {
.xform_capa = {
.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2,
+ .hash_algos = (1 << RTE_CRYPTO_AUTH_SM3),
.op_types =
((1<<RTE_CRYPTO_ASYM_OP_SIGN) |
(1 << RTE_CRYPTO_ASYM_OP_VERIFY) |
diff --git a/lib/cryptodev/cryptodev_trace.h b/lib/cryptodev/cryptodev_trace.h
index aab44af96b..935f0d564b 100644
--- a/lib/cryptodev/cryptodev_trace.h
+++ b/lib/cryptodev/cryptodev_trace.h
@@ -520,6 +520,15 @@ RTE_TRACE_POINT(
rte_trace_point_emit_int(ret);
)
+RTE_TRACE_POINT(
+ rte_cryptodev_trace_asym_xform_capability_check_hash,
+ RTE_TRACE_POINT_ARGS(uint64_t hash_algos,
+ enum rte_crypto_auth_algorithm hash, int ret),
+ rte_trace_point_emit_u64(hash_algos);
+ rte_trace_point_emit_int(hash);
+ rte_trace_point_emit_int(ret);
+)
+
RTE_TRACE_POINT(
rte_cryptodev_trace_count,
RTE_TRACE_POINT_ARGS(uint8_t nb_devs),
diff --git a/lib/cryptodev/cryptodev_trace_points.c b/lib/cryptodev/cryptodev_trace_points.c
index e2303fdb52..8c47ab1e78 100644
--- a/lib/cryptodev/cryptodev_trace_points.c
+++ b/lib/cryptodev/cryptodev_trace_points.c
@@ -144,6 +144,9 @@ RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_asym_xform_capability_check_modlen,
RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_asym_xform_capability_check_optype,
lib.cryptodev.asym.xform.capability.check.optype)
+RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_asym_xform_capability_check_hash,
+ lib.cryptodev.asym.xform.capability.check.hash)
+
RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_sym_cpu_crypto_process,
lib.cryptodev.sym.cpu.crypto.process)
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index c49d342b17..041d3074db 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -718,6 +718,22 @@ rte_cryptodev_asym_xform_capability_check_modlen(
return ret;
}
+bool
+rte_cryptodev_asym_xform_capability_check_hash(
+ const struct rte_cryptodev_asymmetric_xform_capability *capability,
+ enum rte_crypto_auth_algorithm hash)
+{
+ bool ret = false;
+
+ if (capability->hash_algos & (1 << hash))
+ ret = true;
+
+ rte_cryptodev_trace_asym_xform_capability_check_hash(
+ capability->hash_algos, hash, ret);
+
+ return ret;
+}
+
/* spinlock for crypto device enq callbacks */
static rte_spinlock_t rte_cryptodev_callback_lock = RTE_SPINLOCK_INITIALIZER;
diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h
index 9246df90ef..47c6fda25b 100644
--- a/lib/cryptodev/rte_cryptodev.h
+++ b/lib/cryptodev/rte_cryptodev.h
@@ -182,6 +182,9 @@ struct rte_cryptodev_asymmetric_xform_capability {
* Value 0 mean implementation default
*/
};
+
+ uint64_t hash_algos;
+ /**< Bitmask of hash algorithms supported for op_type. */
};
/**
@@ -340,6 +343,22 @@ rte_cryptodev_asym_xform_capability_check_modlen(
const struct rte_cryptodev_asymmetric_xform_capability *capability,
uint16_t modlen);
+/**
+ * Check if hash algorithm is supported.
+ *
+ * @param capability Asymmetric crypto capability.
+ * @param hash Hash algorithm.
+ *
+ * @return
+ * - Return true if the hash algorithm is supported.
+ * - Return false if the hash algorithm is not supported.
+ */
+__rte_experimental
+bool
+rte_cryptodev_asym_xform_capability_check_hash(
+ const struct rte_cryptodev_asymmetric_xform_capability *capability,
+ enum rte_crypto_auth_algorithm hash);
+
/**
* Provide the cipher algorithm enum, given an algorithm string
*
diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map
index ae8d9327b4..3c2d1780e0 100644
--- a/lib/cryptodev/version.map
+++ b/lib/cryptodev/version.map
@@ -54,6 +54,7 @@ EXPERIMENTAL {
rte_cryptodev_asym_get_xform_enum;
rte_cryptodev_asym_session_create;
rte_cryptodev_asym_session_free;
+ rte_cryptodev_asym_xform_capability_check_hash;
rte_cryptodev_asym_xform_capability_check_modlen;
rte_cryptodev_asym_xform_capability_check_optype;
rte_cryptodev_sym_cpu_crypto_process;
--
2.25.1
next prev parent reply other threads:[~2023-09-28 17:09 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-10 9:35 [v1 0/6] cryptodev: support digest message in SM2 Gowrishankar Muthukrishnan
2023-08-10 9:35 ` [v1 1/6] crypto/openssl: include SM2 in asymmetric capabilities Gowrishankar Muthukrishnan
2023-09-26 19:53 ` Kusztal, ArkadiuszX
2023-08-10 9:35 ` [v1 2/6] cryptodev: add RNG capability in EC based xform Gowrishankar Muthukrishnan
2023-09-26 19:53 ` Kusztal, ArkadiuszX
2023-08-10 9:35 ` [v1 3/6] cryptodev: add hash support in asymmetric capability Gowrishankar Muthukrishnan
2023-09-26 20:03 ` Kusztal, ArkadiuszX
2023-09-27 5:55 ` Gowrishankar Muthukrishnan
2023-08-10 9:35 ` [v1 4/6] cryptodev: use generic EC xform params for SM2 Gowrishankar Muthukrishnan
2023-09-26 20:05 ` Kusztal, ArkadiuszX
2023-08-10 9:35 ` [v1 5/6] app/test: check asymmetric capabilities in SM2 test Gowrishankar Muthukrishnan
2023-09-26 20:05 ` Kusztal, ArkadiuszX
2023-08-10 9:35 ` [v1 6/6] crypto/cnxk: add SM2 support Gowrishankar Muthukrishnan
2023-09-14 7:21 ` [v1 0/6] cryptodev: support digest message in SM2 Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 0/7] " Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 1/7] crypto/openssl: include SM2 in asymmetric capabilities Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 2/7] cryptodev: set private and public keys in EC session Gowrishankar Muthukrishnan
2023-09-28 12:44 ` Power, Ciara
2023-09-28 13:12 ` Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 3/7] cryptodev: add RNG capability in EC based xform Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 4/7] cryptodev: add hash algorithms in asymmetric capability Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 5/7] cryptodev: use generic EC xform params for SM2 Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 6/7] app/test: check asymmetric capabilities in SM2 test Gowrishankar Muthukrishnan
2023-09-27 11:37 ` [PATCH v2 7/7] crypto/cnxk: add SM2 support Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 0/7] cryptodev: support digest message in SM2 Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 1/7] crypto/openssl: include SM2 in asymmetric capabilities Gowrishankar Muthukrishnan
2023-09-28 17:09 ` Gowrishankar Muthukrishnan [this message]
2023-09-28 17:09 ` [PATCH v3 3/7] cryptodev: use generic EC xform params for SM2 Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 4/7] cryptodev: set private and public keys in EC session Gowrishankar Muthukrishnan
2023-09-29 12:47 ` Power, Ciara
2023-09-28 17:09 ` [PATCH v3 5/7] cryptodev: add RNG capability in EC based xform Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 6/7] crypto/cnxk: add SM2 support Gowrishankar Muthukrishnan
2023-09-28 17:09 ` [PATCH v3 7/7] app/test: check asymmetric capabilities in SM2 test Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 0/7] cryptodev: support digest message in SM2 Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 1/7] crypto/openssl: include SM2 in asymmetric capabilities Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 2/7] cryptodev: add hash algorithms in asymmetric capability Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 3/7] cryptodev: use generic EC xform params for SM2 Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 4/7] cryptodev: set private and public keys in EC session Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 5/7] cryptodev: add RNG capability in EC based xform Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 6/7] crypto/cnxk: add SM2 support Gowrishankar Muthukrishnan
2023-10-09 13:54 ` [PATCH v4 7/7] app/test: check asymmetric capabilities in SM2 test Gowrishankar Muthukrishnan
2023-10-09 19:07 ` [PATCH v4 0/7] cryptodev: support digest message in SM2 Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230928170920.1454-3-gmuthukrishn@marvell.com \
--to=gmuthukrishn@marvell.com \
--cc=anoobj@marvell.com \
--cc=arkadiuszx.kusztal@intel.com \
--cc=ciara.power@intel.com \
--cc=dev@dpdk.org \
--cc=fanzhang.oss@gmail.com \
--cc=gakhil@marvell.com \
--cc=kai.ji@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).