* [PATCH 1/3] crypto/qat: Add ECDH, ECDSA and ECPM capabilities
@ 2025-08-27 9:23 Radu Nicolau
2025-08-27 9:23 ` [PATCH 2/3] test/crypto: add QAT EC tests Radu Nicolau
2025-08-27 9:23 ` [PATCH 3/3] crypto/qat: fix ECDH implementation Radu Nicolau
0 siblings, 2 replies; 4+ messages in thread
From: Radu Nicolau @ 2025-08-27 9:23 UTC (permalink / raw)
To: dev; +Cc: Radu Nicolau, Kai Ji
Add missing eliptic curves capabilities.
Small fixes on ECDH implementation.
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 13 +++++++++++++
drivers/crypto/qat/qat_asym.c | 9 +++++++--
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
index 67b1892c32..20001bd1cc 100644
--- a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
+++ b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
@@ -38,6 +38,19 @@ static struct rte_cryptodev_capabilities qat_asym_crypto_caps_gen1[] = {
(1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) |
(1 << RTE_CRYPTO_ASYM_OP_DECRYPT)),
64, 512, 64),
+ QAT_ASYM_CAP(ECDH,
+ ((1 << RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) |
+ (1 << RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE) |
+ (1 << RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY)),
+ 64, 512, 64),
+ QAT_ASYM_CAP(ECDSA,
+ ((1 << RTE_CRYPTO_ASYM_OP_SIGN) |
+ (1 << RTE_CRYPTO_ASYM_OP_VERIFY)),
+ 64, 512, 64),
+ QAT_ASYM_CAP(ECPM,
+ ((1 << RTE_CRYPTO_ASYM_OP_SIGN) |
+ (1 << RTE_CRYPTO_ASYM_OP_VERIFY)),
+ 64, 512, 64),
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index d8a1406819..bd22fc0a6f 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -801,11 +801,14 @@ ecdh_set_input(struct icp_qat_fw_pke_request *qat_req,
SET_PKE_LN(asym_op->ecdh.priv_key, qat_func_alignsize, 0);
SET_PKE_LN_EC(curve[curve_id], x, 1);
SET_PKE_LN_EC(curve[curve_id], y, 2);
- } else {
+ } else if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE) {
SET_PKE_LN(asym_op->ecdh.priv_key, qat_func_alignsize, 0);
SET_PKE_LN(asym_op->ecdh.pub_key.x, qat_func_alignsize, 1);
SET_PKE_LN(asym_op->ecdh.pub_key.y, qat_func_alignsize, 2);
+ } else {
+ return -EINVAL;
}
+
SET_PKE_LN_EC(curve[curve_id], a, 3);
SET_PKE_LN_EC(curve[curve_id], b, 4);
SET_PKE_LN_EC(curve[curve_id], p, 5);
@@ -894,11 +897,13 @@ ecdh_collect(struct rte_crypto_asym_op *asym_op,
asym_op->ecdh.pub_key.y.length = alg_bytesize;
x = asym_op->ecdh.pub_key.x.data;
y = asym_op->ecdh.pub_key.y.data;
- } else {
+ } else if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE) {
asym_op->ecdh.shared_secret.x.length = alg_bytesize;
asym_op->ecdh.shared_secret.y.length = alg_bytesize;
x = asym_op->ecdh.shared_secret.x.data;
y = asym_op->ecdh.shared_secret.y.data;
+ } else {
+ return -EINVAL;
}
rte_memcpy(x, &cookie->output_array[0][ltrim], alg_bytesize);
--
2.50.1
^ permalink raw reply [flat|nested] 4+ messages in thread* [PATCH 2/3] test/crypto: add QAT EC tests
2025-08-27 9:23 [PATCH 1/3] crypto/qat: Add ECDH, ECDSA and ECPM capabilities Radu Nicolau
@ 2025-08-27 9:23 ` Radu Nicolau
2025-08-27 14:31 ` Ji, Kai
2025-08-27 9:23 ` [PATCH 3/3] crypto/qat: fix ECDH implementation Radu Nicolau
1 sibling, 1 reply; 4+ messages in thread
From: Radu Nicolau @ 2025-08-27 9:23 UTC (permalink / raw)
To: dev; +Cc: Radu Nicolau, Akhil Goyal, Fan Zhang
Add ECDH, ECPM and ECDSA tests for QAT
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
app/test/test_cryptodev_asym.c | 109 +++++++++++++++++++++++++++++++++
1 file changed, 109 insertions(+)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 20afb5e98b..c62329edff 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -1715,6 +1715,29 @@ test_ecdsa_sign_verify_all_curve(void)
return overall_status;
}
+static int
+test_ecdsa_sign_verify_qat_curves(void)
+{
+ int status, overall_status = TEST_SUCCESS;
+ enum curve curve_id;
+ int test_index = 0;
+ const char *msg;
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+
+ status = test_ecdsa_sign_verify(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase Sign/Veriy Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+ return overall_status;
+}
+
static int
test_ecpm(enum curve curve_id)
{
@@ -1881,6 +1904,28 @@ test_ecpm_all_curve(void)
return overall_status;
}
+static int
+test_ecpm_qat_curves(void)
+{
+ int status, overall_status = TEST_SUCCESS;
+ enum curve curve_id;
+ int test_index = 0;
+ const char *msg;
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+ status = test_ecpm(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase EC Point Mul Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+ return overall_status;
+}
+
static int
test_ecdh_priv_key_generate(enum curve curve_id)
{
@@ -2674,6 +2719,56 @@ test_ecdh_all_curve(void)
return overall_status;
}
+static int
+test_ecdh_qat_curves(void)
+{
+ int status, overall_status = TEST_SUCCESS;
+ enum curve curve_id;
+ int test_index = 0;
+ const char *msg;
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+ status = test_ecdh_pub_key_generate(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else if (status == TEST_SKIPPED) {
+ msg = "skipped";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase ECDH public key generation for Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+ status = test_ecdh_pub_key_verify(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase ECDH public key verification for Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+ status = test_ecdh_shared_secret(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase ECDH shared secret compute for Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+
+ return overall_status;
+}
+
+
static int
test_sm2_sign(void)
{
@@ -3987,6 +4082,7 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
ut_setup_asym, ut_teardown_asym,
modular_exponentiation, &modex_group_test_cases[7]),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_eddsa_sign_verify_all_curve),
+
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
@@ -4023,6 +4119,19 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite = {
"RSA Decryption (n=128, pt=20, e=3) CRT, Padding: NONE",
ut_setup_asym, ut_teardown_asym,
kat_rsa_decrypt_crt, &rsa_vector_128_20_3_none),
+ TEST_CASE_NAMED_ST(
+ "ECDH Eliptic Curve tests",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdh_qat_curves),
+ TEST_CASE_NAMED_ST(
+ "ECPM Eliptic Curve tests",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecpm_qat_curves),
+ TEST_CASE_NAMED_ST(
+ "ECDSA Eliptic Curve tests",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdsa_sign_verify_qat_curves),
+
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
--
2.50.1
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH 2/3] test/crypto: add QAT EC tests
2025-08-27 9:23 ` [PATCH 2/3] test/crypto: add QAT EC tests Radu Nicolau
@ 2025-08-27 14:31 ` Ji, Kai
0 siblings, 0 replies; 4+ messages in thread
From: Ji, Kai @ 2025-08-27 14:31 UTC (permalink / raw)
To: Nicolau, Radu, dev; +Cc: Akhil Goyal, Fan Zhang
[-- Attachment #1: Type: text/plain, Size: 5981 bytes --]
Acked-by: Kai Ji <kai.ji@intel.com>
________________________________
From: Radu Nicolau <radu.nicolau@intel.com>
Sent: 27 August 2025 10:23
To: dev@dpdk.org <dev@dpdk.org>
Cc: Nicolau, Radu <radu.nicolau@intel.com>; Akhil Goyal <gakhil@marvell.com>; Fan Zhang <fanzhang.oss@gmail.com>
Subject: [PATCH 2/3] test/crypto: add QAT EC tests
Add ECDH, ECPM and ECDSA tests for QAT
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
app/test/test_cryptodev_asym.c | 109 +++++++++++++++++++++++++++++++++
1 file changed, 109 insertions(+)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 20afb5e98b..c62329edff 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -1715,6 +1715,29 @@ test_ecdsa_sign_verify_all_curve(void)
return overall_status;
}
+static int
+test_ecdsa_sign_verify_qat_curves(void)
+{
+ int status, overall_status = TEST_SUCCESS;
+ enum curve curve_id;
+ int test_index = 0;
+ const char *msg;
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+
+ status = test_ecdsa_sign_verify(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase Sign/Veriy Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+ return overall_status;
+}
+
static int
test_ecpm(enum curve curve_id)
{
@@ -1881,6 +1904,28 @@ test_ecpm_all_curve(void)
return overall_status;
}
+static int
+test_ecpm_qat_curves(void)
+{
+ int status, overall_status = TEST_SUCCESS;
+ enum curve curve_id;
+ int test_index = 0;
+ const char *msg;
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+ status = test_ecpm(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase EC Point Mul Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+ return overall_status;
+}
+
static int
test_ecdh_priv_key_generate(enum curve curve_id)
{
@@ -2674,6 +2719,56 @@ test_ecdh_all_curve(void)
return overall_status;
}
+static int
+test_ecdh_qat_curves(void)
+{
+ int status, overall_status = TEST_SUCCESS;
+ enum curve curve_id;
+ int test_index = 0;
+ const char *msg;
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+ status = test_ecdh_pub_key_generate(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else if (status == TEST_SKIPPED) {
+ msg = "skipped";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase ECDH public key generation for Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+ status = test_ecdh_pub_key_verify(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase ECDH public key verification for Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+
+ for (curve_id = SECP256R1; curve_id <= SECP521R1; curve_id++) {
+ status = test_ecdh_shared_secret(curve_id);
+ if (status == TEST_SUCCESS) {
+ msg = "succeeded";
+ } else {
+ msg = "failed";
+ overall_status = status;
+ }
+ printf(" %u) TestCase ECDH shared secret compute for Curve %s %s\n",
+ test_index ++, curve[curve_id], msg);
+ }
+
+ return overall_status;
+}
+
+
static int
test_sm2_sign(void)
{
@@ -3987,6 +4082,7 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
ut_setup_asym, ut_teardown_asym,
modular_exponentiation, &modex_group_test_cases[7]),
TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_eddsa_sign_verify_all_curve),
+
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
@@ -4023,6 +4119,19 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite = {
"RSA Decryption (n=128, pt=20, e=3) CRT, Padding: NONE",
ut_setup_asym, ut_teardown_asym,
kat_rsa_decrypt_crt, &rsa_vector_128_20_3_none),
+ TEST_CASE_NAMED_ST(
+ "ECDH Eliptic Curve tests",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdh_qat_curves),
+ TEST_CASE_NAMED_ST(
+ "ECPM Eliptic Curve tests",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecpm_qat_curves),
+ TEST_CASE_NAMED_ST(
+ "ECDSA Eliptic Curve tests",
+ ut_setup_asym, ut_teardown_asym,
+ test_ecdsa_sign_verify_qat_curves),
+
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
--
2.50.1
[-- Attachment #2: Type: text/html, Size: 14839 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 3/3] crypto/qat: fix ECDH implementation
2025-08-27 9:23 [PATCH 1/3] crypto/qat: Add ECDH, ECDSA and ECPM capabilities Radu Nicolau
2025-08-27 9:23 ` [PATCH 2/3] test/crypto: add QAT EC tests Radu Nicolau
@ 2025-08-27 9:23 ` Radu Nicolau
1 sibling, 0 replies; 4+ messages in thread
From: Radu Nicolau @ 2025-08-27 9:23 UTC (permalink / raw)
To: dev; +Cc: Radu Nicolau, stable, Kai Ji, Arkadiusz Kusztal
Read EC parameters from the xform, not from the asym_op,
where they may not be set.
Fixes: 305e1f856f0c ("crypto/qat: add ECDH key exchange algorithm")
Cc: stable@dpdk.org
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
drivers/crypto/qat/qat_asym.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index bd22fc0a6f..e7042f702f 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -798,13 +798,13 @@ ecdh_set_input(struct icp_qat_fw_pke_request *qat_req,
qat_func_alignsize = RTE_ALIGN_CEIL(qat_function.bytesize, 8);
if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE) {
- SET_PKE_LN(asym_op->ecdh.priv_key, qat_func_alignsize, 0);
+ SET_PKE_LN(xform->ec.pkey, qat_func_alignsize, 0);
SET_PKE_LN_EC(curve[curve_id], x, 1);
SET_PKE_LN_EC(curve[curve_id], y, 2);
} else if (asym_op->ecdh.ke_type == RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE) {
- SET_PKE_LN(asym_op->ecdh.priv_key, qat_func_alignsize, 0);
- SET_PKE_LN(asym_op->ecdh.pub_key.x, qat_func_alignsize, 1);
- SET_PKE_LN(asym_op->ecdh.pub_key.y, qat_func_alignsize, 2);
+ SET_PKE_LN(xform->ec.pkey, qat_func_alignsize, 0);
+ SET_PKE_LN(xform->ec.q.x, qat_func_alignsize, 1);
+ SET_PKE_LN(xform->ec.q.y, qat_func_alignsize, 2);
} else {
return -EINVAL;
}
--
2.50.1
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-08-27 14:31 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-08-27 9:23 [PATCH 1/3] crypto/qat: Add ECDH, ECDSA and ECPM capabilities Radu Nicolau
2025-08-27 9:23 ` [PATCH 2/3] test/crypto: add QAT EC tests Radu Nicolau
2025-08-27 14:31 ` Ji, Kai
2025-08-27 9:23 ` [PATCH 3/3] crypto/qat: fix ECDH implementation Radu Nicolau
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).