* [v1] crypto/cnxk: support exponent type private key @ 2022-09-27 8:00 Gowrishankar Muthukrishnan 2022-10-07 12:56 ` Akhil Goyal 2022-10-11 11:19 ` [v2] " Gowrishankar Muthukrishnan 0 siblings, 2 replies; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-09-27 8:00 UTC (permalink / raw) To: dev Cc: Anoob Joseph, Ankur Dwivedi, Tejasree Kondoj, Akhil Goyal, jerinj, Gowrishankar Muthukrishnan This patch adds support for RTE_RSA_KEY_TYPE_EXP in cnxk crypto driver. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> --- drivers/crypto/cnxk/cnxk_ae.h | 60 ++++++++++++++++++++++------ drivers/crypto/cnxk/cnxk_cryptodev.c | 1 + 2 files changed, 48 insertions(+), 13 deletions(-) diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h index 4a7ce0bf40..7a61c81cfd 100644 --- a/drivers/crypto/cnxk/cnxk_ae.h +++ b/drivers/crypto/cnxk/cnxk_ae.h @@ -82,6 +82,7 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, struct rte_crypto_rsa_priv_key_qt qt = xform->rsa.qt; struct rte_crypto_rsa_xform *xfrm_rsa = &xform->rsa; struct rte_crypto_rsa_xform *rsa = &sess->rsa_ctx; + struct rte_crypto_param_t d = xform->rsa.d; size_t mod_len = xfrm_rsa->n.length; size_t exp_len = xfrm_rsa->e.length; uint64_t total_size; @@ -90,12 +91,20 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, if (qt.p.length != 0 && qt.p.data == NULL) return -EINVAL; + /* Set private key type */ + rsa->key_type = xfrm_rsa->key_type; + /* Make sure key length used is not more than mod_len/2 */ - if (qt.p.data != NULL) - len = (((mod_len / 2) < qt.p.length) ? 0 : qt.p.length); + if (rsa->key_type == RTE_RSA_KEY_TYPE_QT) { + if (qt.p.data != NULL) + len = (((mod_len / 2) < qt.p.length) ? 0 : qt.p.length * 5); + } else if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) { + if (d.length != 0) + len = d.length - exp_len; + } /* Total size required for RSA key params(n,e,(q,dQ,p,dP,qInv)) */ - total_size = mod_len + exp_len + 5 * len; + total_size = mod_len + exp_len + len; /* Allocate buffer to hold all RSA keys */ rsa->n.data = rte_malloc(NULL, total_size, 0); @@ -107,8 +116,8 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, rsa->e.data = rsa->n.data + mod_len; memcpy(rsa->e.data, xfrm_rsa->e.data, exp_len); - /* Private key in quintuple format */ - if (len != 0) { + if (rsa->key_type == RTE_RSA_KEY_TYPE_QT) { + /* Private key in quintuple format */ rsa->qt.q.data = rsa->e.data + exp_len; memcpy(rsa->qt.q.data, qt.q.data, qt.q.length); rsa->qt.dQ.data = rsa->qt.q.data + qt.q.length; @@ -126,6 +135,14 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, rsa->qt.p.length = qt.p.length; rsa->qt.dP.length = qt.dP.length; rsa->qt.qInv.length = qt.qInv.length; + } else if (d.length != 0) { + /* Private key in exponent format */ + rsa->d.data = rte_malloc(NULL, d.length, 0); + if (rsa->d.data == NULL) + return -ENOMEM; + + memcpy(rsa->d.data, d.data, d.length); + rsa->d.length = d.length; } rsa->n.length = mod_len; rsa->e.length = exp_len; @@ -200,6 +217,8 @@ cnxk_ae_free_session_parameters(struct cnxk_ae_sess *sess) case RTE_CRYPTO_ASYM_XFORM_RSA: rsa = &sess->rsa_ctx; rte_free(rsa->n.data); + if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) + rte_free(rsa->d.data); break; case RTE_CRYPTO_ASYM_XFORM_MODEX: mod = &sess->mod_ctx; @@ -295,12 +314,14 @@ cnxk_ae_rsa_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX; w4.s.param2 = exp_len; } else { - if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT || + rsa_op.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { w4.s.opcode_minor = ROC_AE_MINOR_OP_PKCS_ENC; /* Public key encrypt, use BT2*/ w4.s.param2 = ROC_AE_CPT_BLOCK_TYPE2 | ((uint16_t)(exp_len) << 1); - } else if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) { + } else if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_VERIFY || + rsa_op.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { w4.s.opcode_minor = ROC_AE_MINOR_OP_PKCS_DEC; /* Public key decrypt, use BT1 */ w4.s.param2 = ROC_AE_CPT_BLOCK_TYPE1; @@ -379,23 +400,36 @@ cnxk_ae_enqueue_rsa_op(struct rte_crypto_op *op, struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) { struct rte_crypto_rsa_op_param *rsa = &op->asym->rsa; + struct rte_crypto_rsa_xform *ctx = &sess->rsa_ctx; switch (rsa->op_type) { case RTE_CRYPTO_ASYM_OP_VERIFY: - cnxk_ae_rsa_prep(op, meta_buf, &sess->rsa_ctx, &rsa->sign, + cnxk_ae_rsa_prep(op, meta_buf, ctx, &rsa->sign, inst); break; case RTE_CRYPTO_ASYM_OP_ENCRYPT: - cnxk_ae_rsa_prep(op, meta_buf, &sess->rsa_ctx, &rsa->message, + cnxk_ae_rsa_prep(op, meta_buf, ctx, &rsa->message, inst); break; case RTE_CRYPTO_ASYM_OP_SIGN: - cnxk_ae_rsa_crt_prep(op, meta_buf, &sess->rsa_ctx, - &rsa->message, inst); + if (ctx->key_type == RTE_RSA_KEY_TYPE_QT) { + cnxk_ae_rsa_crt_prep(op, meta_buf, ctx, &rsa->message, inst); + } else { + memcpy(ctx->e.data, ctx->d.data, ctx->d.length); + ctx->e.length = ctx->d.length; + cnxk_ae_rsa_prep(op, meta_buf, ctx, + &rsa->message, inst); + } break; case RTE_CRYPTO_ASYM_OP_DECRYPT: - cnxk_ae_rsa_crt_prep(op, meta_buf, &sess->rsa_ctx, &rsa->cipher, - inst); + if (ctx->key_type == RTE_RSA_KEY_TYPE_QT) { + cnxk_ae_rsa_crt_prep(op, meta_buf, ctx, &rsa->cipher, inst); + } else { + memcpy(ctx->e.data, ctx->d.data, ctx->d.length); + ctx->e.length = ctx->d.length; + cnxk_ae_rsa_prep(op, meta_buf, ctx, + &rsa->cipher, inst); + } break; default: op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.c b/drivers/crypto/cnxk/cnxk_cryptodev.c index d67de54a7b..35635f7831 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev.c +++ b/drivers/crypto/cnxk/cnxk_cryptodev.c @@ -15,6 +15,7 @@ cnxk_cpt_default_ff_get(void) RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP | RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING | RTE_CRYPTODEV_FF_IN_PLACE_SGL | RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT | -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [v1] crypto/cnxk: support exponent type private key 2022-09-27 8:00 [v1] crypto/cnxk: support exponent type private key Gowrishankar Muthukrishnan @ 2022-10-07 12:56 ` Akhil Goyal 2022-10-11 11:19 ` [v2] " Gowrishankar Muthukrishnan 1 sibling, 0 replies; 6+ messages in thread From: Akhil Goyal @ 2022-10-07 12:56 UTC (permalink / raw) To: Gowrishankar Muthukrishnan, dev Cc: Anoob Joseph, Ankur Dwivedi, Tejasree Kondoj, Jerin Jacob Kollanukkaran, Gowrishankar Muthukrishnan > Subject: [v1] crypto/cnxk: support exponent type private key > > This patch adds support for RTE_RSA_KEY_TYPE_EXP in cnxk crypto > driver. > > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> > --- > drivers/crypto/cnxk/cnxk_ae.h | 60 ++++++++++++++++++++++------ > drivers/crypto/cnxk/cnxk_cryptodev.c | 1 + > 2 files changed, 48 insertions(+), 13 deletions(-) Please also update cn9k.ini and cn10k.ini file for the feature supported. ^ permalink raw reply [flat|nested] 6+ messages in thread
* [v2] crypto/cnxk: support exponent type private key 2022-09-27 8:00 [v1] crypto/cnxk: support exponent type private key Gowrishankar Muthukrishnan 2022-10-07 12:56 ` Akhil Goyal @ 2022-10-11 11:19 ` Gowrishankar Muthukrishnan 2022-10-12 4:17 ` [v3] " Gowrishankar Muthukrishnan 1 sibling, 1 reply; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-10-11 11:19 UTC (permalink / raw) To: dev Cc: Anoob Joseph, Ankur Dwivedi, Tejasree Kondoj, Akhil Goyal, jerinj, Gowrishankar Muthukrishnan This patch adds support for RTE_RSA_KEY_TYPE_EXP in cnxk crypto driver. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> -- v2: - new function to handle exp type priv key. --- drivers/crypto/cnxk/cnxk_ae.h | 112 ++++++++++++++++++++++----- drivers/crypto/cnxk/cnxk_cryptodev.c | 1 + 2 files changed, 93 insertions(+), 20 deletions(-) diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h index 4a7ce0bf40..adf719da73 100644 --- a/drivers/crypto/cnxk/cnxk_ae.h +++ b/drivers/crypto/cnxk/cnxk_ae.h @@ -82,20 +82,31 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, struct rte_crypto_rsa_priv_key_qt qt = xform->rsa.qt; struct rte_crypto_rsa_xform *xfrm_rsa = &xform->rsa; struct rte_crypto_rsa_xform *rsa = &sess->rsa_ctx; + struct rte_crypto_param_t d = xform->rsa.d; size_t mod_len = xfrm_rsa->n.length; size_t exp_len = xfrm_rsa->e.length; uint64_t total_size; size_t len = 0; - if (qt.p.length != 0 && qt.p.data == NULL) - return -EINVAL; + /* Set private key type */ + rsa->key_type = xfrm_rsa->key_type; + + if (rsa->key_type == RTE_RSA_KEY_TYPE_QT) { + if (qt.p.length != 0 && qt.p.data == NULL) + return -EINVAL; + + /* Make sure key length used is not more than mod_len/2 */ + if (qt.p.data != NULL) + len = (((mod_len / 2) < qt.p.length) ? 0 : qt.p.length * 5); + } else if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) { + if (d.length != 0 && d.data == NULL) + return -EINVAL; - /* Make sure key length used is not more than mod_len/2 */ - if (qt.p.data != NULL) - len = (((mod_len / 2) < qt.p.length) ? 0 : qt.p.length); + len = d.length; + } /* Total size required for RSA key params(n,e,(q,dQ,p,dP,qInv)) */ - total_size = mod_len + exp_len + 5 * len; + total_size = mod_len + exp_len + len; /* Allocate buffer to hold all RSA keys */ rsa->n.data = rte_malloc(NULL, total_size, 0); @@ -107,8 +118,8 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, rsa->e.data = rsa->n.data + mod_len; memcpy(rsa->e.data, xfrm_rsa->e.data, exp_len); - /* Private key in quintuple format */ - if (len != 0) { + if (rsa->key_type == RTE_RSA_KEY_TYPE_QT) { + /* Private key in quintuple format */ rsa->qt.q.data = rsa->e.data + exp_len; memcpy(rsa->qt.q.data, qt.q.data, qt.q.length); rsa->qt.dQ.data = rsa->qt.q.data + qt.q.length; @@ -126,6 +137,11 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, rsa->qt.p.length = qt.p.length; rsa->qt.dP.length = qt.dP.length; rsa->qt.qInv.length = qt.qInv.length; + } else if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) { + /* Private key in exponent format */ + rsa->d.data = rsa->e.data + exp_len; + memcpy(rsa->d.data, d.data, d.length); + rsa->d.length = d.length; } rsa->n.length = mod_len; rsa->e.length = exp_len; @@ -316,10 +332,64 @@ cnxk_ae_rsa_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, inst->rptr = (uintptr_t)dptr; } +static __rte_always_inline void +cnxk_ae_rsa_exp_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, + struct rte_crypto_rsa_xform *rsa, rte_crypto_param *crypto_param, + struct cpt_inst_s *inst) +{ + struct rte_crypto_rsa_op_param rsa_op; + uint32_t privkey_len = rsa->d.length; + uint32_t mod_len = rsa->n.length; + union cpt_inst_w4 w4; + uint32_t in_size; + uint32_t dlen; + uint8_t *dptr; + + rsa_op = op->asym->rsa; + + /* Input buffer */ + dptr = meta_buf->vaddr; + inst->dptr = (uintptr_t)dptr; + memcpy(dptr, rsa->n.data, mod_len); + dptr += mod_len; + memcpy(dptr, rsa->d.data, privkey_len); + dptr += privkey_len; + + in_size = crypto_param->length; + memcpy(dptr, crypto_param->data, in_size); + + dptr += in_size; + dlen = mod_len + privkey_len + in_size; + + if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) { + /* Use mod_exp operation for no_padding type */ + w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX; + w4.s.param2 = privkey_len; + } else { + if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { + w4.s.opcode_minor = ROC_AE_MINOR_OP_PKCS_ENC; + /* Private key encrypt (exponent), use BT1*/ + w4.s.param2 = ROC_AE_CPT_BLOCK_TYPE1 | ((uint16_t)(privkey_len) << 1); + } else if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { + w4.s.opcode_minor = ROC_AE_MINOR_OP_PKCS_DEC; + /* Private key decrypt (exponent), use BT2 */ + w4.s.param2 = ROC_AE_CPT_BLOCK_TYPE2; + } + } + + w4.s.opcode_major = ROC_AE_MAJOR_OP_MODEX; + + w4.s.param1 = mod_len; + w4.s.dlen = dlen; + + inst->w4.u64 = w4.u64; + inst->rptr = (uintptr_t)dptr; +} + static __rte_always_inline void cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, - struct rte_crypto_rsa_xform *rsa, - rte_crypto_param *crypto_param, struct cpt_inst_s *inst) + struct rte_crypto_rsa_xform *rsa, rte_crypto_param *crypto_param, + struct cpt_inst_s *inst) { uint32_t qInv_len = rsa->qt.qInv.length; struct rte_crypto_rsa_op_param rsa_op; @@ -374,28 +444,30 @@ cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, } static __rte_always_inline int __rte_hot -cnxk_ae_enqueue_rsa_op(struct rte_crypto_op *op, - struct roc_ae_buf_ptr *meta_buf, +cnxk_ae_enqueue_rsa_op(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) { struct rte_crypto_rsa_op_param *rsa = &op->asym->rsa; + struct rte_crypto_rsa_xform *ctx = &sess->rsa_ctx; switch (rsa->op_type) { case RTE_CRYPTO_ASYM_OP_VERIFY: - cnxk_ae_rsa_prep(op, meta_buf, &sess->rsa_ctx, &rsa->sign, - inst); + cnxk_ae_rsa_prep(op, meta_buf, ctx, &rsa->sign, inst); break; case RTE_CRYPTO_ASYM_OP_ENCRYPT: - cnxk_ae_rsa_prep(op, meta_buf, &sess->rsa_ctx, &rsa->message, - inst); + cnxk_ae_rsa_prep(op, meta_buf, ctx, &rsa->message, inst); break; case RTE_CRYPTO_ASYM_OP_SIGN: - cnxk_ae_rsa_crt_prep(op, meta_buf, &sess->rsa_ctx, - &rsa->message, inst); + if (ctx->key_type == RTE_RSA_KEY_TYPE_QT) + cnxk_ae_rsa_crt_prep(op, meta_buf, ctx, &rsa->message, inst); + else + cnxk_ae_rsa_exp_prep(op, meta_buf, ctx, &rsa->message, inst); break; case RTE_CRYPTO_ASYM_OP_DECRYPT: - cnxk_ae_rsa_crt_prep(op, meta_buf, &sess->rsa_ctx, &rsa->cipher, - inst); + if (ctx->key_type == RTE_RSA_KEY_TYPE_QT) + cnxk_ae_rsa_crt_prep(op, meta_buf, ctx, &rsa->cipher, inst); + else + cnxk_ae_rsa_exp_prep(op, meta_buf, ctx, &rsa->cipher, inst); break; default: op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.c b/drivers/crypto/cnxk/cnxk_cryptodev.c index d67de54a7b..35635f7831 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev.c +++ b/drivers/crypto/cnxk/cnxk_cryptodev.c @@ -15,6 +15,7 @@ cnxk_cpt_default_ff_get(void) RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP | RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING | RTE_CRYPTODEV_FF_IN_PLACE_SGL | RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT | -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [v3] crypto/cnxk: support exponent type private key 2022-10-11 11:19 ` [v2] " Gowrishankar Muthukrishnan @ 2022-10-12 4:17 ` Gowrishankar Muthukrishnan 2022-10-12 6:35 ` Anoob Joseph 2022-10-12 18:49 ` Akhil Goyal 0 siblings, 2 replies; 6+ messages in thread From: Gowrishankar Muthukrishnan @ 2022-10-12 4:17 UTC (permalink / raw) To: dev Cc: Anoob Joseph, Ankur Dwivedi, Tejasree Kondoj, Akhil Goyal, jerinj, Gowrishankar Muthukrishnan This patch adds support for RTE_RSA_KEY_TYPE_EXP in cnxk crypto driver. Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> -- v3: - .ini updates. v2: - new function to handle exp type priv key. --- doc/guides/cryptodevs/features/cn10k.ini | 2 + doc/guides/cryptodevs/features/cn9k.ini | 2 + drivers/crypto/cnxk/cnxk_ae.h | 112 +++++++++++++++++++---- drivers/crypto/cnxk/cnxk_cryptodev.c | 1 + 4 files changed, 97 insertions(+), 20 deletions(-) diff --git a/doc/guides/cryptodevs/features/cn10k.ini b/doc/guides/cryptodevs/features/cn10k.ini index 166fca5adb..6e4e0e0095 100644 --- a/doc/guides/cryptodevs/features/cn10k.ini +++ b/doc/guides/cryptodevs/features/cn10k.ini @@ -14,6 +14,8 @@ OOP SGL In LB Out = Y OOP SGL In SGL Out = Y OOP LB In LB Out = Y Symmetric sessionless = Y +RSA PRIV OP KEY EXP = Y +RSA PRIV OP KEY QT = Y Digest encrypted = Y Inner checksum = Y diff --git a/doc/guides/cryptodevs/features/cn9k.ini b/doc/guides/cryptodevs/features/cn9k.ini index c3d131db1a..f9c896f6bd 100644 --- a/doc/guides/cryptodevs/features/cn9k.ini +++ b/doc/guides/cryptodevs/features/cn9k.ini @@ -14,6 +14,8 @@ OOP SGL In LB Out = Y OOP SGL In SGL Out = Y OOP LB In LB Out = Y Symmetric sessionless = Y +RSA PRIV OP KEY EXP = Y +RSA PRIV OP KEY QT = Y Digest encrypted = Y ; diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h index 4a7ce0bf40..adf719da73 100644 --- a/drivers/crypto/cnxk/cnxk_ae.h +++ b/drivers/crypto/cnxk/cnxk_ae.h @@ -82,20 +82,31 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, struct rte_crypto_rsa_priv_key_qt qt = xform->rsa.qt; struct rte_crypto_rsa_xform *xfrm_rsa = &xform->rsa; struct rte_crypto_rsa_xform *rsa = &sess->rsa_ctx; + struct rte_crypto_param_t d = xform->rsa.d; size_t mod_len = xfrm_rsa->n.length; size_t exp_len = xfrm_rsa->e.length; uint64_t total_size; size_t len = 0; - if (qt.p.length != 0 && qt.p.data == NULL) - return -EINVAL; + /* Set private key type */ + rsa->key_type = xfrm_rsa->key_type; + + if (rsa->key_type == RTE_RSA_KEY_TYPE_QT) { + if (qt.p.length != 0 && qt.p.data == NULL) + return -EINVAL; + + /* Make sure key length used is not more than mod_len/2 */ + if (qt.p.data != NULL) + len = (((mod_len / 2) < qt.p.length) ? 0 : qt.p.length * 5); + } else if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) { + if (d.length != 0 && d.data == NULL) + return -EINVAL; - /* Make sure key length used is not more than mod_len/2 */ - if (qt.p.data != NULL) - len = (((mod_len / 2) < qt.p.length) ? 0 : qt.p.length); + len = d.length; + } /* Total size required for RSA key params(n,e,(q,dQ,p,dP,qInv)) */ - total_size = mod_len + exp_len + 5 * len; + total_size = mod_len + exp_len + len; /* Allocate buffer to hold all RSA keys */ rsa->n.data = rte_malloc(NULL, total_size, 0); @@ -107,8 +118,8 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, rsa->e.data = rsa->n.data + mod_len; memcpy(rsa->e.data, xfrm_rsa->e.data, exp_len); - /* Private key in quintuple format */ - if (len != 0) { + if (rsa->key_type == RTE_RSA_KEY_TYPE_QT) { + /* Private key in quintuple format */ rsa->qt.q.data = rsa->e.data + exp_len; memcpy(rsa->qt.q.data, qt.q.data, qt.q.length); rsa->qt.dQ.data = rsa->qt.q.data + qt.q.length; @@ -126,6 +137,11 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess, rsa->qt.p.length = qt.p.length; rsa->qt.dP.length = qt.dP.length; rsa->qt.qInv.length = qt.qInv.length; + } else if (rsa->key_type == RTE_RSA_KEY_TYPE_EXP) { + /* Private key in exponent format */ + rsa->d.data = rsa->e.data + exp_len; + memcpy(rsa->d.data, d.data, d.length); + rsa->d.length = d.length; } rsa->n.length = mod_len; rsa->e.length = exp_len; @@ -316,10 +332,64 @@ cnxk_ae_rsa_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, inst->rptr = (uintptr_t)dptr; } +static __rte_always_inline void +cnxk_ae_rsa_exp_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, + struct rte_crypto_rsa_xform *rsa, rte_crypto_param *crypto_param, + struct cpt_inst_s *inst) +{ + struct rte_crypto_rsa_op_param rsa_op; + uint32_t privkey_len = rsa->d.length; + uint32_t mod_len = rsa->n.length; + union cpt_inst_w4 w4; + uint32_t in_size; + uint32_t dlen; + uint8_t *dptr; + + rsa_op = op->asym->rsa; + + /* Input buffer */ + dptr = meta_buf->vaddr; + inst->dptr = (uintptr_t)dptr; + memcpy(dptr, rsa->n.data, mod_len); + dptr += mod_len; + memcpy(dptr, rsa->d.data, privkey_len); + dptr += privkey_len; + + in_size = crypto_param->length; + memcpy(dptr, crypto_param->data, in_size); + + dptr += in_size; + dlen = mod_len + privkey_len + in_size; + + if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) { + /* Use mod_exp operation for no_padding type */ + w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX; + w4.s.param2 = privkey_len; + } else { + if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { + w4.s.opcode_minor = ROC_AE_MINOR_OP_PKCS_ENC; + /* Private key encrypt (exponent), use BT1*/ + w4.s.param2 = ROC_AE_CPT_BLOCK_TYPE1 | ((uint16_t)(privkey_len) << 1); + } else if (rsa_op.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { + w4.s.opcode_minor = ROC_AE_MINOR_OP_PKCS_DEC; + /* Private key decrypt (exponent), use BT2 */ + w4.s.param2 = ROC_AE_CPT_BLOCK_TYPE2; + } + } + + w4.s.opcode_major = ROC_AE_MAJOR_OP_MODEX; + + w4.s.param1 = mod_len; + w4.s.dlen = dlen; + + inst->w4.u64 = w4.u64; + inst->rptr = (uintptr_t)dptr; +} + static __rte_always_inline void cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, - struct rte_crypto_rsa_xform *rsa, - rte_crypto_param *crypto_param, struct cpt_inst_s *inst) + struct rte_crypto_rsa_xform *rsa, rte_crypto_param *crypto_param, + struct cpt_inst_s *inst) { uint32_t qInv_len = rsa->qt.qInv.length; struct rte_crypto_rsa_op_param rsa_op; @@ -374,28 +444,30 @@ cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, } static __rte_always_inline int __rte_hot -cnxk_ae_enqueue_rsa_op(struct rte_crypto_op *op, - struct roc_ae_buf_ptr *meta_buf, +cnxk_ae_enqueue_rsa_op(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) { struct rte_crypto_rsa_op_param *rsa = &op->asym->rsa; + struct rte_crypto_rsa_xform *ctx = &sess->rsa_ctx; switch (rsa->op_type) { case RTE_CRYPTO_ASYM_OP_VERIFY: - cnxk_ae_rsa_prep(op, meta_buf, &sess->rsa_ctx, &rsa->sign, - inst); + cnxk_ae_rsa_prep(op, meta_buf, ctx, &rsa->sign, inst); break; case RTE_CRYPTO_ASYM_OP_ENCRYPT: - cnxk_ae_rsa_prep(op, meta_buf, &sess->rsa_ctx, &rsa->message, - inst); + cnxk_ae_rsa_prep(op, meta_buf, ctx, &rsa->message, inst); break; case RTE_CRYPTO_ASYM_OP_SIGN: - cnxk_ae_rsa_crt_prep(op, meta_buf, &sess->rsa_ctx, - &rsa->message, inst); + if (ctx->key_type == RTE_RSA_KEY_TYPE_QT) + cnxk_ae_rsa_crt_prep(op, meta_buf, ctx, &rsa->message, inst); + else + cnxk_ae_rsa_exp_prep(op, meta_buf, ctx, &rsa->message, inst); break; case RTE_CRYPTO_ASYM_OP_DECRYPT: - cnxk_ae_rsa_crt_prep(op, meta_buf, &sess->rsa_ctx, &rsa->cipher, - inst); + if (ctx->key_type == RTE_RSA_KEY_TYPE_QT) + cnxk_ae_rsa_crt_prep(op, meta_buf, ctx, &rsa->cipher, inst); + else + cnxk_ae_rsa_exp_prep(op, meta_buf, ctx, &rsa->cipher, inst); break; default: op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.c b/drivers/crypto/cnxk/cnxk_cryptodev.c index d67de54a7b..35635f7831 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev.c +++ b/drivers/crypto/cnxk/cnxk_cryptodev.c @@ -15,6 +15,7 @@ cnxk_cpt_default_ff_get(void) RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP | RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING | RTE_CRYPTODEV_FF_IN_PLACE_SGL | RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT | -- 2.25.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [v3] crypto/cnxk: support exponent type private key 2022-10-12 4:17 ` [v3] " Gowrishankar Muthukrishnan @ 2022-10-12 6:35 ` Anoob Joseph 2022-10-12 18:49 ` Akhil Goyal 1 sibling, 0 replies; 6+ messages in thread From: Anoob Joseph @ 2022-10-12 6:35 UTC (permalink / raw) To: Gowrishankar Muthukrishnan, dev Cc: Ankur Dwivedi, Tejasree Kondoj, Akhil Goyal, Jerin Jacob Kollanukkaran, Gowrishankar Muthukrishnan > > This patch adds support for RTE_RSA_KEY_TYPE_EXP in cnxk crypto driver. > > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> > -- > v3: > - .ini updates. > v2: > - new function to handle exp type priv key. > --- > doc/guides/cryptodevs/features/cn10k.ini | 2 + > doc/guides/cryptodevs/features/cn9k.ini | 2 + > drivers/crypto/cnxk/cnxk_ae.h | 112 +++++++++++++++++++---- > drivers/crypto/cnxk/cnxk_cryptodev.c | 1 + > 4 files changed, 97 insertions(+), 20 deletions(-) Acked-by: Anoob Joseph <anoobj@marvell.com> ^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [v3] crypto/cnxk: support exponent type private key 2022-10-12 4:17 ` [v3] " Gowrishankar Muthukrishnan 2022-10-12 6:35 ` Anoob Joseph @ 2022-10-12 18:49 ` Akhil Goyal 1 sibling, 0 replies; 6+ messages in thread From: Akhil Goyal @ 2022-10-12 18:49 UTC (permalink / raw) To: Gowrishankar Muthukrishnan, dev Cc: Anoob Joseph, Ankur Dwivedi, Tejasree Kondoj, Jerin Jacob Kollanukkaran, Gowrishankar Muthukrishnan > Subject: [v3] crypto/cnxk: support exponent type private key > > This patch adds support for RTE_RSA_KEY_TYPE_EXP in cnxk crypto > driver. > > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> > -- Applied to dpdk-next-crypto Thanks. ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-10-12 18:49 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-09-27 8:00 [v1] crypto/cnxk: support exponent type private key Gowrishankar Muthukrishnan 2022-10-07 12:56 ` Akhil Goyal 2022-10-11 11:19 ` [v2] " Gowrishankar Muthukrishnan 2022-10-12 4:17 ` [v3] " Gowrishankar Muthukrishnan 2022-10-12 6:35 ` Anoob Joseph 2022-10-12 18:49 ` Akhil Goyal
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).