From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9046245AD8; Mon, 7 Oct 2024 18:27:41 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2AC944026C; Mon, 7 Oct 2024 18:27:41 +0200 (CEST) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by mails.dpdk.org (Postfix) with ESMTP id 576794021E for ; Mon, 7 Oct 2024 18:27:39 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1728318459; x=1759854459; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=/aZ2jT03anlK+W0D69B+lpHCLqA6M7y5XHqd2aGY7r8=; b=J5+/uEuyEPSpSAFWZFiy6x3AT5NI7/mzq/4YAE1t+sArE8dVMm95RKAD eAN6HxLjEhY8Mmn8w6ngP19X0hk8W2Nx8268+E3yZlpp1KqgX126zKvsS 6kNA7iLPdAsCLIytggI05qwnWMo6XxEc5w//NhUi40KdU5MzRWWl+lZZQ qB0Lww8+NbtzxT0fw3+zaRMetx2ZjDAzz1aDpkkwcdoTHaGD5rfbufyQ2 75MKPn0+1pPaOHeusVev3Kd4JPKe0IbcrjmBz0i1Wi02kLW9VfQ+VLsJQ F6X6R35qkq7Bm0nWWUyQmnwi4Mwlzh2DC1KRIK7B83D35h7IJz67evPWg A==; X-CSE-ConnectionGUID: QDj2aoT4QVqiwLCrCyKL4A== X-CSE-MsgGUID: i7cF34h3SQqXMQU69BdxOw== X-IronPort-AV: E=McAfee;i="6700,10204,11218"; a="27646948" X-IronPort-AV: E=Sophos;i="6.11,184,1725346800"; d="scan'208";a="27646948" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Oct 2024 09:27:38 -0700 X-CSE-ConnectionGUID: ihAkqFiXTsWHC4fP1lNrdg== X-CSE-MsgGUID: tPAMs6ocSvObRMwP7uC/kw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,184,1725346800"; d="scan'208";a="106375540" Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by orviesa002.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 07 Oct 2024 09:27:38 -0700 Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Mon, 7 Oct 2024 09:27:37 -0700 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39 via Frontend Transport; Mon, 7 Oct 2024 09:27:37 -0700 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.177) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Mon, 7 Oct 2024 09:27:37 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=J6K6lSJOo0FBkPdhCLwR0G7TBXW/D6YrKtcMWxcZ1xIZGZ8ARsHiTL9ntb6/1/PrsgxuwrPTdtbgVr6Oc0/n1QYaxihpXINnpvNW5i/3y1BO2RU/B2CIT/UJtCHKOqFlgw2aYPTqlMl9lzecd2jAAiNKY0rVUgZ5RDppxHkVVI5//RCP6nsEDFbC9Yhhf7LZWrilhYoZrooR1DkitA0Edymf+Qv4hXp+1vkl4uT+1MXZEyK7DZpuWSVJ5shtDLrUGYFYm9nf71THv/CN7doJDxMYhNPhTvGJ6gMV2YR4Q6ZJplZArzHf7apZtG4tCHavloVCI+O0ZBmlnKlN8I8jjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9+SOx+icwy8AERV8JMZOjOq3GNO9BlXFY3iED3D2V68=; b=QL2LarwZEucuL1dNuinp66ecbJ/5NULpwYeKXd1eVWggNZ5TG9JJ25JRNiozUaV3lzDW/gkbBBX+5tltbcdoWsS86g2h4Zcb4SdyMEcwfUy3Y3vlwa3hGPES5F5KS4c+xxqkAf3APs+ZqLcejEXDMdV/U1qlFPum2BjNNrQKx0ae/EBsNTMAzixN3hIBokz+O7Ni3MYTZhbvEoaSehuaxJZ9Ojf98uGoI+KvEWyCcb+rNVtjwnnOzIfbDY/pdimBVN/gZejyiIIFYi663pSpxzLhClGDFIHyO/E6/9s979EWA1MX3A6IhaRmKsDlhGAaEyaVznmz9znqu5VckU8g9A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5013.namprd11.prod.outlook.com (2603:10b6:510:30::21) by SN7PR11MB7066.namprd11.prod.outlook.com (2603:10b6:806:299::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.22; Mon, 7 Oct 2024 16:27:34 +0000 Received: from PH0PR11MB5013.namprd11.prod.outlook.com ([fe80::1c54:1589:8882:d22b]) by PH0PR11MB5013.namprd11.prod.outlook.com ([fe80::1c54:1589:8882:d22b%3]) with mapi id 15.20.8026.020; Mon, 7 Oct 2024 16:27:34 +0000 From: "Kusztal, ArkadiuszX" To: Gowrishankar Muthukrishnan , "dev@dpdk.org" , "Ji, Kai" CC: Anoob Joseph , "Richardson, Bruce" , "jerinj@marvell.com" , "fanzhang.oss@gmail.com" , "jack.bond-preston@foss.arm.com" , "Marchand, David" , "hemant.agrawal@nxp.com" , "De Lara Guarch, Pablo" , "Trahe, Fiona" , "Doherty, Declan" , "matan@nvidia.com" , "ruifeng.wang@arm.com" , "Akhil Goyal" Subject: RE: [PATCH v6 2/6] crypto/openssl: support EDDSA Thread-Topic: [PATCH v6 2/6] crypto/openssl: support EDDSA Thread-Index: AQHbFjcpNcj6xbS8rEKysAEJOozkJbJ7fN4w Date: Mon, 7 Oct 2024 16:27:34 +0000 Message-ID: References: <20241004053059.319-1-gmuthukrishn@marvell.com> <20241004082623.714-1-gmuthukrishn@marvell.com> <20241004082623.714-2-gmuthukrishn@marvell.com> In-Reply-To: <20241004082623.714-2-gmuthukrishn@marvell.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PH0PR11MB5013:EE_|SN7PR11MB7066:EE_ x-ms-office365-filtering-correlation-id: d0eb736e-6f36-4d4e-de01-08dce6ecf2ea x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; ARA:13230040|7416014|366016|376014|1800799024|38070700018; x-microsoft-antispam-message-info: =?us-ascii?Q?A2u8xMxnca3a1ksJ/M2JtE8yr0XRR3MkhhfGQHJShh8PVAbPZw5tk4taNlgM?= =?us-ascii?Q?caBvLXrNf+iZxMyJB08evBJGWl6fwGu4g+lv+7GRtiajSYiQoXU+NIrcBVCm?= =?us-ascii?Q?AJVIeMrM2oFYMxOCJvIpU7WKvTlbHZshwM6vMdsDsMuaBaPpvVdKynKfpSJk?= =?us-ascii?Q?d+KljUZIdkcCTmWb6arBsDt/U1ItqS8Z754W6DiCAGPE2SwCr7aoNiEXotA6?= =?us-ascii?Q?OWsCrejTeE5H/urUOLYLvJtQhqxrBSfrj9Qs/ltXDFzHqc0tf08iyy/7gZ13?= =?us-ascii?Q?sIZN8Q9n62LBAAhenDJBJGLKD4MGPabaumSuzUzzwD6oOjV8hWfQpK9k+g2k?= =?us-ascii?Q?3JIpGbYGLFe55gmckdUskoGBCKD6l/3j7Fiy7JzqbG2GysZEfRNDhP/iNZ+p?= =?us-ascii?Q?DPwBdGATFl3GTCZGZY11DM8c6idSWbcK1rfyDsxupgMy3suMEqnijPYcWyjW?= =?us-ascii?Q?4gBfmwDdWT74QIRDLRaoDK+FtE8xMt4PpnWkaoqwZjWQknf6hWe2yJ9m4+Sn?= =?us-ascii?Q?okA/vvWal6tvSnAxm4yHtYj/eAUl1e91uBAY5FlKnuNlAWYlk6ZSyVcKZAaV?= =?us-ascii?Q?HvCPIQ7iC69HMH0MhFzODEbQH5CCwOYh0OZL3Lye9W5Ue4n6eBA/shBx0XKX?= =?us-ascii?Q?AQgAVbIjMrSu1aahoBxchdBndF6xVo5j7mKt8YHdsYIH5qloc/wg0ZA6l+Hn?= =?us-ascii?Q?VGedSpu7RCgIihxx0+wEiIq70djKpQwTry2TBmlrpwV26UqQ8KFSUp3XLew+?= =?us-ascii?Q?8Bwd+gL93FktH4U6pY8fC0snBMz3A11ovT+8uSW+/0UoM3km4FgKgC7WRPZd?= =?us-ascii?Q?wDFg3HpuWhsjanU5DIrnLvbQXzdhv/TdHpjZ3ru0Rqrx0UyOifQoTPcxq11v?= =?us-ascii?Q?0o//3MkcbNfvEtV9Fxt2j3qtOoUUBvWeCDUYWDAdMwhV52pNC8D1/phac73p?= =?us-ascii?Q?Jh81Cbva7QJmyVlD4Mb4eKd/+ZU8OiqbDzHyLx1ExLr4lrjqTp4WHjZjSGe9?= =?us-ascii?Q?UHhToaUK0x+CvPv1otE8jiskHWWu/LOuZPErIkx2NTC27xXTnT7q74iO+4VP?= =?us-ascii?Q?ag4bIEDR06D972d7sY6IGuCQhRMyncNFOGOiGq24KOa/qXVEBGL1toBCx882?= =?us-ascii?Q?Lz25n7aOXSdta59l6MYq51VCVBUZ+gDkXaNiHIQaMQyYkWIi7btS+NEGjHPt?= =?us-ascii?Q?zwBfiTRS/6TqvKbxkpx3Tw4wgAyrrkRYTYLosAz17ahmhMnIOQjeRXJ4Mq+H?= =?us-ascii?Q?08A5SMhQt4d+IsqhJXJxkZT3FGVNgPBBmQ/Z4tYg3+wGmccxUuJ8+bpTlYEa?= =?us-ascii?Q?I8+teeQJrUIVItRDCiVyTaf5hlM0PiQZQlM2eTerzRDiDg=3D=3D?= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB5013.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230040)(7416014)(366016)(376014)(1800799024)(38070700018); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?kehqa95/oFqmZx00uBsw03LE2yNEbOFBYa6Kaepfk0gUM6noi6wksLF8z/gK?= =?us-ascii?Q?JwU83KIjg/wg2iLnUMd43AvtsegwDXtbkachTXcIuF7b81rcKige7tkB+16T?= =?us-ascii?Q?I7ErP8QxAuz8v1XzzdK6hnTf4LJXtZAxg0A2OtYXhymg05prsQyJYzZ9R5Ev?= =?us-ascii?Q?liAdurbRRtqhlltwuHSZKSyzqM+ceXnWFTgJrNOuB8MoiQScXeNwRFAqtOlq?= =?us-ascii?Q?WXaVIa1pN+75VsrEfxnYTdXRGpHUUGQEjczDL6uz5wJ0Dzm4tO2mZ6CNhEMo?= =?us-ascii?Q?cj9p45u6GtVhqSeYombeb8mPdnOBH7/omYjTh/a7qBzqCNwMCnjqyzOeXrew?= =?us-ascii?Q?2S70dyfBkuRtW3NItPTcobhD8kTxZ402W2X2cbrXIEpUhTieW6qfGtX1W/XE?= =?us-ascii?Q?FdoPmFTyCEeJYg88CzI7etptvqMgWbBahLoIehxNAp0vxiDVqKTG/Mi7M8KA?= =?us-ascii?Q?n1+gDce5XFKrXP5a3SSWzOrivJP9bFVGgLG7cvm15Z1K1/Ooczwo1GgwlulW?= =?us-ascii?Q?DNpLjzhPHy56YlP5k0KKhw0upkIOlc7yiptvSM62u4bdyWwpiOPXQqeFKi0O?= =?us-ascii?Q?c5OAbJW06FmWrc6LF43+2kvwNhVaCejrVCbZiGKC4B14zBgY3m+acMzRZcNo?= =?us-ascii?Q?l035vG1MszJ9LPDzL17tnMhQZwLVNl75Ord8yK1T/zoYr98FDPQ9r4v2zWI8?= =?us-ascii?Q?fPPzrHQoHgGn/SMHrGUjbUvSqMF8iI4wvVEqYf7EgRkbdSI7K9bLGM1a2n3s?= =?us-ascii?Q?Cyb+npsWP6KhyHnuPASE+2pPibCU5bFtIiW+wAINoO0AB2DYuFK7mzQJgLhm?= =?us-ascii?Q?1fz0Mlq+anopnDalJo8HQ4phe0DD5TnvZTECxFAaG//hjSMovhetKKFVvwFl?= =?us-ascii?Q?GPm+vUeQ6ntRgpbAZzmbFI+m9CelSeIhcdHNY/gttiONJ+y7UQAOtmpVrHJ7?= =?us-ascii?Q?C0tf69ThiEoz2BmcNd8mPB6+uFfZbVWpSP0VuIGO0PToRJRUhIHZnZBuFhDK?= =?us-ascii?Q?pr26o2bfOtJZ+TobxJB0dDGO5JAoyfglVgpcnbKIlZznhCas3c8+wI0da/75?= =?us-ascii?Q?6+VR2JYXtPdRvaoV0W8rwgTjB8KpE/NsUbyCDHCZZWdjxhbtZ3se2Wk53qUT?= =?us-ascii?Q?Slt6uEkXGo0ihWR29v6zWVfgBbX3f3Xq9R2iosQHYnS0oc/XeCi/sI5wv2zh?= =?us-ascii?Q?rx4s3q4Tc7G4AfcW9bdxNCxhXktIPH5+MVPfw09af/MB2l2ynRV0YJDYwGUl?= =?us-ascii?Q?X2s5dCnXijOYeegILW1AVfC66zQXvsyJEMWjoHkPunYqSt8odYUmzzbaKiO9?= =?us-ascii?Q?Fb8ned89gilDyI0AKFM6avICn7LBKiA0xQwVUpNwfJHw7ya1gZQrdZN3kax2?= =?us-ascii?Q?nYJl4IFIUwv0ms3reuC10/OWSixwmwj49mO7ZoFxyL+QZkKyYUlIZ9JNqM4F?= =?us-ascii?Q?57ioBn8NE8F0A/AQuZA2txPhiZaZHVv/qRoJLZPWJuSX4Xcw6M2WoT9HegGS?= =?us-ascii?Q?/8s1PgugFD9x7gnLQhXsJs60FvNcdPY0DanEP75G/jo69wxPhrxhN/Jzmn8a?= =?us-ascii?Q?Fk06sRtIWZFhFw3PQObne+vx77DH4QQf25OAQF36IpNbZIbYytNuNj9ct3vs?= =?us-ascii?Q?nA=3D=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5013.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d0eb736e-6f36-4d4e-de01-08dce6ecf2ea X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Oct 2024 16:27:34.1904 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: SBXjYSIbkkJ56HVQBqMDZRJMGE3X0Atq7crT0i3Afx549DT1JYr0+SYMgG9U03AtdcedYJ0kr0+JiwYJMnPzFOzRIJFL1Caba60kdMaiRXU= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR11MB7066 X-OriginatorOrg: intel.com X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Hi Gowrishankar, > -----Original Message----- > From: Gowrishankar Muthukrishnan > Sent: Friday, October 4, 2024 10:26 AM > To: dev@dpdk.org; Ji, Kai > Cc: Anoob Joseph ; Richardson, Bruce > ; jerinj@marvell.com; fanzhang.oss@gmail.com; > Kusztal, ArkadiuszX ; jack.bond- > preston@foss.arm.com; Marchand, David ; > hemant.agrawal@nxp.com; De Lara Guarch, Pablo > ; Trahe, Fiona ; > Doherty, Declan ; matan@nvidia.com; > ruifeng.wang@arm.com; Akhil Goyal ; Gowrishankar > Muthukrishnan > Subject: [PATCH v6 2/6] crypto/openssl: support EDDSA >=20 > Support EDDSA crypto algorithm in OpenSSL PMD. >=20 > Signed-off-by: Gowrishankar Muthukrishnan > --- > doc/guides/cryptodevs/features/openssl.ini | 1 + > drivers/crypto/openssl/openssl_pmd_private.h | 13 ++ > drivers/crypto/openssl/rte_openssl_pmd.c | 223 +++++++++++++++++++ > drivers/crypto/openssl/rte_openssl_pmd_ops.c | 131 +++++++++++ > 4 files changed, 368 insertions(+) >=20 > diff --git a/doc/guides/cryptodevs/features/openssl.ini > b/doc/guides/cryptodevs/features/openssl.ini > index b64c8ec4a5..0540c075dc 100644 > --- a/doc/guides/cryptodevs/features/openssl.ini > +++ b/doc/guides/cryptodevs/features/openssl.ini > @@ -66,6 +66,7 @@ Modular Exponentiation =3D Y Modular Inversion =3D Y = Diffie- > hellman =3D Y > SM2 =3D Y > +EDDSA =3D Y >=20 > ; > ; Supported Operating systems of the 'openssl' crypto driver. > diff --git a/drivers/crypto/openssl/openssl_pmd_private.h > b/drivers/crypto/openssl/openssl_pmd_private.h > index 0282b3d829..7dd97f1c72 100644 > --- a/drivers/crypto/openssl/openssl_pmd_private.h > +++ b/drivers/crypto/openssl/openssl_pmd_private.h > @@ -231,10 +231,23 @@ struct __rte_cache_aligned openssl_asym_session { > #endif > } s; > struct { > + uint8_t curve_id; > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + EC_GROUP * group; > + BIGNUM *priv_key; > +#endif > + } ec; > + struct { > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > OSSL_PARAM * params; > #endif > } sm2; > + struct { > + uint8_t curve_id; > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + OSSL_PARAM * params; > +#endif > + } eddsa; > } u; > }; > /** Set and validate OPENSSL crypto session parameters */ diff --git > a/drivers/crypto/openssl/rte_openssl_pmd.c > b/drivers/crypto/openssl/rte_openssl_pmd.c > index e10a172f46..4e4d06403b 100644 > --- a/drivers/crypto/openssl/rte_openssl_pmd.c > +++ b/drivers/crypto/openssl/rte_openssl_pmd.c > @@ -2849,6 +2849,45 @@ process_openssl_rsa_op_evp(struct rte_crypto_op > *cop, >=20 > } >=20 > +static int > +process_openssl_ecfpm_op_evp(struct rte_crypto_op *cop, > + struct openssl_asym_session *sess) > +{ > + const EC_GROUP *ecgrp =3D sess->u.ec.group; > + EC_POINT *ecpt =3D NULL; > + BN_CTX *ctx =3D NULL; > + BIGNUM *n =3D NULL; > + int ret =3D -1; > + > + n =3D BN_bin2bn((const unsigned char *) > + cop->asym->ecpm.scalar.data, > + cop->asym->ecpm.scalar.length, > + BN_new()); > + > + ctx =3D BN_CTX_new(); > + if (!ctx) > + goto err_ecfpm; > + > + if (!EC_POINT_mul(ecgrp, ecpt, n, NULL, NULL, ctx)) > + goto err_ecfpm; > + > + if (cop->asym->flags & > RTE_CRYPTO_ASYM_FLAG_PUB_KEY_COMPRESSED) { > + unsigned char *buf =3D cop->asym->ecpm.r.x.data; > + size_t sz; > + > + sz =3D EC_POINT_point2oct(ecgrp, ecpt, > POINT_CONVERSION_COMPRESSED, buf, 0, ctx); > + if (!sz) > + goto err_ecfpm; > + > + cop->asym->ecpm.r.x.length =3D sz; > + } > + > +err_ecfpm: > + BN_CTX_free(ctx); > + BN_free(n); > + return ret; > +} > + > static int > process_openssl_sm2_op_evp(struct rte_crypto_op *cop, > struct openssl_asym_session *sess) > @@ -3074,6 +3113,158 @@ process_openssl_sm2_op_evp(struct > rte_crypto_op *cop, > return ret; > } >=20 > +static int > +process_openssl_eddsa_op_evp(struct rte_crypto_op *cop, > + struct openssl_asym_session *sess) > +{ > + static const char * const instance[] =3D {"Ed25519", "Ed25519ctx", > "Ed25519ph", > + "Ed448", "Ed448ph"}; > + EVP_PKEY_CTX *kctx =3D NULL, *sctx =3D NULL, *cctx =3D NULL; > + const uint8_t curve_id =3D sess->u.eddsa.curve_id; > + struct rte_crypto_asym_op *op =3D cop->asym; > + OSSL_PARAM *params =3D sess->u.eddsa.params; > + OSSL_PARAM_BLD *iparam_bld =3D NULL; > + OSSL_PARAM *iparams =3D NULL; > + uint8_t signbuf[128] =3D {0}; > + EVP_MD_CTX *md_ctx =3D NULL; > + EVP_PKEY *pkey =3D NULL; > + size_t signlen; > + int ret =3D -1; > + > + cop->status =3D RTE_CRYPTO_OP_STATUS_ERROR; > + > + iparam_bld =3D OSSL_PARAM_BLD_new(); > + if (!iparam_bld) > + goto err_eddsa; > + > + if (op->eddsa.instance =3D=3D RTE_CRYPTO_EDCURVE_25519CTX) { > + OSSL_PARAM_BLD_push_octet_string(iparam_bld, "context- > string", > + op->eddsa.context.data, op->eddsa.context.length); > + > + } > + > + OSSL_PARAM_BLD_push_utf8_string(iparam_bld, "instance", > + instance[op->eddsa.instance], strlen(instance[op- > >eddsa.instance])); > + > + iparams =3D OSSL_PARAM_BLD_to_param(iparam_bld); > + if (!iparams) > + goto err_eddsa; > + > + switch (op->eddsa.op_type) { > + case RTE_CRYPTO_ASYM_OP_SIGN: > + { > + if (curve_id =3D=3D RTE_CRYPTO_EC_GROUP_ED25519) > + kctx =3D EVP_PKEY_CTX_new_from_name(NULL, > "ED25519", NULL); I see this is a pattern in this PMD, but there are plenty of operations tha= t should be done in session instead on the datapath. EVP_PKEY_CTX_new_from_name EVP_PKEY_fromdata EVP_MD_CTX_new EVP_MD_CTX_set_pkey_ctx Should rather be done once per session than per every operation in with-ses= sion case. > + else > + kctx =3D EVP_PKEY_CTX_new_from_name(NULL, > "ED448", NULL); > + > + if (kctx =3D=3D NULL || EVP_PKEY_fromdata_init(kctx) <=3D 0 > || > + EVP_PKEY_fromdata(kctx, &pkey, > EVP_PKEY_KEYPAIR, params) <=3D 0) > + goto err_eddsa; > + > + md_ctx =3D EVP_MD_CTX_new(); > + if (!md_ctx) > + goto err_eddsa; > + > + sctx =3D EVP_PKEY_CTX_new_from_pkey(NULL, pkey, > NULL); > + if (!sctx) > + goto err_eddsa; > + > + EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx); > + > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30300000L) > + if (!EVP_DigestSignInit_ex(md_ctx, NULL, NULL, NULL, > NULL, pkey, iparams)) > + goto err_eddsa; > +#else > + if (op->eddsa.instance =3D=3D > RTE_CRYPTO_EDCURVE_25519 || > + op->eddsa.instance =3D=3D > RTE_CRYPTO_EDCURVE_448) { > + if (!EVP_DigestSignInit(md_ctx, NULL, NULL, > NULL, pkey)) > + goto err_eddsa; > + } else > + goto err_eddsa; > +#endif > + > + if (!EVP_DigestSign(md_ctx, NULL, &signlen, op- > >eddsa.message.data, > + op->eddsa.message.length)) > + goto err_eddsa; > + > + if (signlen > RTE_DIM(signbuf)) > + goto err_eddsa; > + > + if (!EVP_DigestSign(md_ctx, signbuf, &signlen, op- > >eddsa.message.data, > + op->eddsa.message.length)) > + goto err_eddsa; > + > + memcpy(op->eddsa.sign.data, &signbuf[0], signlen); > + op->eddsa.sign.length =3D signlen; > + } > + break; > + case RTE_CRYPTO_ASYM_OP_VERIFY: > + { > + if (curve_id =3D=3D RTE_CRYPTO_EC_GROUP_ED25519) > + kctx =3D EVP_PKEY_CTX_new_from_name(NULL, > "ED25519", NULL); > + else > + kctx =3D EVP_PKEY_CTX_new_from_name(NULL, > "ED448", NULL); > + > + if (kctx =3D=3D NULL || EVP_PKEY_fromdata_init(kctx) <=3D 0 > || > + EVP_PKEY_fromdata(kctx, &pkey, > EVP_PKEY_PUBLIC_KEY, params) <=3D 0) > + goto err_eddsa; > + > + md_ctx =3D EVP_MD_CTX_new(); > + if (!md_ctx) > + goto err_eddsa; > + > + sctx =3D EVP_PKEY_CTX_new_from_pkey(NULL, pkey, > NULL); > + if (!sctx) > + goto err_eddsa; > + > + EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx); > + > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30300000L) > + if (!EVP_DigestVerifyInit_ex(md_ctx, NULL, NULL, > NULL, NULL, pkey, iparams)) > + goto err_eddsa; > +#else > + if (op->eddsa.instance =3D=3D > RTE_CRYPTO_EDCURVE_25519 || > + op->eddsa.instance =3D=3D > RTE_CRYPTO_EDCURVE_448) { > + if (!EVP_DigestVerifyInit(md_ctx, NULL, NULL, > NULL, pkey)) > + goto err_eddsa; > + } else > + goto err_eddsa; > +#endif > + > + signlen =3D op->eddsa.sign.length; > + memcpy(&signbuf[0], op->eddsa.sign.data, op- > >eddsa.sign.length); > + > + ret =3D EVP_DigestVerify(md_ctx, signbuf, signlen, op- > >eddsa.message.data, > + op->eddsa.message.length); > + if (ret =3D=3D 0) > + goto err_eddsa; > + } > + break; > + default: > + /* allow ops with invalid args to be pushed to > + * completion queue > + */ > + cop->status =3D RTE_CRYPTO_OP_STATUS_INVALID_ARGS; > + goto err_eddsa; > + } > + > + ret =3D 0; > + cop->status =3D RTE_CRYPTO_OP_STATUS_SUCCESS; > +err_eddsa: > + OSSL_PARAM_BLD_free(iparam_bld); > + > + if (sctx) > + EVP_PKEY_CTX_free(sctx); > + > + if (cctx) > + EVP_PKEY_CTX_free(cctx); > + > + if (pkey) > + EVP_PKEY_free(pkey); > + > + return ret; > +} > #else > static int > process_openssl_rsa_op(struct rte_crypto_op *cop, @@ -3174,6 +3365,15 @@ > process_openssl_rsa_op(struct rte_crypto_op *cop, > return 0; > } >=20 > +static int > +process_openssl_ecfpm_op(struct rte_crypto_op *cop, > + struct openssl_asym_session *sess) > +{ > + RTE_SET_USED(cop); > + RTE_SET_USED(sess); > + return -ENOTSUP; > +} > + > static int > process_openssl_sm2_op(struct rte_crypto_op *cop, > struct openssl_asym_session *sess) > @@ -3182,6 +3382,15 @@ process_openssl_sm2_op(struct rte_crypto_op > *cop, > RTE_SET_USED(sess); > return -ENOTSUP; > } > + > +static int > +process_openssl_eddsa_op(struct rte_crypto_op *cop, > + struct openssl_asym_session *sess) > +{ > + RTE_SET_USED(cop); > + RTE_SET_USED(sess); > + return -ENOTSUP; > +} > #endif >=20 > static int > @@ -3230,6 +3439,13 @@ process_asym_op(struct openssl_qp *qp, struct > rte_crypto_op *op, > process_openssl_dsa_verify_op(op, sess); > else > op->status =3D > RTE_CRYPTO_OP_STATUS_INVALID_ARGS; > +#endif > + break; > + case RTE_CRYPTO_ASYM_XFORM_ECFPM: > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + retval =3D process_openssl_ecfpm_op_evp(op, sess); #else > + retval =3D process_openssl_ecfpm_op(op, sess); > #endif > break; > case RTE_CRYPTO_ASYM_XFORM_SM2: > @@ -3237,6 +3453,13 @@ process_asym_op(struct openssl_qp *qp, struct > rte_crypto_op *op, > retval =3D process_openssl_sm2_op_evp(op, sess); #else > retval =3D process_openssl_sm2_op(op, sess); > +#endif > + break; > + case RTE_CRYPTO_ASYM_XFORM_EDDSA: > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + retval =3D process_openssl_eddsa_op_evp(op, sess); #else > + retval =3D process_openssl_eddsa_op(op, sess); > #endif > break; > default: > diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c > b/drivers/crypto/openssl/rte_openssl_pmd_ops.c > index b7b612fc57..0725184653 100644 > --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c > +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c > @@ -593,6 +593,16 @@ static const struct rte_cryptodev_capabilities > openssl_pmd_capabilities[] =3D { > }, > } > }, > + { /* ECFPM */ > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > + {.asym =3D { > + .xform_capa =3D { > + .xform_type =3D > RTE_CRYPTO_ASYM_XFORM_ECFPM, > + .op_types =3D 0 > + } > + } > + } > + }, > { /* SM2 */ > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > {.asym =3D { > @@ -610,6 +620,20 @@ static const struct rte_cryptodev_capabilities > openssl_pmd_capabilities[] =3D { > } > } > }, > + { /* EDDSA */ > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > + {.asym =3D { > + .xform_capa =3D { > + .xform_type =3D > RTE_CRYPTO_ASYM_XFORM_EDDSA, > + .hash_algos =3D (1 << > RTE_CRYPTO_AUTH_SHA512 | > + 1 << > RTE_CRYPTO_AUTH_SHAKE_256), > + .op_types =3D > + ((1< + (1 << RTE_CRYPTO_ASYM_OP_VERIFY)), > + } > + } > + } > + }, >=20 > RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() > }; > @@ -1356,6 +1380,47 @@ static int openssl_set_asym_session_parameters( > BN_free(pub_key); > return -1; > } > + case RTE_CRYPTO_ASYM_XFORM_ECFPM: > + { > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + EC_GROUP *ecgrp =3D NULL; > + > + asym_session->xfrm_type =3D xform->xform_type; > + > + switch (xform->ec.curve_id) { > + case RTE_CRYPTO_EC_GROUP_SECP192R1: > + ecgrp =3D > EC_GROUP_new_by_curve_name(NID_secp192k1); > + break; > + case RTE_CRYPTO_EC_GROUP_SECP224R1: > + ecgrp =3D > EC_GROUP_new_by_curve_name(NID_secp224r1); > + break; > + case RTE_CRYPTO_EC_GROUP_SECP256R1: > + ecgrp =3D > EC_GROUP_new_by_curve_name(NID_secp256k1); > + break; > + case RTE_CRYPTO_EC_GROUP_SECP384R1: > + ecgrp =3D > EC_GROUP_new_by_curve_name(NID_secp384r1); > + break; > + case RTE_CRYPTO_EC_GROUP_SECP521R1: > + ecgrp =3D > EC_GROUP_new_by_curve_name(NID_secp521r1); > + break; > + case RTE_CRYPTO_EC_GROUP_ED25519: > + ecgrp =3D > EC_GROUP_new_by_curve_name(NID_ED25519); > + break; > + case RTE_CRYPTO_EC_GROUP_ED448: > + ecgrp =3D EC_GROUP_new_by_curve_name(NID_ED448); > + break; > + default: > + break; > + } > + > + asym_session->u.ec.curve_id =3D xform->ec.curve_id; > + asym_session->u.ec.group =3D ecgrp; > + break; > +#else > + OPENSSL_LOG(WARNING, "ECFPM unsupported for OpenSSL > Version < 3.0"); > + return -ENOTSUP; > +#endif > + } > case RTE_CRYPTO_ASYM_XFORM_SM2: > { > #if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) @@ -1440,6 +1505,66 @@ > static int openssl_set_asym_session_parameters( > #else > OPENSSL_LOG(WARNING, "SM2 unsupported for OpenSSL > Version < 3.0"); > return -ENOTSUP; > +#endif > + } > + case RTE_CRYPTO_ASYM_XFORM_EDDSA: > + { > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30300000L) > + OSSL_PARAM_BLD *param_bld =3D NULL; > + OSSL_PARAM *params =3D NULL; > + int ret =3D -1; > + > + asym_session->u.eddsa.curve_id =3D xform->ec.curve_id; > + > + param_bld =3D OSSL_PARAM_BLD_new(); > + if (!param_bld) { > + OPENSSL_LOG(ERR, "failed to allocate params"); > + goto err_eddsa; > + } > + > + ret =3D OSSL_PARAM_BLD_push_utf8_string(param_bld, > + OSSL_PKEY_PARAM_GROUP_NAME, "ED25519", > sizeof("ED25519")); > + if (!ret) { > + OPENSSL_LOG(ERR, "failed to push params"); > + goto err_eddsa; > + } > + > + ret =3D OSSL_PARAM_BLD_push_octet_string(param_bld, > OSSL_PKEY_PARAM_PRIV_KEY, > + xform->ec.pkey.data, xform->ec.pkey.length); > + if (!ret) { > + OPENSSL_LOG(ERR, "failed to push params"); > + goto err_eddsa; > + } > + > + ret =3D OSSL_PARAM_BLD_push_octet_string(param_bld, > OSSL_PKEY_PARAM_PUB_KEY, > + xform->ec.q.x.data, xform->ec.q.x.length); > + if (!ret) { > + OPENSSL_LOG(ERR, "failed to push params"); > + goto err_eddsa; > + } > + > + params =3D OSSL_PARAM_BLD_to_param(param_bld); > + if (!params) { > + OPENSSL_LOG(ERR, "failed to push params"); > + goto err_eddsa; > + } > + > + asym_session->u.eddsa.params =3D params; > + OSSL_PARAM_BLD_free(param_bld); > + > + asym_session->xfrm_type =3D > RTE_CRYPTO_ASYM_XFORM_EDDSA; > + break; > +err_eddsa: > + if (param_bld) > + OSSL_PARAM_BLD_free(param_bld); > + > + if (asym_session->u.eddsa.params) > + OSSL_PARAM_free(asym_session->u.eddsa.params); > + > + return -1; > +#else > + OPENSSL_LOG(WARNING, "EDDSA unsupported for OpenSSL > Version < 3.3"); > + return -ENOTSUP; > #endif > } > default: > @@ -1538,6 +1663,12 @@ static void openssl_reset_asym_session(struct > openssl_asym_session *sess) #if (OPENSSL_VERSION_NUMBER >=3D > 0x30000000L) > OSSL_PARAM_free(sess->u.sm2.params); > #endif > + break; > + case RTE_CRYPTO_ASYM_XFORM_EDDSA: > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30300000L) > + OSSL_PARAM_free(sess->u.eddsa.params); > +#endif > + break; > default: > break; > } > -- > 2.21.0