[dpdk-dev] [PATCH v2 0/5] Add session-less, RSA, RSA-CRT to QAT

[dpdk-dev] [PATCH v2 0/5] Add session-less, RSA, RSA-CRT to QAT

[Arek Kusztal]

This patchset adds session-less option, RSA algorithm, RSA-CRT algorithm
to Intel QuickAssist Technology PMD.

This patchset depends on the
[v5] cryptodev: extend api of asymmetric crypto by session-less [1]

[1] http://patchwork.dpdk.org/patch/60882/

v2:
- fixed alg size problem in crt
- fixed rsa capabilities
- added rsa test cases

Arek Kusztal (5):
  crypto/qat: add sessionless implementation to asym pmd
  crypto/qat: add rsa implementation to asym pmd
  crypto/qat: add rsa crt implementation to asym pmd
  test/crypto: add sessionless to asymmetric mod exp
  test/crypto: add rsa tests to qat

 app/test/test_cryptodev_asym.c                     | 182 ++++--
 app/test/test_cryptodev_rsa_test_vectors.h         | 213 +++++++
 doc/guides/cryptodevs/features/qat.ini             |   4 +
 doc/guides/rel_notes/release_19_11.rst             |   8 +
 .../qat/qat_adf/qat_pke_functionality_arrays.h     |  27 +
 drivers/crypto/qat/qat_asym.c                      | 616 ++++++++++++++++-----
 drivers/crypto/qat/qat_asym.h                      |  29 +-
 drivers/crypto/qat/qat_asym_capabilities.h         |  21 +
 drivers/crypto/qat/qat_asym_pmd.c                  |   5 +-
 9 files changed, 925 insertions(+), 180 deletions(-)

-- 
2.1.0

[dpdk-dev] [PATCH v2 1/5] crypto/qat: add sessionless implementation to asym pmd

[Arek Kusztal]

This patch adds option to use asymmetric crypto pmd with
session-less support.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 doc/guides/cryptodevs/features/qat.ini |   1 +
 doc/guides/rel_notes/release_19_11.rst |   4 +
 drivers/crypto/qat/qat_asym.c          | 312 ++++++++++++++++++++-------------
 drivers/crypto/qat/qat_asym.h          |  26 +--
 drivers/crypto/qat/qat_asym_pmd.c      |   3 +-
 5 files changed, 202 insertions(+), 144 deletions(-)

diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini
index 0832e59..cef8015 100644
--- a/doc/guides/cryptodevs/features/qat.ini
+++ b/doc/guides/cryptodevs/features/qat.ini
@@ -13,6 +13,7 @@ OOP SGL In LB  Out     = Y
 OOP LB  In SGL Out     = Y
 OOP LB  In LB  Out     = Y
 Digest encrypted       = Y
+Asymmetric sessionless = Y
 
 ;
 ; Supported crypto algorithms of the 'qat' crypto driver.
diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst
index 4ede7e8..7730483 100644
--- a/doc/guides/rel_notes/release_19_11.rst
+++ b/doc/guides/rel_notes/release_19_11.rst
@@ -85,6 +85,10 @@ New Features
   Added stateful decompression support in the Intel QuickAssist Technology PMD.
   Please note that stateful compression is not supported.
 
+* **Updated the Intel QuickAssist Technology (QAT) asymmetric crypto PMD.**
+
+  Added support for asymmetric session-less operations.
+
 * **Added cryptodev API to use asymmetric session-less operation.**
 
   Added session-less option to cryptodev asymmetric API. It works the same way
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 4ddb0e5..bf5d22d 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -26,38 +26,23 @@ static int qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
 	return -1;
 }
 
-static void qat_asym_build_req_tmpl(void *sess_private_data,
-		struct rte_crypto_asym_xform *xform)
+static inline void qat_fill_req_tmpl(struct icp_qat_fw_pke_request *qat_req)
 {
-
-	struct icp_qat_fw_pke_request *qat_req;
-	struct qat_asym_session *session = sess_private_data;
-
-	qat_req = &session->req_tmpl;
 	memset(qat_req, 0, sizeof(*qat_req));
 	qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_CPM_FW_PKE;
 
 	qat_req->pke_hdr.hdr_flags =
 			ICP_QAT_FW_COMN_HDR_FLAGS_BUILD
 			(ICP_QAT_FW_COMN_REQ_FLAG_SET);
-	qat_req->pke_hdr.comn_req_flags = 0;
-	qat_req->pke_hdr.resrvd1 = 0;
-	qat_req->pke_hdr.resrvd2 = 0;
-	qat_req->pke_hdr.kpt_mask = 0;
-	qat_req->pke_hdr.kpt_rn_mask = 0;
-	qat_req->pke_hdr.cd_pars.content_desc_addr = 0;
-	qat_req->pke_hdr.cd_pars.content_desc_resrvd = 0;
-	qat_req->resrvd1 = 0;
-	qat_req->resrvd2 = 0;
-	qat_req->next_req_adr = 0;
+}
 
-	if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
-		qat_req->output_param_count = 1;
-		qat_req->input_param_count = 3;
-	} else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
-		qat_req->output_param_count = 1;
-		qat_req->input_param_count = 2;
-	}
+static inline void qat_asym_build_req_tmpl(void *sess_private_data)
+{
+	struct icp_qat_fw_pke_request *qat_req;
+	struct qat_asym_session *session = sess_private_data;
+
+	qat_req = &session->req_tmpl;
+	qat_fill_req_tmpl(qat_req);
 }
 
 static size_t max_of(int n, ...)
@@ -90,6 +75,19 @@ static void qat_clear_arrays(struct qat_asym_op_cookie *cookie,
 		memset(cookie->output_array[i], 0x0, out_size);
 }
 
+static void qat_clear_arrays_by_alg(struct qat_asym_op_cookie *cookie,
+		enum rte_crypto_asym_xform_type alg, int in_size, int out_size)
+{
+	if (alg == RTE_CRYPTO_ASYM_XFORM_MODEX)
+		qat_clear_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS,
+				QAT_ASYM_MODEXP_NUM_OUT_PARAMS, in_size,
+				out_size);
+	else if (alg == RTE_CRYPTO_ASYM_XFORM_MODINV)
+		qat_clear_arrays(cookie, QAT_ASYM_MODINV_NUM_IN_PARAMS,
+				QAT_ASYM_MODINV_NUM_OUT_PARAMS, in_size,
+				out_size);
+}
+
 static int qat_asym_check_nonzero(rte_crypto_param n)
 {
 	if (n.length < 8) {
@@ -120,51 +118,34 @@ static int qat_asym_check_nonzero(rte_crypto_param n)
 	return 0;
 }
 
-int
-qat_asym_build_request(void *in_op,
-			uint8_t *out_msg,
-			void *op_cookie,
-			__rte_unused enum qat_device_gen qat_dev_gen)
+static int
+qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op,
+		struct icp_qat_fw_pke_request *qat_req,
+		struct qat_asym_op_cookie *cookie,
+		struct rte_crypto_asym_xform *xform)
 {
-	struct qat_asym_session *ctx;
-	struct rte_crypto_op *op = (struct rte_crypto_op *)in_op;
-	struct rte_crypto_asym_op *asym_op = op->asym;
-	struct icp_qat_fw_pke_request *qat_req =
-			(struct icp_qat_fw_pke_request *)out_msg;
-	struct qat_asym_op_cookie *cookie =
-				(struct qat_asym_op_cookie *)op_cookie;
-
-	uint64_t err = 0;
+	int err = 0;
 	size_t alg_size;
 	size_t alg_size_in_bytes;
-	uint32_t func_id;
-
-	ctx = (struct qat_asym_session *)get_asym_session_private_data(
-			op->asym->session, cryptodev_qat_asym_driver_id);
-	rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl));
-	qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op;
+	uint32_t func_id = 0;
 
-	qat_req->pke_mid.src_data_addr = cookie->input_addr;
-	qat_req->pke_mid.dest_data_addr = cookie->output_addr;
-
-	if (ctx->alg == QAT_PKE_MODEXP) {
-		err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_exp.n);
+	if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
+		err = qat_asym_check_nonzero(xform->modex.modulus);
 		if (err) {
 			QAT_LOG(ERR, "Empty modulus in modular exponentiation,"
 					" aborting this operation");
-			goto error;
+			return err;
 		}
 
 		alg_size_in_bytes = max_of(3, asym_op->modex.base.length,
-			       ctx->sess_alg_params.mod_exp.e.length,
-			       ctx->sess_alg_params.mod_exp.n.length);
+			       xform->modex.exponent.length,
+			       xform->modex.modulus.length);
 		alg_size = alg_size_in_bytes << 3;
 
 		if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE,
 				sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE),
 				&alg_size, &func_id)) {
-			err = QAT_ASYM_ERROR_INVALID_PARAM;
-			goto error;
+			return QAT_ASYM_ERROR_INVALID_PARAM;
 		}
 
 		alg_size_in_bytes = alg_size >> 3;
@@ -173,15 +154,17 @@ qat_asym_build_request(void *in_op,
 			, asym_op->modex.base.data,
 			asym_op->modex.base.length);
 		rte_memcpy(cookie->input_array[1] + alg_size_in_bytes -
-			ctx->sess_alg_params.mod_exp.e.length
-			, ctx->sess_alg_params.mod_exp.e.data,
-			ctx->sess_alg_params.mod_exp.e.length);
+			xform->modex.exponent.length
+			, xform->modex.exponent.data,
+			xform->modex.exponent.length);
 		rte_memcpy(cookie->input_array[2]  + alg_size_in_bytes -
-			ctx->sess_alg_params.mod_exp.n.length,
-			ctx->sess_alg_params.mod_exp.n.data,
-			ctx->sess_alg_params.mod_exp.n.length);
+			xform->modex.modulus.length,
+			xform->modex.modulus.data,
+			xform->modex.modulus.length);
 		cookie->alg_size = alg_size;
 		qat_req->pke_hdr.cd_pars.func_id = func_id;
+		qat_req->input_param_count = QAT_ASYM_MODEXP_NUM_IN_PARAMS;
+		qat_req->output_param_count = QAT_ASYM_MODEXP_NUM_OUT_PARAMS;
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
 		QAT_DP_HEXDUMP_LOG(DEBUG, "base",
 				cookie->input_array[0],
@@ -193,34 +176,32 @@ qat_asym_build_request(void *in_op,
 				cookie->input_array[2],
 				alg_size_in_bytes);
 #endif
-	} else if (ctx->alg == QAT_PKE_MODINV) {
-		err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_inv.n);
+	} else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
+		err = qat_asym_check_nonzero(xform->modinv.modulus);
 		if (err) {
 			QAT_LOG(ERR, "Empty modulus in modular multiplicative"
 					" inverse, aborting this operation");
-			goto error;
+			return err;
 		}
 
 		alg_size_in_bytes = max_of(2, asym_op->modinv.base.length,
-				ctx->sess_alg_params.mod_inv.n.length);
+				xform->modinv.modulus.length);
 		alg_size = alg_size_in_bytes << 3;
 
-		if (ctx->sess_alg_params.mod_inv.n.data[
-				ctx->sess_alg_params.mod_inv.n.length - 1] & 0x01) {
+		if (xform->modinv.modulus.data[
+				xform->modinv.modulus.length - 1] & 0x01) {
 			if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_ODD,
 					sizeof(MOD_INV_IDS_ODD)/
 					sizeof(*MOD_INV_IDS_ODD),
 					&alg_size, &func_id)) {
-				err = QAT_ASYM_ERROR_INVALID_PARAM;
-				goto error;
+				return QAT_ASYM_ERROR_INVALID_PARAM;
 			}
 		} else {
 			if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_EVEN,
 					sizeof(MOD_INV_IDS_EVEN)/
 					sizeof(*MOD_INV_IDS_EVEN),
 					&alg_size, &func_id)) {
-				err = QAT_ASYM_ERROR_INVALID_PARAM;
-				goto error;
+				return QAT_ASYM_ERROR_INVALID_PARAM;
 			}
 		}
 
@@ -230,11 +211,15 @@ qat_asym_build_request(void *in_op,
 				, asym_op->modinv.base.data,
 				asym_op->modinv.base.length);
 		rte_memcpy(cookie->input_array[1] + alg_size_in_bytes -
-				ctx->sess_alg_params.mod_inv.n.length
-				, ctx->sess_alg_params.mod_inv.n.data,
-				ctx->sess_alg_params.mod_inv.n.length);
+				xform->modinv.modulus.length
+				, xform->modinv.modulus.data,
+				xform->modinv.modulus.length);
 		cookie->alg_size = alg_size;
 		qat_req->pke_hdr.cd_pars.func_id = func_id;
+		qat_req->input_param_count =
+				QAT_ASYM_MODINV_NUM_IN_PARAMS;
+		qat_req->output_param_count =
+				QAT_ASYM_MODINV_NUM_OUT_PARAMS;
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
 		QAT_DP_HEXDUMP_LOG(DEBUG, "base",
 				cookie->input_array[0],
@@ -244,13 +229,68 @@ qat_asym_build_request(void *in_op,
 				alg_size_in_bytes);
 #endif
 	}
+	return 0;
+}
+
+int
+qat_asym_build_request(void *in_op,
+			uint8_t *out_msg,
+			void *op_cookie,
+			__rte_unused enum qat_device_gen qat_dev_gen)
+{
+	struct qat_asym_session *ctx;
+	struct rte_crypto_op *op = (struct rte_crypto_op *)in_op;
+	struct rte_crypto_asym_op *asym_op = op->asym;
+	struct icp_qat_fw_pke_request *qat_req =
+			(struct icp_qat_fw_pke_request *)out_msg;
+	struct qat_asym_op_cookie *cookie =
+				(struct qat_asym_op_cookie *)op_cookie;
+	int err = 0;
+
+	op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
+	if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
+		ctx = (struct qat_asym_session *)
+			get_asym_session_private_data(
+			op->asym->session, cryptodev_qat_asym_driver_id);
+		rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl));
+		err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform);
+		if (err) {
+			op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
+			goto error;
+		}
+	} else if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
+		qat_fill_req_tmpl(qat_req);
+		err = qat_asym_fill_arrays(asym_op, qat_req, cookie,
+				op->asym->xform);
+		if (err) {
+			op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
+			goto error;
+		}
+	} else {
+		QAT_DP_LOG(ERR, "Invalid session/xform settings");
+		op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION;
+		goto error;
+	}
+
+	qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op;
+	qat_req->pke_mid.src_data_addr = cookie->input_addr;
+	qat_req->pke_mid.dest_data_addr = cookie->output_addr;
 
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
 	QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req,
 			sizeof(struct icp_qat_fw_pke_request));
 #endif
+
 	return 0;
 error:
+
+	qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op;
+
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+	QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req,
+		sizeof(struct icp_qat_fw_pke_request));
+#endif
+
 	qat_req->output_param_count = 0;
 	qat_req->input_param_count = 0;
 	qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL;
@@ -259,42 +299,16 @@ qat_asym_build_request(void *in_op,
 	return 0;
 }
 
-void
-qat_asym_process_response(void **op, uint8_t *resp,
-		void *op_cookie)
+static void qat_asym_collect_response(struct rte_crypto_op *rx_op,
+		struct qat_asym_op_cookie *cookie,
+		struct rte_crypto_asym_xform *xform)
 {
-	struct qat_asym_session *ctx;
-	struct icp_qat_fw_pke_resp *resp_msg =
-			(struct icp_qat_fw_pke_resp *)resp;
-	struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t)
-			(resp_msg->opaque);
-	struct rte_crypto_asym_op *asym_op = rx_op->asym;
-	struct qat_asym_op_cookie *cookie = op_cookie;
 	size_t alg_size, alg_size_in_bytes;
+	struct rte_crypto_asym_op *asym_op = rx_op->asym;
 
-	ctx = (struct qat_asym_session *)get_asym_session_private_data(
-			rx_op->asym->session, cryptodev_qat_asym_driver_id);
-
-	*op = rx_op;
-	rx_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
-
-	if (cookie->error) {
-		cookie->error = 0;
-		rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
-		QAT_DP_LOG(ERR, "Cookie status returned error");
-	} else {
-		if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET(
-			resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) {
-			rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
-			QAT_DP_LOG(ERR, "Asymmetric response status returned error");
-		}
-		if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) {
-			rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
-			QAT_DP_LOG(ERR, "Asymmetric common status returned error");
-		}
-	}
+	if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
+		rte_crypto_param n = xform->modex.modulus;
 
-	if (ctx->alg == QAT_PKE_MODEXP) {
 		alg_size = cookie->alg_size;
 		alg_size_in_bytes = alg_size >> 3;
 		uint8_t *modexp_result = asym_op->modex.result.data;
@@ -302,31 +316,30 @@ qat_asym_process_response(void **op, uint8_t *resp,
 		if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
 			rte_memcpy(modexp_result +
 				(asym_op->modex.result.length -
-					ctx->sess_alg_params.mod_exp.n.length),
+					n.length),
 				cookie->output_array[0] + alg_size_in_bytes
-				- ctx->sess_alg_params.mod_exp.n.length,
-				ctx->sess_alg_params.mod_exp.n.length
+				- n.length, n.length
 				);
 			rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
 			QAT_DP_HEXDUMP_LOG(DEBUG, "modexp_result",
 					cookie->output_array[0],
 					alg_size_in_bytes);
+
 #endif
 		}
-		qat_clear_arrays(cookie, 3, 1, alg_size_in_bytes,
-				alg_size_in_bytes);
-	} else if (ctx->alg == QAT_PKE_MODINV) {
+	} else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
+		rte_crypto_param n = xform->modinv.modulus;
+
 		alg_size = cookie->alg_size;
 		alg_size_in_bytes = alg_size >> 3;
 		uint8_t *modinv_result = asym_op->modinv.result.data;
 
 		if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
 			rte_memcpy(modinv_result + (asym_op->modinv.result.length
-				- ctx->sess_alg_params.mod_inv.n.length),
+				- n.length),
 				cookie->output_array[0] + alg_size_in_bytes
-				- ctx->sess_alg_params.mod_inv.n.length,
-				ctx->sess_alg_params.mod_inv.n.length);
+				- n.length, n.length);
 			rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
 			QAT_DP_HEXDUMP_LOG(DEBUG, "modinv_result",
@@ -334,8 +347,59 @@ qat_asym_process_response(void **op, uint8_t *resp,
 					alg_size_in_bytes);
 #endif
 		}
-		qat_clear_arrays(cookie, 2, 1, alg_size_in_bytes,
+	}
+	qat_clear_arrays_by_alg(cookie, xform->xform_type, alg_size_in_bytes,
 			alg_size_in_bytes);
+}
+
+void
+qat_asym_process_response(void **op, uint8_t *resp,
+		void *op_cookie)
+{
+	struct qat_asym_session *ctx;
+	struct icp_qat_fw_pke_resp *resp_msg =
+			(struct icp_qat_fw_pke_resp *)resp;
+	struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t)
+			(resp_msg->opaque);
+	struct qat_asym_op_cookie *cookie = op_cookie;
+	size_t alg_size, alg_size_in_bytes;
+
+	if (cookie->error) {
+		cookie->error = 0;
+		if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+			rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+		QAT_DP_LOG(ERR, "Cookie status returned error");
+	} else {
+		if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET(
+			resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) {
+			if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+				rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			QAT_DP_LOG(ERR, "Asymmetric response status"
+					" returned error");
+		}
+		if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) {
+			if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED)
+				rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			QAT_DP_LOG(ERR, "Asymmetric common status"
+					" returned error");
+		}
+	}
+	*op = rx_op;
+	if (cookie->error) {
+		alg_size = cookie->alg_size;
+		alg_size_in_bytes = alg_size >> 3;
+		qat_clear_arrays(cookie, QAT_ASYM_MAX_PARAMS,
+				QAT_ASYM_MAX_PARAMS, alg_size_in_bytes,
+				alg_size_in_bytes);
+		return;
+	}
+
+	if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
+		ctx = (struct qat_asym_session *)get_asym_session_private_data(
+				rx_op->asym->session, cryptodev_qat_asym_driver_id);
+		qat_asym_collect_response(rx_op, cookie, ctx->xform);
+	} else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
+		qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform);
 	}
 
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
@@ -362,10 +426,6 @@ qat_asym_session_configure(struct rte_cryptodev *dev,
 
 	session = sess_private_data;
 	if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
-		session->sess_alg_params.mod_exp.e = xform->modex.exponent;
-		session->sess_alg_params.mod_exp.n = xform->modex.modulus;
-		session->alg = QAT_PKE_MODEXP;
-
 		if (xform->modex.exponent.length == 0 ||
 				xform->modex.modulus.length == 0) {
 			QAT_LOG(ERR, "Invalid mod exp input parameter");
@@ -373,20 +433,24 @@ qat_asym_session_configure(struct rte_cryptodev *dev,
 			goto error;
 		}
 	} else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
-		session->sess_alg_params.mod_inv.n = xform->modinv.modulus;
-		session->alg = QAT_PKE_MODINV;
-
 		if (xform->modinv.modulus.length == 0) {
 			QAT_LOG(ERR, "Invalid mod inv input parameter");
 			err = -EINVAL;
 			goto error;
 		}
-	} else {
+	} else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
+			|| xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) {
 		QAT_LOG(ERR, "Invalid asymmetric crypto xform");
 		err = -EINVAL;
 		goto error;
+	} else {
+		QAT_LOG(ERR, "Asymmetric crypto xform not implemented");
+		err = -EINVAL;
+		goto error;
 	}
-	qat_asym_build_req_tmpl(sess_private_data, xform);
+
+	session->xform = xform;
+	qat_asym_build_req_tmpl(sess_private_data);
 	set_asym_session_private_data(sess, dev->driver_id,
 		sess_private_data);
 
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index ce4839b..b04eee4 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -19,6 +19,12 @@ typedef uint64_t large_int_ptr;
 
 #define QAT_ASYM_ERROR_INVALID_PARAM	0x01
 
+#define QAT_ASYM_MAX_PARAMS			8
+#define QAT_ASYM_MODINV_NUM_IN_PARAMS		2
+#define QAT_ASYM_MODINV_NUM_OUT_PARAMS		1
+#define QAT_ASYM_MODEXP_NUM_IN_PARAMS		3
+#define QAT_ASYM_MODEXP_NUM_OUT_PARAMS		1
+
 struct qat_asym_op_cookie {
 	size_t alg_size;
 	uint64_t error;
@@ -33,27 +39,9 @@ struct qat_asym_op_cookie {
 	uint8_t output_array[MAX_PKE_PARAMS][QAT_PKE_MAX_LN_SIZE] _PKE_ALIGN_;
 } _PKE_ALIGN_;
 
-enum qat_asym_alg {
-	QAT_PKE_RSA,
-	QAT_PKE_DH,
-	QAT_PKE_DSA,
-	QAT_PKE_MODEXP,
-	QAT_PKE_MODINV,
-};
-
 struct qat_asym_session {
-	enum qat_asym_alg alg;
 	struct icp_qat_fw_pke_request req_tmpl;
-	uint64_t flags;
-	union {
-		struct {
-			rte_crypto_param n;
-			rte_crypto_param e;
-		} mod_exp;
-		struct {
-			rte_crypto_param n;
-		} mod_inv;
-	} sess_alg_params;
+	struct rte_crypto_asym_xform *xform;
 };
 
 int
diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c
index c999799..71fd709 100644
--- a/drivers/crypto/qat/qat_asym_pmd.c
+++ b/drivers/crypto/qat/qat_asym_pmd.c
@@ -270,7 +270,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev)
 	cryptodev->dequeue_burst = qat_asym_pmd_dequeue_op_burst;
 
 	cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO |
-			RTE_CRYPTODEV_FF_HW_ACCELERATED;
+			RTE_CRYPTODEV_FF_HW_ACCELERATED |
+			RTE_CRYPTODEV_FF_ASYM_SESSIONLESS;
 	internals = cryptodev->data->dev_private;
 	internals->qat_dev = qat_pci_dev;
 	qat_pci_dev->asym_dev = internals;
-- 
2.1.0

[dpdk-dev] [PATCH v2 2/5] crypto/qat: add rsa implementation to asym pmd

[Arek Kusztal]

This commit adds rsa algorithm to asymmetric pmd
using pair (n, d) private key

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 doc/guides/cryptodevs/features/qat.ini             |   2 +
 doc/guides/rel_notes/release_19_11.rst             |   2 +
 .../qat/qat_adf/qat_pke_functionality_arrays.h     |  18 ++
 drivers/crypto/qat/qat_asym.c                      | 253 ++++++++++++++++++++-
 drivers/crypto/qat/qat_asym.h                      |   2 +
 drivers/crypto/qat/qat_asym_capabilities.h         |  21 ++
 drivers/crypto/qat/qat_asym_pmd.c                  |   3 +-
 7 files changed, 297 insertions(+), 4 deletions(-)

diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini
index cef8015..374b523 100644
--- a/doc/guides/cryptodevs/features/qat.ini
+++ b/doc/guides/cryptodevs/features/qat.ini
@@ -14,6 +14,7 @@ OOP LB  In SGL Out     = Y
 OOP LB  In LB  Out     = Y
 Digest encrypted       = Y
 Asymmetric sessionless = Y
+RSA PRIV OP KEY EXP    = Y
 
 ;
 ; Supported crypto algorithms of the 'qat' crypto driver.
@@ -71,3 +72,4 @@ AES CCM (256) = Y
 [Asymmetric]
 Modular Exponentiation  = Y
 Modular Inversion		= Y
+RSA						= Y
diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst
index 7730483..e081fb1 100644
--- a/doc/guides/rel_notes/release_19_11.rst
+++ b/doc/guides/rel_notes/release_19_11.rst
@@ -89,6 +89,8 @@ New Features
 
   Added support for asymmetric session-less operations.
 
+  Added support for RSA algorithm with pair (n, d) private key representation.
+
 * **Added cryptodev API to use asymmetric session-less operation.**
 
   Added session-less option to cryptodev asymmetric API. It works the same way
diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
index 8adf209..4f857b9 100644
--- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
+++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
@@ -49,4 +49,22 @@ static const uint32_t MOD_INV_IDS_EVEN[][2] = {
 		{ 4096, MATHS_MODINV_EVEN_L4096 },
 };
 
+static const uint32_t RSA_MODEXP_ENC_IDS[][2] = {
+		{ 512,	PKE_RSA_EP_512 },
+		{ 1024,	PKE_RSA_EP_1024 },
+		{ 1536,	PKE_RSA_EP_1536 },
+		{ 2048,	PKE_RSA_EP_2048 },
+		{ 3072,	PKE_RSA_EP_3072 },
+		{ 4096,	PKE_RSA_EP_4096 },
+};
+
+static const uint32_t RSA_MODEXP_DEC_IDS[][2] = {
+		{ 512,	PKE_RSA_DP1_512 },
+		{ 1024,	PKE_RSA_DP1_1024 },
+		{ 1536,	PKE_RSA_DP1_1536 },
+		{ 2048,	PKE_RSA_DP1_2048 },
+		{ 3072,	PKE_RSA_DP1_3072 },
+		{ 4096,	PKE_RSA_DP1_4096 },
+};
+
 #endif
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index bf5d22d..8985270 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -228,6 +228,170 @@ qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op,
 				cookie->input_array[1],
 				alg_size_in_bytes);
 #endif
+	} else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
+		err = qat_asym_check_nonzero(xform->rsa.n);
+		if (err) {
+			QAT_LOG(ERR, "Empty modulus in RSA"
+					" inverse, aborting this operation");
+			return err;
+		}
+
+		alg_size_in_bytes = xform->rsa.n.length;
+		alg_size = alg_size_in_bytes << 3;
+
+		qat_req->input_param_count =
+				QAT_ASYM_RSA_NUM_IN_PARAMS;
+		qat_req->output_param_count =
+				QAT_ASYM_RSA_NUM_OUT_PARAMS;
+
+		if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
+				asym_op->rsa.op_type ==
+						RTE_CRYPTO_ASYM_OP_VERIFY) {
+
+			if (qat_asym_get_sz_and_func_id(RSA_MODEXP_ENC_IDS,
+					sizeof(RSA_MODEXP_ENC_IDS)/
+					sizeof(*RSA_MODEXP_ENC_IDS),
+					&alg_size, &func_id)) {
+				err = QAT_ASYM_ERROR_INVALID_PARAM;
+				QAT_LOG(ERR,
+					"Not supported RSA parameter size (key)");
+				return err;
+			}
+			alg_size_in_bytes = alg_size >> 3;
+			if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+				switch (asym_op->rsa.pad) {
+				case RTE_CRYPTO_RSA_PADDING_NONE:
+					rte_memcpy(cookie->input_array[0] +
+						alg_size_in_bytes -
+						asym_op->rsa.message.length
+						, asym_op->rsa.message.data,
+						asym_op->rsa.message.length);
+					break;
+				default:
+					err = QAT_ASYM_ERROR_INVALID_PARAM;
+					QAT_LOG(ERR,
+						"Invalid RSA padding (Encryption)");
+					return err;
+				}
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+				QAT_DP_HEXDUMP_LOG(DEBUG, "Message",
+						cookie->input_array[0],
+						alg_size_in_bytes);
+#endif
+			} else {
+				switch (asym_op->rsa.pad) {
+				case RTE_CRYPTO_RSA_PADDING_NONE:
+					rte_memcpy(cookie->input_array[0],
+						asym_op->rsa.sign.data,
+						asym_op->rsa.sign.length);
+					break;
+				default:
+					err = QAT_ASYM_ERROR_INVALID_PARAM;
+					QAT_LOG(ERR,
+						"Invalid RSA padding (Verify)");
+					return err;
+				}
+
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+				QAT_DP_HEXDUMP_LOG(DEBUG, "Signature",
+						cookie->input_array[0],
+						alg_size_in_bytes);
+#endif
+
+			}
+			rte_memcpy(cookie->input_array[1] +
+					alg_size_in_bytes -
+					xform->rsa.e.length
+					, xform->rsa.e.data,
+					xform->rsa.e.length);
+			rte_memcpy(cookie->input_array[2] +
+					alg_size_in_bytes -
+					xform->rsa.n.length,
+					xform->rsa.n.data,
+					xform->rsa.n.length);
+
+			cookie->alg_size = alg_size;
+			qat_req->pke_hdr.cd_pars.func_id = func_id;
+
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+			QAT_DP_HEXDUMP_LOG(DEBUG, "Public Key",
+					cookie->input_array[1], alg_size_in_bytes);
+			QAT_DP_HEXDUMP_LOG(DEBUG, "Modulus",
+					cookie->input_array[2], alg_size_in_bytes);
+#endif
+		} else {
+			if (asym_op->rsa.op_type ==
+					RTE_CRYPTO_ASYM_OP_DECRYPT) {
+				switch (asym_op->rsa.pad) {
+				case RTE_CRYPTO_RSA_PADDING_NONE:
+					rte_memcpy(cookie->input_array[0]
+						+ alg_size_in_bytes -
+						asym_op->rsa.cipher.length,
+						asym_op->rsa.cipher.data,
+						asym_op->rsa.cipher.length);
+					break;
+				default:
+					QAT_LOG(ERR,
+						"Invalid padding of RSA (Decrypt)");
+					return QAT_ASYM_ERROR_INVALID_PARAM;
+				}
+
+			} else if (asym_op->rsa.op_type ==
+					RTE_CRYPTO_ASYM_OP_SIGN) {
+				switch (asym_op->rsa.pad) {
+				case RTE_CRYPTO_RSA_PADDING_NONE:
+					rte_memcpy(cookie->input_array[0]
+						+ alg_size_in_bytes -
+						asym_op->rsa.message.length,
+						asym_op->rsa.message.data,
+						asym_op->rsa.message.length);
+					break;
+				default:
+					QAT_LOG(ERR,
+						"Invalid padding of RSA (Signature)");
+					return QAT_ASYM_ERROR_INVALID_PARAM;
+				}
+			}
+
+			if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) {
+				QAT_LOG(ERR, "RSA CRT not implemented");
+				return QAT_ASYM_ERROR_INVALID_PARAM;
+			} else if (xform->rsa.key_type ==
+					RTE_RSA_KEY_TYPE_EXP) {
+				if (qat_asym_get_sz_and_func_id(
+						RSA_MODEXP_DEC_IDS,
+						sizeof(RSA_MODEXP_DEC_IDS)/
+						sizeof(*RSA_MODEXP_DEC_IDS),
+						&alg_size, &func_id)) {
+					return QAT_ASYM_ERROR_INVALID_PARAM;
+				}
+				alg_size_in_bytes = alg_size >> 3;
+				rte_memcpy(cookie->input_array[1] +
+						alg_size_in_bytes -
+						xform->rsa.d.length,
+						xform->rsa.d.data,
+						xform->rsa.d.length);
+				rte_memcpy(cookie->input_array[2] +
+						alg_size_in_bytes -
+						xform->rsa.n.length,
+						xform->rsa.n.data,
+						xform->rsa.n.length);
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+			QAT_DP_HEXDUMP_LOG(DEBUG, "C", cookie->input_array[0],
+					alg_size_in_bytes);
+			QAT_DP_HEXDUMP_LOG(DEBUG, "d", cookie->input_array[1],
+					alg_size_in_bytes);
+			QAT_DP_HEXDUMP_LOG(DEBUG, "n", cookie->input_array[2],
+					alg_size_in_bytes);
+#endif
+
+				cookie->alg_size = alg_size;
+				qat_req->pke_hdr.cd_pars.func_id = func_id;
+			} else {
+				QAT_LOG(ERR, "Invalid RSA key type");
+				return QAT_ASYM_ERROR_INVALID_PARAM;
+			}
+		}
 	}
 	return 0;
 }
@@ -252,8 +416,10 @@ qat_asym_build_request(void *in_op,
 		ctx = (struct qat_asym_session *)
 			get_asym_session_private_data(
 			op->asym->session, cryptodev_qat_asym_driver_id);
-		rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl));
-		err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform);
+		rte_mov64((uint8_t *)qat_req,
+				(const uint8_t *)&(ctx->req_tmpl));
+		err = qat_asym_fill_arrays(asym_op, qat_req,
+				cookie, ctx->xform);
 		if (err) {
 			op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
 			goto error;
@@ -347,6 +513,81 @@ static void qat_asym_collect_response(struct rte_crypto_op *rx_op,
 					alg_size_in_bytes);
 #endif
 		}
+	} else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
+		uint8_t *rsa_result = asym_op->rsa.cipher.data;
+
+		alg_size = cookie->alg_size;
+		alg_size_in_bytes = alg_size >> 3;
+		if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT ||
+				asym_op->rsa.op_type ==
+					RTE_CRYPTO_ASYM_OP_VERIFY) {
+			if (asym_op->rsa.op_type ==
+					RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+				rte_memcpy(rsa_result,
+						cookie->output_array[0],
+						xform->rsa.n.length);
+				rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+				QAT_DP_HEXDUMP_LOG(DEBUG, "Encrypted data",
+						cookie->output_array[0],
+						alg_size_in_bytes);
+				asym_op->rsa.cipher.length = alg_size_in_bytes;
+#endif
+			} else if (asym_op->rsa.op_type ==
+					RTE_CRYPTO_ASYM_OP_VERIFY) {
+				rsa_result = asym_op->rsa.message.data;
+				switch (asym_op->rsa.pad) {
+				case RTE_CRYPTO_RSA_PADDING_NONE:
+					rte_memcpy(rsa_result,
+							cookie->output_array[0],
+							xform->rsa.n.length);
+					rx_op->status =
+						RTE_CRYPTO_OP_STATUS_SUCCESS;
+					break;
+				default:
+					QAT_LOG(ERR, "Error during setting "
+							"Padding not supported");
+					rx_op->status =
+						RTE_CRYPTO_OP_STATUS_ERROR;
+					break;
+				}
+			}
+		} else {
+			rsa_result = asym_op->rsa.message.data;
+			if (asym_op->rsa.op_type ==
+					RTE_CRYPTO_ASYM_OP_DECRYPT) {
+				switch (asym_op->rsa.pad) {
+				case RTE_CRYPTO_RSA_PADDING_NONE:
+					rte_memcpy(rsa_result,
+						cookie->output_array[0],
+						xform->rsa.n.length
+						);
+					break;
+				default:
+					QAT_LOG(ERR, "Error during setting "
+							"Padding not supported");
+					rx_op->status =
+						RTE_CRYPTO_OP_STATUS_ERROR;
+					break;
+				}
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+				QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Decrypted Message",
+						rsa_result, alg_size_in_bytes);
+#endif
+			} else if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
+				rsa_result = asym_op->rsa.sign.data;
+				rte_memcpy(rsa_result,
+						cookie->output_array[0],
+						xform->rsa.n.length
+						);
+				rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+				QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature",
+						cookie->output_array[0],
+						alg_size_in_bytes);
+#endif
+			}
+		}
 	}
 	qat_clear_arrays_by_alg(cookie, xform->xform_type, alg_size_in_bytes,
 			alg_size_in_bytes);
@@ -396,7 +637,7 @@ qat_asym_process_response(void **op, uint8_t *resp,
 
 	if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) {
 		ctx = (struct qat_asym_session *)get_asym_session_private_data(
-				rx_op->asym->session, cryptodev_qat_asym_driver_id);
+			rx_op->asym->session, cryptodev_qat_asym_driver_id);
 		qat_asym_collect_response(rx_op, cookie, ctx->xform);
 	} else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) {
 		qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform);
@@ -438,6 +679,12 @@ qat_asym_session_configure(struct rte_cryptodev *dev,
 			err = -EINVAL;
 			goto error;
 		}
+	} else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
+		if (xform->rsa.n.length == 0) {
+			QAT_LOG(ERR, "Invalid rsa input parameter");
+			err = -EINVAL;
+			goto error;
+		}
 	} else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
 			|| xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) {
 		QAT_LOG(ERR, "Invalid asymmetric crypto xform");
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index b04eee4..b12a969 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -24,6 +24,8 @@ typedef uint64_t large_int_ptr;
 #define QAT_ASYM_MODINV_NUM_OUT_PARAMS		1
 #define QAT_ASYM_MODEXP_NUM_IN_PARAMS		3
 #define QAT_ASYM_MODEXP_NUM_OUT_PARAMS		1
+#define QAT_ASYM_RSA_NUM_IN_PARAMS		3
+#define QAT_ASYM_RSA_NUM_OUT_PARAMS		1
 
 struct qat_asym_op_cookie {
 	size_t alg_size;
diff --git a/drivers/crypto/qat/qat_asym_capabilities.h b/drivers/crypto/qat/qat_asym_capabilities.h
index f43c025..108ec49 100644
--- a/drivers/crypto/qat/qat_asym_capabilities.h
+++ b/drivers/crypto/qat/qat_asym_capabilities.h
@@ -37,6 +37,27 @@
 			}							\
 		},								\
 		}								\
+	},									\
+	{	/* RSA */							\
+		.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,				\
+		{.asym = {							\
+			.xform_capa = {						\
+				.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,	\
+				.op_types = ((1 << RTE_CRYPTO_ASYM_OP_SIGN) |	\
+					(1 << RTE_CRYPTO_ASYM_OP_VERIFY) |	\
+					(1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) |	\
+					(1 << RTE_CRYPTO_ASYM_OP_DECRYPT)),	\
+				{						\
+				.modlen = {					\
+				/* min length is based on openssl rsa keygen */	\
+				.min = 1,					\
+				/* value 0 symbolizes no limit on max length */	\
+				.max = 512,					\
+				.increment = 1					\
+				}, }						\
+			}							\
+		},								\
+		}								\
 	}									\
 
 #endif /* _QAT_ASYM_CAPABILITIES_H_ */
diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c
index 71fd709..78fc2d7 100644
--- a/drivers/crypto/qat/qat_asym_pmd.c
+++ b/drivers/crypto/qat/qat_asym_pmd.c
@@ -271,7 +271,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev)
 
 	cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_HW_ACCELERATED |
-			RTE_CRYPTODEV_FF_ASYM_SESSIONLESS;
+			RTE_CRYPTODEV_FF_ASYM_SESSIONLESS |
+			RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP;
 	internals = cryptodev->data->dev_private;
 	internals->qat_dev = qat_pci_dev;
 	qat_pci_dev->asym_dev = internals;
-- 
2.1.0

[dpdk-dev] [PATCH v2 3/5] crypto/qat: add rsa crt implementation to asym pmd

[Arek Kusztal]

This commit extends RSA implementation by CRT option

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 doc/guides/cryptodevs/features/qat.ini             |  1 +
 doc/guides/rel_notes/release_19_11.rst             |  2 +
 .../qat/qat_adf/qat_pke_functionality_arrays.h     |  9 ++++
 drivers/crypto/qat/qat_asym.c                      | 61 +++++++++++++++++++++-
 drivers/crypto/qat/qat_asym.h                      |  1 +
 drivers/crypto/qat/qat_asym_pmd.c                  |  3 +-
 6 files changed, 74 insertions(+), 3 deletions(-)

diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini
index 374b523..6e350eb 100644
--- a/doc/guides/cryptodevs/features/qat.ini
+++ b/doc/guides/cryptodevs/features/qat.ini
@@ -15,6 +15,7 @@ OOP LB  In LB  Out     = Y
 Digest encrypted       = Y
 Asymmetric sessionless = Y
 RSA PRIV OP KEY EXP    = Y
+RSA PRIV OP KEY QT     = Y
 
 ;
 ; Supported crypto algorithms of the 'qat' crypto driver.
diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst
index e081fb1..730b198 100644
--- a/doc/guides/rel_notes/release_19_11.rst
+++ b/doc/guides/rel_notes/release_19_11.rst
@@ -91,6 +91,8 @@ New Features
 
   Added support for RSA algorithm with pair (n, d) private key representation.
 
+  Added support for RSA algorithm with quintuple private key representation.
+
 * **Added cryptodev API to use asymmetric session-less operation.**
 
   Added session-less option to cryptodev asymmetric API. It works the same way
diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
index 4f857b9..4921e0c 100644
--- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
+++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
@@ -67,4 +67,13 @@ static const uint32_t RSA_MODEXP_DEC_IDS[][2] = {
 		{ 4096,	PKE_RSA_DP1_4096 },
 };
 
+static const uint32_t RSA_MODEXP_DEC_CRT_IDS[][2] = {
+		{ 512,	PKE_RSA_DP2_512 },
+		{ 1024,	PKE_RSA_DP2_1024 },
+		{ 1536,	PKE_RSA_DP2_1536 },
+		{ 2048,	PKE_RSA_DP2_2048 },
+		{ 3072,	PKE_RSA_DP2_3072 },
+		{ 4096,	PKE_RSA_DP2_4096 },
+};
+
 #endif
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 8985270..92e4c9c 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -354,8 +354,65 @@ qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op,
 			}
 
 			if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) {
-				QAT_LOG(ERR, "RSA CRT not implemented");
-				return QAT_ASYM_ERROR_INVALID_PARAM;
+
+				qat_req->input_param_count =
+						QAT_ASYM_RSA_QT_NUM_IN_PARAMS;
+				if (qat_asym_get_sz_and_func_id(RSA_MODEXP_DEC_CRT_IDS,
+						sizeof(RSA_MODEXP_DEC_CRT_IDS)/
+						sizeof(*RSA_MODEXP_DEC_CRT_IDS),
+						&alg_size, &func_id)) {
+					return QAT_ASYM_ERROR_INVALID_PARAM;
+				}
+				alg_size_in_bytes = alg_size >> 3;
+
+				rte_memcpy(cookie->input_array[1] +
+						(alg_size_in_bytes >> 1) -
+						xform->rsa.qt.p.length
+						, xform->rsa.qt.p.data,
+						xform->rsa.qt.p.length);
+				rte_memcpy(cookie->input_array[2] +
+						(alg_size_in_bytes >> 1) -
+						xform->rsa.qt.q.length
+						, xform->rsa.qt.q.data,
+						xform->rsa.qt.q.length);
+				rte_memcpy(cookie->input_array[3] +
+						(alg_size_in_bytes >> 1) -
+						xform->rsa.qt.dP.length
+						, xform->rsa.qt.dP.data,
+						xform->rsa.qt.dP.length);
+				rte_memcpy(cookie->input_array[4] +
+						(alg_size_in_bytes >> 1) -
+						xform->rsa.qt.dQ.length
+						, xform->rsa.qt.dQ.data,
+						xform->rsa.qt.dQ.length);
+				rte_memcpy(cookie->input_array[5] +
+						(alg_size_in_bytes >> 1) -
+						xform->rsa.qt.qInv.length
+						, xform->rsa.qt.qInv.data,
+						xform->rsa.qt.qInv.length);
+				cookie->alg_size = alg_size;
+				qat_req->pke_hdr.cd_pars.func_id = func_id;
+
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+				QAT_DP_HEXDUMP_LOG(DEBUG, "C",
+						cookie->input_array[0],
+						alg_size_in_bytes);
+				QAT_DP_HEXDUMP_LOG(DEBUG, "p",
+						cookie->input_array[1],
+						alg_size_in_bytes);
+				QAT_DP_HEXDUMP_LOG(DEBUG, "q",
+						cookie->input_array[2],
+						alg_size_in_bytes);
+				QAT_DP_HEXDUMP_LOG(DEBUG,
+						"dP", cookie->input_array[3],
+						alg_size_in_bytes);
+				QAT_DP_HEXDUMP_LOG(DEBUG,
+						"dQ", cookie->input_array[4],
+						alg_size_in_bytes);
+				QAT_DP_HEXDUMP_LOG(DEBUG,
+						"qInv", cookie->input_array[5],
+						alg_size_in_bytes);
+#endif
 			} else if (xform->rsa.key_type ==
 					RTE_RSA_KEY_TYPE_EXP) {
 				if (qat_asym_get_sz_and_func_id(
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index b12a969..a8e86e6 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -26,6 +26,7 @@ typedef uint64_t large_int_ptr;
 #define QAT_ASYM_MODEXP_NUM_OUT_PARAMS		1
 #define QAT_ASYM_RSA_NUM_IN_PARAMS		3
 #define QAT_ASYM_RSA_NUM_OUT_PARAMS		1
+#define QAT_ASYM_RSA_QT_NUM_IN_PARAMS		6
 
 struct qat_asym_op_cookie {
 	size_t alg_size;
diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c
index 78fc2d7..c8a52b6 100644
--- a/drivers/crypto/qat/qat_asym_pmd.c
+++ b/drivers/crypto/qat/qat_asym_pmd.c
@@ -272,7 +272,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev)
 	cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO |
 			RTE_CRYPTODEV_FF_HW_ACCELERATED |
 			RTE_CRYPTODEV_FF_ASYM_SESSIONLESS |
-			RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP;
+			RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP |
+			RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT;
 	internals = cryptodev->data->dev_private;
 	internals->qat_dev = qat_pci_dev;
 	qat_pci_dev->asym_dev = internals;
-- 
2.1.0

[dpdk-dev] [PATCH v2 4/5] test/crypto: add sessionless to asymmetric mod exp

[Arek Kusztal]

This commmit adds asymmetric sessionless tests to mod exp
int test_cryptodev test file

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 app/test/test_cryptodev_asym.c | 73 ++++++++++++++++++++++++++++--------------
 1 file changed, 49 insertions(+), 24 deletions(-)

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index e8177e7..31d8bfa 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -283,7 +283,7 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc,
 static int
 test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
 	union test_case_structure *data_tc,
-	char *test_msg)
+	char *test_msg, int sessionless)
 {
 	struct rte_crypto_asym_op *asym_op = NULL;
 	struct rte_crypto_op *op = NULL;
@@ -382,27 +382,31 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
 		goto error_exit;
 	}
 
-	sess = rte_cryptodev_asym_session_create(ts_params->session_mpool);
-	if (!sess) {
-		snprintf(test_msg, ASYM_TEST_MSG_LEN,
-				"line %u "
-				"FAILED: %s", __LINE__,
-				"Session creation failed");
-		status = TEST_FAILED;
-		goto error_exit;
-	}
-
-	if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc,
-			ts_params->session_mpool) < 0) {
-		snprintf(test_msg, ASYM_TEST_MSG_LEN,
-				"line %u FAILED: %s",
-				__LINE__, "unabled to config sym session");
-		status = TEST_FAILED;
-		goto error_exit;
-	}
+	if (!sessionless) {
+		sess = rte_cryptodev_asym_session_create(ts_params->session_mpool);
+		if (!sess) {
+			snprintf(test_msg, ASYM_TEST_MSG_LEN,
+					"line %u "
+					"FAILED: %s", __LINE__,
+					"Session creation failed");
+			status = TEST_FAILED;
+			goto error_exit;
+		}
 
-	rte_crypto_op_attach_asym_session(op, sess);
+		if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc,
+				ts_params->session_mpool) < 0) {
+			snprintf(test_msg, ASYM_TEST_MSG_LEN,
+					"line %u FAILED: %s",
+					__LINE__, "unabled to config sym session");
+			status = TEST_FAILED;
+			goto error_exit;
+		}
 
+		rte_crypto_op_attach_asym_session(op, sess);
+	} else {
+		asym_op->xform = &xform_tc;
+		op->sess_type = RTE_CRYPTO_OP_SESSIONLESS;
+	}
 	RTE_LOG(DEBUG, USER1, "Process ASYM operation");
 
 	/* Process crypto operation */
@@ -433,7 +437,10 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
 		goto error_exit;
 	}
 
-	snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS");
+	if (!sessionless)
+		snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS");
+	else
+		snprintf(test_msg, ASYM_TEST_MSG_LEN, "SESSIONLESS PASS");
 
 error_exit:
 		if (sess != NULL) {
@@ -451,7 +458,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
 }
 
 static int
-test_one_case(const void *test_case)
+test_one_case(const void *test_case, int sessionless)
 {
 	int status = TEST_SUCCESS;
 	char test_msg[ASYM_TEST_MSG_LEN + 1];
@@ -460,7 +467,8 @@ test_one_case(const void *test_case)
 	union test_case_structure tc;
 	memcpy(&tc, test_case, sizeof(tc));
 
-	status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg);
+	status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg,
+			sessionless);
 
 	printf("  %u) TestCase %s %s\n", test_index++,
 		tc.modex.description, test_msg);
@@ -501,14 +509,31 @@ static int
 test_one_by_one(void)
 {
 	int status = TEST_SUCCESS;
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
 	uint32_t i = 0;
+	uint8_t dev_id = ts_params->valid_devs[0];
+	struct rte_cryptodev_info dev_info;
+	int sessionless = 0;
+
+	rte_cryptodev_info_get(dev_id, &dev_info);
+	if ((dev_info.feature_flags &
+			RTE_CRYPTODEV_FF_ASYM_SESSIONLESS)) {
+		sessionless = 1;
+	}
 
 	/* Go through all test cases */
 	test_index = 0;
 	for (i = 0; i < test_vector.size; i++) {
-		if (test_one_case(test_vector.address[i]) != TEST_SUCCESS)
+		if (test_one_case(test_vector.address[i], 0) != TEST_SUCCESS)
 			status = TEST_FAILED;
 	}
+	if (sessionless) {
+		for (i = 0; i < test_vector.size; i++) {
+			if (test_one_case(test_vector.address[i], 1)
+					!= TEST_SUCCESS)
+				status = TEST_FAILED;
+		}
+	}
 
 	TEST_ASSERT_EQUAL(status, 0, "Test failed");
 	return status;
-- 
2.1.0

[dpdk-dev] [PATCH v2 5/5] test/crypto: add rsa tests to qat

[Arek Kusztal]

This commit adds RSA tests to Intel QuickAssist Technology pmd
test suite

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 app/test/test_cryptodev_asym.c             | 115 ++++++++++++++--
 app/test/test_cryptodev_rsa_test_vectors.h | 213 +++++++++++++++++++++++++++++
 2 files changed, 313 insertions(+), 15 deletions(-)

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 31d8bfa..66d0ec5 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -54,6 +54,7 @@ struct crypto_unittest_params {
 union test_case_structure {
 	struct modex_test_data modex;
 	struct modinv_test_data modinv;
+	struct rsa_test_data_2 rsa_data;
 };
 
 struct test_cases_array {
@@ -246,10 +247,12 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
 	return status;
 }
 static int
-test_cryptodev_asym_ver(union test_case_structure *data_tc,
-						struct rte_crypto_op *result_op)
+test_cryptodev_asym_ver(struct rte_crypto_op *op,
+				struct rte_crypto_asym_xform *xform_tc,
+				union test_case_structure *data_tc,
+				struct rte_crypto_op *result_op)
 {
-	int status = TEST_SUCCESS;
+	int status = TEST_FAILED;
 	int ret = 0;
 	uint8_t *data_expected = NULL, *data_received = NULL;
 	size_t data_size = 0;
@@ -265,17 +268,29 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc,
 		data_received = result_op->asym->modinv.result.data;
 		data_size = result_op->asym->modinv.result.length;
 		break;
+	case RTE_CRYPTO_ASYM_XFORM_RSA:
+		if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+			data_size = xform_tc->rsa.n.length;
+			data_received = result_op->asym->rsa.cipher.data;
+			data_expected = data_tc->rsa_data.ct.data;
+		} else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
+			data_size = xform_tc->rsa.n.length;
+			data_expected = data_tc->rsa_data.pt.data;
+			data_received = result_op->asym->rsa.message.data;
+			while (*data_received == 0 && data_size--)
+				data_received++;
+		}
+		break;
 	case RTE_CRYPTO_ASYM_XFORM_DH:
 	case RTE_CRYPTO_ASYM_XFORM_DSA:
-	case RTE_CRYPTO_ASYM_XFORM_RSA:
 	case RTE_CRYPTO_ASYM_XFORM_NONE:
 	case RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED:
 	default:
 		break;
 	}
 	ret = memcmp(data_expected, data_received, data_size);
-	if (ret)
-		status = TEST_FAILED;
+	if (!ret && data_size)
+		status = TEST_SUCCESS;
 
 	return status;
 }
@@ -283,7 +298,8 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc,
 static int
 test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
 	union test_case_structure *data_tc,
-	char *test_msg, int sessionless)
+	char *test_msg, int sessionless, enum rte_crypto_asym_op_type type,
+	enum rte_crypto_rsa_priv_key_type key_type)
 {
 	struct rte_crypto_asym_op *asym_op = NULL;
 	struct rte_crypto_op *op = NULL;
@@ -368,9 +384,44 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
 			goto error_exit;
 		}
 		break;
+	case RTE_CRYPTO_ASYM_XFORM_RSA:
+		result = rte_zmalloc(NULL, data_tc->rsa_data.n.len, 0);
+		op->asym->rsa.op_type = type;
+		xform_tc.rsa.e.data = data_tc->rsa_data.e.data;
+		xform_tc.rsa.e.length = data_tc->rsa_data.e.len;
+		xform_tc.rsa.d.data = data_tc->rsa_data.d.data;
+		xform_tc.rsa.d.length = data_tc->rsa_data.d.len;
+		xform_tc.rsa.n.data = data_tc->rsa_data.n.data;
+		xform_tc.rsa.n.length = data_tc->rsa_data.n.len;
+
+		xform_tc.rsa.qt.p.data = data_tc->rsa_data.p.data;
+		xform_tc.rsa.qt.p.length = data_tc->rsa_data.p.len;
+		xform_tc.rsa.qt.q.data = data_tc->rsa_data.q.data;
+		xform_tc.rsa.qt.q.length = data_tc->rsa_data.q.len;
+		xform_tc.rsa.qt.dP.data = data_tc->rsa_data.dP.data;
+		xform_tc.rsa.qt.dP.length = data_tc->rsa_data.dP.len;
+		xform_tc.rsa.qt.dQ.data = data_tc->rsa_data.dQ.data;
+		xform_tc.rsa.qt.dQ.length = data_tc->rsa_data.dQ.len;
+		xform_tc.rsa.qt.qInv.data = data_tc->rsa_data.qInv.data;
+		xform_tc.rsa.qt.qInv.length = data_tc->rsa_data.qInv.len;
+
+		xform_tc.rsa.key_type = key_type;
+		op->asym->rsa.pad = data_tc->rsa_data.padding;
+
+		if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+			asym_op->rsa.message.data = data_tc->rsa_data.pt.data;
+			asym_op->rsa.message.length = data_tc->rsa_data.pt.len;
+			asym_op->rsa.cipher.data = result;
+			asym_op->rsa.cipher.length = data_tc->rsa_data.n.len;
+		} else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
+			asym_op->rsa.message.data = result;
+			asym_op->rsa.message.length = data_tc->rsa_data.n.len;
+			asym_op->rsa.cipher.data = data_tc->rsa_data.ct.data;
+			asym_op->rsa.cipher.length = data_tc->rsa_data.ct.len;
+		}
+		break;
 	case RTE_CRYPTO_ASYM_XFORM_DH:
 	case RTE_CRYPTO_ASYM_XFORM_DSA:
-	case RTE_CRYPTO_ASYM_XFORM_RSA:
 	case RTE_CRYPTO_ASYM_XFORM_NONE:
 	case RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED:
 	default:
@@ -429,7 +480,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
 		goto error_exit;
 	}
 
-	if (test_cryptodev_asym_ver(data_tc, result_op) != TEST_SUCCESS) {
+	if (test_cryptodev_asym_ver(op, &xform_tc, data_tc, result_op) != TEST_SUCCESS) {
 		snprintf(test_msg, ASYM_TEST_MSG_LEN,
 			"line %u FAILED: %s",
 			__LINE__, "Verification failed ");
@@ -460,18 +511,41 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params,
 static int
 test_one_case(const void *test_case, int sessionless)
 {
-	int status = TEST_SUCCESS;
+	int status = TEST_SUCCESS, i = 0;
 	char test_msg[ASYM_TEST_MSG_LEN + 1];
 
 	/* Map the case to union */
 	union test_case_structure tc;
 	memcpy(&tc, test_case, sizeof(tc));
 
-	status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg,
-			sessionless);
-
-	printf("  %u) TestCase %s %s\n", test_index++,
-		tc.modex.description, test_msg);
+	if (tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX
+			|| tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) {
+		status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg,
+				sessionless, 0, 0);
+		printf("  %u) TestCase %s %s\n", test_index++,
+			tc.modex.description, test_msg);
+	} else {
+		for (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) {
+			if (tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) {
+				if (tc.rsa_data.op_type_flags & (1 << i)) {
+					if (tc.rsa_data.key_exp)
+						status = test_cryptodev_asym_op(
+							&testsuite_params, &tc,
+							test_msg, sessionless, i,
+							RTE_RSA_KEY_TYPE_EXP);
+					if (tc.rsa_data.key_qt && (i ==
+							RTE_CRYPTO_ASYM_OP_DECRYPT ||
+							i == RTE_CRYPTO_ASYM_OP_SIGN))
+						status = test_cryptodev_asym_op(
+							&testsuite_params,
+							&tc, test_msg, sessionless, i,
+							RTE_RSA_KET_TYPE_QT);
+				}
+			}
+		}
+		printf("  %u) TestCase %s %s\n", test_index++,
+			tc.modex.description, test_msg);
+	}
 
 	return status;
 }
@@ -502,6 +576,17 @@ load_test_vectors(void)
 		test_vector.address[test_vector.size] = &modinv_test_case[i];
 		test_vector.size++;
 	}
+	/* Load RSA vector*/
+	v_size = ARRAY_SIZE(rsa_test_case_list);
+	for (i = 0; i < v_size; i++) {
+		if (test_vector.size >= (TEST_VECTOR_SIZE)) {
+			RTE_LOG(DEBUG, USER1,
+				"TEST_VECTOR_SIZE too small\n");
+			return -1;
+		}
+		test_vector.address[test_vector.size] = &rsa_test_case_list[i];
+		test_vector.size++;
+	}
 	return 0;
 }
 
diff --git a/app/test/test_cryptodev_rsa_test_vectors.h b/app/test/test_cryptodev_rsa_test_vectors.h
index 0dc0375..4545d4d 100644
--- a/app/test/test_cryptodev_rsa_test_vectors.h
+++ b/app/test/test_cryptodev_rsa_test_vectors.h
@@ -5,10 +5,223 @@
 #ifndef TEST_CRYPTODEV_RSA_TEST_VECTORS_H__
 #define TEST_CRYPTODEV_RSA_TEST_VECTORS_H__
 
+#include <stdint.h>
+
 #include "rte_crypto_asym.h"
 
 #define TEST_DATA_SIZE 4096
 
+struct rsa_test_data_2 {
+	enum rte_crypto_asym_xform_type xform_type;
+	const char *description;
+	uint64_t op_type_flags;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} pt;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} ct;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} sign;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} e;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} d;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} n;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} p;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} q;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} dP;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} dQ;
+	struct {
+		uint8_t data[DATA_SIZE];
+		uint16_t len;
+	} qInv;
+
+	uint16_t result_len;
+	enum rte_crypto_rsa_padding_type padding;
+	int key_exp;
+	int key_qt;
+};
+
+static const struct
+rsa_test_data_2 rsa_test_case_list[] = {
+	{
+		.description = "RSA Encryption Decryption "
+					   "(n=128, pt=20, e=3) EXP, QT",
+		.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
+		.op_type_flags = 1UL << RTE_CRYPTO_ASYM_OP_ENCRYPT |
+					1UL << RTE_CRYPTO_ASYM_OP_DECRYPT,
+		.pt = {
+			.data = {
+				0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae,
+				0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb,
+				0x7e, 0x78, 0xa0, 0x50
+			},
+			.len = 20,
+		},
+		.ct = {
+			.data = {
+				0x2C, 0x60, 0x75, 0x45, 0x98, 0x9D, 0xE0, 0x72,
+				0xA0, 0x9D, 0x3A, 0x9E, 0x03, 0x38, 0x73, 0x3C,
+				0x31, 0x83, 0x04, 0xFE, 0x75, 0x43, 0xE6, 0x17,
+				0x5C, 0x01, 0x29, 0x51, 0x69, 0x33, 0x62, 0x2D,
+				0x78, 0xBE, 0xAE, 0xC4, 0xBC, 0xDE, 0x7E, 0x2C,
+				0x77, 0x84, 0xF2, 0xC5, 0x14, 0xB5, 0x2F, 0xF7,
+				0xC5, 0x94, 0xEF, 0x86, 0x75, 0x75, 0xB5, 0x11,
+				0xE5, 0x0E, 0x0A, 0x29, 0x76, 0xE2, 0xEA, 0x32,
+				0x0E, 0x43, 0x77, 0x7E, 0x2C, 0x27, 0xAC, 0x3B,
+				0x86, 0xA5, 0xDB, 0xC9, 0x48, 0x40, 0xE8, 0x99,
+				0x9A, 0x0A, 0x3D, 0xD6, 0x74, 0xFA, 0x2E, 0x2E,
+				0x5B, 0xAF, 0x8C, 0x99, 0x44, 0x2A, 0x67, 0x38,
+				0x27, 0x41, 0x59, 0x9D, 0xB8, 0x51, 0xC9, 0xF7,
+				0x43, 0x61, 0x31, 0x6E, 0xF1, 0x25, 0x38, 0x7F,
+				0xAE, 0xC6, 0xD0, 0xBB, 0x29, 0x76, 0x3F, 0x46,
+				0x2E, 0x1B, 0xE4, 0x67, 0x71, 0xE3, 0x87, 0x5A
+			},
+			.len = 128,
+		},
+		.e = {
+			.data = {
+				0x01, 0x00, 0x01
+			},
+			.len = 3,
+		},
+		.d = {
+			.data = {
+				0x24, 0xd7, 0xea, 0xf4, 0x7f, 0xe0, 0xca, 0x31,
+				0x4d, 0xee, 0xc4, 0xa1, 0xbe, 0xab, 0x06, 0x61,
+				0x32, 0xe7, 0x51, 0x46, 0x27, 0xdf, 0x72, 0xe9,
+				0x6f, 0xa8, 0x4c, 0xd1, 0x26, 0xef, 0x65, 0xeb,
+				0x67, 0xff, 0x5f, 0xa7, 0x3b, 0x25, 0xb9, 0x08,
+				0x8e, 0xa0, 0x47, 0x56, 0xe6, 0x8e, 0xf9, 0xd3,
+				0x18, 0x06, 0x3d, 0xc6, 0xb1, 0xf8, 0xdc, 0x1b,
+				0x8d, 0xe5, 0x30, 0x54, 0x26, 0xac, 0x16, 0x3b,
+				0x7b, 0xad, 0x46, 0x9e, 0x21, 0x6a, 0x57, 0xe6,
+				0x81, 0x56, 0x1d, 0x2a, 0xc4, 0x39, 0x63, 0x67,
+				0x81, 0x2c, 0xca, 0xcc, 0xf8, 0x42, 0x04, 0xbe,
+				0xcf, 0x8f, 0x6c, 0x5b, 0x81, 0x46, 0xb9, 0xc7,
+				0x62, 0x90, 0x87, 0x35, 0x03, 0x9b, 0x89, 0xcb,
+				0x37, 0xbd, 0xf1, 0x1b, 0x99, 0xa1, 0x9a, 0x78,
+				0xd5, 0x4c, 0xdd, 0x3f, 0x41, 0x0c, 0xb7, 0x1a,
+				0xd9, 0x7b, 0x87, 0x5f, 0xbe, 0xb1, 0x83, 0x41
+			},
+			.len = 128,
+		},
+		.n = {
+			.data = {
+				0xb3, 0xa1, 0xaf, 0xb7, 0x13, 0x08, 0x00, 0x0a,
+				0x35, 0xdc, 0x2b, 0x20, 0x8d, 0xa1, 0xb5, 0xce,
+				0x47, 0x8a, 0xc3, 0x80, 0xf4, 0x7d, 0x4a, 0xa2,
+				0x62, 0xfd, 0x61, 0x7f, 0xb5, 0xa8, 0xde, 0x0a,
+				0x17, 0x97, 0xa0, 0xbf, 0xdf, 0x56, 0x5a, 0x3d,
+				0x51, 0x56, 0x4f, 0x70, 0x70, 0x3f, 0x63, 0x6a,
+				0x44, 0x5b, 0xad, 0x84, 0x0d, 0x3f, 0x27, 0x6e,
+				0x3b, 0x34, 0x91, 0x60, 0x14, 0xb9, 0xaa, 0x72,
+				0xfd, 0xa3, 0x64, 0xd2, 0x03, 0xa7, 0x53, 0x87,
+				0x9e, 0x88, 0x0b, 0xc1, 0x14, 0x93, 0x1a, 0x62,
+				0xff, 0xb1, 0x5d, 0x74, 0xcd, 0x59, 0x63, 0x18,
+				0x11, 0x3d, 0x4f, 0xba, 0x75, 0xd4, 0x33, 0x4e,
+				0x23, 0x6b, 0x7b, 0x57, 0x44, 0xe1, 0xd3, 0x03,
+				0x13, 0xa6, 0xf0, 0x8b, 0x60, 0xb0, 0x9e, 0xee,
+				0x75, 0x08, 0x9d, 0x71, 0x63, 0x13, 0xcb, 0xa6,
+				0x81, 0x92, 0x14, 0x03, 0x22, 0x2d, 0xde, 0x55
+			},
+			.len = 128,
+		},
+		.p = {
+			.data = {
+				0xdc, 0xba, 0x00, 0x01, 0x57, 0x93, 0xe3, 0x05,
+				0xed, 0x61, 0x9a, 0xa3, 0xaf, 0x6a, 0xd3, 0x47,
+				0x8f, 0x2d, 0x1e, 0x7f, 0x4d, 0x60, 0xc8, 0x8d,
+				0x34, 0xb8, 0x17, 0x84, 0xbc, 0xd4, 0xe9, 0x79,
+				0x95, 0x75, 0x19, 0x37, 0xe0, 0xcc, 0xfe, 0x4c,
+				0x5d, 0x49, 0x53, 0x61, 0x29, 0xf1, 0xdc, 0x82,
+				0x03, 0x96, 0x7d, 0x95, 0x4f, 0xdd, 0x3c, 0x0a,
+				0x64, 0x8a, 0x43, 0x2f, 0x95, 0x4a, 0xed, 0xdd
+			},
+			.len = 64,
+		},
+		.q = {
+			.data = {
+				0xd0, 0x56, 0x7a, 0x0a, 0xd5, 0x95, 0xa4, 0x85,
+				0x53, 0x35, 0xa1, 0x48, 0x07, 0x6a, 0x7c, 0x08,
+				0xe0, 0xfd, 0x4b, 0x88, 0x77, 0xa6, 0x15, 0x23,
+				0x0f, 0xbf, 0x14, 0x46, 0x11, 0xee, 0x95, 0xc7,
+				0x5e, 0x77, 0x65, 0xa2, 0xb5, 0x50, 0xdf, 0x19,
+				0x07, 0xc7, 0x72, 0xdb, 0x29, 0xf6, 0x54, 0x86,
+				0xe1, 0xb3, 0x97, 0x0a, 0x28, 0x64, 0x3a, 0x38,
+				0xa6, 0x7d, 0x13, 0xc3, 0x79, 0xaa, 0x56, 0xd9
+			},
+			.len = 64,
+		},
+		.dP = {
+			.data = {
+				0xc5, 0x43, 0x0d, 0x82, 0x25, 0x8c, 0xab, 0x55,
+				0xbe, 0xc2, 0x7d, 0xfb, 0x4f, 0x68, 0x3f, 0x0e,
+				0x32, 0xec, 0xf5, 0xd6, 0x7b, 0x86, 0xc5, 0x75,
+				0x3c, 0xea, 0x51, 0x4a, 0x75, 0xa0, 0x2a, 0x50,
+				0x58, 0xbb, 0xe0, 0x1f, 0xca, 0x2e, 0x2a, 0x0e,
+				0x81, 0x48, 0x68, 0xd5, 0xeb, 0x30, 0x96, 0x0b,
+				0x33, 0xbd, 0xa8, 0xda, 0x6a, 0x17, 0xa3, 0xf2,
+				0xfd, 0xcb, 0x7b, 0x23, 0xe9, 0x5e, 0x9f, 0x99
+			},
+			.len = 64,
+		},
+		.dQ = {
+			.data = {
+				0xbe, 0xff, 0xf9, 0x05, 0x43, 0xc8, 0xdc, 0x3b,
+				0x0b, 0x0d, 0x28, 0xde, 0x73, 0x46, 0x11, 0x8e,
+				0xc6, 0x4e, 0x11, 0xd8, 0x7b, 0xf0, 0xfc, 0x81,
+				0xd7, 0x66, 0xd3, 0xbc, 0x65, 0xa6, 0x39, 0x14,
+				0xbd, 0xab, 0x72, 0xb7, 0x57, 0xc9, 0x5b, 0xaf,
+				0x83, 0xed, 0x3b, 0x84, 0x68, 0x15, 0x18, 0x6b,
+				0x4c, 0x32, 0xac, 0x6f, 0x38, 0x96, 0xa2, 0xb5,
+				0xdb, 0x14, 0xe2, 0x70, 0x9c, 0x73, 0x29, 0x09
+			},
+			.len = 64,
+		},
+		.qInv = {
+			.data = {
+				0x59, 0xbd, 0xb1, 0x37, 0xeb, 0x4e, 0xcf, 0x68,
+				0xe7, 0x85, 0x91, 0xbb, 0xc0, 0xdb, 0x8e, 0x41,
+				0x91, 0x4a, 0xc0, 0xb1, 0xc5, 0xe8, 0x91, 0xf6,
+				0xc7, 0x5a, 0x98, 0x1a, 0x8a, 0x0f, 0x45, 0xb2,
+				0x5b, 0xff, 0x7a, 0x2d, 0x98, 0x89, 0x55, 0xd9,
+				0xbf, 0x6e, 0xdd, 0x2d, 0xd4, 0xe8, 0x0a, 0xaa,
+				0xae, 0x2a, 0xc4, 0x16, 0xb5, 0xba, 0xe1, 0x69,
+				0x71, 0x94, 0xdd, 0xa0, 0xf5, 0x1e, 0x6d, 0xcc
+			},
+			.len = 64,
+		},
+		.padding = RTE_CRYPTO_RSA_PADDING_NONE,
+		.key_exp = 1,
+		.key_qt = 1,
+	}
+};
+
 struct rsa_test_data {
 	uint8_t data[TEST_DATA_SIZE];
 	unsigned int len;
-- 
2.1.0

Re: [dpdk-dev] [PATCH v2 0/5] Add session-less, RSA, RSA-CRT to QAT

[Akhil Goyal]

Hi Arek,
> 
> This patchset adds session-less option, RSA algorithm, RSA-CRT algorithm
> to Intel QuickAssist Technology PMD.
> 
> This patchset depends on the
> [v5] cryptodev: extend api of asymmetric crypto by session-less [1]
> 
> [1]
> http://patchwork.dpdk.org/patch/60882/
> 
Could you please rebase this patch so that compilation can be tested by CI.
The dependent patch is merged.
Also please update the patch titles as below.

@fiona.trahe@intel.com: could you please review this series and provide Ack

> v2:
> - fixed alg size problem in crt
> - fixed rsa capabilities
> - added rsa test cases
> 
> Arek Kusztal (5):
>   crypto/qat: add sessionless implementation to asym pmd
crypto/qat: support asymmetric sessionless ops

>   crypto/qat: add rsa implementation to asym pmd
crypto/qat: support RSA
>   crypto/qat: add rsa crt implementation to asym pmd
crypto/qat: support RSA CRT
>   test/crypto: add sessionless to asymmetric mod exp
test/crypto: support sessionless in asymmetric cases
>   test/crypto: add rsa tests to qat
test/crypto: add RSA cases in QAT

Also please add more meaningful patch description.

> 
>  app/test/test_cryptodev_asym.c                     | 182 ++++--
>  app/test/test_cryptodev_rsa_test_vectors.h         | 213 +++++++
>  doc/guides/cryptodevs/features/qat.ini             |   4 +
>  doc/guides/rel_notes/release_19_11.rst             |   8 +
>  .../qat/qat_adf/qat_pke_functionality_arrays.h     |  27 +
>  drivers/crypto/qat/qat_asym.c                      | 616 ++++++++++++++++-----
>  drivers/crypto/qat/qat_asym.h                      |  29 +-
>  drivers/crypto/qat/qat_asym_capabilities.h         |  21 +
>  drivers/crypto/qat/qat_asym_pmd.c                  |   5 +-
>  9 files changed, 925 insertions(+), 180 deletions(-)
> 
> --
> 2.1.0

Re: [dpdk-dev] [PATCH v2 0/5] Add session-less, RSA, RSA-CRT to QAT

[Trahe, Fiona]

Hi Akhil,
Arek will add RSA signature tests with padding-none option.
I will review and ack after this
Fiona

> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> Sent: Tuesday, October 15, 2019 11:23 AM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org; Trahe, Fiona
> <fiona.trahe@intel.com>
> Subject: RE: [PATCH v2 0/5] Add session-less, RSA, RSA-CRT to QAT
> 
> Hi Arek,
> >
> > This patchset adds session-less option, RSA algorithm, RSA-CRT algorithm
> > to Intel QuickAssist Technology PMD.
> >
> > This patchset depends on the
> > [v5] cryptodev: extend api of asymmetric crypto by session-less [1]
> >
> > [1]
> > http://patchwork.dpdk.org/patch/60882/
> >
> Could you please rebase this patch so that compilation can be tested by CI.
> The dependent patch is merged.
> Also please update the patch titles as below.
> 
> @fiona.trahe@intel.com: could you please review this series and provide Ack
> 
> > v2:
> > - fixed alg size problem in crt
> > - fixed rsa capabilities
> > - added rsa test cases
> >
> > Arek Kusztal (5):
> >   crypto/qat: add sessionless implementation to asym pmd
> crypto/qat: support asymmetric sessionless ops
> 
> >   crypto/qat: add rsa implementation to asym pmd
> crypto/qat: support RSA
> >   crypto/qat: add rsa crt implementation to asym pmd
> crypto/qat: support RSA CRT
> >   test/crypto: add sessionless to asymmetric mod exp
> test/crypto: support sessionless in asymmetric cases
> >   test/crypto: add rsa tests to qat
> test/crypto: add RSA cases in QAT
> 
> Also please add more meaningful patch description.
> 
> >
> >  app/test/test_cryptodev_asym.c                     | 182 ++++--
> >  app/test/test_cryptodev_rsa_test_vectors.h         | 213 +++++++
> >  doc/guides/cryptodevs/features/qat.ini             |   4 +
> >  doc/guides/rel_notes/release_19_11.rst             |   8 +
> >  .../qat/qat_adf/qat_pke_functionality_arrays.h     |  27 +
> >  drivers/crypto/qat/qat_asym.c                      | 616 ++++++++++++++++-----
> >  drivers/crypto/qat/qat_asym.h                      |  29 +-
> >  drivers/crypto/qat/qat_asym_capabilities.h         |  21 +
> >  drivers/crypto/qat/qat_asym_pmd.c                  |   5 +-
> >  9 files changed, 925 insertions(+), 180 deletions(-)
> >
> > --
> > 2.1.0

Re: [dpdk-dev] [PATCH v2 0/5] Add session-less, RSA, RSA-CRT to QAT

[Trahe, Fiona]

Hi Akhil,
There are also some minor changes needed in QAT asymmetric PMD patches - Arek plans to send 
a v3 later today with the RSA signature tests and those QAT changes.
Fiona

> -----Original Message-----
> From: Trahe, Fiona
> Sent: Thursday, October 17, 2019 10:27 AM
> To: Akhil Goyal <akhil.goyal@nxp.com>; Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>;
> dev@dpdk.org
> Cc: Trahe, Fiona <fiona.trahe@intel.com>
> Subject: RE: [PATCH v2 0/5] Add session-less, RSA, RSA-CRT to QAT
> 
> Hi Akhil,
> Arek will add RSA signature tests with padding-none option.
> I will review and ack after this
> Fiona
> 
> > -----Original Message-----
> > From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> > Sent: Tuesday, October 15, 2019 11:23 AM
> > To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org; Trahe, Fiona
> > <fiona.trahe@intel.com>
> > Subject: RE: [PATCH v2 0/5] Add session-less, RSA, RSA-CRT to QAT
> >
> > Hi Arek,
> > >
> > > This patchset adds session-less option, RSA algorithm, RSA-CRT algorithm
> > > to Intel QuickAssist Technology PMD.
> > >
> > > This patchset depends on the
> > > [v5] cryptodev: extend api of asymmetric crypto by session-less [1]
> > >
> > > [1]
> > > http://patchwork.dpdk.org/patch/60882/
> > >
> > Could you please rebase this patch so that compilation can be tested by CI.
> > The dependent patch is merged.
> > Also please update the patch titles as below.
> >
> > @fiona.trahe@intel.com: could you please review this series and provide Ack
> >
> > > v2:
> > > - fixed alg size problem in crt
> > > - fixed rsa capabilities
> > > - added rsa test cases
> > >
> > > Arek Kusztal (5):
> > >   crypto/qat: add sessionless implementation to asym pmd
> > crypto/qat: support asymmetric sessionless ops
> >
> > >   crypto/qat: add rsa implementation to asym pmd
> > crypto/qat: support RSA
> > >   crypto/qat: add rsa crt implementation to asym pmd
> > crypto/qat: support RSA CRT
> > >   test/crypto: add sessionless to asymmetric mod exp
> > test/crypto: support sessionless in asymmetric cases
> > >   test/crypto: add rsa tests to qat
> > test/crypto: add RSA cases in QAT
> >
> > Also please add more meaningful patch description.
> >
> > >
> > >  app/test/test_cryptodev_asym.c                     | 182 ++++--
> > >  app/test/test_cryptodev_rsa_test_vectors.h         | 213 +++++++
> > >  doc/guides/cryptodevs/features/qat.ini             |   4 +
> > >  doc/guides/rel_notes/release_19_11.rst             |   8 +
> > >  .../qat/qat_adf/qat_pke_functionality_arrays.h     |  27 +
> > >  drivers/crypto/qat/qat_asym.c                      | 616 ++++++++++++++++-----
> > >  drivers/crypto/qat/qat_asym.h                      |  29 +-
> > >  drivers/crypto/qat/qat_asym_capabilities.h         |  21 +
> > >  drivers/crypto/qat/qat_asym_pmd.c                  |   5 +-
> > >  9 files changed, 925 insertions(+), 180 deletions(-)
> > >
> > > --
> > > 2.1.0