From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com,
Arek Kusztal <arkadiuszx.kusztal@intel.com>
Subject: [dpdk-dev] [PATCH v4 3/4] crypto/qat: add modular exponentiation to qat asym pmd
Date: Wed, 27 Mar 2019 12:17:19 +0100 [thread overview]
Message-ID: <20190327111720.13732-4-arkadiuszx.kusztal@intel.com> (raw)
Message-ID: <20190327111719.qEdEKrFBOUdvHOA0BQ3Ph1P_s_TxHTibXI0FXgq-y1I@z> (raw)
In-Reply-To: <20190327111720.13732-1-arkadiuszx.kusztal@intel.com>
This commit adds modular exponentiation to Intel QuickAssist
Technology driver. For capabilities or limitations please refer to
qat.rst or qat_asym_capabilities.h.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/cryptodevs/qat.rst | 2 +
.../qat/qat_adf/qat_pke_functionality_arrays.h | 2 +-
drivers/crypto/qat/qat_asym.c | 125 +++++++++++++++++++--
drivers/crypto/qat/qat_asym.h | 6 +
drivers/crypto/qat/qat_asym_capabilities.h | 18 ++-
drivers/crypto/qat/qat_asym_pmd.c | 1 +
6 files changed, 140 insertions(+), 14 deletions(-)
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 53a8d61..e09ae8b 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -106,6 +106,8 @@ Asymmetric Crypto Service on QAT
The QAT Asym PMD has support for:
+* ``Modular exponentiation``
+
Limitations
~~~~~~~~~~~
diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
index 1fdb45a..ffea27e 100644
--- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
+++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
@@ -10,7 +10,7 @@
/*
* Modular exponentiation functionality IDs
*/
-static const uint32_t __rte_unused MOD_EXP_SIZE[][2] = {
+static const uint32_t MOD_EXP_SIZE[][2] = {
{ 512, MATHS_MODEXP_L512 },
{ 1024, MATHS_MODEXP_L1024 },
{ 1536, MATHS_MODEXP_L1536 },
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 8fc6629..733aab4 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -11,7 +11,7 @@
#define qat_asym_sz_2param(arg) (arg, sizeof(arg)/sizeof(*arg))
-static int __rte_unused qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
+static int qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
size_t arr_sz, size_t *size, uint32_t *func_id)
{
size_t i;
@@ -27,7 +27,7 @@ static int __rte_unused qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
}
static void qat_asym_build_req_tmpl(void *sess_private_data,
- struct rte_crypto_asym_xform __rte_unused *xform)
+ struct rte_crypto_asym_xform *xform)
{
struct icp_qat_fw_pke_request *qat_req;
@@ -50,9 +50,14 @@ static void qat_asym_build_req_tmpl(void *sess_private_data,
qat_req->resrvd1 = 0;
qat_req->resrvd2 = 0;
qat_req->next_req_adr = 0;
+
+ if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
+ qat_req->output_param_count = 1;
+ qat_req->input_param_count = 3;
+ }
}
-static size_t __rte_unused max_of(int n, ...)
+static size_t max_of(int n, ...)
{
va_list args;
size_t len = 0, num;
@@ -71,7 +76,7 @@ static size_t __rte_unused max_of(int n, ...)
return len;
}
-static void __rte_unused qat_clear_arrays(struct qat_asym_op_cookie *cookie,
+static void qat_clear_arrays(struct qat_asym_op_cookie *cookie,
int in_count, int out_count, int in_size, int out_size)
{
int i;
@@ -82,7 +87,7 @@ static void __rte_unused qat_clear_arrays(struct qat_asym_op_cookie *cookie,
memset(cookie->output_array[i], 0x0, out_size);
}
-static int __rte_unused qat_asym_check_nonzero(rte_crypto_param n)
+static int qat_asym_check_nonzero(rte_crypto_param n)
{
if (n.length < 8) {
/* Not a case for any cryptograpic function except for DH
@@ -120,12 +125,17 @@ qat_asym_build_request(void *in_op,
{
struct qat_asym_session *ctx;
struct rte_crypto_op *op = (struct rte_crypto_op *)in_op;
- struct rte_crypto_asym_op __rte_unused *asym_op = op->asym;
+ struct rte_crypto_asym_op *asym_op = op->asym;
struct icp_qat_fw_pke_request *qat_req =
(struct icp_qat_fw_pke_request *)out_msg;
struct qat_asym_op_cookie *cookie =
(struct qat_asym_op_cookie *)op_cookie;
+ uint64_t err = 0;
+ size_t alg_size;
+ size_t alg_size_in_bytes;
+ uint32_t func_id;
+
ctx = (struct qat_asym_session *)get_asym_session_private_data(
op->asym->session, cryptodev_qat_asym_driver_id);
rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl));
@@ -134,7 +144,52 @@ qat_asym_build_request(void *in_op,
qat_req->pke_mid.src_data_addr = cookie->input_addr;
qat_req->pke_mid.dest_data_addr = cookie->output_addr;
- goto error;
+ if (ctx->alg == QAT_PKE_MODEXP) {
+ err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_exp.n);
+ if (err) {
+ QAT_LOG(ERR, "Empty modulus, aborting this operation");
+ goto error;
+ }
+
+ alg_size_in_bytes = max_of(3, asym_op->modex.base.length,
+ ctx->sess_alg_params.mod_exp.e.length,
+ ctx->sess_alg_params.mod_exp.n.length);
+ alg_size = alg_size_in_bytes << 3;
+
+ if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE,
+ sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE),
+ &alg_size, &func_id)) {
+ err = QAT_ASYM_ERROR_INVALID_PARAM;
+ goto error;
+ }
+
+ alg_size_in_bytes = alg_size >> 3;
+ rte_memcpy(cookie->input_array[0] + alg_size_in_bytes -
+ asym_op->modex.base.length
+ , asym_op->modex.base.data,
+ asym_op->modex.base.length);
+ rte_memcpy(cookie->input_array[1] + alg_size_in_bytes -
+ ctx->sess_alg_params.mod_exp.e.length
+ , ctx->sess_alg_params.mod_exp.e.data,
+ ctx->sess_alg_params.mod_exp.e.length);
+ rte_memcpy(cookie->input_array[2] + alg_size_in_bytes -
+ ctx->sess_alg_params.mod_exp.n.length,
+ ctx->sess_alg_params.mod_exp.n.data,
+ ctx->sess_alg_params.mod_exp.n.length);
+ cookie->alg_size = alg_size;
+ qat_req->pke_hdr.cd_pars.func_id = func_id;
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+ QAT_DP_HEXDUMP_LOG(DEBUG, "base",
+ cookie->input_array[0],
+ alg_size_in_bytes);
+ QAT_DP_HEXDUMP_LOG(DEBUG, "exponent",
+ cookie->input_array[1],
+ alg_size_in_bytes);
+ QAT_DP_HEXDUMP_LOG(DEBUG, "modulus",
+ cookie->input_array[2],
+ alg_size_in_bytes);
+#endif
+ }
#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req,
@@ -145,7 +200,7 @@ qat_asym_build_request(void *in_op,
qat_req->output_param_count = 0;
qat_req->input_param_count = 0;
qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL;
- cookie->error |= QAT_ASYM_ERROR_INVALID_PARAM;
+ cookie->error |= err;
return 0;
}
@@ -154,11 +209,17 @@ void
qat_asym_process_response(void **op, uint8_t *resp,
void *op_cookie)
{
+ struct qat_asym_session *ctx;
struct icp_qat_fw_pke_resp *resp_msg =
(struct icp_qat_fw_pke_resp *)resp;
struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t)
(resp_msg->opaque);
+ struct rte_crypto_asym_op *asym_op = rx_op->asym;
struct qat_asym_op_cookie *cookie = op_cookie;
+ size_t alg_size, alg_size_in_bytes;
+
+ ctx = (struct qat_asym_session *)get_asym_session_private_data(
+ rx_op->asym->session, cryptodev_qat_asym_driver_id);
*op = rx_op;
rx_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
@@ -178,6 +239,30 @@ qat_asym_process_response(void **op, uint8_t *resp,
QAT_LOG(ERR, "Cookie status returned error");
}
+ if (ctx->alg == QAT_PKE_MODEXP) {
+ alg_size = cookie->alg_size;
+ alg_size_in_bytes = alg_size >> 3;
+ uint8_t *modexp_result = asym_op->modex.result.data;
+
+ if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
+ rte_memcpy(modexp_result +
+ (asym_op->modex.result.length -
+ ctx->sess_alg_params.mod_exp.n.length),
+ cookie->output_array[0] + alg_size_in_bytes
+ - ctx->sess_alg_params.mod_exp.n.length,
+ ctx->sess_alg_params.mod_exp.n.length
+ );
+ rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+ QAT_DP_HEXDUMP_LOG(DEBUG, "modexp_result",
+ cookie->output_array[0],
+ alg_size_in_bytes);
+#endif
+ }
+ qat_clear_arrays(cookie, 3, 1, alg_size_in_bytes,
+ alg_size_in_bytes);
+ }
+
#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
QAT_DP_HEXDUMP_LOG(DEBUG, "resp_msg:", resp_msg,
sizeof(struct icp_qat_fw_pke_resp));
@@ -190,24 +275,40 @@ qat_asym_session_configure(struct rte_cryptodev *dev,
struct rte_cryptodev_asym_session *sess,
struct rte_mempool *mempool)
{
- int err;
+ int err = 0;
void *sess_private_data;
+ struct qat_asym_session *session;
- err = -EINVAL;
- goto error;
if (rte_mempool_get(mempool, &sess_private_data)) {
QAT_LOG(ERR,
"Couldn't get object from session mempool");
return -ENOMEM;
}
+ session = sess_private_data;
+ if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
+ session->sess_alg_params.mod_exp.e = xform->modex.exponent;
+ session->sess_alg_params.mod_exp.n = xform->modex.modulus;
+ session->alg = QAT_PKE_MODEXP;
+
+ if (xform->modex.exponent.length == 0 ||
+ xform->modex.modulus.length == 0) {
+ QAT_LOG(ERR, "Invalid mod exp input parameter");
+ err = -EINVAL;
+ goto error;
+ }
+ } else {
+ QAT_LOG(ERR, "Invalid asymmetric crypto xform");
+ err = -EINVAL;
+ goto error;
+ }
qat_asym_build_req_tmpl(sess_private_data, xform);
-
set_asym_session_private_data(sess, dev->driver_id,
sess_private_data);
return 0;
error:
+ rte_mempool_put(mempool, sess_private_data);
return err;
}
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index 7e5982d..228d2f7 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -45,6 +45,12 @@ struct qat_asym_session {
enum qat_asym_alg alg;
struct icp_qat_fw_pke_request req_tmpl;
uint64_t flags;
+ union {
+ struct {
+ rte_crypto_param n;
+ rte_crypto_param e;
+ } mod_exp;
+ } sess_alg_params;
};
int
diff --git a/drivers/crypto/qat/qat_asym_capabilities.h b/drivers/crypto/qat/qat_asym_capabilities.h
index b50e061..1d6323f 100644
--- a/drivers/crypto/qat/qat_asym_capabilities.h
+++ b/drivers/crypto/qat/qat_asym_capabilities.h
@@ -5,6 +5,22 @@
#ifndef _QAT_ASYM_CAPABILITIES_H_
#define _QAT_ASYM_CAPABILITIES_H_
-#define QAT_BASE_GEN1_ASYM_CAPABILITIES
+#define QAT_BASE_GEN1_ASYM_CAPABILITIES \
+ { /* modexp */ \
+ .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, \
+ {.asym = { \
+ .xform_capa = { \
+ .xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX, \
+ .op_types = 0, \
+ { \
+ .modlen = { \
+ .min = 1, \
+ .max = 512, \
+ .increment = 1 \
+ }, } \
+ } \
+ }, \
+ } \
+ } \
#endif /* _QAT_ASYM_CAPABILITIES_H_ */
diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c
index 254bc48..c999799 100644
--- a/drivers/crypto/qat/qat_asym_pmd.c
+++ b/drivers/crypto/qat/qat_asym_pmd.c
@@ -14,6 +14,7 @@
uint8_t cryptodev_qat_asym_driver_id;
static const struct rte_cryptodev_capabilities qat_gen1_asym_capabilities[] = {
+ QAT_BASE_GEN1_ASYM_CAPABILITIES,
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.1.0
next prev parent reply other threads:[~2019-03-27 11:21 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-27 11:17 [dpdk-dev] [PATCH v4 0/4] Add PMD for asymmetric cryptography operations using Intel QuickAssist Technology devices Arek Kusztal
2019-03-27 11:17 ` Arek Kusztal
2019-03-27 11:17 ` [dpdk-dev] [PATCH v4 1/4] common/qat: add headers for asymmetric crypto Arek Kusztal
2019-03-27 11:17 ` Arek Kusztal
2019-03-27 11:17 ` [dpdk-dev] [PATCH v4 2/4] crypto/qat: add asymmetric cryptography PMD Arek Kusztal
2019-03-27 11:17 ` Arek Kusztal
2019-03-27 18:19 ` Trahe, Fiona
2019-03-27 18:19 ` Trahe, Fiona
2019-03-27 11:17 ` Arek Kusztal [this message]
2019-03-27 11:17 ` [dpdk-dev] [PATCH v4 3/4] crypto/qat: add modular exponentiation to qat asym pmd Arek Kusztal
2019-03-27 11:17 ` [dpdk-dev] [PATCH v4 4/4] crypto/qat: add modular inverse " Arek Kusztal
2019-03-27 11:17 ` Arek Kusztal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190327111720.13732-4-arkadiuszx.kusztal@intel.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).