From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0F6D6A0509; Wed, 6 Apr 2022 09:52:58 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DE19740DF6; Wed, 6 Apr 2022 09:52:57 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mails.dpdk.org (Postfix) with ESMTP id 0B50F40689 for ; Wed, 6 Apr 2022 09:52:55 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1649231576; x=1680767576; h=from:to:cc:subject:date:message-id; bh=tVdGpW2PGhyZ3NQZstKY4uz1q06ZJZt5MMerhj+vRhU=; b=N6+C62wNiInsvV07jCQOUICoLnE9kLrc+Y1b3EfvO+OM9Z0Fxd3yUwvu +7hEXyTHVd5U9kTX1V0APf1szNXwi3ucYzFsP2PXl+3rqrrE0VeWGWWf+ NvXkXce9xdgCBd3pCy83m420wbMwSeFy32RqoCQw3mOOdLO4vmLFSYMpr MMfz/abayiLAodlua2OPhySiKJVcfNuvGi41qNX7YUbg8uMqsriObyh0B +DyQocnsx9G9hkyIxej3DTIFNpDP3aNqFKRaoie0/WhEILALZst7blIBv UX3QMY17mO7jGZXSEj3qDcCDuhFZrOFN1DMsq4JH8rx2yaT2X4Ix46qHk Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10308"; a="258566437" X-IronPort-AV: E=Sophos;i="5.90,239,1643702400"; d="scan'208";a="258566437" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Apr 2022 00:52:54 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,239,1643702400"; d="scan'208";a="620693670" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by fmsmga004.fm.intel.com with ESMTP; 06 Apr 2022 00:52:53 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, Arek Kusztal Subject: [PATCH] crypto/qat: add diffie hellman algorithm Date: Wed, 6 Apr 2022 08:52:50 +0100 Message-Id: <20220406075250.14685-1-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commits adds Diffie-Hellman key exchange algorithm to Intel QuickAssist Technology PMD. Signed-off-by: Arek Kusztal --- Depends-on: series-22343 ("crypto/qat: refactor asym algorithm macros and logs") drivers/common/qat/qat_adf/qat_pke.h | 36 ++++++++ drivers/crypto/qat/qat_asym.c | 168 +++++++++++++++++++++++++++++++++++ 2 files changed, 204 insertions(+) diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h index 6c12bfd989..c727e4e1af 100644 --- a/drivers/common/qat/qat_adf/qat_pke.h +++ b/drivers/common/qat/qat_adf/qat_pke.h @@ -137,6 +137,42 @@ get_modinv_function(struct rte_crypto_asym_xform *xform) } static struct qat_asym_function +get_dh_g2_function(uint32_t bytesize) +{ + struct qat_asym_function qat_function = { }; + + if (bytesize <= 256) { + qat_function.func_id = PKE_DH_G2_2048; + qat_function.bytesize = 256; + } else if (bytesize <= 384) { + qat_function.func_id = PKE_DH_G2_3072; + qat_function.bytesize = 384; + } else if (bytesize <= 512) { + qat_function.func_id = PKE_DH_G2_4096; + qat_function.bytesize = 512; + } + return qat_function; +} + +static struct qat_asym_function +get_dh_function(uint32_t bytesize) +{ + struct qat_asym_function qat_function = { }; + + if (bytesize <= 256) { + qat_function.func_id = PKE_DH_2048; + qat_function.bytesize = 256; + } else if (bytesize <= 384) { + qat_function.func_id = PKE_DH_3072; + qat_function.bytesize = 384; + } else if (bytesize <= 512) { + qat_function.func_id = PKE_DH_4096; + qat_function.bytesize = 512; + } + return qat_function; +} + +static struct qat_asym_function get_rsa_enc_function(struct rte_crypto_asym_xform *xform) { struct qat_asym_function qat_function = { }; diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index d2041b2efa..c2a985b355 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -748,6 +748,125 @@ ecpm_collect(struct rte_crypto_asym_op *asym_op, } static int +dh_mod_g2_input(struct rte_crypto_asym_op *asym_op, + struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) +{ + struct qat_asym_function qat_function; + uint32_t alg_bytesize, func_id; + + qat_function = get_dh_g2_function(xform->dh.p.length); + func_id = qat_function.func_id; + if (qat_function.func_id == 0) { + QAT_LOG(ERR, "Cannot obtain functionality id"); + return -EINVAL; + } + alg_bytesize = qat_function.bytesize; + SET_PKE_LN(asym_op->dh.priv_key, alg_bytesize, 0); + SET_PKE_LN(xform->dh.p, alg_bytesize, 1); + cookie->alg_bytesize = alg_bytesize; + cookie->qat_func_alignsize = alg_bytesize; + + qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = 2; + qat_req->output_param_count = 1; + + HEXDUMP("DH Priv", cookie->input_array[0], alg_bytesize); + HEXDUMP("DH p", cookie->input_array[1], alg_bytesize); + + return 0; +} + +static int +dh_mod_n_input(struct rte_crypto_asym_op *asym_op, + struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) +{ + struct qat_asym_function qat_function; + uint32_t alg_bytesize, func_id; + + qat_function = get_dh_function(xform->dh.p.length); + func_id = qat_function.func_id; + if (qat_function.func_id == 0) { + QAT_LOG(ERR, "Cannot obtain functionality id"); + return -EINVAL; + } + alg_bytesize = qat_function.bytesize; + if (xform->dh.type == RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE) { + SET_PKE_LN(xform->dh.g, alg_bytesize, 0); + SET_PKE_LN(asym_op->dh.priv_key, alg_bytesize, 1); + SET_PKE_LN(xform->dh.p, alg_bytesize, 2); + } else { + SET_PKE_LN(asym_op->dh.pub_key, alg_bytesize, 0); + SET_PKE_LN(asym_op->dh.priv_key, alg_bytesize, 1); + SET_PKE_LN(xform->dh.p, alg_bytesize, 2); + } + cookie->alg_bytesize = alg_bytesize; + cookie->qat_func_alignsize = alg_bytesize; + + qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = 3; + qat_req->output_param_count = 1; + + HEXDUMP("ModExp g/priv key", cookie->input_array[0], alg_bytesize); + HEXDUMP("ModExp priv/pub", cookie->input_array[1], alg_bytesize); + HEXDUMP("ModExp p", cookie->input_array[2], alg_bytesize); + + return 0; +} + +static int +dh_mod_set_input(struct rte_crypto_asym_op *asym_op, + struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) +{ + if (xform->dh.type == RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE && + xform->dh.g.length == 1 && xform->dh.g.data[0] == 2) + return dh_mod_g2_input(asym_op, qat_req, cookie, xform); + else + return dh_mod_n_input(asym_op, qat_req, cookie, xform); +} + +static int +dh_set_input(struct rte_crypto_asym_op *asym_op, + struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) +{ + switch (xform->xform_type) { + case RTE_CRYPTO_ASYM_XFORM_DH: + return dh_mod_set_input(asym_op, qat_req, cookie, xform); + default: + QAT_LOG(ERR, + "Invalid/unsupported asymmetric crypto xform type"); + return -1; + } +} + +static uint8_t +dh_collect(struct rte_crypto_asym_op *asym_op, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) +{ + uint8_t *DH; + uint32_t alg_bytesize = cookie->alg_bytesize; + + if (xform->dh.type == RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE) { + DH = asym_op->dh.pub_key.data; + asym_op->dh.pub_key.length = alg_bytesize; + } else { + DH = asym_op->dh.shared_secret.data; + asym_op->dh.shared_secret.length = alg_bytesize; + } + rte_memcpy(DH, cookie->output_array[0], alg_bytesize); + HEXDUMP("DH", DH, alg_bytesize); + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + +static int asym_set_input(struct rte_crypto_asym_op *asym_op, struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, @@ -760,6 +879,9 @@ asym_set_input(struct rte_crypto_asym_op *asym_op, case RTE_CRYPTO_ASYM_XFORM_MODINV: return modinv_set_input(asym_op, qat_req, cookie, xform); + case RTE_CRYPTO_ASYM_XFORM_DH: + return dh_set_input(asym_op, qat_req, + cookie, xform); case RTE_CRYPTO_ASYM_XFORM_RSA: return rsa_set_input(asym_op, qat_req, cookie, xform); @@ -849,6 +971,8 @@ qat_asym_collect_response(struct rte_crypto_op *op, return modexp_collect(asym_op, cookie, xform); case RTE_CRYPTO_ASYM_XFORM_MODINV: return modinv_collect(asym_op, cookie, xform); + case RTE_CRYPTO_ASYM_XFORM_DH: + return dh_collect(asym_op, cookie, xform); case RTE_CRYPTO_ASYM_XFORM_RSA: return rsa_collect(asym_op, cookie); case RTE_CRYPTO_ASYM_XFORM_ECDSA: @@ -967,6 +1091,35 @@ session_set_modinv(struct qat_asym_session *qat_session, } static int +session_set_dh(struct qat_asym_session *qat_session, + struct rte_crypto_asym_xform *xform) +{ + uint8_t *g = xform->dh.g.data; + uint8_t *p = xform->dh.p.data; + + qat_session->xform.dh.type = xform->dh.type; + qat_session->xform.dh.g.data = + rte_malloc(NULL, xform->dh.g.length, 0); + if (qat_session->xform.dh.g.data == NULL) + return -ENOMEM; + qat_session->xform.dh.g.length = xform->dh.g.length; + qat_session->xform.dh.p.data = rte_malloc(NULL, + xform->dh.p.length, 0); + if (qat_session->xform.dh.p.data == NULL) { + rte_free(qat_session->xform.dh.p.data); + return -ENOMEM; + } + qat_session->xform.dh.p.length = xform->dh.p.length; + + rte_memcpy(qat_session->xform.dh.g.data, g, + xform->dh.g.length); + rte_memcpy(qat_session->xform.dh.p.data, p, + xform->dh.p.length); + + return 0; +} + +static int session_set_rsa(struct qat_asym_session *qat_session, struct rte_crypto_asym_xform *xform) { @@ -1118,6 +1271,9 @@ qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused, case RTE_CRYPTO_ASYM_XFORM_RSA: ret = session_set_rsa(qat_session, xform); break; + case RTE_CRYPTO_ASYM_XFORM_DH: + ret = session_set_dh(qat_session, xform); + break; case RTE_CRYPTO_ASYM_XFORM_ECDSA: case RTE_CRYPTO_ASYM_XFORM_ECPM: session_set_ecdsa(qat_session, xform); @@ -1157,6 +1313,15 @@ session_clear_modinv(struct rte_crypto_modinv_xform *modinv) } static void +session_clear_dh(struct rte_crypto_dh_xform *dh) +{ + memset(dh->g.data, 0, dh->g.length); + rte_free(dh->g.data); + memset(dh->p.data, 0, dh->p.length); + rte_free(dh->p.data); +} + +static void session_clear_rsa(struct rte_crypto_rsa_xform *rsa) { memset(rsa->n.data, 0, rsa->n.length); @@ -1190,6 +1355,9 @@ session_clear_xform(struct qat_asym_session *qat_session) case RTE_CRYPTO_ASYM_XFORM_MODINV: session_clear_modinv(&qat_session->xform.modinv); break; + case RTE_CRYPTO_ASYM_XFORM_DH: + session_clear_dh(&qat_session->xform.dh); + break; case RTE_CRYPTO_ASYM_XFORM_RSA: session_clear_rsa(&qat_session->xform.rsa); break; -- 2.13.6