From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com, roy.fan.zhang@intel.com,
Arek Kusztal <arkadiuszx.kusztal@intel.com>
Subject: [PATCH v4 2/3] crypto/openssl: move dh type from xform to dh op
Date: Wed, 27 Apr 2022 08:43:59 +0100 [thread overview]
Message-ID: <20220427074400.2091-3-arkadiuszx.kusztal@intel.com> (raw)
In-Reply-To: <20220427074400.2091-1-arkadiuszx.kusztal@intel.com>
This commit reflects API changes of location of
operation type in Diffie-Hellman.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++--------------------------
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
2 files changed, 3 insertions(+), 77 deletions(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index d80e1052e2..409711c097 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1696,12 +1696,7 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
BIGNUM *priv_key = NULL;
int ret = 0;
- if (sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE)) {
- /* compute shared secret using peer public key
- * and current private key
- * shared secret = peer_key ^ priv_key mod p
- */
+ if (op->op_type == RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE) {
BIGNUM *peer_key = NULL;
/* copy private key and peer key and compute shared secret */
@@ -1735,10 +1730,6 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
if (ret < 0) {
cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
BN_free(peer_key);
- /* priv key is already loaded into dh,
- * let's not free that directly here.
- * DH_free() will auto free it later.
- */
return 0;
}
cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
@@ -1747,50 +1738,12 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
return 0;
}
- /*
- * other options are public and private key generations.
- *
- * if user provides private key,
- * then first set DH with user provided private key
- */
- if ((sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) &&
- !(sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE))) {
- /* generate public key using user-provided private key
- * pub_key = g ^ priv_key mod p
- */
-
- /* load private key into DH */
- priv_key = BN_bin2bn(op->priv_key.data,
- op->priv_key.length,
- priv_key);
- if (priv_key == NULL) {
- cop->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
- return -1;
- }
- ret = set_dh_priv_key(dh_key, priv_key);
- if (ret) {
- OPENSSL_LOG(ERR, "Failed to set private key\n");
- cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
- BN_free(priv_key);
- return 0;
- }
- }
-
- /* generate public and private key pair.
- *
- * if private key already set, generates only public key.
- *
- * if private key is not already set, then set it to random value
- * and update internal private key.
- */
if (!DH_generate_key(dh_key)) {
cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
return 0;
}
- if (sess->u.dh.key_op & (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) {
+ if (op->op_type == RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE) {
const BIGNUM *pub_key = NULL;
OPENSSL_LOG(DEBUG, "%s:%d update public key\n",
@@ -1804,8 +1757,7 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
op->pub_key.data);
}
- if (sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE)) {
+ if (op->op_type == RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) {
const BIGNUM *priv_key = NULL;
OPENSSL_LOG(DEBUG, "%s:%d updated priv key\n",
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 1cb07794bd..02802ab0c2 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -1000,32 +1000,6 @@ static int openssl_set_asym_session_parameters(
goto err_dh;
}
- /*
- * setup xfrom for
- * public key generate, or
- * DH Priv key generate, or both
- * public and private key generate
- */
- asym_session->u.dh.key_op = (1 << xform->dh.type);
-
- if (xform->dh.type ==
- RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) {
- /* check if next is pubkey */
- if ((xform->next != NULL) &&
- (xform->next->xform_type ==
- RTE_CRYPTO_ASYM_XFORM_DH) &&
- (xform->next->dh.type ==
- RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)
- ) {
- /*
- * setup op as pub/priv key
- * pair generationi
- */
- asym_session->u.dh.key_op |=
- (1 <<
- RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE);
- }
- }
asym_session->u.dh.dh_key = dh;
asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_DH;
break;
--
2.13.6
next prev parent reply other threads:[~2022-04-27 7:44 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-27 7:43 [PATCH v4 0/3] cryptodev: " Arek Kusztal
2022-04-27 7:43 ` [PATCH v4 1/3] " Arek Kusztal
2022-04-27 8:11 ` Zhang, Roy Fan
2022-05-10 9:26 ` Ji, Kai
2022-04-27 7:43 ` Arek Kusztal [this message]
2022-04-27 8:11 ` [PATCH v4 2/3] crypto/openssl: " Zhang, Roy Fan
2022-04-27 7:44 ` [PATCH v4 3/3] test/crypto: " Arek Kusztal
2022-04-27 8:12 ` Zhang, Roy Fan
2022-04-27 8:12 ` [PATCH v4 0/3] cryptodev: " Zhang, Roy Fan
2022-04-27 15:57 ` [EXT] " Akhil Goyal
2022-04-29 6:25 ` Kusztal, ArkadiuszX
2022-05-06 12:05 ` Kusztal, ArkadiuszX
2022-05-10 9:43 ` Ji, Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220427074400.2091-3-arkadiuszx.kusztal@intel.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).