DPDK patches and discussions
 help / color / mirror / Atom feed
From: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com, brian.dooley@intel.com,
	Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
Subject: [PATCH v3 3/4] crypto/qat: add sm2 encryption/decryption function
Date: Tue,  8 Oct 2024 07:28:44 +0100	[thread overview]
Message-ID: <20241008062845.11071-3-arkadiuszx.kusztal@intel.com> (raw)
In-Reply-To: <20241008062845.11071-1-arkadiuszx.kusztal@intel.com>

This commit adds SM2 elliptic curve based asymmetric
encryption and decryption to the Intel QuickAssist
Technology PMD.

Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
---
 doc/guides/cryptodevs/features/qat.ini          |   1 +
 doc/guides/rel_notes/release_24_11.rst          |   4 +
 drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h |   3 +
 drivers/common/qat/qat_adf/qat_pke.h            |  20 ++++
 drivers/crypto/qat/dev/qat_asym_pmd_gen1.c      |   3 +-
 drivers/crypto/qat/qat_asym.c                   | 140 +++++++++++++++++++++++-
 6 files changed, 164 insertions(+), 7 deletions(-)

diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini
index f41d29158f..219dd1e011 100644
--- a/doc/guides/cryptodevs/features/qat.ini
+++ b/doc/guides/cryptodevs/features/qat.ini
@@ -71,6 +71,7 @@ ZUC EIA3     = Y
 AES CMAC (128) = Y
 SM3          = Y
 SM3 HMAC     = Y
+SM2          = Y
 
 ;
 ; Supported AEAD algorithms of the 'qat' crypto driver.
diff --git a/doc/guides/rel_notes/release_24_11.rst b/doc/guides/rel_notes/release_24_11.rst
index 0ff70d9057..85f4a2dd97 100644
--- a/doc/guides/rel_notes/release_24_11.rst
+++ b/doc/guides/rel_notes/release_24_11.rst
@@ -55,6 +55,10 @@ New Features
      Also, make sure to start the actual text at the margin.
      =======================================================
 
+* **Updated the QuickAssist Technology (QAT) Crypto PMD.**
+
+  * Added SM2 encryption and decryption alghorithms.
+
 
 Removed Items
 -------------
diff --git a/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h b/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h
index 630c6e1a9b..aa49612ca1 100644
--- a/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h
+++ b/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h
@@ -1542,6 +1542,9 @@ icp_qat_fw_mmp_ecdsa_verify_gfp_521_input::in in @endlink
  * @li no output parameters
  */
 
+#define PKE_ECSM2_ENCRYPTION 0x25221720
+#define PKE_ECSM2_DECRYPTION 0x201716e6
+
 #define PKE_LIVENESS 0x00000001
 /**< Functionality ID for PKE_LIVENESS
  * @li 0 input parameter(s)
diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h
index f88932a275..ac051e965d 100644
--- a/drivers/common/qat/qat_adf/qat_pke.h
+++ b/drivers/common/qat/qat_adf/qat_pke.h
@@ -334,4 +334,24 @@ get_sm2_ecdsa_verify_function(void)
 	return qat_function;
 }
 
+static struct qat_asym_function
+get_sm2_encryption_function(void)
+{
+	struct qat_asym_function qat_function = {
+		PKE_ECSM2_ENCRYPTION, 32
+	};
+
+	return qat_function;
+}
+
+static struct qat_asym_function
+get_sm2_decryption_function(void)
+{
+	struct qat_asym_function qat_function = {
+		PKE_ECSM2_DECRYPTION, 32
+	};
+
+	return qat_function;
+}
+
 #endif
diff --git a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
index 67b1892c32..f991729dd9 100644
--- a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
+++ b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c
@@ -87,7 +87,8 @@ qat_asym_crypto_feature_flags_get_gen1(
 			RTE_CRYPTODEV_FF_HW_ACCELERATED |
 			RTE_CRYPTODEV_FF_ASYM_SESSIONLESS |
 			RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP |
-			RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT;
+			RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT |
+			RTE_CRYPTODEV_FF_ASYM_PARTIAL_SM2;
 
 	return feature_flags;
 }
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 491f5ecd5b..e1ada8629e 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -932,6 +932,15 @@ sm2_ecdsa_sign_set_input(struct icp_qat_fw_pke_request *qat_req,
 	qat_req->input_param_count = 3;
 	qat_req->output_param_count = 2;
 
+	HEXDUMP("SM2 K test", asym_op->sm2.k.data,
+		cookie->alg_bytesize);
+	HEXDUMP("SM2 K", cookie->input_array[0],
+		cookie->alg_bytesize);
+	HEXDUMP("SM2 msg", cookie->input_array[1],
+		cookie->alg_bytesize);
+	HEXDUMP("SM2 pkey", cookie->input_array[2],
+		cookie->alg_bytesize);
+
 	return RTE_CRYPTO_OP_STATUS_SUCCESS;
 }
 
@@ -983,6 +992,114 @@ sm2_ecdsa_sign_collect(struct rte_crypto_asym_op *asym_op,
 }
 
 static int
+sm2_encryption_set_input(struct icp_qat_fw_pke_request *qat_req,
+	struct qat_asym_op_cookie *cookie,
+	const struct rte_crypto_asym_op *asym_op,
+	const struct rte_crypto_asym_xform *xform)
+{
+	const struct qat_asym_function qat_function =
+		get_sm2_encryption_function();
+	const uint32_t qat_func_alignsize =
+		qat_function.bytesize;
+
+	SET_PKE_LN(asym_op->sm2.k, qat_func_alignsize, 0);
+	SET_PKE_LN(xform->ec.q.x, qat_func_alignsize, 1);
+	SET_PKE_LN(xform->ec.q.y, qat_func_alignsize, 2);
+
+	cookie->alg_bytesize = qat_function.bytesize;
+	cookie->qat_func_alignsize = qat_function.bytesize;
+	qat_req->pke_hdr.cd_pars.func_id = qat_function.func_id;
+	qat_req->input_param_count = 3;
+	qat_req->output_param_count = 4;
+
+	HEXDUMP("SM2 K", cookie->input_array[0],
+		qat_func_alignsize);
+	HEXDUMP("SM2 Q.x", cookie->input_array[1],
+		qat_func_alignsize);
+	HEXDUMP("SM2 Q.y", cookie->input_array[2],
+		qat_func_alignsize);
+
+	return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+static uint8_t
+sm2_encryption_collect(struct rte_crypto_asym_op *asym_op,
+		const struct qat_asym_op_cookie *cookie)
+{
+	uint32_t alg_bytesize = cookie->alg_bytesize;
+
+	rte_memcpy(asym_op->sm2.C1.x.data, cookie->output_array[0], alg_bytesize);
+	rte_memcpy(asym_op->sm2.C1.y.data, cookie->output_array[1], alg_bytesize);
+	rte_memcpy(asym_op->sm2.kP.x.data, cookie->output_array[2], alg_bytesize);
+	rte_memcpy(asym_op->sm2.kP.y.data, cookie->output_array[3], alg_bytesize);
+	asym_op->sm2.C1.x.length = alg_bytesize;
+	asym_op->sm2.C1.y.length = alg_bytesize;
+	asym_op->sm2.kP.x.length = alg_bytesize;
+	asym_op->sm2.kP.y.length = alg_bytesize;
+
+	HEXDUMP("C1[x1]", cookie->output_array[0],
+		alg_bytesize);
+	HEXDUMP("C1[y]", cookie->output_array[1],
+		alg_bytesize);
+	HEXDUMP("kP[x]", cookie->output_array[2],
+		alg_bytesize);
+	HEXDUMP("kP[y]", cookie->output_array[3],
+		alg_bytesize);
+	return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+
+static int
+sm2_decryption_set_input(struct icp_qat_fw_pke_request *qat_req,
+	struct qat_asym_op_cookie *cookie,
+	const struct rte_crypto_asym_op *asym_op,
+	const struct rte_crypto_asym_xform *xform)
+{
+	const struct qat_asym_function qat_function =
+		get_sm2_decryption_function();
+	const uint32_t qat_func_alignsize =
+		qat_function.bytesize;
+
+	SET_PKE_LN(xform->ec.pkey, qat_func_alignsize, 0);
+	SET_PKE_LN(asym_op->sm2.C1.x, qat_func_alignsize, 1);
+	SET_PKE_LN(asym_op->sm2.C1.y, qat_func_alignsize, 2);
+
+	cookie->alg_bytesize = qat_function.bytesize;
+	cookie->qat_func_alignsize = qat_function.bytesize;
+	qat_req->pke_hdr.cd_pars.func_id = qat_function.func_id;
+	qat_req->input_param_count = 3;
+	qat_req->output_param_count = 2;
+
+	HEXDUMP("d", cookie->input_array[0],
+		qat_func_alignsize);
+	HEXDUMP("C1[x]", cookie->input_array[1],
+		qat_func_alignsize);
+	HEXDUMP("C1[y]", cookie->input_array[2],
+		qat_func_alignsize);
+
+	return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+
+static uint8_t
+sm2_decryption_collect(struct rte_crypto_asym_op *asym_op,
+		const struct qat_asym_op_cookie *cookie)
+{
+	uint32_t alg_bytesize = cookie->alg_bytesize;
+
+	rte_memcpy(asym_op->sm2.kP.x.data, cookie->output_array[0], alg_bytesize);
+	rte_memcpy(asym_op->sm2.kP.y.data, cookie->output_array[1], alg_bytesize);
+	asym_op->sm2.kP.x.length = alg_bytesize;
+	asym_op->sm2.kP.y.length = alg_bytesize;
+
+	HEXDUMP("kP[x]", cookie->output_array[0],
+		alg_bytesize);
+	HEXDUMP("kP[y]", cookie->output_array[1],
+		alg_bytesize);
+	return RTE_CRYPTO_OP_STATUS_SUCCESS;
+}
+
+static int
 asym_set_input(struct icp_qat_fw_pke_request *qat_req,
 		struct qat_asym_op_cookie *cookie,
 		const struct rte_crypto_asym_op *asym_op,
@@ -1014,14 +1131,20 @@ asym_set_input(struct icp_qat_fw_pke_request *qat_req,
 				asym_op, xform);
 		}
 	case RTE_CRYPTO_ASYM_XFORM_SM2:
-		if (asym_op->sm2.op_type ==
-			RTE_CRYPTO_ASYM_OP_VERIFY) {
+		if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
+			return sm2_encryption_set_input(qat_req, cookie,
+				asym_op, xform);
+		} else if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
+			return sm2_decryption_set_input(qat_req, cookie,
+				asym_op, xform);
+		} else if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) {
 			return sm2_ecdsa_verify_set_input(qat_req, cookie,
 						asym_op, xform);
-		} else {
+		} else if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_SIGN) {
 			return sm2_ecdsa_sign_set_input(qat_req, cookie,
 					asym_op, xform);
 		}
+		break;
 	default:
 		QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
 		return -EINVAL;
@@ -1113,7 +1236,13 @@ qat_asym_collect_response(struct rte_crypto_op *op,
 	case RTE_CRYPTO_ASYM_XFORM_ECDH:
 		return ecdh_collect(asym_op, cookie);
 	case RTE_CRYPTO_ASYM_XFORM_SM2:
-		return sm2_ecdsa_sign_collect(asym_op, cookie);
+		if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT)
+			return sm2_encryption_collect(asym_op, cookie);
+		else if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT)
+			return sm2_decryption_collect(asym_op, cookie);
+		else
+			return sm2_ecdsa_sign_collect(asym_op, cookie);
+
 	default:
 		QAT_LOG(ERR, "Not supported xform type");
 		return  RTE_CRYPTO_OP_STATUS_ERROR;
@@ -1385,9 +1514,8 @@ qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
 	case RTE_CRYPTO_ASYM_XFORM_ECDSA:
 	case RTE_CRYPTO_ASYM_XFORM_ECPM:
 	case RTE_CRYPTO_ASYM_XFORM_ECDH:
-		session_set_ec(qat_session, xform);
-		break;
 	case RTE_CRYPTO_ASYM_XFORM_SM2:
+		session_set_ec(qat_session, xform);
 		break;
 	default:
 		ret = -ENOTSUP;
-- 
2.13.6


  parent reply	other threads:[~2024-10-08  7:44 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-01-29 18:59 [PATCH 1/3] cryptodev: add ec points to sm2 op Arkadiusz Kusztal
2024-01-29 18:59 ` [PATCH 2/3] crypto/qat: add sm2 encryption/decryption function Arkadiusz Kusztal
2024-01-29 18:59 ` [PATCH 3/3] app/test: add test sm2 C1/Kp test cases Arkadiusz Kusztal
2024-02-01  8:07 ` [EXT] [PATCH 1/3] cryptodev: add ec points to sm2 op Akhil Goyal
2024-02-01 13:25   ` Kusztal, ArkadiuszX
2024-09-24 16:30     ` Akhil Goyal
2024-09-29 17:29 ` [PATCH v2] " Arkadiusz Kusztal
2024-10-01  7:57   ` [EXTERNAL] " Akhil Goyal
2024-10-03 14:39   ` Akhil Goyal
2024-10-07  8:29     ` Kusztal, ArkadiuszX
2024-10-08  6:28   ` [PATCH v3 1/4] cryptodev: add partial sm2 feature flag Arkadiusz Kusztal
2024-10-08  6:28     ` [PATCH v3 2/4] cryptodev: add ec points to sm2 op Arkadiusz Kusztal
2024-10-08 11:27       ` [EXTERNAL] " Akhil Goyal
2024-10-08 11:46         ` Kusztal, ArkadiuszX
2024-10-08 11:49           ` Akhil Goyal
2024-10-08  6:28     ` Arkadiusz Kusztal [this message]
2024-10-08  6:28     ` [PATCH v3 4/4] app/test: add test sm2 C1/Kp test cases Arkadiusz Kusztal
2024-10-08 15:40       ` Dooley, Brian
2024-10-08 11:46     ` [EXTERNAL] [PATCH v3 1/4] cryptodev: add partial sm2 feature flag Akhil Goyal
2024-10-08 11:48       ` Kusztal, ArkadiuszX
2024-10-08 18:14     ` [PATCH v4 0/4] add ec points to sm2 op Arkadiusz Kusztal
2024-10-08 18:14       ` [PATCH v4 1/4] cryptodev: reorder structures in asym crypto header Arkadiusz Kusztal
2024-10-08 18:14       ` [PATCH v4 2/4] cryptodev: add ec points to sm2 op Arkadiusz Kusztal
2024-10-08 20:46         ` Stephen Hemminger
2024-10-08 21:00           ` Kusztal, ArkadiuszX
2024-10-08 21:09             ` Stephen Hemminger
2024-10-08 21:29               ` Kusztal, ArkadiuszX
2024-10-09 13:01         ` [PATCH v5 0/4] " Arkadiusz Kusztal
2024-10-09 13:01           ` [PATCH v5 1/4] cryptodev: reorder structures in asym crypto header Arkadiusz Kusztal
2024-10-09 21:03             ` [EXTERNAL] " Akhil Goyal
2024-10-09 13:01           ` [PATCH v5 2/4] cryptodev: add ec points to sm2 op Arkadiusz Kusztal
2024-10-09 20:51             ` [EXTERNAL] " Akhil Goyal
2024-10-11 12:17             ` Akhil Goyal
2024-10-17 18:54               ` Kusztal, ArkadiuszX
2024-10-18 12:30                 ` Akhil Goyal
2024-10-09 13:01           ` [PATCH v5 3/4] crypto/qat: add sm2 encryption/decryption function Arkadiusz Kusztal
2024-10-09 20:49             ` [EXTERNAL] " Akhil Goyal
2024-10-10  7:49               ` Kusztal, ArkadiuszX
2024-10-09 13:01           ` [PATCH v5 4/4] app/test: add test sm2 C1/Kp test cases Arkadiusz Kusztal
2024-10-11 12:16             ` [EXTERNAL] " Akhil Goyal
2024-10-08 18:14       ` [PATCH v4 3/4] crypto/qat: add sm2 encryption/decryption function Arkadiusz Kusztal
2024-10-08 18:14       ` [PATCH v4 4/4] app/test: add test sm2 C1/Kp test cases Arkadiusz Kusztal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20241008062845.11071-3-arkadiuszx.kusztal@intel.com \
    --to=arkadiuszx.kusztal@intel.com \
    --cc=brian.dooley@intel.com \
    --cc=dev@dpdk.org \
    --cc=gakhil@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).