From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id E737AA034C; Tue, 21 Jun 2022 11:30:12 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id B6370427EE; Tue, 21 Jun 2022 11:30:12 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 431AA40151 for ; Tue, 21 Jun 2022 11:30:11 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 25L1KIJA027729; Tue, 21 Jun 2022 02:30:10 -0700 Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2105.outbound.protection.outlook.com [104.47.55.105]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3gu47psj78-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 21 Jun 2022 02:30:09 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=icuZH1JL+CQScfEXuK0R9+yr/Cp71n4WdB5v7DzzBSSDneYrFQXZOFpGtFaQV1C3Zz4cplO6bw1s4VPGQnE/VawuNmD2mcHvajX+5N9CwvubwGz/7xTi9FB4EmiT/1IL/j6NDDH+7ymn4xz1M3V5amoYuNfvkHdqRM99lcyBBdjGGCR7TdK2lwffg4i2g7mOm8CSfDyGKd4eXmXpbfNHzZ0zzJF96gz7XW3f1yxZbDKzAwg884aOtQ80oB52xy5b8cHbjVQ47OKSW2hzXjZrrGhncZdUYNqhrrSDW/ISSg47j0bJCbcIReekpf4DuJvKXX0/GGOsFd5gfZclnbwXVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zcTC7k1l8G0NjW5C1M8hPpdlfGp1EQmfNS2cWHn4FNc=; b=RNHmgxO1QwipUHI5MkerNTrACJ0kjfuHoKBWL9qc3ov0wMasaFUmZtEEGf91jZzAKxk0lOUzMbmExo1V/KBJfOCyk6uVyvIFa0VzqlIWTcI+tPBz9aX+zIPSIZAUL7XDSBr3sinxp9ARQ0AZDAicI5wI/O37am+8/js/EGKmDEhOHlCiC8Nh822vuLE8HRbLuAtb4No16P7GNImkx+3iNs8mjVrLbavwTglO2lPYLvE3iEypUdXjE0lUSP5wqCluAOgylVU8cXc/gCMtXBjjPuZvQEZbs9t0QI9dIf2NWNffpQTm+IXTg5R9uEqdtjHVoY5WUPrIfnw3uGevs9fwpQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zcTC7k1l8G0NjW5C1M8hPpdlfGp1EQmfNS2cWHn4FNc=; b=musMnVPK3JVTBY7r0mInPSYEGXo2tPP2mZdV706imyqqjVCdrW86+hwhW3d8PcNQzaAiG0LFpBxRU5HsGNTemdHlIWeIVODY01WqmStc31U8R5ht+pLY5MRuf/DFIBoB1Dn/mDUzykS5vnolcZzqKpNCmDAlm2HrCuX8dYBYzo4= Received: from CO6PR18MB4484.namprd18.prod.outlook.com (2603:10b6:5:359::9) by CH0PR18MB4260.namprd18.prod.outlook.com (2603:10b6:610:bb::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5353.22; Tue, 21 Jun 2022 09:30:07 +0000 Received: from CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::bc33:1fb9:5d70:8c5]) by CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::bc33:1fb9:5d70:8c5%9]) with mapi id 15.20.5353.022; Tue, 21 Jun 2022 09:30:07 +0000 From: Akhil Goyal To: Kai Ji , "dev@dpdk.org" Subject: RE: [EXT] [dpdk-dev v4 2/4] crypto/openssl: 3.0 EVP update on RSA routine Thread-Topic: [EXT] [dpdk-dev v4 2/4] crypto/openssl: 3.0 EVP update on RSA routine Thread-Index: AQHYf/JFHXliYAwTrUCE3gn72qLQEq1ZodsQ Date: Tue, 21 Jun 2022 09:30:07 +0000 Message-ID: References: <20220613164023.70872-1-kai.ji@intel.com> <20220614132542.76241-1-kai.ji@intel.com> <20220614132542.76241-3-kai.ji@intel.com> In-Reply-To: <20220614132542.76241-3-kai.ji@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 7dd5ebc4-d44e-4881-912a-08da5368a16c x-ms-traffictypediagnostic: CH0PR18MB4260:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: v31QGGF7E3mMu3ouQl60LvD56PMflEZSQxkyLJ+w1j21GFGxEySoB1WriYa9F47BKoVpn/b2KCmV7WsUWQylIJn5l4dI+YUae2Axq4eQRVTGYgmRYI2YDXFT/zPGjGI83fFM08CJ6oPrG0iqHc97axein7IKYApym2z356o0YeG+6YUTLo6If86XD7+l6Y6bqiY0bLFhlVX4fdhp9ZMcHsHROPKf2rISZY2/aTPXxPwzz/SeYMTwuyafKiDSdKCcf1sJjPJpoD2tujDsf1MWTcnNVEvPJJWIvG+7xitaKBL8wVgaLbebYOJTxZYcOPY5c6R+KdQiN2uGYExlrtphOuzU++AK7XdGWspANcIT+5hBIPVBxggzjFMxQulptnFVogvRmQozYX5KCA5wITDOOtykf1UuVTtrw2B10jAtkwMGk7XesXGxXqzdsuXz6FfcU50SZaV0YdU/ryo5h2YDOwh8kaWdDCmAfZASLLb+UerGOjsDrc5GTlOjIdft4yElQBwvWpoErkT24mGsLBGrLCPZAv0bWBQZydM1fNDQm3UHc3zUEC/GQFtuivX5l1a3YbTKZILX7T/IDwTpGobqf5tJbYOLyY5MBgTPOJCw9WCL1e4vwwovvrE5Okw8Qovm6hMuXjOTN6WhM+UKuEPq1E2PiOLYIbHshz5EgEqkeVTzRtnpQV2TWdQhDSkP8KQoulXXaIsCbWPiDBU6mY1veA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR18MB4484.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(396003)(346002)(136003)(39860400002)(376002)(366004)(66556008)(66476007)(71200400001)(66946007)(186003)(55016003)(66446008)(64756008)(76116006)(8676002)(26005)(110136005)(9686003)(83380400001)(7696005)(6506007)(55236004)(41300700001)(86362001)(33656002)(316002)(2906002)(15650500001)(30864003)(5660300002)(122000001)(38070700005)(52536014)(38100700002)(478600001)(8936002); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?RST0Zl2woCbAbIyp/mf+GG+IPjMz0eoOWevpZVQ0nrZ5IDhS8v0LvV1O5i9u?= =?us-ascii?Q?4IccgHMrRvtrkhbxasMnv8SW0mLTrEIqpMo53XvxteqnFZ2ASwHCuMR8OsGJ?= =?us-ascii?Q?WYFQlAVWPRjy8QnhI6YrL4otFdqSAl+KggrmHZvQTb4/YYBwMjKgLFqnfLNx?= =?us-ascii?Q?+eDjFOTvk2E3jAsW5ZIYaCM7cYhB6cWQhzYNmIcR4j1vik7hCEbG3QruVxCD?= =?us-ascii?Q?Dnhyo0o5esL4CobTzKGPeM5MRs5dE+HXlBlcLVga6YZKpJv0Tmrz78bKpn8S?= =?us-ascii?Q?TRXRc5yNGGAfL9kSeUZHdIfviAPdaRKr30+dm+lQ6C465a6skgbPLhUpBdb8?= =?us-ascii?Q?Wbr32ieA3Kukg1WWgm43n1FNkTW8qsbXWKppcM31f6kkGu2ipV5UxKQYR5/p?= =?us-ascii?Q?BpQZzneKPGBrJsUkgretA+ykYCJVkIyn4TiR05KrrPn+eFf55nzSplOdhilp?= =?us-ascii?Q?Pe+MziJDP9UT7HLdKU3ntj2NDVx4pK3/6KLKvVy7tUkax+IB4pSrDFFtf7qk?= =?us-ascii?Q?go0WfuHDrC/QRDs1bhQwoHWU0l/mfNiCf3jlp8uLYdg6amcbL/nhPaYe1SuJ?= =?us-ascii?Q?+xqD4Tl0omlpZqD0jpD72z8LYLGCTCJyqGYOCdajCdVYZDapIMcf3RY2NwUH?= =?us-ascii?Q?3oiuAJvGtBA0b5ZCC7JhvCXim9RfejcTQc3Rdn74+i7aFoLeBOhkeSiDQBJQ?= =?us-ascii?Q?v+ircrR1CLrYQGcA+TpdhCOYuyZuD9B58W83gubdmBV0KV3DR/55QARLXUAP?= =?us-ascii?Q?ZXCjdokU1T+sWyBz9zbhm3FkREbhYBF7Qn10NrlYNd/2OWLd07x9k54C2Re9?= =?us-ascii?Q?AuJC4KlmLMludj9Jfxx4/tlaIS+7awJf6RkZwx692DUtq9AXjvhbSnK1Nlum?= =?us-ascii?Q?Vr/A/naZUpD8ThmJJRbrtD0ng7fcL2PzqidJvuf7tCFWOde9AQ/iudb03QT5?= =?us-ascii?Q?4Lh+C16PKblknbuU/8hPmv9Mhs+gXx9YwHoolu+6y3QYUGJUuIt8KQrEQIrT?= =?us-ascii?Q?NDy9AO5bUSeRhGyQmGp4ZP9Yr46IfVAzDnUb00uP7gu9+h1FSY5UsPy4YoWR?= =?us-ascii?Q?KZRbiDvR7RKoXC4dTL5ly1B30aJKa0agpr5RC3zugcZTtPPpfuetKYthpCpg?= =?us-ascii?Q?bE/tlxrOwGAEZPwGebTokOV6VUFPfVqcCefq16RPoUlEbUk9fWXklh8QZ7an?= =?us-ascii?Q?Q4KrP4jd7kE4VblTbAAifq/zpk0gHai4H5aJAVn5XxpyovqTeE2owSHWKooA?= =?us-ascii?Q?16K/ZtHZWG/U8cXCu2tYV3eQv3MmPHVJkOCSX1LSHI5jc115IsfSwsVbNDmt?= =?us-ascii?Q?iLZrE4JpjSEJt/GUim+mhMJdzt4tBCxCxM/qbzmyWqxPHpfqO0QobEkGDbU5?= =?us-ascii?Q?8gFHB0HM1BycBuPTTmLGy0nNEaHF6UisDH6sg2G6XOs2NE1q47PYiY0t8DNm?= =?us-ascii?Q?WWOpSinWgxj/68fmjKfqVEzYhLSCaHdVvYbzCgtYzwUvooMKP2yfdVUraog0?= =?us-ascii?Q?tnDA5sKy2yunzvmNV7mG4v203Oy7XvV8uu4bfUGDQpItsqH6qO15EioU1Xvd?= =?us-ascii?Q?zTP3Tyk4TC8mss0jhtL801a4trmk8sVOMuDQOvOAvZar4Ni+ON+naSQBa6Zc?= =?us-ascii?Q?Isf1bV0V34wJjuPw2CWDggeLLYvJ7DzPU+PRR+JzbwhyRXZdIInPTXfrQ0TP?= =?us-ascii?Q?PLi2DabWY14GcOPcS8qZG6398aZC6EXPnWvDssES6CmwZnYf7ubKKJCDmKGb?= =?us-ascii?Q?YrK/fbdysQ=3D=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR18MB4484.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7dd5ebc4-d44e-4881-912a-08da5368a16c X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jun 2022 09:30:07.5672 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: eHPFo8HASOajKBQVw+UenuZtBhihGE17CCphQGkttTAJktNhhQvAcXhzC3JhgddVNAYh0oiBah3tGb2ibNiY9g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR18MB4260 X-Proofpoint-GUID: QWVQdSpoIag6KvLPJKOOuv8NYqM2chCf X-Proofpoint-ORIG-GUID: QWVQdSpoIag6KvLPJKOOuv8NYqM2chCf X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.64.514 definitions=2022-06-21_03,2022-06-17_01,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > This patch updates asymmetric RSA routine in crypto openssl pmd > to adopt openssl 3.0 EVP apis. >=20 > Signed-off-by: Kai Ji > --- > drivers/crypto/openssl/openssl_pmd_private.h | 7 + > drivers/crypto/openssl/rte_openssl_pmd.c | 149 +++++++++++++++++++ > drivers/crypto/openssl/rte_openssl_pmd_ops.c | 112 +++++++++++++- > 3 files changed, 267 insertions(+), 1 deletion(-) >=20 > diff --git a/drivers/crypto/openssl/openssl_pmd_private.h > b/drivers/crypto/openssl/openssl_pmd_private.h > index 86dc169aaf..d603626fdf 100644 > --- a/drivers/crypto/openssl/openssl_pmd_private.h > +++ b/drivers/crypto/openssl/openssl_pmd_private.h > @@ -11,6 +11,10 @@ > #include > #include > #include > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > +#include > +#include > +#endif >=20 > #define CRYPTODEV_NAME_OPENSSL_PMD crypto_openssl > /**< Open SSL Crypto PMD device name */ > @@ -157,6 +161,9 @@ struct openssl_asym_session { > union { > struct rsa { > RSA *rsa; > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + EVP_PKEY_CTX * ctx; > +#endif > } r; > struct exp { > BIGNUM *exp; > diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c > b/drivers/crypto/openssl/rte_openssl_pmd.c > index 5dbe6074eb..cac157aba3 100644 > --- a/drivers/crypto/openssl/rte_openssl_pmd.c > +++ b/drivers/crypto/openssl/rte_openssl_pmd.c > @@ -2046,6 +2046,150 @@ process_openssl_modexp_op(struct rte_crypto_op > *cop, > } >=20 > /* process rsa operations */ > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > +static int > +process_openssl_rsa_op_evp(struct rte_crypto_op *cop, > + struct openssl_asym_session *sess) > +{ > + struct rte_crypto_asym_op *op =3D cop->asym; > + uint32_t pad =3D (op->rsa.padding.type); > + uint8_t *tmp; > + size_t outlen =3D 0; > + int ret =3D -1; > + > + cop->status =3D RTE_CRYPTO_OP_STATUS_ERROR; > + EVP_PKEY_CTX *rsa_ctx =3D sess->u.r.ctx; > + if (!rsa_ctx) > + return ret; > + > + switch (pad) { > + case RTE_CRYPTO_RSA_PADDING_PKCS1_5: > + pad =3D RSA_PKCS1_PADDING; > + break; > + case RTE_CRYPTO_RSA_PADDING_NONE: > + pad =3D RSA_NO_PADDING; > + break; > + default: > + cop->status =3D RTE_CRYPTO_OP_STATUS_INVALID_ARGS; > + OPENSSL_LOG(ERR, > + "rsa pad type not supported %d\n", pad); > + return ret; > + } > + > + switch (op->rsa.op_type) { > + case RTE_CRYPTO_ASYM_OP_ENCRYPT: > + if (EVP_PKEY_encrypt_init(rsa_ctx) !=3D 1) > + goto err_rsa; > + > + if (EVP_PKEY_CTX_set_rsa_padding(rsa_ctx, pad) <=3D 0) > + goto err_rsa; > + > + if (EVP_PKEY_encrypt(rsa_ctx, NULL, &outlen, > + op->rsa.message.data, > + op- > >rsa.message.length) <=3D 0) Remove extra indentation here and below also. Cop->status is not updated in case of failure gotos. > + goto err_rsa; > + > + if (outlen <=3D 0) > + goto err_rsa; > + > + if (EVP_PKEY_encrypt(rsa_ctx, op->rsa.cipher.data, &outlen, > + op->rsa.message.data, > + op- > >rsa.message.length) <=3D 0) > + goto err_rsa; > + op->rsa.cipher.length =3D outlen; > + > + OPENSSL_LOG(DEBUG, > + "length of encrypted text %zu\n", outlen); > + break; > + > + case RTE_CRYPTO_ASYM_OP_DECRYPT: > + if (EVP_PKEY_decrypt_init(rsa_ctx) !=3D 1) > + goto err_rsa; > + > + if (EVP_PKEY_CTX_set_rsa_padding(rsa_ctx, pad) <=3D 0) > + goto err_rsa; > + > + if (EVP_PKEY_decrypt(rsa_ctx, NULL, &outlen, > + op->rsa.cipher.data, > + op->rsa.cipher.length) > <=3D 0) > + goto err_rsa; > + > + if (outlen <=3D 0) > + goto err_rsa; > + > + if (EVP_PKEY_decrypt(rsa_ctx, op->rsa.message.data, &outlen, > + op->rsa.cipher.data, > + op->rsa.cipher.length) > <=3D 0) > + goto err_rsa; > + op->rsa.message.length =3D outlen; > + > + OPENSSL_LOG(DEBUG, "length of decrypted text %zu\n", > outlen); > + break; > + > + case RTE_CRYPTO_ASYM_OP_SIGN: > + if (EVP_PKEY_sign_init(rsa_ctx) <=3D 0) > + goto err_rsa; > + > + if (EVP_PKEY_CTX_set_rsa_padding(rsa_ctx, pad) <=3D 0) > + goto err_rsa; > + > + if (EVP_PKEY_sign(rsa_ctx, op->rsa.sign.data, &outlen, > + op->rsa.message.data, > + op- > >rsa.message.length) <=3D 0) > + goto err_rsa; > + op->rsa.sign.length =3D outlen; > + break; > + > + case RTE_CRYPTO_ASYM_OP_VERIFY: > + tmp =3D rte_malloc(NULL, op->rsa.sign.length, 0); > + if (tmp =3D=3D NULL) { > + OPENSSL_LOG(ERR, "Memory allocation failed"); > + goto err_rsa; > + } > + > + if (EVP_PKEY_verify_recover_init(rsa_ctx) <=3D 0) { > + rte_free(tmp); > + goto err_rsa; > + } > + > + if (EVP_PKEY_CTX_set_rsa_padding(rsa_ctx, pad) <=3D 0) { > + rte_free(tmp); > + goto err_rsa; > + } > + > + if (EVP_PKEY_verify_recover(rsa_ctx, tmp, &outlen, > + op->rsa.sign.data, > + op->rsa.sign.length) <=3D > 0) { > + rte_free(tmp); > + goto err_rsa; > + } > + > + OPENSSL_LOG(DEBUG, > + "Length of public_decrypt %zu " > + "length of message %zd\n", > + outlen, op->rsa.message.length); > + if (CRYPTO_memcmp(tmp, op->rsa.message.data, > + op->rsa.message.length)) { > + OPENSSL_LOG(ERR, "RSA sign Verification failed"); > + } > + rte_free(tmp); > + break; > + > + default: > + /* allow ops with invalid args to be pushed to > + * completion queue > + */ > + cop->status =3D RTE_CRYPTO_OP_STATUS_INVALID_ARGS; > + goto err_rsa; > + } > + > + ret =3D 0; > + cop->status =3D RTE_CRYPTO_OP_STATUS_SUCCESS; > +err_rsa: > + return ret; > + > +} > +#else > static int > process_openssl_rsa_op(struct rte_crypto_op *cop, > struct openssl_asym_session *sess) > @@ -2144,6 +2288,7 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, >=20 > return 0; > } > +#endif >=20 > static int > process_asym_op(struct openssl_qp *qp, struct rte_crypto_op *op, > @@ -2155,7 +2300,11 @@ process_asym_op(struct openssl_qp *qp, struct > rte_crypto_op *op, >=20 > switch (sess->xfrm_type) { > case RTE_CRYPTO_ASYM_XFORM_RSA: > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + retval =3D process_openssl_rsa_op_evp(op, sess); > +# else > retval =3D process_openssl_rsa_op(op, sess); > +#endif > break; > case RTE_CRYPTO_ASYM_XFORM_MODEX: > retval =3D process_openssl_modexp_op(op, sess); > diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c > b/drivers/crypto/openssl/rte_openssl_pmd_ops.c > index 7d0da52a33..6d94da499e 100644 > --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c > +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c > @@ -12,7 +12,11 @@ >=20 > #include "openssl_pmd_private.h" > #include "compat.h" > - > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > +#include > +#include > +#include > +#endif >=20 > static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[= ] =3D { > { /* MD5 HMAC */ > @@ -835,6 +839,106 @@ static int openssl_set_asym_session_parameters( > if (!n || !e) > goto err_rsa; >=20 > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + OSSL_PARAM_BLD * param_bld =3D OSSL_PARAM_BLD_new(); > + if (!param_bld) { > + OPENSSL_LOG(ERR, "failed to allocate resources\n"); > + goto err_rsa; > + } > + > + if (!OSSL_PARAM_BLD_push_BN(param_bld, > OSSL_PKEY_PARAM_RSA_N, n) > + || !OSSL_PARAM_BLD_push_BN(param_bld, > + OSSL_PKEY_PARAM_RSA_E, e)) { > + OSSL_PARAM_BLD_free(param_bld); > + OPENSSL_LOG(ERR, "failed to allocate resources\n"); > + goto err_rsa; > + } > + > + if (xform->rsa.key_type =3D=3D RTE_RSA_KEY_TYPE_EXP) { > + d =3D BN_bin2bn( > + (const unsigned char *)xform->rsa.d.data, > + xform->rsa.d.length, > + d); > + if (!d) { > + OSSL_PARAM_BLD_free(param_bld); > + goto err_rsa; > + } > + } else { > + p =3D BN_bin2bn((const unsigned char *) > + xform->rsa.qt.p.data, > + xform->rsa.qt.p.length, > + p); > + q =3D BN_bin2bn((const unsigned char *) > + xform->rsa.qt.q.data, > + xform->rsa.qt.q.length, > + q); > + dmp1 =3D BN_bin2bn((const unsigned char *) > + xform->rsa.qt.dP.data, > + xform->rsa.qt.dP.length, > + dmp1); > + dmq1 =3D BN_bin2bn((const unsigned char *) > + xform->rsa.qt.dQ.data, > + xform->rsa.qt.dQ.length, > + dmq1); > + iqmp =3D BN_bin2bn((const unsigned char *) > + xform->rsa.qt.qInv.data, > + xform->rsa.qt.qInv.length, > + iqmp); > + > + if (!p || !q || !dmp1 || !dmq1 || !iqmp) { > + OSSL_PARAM_BLD_free(param_bld); > + goto err_rsa; > + } > + > + if (!OSSL_PARAM_BLD_push_BN(param_bld, > + > OSSL_PKEY_PARAM_RSA_FACTOR1, p) > + || !OSSL_PARAM_BLD_push_BN(param_bld, > + > OSSL_PKEY_PARAM_RSA_FACTOR2, q) > + || !OSSL_PARAM_BLD_push_BN(param_bld, > + > OSSL_PKEY_PARAM_RSA_EXPONENT1, dmp1) > + || !OSSL_PARAM_BLD_push_BN(param_bld, > + > OSSL_PKEY_PARAM_RSA_EXPONENT2, dmq1) > + || !OSSL_PARAM_BLD_push_BN(param_bld, > + > OSSL_PKEY_PARAM_RSA_COEFFICIENT1, iqmp)) { > + OSSL_PARAM_BLD_free(param_bld); > + goto err_rsa; > + } > + } > + > + if (!OSSL_PARAM_BLD_push_BN(param_bld, > OSSL_PKEY_PARAM_RSA_N, n) > + || !OSSL_PARAM_BLD_push_BN(param_bld, > OSSL_PKEY_PARAM_RSA_E, e) > + || !OSSL_PARAM_BLD_push_BN(param_bld, > + OSSL_PKEY_PARAM_RSA_D, > d)) { > + OSSL_PARAM_BLD_free(param_bld); > + goto err_rsa; > + } > + > + EVP_PKEY_CTX *key_ctx =3D > EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); > + EVP_PKEY *pkey =3D NULL; > + EVP_PKEY_CTX *rsa_ctx =3D NULL; > + OSSL_PARAM *params =3D NULL; > + > + params =3D OSSL_PARAM_BLD_to_param(param_bld); > + if (!params) { > + OSSL_PARAM_BLD_free(param_bld); > + goto err_rsa; > + } > + > + if (key_ctx =3D=3D NULL > + || EVP_PKEY_fromdata_init(key_ctx) <=3D 0 > + || EVP_PKEY_fromdata(key_ctx, &pkey, > + EVP_PKEY_KEYPAIR, params) <=3D 0) { Indentation not correct above. > + OSSL_PARAM_free(params); > + goto err_rsa; > + } > + > + rsa_ctx =3D EVP_PKEY_CTX_new(pkey, NULL); > + asym_session->xfrm_type =3D RTE_CRYPTO_ASYM_XFORM_RSA; > + asym_session->u.r.ctx =3D rsa_ctx; > + EVP_PKEY_CTX_free(key_ctx); > + OSSL_PARAM_free(params); > + break; > +#else > RSA *rsa =3D RSA_new(); > if (rsa =3D=3D NULL) > goto err_rsa; > @@ -904,6 +1008,7 @@ static int openssl_set_asym_session_parameters( > asym_session->u.r.rsa =3D rsa; > asym_session->xfrm_type =3D RTE_CRYPTO_ASYM_XFORM_RSA; > break; > +#endif > err_rsa: > BN_clear_free(n); > BN_clear_free(e); > @@ -1135,8 +1240,13 @@ static void openssl_reset_asym_session(struct > openssl_asym_session *sess) > { > switch (sess->xfrm_type) { > case RTE_CRYPTO_ASYM_XFORM_RSA: > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) > + if (sess->u.r.ctx) > + EVP_PKEY_CTX_free(sess->u.r.ctx); > +#else > if (sess->u.r.rsa) > RSA_free(sess->u.r.rsa); > +#endif > break; > case RTE_CRYPTO_ASYM_XFORM_MODEX: > if (sess->u.e.ctx) { > -- > 2.17.1