From: Akhil Goyal <gakhil@marvell.com>
To: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>,
"dev@dpdk.org" <dev@dpdk.org>
Cc: "brian.dooley@intel.com" <brian.dooley@intel.com>
Subject: RE: [EXTERNAL] [PATCH v5 3/4] crypto/qat: add sm2 encryption/decryption function
Date: Wed, 9 Oct 2024 20:49:11 +0000 [thread overview]
Message-ID: <CO6PR18MB4484EEED589803C2E3012C8AD87F2@CO6PR18MB4484.namprd18.prod.outlook.com> (raw)
In-Reply-To: <20241009130147.38280-4-arkadiuszx.kusztal@intel.com>
> This commit adds SM2 elliptic curve based asymmetric
> encryption and decryption to the Intel QuickAssist
> Technology PMD.
>
> Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
> ---
> doc/guides/cryptodevs/features/qat.ini | 1 +
> doc/guides/rel_notes/release_24_11.rst | 4 +
> drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h | 3 +
> drivers/common/qat/qat_adf/qat_pke.h | 20 ++++
> drivers/crypto/qat/qat_asym.c | 140 +++++++++++++++++++++++-
> 5 files changed, 162 insertions(+), 6 deletions(-)
>
RTE_CRYPTO_SM2_PARTIAL is not set in the PMD as op_capa.
> diff --git a/doc/guides/cryptodevs/features/qat.ini
> b/doc/guides/cryptodevs/features/qat.ini
> index f41d29158f..219dd1e011 100644
> --- a/doc/guides/cryptodevs/features/qat.ini
> +++ b/doc/guides/cryptodevs/features/qat.ini
> @@ -71,6 +71,7 @@ ZUC EIA3 = Y
> AES CMAC (128) = Y
> SM3 = Y
> SM3 HMAC = Y
> +SM2 = Y
>
> ;
> ; Supported AEAD algorithms of the 'qat' crypto driver.
> diff --git a/doc/guides/rel_notes/release_24_11.rst
> b/doc/guides/rel_notes/release_24_11.rst
> index e0a9aa55a1..e56824310b 100644
> --- a/doc/guides/rel_notes/release_24_11.rst
> +++ b/doc/guides/rel_notes/release_24_11.rst
> @@ -67,6 +67,10 @@ New Features
>
> The new statistics are useful for debugging and profiling.
>
> +* **Updated the QuickAssist Technology (QAT) Crypto PMD.**
> +
> + * Added SM2 encryption and decryption algorithms.
> +
>
> Removed Items
> -------------
> diff --git a/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h
> b/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h
> index 630c6e1a9b..aa49612ca1 100644
> --- a/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h
> +++ b/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h
> @@ -1542,6 +1542,9 @@ icp_qat_fw_mmp_ecdsa_verify_gfp_521_input::in in
> @endlink
> * @li no output parameters
> */
>
> +#define PKE_ECSM2_ENCRYPTION 0x25221720
> +#define PKE_ECSM2_DECRYPTION 0x201716e6
> +
> #define PKE_LIVENESS 0x00000001
> /**< Functionality ID for PKE_LIVENESS
> * @li 0 input parameter(s)
> diff --git a/drivers/common/qat/qat_adf/qat_pke.h
> b/drivers/common/qat/qat_adf/qat_pke.h
> index f88932a275..ac051e965d 100644
> --- a/drivers/common/qat/qat_adf/qat_pke.h
> +++ b/drivers/common/qat/qat_adf/qat_pke.h
> @@ -334,4 +334,24 @@ get_sm2_ecdsa_verify_function(void)
> return qat_function;
> }
>
> +static struct qat_asym_function
> +get_sm2_encryption_function(void)
> +{
> + struct qat_asym_function qat_function = {
> + PKE_ECSM2_ENCRYPTION, 32
> + };
> +
> + return qat_function;
> +}
> +
> +static struct qat_asym_function
> +get_sm2_decryption_function(void)
> +{
> + struct qat_asym_function qat_function = {
> + PKE_ECSM2_DECRYPTION, 32
> + };
> +
> + return qat_function;
> +}
> +
> #endif
> diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
> index e43884e69b..3ce48a1486 100644
> --- a/drivers/crypto/qat/qat_asym.c
> +++ b/drivers/crypto/qat/qat_asym.c
> @@ -932,6 +932,15 @@ sm2_ecdsa_sign_set_input(struct
> icp_qat_fw_pke_request *qat_req,
> qat_req->input_param_count = 3;
> qat_req->output_param_count = 2;
>
> + HEXDUMP("SM2 K test", asym_op->sm2.k.data,
> + cookie->alg_bytesize);
> + HEXDUMP("SM2 K", cookie->input_array[0],
> + cookie->alg_bytesize);
> + HEXDUMP("SM2 msg", cookie->input_array[1],
> + cookie->alg_bytesize);
> + HEXDUMP("SM2 pkey", cookie->input_array[2],
> + cookie->alg_bytesize);
> +
> return RTE_CRYPTO_OP_STATUS_SUCCESS;
> }
>
> @@ -983,6 +992,114 @@ sm2_ecdsa_sign_collect(struct rte_crypto_asym_op
> *asym_op,
> }
>
> static int
> +sm2_encryption_set_input(struct icp_qat_fw_pke_request *qat_req,
> + struct qat_asym_op_cookie *cookie,
> + const struct rte_crypto_asym_op *asym_op,
> + const struct rte_crypto_asym_xform *xform)
> +{
> + const struct qat_asym_function qat_function =
> + get_sm2_encryption_function();
> + const uint32_t qat_func_alignsize =
> + qat_function.bytesize;
> +
> + SET_PKE_LN(asym_op->sm2.k, qat_func_alignsize, 0);
> + SET_PKE_LN(xform->ec.q.x, qat_func_alignsize, 1);
> + SET_PKE_LN(xform->ec.q.y, qat_func_alignsize, 2);
> +
> + cookie->alg_bytesize = qat_function.bytesize;
> + cookie->qat_func_alignsize = qat_function.bytesize;
> + qat_req->pke_hdr.cd_pars.func_id = qat_function.func_id;
> + qat_req->input_param_count = 3;
> + qat_req->output_param_count = 4;
> +
> + HEXDUMP("SM2 K", cookie->input_array[0],
> + qat_func_alignsize);
> + HEXDUMP("SM2 Q.x", cookie->input_array[1],
> + qat_func_alignsize);
> + HEXDUMP("SM2 Q.y", cookie->input_array[2],
> + qat_func_alignsize);
> +
> + return RTE_CRYPTO_OP_STATUS_SUCCESS;
> +}
> +
> +static uint8_t
> +sm2_encryption_collect(struct rte_crypto_asym_op *asym_op,
> + const struct qat_asym_op_cookie *cookie)
> +{
> + uint32_t alg_bytesize = cookie->alg_bytesize;
> +
> + rte_memcpy(asym_op->sm2.C1.x.data, cookie->output_array[0],
> alg_bytesize);
> + rte_memcpy(asym_op->sm2.C1.y.data, cookie->output_array[1],
> alg_bytesize);
> + rte_memcpy(asym_op->sm2.kP.x.data, cookie->output_array[2],
> alg_bytesize);
> + rte_memcpy(asym_op->sm2.kP.y.data, cookie->output_array[3],
> alg_bytesize);
> + asym_op->sm2.C1.x.length = alg_bytesize;
> + asym_op->sm2.C1.y.length = alg_bytesize;
> + asym_op->sm2.kP.x.length = alg_bytesize;
> + asym_op->sm2.kP.y.length = alg_bytesize;
> +
> + HEXDUMP("C1[x1]", cookie->output_array[0],
> + alg_bytesize);
> + HEXDUMP("C1[y]", cookie->output_array[1],
> + alg_bytesize);
> + HEXDUMP("kP[x]", cookie->output_array[2],
> + alg_bytesize);
> + HEXDUMP("kP[y]", cookie->output_array[3],
> + alg_bytesize);
> + return RTE_CRYPTO_OP_STATUS_SUCCESS;
> +}
> +
> +
> +static int
> +sm2_decryption_set_input(struct icp_qat_fw_pke_request *qat_req,
> + struct qat_asym_op_cookie *cookie,
> + const struct rte_crypto_asym_op *asym_op,
> + const struct rte_crypto_asym_xform *xform)
> +{
> + const struct qat_asym_function qat_function =
> + get_sm2_decryption_function();
> + const uint32_t qat_func_alignsize =
> + qat_function.bytesize;
> +
> + SET_PKE_LN(xform->ec.pkey, qat_func_alignsize, 0);
> + SET_PKE_LN(asym_op->sm2.C1.x, qat_func_alignsize, 1);
> + SET_PKE_LN(asym_op->sm2.C1.y, qat_func_alignsize, 2);
> +
> + cookie->alg_bytesize = qat_function.bytesize;
> + cookie->qat_func_alignsize = qat_function.bytesize;
> + qat_req->pke_hdr.cd_pars.func_id = qat_function.func_id;
> + qat_req->input_param_count = 3;
> + qat_req->output_param_count = 2;
> +
> + HEXDUMP("d", cookie->input_array[0],
> + qat_func_alignsize);
> + HEXDUMP("C1[x]", cookie->input_array[1],
> + qat_func_alignsize);
> + HEXDUMP("C1[y]", cookie->input_array[2],
> + qat_func_alignsize);
> +
> + return RTE_CRYPTO_OP_STATUS_SUCCESS;
> +}
> +
> +
> +static uint8_t
> +sm2_decryption_collect(struct rte_crypto_asym_op *asym_op,
> + const struct qat_asym_op_cookie *cookie)
> +{
> + uint32_t alg_bytesize = cookie->alg_bytesize;
> +
> + rte_memcpy(asym_op->sm2.kP.x.data, cookie->output_array[0],
> alg_bytesize);
> + rte_memcpy(asym_op->sm2.kP.y.data, cookie->output_array[1],
> alg_bytesize);
> + asym_op->sm2.kP.x.length = alg_bytesize;
> + asym_op->sm2.kP.y.length = alg_bytesize;
> +
> + HEXDUMP("kP[x]", cookie->output_array[0],
> + alg_bytesize);
> + HEXDUMP("kP[y]", cookie->output_array[1],
> + alg_bytesize);
> + return RTE_CRYPTO_OP_STATUS_SUCCESS;
> +}
> +
> +static int
> asym_set_input(struct icp_qat_fw_pke_request *qat_req,
> struct qat_asym_op_cookie *cookie,
> const struct rte_crypto_asym_op *asym_op,
> @@ -1014,14 +1131,20 @@ asym_set_input(struct icp_qat_fw_pke_request
> *qat_req,
> asym_op, xform);
> }
> case RTE_CRYPTO_ASYM_XFORM_SM2:
> - if (asym_op->sm2.op_type ==
> - RTE_CRYPTO_ASYM_OP_VERIFY) {
> + if (asym_op->sm2.op_type ==
> RTE_CRYPTO_ASYM_OP_ENCRYPT) {
> + return sm2_encryption_set_input(qat_req, cookie,
> + asym_op, xform);
> + } else if (asym_op->sm2.op_type ==
> RTE_CRYPTO_ASYM_OP_DECRYPT) {
> + return sm2_decryption_set_input(qat_req, cookie,
> + asym_op, xform);
> + } else if (asym_op->sm2.op_type ==
> RTE_CRYPTO_ASYM_OP_VERIFY) {
> return sm2_ecdsa_verify_set_input(qat_req, cookie,
> asym_op, xform);
> - } else {
> + } else if (asym_op->sm2.op_type ==
> RTE_CRYPTO_ASYM_OP_SIGN) {
> return sm2_ecdsa_sign_set_input(qat_req, cookie,
> asym_op, xform);
> }
> + break;
> default:
> QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform");
> return -EINVAL;
> @@ -1113,7 +1236,13 @@ qat_asym_collect_response(struct rte_crypto_op
> *op,
> case RTE_CRYPTO_ASYM_XFORM_ECDH:
> return ecdh_collect(asym_op, cookie);
> case RTE_CRYPTO_ASYM_XFORM_SM2:
> - return sm2_ecdsa_sign_collect(asym_op, cookie);
> + if (asym_op->sm2.op_type ==
> RTE_CRYPTO_ASYM_OP_ENCRYPT)
> + return sm2_encryption_collect(asym_op, cookie);
> + else if (asym_op->sm2.op_type ==
> RTE_CRYPTO_ASYM_OP_DECRYPT)
> + return sm2_decryption_collect(asym_op, cookie);
> + else
> + return sm2_ecdsa_sign_collect(asym_op, cookie);
> +
> default:
> QAT_LOG(ERR, "Not supported xform type");
> return RTE_CRYPTO_OP_STATUS_ERROR;
> @@ -1385,9 +1514,8 @@ qat_asym_session_configure(struct rte_cryptodev
> *dev __rte_unused,
> case RTE_CRYPTO_ASYM_XFORM_ECDSA:
> case RTE_CRYPTO_ASYM_XFORM_ECPM:
> case RTE_CRYPTO_ASYM_XFORM_ECDH:
> - session_set_ec(qat_session, xform);
> - break;
> case RTE_CRYPTO_ASYM_XFORM_SM2:
> + session_set_ec(qat_session, xform);
> break;
> default:
> ret = -ENOTSUP;
> --
> 2.13.6
next prev parent reply other threads:[~2024-10-09 20:49 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-29 18:59 [PATCH 1/3] cryptodev: add ec points to sm2 op Arkadiusz Kusztal
2024-01-29 18:59 ` [PATCH 2/3] crypto/qat: add sm2 encryption/decryption function Arkadiusz Kusztal
2024-01-29 18:59 ` [PATCH 3/3] app/test: add test sm2 C1/Kp test cases Arkadiusz Kusztal
2024-02-01 8:07 ` [EXT] [PATCH 1/3] cryptodev: add ec points to sm2 op Akhil Goyal
2024-02-01 13:25 ` Kusztal, ArkadiuszX
2024-09-24 16:30 ` Akhil Goyal
2024-09-29 17:29 ` [PATCH v2] " Arkadiusz Kusztal
2024-10-01 7:57 ` [EXTERNAL] " Akhil Goyal
2024-10-03 14:39 ` Akhil Goyal
2024-10-07 8:29 ` Kusztal, ArkadiuszX
2024-10-08 6:28 ` [PATCH v3 1/4] cryptodev: add partial sm2 feature flag Arkadiusz Kusztal
2024-10-08 6:28 ` [PATCH v3 2/4] cryptodev: add ec points to sm2 op Arkadiusz Kusztal
2024-10-08 11:27 ` [EXTERNAL] " Akhil Goyal
2024-10-08 11:46 ` Kusztal, ArkadiuszX
2024-10-08 11:49 ` Akhil Goyal
2024-10-08 6:28 ` [PATCH v3 3/4] crypto/qat: add sm2 encryption/decryption function Arkadiusz Kusztal
2024-10-08 6:28 ` [PATCH v3 4/4] app/test: add test sm2 C1/Kp test cases Arkadiusz Kusztal
2024-10-08 15:40 ` Dooley, Brian
2024-10-08 11:46 ` [EXTERNAL] [PATCH v3 1/4] cryptodev: add partial sm2 feature flag Akhil Goyal
2024-10-08 11:48 ` Kusztal, ArkadiuszX
2024-10-08 18:14 ` [PATCH v4 0/4] add ec points to sm2 op Arkadiusz Kusztal
2024-10-08 18:14 ` [PATCH v4 1/4] cryptodev: reorder structures in asym crypto header Arkadiusz Kusztal
2024-10-08 18:14 ` [PATCH v4 2/4] cryptodev: add ec points to sm2 op Arkadiusz Kusztal
2024-10-08 20:46 ` Stephen Hemminger
2024-10-08 21:00 ` Kusztal, ArkadiuszX
2024-10-08 21:09 ` Stephen Hemminger
2024-10-08 21:29 ` Kusztal, ArkadiuszX
2024-10-09 13:01 ` [PATCH v5 0/4] " Arkadiusz Kusztal
2024-10-09 13:01 ` [PATCH v5 1/4] cryptodev: reorder structures in asym crypto header Arkadiusz Kusztal
2024-10-09 21:03 ` [EXTERNAL] " Akhil Goyal
2024-10-09 13:01 ` [PATCH v5 2/4] cryptodev: add ec points to sm2 op Arkadiusz Kusztal
2024-10-09 20:51 ` [EXTERNAL] " Akhil Goyal
2024-10-11 12:17 ` Akhil Goyal
2024-10-17 18:54 ` Kusztal, ArkadiuszX
2024-10-18 12:30 ` Akhil Goyal
2024-10-09 13:01 ` [PATCH v5 3/4] crypto/qat: add sm2 encryption/decryption function Arkadiusz Kusztal
2024-10-09 20:49 ` Akhil Goyal [this message]
2024-10-10 7:49 ` [EXTERNAL] " Kusztal, ArkadiuszX
2024-10-09 13:01 ` [PATCH v5 4/4] app/test: add test sm2 C1/Kp test cases Arkadiusz Kusztal
2024-10-11 12:16 ` [EXTERNAL] " Akhil Goyal
2024-10-08 18:14 ` [PATCH v4 3/4] crypto/qat: add sm2 encryption/decryption function Arkadiusz Kusztal
2024-10-08 18:14 ` [PATCH v4 4/4] app/test: add test sm2 C1/Kp test cases Arkadiusz Kusztal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CO6PR18MB4484EEED589803C2E3012C8AD87F2@CO6PR18MB4484.namprd18.prod.outlook.com \
--to=gakhil@marvell.com \
--cc=arkadiuszx.kusztal@intel.com \
--cc=brian.dooley@intel.com \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).