From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D5B78A0545; Tue, 21 Jun 2022 15:36:08 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id C84814069C; Tue, 21 Jun 2022 15:36:08 +0200 (CEST) Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mails.dpdk.org (Postfix) with ESMTP id 1629540151 for ; Tue, 21 Jun 2022 15:36:06 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1655818567; x=1687354567; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=Him75ELeM1Li8fZnSPZrTzbjpkR7PK5eCTpFfEoStT0=; b=ZLjfUN1XQtMwgqSqwNK0erIx6GuTP/lJPoWMImbv15IogLqoklEJkyWB rEUxjZWPwk0M7BSt/ANNWnaQTMExwmyUgybqfGATlo7g+XG+qW2oAM2Zs 8J3WFyfb0joQStIze6gEVbZDXTKlbBvPwCNtTW+40y0j3CUjlQQUGLYcB RQ6ltvpmmV3hviQtD5T5HRpS2h+QNgApw04T7ChDbTleRSZMZuI2m+2fk /4OkiIWr9Ks8OurhZZ2aUIJVlRaA+3kbAms0R3HM7a35d9Z0Gd5BiP3t4 uU1OrprdHEaJ9ewFZMygoHcCiaKgn6WjiUB/6PoOj9NAc8qy+gatTu/49 w==; X-IronPort-AV: E=McAfee;i="6400,9594,10384"; a="280849577" X-IronPort-AV: E=Sophos;i="5.92,209,1650956400"; d="scan'208";a="280849577" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Jun 2022 06:36:02 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,209,1650956400"; d="scan'208";a="764459605" Received: from orsmsx606.amr.corp.intel.com ([10.22.229.19]) by orsmga005.jf.intel.com with ESMTP; 21 Jun 2022 06:36:02 -0700 Received: from orsmsx607.amr.corp.intel.com (10.22.229.20) by ORSMSX606.amr.corp.intel.com (10.22.229.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Tue, 21 Jun 2022 06:36:01 -0700 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX607.amr.corp.intel.com (10.22.229.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Tue, 21 Jun 2022 06:36:01 -0700 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Tue, 21 Jun 2022 06:36:01 -0700 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.108) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Tue, 21 Jun 2022 06:36:01 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YM5jLu4NnMloTF6BpAE42i56NDoSNgKVrNN7q5W8R7sivRhKMb2T/c+02kzvduL6vRLZw/hc/GjRRosRTDbneSEPGxfb/156EYtjUQYgHpWn5A9jLThwjIDfOTZWfX0O5b9jkLWY4DZwddS4SHndDD1v/v/h2poOBJI3KS6UjFkqCS9ZYxDp5thCqJnf+aja+psXNrHOFEDxgWCsOyxh90yNE75EIkeUzriftvAK9Z66gOZk6zb3Sg5Z59OvMV+CZopj+PG9IYM4IkYwIz8DdCEzQmS+5r53niztKkFy6QU2EwioATozt+CqDAEKUy0eqyVPf6HoXpifbtVxsZ3pGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2f5EFyXVBq/xH6Qv/x8ilJUX4WrVrhuz9x5asta8zGY=; b=TkFLlau6eEGI22sdNPhkZ5oK8vmYb0yomZW9ovL6M5QJsV8PvCvkHlvSOQl2vxUyq+3AsFINKdhgtk/6Maci7erwDAav1qkZLNGM2lVSmo26ZO990Xht3l5w7DCVm5bK2VYiDkT6TPq0cZv7/6VQsZZnbpT7JCzPzz8kHgUlpkzRf/RVT/lByGR+Fk9HBSFIp1Cep7gC6T0opCzbbkmpAxgtXhwJjPcA3cywto042uU3K1AtLf+dsgfHsPP8oC0Kw0a4lExF9hb5vij3PMK3v1CjxcULb5b5MLV7Y/pD8KPWof4hF1iMKa92ChUrZJHuxThxC6daha724cMps8oGEQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from SN6PR11MB3408.namprd11.prod.outlook.com (2603:10b6:805:bc::22) by CY4PR11MB1448.namprd11.prod.outlook.com (2603:10b6:910:b::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5353.19; Tue, 21 Jun 2022 13:35:59 +0000 Received: from SN6PR11MB3408.namprd11.prod.outlook.com ([fe80::e53c:30c9:2ca8:f7f2]) by SN6PR11MB3408.namprd11.prod.outlook.com ([fe80::e53c:30c9:2ca8:f7f2%7]) with mapi id 15.20.5353.022; Tue, 21 Jun 2022 13:35:59 +0000 From: "Ji, Kai" To: Akhil Goyal , "dev@dpdk.org" Subject: RE: [EXT] [dpdk-dev v4 2/4] crypto/openssl: 3.0 EVP update on RSA routine Thread-Topic: [EXT] [dpdk-dev v4 2/4] crypto/openssl: 3.0 EVP update on RSA routine Thread-Index: AQHYf/JGS/67a9rwJUid3a4c1s7Gta1ZoxiAgABDmDA= Date: Tue, 21 Jun 2022 13:35:59 +0000 Message-ID: References: <20220613164023.70872-1-kai.ji@intel.com> <20220614132542.76241-1-kai.ji@intel.com> <20220614132542.76241-3-kai.ji@intel.com> In-Reply-To: Accept-Language: en-IE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-reaction: no-action dlp-version: 11.6.500.17 dlp-product: dlpe-windows authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 47b4e021-a3eb-4394-e315-08da538afa59 x-ms-traffictypediagnostic: CY4PR11MB1448:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: qP+X4N9DZRL8gx8kvG2d5+PaNJ3y6+nn6VMXDTljiLgjAAo8oN+4whlbyrhH+GCKQNwHAP5Qb7ZJnAUyjeZDq/clSHcX7lt2pRS9xEkTRVp0o+W5BhtgW3kMiU/Lr6Z+UTPtGVf3xI+QChthQmP9y+gV09l0XugIExbh0SWki0crJEqdwLct4wAr17+UWv7Ql9GPVpghJZGx0AfLiCzLNHCFWIpyOWv/Wk+TpJBdOyS++PgYxvjYt8mVx1iWHOiah/fE4Rw3mavbnzEXSqX1tYli8lbQcjvxf4kOKbNMA7fL/SpZepNkIrK4l0HHMx9HpuqgQj1SV9dCnebZwRHRFcZBjo68fq6l+5gCkQV8i9ZYpBNicHXXTDWtQa27EfNkma6zqPTpvXoHxLmk8QnVHWBug5BaijhU6kXoP+qf5XJyaQ7WUkomUzGbJXKbHlrKz1/fWtCZIvkuQsqIs5H8knxR4syDLiR288URbO55sQ0usyKp5CV2V8EGVjg+G6LQVKmEUD5Gq52ODBzXTvHfewmQFmVuAp35II2gKiC6if2UoMqUt44OumLdNPneYWMu1o/i8bAcLkv9EBrsZtMzMgfFYITOR2Y4saWtpD/8VlYBuDAvoBLKRzi3b2zPrRGtv/UhOEAksoRWnJOliivEQsqqVVNmpIHnz2disR2QAIBrt7XiuS6PNOuvnU9CmVQvZPRS81s7X6YKhHLUphU5Dg== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR11MB3408.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(39860400002)(376002)(346002)(366004)(136003)(396003)(316002)(8676002)(38070700005)(110136005)(5660300002)(71200400001)(8936002)(64756008)(66946007)(66476007)(186003)(38100700002)(122000001)(52536014)(66446008)(55016003)(66556008)(83380400001)(76116006)(41300700001)(86362001)(2906002)(26005)(82960400001)(9686003)(15650500001)(478600001)(7696005)(6506007)(33656002); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?XpIvmS+4LN5MEeYsc74MrWcit60J/4ZgcTPbSKAtI7fbvgXQFQDzeRBZKiZ9?= =?us-ascii?Q?9XiUjS/PdJ3fI/muzzG1vaa53W5l44eJiGuUI8kL/cdpQfS8HoNDELXeHsYD?= =?us-ascii?Q?hVBELiXtB21lrXMgN9zQx0f8mx+fgSPLB4GvPDYNbXge3KiyZAf12NyKXmv7?= =?us-ascii?Q?dlputSahorK/oSiTLsLHC3Nk6RZKDhxlrhR9HwtbfTdf9tMn8sYJbkuAhzyO?= =?us-ascii?Q?h5WoMEHmbzIVFZkJkoadUq/CM7QA5ewQCBoFcweKscE8FjnyuaM2+rElCa1N?= =?us-ascii?Q?znsSznf/MlKNR2/JNhcAVDhsZGj24+svn1lNQYgZz51lj0IWgKOb5VtltnSp?= =?us-ascii?Q?/cNv0z82A2+doR79548mUdr7SdjKJyymPqfM+iggkJ6/7/xhm8PsMktH868y?= =?us-ascii?Q?0N8/5Wgj/hWF/lq+WsK9n3L2oq96gIFzqcDU07rskCmqWwsXsAeKqW2dNh3p?= =?us-ascii?Q?oqD8fFAvw3EM6gwWUvaVRcuQpFoaq3tp/w4tUtDwBW+1sGuOkLySXgwNAizZ?= =?us-ascii?Q?zDpwQ8En1kFADy23HWhPnyCx1RVXpehxipnVBAz/DDhKsgkS3itKkpv924WL?= =?us-ascii?Q?mabXXQkGdEvdA3+7OIQ6IbLFaxOh5y1tUbOArOtjoxBzukXgKtFUekwWJO75?= =?us-ascii?Q?28VPnMj++clhhuO/TeFtsKB7OediDjiF7cwLZ+oQ/gj9SAn3Ai4JP2aetWNb?= =?us-ascii?Q?Wx6luNkH6xT76ZhtT3K5n3VF22+V9ExlMbbDDwMAT9YNVCVzzt0KVGMFxOgK?= =?us-ascii?Q?mRLErmBu9gm4W8lSQg8+eLvCzbNKhB5lD5+MxQiVC6fjTiNF0VAsBVlW6Kel?= =?us-ascii?Q?GBVJ7KpARmWYyeC3Cp7XoSnl1PjzPXA/oCv8vdEFNSoEGkg3udzmTogXSzEH?= =?us-ascii?Q?FyPLN+TH+uPTPbUTk33aEDze9rY9unn7rl4YPHqt9QJ42SEq9AE7GiksHLMv?= =?us-ascii?Q?whgU2V9ZGliJbmkvKMOY6cxKvaPaVVxDSuJLd1z+TI9PkdWFTL3nC0QkbELz?= =?us-ascii?Q?eUOQc7E9ieHh01EWTW30OanleKKtZuS5qnB6pD5RNrhi/Ed+an/bLdmZH7qG?= =?us-ascii?Q?XuRKVF6x54q8mCYOM74Q5D8rRQXJa6J2WQq0bpvAhv5O2PVbkr0eTDzx9SS/?= =?us-ascii?Q?kQmhg9RKZMnJgaFQEKCYXu90lLs9IKriur1C9iOYoknWerwbb4WfWlN/dX5n?= =?us-ascii?Q?PJsaolauCIc9tyadig/VXfrvg+HpZ1wMgz6BH9Yv3d3Jlf5fdWALUUP2EvFN?= =?us-ascii?Q?Wc+Okck5xcYIM4NRx6LjKn9ICiAXF1SR6PxFWkhnLO8y+xZBZdox0oLjDCJN?= =?us-ascii?Q?ELq0VzvCTpcW2o0wyZJWK3Ra2OsFC6LBRT/kTITiVW4pbmHGr1+r/E2dqmvM?= =?us-ascii?Q?7JqbWCJBoc8+a9sxNuMR+FzCaBzuZ0YImu4PfzjCykp2/AgTs/VuKNXuT0ON?= =?us-ascii?Q?pkpr9KpZ2qeiF4aJGnxwD5i2ihmaWqtk7NxrpfWfMCGsuumGC7uL9zX4XOHa?= =?us-ascii?Q?09uOIMQtJqX1HDm08w4XWU+fXnPLBkadkXBf+0yUniDRWqkCNT315AmdyccW?= =?us-ascii?Q?8xizvVPV2tbZoORrBYOz2MELn++0ynQ4MiQa6aM4cX/fOd6ZJU/I8lQAntnQ?= =?us-ascii?Q?1SjQqXFIOvxV8GXW3kU4VQS8XMDMufU43MmQ+xmezmD1gkYnMB/wEPfiWe0F?= =?us-ascii?Q?j4ub1VDyBunDgw7dbFte8GGaemrjiEv+6YiL7s8IT3xFC42Dr6pwfbYZjnlG?= =?us-ascii?Q?dIeA0iiq1g=3D=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SN6PR11MB3408.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 47b4e021-a3eb-4394-e315-08da538afa59 X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jun 2022 13:35:59.6977 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: RjsC2AzHC+v0dGm32gRcz/k+ClesOsbFc2BKCBKPUxVev2y0ZX0lQwvl8TkbjqMbGbtCERpXHCmJDDIk/f9uUw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB1448 X-OriginatorOrg: intel.com X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > -----Original Message----- > > --- a/drivers/crypto/openssl/rte_openssl_pmd.c > > +++ b/drivers/crypto/openssl/rte_openssl_pmd.c > > @@ -2046,6 +2046,150 @@ process_openssl_modexp_op(struct > rte_crypto_op > > *cop, } > > > > /* process rsa operations */ > > +#if (OPENSSL_VERSION_NUMBER >=3D 0x30000000L) static int > > +process_openssl_rsa_op_evp(struct rte_crypto_op *cop, > > + struct openssl_asym_session *sess) > > +{ > > + struct rte_crypto_asym_op *op =3D cop->asym; > > + uint32_t pad =3D (op->rsa.padding.type); > > + uint8_t *tmp; > > + size_t outlen =3D 0; > > + int ret =3D -1; > > + > > + cop->status =3D RTE_CRYPTO_OP_STATUS_ERROR; > > + EVP_PKEY_CTX *rsa_ctx =3D sess->u.r.ctx; > > + if (!rsa_ctx) > > + return ret; > > + > > + switch (pad) { > > + case RTE_CRYPTO_RSA_PADDING_PKCS1_5: > > + pad =3D RSA_PKCS1_PADDING; > > + break; > > + case RTE_CRYPTO_RSA_PADDING_NONE: > > + pad =3D RSA_NO_PADDING; > > + break; > > + default: > > + cop->status =3D RTE_CRYPTO_OP_STATUS_INVALID_ARGS; > > + OPENSSL_LOG(ERR, > > + "rsa pad type not supported %d\n", pad); > > + return ret; > > + } > > + > > + switch (op->rsa.op_type) { > > + case RTE_CRYPTO_ASYM_OP_ENCRYPT: > > + if (EVP_PKEY_encrypt_init(rsa_ctx) !=3D 1) > > + goto err_rsa; > > + > > + if (EVP_PKEY_CTX_set_rsa_padding(rsa_ctx, pad) <=3D 0) > > + goto err_rsa; > > + > > + if (EVP_PKEY_encrypt(rsa_ctx, NULL, &outlen, > > + op- > >rsa.message.data, > > + op- > > >rsa.message.length) <=3D 0) >=20 > Remove extra indentation here and below also. >=20 > Cop->status is not updated in case of failure gotos. > Cop->status was assigned RTE_CRYPTO_OP_STATUS_ERROR at the top of this func= , and only change to=20 RTE_CRYPTO_OP_STATUS_SUCCESS before the return when no failure.=20 >=20 > > + goto err_rsa; > > + > > + if (outlen <=3D 0) > > + goto err_rsa; > > + > > + if (EVP_PKEY_encrypt(rsa_ctx, op->rsa.cipher.data, &outlen, > > + op- > >rsa.message.data, > > + op- > > >rsa.message.length) <=3D 0) > > + goto err_rsa; > > + op->rsa.cipher.length =3D outlen; > > + > > + OPENSSL_LOG(DEBUG, > > + "length of encrypted text %zu\n", outlen); > > + break; > > + > > + case RTE_CRYPTO_ASYM_OP_DECRYPT: > > + if (EVP_PKEY_decrypt_init(rsa_ctx) !=3D 1) > > + goto err_rsa; > > + > > + if (EVP_PKEY_CTX_set_rsa_padding(rsa_ctx, pad) <=3D 0) > > + goto err_rsa; > > + > > + if (EVP_PKEY_decrypt(rsa_ctx, NULL, &outlen, > > + op->rsa.cipher.data, > > + op->rsa.cipher.length) > > <=3D 0) > > + goto err_rsa; > > + > > + if (outlen <=3D 0) > > + goto err_rsa; > > + > > + if (EVP_PKEY_decrypt(rsa_ctx, op->rsa.message.data, > &outlen, > > + op->rsa.cipher.data, > > + op->rsa.cipher.length) > > <=3D 0) > > + goto err_rsa; > > + op->rsa.message.length =3D outlen; > > + > > + OPENSSL_LOG(DEBUG, "length of decrypted text %zu\n", > > outlen); > > + break; > > + > > + case RTE_CRYPTO_ASYM_OP_SIGN: > > + if (EVP_PKEY_sign_init(rsa_ctx) <=3D 0) > > + goto err_rsa; > > + > > + if (EVP_PKEY_CTX_set_rsa_padding(rsa_ctx, pad) <=3D 0) > > + goto err_rsa; > > + > > + if (EVP_PKEY_sign(rsa_ctx, op->rsa.sign.data, &outlen, > > + op- > >rsa.message.data, > > + op- > > >rsa.message.length) <=3D 0) > > + goto err_rsa; > > + op->rsa.sign.length =3D outlen; > > + break; > > + > > + case RTE_CRYPTO_ASYM_OP_VERIFY: > > + tmp =3D rte_malloc(NULL, op->rsa.sign.length, 0); > > + if (tmp =3D=3D NULL) { > > + OPENSSL_LOG(ERR, "Memory allocation failed"); > > + goto err_rsa; > > + } > > + > > + if (EVP_PKEY_verify_recover_init(rsa_ctx) <=3D 0) { > > + rte_free(tmp); > > + goto err_rsa; > > + } > > + > > + if (EVP_PKEY_CTX_set_rsa_padding(rsa_ctx, pad) <=3D 0) { > > + rte_free(tmp); > > + goto err_rsa; > > + } > > + > > + if (EVP_PKEY_verify_recover(rsa_ctx, tmp, &outlen, > > + op->rsa.sign.data, > > + op->rsa.sign.length) > <=3D > > 0) { > > + rte_free(tmp); > > + goto err_rsa; > > + } > > + > > + OPENSSL_LOG(DEBUG, > > + "Length of public_decrypt %zu " > > + "length of message %zd\n", > > + outlen, op->rsa.message.length); > > + if (CRYPTO_memcmp(tmp, op->rsa.message.data, > > + op->rsa.message.length)) { > > + OPENSSL_LOG(ERR, "RSA sign Verification failed"); > > + } > > + rte_free(tmp); > > + break; > > + > > + default: > > + /* allow ops with invalid args to be pushed to > > + * completion queue > > + */ > > + cop->status =3D RTE_CRYPTO_OP_STATUS_INVALID_ARGS; > > + goto err_rsa; > > + } > > + > > + ret =3D 0; > > + cop->status =3D RTE_CRYPTO_OP_STATUS_SUCCESS; > > +err_rsa: > > + return ret; > > + > > +} > > -- > > 2.17.1