From patchwork Wed Sep 27 11:37:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 131993 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3920542651; Wed, 27 Sep 2023 13:37:51 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2539B402D3; Wed, 27 Sep 2023 13:37:51 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 91E6D402D3 for ; Wed, 27 Sep 2023 13:37:49 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38RBEpWN029246; Wed, 27 Sep 2023 04:37:49 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=+DPyZzxJyrjZ2jXI1iU+AIE+W4oAqzaCj/fJbOBbZGY=; b=ebru9+nwBVGNHKwkARl5y3/pqeu1/vbQFwc+xj1OAcB29B9nP1vJi3HM2Ey7HuSz35dU hLdMpN8Kyau40QsfxApE6WAhQy8eDw/6n75mpRCC9927w32V1jhA3PmWdFdw16HGQxxO 5Fr9tCIDP5eVKIxfMFYFPURZwdh721vgCzo1yAhz+f5A35/z0yXgvYGhKRZAXxBxrpXP phKZ/Bk2VPoCXDfm1RUH/EnMxzFVcA0aXa8uUG45aYT8sERtko2SR4H2z6P9b9utkTWc updkN0adL6G5sDYJUdX4U0JaDz5sZKPDNV+NDj0YybaDV/EWInvkwo3vwuk+NV0vjD5w Dg== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3t9yhm68df-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 27 Sep 2023 04:37:48 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 27 Sep 2023 04:37:46 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 27 Sep 2023 04:37:46 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 40D403F7090; Wed, 27 Sep 2023 04:37:43 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Gowrishankar Muthukrishnan Subject: [PATCH v2 1/7] crypto/openssl: include SM2 in asymmetric capabilities Date: Wed, 27 Sep 2023 17:07:28 +0530 Message-ID: <20230927113734.1244-2-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20230927113734.1244-1-gmuthukrishn@marvell.com> References: <20230927113734.1244-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: CJ6AEjF5wuO-Nq-HGoapnnC1TJM-JQ6g X-Proofpoint-ORIG-GUID: CJ6AEjF5wuO-Nq-HGoapnnC1TJM-JQ6g X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-27_06,2023-09-27_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Include SM2 algorithm in the asymmetric capabilities supported by OpenSSL PMD. Fixes: 3b7d638fb11f ("crypto/openssl: support asymmetric SM2") Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 85a4fa3e55..2eb450fcfd 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -593,6 +593,20 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { }, } }, + { /* SM2 */ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, + {.asym = { + .xform_capa = { + .xform_type = RTE_CRYPTO_ASYM_XFORM_SM2, + .op_types = + ((1< X-Patchwork-Id: 131994 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 475C442651; Wed, 27 Sep 2023 13:38:00 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A017B4068E; Wed, 27 Sep 2023 13:37:54 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 722B740685 for ; Wed, 27 Sep 2023 13:37:53 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38R1PYLu029393; Wed, 27 Sep 2023 04:37:52 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=KZ0kYkIFxk4A2x/UNqqwHFW8b9WfnN9kfHe/sOgvIs0=; b=HqKi2Wo1CsjfEJo09Xv/KyzCjD9eV8dMVt0uAhLNZpoWpGulAvySeDSSJNNReDULB6n6 /5hccYvi6iTramIYB4xR02VjNVcuQVTLQM6FUnBIdjyRayMrUNIGZmOx50p4uITYEgqR zDiNMGP8cfOYEcHs28eoyza+MxyXT/VQdknKoXb0SjiJ4eD1McuIdZvSHijgsDtvI1oD A44af1V622yP5se6zUANp095BPtgdLY8HGpwbEUAkLxwpG4w5KN0nwPEmE3iq8gQbhle YFfI85+t/7Mkj5SFW1NRgm/o636lL30XTIMizKMiLNlfsTBqgiGbCZD0sS5QZ5dnIVR+ 2w== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3t9yhm68dr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 27 Sep 2023 04:37:52 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 27 Sep 2023 04:37:50 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 27 Sep 2023 04:37:49 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 4D2BA3F709D; Wed, 27 Sep 2023 04:37:47 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Gowrishankar Muthukrishnan Subject: [PATCH v2 2/7] cryptodev: set private and public keys in EC session Date: Wed, 27 Sep 2023 17:07:29 +0530 Message-ID: <20230927113734.1244-3-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20230927113734.1244-1-gmuthukrishn@marvell.com> References: <20230927113734.1244-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: f9cv3HMI8oVafsceEwtLCe5Tc8C9DozG X-Proofpoint-ORIG-GUID: f9cv3HMI8oVafsceEwtLCe5Tc8C9DozG X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-27_06,2023-09-27_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Set EC private and public keys into xform so that, it can be maintained per session. Signed-off-by: Gowrishankar Muthukrishnan --- app/test/test_cryptodev_asym.c | 121 ++++++---- drivers/common/cnxk/roc_ae.h | 18 ++ drivers/common/cpt/cpt_mcode_defines.h | 18 ++ drivers/common/cpt/cpt_ucode_asym.h | 22 +- drivers/crypto/cnxk/cnxk_ae.h | 235 ++++++++++++++++++- drivers/crypto/openssl/rte_openssl_pmd.c | 53 +---- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 38 ++- drivers/crypto/qat/qat_asym.c | 6 +- examples/fips_validation/main.c | 14 +- lib/cryptodev/rte_crypto_asym.h | 28 +-- 10 files changed, 409 insertions(+), 144 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 9820b80f7e..0e7a9b5460 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -1503,6 +1503,12 @@ test_ecdsa_sign_verify(enum curve curve_id) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA; xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -1524,8 +1530,6 @@ test_ecdsa_sign_verify(enum curve curve_id) op->asym->ecdsa.message.length = input_params.digest.length; op->asym->ecdsa.k.data = input_params.scalar.data; op->asym->ecdsa.k.length = input_params.scalar.length; - op->asym->ecdsa.pkey.data = input_params.pkey.data; - op->asym->ecdsa.pkey.length = input_params.pkey.length; /* Init out buf */ op->asym->ecdsa.r.data = output_buf_r; @@ -1582,10 +1586,6 @@ test_ecdsa_sign_verify(enum curve curve_id) /* Populate op with operational details */ op->asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; - op->asym->ecdsa.q.x.data = input_params.pubkey_qx.data; - op->asym->ecdsa.q.x.length = input_params.pubkey_qx.length; - op->asym->ecdsa.q.y.data = input_params.pubkey_qy.data; - op->asym->ecdsa.q.y.length = input_params.pubkey_qx.length; op->asym->ecdsa.r.data = asym_op->ecdsa.r.data; op->asym->ecdsa.r.length = asym_op->ecdsa.r.length; op->asym->ecdsa.s.data = asym_op->ecdsa.s.data; @@ -1653,10 +1653,10 @@ test_ecpm(enum curve curve_id) struct crypto_testsuite_ecpm_params input_params; void *sess = NULL; uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_crypto_asym_xform xform = {0}; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_x[TEST_DATA_SIZE]; uint8_t output_buf_y[TEST_DATA_SIZE]; - struct rte_crypto_asym_xform xform; struct rte_crypto_asym_op *asym_op; struct rte_cryptodev_info dev_info; struct rte_crypto_op *op = NULL; @@ -1838,7 +1838,13 @@ _test_sm2_sign(bool rnd_secret) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -1856,16 +1862,23 @@ _test_sm2_sign(bool rnd_secret) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN; - asym_op->sm2.message.data = input_params.message.data; - asym_op->sm2.message.length = input_params.message.length; - asym_op->sm2.pkey.data = input_params.pkey.data; - asym_op->sm2.pkey.length = input_params.pkey.length; - asym_op->sm2.q.x.data = input_params.pubkey_qx.data; - asym_op->sm2.q.x.length = input_params.pubkey_qx.length; - asym_op->sm2.q.y.data = input_params.pubkey_qy.data; - asym_op->sm2.q.y.length = input_params.pubkey_qy.length; - asym_op->sm2.id.data = input_params.id.data; - asym_op->sm2.id.length = input_params.id.length; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; + + if (asym_op->sm2.hash == RTE_CRYPTO_AUTH_SM3) { + asym_op->sm2.message.data = input_params.message.data; + asym_op->sm2.message.length = input_params.message.length; + asym_op->sm2.id.data = input_params.id.data; + asym_op->sm2.id.length = input_params.id.length; + } else { + asym_op->sm2.message.data = input_params.digest.data; + asym_op->sm2.message.length = input_params.digest.length; + asym_op->sm2.id.data = NULL; + asym_op->sm2.id.length = 0; + } + if (rnd_secret) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; @@ -2019,7 +2032,13 @@ test_sm2_verify(void) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2037,14 +2056,23 @@ test_sm2_verify(void) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; - asym_op->sm2.message.data = input_params.message.data; - asym_op->sm2.message.length = input_params.message.length; - asym_op->sm2.pkey.data = input_params.pkey.data; - asym_op->sm2.pkey.length = input_params.pkey.length; - asym_op->sm2.q.x.data = input_params.pubkey_qx.data; - asym_op->sm2.q.x.length = input_params.pubkey_qx.length; - asym_op->sm2.q.y.data = input_params.pubkey_qy.data; - asym_op->sm2.q.y.length = input_params.pubkey_qy.length; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; + + if (asym_op->sm2.hash == RTE_CRYPTO_AUTH_SM3) { + asym_op->sm2.message.data = input_params.message.data; + asym_op->sm2.message.length = input_params.message.length; + asym_op->sm2.id.data = input_params.id.data; + asym_op->sm2.id.length = input_params.id.length; + } else { + asym_op->sm2.message.data = input_params.digest.data; + asym_op->sm2.message.length = input_params.digest.length; + asym_op->sm2.id.data = NULL; + asym_op->sm2.id.length = 0; + } + asym_op->sm2.r.data = input_params.sign_r.data; asym_op->sm2.r.length = input_params.sign_r.length; asym_op->sm2.s.data = input_params.sign_s.data; @@ -2120,7 +2148,13 @@ _test_sm2_enc(bool rnd_secret) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2138,14 +2172,14 @@ _test_sm2_enc(bool rnd_secret) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; + asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; - asym_op->sm2.pkey.data = input_params.pkey.data; - asym_op->sm2.pkey.length = input_params.pkey.length; - asym_op->sm2.q.x.data = input_params.pubkey_qx.data; - asym_op->sm2.q.x.length = input_params.pubkey_qx.length; - asym_op->sm2.q.y.data = input_params.pubkey_qy.data; - asym_op->sm2.q.y.length = input_params.pubkey_qy.length; + if (rnd_secret) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; @@ -2299,7 +2333,13 @@ test_sm2_dec(void) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2317,14 +2357,13 @@ test_sm2_dec(void) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; + asym_op->sm2.cipher.data = input_params.cipher.data; asym_op->sm2.cipher.length = input_params.cipher.length; - asym_op->sm2.pkey.data = input_params.pkey.data; - asym_op->sm2.pkey.length = input_params.pkey.length; - asym_op->sm2.q.x.data = input_params.pubkey_qx.data; - asym_op->sm2.q.x.length = input_params.pubkey_qx.length; - asym_op->sm2.q.y.data = input_params.pubkey_qy.data; - asym_op->sm2.q.y.length = input_params.pubkey_qy.length; /* Init out buf */ asym_op->sm2.message.data = output_buf_m; diff --git a/drivers/common/cnxk/roc_ae.h b/drivers/common/cnxk/roc_ae.h index c972878eff..d8ad0129b1 100644 --- a/drivers/common/cnxk/roc_ae.h +++ b/drivers/common/cnxk/roc_ae.h @@ -67,6 +67,24 @@ struct roc_ae_ec_group { struct roc_ae_ec_ctx { /* Prime length defined by microcode for EC operations */ uint8_t curveid; + + /* Private key */ + struct { + uint8_t data[66]; + unsigned int length; + } pkey; + + /* Public key */ + struct { + struct { + uint8_t data[66]; + unsigned int length; + } x; + struct { + uint8_t data[66]; + unsigned int length; + } y; + } q; }; /* Buffer pointer */ diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h index e6dcb7674c..b337dbc68d 100644 --- a/drivers/common/cpt/cpt_mcode_defines.h +++ b/drivers/common/cpt/cpt_mcode_defines.h @@ -364,6 +364,24 @@ struct cpt_ec_group { struct cpt_asym_ec_ctx { /* Prime length defined by microcode for EC operations */ uint8_t curveid; + + /* Private key */ + struct { + uint8_t data[66]; + unsigned int length; + } pkey; + + /* Public key */ + struct { + struct { + uint8_t data[66]; + unsigned int length; + } x; + struct { + uint8_t data[66]; + unsigned int length; + } y; + } q; }; struct cpt_asym_sess_misc { diff --git a/drivers/common/cpt/cpt_ucode_asym.h b/drivers/common/cpt/cpt_ucode_asym.h index 1105a0c125..e1034bbeb4 100644 --- a/drivers/common/cpt/cpt_ucode_asym.h +++ b/drivers/common/cpt/cpt_ucode_asym.h @@ -633,12 +633,13 @@ static __rte_always_inline void cpt_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, struct asym_op_params *ecdsa_params, uint64_t fpm_table_iova, - uint8_t curveid) + struct cpt_asym_sess_misc *sess) { struct cpt_request_info *req = ecdsa_params->req; uint16_t message_len = ecdsa->message.length; phys_addr_t mphys = ecdsa_params->meta_buf; - uint16_t pkey_len = ecdsa->pkey.length; + uint16_t pkey_len = sess->ec_ctx.pkey.length; + uint8_t curveid = sess->ec_ctx.curveid; uint16_t p_align, k_align, m_align; uint16_t k_len = ecdsa->k.length; uint16_t order_len, prime_len; @@ -688,7 +689,7 @@ cpt_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, memcpy(dptr + o_offset, ec_grp[curveid].order.data, order_len); dptr += p_align; - memcpy(dptr + pk_offset, ecdsa->pkey.data, pkey_len); + memcpy(dptr + pk_offset, sess->ec_ctx.pkey.data, pkey_len); dptr += p_align; memcpy(dptr, ecdsa->message.data, message_len); @@ -735,14 +736,15 @@ static __rte_always_inline void cpt_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, struct asym_op_params *ecdsa_params, uint64_t fpm_table_iova, - uint8_t curveid) + struct cpt_asym_sess_misc *sess) { struct cpt_request_info *req = ecdsa_params->req; uint32_t message_len = ecdsa->message.length; phys_addr_t mphys = ecdsa_params->meta_buf; + uint16_t qx_len = sess->ec_ctx.q.x.length; + uint16_t qy_len = sess->ec_ctx.q.y.length; + uint8_t curveid = sess->ec_ctx.curveid; uint16_t o_offset, r_offset, s_offset; - uint16_t qx_len = ecdsa->q.x.length; - uint16_t qy_len = ecdsa->q.y.length; uint16_t r_len = ecdsa->r.length; uint16_t s_len = ecdsa->s.length; uint16_t order_len, prime_len; @@ -802,10 +804,10 @@ cpt_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, memcpy(dptr, ec_grp[curveid].prime.data, prime_len); dptr += p_align; - memcpy(dptr + qx_offset, ecdsa->q.x.data, qx_len); + memcpy(dptr + qx_offset, sess->ec_ctx.q.x.data, qx_len); dptr += p_align; - memcpy(dptr + qy_offset, ecdsa->q.y.data, qy_len); + memcpy(dptr + qy_offset, sess->ec_ctx.q.y.data, qy_len); dptr += p_align; memcpy(dptr, ec_grp[curveid].consta.data, prime_len); @@ -852,10 +854,10 @@ cpt_enqueue_ecdsa_op(struct rte_crypto_op *op, uint8_t curveid = sess->ec_ctx.curveid; if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_SIGN) - cpt_ecdsa_sign_prep(ecdsa, params, fpm_iova[curveid], curveid); + cpt_ecdsa_sign_prep(ecdsa, params, fpm_iova[curveid], sess); else if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) cpt_ecdsa_verify_prep(ecdsa, params, fpm_iova[curveid], - curveid); + sess); else { op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; return -EINVAL; diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h index 7ad259b7f4..8fdb45177b 100644 --- a/drivers/crypto/cnxk/cnxk_ae.h +++ b/drivers/crypto/cnxk/cnxk_ae.h @@ -198,6 +198,21 @@ cnxk_ae_fill_ec_params(struct cnxk_ae_sess *sess, return -EINVAL; } + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_ECPM) + return 0; + + ec->pkey.length = xform->ec.pkey.length; + if (xform->ec.pkey.length) + rte_memcpy(ec->pkey.data, xform->ec.pkey.data, xform->ec.pkey.length); + + ec->q.x.length = xform->ec.q.x.length; + if (xform->ec.q.x.length) + rte_memcpy(ec->q.x.data, xform->ec.q.x.data, xform->ec.q.x.length); + + ec->q.y.length = xform->ec.q.y.length; + if (xform->ec.q.y.length) + rte_memcpy(ec->q.y.data, xform->ec.q.y.data, xform->ec.q.y.length); + return 0; } @@ -502,10 +517,11 @@ static __rte_always_inline void cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, struct roc_ae_buf_ptr *meta_buf, uint64_t fpm_table_iova, struct roc_ae_ec_group *ec_grp, - uint8_t curveid, struct cpt_inst_s *inst) + struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) { uint16_t message_len = ecdsa->message.length; - uint16_t pkey_len = ecdsa->pkey.length; + uint16_t pkey_len = sess->ec_ctx.pkey.length; + uint8_t curveid = sess->ec_ctx.curveid; uint16_t p_align, k_align, m_align; uint16_t k_len = ecdsa->k.length; uint16_t order_len, prime_len; @@ -555,7 +571,7 @@ cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, memcpy(dptr + o_offset, ec_grp->order.data, order_len); dptr += p_align; - memcpy(dptr + pk_offset, ecdsa->pkey.data, pkey_len); + memcpy(dptr + pk_offset, sess->ec_ctx.pkey.data, pkey_len); dptr += p_align; memcpy(dptr, ecdsa->message.data, message_len); @@ -579,17 +595,99 @@ cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, inst->rptr = (uintptr_t)dptr; } +static __rte_always_inline void +cnxk_ae_sm2_sign_prep(struct rte_crypto_sm2_op_param *sm2, + struct roc_ae_buf_ptr *meta_buf, + uint64_t fpm_table_iova, struct roc_ae_ec_group *ec_grp, + struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) +{ + uint16_t message_len = sm2->message.length; + uint16_t pkey_len = sess->ec_ctx.pkey.length; + uint16_t p_align, k_align, m_align; + uint16_t k_len = sm2->k.length; + uint16_t order_len, prime_len; + uint16_t o_offset, pk_offset; + union cpt_inst_w4 w4; + uint16_t dlen; + uint8_t *dptr; + + prime_len = ec_grp->prime.length; + order_len = ec_grp->order.length; + + /* Truncate input length to curve prime length */ + if (message_len > prime_len) + message_len = prime_len; + m_align = RTE_ALIGN_CEIL(message_len, 8); + + p_align = RTE_ALIGN_CEIL(prime_len, 8); + k_align = RTE_ALIGN_CEIL(k_len, 8); + + /* Set write offset for order and private key */ + o_offset = prime_len - order_len; + pk_offset = p_align - pkey_len; + + /* Input buffer */ + dptr = meta_buf->vaddr; + inst->dptr = (uintptr_t)dptr; + + /* + * Set dlen = sum(sizeof(fpm address), ROUNDUP8(scalar len, input len), + * ROUNDUP8(priv key len, prime len, order len)). + * Please note, private key, order cannot exceed prime + * length i.e 3 * p_align. + */ + dlen = sizeof(fpm_table_iova) + k_align + m_align + p_align * 5; + + memset(dptr, 0, dlen); + + *(uint64_t *)dptr = fpm_table_iova; + dptr += sizeof(fpm_table_iova); + + rte_memcpy(dptr, sm2->k.data, k_len); + dptr += k_align; + + rte_memcpy(dptr, ec_grp->prime.data, prime_len); + dptr += p_align; + + rte_memcpy(dptr + o_offset, ec_grp->order.data, order_len); + dptr += p_align; + + rte_memcpy(dptr + pk_offset, sess->ec_ctx.pkey.data, pkey_len); + dptr += p_align; + + rte_memcpy(dptr, sm2->message.data, message_len); + dptr += m_align; + + rte_memcpy(dptr, ec_grp->consta.data, prime_len); + dptr += p_align; + + rte_memcpy(dptr, ec_grp->constb.data, prime_len); + dptr += p_align; + + /* Setup opcodes */ + w4.s.opcode_major = ROC_AE_MAJOR_OP_ECDSA; + w4.s.opcode_minor = ROC_AE_MINOR_OP_ECDSA_SIGN; + + w4.s.param1 = 2 | 1 << 7 | 1 << 6 | (message_len << 8); + w4.s.param2 = (p_align << 8) | k_len; + w4.s.dlen = dlen; + + inst->w4.u64 = w4.u64; + inst->rptr = (uintptr_t)dptr; +} + static __rte_always_inline void cnxk_ae_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, struct roc_ae_buf_ptr *meta_buf, uint64_t fpm_table_iova, - struct roc_ae_ec_group *ec_grp, uint8_t curveid, + struct roc_ae_ec_group *ec_grp, struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) { uint32_t message_len = ecdsa->message.length; + uint16_t qx_len = sess->ec_ctx.q.x.length; + uint16_t qy_len = sess->ec_ctx.q.y.length; + uint8_t curveid = sess->ec_ctx.curveid; uint16_t o_offset, r_offset, s_offset; - uint16_t qx_len = ecdsa->q.x.length; - uint16_t qy_len = ecdsa->q.y.length; uint16_t r_len = ecdsa->r.length; uint16_t s_len = ecdsa->s.length; uint16_t order_len, prime_len; @@ -649,10 +747,10 @@ cnxk_ae_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, memcpy(dptr, ec_grp->prime.data, prime_len); dptr += p_align; - memcpy(dptr + qx_offset, ecdsa->q.x.data, qx_len); + memcpy(dptr + qx_offset, sess->ec_ctx.q.x.data, qx_len); dptr += p_align; - memcpy(dptr + qy_offset, ecdsa->q.y.data, qy_len); + memcpy(dptr + qy_offset, sess->ec_ctx.q.y.data, qy_len); dptr += p_align; memcpy(dptr, ec_grp->consta.data, prime_len); @@ -673,6 +771,100 @@ cnxk_ae_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, inst->rptr = (uintptr_t)dptr; } +static __rte_always_inline void +cnxk_ae_sm2_verify_prep(struct rte_crypto_sm2_op_param *sm2, + struct roc_ae_buf_ptr *meta_buf, + uint64_t fpm_table_iova, + struct roc_ae_ec_group *ec_grp, struct cnxk_ae_sess *sess, + struct cpt_inst_s *inst) +{ + uint32_t message_len = sm2->message.length; + uint16_t o_offset, r_offset, s_offset; + uint16_t qx_len = sess->ec_ctx.q.x.length; + uint16_t qy_len = sess->ec_ctx.q.y.length; + uint16_t r_len = sm2->r.length; + uint16_t s_len = sm2->s.length; + uint16_t order_len, prime_len; + uint16_t qx_offset, qy_offset; + uint16_t p_align, m_align; + union cpt_inst_w4 w4; + uint16_t dlen; + uint8_t *dptr; + + prime_len = ec_grp->prime.length; + order_len = ec_grp->order.length; + + /* Truncate input length to curve prime length */ + if (message_len > prime_len) + message_len = prime_len; + + m_align = RTE_ALIGN_CEIL(message_len, 8); + p_align = RTE_ALIGN_CEIL(prime_len, 8); + + /* Set write offset for sign, order and public key coordinates */ + o_offset = prime_len - order_len; + qx_offset = prime_len - qx_len; + qy_offset = prime_len - qy_len; + r_offset = prime_len - r_len; + s_offset = prime_len - s_len; + + /* Input buffer */ + dptr = meta_buf->vaddr; + inst->dptr = (uintptr_t)dptr; + + /* + * Set dlen = sum(sizeof(fpm address), ROUNDUP8(message len), + * ROUNDUP8(sign len(r and s), public key len(x and y coordinates), + * prime len, order len)). + * Please note sign, public key and order can not exceed prime length + * i.e. 6 * p_align + */ + dlen = sizeof(fpm_table_iova) + m_align + (8 * p_align); + + memset(dptr, 0, dlen); + + *(uint64_t *)dptr = fpm_table_iova; + dptr += sizeof(fpm_table_iova); + + rte_memcpy(dptr + r_offset, sm2->r.data, r_len); + dptr += p_align; + + rte_memcpy(dptr + s_offset, sm2->s.data, s_len); + dptr += p_align; + + rte_memcpy(dptr, sm2->message.data, message_len); + dptr += m_align; + + rte_memcpy(dptr + o_offset, ec_grp->order.data, order_len); + dptr += p_align; + + rte_memcpy(dptr, ec_grp->prime.data, prime_len); + dptr += p_align; + + rte_memcpy(dptr + qx_offset, sess->ec_ctx.q.x.data, qx_len); + dptr += p_align; + + rte_memcpy(dptr + qy_offset, sess->ec_ctx.q.y.data, qy_len); + dptr += p_align; + + rte_memcpy(dptr, ec_grp->consta.data, prime_len); + dptr += p_align; + + rte_memcpy(dptr, ec_grp->constb.data, prime_len); + dptr += p_align; + + /* Setup opcodes */ + w4.s.opcode_major = ROC_AE_MAJOR_OP_ECDSA; + w4.s.opcode_minor = ROC_AE_MINOR_OP_ECDSA_VERIFY; + + w4.s.param1 = 2 | 1 << 7 | 1 << 6 | (message_len << 8); + w4.s.param2 = 0; + w4.s.dlen = dlen; + + inst->w4.u64 = w4.u64; + inst->rptr = (uintptr_t)dptr; +} + static __rte_always_inline int __rte_hot cnxk_ae_enqueue_ecdsa_op(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf, @@ -685,10 +877,33 @@ cnxk_ae_enqueue_ecdsa_op(struct rte_crypto_op *op, if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_SIGN) cnxk_ae_ecdsa_sign_prep(ecdsa, meta_buf, fpm_iova[curveid], - ec_grp[curveid], curveid, inst); + ec_grp[curveid], sess, inst); else if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) cnxk_ae_ecdsa_verify_prep(ecdsa, meta_buf, fpm_iova[curveid], - ec_grp[curveid], curveid, inst); + ec_grp[curveid], sess, inst); + else { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + return -EINVAL; + } + return 0; +} + +static __rte_always_inline int __rte_hot +cnxk_ae_enqueue_sm2_op(struct rte_crypto_op *op, + struct roc_ae_buf_ptr *meta_buf, + struct cnxk_ae_sess *sess, uint64_t *fpm_iova, + struct roc_ae_ec_group **ec_grp, + struct cpt_inst_s *inst) +{ + struct rte_crypto_sm2_op_param *sm2 = &op->asym->sm2; + uint8_t curveid = sess->ec_ctx.curveid; + + if (sm2->op_type == RTE_CRYPTO_ASYM_OP_SIGN) + cnxk_ae_sm2_sign_prep(sm2, meta_buf, fpm_iova[curveid], + ec_grp[curveid], sess, inst); + else if (sm2->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) + cnxk_ae_sm2_verify_prep(sm2, meta_buf, fpm_iova[curveid], + ec_grp[curveid], sess, inst); else { op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; return -EINVAL; diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index 5e8624cebe..c234882417 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -2673,12 +2673,8 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop, { EVP_PKEY_CTX *kctx = NULL, *sctx = NULL, *cctx = NULL; struct rte_crypto_asym_op *op = cop->asym; - OSSL_PARAM_BLD *param_bld = NULL; - OSSL_PARAM *params = NULL; + OSSL_PARAM *params = sess->u.sm2.params; EVP_PKEY *pkey = NULL; - BIGNUM *pkey_bn = NULL; - uint8_t pubkey[64]; - size_t len = 0; int ret = -1; cop->status = RTE_CRYPTO_OP_STATUS_ERROR; @@ -2686,50 +2682,6 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop, if (cop->asym->sm2.k.data != NULL) goto err_sm2; - param_bld = OSSL_PARAM_BLD_new(); - if (!param_bld) { - OPENSSL_LOG(ERR, "failed to allocate params\n"); - goto err_sm2; - } - - ret = OSSL_PARAM_BLD_push_utf8_string(param_bld, - OSSL_PKEY_PARAM_GROUP_NAME, "SM2", 0); - if (!ret) { - OPENSSL_LOG(ERR, "failed to push params\n"); - goto err_sm2; - } - - pkey_bn = BN_bin2bn((const unsigned char *)op->sm2.pkey.data, - op->sm2.pkey.length, pkey_bn); - - memset(pubkey, 0, RTE_DIM(pubkey)); - pubkey[0] = 0x04; - len += 1; - memcpy(&pubkey[len], op->sm2.q.x.data, op->sm2.q.x.length); - len += op->sm2.q.x.length; - memcpy(&pubkey[len], op->sm2.q.y.data, op->sm2.q.y.length); - len += op->sm2.q.y.length; - - ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_PRIV_KEY, - pkey_bn); - if (!ret) { - OPENSSL_LOG(ERR, "failed to push params\n"); - goto err_sm2; - } - - ret = OSSL_PARAM_BLD_push_octet_string(param_bld, - OSSL_PKEY_PARAM_PUB_KEY, pubkey, len); - if (!ret) { - OPENSSL_LOG(ERR, "failed to push params\n"); - goto err_sm2; - } - - params = OSSL_PARAM_BLD_to_param(param_bld); - if (!params) { - OPENSSL_LOG(ERR, "failed to push params\n"); - goto err_sm2; - } - switch (op->sm2.op_type) { case RTE_CRYPTO_ASYM_OP_ENCRYPT: { @@ -2940,9 +2892,6 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop, if (pkey) EVP_PKEY_free(pkey); - if (param_bld) - OSSL_PARAM_BLD_free(param_bld); - return ret; } diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 2eb450fcfd..2a307aa839 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -1302,11 +1302,11 @@ static int openssl_set_asym_session_parameters( #ifndef OPENSSL_NO_SM2 OSSL_PARAM_BLD *param_bld = NULL; OSSL_PARAM *params = NULL; + BIGNUM *pkey_bn = NULL; + uint8_t pubkey[64]; + size_t len = 0; int ret = -1; - if (xform->sm2.hash != RTE_CRYPTO_AUTH_SM3) - return -1; - param_bld = OSSL_PARAM_BLD_new(); if (!param_bld) { OPENSSL_LOG(ERR, "failed to allocate params\n"); @@ -1320,6 +1320,38 @@ static int openssl_set_asym_session_parameters( goto err_sm2; } + ret = OSSL_PARAM_BLD_push_utf8_string(param_bld, + OSSL_PKEY_PARAM_GROUP_NAME, "SM2", 0); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_sm2; + } + + pkey_bn = BN_bin2bn((const unsigned char *)xform->ec.pkey.data, + xform->ec.pkey.length, pkey_bn); + + ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_PRIV_KEY, + pkey_bn); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_sm2; + } + + memset(pubkey, 0, sizeof(pubkey)); + pubkey[0] = 0x04; + len += 1; + memcpy(&pubkey[len], xform->ec.q.x.data, xform->ec.q.x.length); + len += xform->ec.q.x.length; + memcpy(&pubkey[len], xform->ec.q.y.data, xform->ec.q.y.length); + len += xform->ec.q.y.length; + + ret = OSSL_PARAM_BLD_push_octet_string(param_bld, + OSSL_PKEY_PARAM_PUB_KEY, pubkey, len); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_sm2; + } + params = OSSL_PARAM_BLD_to_param(param_bld); if (!params) { OPENSSL_LOG(ERR, "failed to push params\n"); diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 7abd513423..0f196ace30 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -593,7 +593,7 @@ ecdsa_set_input(struct icp_qat_fw_pke_request *qat_req, qat_func_alignsize = RTE_ALIGN_CEIL(qat_function.bytesize, 8); - SET_PKE_9A_IN(asym_op->ecdsa.pkey, 0); + SET_PKE_9A_IN(xform->ec.pkey, 0); SET_PKE_9A_IN(asym_op->ecdsa.message, 1); SET_PKE_9A_IN(asym_op->ecdsa.k, 2); SET_PKE_9A_EC(curve[curve_id], b, 3); @@ -635,8 +635,8 @@ ecdsa_set_input(struct icp_qat_fw_pke_request *qat_req, SET_PKE_9A_EC(curve[curve_id], n, 7); SET_PKE_9A_EC(curve[curve_id], x, 6); SET_PKE_9A_EC(curve[curve_id], y, 5); - SET_PKE_9A_IN(asym_op->ecdsa.q.x, 4); - SET_PKE_9A_IN(asym_op->ecdsa.q.y, 3); + SET_PKE_9A_IN(xform->ec.q.x, 4); + SET_PKE_9A_IN(xform->ec.q.y, 3); SET_PKE_9A_EC(curve[curve_id], a, 2); SET_PKE_9A_EC(curve[curve_id], b, 1); SET_PKE_9A_EC(curve[curve_id], p, 0); diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index fed5596f36..7ae2c6c007 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1006,8 +1006,6 @@ prepare_ecdsa_op(void) asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN; asym->ecdsa.message.data = msg.val; asym->ecdsa.message.length = msg.len; - asym->ecdsa.pkey.data = vec.ecdsa.pkey.val; - asym->ecdsa.pkey.length = vec.ecdsa.pkey.len; asym->ecdsa.k.data = vec.ecdsa.k.val; asym->ecdsa.k.length = vec.ecdsa.k.len; @@ -1029,10 +1027,6 @@ prepare_ecdsa_op(void) asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; asym->ecdsa.message.data = msg.val; asym->ecdsa.message.length = msg.len; - asym->ecdsa.q.x.data = vec.ecdsa.qx.val; - asym->ecdsa.q.x.length = vec.ecdsa.qx.len; - asym->ecdsa.q.y.data = vec.ecdsa.qy.val; - asym->ecdsa.q.y.length = vec.ecdsa.qy.len; asym->ecdsa.r.data = vec.ecdsa.r.val; asym->ecdsa.r.length = vec.ecdsa.r.len; asym->ecdsa.s.data = vec.ecdsa.s.val; @@ -1570,6 +1564,9 @@ prepare_ecdsa_xform(struct rte_crypto_asym_xform *xform) info.device_name, RTE_CRYPTO_ASYM_OP_SIGN); return -EPERM; } + + xform->ec.pkey.data = vec.ecdsa.pkey.val; + xform->ec.pkey.length = vec.ecdsa.pkey.len; break; case FIPS_TEST_ASYM_SIGVER: if (!rte_cryptodev_asym_xform_capability_check_optype(cap, @@ -1578,6 +1575,11 @@ prepare_ecdsa_xform(struct rte_crypto_asym_xform *xform) info.device_name, RTE_CRYPTO_ASYM_OP_VERIFY); return -EPERM; } + + xform->ec.q.x.data = vec.ecdsa.qx.val; + xform->ec.q.x.length = vec.ecdsa.qx.len; + xform->ec.q.y.data = vec.ecdsa.qy.val; + xform->ec.q.y.length = vec.ecdsa.qy.len; break; default: break; diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index cbcfe1dc26..b72876240c 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -376,16 +376,12 @@ struct rte_crypto_dsa_xform { struct rte_crypto_ec_xform { enum rte_crypto_curve_id curve_id; /**< Pre-defined ec groups */ -}; -/** - * Asymmetric SM2 transform data. - * - * Structure describing SM2 xform params. - */ -struct rte_crypto_sm2_xform { - enum rte_crypto_auth_algorithm hash; - /**< Hash algorithm used in SM2 op. */ + rte_crypto_uint pkey; + /**< Private key */ + + struct rte_crypto_ec_point q; + /**< Public key */ }; /** @@ -571,11 +567,8 @@ struct rte_crypto_ecdsa_op_param { enum rte_crypto_asym_op_type op_type; /**< Signature generation or verification */ - rte_crypto_uint pkey; - /**< Private key of the signer for signature generation */ - - struct rte_crypto_ec_point q; - /**< Public key of the signer for verification */ + enum rte_crypto_auth_algorithm hash; + /**< Hash algorithm used in EC op. */ rte_crypto_param message; /**< Input message digest to be signed or verified */ @@ -657,11 +650,8 @@ struct rte_crypto_sm2_op_param { enum rte_crypto_asym_op_type op_type; /**< Signature generation or verification. */ - rte_crypto_uint pkey; - /**< Private key for encryption or sign generation. */ - - struct rte_crypto_ec_point q; - /**< Public key for decryption or verification. */ + enum rte_crypto_auth_algorithm hash; + /**< Hash algorithm used in EC op. */ rte_crypto_param message; /**< From patchwork Wed Sep 27 11:37:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 131995 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 8912A42651; Wed, 27 Sep 2023 13:38:07 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id C998C406A2; Wed, 27 Sep 2023 13:37:56 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 1AAE04069D for ; Wed, 27 Sep 2023 13:37:54 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38R1PYLx029393; Wed, 27 Sep 2023 04:37:54 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=i140MQNnIALIVG6acuv9Diesc+tb9G2oHLYzGSGBxE8=; b=DjErrrEbf03bHSfNSeDQXRdED+8N3XXKg1Uqtr+Noiiwg6BM0wACaQ377CWKpzJDLKnh jlaw6jLTV59kyNyw2EpP9etY+xlnX1Ul52oiTIs2mVgl6HFQk3h3xxI0dhIeylT/hU5Y T6FaFm8Y9vQ7tEe2NUzBN43/uLSh+oI3hUIcQ2TfCtzncYiBZw75WXjXByet7qGg9KPV NekOlSU5uby4qMhLgcgAKqr0cRAkhM8aLMj1xDlQziFfgLsn+nDo4//Qgl4D1UDeLWh/ 9oKqil2QI4WFVw+bZKaFogaHGnG6k7F5qMZ/jZYmt4sPAvVZr85M3WP0XRuOsv5LLJMg 6A== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3t9yhm68dr-4 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 27 Sep 2023 04:37:54 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 27 Sep 2023 04:37:53 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 27 Sep 2023 04:37:53 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 8BA783F7090; Wed, 27 Sep 2023 04:37:50 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Gowrishankar Muthukrishnan Subject: [PATCH v2 3/7] cryptodev: add RNG capability in EC based xform Date: Wed, 27 Sep 2023 17:07:30 +0530 Message-ID: <20230927113734.1244-4-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20230927113734.1244-1-gmuthukrishn@marvell.com> References: <20230927113734.1244-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: CcblQbRfw_b8pbvr_IEY-bKQnu9qJBf8 X-Proofpoint-ORIG-GUID: CcblQbRfw_b8pbvr_IEY-bKQnu9qJBf8 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-27_06,2023-09-27_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Elliptic curve based asymmetric operations use cryptographically secure random number in its computation. If PMD supports RNG for such ops, the application could skip computing on its own. This patch adds new field in asymmetric capability to declare this capability. Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 2 ++ lib/cryptodev/rte_cryptodev.h | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 2a307aa839..e361b4ae14 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -603,6 +603,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { (1 << RTE_CRYPTO_ASYM_OP_VERIFY) | (1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) | (1 << RTE_CRYPTO_ASYM_OP_DECRYPT)), + {.internal_rng = 1 + } } } } diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h index 9246df90ef..0d2d9ef8c3 100644 --- a/lib/cryptodev/rte_cryptodev.h +++ b/lib/cryptodev/rte_cryptodev.h @@ -181,6 +181,12 @@ struct rte_cryptodev_asymmetric_xform_capability { /**< Range of modulus length supported by modulus based xform. * Value 0 mean implementation default */ + + uint8_t internal_rng; + /**< Availability of random number generator for Elliptic curve based xform. + * Value 0 means unavailable, and application should pass the required + * random value. Otherwise, PMD would internally compute the random number. + */ }; }; From patchwork Wed Sep 27 11:37:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 131996 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id B12C042651; Wed, 27 Sep 2023 13:38:17 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6A47D40A77; Wed, 27 Sep 2023 13:37:59 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id A2CCA40A73 for ; Wed, 27 Sep 2023 13:37:58 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38R234UG025033; Wed, 27 Sep 2023 04:37:57 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=k/rARYMTcrSZHu5hhWxDjS7GBfflAugQMRW2N34SbSc=; b=Bfh+kr526IbUAbbKh9X7PxtIwhY7uLhVRuk92woX0yrWyy9MxW0WEbLt0Bkoh44vuYGk CvCSGE1Gax+vo8vBdwOIyKR36P+9HHwhL9PXvNzBtw/tkYV9JxhEjKeJyfr9E6OxkZyq mbC8inFDtw+d2ELYJWfJyH3hIwSOOTMpVcqurqeQtlaMgDXO6ISOJ3+q9j37kXflxeaN amBEhc8yXLp/jTt9JCWwRC4/SNhXmlbaRG02b4eURJm7mkWwkiQEwhMs1UHuB1heDWjU bexRZdcthvrpYW/OFJTdljSra1Hig2mN1qvKIP7vv/QHIr06x45M0jMA/lcdhNzxgps7 KA== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3tbw5gnv94-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 27 Sep 2023 04:37:57 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 27 Sep 2023 04:37:55 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 27 Sep 2023 04:37:55 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 84D643F709D; Wed, 27 Sep 2023 04:37:53 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Gowrishankar Muthukrishnan Subject: [PATCH v2 4/7] cryptodev: add hash algorithms in asymmetric capability Date: Wed, 27 Sep 2023 17:07:31 +0530 Message-ID: <20230927113734.1244-5-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20230927113734.1244-1-gmuthukrishn@marvell.com> References: <20230927113734.1244-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: 7qvG0R2GlggPRAvuWtUjbv1-VrSxbR89 X-Proofpoint-ORIG-GUID: 7qvG0R2GlggPRAvuWtUjbv1-VrSxbR89 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-27_06,2023-09-27_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Most of the asymmetric operations start with hash of the input. But a PMD might also support only plain input (eg openssl). Add a new field in asymmetric capability to declare support for hash operations that PMD can support for the asymmetric operations. Application can skip computing hash if PMD already supports it. Signed-off-by: Gowrishankar Muthukrishnan --- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 1 + lib/cryptodev/cryptodev_trace.h | 9 +++++++++ lib/cryptodev/cryptodev_trace_points.c | 3 +++ lib/cryptodev/rte_cryptodev.c | 16 ++++++++++++++++ lib/cryptodev/rte_cryptodev.h | 19 +++++++++++++++++++ lib/cryptodev/version.map | 1 + 6 files changed, 49 insertions(+) diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index e361b4ae14..2862c294a9 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -598,6 +598,7 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { {.asym = { .xform_capa = { .xform_type = RTE_CRYPTO_ASYM_XFORM_SM2, + .hash_algos = (1 << RTE_CRYPTO_AUTH_SM3), .op_types = ((1<hash_algos & (1 << hash)) + ret = true; + + rte_cryptodev_trace_asym_xform_capability_check_hash( + capability->hash_algos, hash, ret); + + return ret; +} + /* spinlock for crypto device enq callbacks */ static rte_spinlock_t rte_cryptodev_callback_lock = RTE_SPINLOCK_INITIALIZER; diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h index 0d2d9ef8c3..9f36e0323d 100644 --- a/lib/cryptodev/rte_cryptodev.h +++ b/lib/cryptodev/rte_cryptodev.h @@ -188,6 +188,9 @@ struct rte_cryptodev_asymmetric_xform_capability { * random value. Otherwise, PMD would internally compute the random number. */ }; + + uint64_t hash_algos; + /**< Bitmask of hash algorithms supported for op_type. */ }; /** @@ -346,6 +349,22 @@ rte_cryptodev_asym_xform_capability_check_modlen( const struct rte_cryptodev_asymmetric_xform_capability *capability, uint16_t modlen); +/** + * Check if hash algorithm is supported. + * + * @param capability Asymmetric crypto capability. + * @param hash Hash algorithm. + * + * @return + * - Return true if the hash algorithm is supported. + * - Return false if the hash algorithm is not supported. + */ +__rte_experimental +bool +rte_cryptodev_asym_xform_capability_check_hash( + const struct rte_cryptodev_asymmetric_xform_capability *capability, + enum rte_crypto_auth_algorithm hash); + /** * Provide the cipher algorithm enum, given an algorithm string * diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map index ae8d9327b4..3c2d1780e0 100644 --- a/lib/cryptodev/version.map +++ b/lib/cryptodev/version.map @@ -54,6 +54,7 @@ EXPERIMENTAL { rte_cryptodev_asym_get_xform_enum; rte_cryptodev_asym_session_create; rte_cryptodev_asym_session_free; + rte_cryptodev_asym_xform_capability_check_hash; rte_cryptodev_asym_xform_capability_check_modlen; rte_cryptodev_asym_xform_capability_check_optype; rte_cryptodev_sym_cpu_crypto_process; From patchwork Wed Sep 27 11:37:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 131997 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A37D242651; Wed, 27 Sep 2023 13:38:24 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A9D4040685; Wed, 27 Sep 2023 13:38:03 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id ED0F1402E9 for ; Wed, 27 Sep 2023 13:38:01 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38R0pVQR029266; Wed, 27 Sep 2023 04:38:01 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=b0bUo8oraOtaOvVbcDWXX81P61D1uxvOjwIoNRtPu1M=; b=KxUQZC6Tt+FfIDEh80eDV9c/ISmxRr9rbyYLdqvwnwKEtd85T7l0SHsOOXs7aNHCcLLz DSb7Ab3y4USePw8/tDN7yV3yF7VsUe34CitKcAK9BYIaEkDSuEpvWOMzvh7D7hiDk8yp KMq8K3hB0xR2D5tAGAlwfu8pAb4JmcSJCBS6C0LMbDeB0ljJyUwjwnWghD4sNinXndw9 pXlcR79D8IHJ8hJVKQr8dLC/GaReO8BMpfO5MKF0KVblffkhIShshzmNghxyKigt0wux OzrGd4K97r+PTj82rIOVgzufTyRjDHvR5TAxut+3W6himQk0gy2vYvLV4Ggi6Tcacb/o kw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3t9yhm68ee-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 27 Sep 2023 04:38:01 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 27 Sep 2023 04:37:59 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 27 Sep 2023 04:37:59 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 9F7963F7090; Wed, 27 Sep 2023 04:37:56 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Gowrishankar Muthukrishnan Subject: [PATCH v2 5/7] cryptodev: use generic EC xform params for SM2 Date: Wed, 27 Sep 2023 17:07:32 +0530 Message-ID: <20230927113734.1244-6-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20230927113734.1244-1-gmuthukrishn@marvell.com> References: <20230927113734.1244-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: UIJMEjtql92Uv_VQtxz2Bt5ok0FDNzs- X-Proofpoint-ORIG-GUID: UIJMEjtql92Uv_VQtxz2Bt5ok0FDNzs- X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-27_06,2023-09-27_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org SM2 curve could use generic EC xform as it is yet another EC. This would also require SM2 curve ID enumerated along with other curves, as listed in: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- app/test/test_cryptodev_sm2_test_vectors.h | 4 +++- doc/guides/rel_notes/release_23_11.rst | 2 ++ lib/cryptodev/rte_crypto_asym.h | 6 ++---- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h index 7a4ce70c10..3d2dba1359 100644 --- a/app/test/test_cryptodev_sm2_test_vectors.h +++ b/app/test/test_cryptodev_sm2_test_vectors.h @@ -17,6 +17,7 @@ struct crypto_testsuite_sm2_params { rte_crypto_param id; rte_crypto_param cipher; rte_crypto_param message; + int curve; }; static uint8_t fp256_pkey[] = { @@ -123,7 +124,8 @@ struct crypto_testsuite_sm2_params sm2_param_fp256 = { .cipher = { .data = fp256_cipher, .length = sizeof(fp256_cipher), - } + }, + .curve = RTE_CRYPTO_EC_GROUP_SM2 }; #endif /* __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__ */ diff --git a/doc/guides/rel_notes/release_23_11.rst b/doc/guides/rel_notes/release_23_11.rst index 9746809a66..e9afae8030 100644 --- a/doc/guides/rel_notes/release_23_11.rst +++ b/doc/guides/rel_notes/release_23_11.rst @@ -97,6 +97,8 @@ Removed Items * kni: Removed the Kernel Network Interface (KNI) library and driver. +* crypto: Removed SM2 xform parameter in asymmetric xform. + API Changes ----------- diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index b72876240c..d75ef90b86 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -69,7 +69,8 @@ enum rte_crypto_curve_id { RTE_CRYPTO_EC_GROUP_SECP224R1 = 21, RTE_CRYPTO_EC_GROUP_SECP256R1 = 23, RTE_CRYPTO_EC_GROUP_SECP384R1 = 24, - RTE_CRYPTO_EC_GROUP_SECP521R1 = 25 + RTE_CRYPTO_EC_GROUP_SECP521R1 = 25, + RTE_CRYPTO_EC_GROUP_SM2 = 41, }; /** @@ -637,9 +638,6 @@ struct rte_crypto_asym_xform { /**< EC xform parameters, used by elliptic curve based * operations. */ - - struct rte_crypto_sm2_xform sm2; - /**< SM2 xform parameters */ }; }; From patchwork Wed Sep 27 11:37:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 131998 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 4437842651; Wed, 27 Sep 2023 13:38:31 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DBA34406BC; Wed, 27 Sep 2023 13:38:06 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 1049640A81 for ; Wed, 27 Sep 2023 13:38:04 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38R13vuv029222; Wed, 27 Sep 2023 04:38:04 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=pQ+irXWvP/Ycq3/2rycdbI/Wk+kxRhhYQFw/xPWYWUs=; b=ZX49L+ytAp+SKMpf2TwpNnDLpwdz/8ToZ+Kc2ebYQMfgSj6TIop5cmkgH/cVzLHfShqS D721bI0CiGHjDJn1hWrW5jJAv82x5ru82MHdli4A1MDYZdpCu4Zk7cH9rmHlG3WR48oj sBUyXV31iSej7Zs422jFlnH+4C4go3YNdvFTdJJtQRVqwGnv7DZ7pCQFnTZS2VfiLzbC 1vVR+5EyuJytExKr6UoWDAzQHFwABoG1GYpgj7MrJ3Mhs7zILWVU83K9nafJBJLGnhdC ErbKiDH5Dmpfjwi+oK7qltKGIRoaoVKzXt99uP+vUhPTgeVqRBWfz0aL3DMrFgdDww5B iQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3t9yhm68ex-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 27 Sep 2023 04:38:04 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 27 Sep 2023 04:38:02 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 27 Sep 2023 04:38:02 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id A014F3F709D; Wed, 27 Sep 2023 04:37:59 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Gowrishankar Muthukrishnan Subject: [PATCH v2 6/7] app/test: check asymmetric capabilities in SM2 test Date: Wed, 27 Sep 2023 17:07:33 +0530 Message-ID: <20230927113734.1244-7-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20230927113734.1244-1-gmuthukrishn@marvell.com> References: <20230927113734.1244-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: UcDj5y-NwOIUaY7uvi0f1zGIe-cWFaD3 X-Proofpoint-ORIG-GUID: UcDj5y-NwOIUaY7uvi0f1zGIe-cWFaD3 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-27_06,2023-09-27_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Check asymmetric capabilities such as SM3 hash support and internal RNG and accordingly choose op params for SM2 test. Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- app/test/test_cryptodev_asym.c | 78 ++++++++++++---------- app/test/test_cryptodev_sm2_test_vectors.h | 28 +++++--- 2 files changed, 64 insertions(+), 42 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 0e7a9b5460..bce6b0a9dd 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -608,6 +608,7 @@ static inline void print_asym_capa( break; case RTE_CRYPTO_ASYM_XFORM_ECDSA: case RTE_CRYPTO_ASYM_XFORM_ECPM: + case RTE_CRYPTO_ASYM_XFORM_SM2: default: break; } @@ -1806,12 +1807,14 @@ test_ecpm_all_curve(void) } static int -_test_sm2_sign(bool rnd_secret) +test_sm2_sign(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_r[TEST_DATA_SIZE]; @@ -1822,6 +1825,12 @@ _test_sm2_sign(bool rnd_secret) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -1879,7 +1888,7 @@ _test_sm2_sign(bool rnd_secret) asym_op->sm2.id.length = 0; } - if (rnd_secret) { + if (capa->internal_rng != 0) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; } else { @@ -1928,7 +1937,7 @@ _test_sm2_sign(bool rnd_secret) debug_hexdump(stdout, "s:", asym_op->sm2.s.data, asym_op->sm2.s.length); - if (!rnd_secret) { + if (capa->internal_rng == 0) { /* Verify sign (by comparison). */ if (memcmp(input_params.sign_r.data, asym_op->sm2.r.data, asym_op->sm2.r.length) != 0) { @@ -1989,25 +1998,15 @@ _test_sm2_sign(bool rnd_secret) return status; }; -static int -test_sm2_sign_rnd_secret(void) -{ - return _test_sm2_sign(true); -} - -__rte_used static int -test_sm2_sign_plain_secret(void) -{ - return _test_sm2_sign(false); -} - static int test_sm2_verify(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; struct rte_crypto_asym_xform xform; @@ -2016,6 +2015,12 @@ test_sm2_verify(void) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2056,6 +2061,7 @@ test_sm2_verify(void) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; else @@ -2077,8 +2083,6 @@ test_sm2_verify(void) asym_op->sm2.r.length = input_params.sign_r.length; asym_op->sm2.s.data = input_params.sign_s.data; asym_op->sm2.s.length = input_params.sign_s.length; - asym_op->sm2.id.data = input_params.id.data; - asym_op->sm2.id.length = input_params.id.length; RTE_LOG(DEBUG, USER1, "Process ASYM operation\n"); @@ -2118,13 +2122,15 @@ test_sm2_verify(void) }; static int -_test_sm2_enc(bool rnd_secret) +test_sm2_enc(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; struct rte_crypto_asym_xform xform; @@ -2133,6 +2139,12 @@ _test_sm2_enc(bool rnd_secret) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2180,7 +2192,7 @@ _test_sm2_enc(bool rnd_secret) asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; - if (rnd_secret) { + if (capa->internal_rng != 0) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; } else { @@ -2226,7 +2238,7 @@ _test_sm2_enc(bool rnd_secret) debug_hexdump(stdout, "cipher:", asym_op->sm2.cipher.data, asym_op->sm2.cipher.length); - if (!rnd_secret) { + if (capa->internal_rng == 0) { if (memcmp(input_params.cipher.data, asym_op->sm2.cipher.data, asym_op->sm2.cipher.length) != 0) { status = TEST_FAILED; @@ -2290,25 +2302,15 @@ _test_sm2_enc(bool rnd_secret) return status; }; -static int -test_sm2_enc_rnd_secret(void) -{ - return _test_sm2_enc(true); -} - -__rte_used static int -test_sm2_enc_plain_secret(void) -{ - return _test_sm2_enc(false); -} - static int test_sm2_dec(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_m[TEST_DATA_SIZE]; @@ -2318,6 +2320,12 @@ test_sm2_dec(void) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2724,9 +2732,9 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = { TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dh_keygenration), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign_rnd_secret), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc_rnd_secret), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_dec), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, @@ -2790,6 +2798,8 @@ static struct unit_test_suite cryptodev_octeontx_asym_testsuite = { TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_exp), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_ecdsa_sign_verify_all_curve), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_ecpm_all_curve), TEST_CASES_END() /**< NULL terminate unit test array */ diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h index 3d2dba1359..41f5f7074a 100644 --- a/app/test/test_cryptodev_sm2_test_vectors.h +++ b/app/test/test_cryptodev_sm2_test_vectors.h @@ -17,6 +17,7 @@ struct crypto_testsuite_sm2_params { rte_crypto_param id; rte_crypto_param cipher; rte_crypto_param message; + rte_crypto_param digest; int curve; }; @@ -46,17 +47,17 @@ static uint8_t fp256_k[] = { }; static uint8_t fp256_sign_r[] = { - 0xf3, 0x26, 0x10, 0xde, 0xfb, 0xbf, 0x13, 0xd4, - 0x73, 0xb1, 0xc2, 0x80, 0x51, 0x06, 0x29, 0xf9, - 0xfb, 0xc8, 0x11, 0xa7, 0x8d, 0x2c, 0xcb, 0x09, - 0x7c, 0xb2, 0xcf, 0x58, 0x0b, 0x5e, 0x25, 0xff + 0x75, 0x2B, 0x8C, 0x15, 0x38, 0x10, 0xF6, 0xC0, + 0x28, 0xC9, 0x8A, 0x51, 0xD0, 0x62, 0x69, 0x4B, + 0xF6, 0x58, 0x06, 0xEB, 0xF1, 0x91, 0x1F, 0x15, + 0x8B, 0x08, 0x09, 0xF9, 0x88, 0x0A, 0x44, 0x24 }; static uint8_t fp256_sign_s[] = { - 0x8d, 0x8d, 0xb5, 0x40, 0xe3, 0xfb, 0x98, 0xf9, - 0x8c, 0xe4, 0x58, 0x60, 0xf2, 0x78, 0x8f, 0xd9, - 0xbf, 0xb8, 0x47, 0x73, 0x88, 0xc1, 0xd1, 0xcd, - 0x2d, 0xdb, 0xe3, 0xc1, 0x44, 0x30, 0x25, 0x86 + 0x5A, 0x3C, 0x96, 0x3E, 0x1C, 0xB4, 0x19, 0xF9, + 0xD7, 0x78, 0xB8, 0xCE, 0xFF, 0x9D, 0xB1, 0x31, + 0x77, 0xDB, 0xA0, 0xFE, 0x84, 0x61, 0x1A, 0xD9, + 0x4E, 0xFF, 0x82, 0x13, 0x1C, 0xCA, 0x04, 0x75, }; static uint8_t fp256_id[] = { @@ -68,6 +69,13 @@ static uint8_t fp256_message[] = { 0x64, 0x69, 0x67, 0x65, 0x73, 0x74 }; +static uint8_t fp256_digest[] = { + 0x0F, 0xB5, 0xCE, 0xF3, 0x3C, 0xB7, 0xD1, 0x35, + 0xA9, 0x3A, 0xC7, 0xA7, 0x89, 0x2A, 0x6D, 0x9A, + 0xF3, 0x1E, 0xC5, 0x38, 0xD3, 0x65, 0x1B, 0xB9, + 0xDF, 0x5F, 0x7F, 0x4A, 0xD8, 0x89, 0x57, 0xF1 +}; + static uint8_t fp256_cipher[] = { 0x30, 0x78, 0x02, 0x21, 0x00, 0xAB, 0xBD, 0xE8, 0xE8, 0x80, 0x93, 0x36, 0x77, 0xB6, 0x44, 0x47, @@ -121,6 +129,10 @@ struct crypto_testsuite_sm2_params sm2_param_fp256 = { .data = fp256_message, .length = sizeof(fp256_message), }, + .digest = { + .data = fp256_digest, + .length = sizeof(fp256_digest), + }, .cipher = { .data = fp256_cipher, .length = sizeof(fp256_cipher), From patchwork Wed Sep 27 11:37:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 131999 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 72B2F42651; Wed, 27 Sep 2023 13:38:39 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7647440DCE; Wed, 27 Sep 2023 13:38:09 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id A9B8C40A84 for ; Wed, 27 Sep 2023 13:38:07 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38R2TO16025049; Wed, 27 Sep 2023 04:38:06 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=YwJApZEFOMvV8ROwib9rQyeETjYLmHtNLNa8U3gHUpA=; b=RksO4B5Q2qgC4ggpBmMFSTCF0lnUlB67O1HpeLpU6jS4nH908SVJBtF6cbKEUZ3n0jl5 OrlDDCz5r8VErc+LmU4lOj2zsh8zMD6BcBGPFQ7gjLx+YUvZrnlszasmEmvTkfgKDW3o BTI4dNtm1os9O2Va+4+cWjE7/OSPqt1+a2lrBmaouqFm2pG2jz5QOh+m27Qbw4Jr8jCA HrT8G+JidkPg6ENIwLU+OwHWY/5gT+xGf8JwenT3eeFUcQtiXKu5kMBC40sYEJtOCwzX qyF0bJpGwF3n2Q5FLgjquptyNdLlrc/vNQF3jv4fth+YNu9eav3mo0oalnU6sZRUp7i+ UQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3tbw5gnv9u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 27 Sep 2023 04:38:06 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 27 Sep 2023 04:38:04 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 27 Sep 2023 04:38:04 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id A82F13F70A3; Wed, 27 Sep 2023 04:38:02 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Gowrishankar Muthukrishnan Subject: [PATCH v2 7/7] crypto/cnxk: add SM2 support Date: Wed, 27 Sep 2023 17:07:34 +0530 Message-ID: <20230927113734.1244-8-gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20230927113734.1244-1-gmuthukrishn@marvell.com> References: <20230927113734.1244-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: GhB6-8qexDnBpGDfgwcNpujFo2Kdv-Rn X-Proofpoint-ORIG-GUID: GhB6-8qexDnBpGDfgwcNpujFo2Kdv-Rn X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-27_06,2023-09-27_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add SM2 asymmetric algorithm support in cnxk PMD. Signed-off-by: Gowrishankar Muthukrishnan --- doc/guides/cryptodevs/features/cn10k.ini | 1 + doc/guides/rel_notes/release_23_11.rst | 6 + drivers/common/cnxk/hw/cpt.h | 3 +- drivers/common/cnxk/roc_ae.c | 32 ++- drivers/common/cnxk/roc_ae.h | 3 +- drivers/common/cnxk/roc_ae_fpm_tables.c | 190 ++++++++++++++++++ drivers/crypto/cnxk/cnxk_ae.h | 34 +++- drivers/crypto/cnxk/cnxk_cryptodev.h | 2 +- .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 17 ++ 9 files changed, 283 insertions(+), 5 deletions(-) diff --git a/doc/guides/cryptodevs/features/cn10k.ini b/doc/guides/cryptodevs/features/cn10k.ini index 55a1226965..15e2dd48a8 100644 --- a/doc/guides/cryptodevs/features/cn10k.ini +++ b/doc/guides/cryptodevs/features/cn10k.ini @@ -103,6 +103,7 @@ Modular Inversion = Diffie-hellman = ECDSA = Y ECPM = Y +SM2 = Y ; ; Supported Operating systems of the 'cn10k' crypto driver. diff --git a/doc/guides/rel_notes/release_23_11.rst b/doc/guides/rel_notes/release_23_11.rst index e9afae8030..b21e78c7a0 100644 --- a/doc/guides/rel_notes/release_23_11.rst +++ b/doc/guides/rel_notes/release_23_11.rst @@ -72,12 +72,18 @@ New Features Also, make sure to start the actual text at the margin. ======================================================= + * build: Enabling deprecated libraries is now done using the new ``enable_deprecated_libraries`` build option. * build: Optional libraries can now be selected with the new ``enable_libs`` build option similarly to the existing ``enable_drivers`` build option. +* **Updated CNXK crypto driver.** + + * Added SM2 algorithm support in asymmetric crypto operations. + + Removed Items ------------- diff --git a/drivers/common/cnxk/hw/cpt.h b/drivers/common/cnxk/hw/cpt.h index 5e1519e202..ce57de8788 100644 --- a/drivers/common/cnxk/hw/cpt.h +++ b/drivers/common/cnxk/hw/cpt.h @@ -79,7 +79,8 @@ union cpt_eng_caps { uint64_t __io reserved_23_33 : 11; uint64_t __io pdcp_chain : 1; uint64_t __io sg_ver2 : 1; - uint64_t __io reserved_36_63 : 28; + uint64_t __io sm2 : 1; + uint64_t __io reserved_37_63 : 27; }; }; diff --git a/drivers/common/cnxk/roc_ae.c b/drivers/common/cnxk/roc_ae.c index 336b927641..e6a013d7c4 100644 --- a/drivers/common/cnxk/roc_ae.c +++ b/drivers/common/cnxk/roc_ae.c @@ -149,7 +149,37 @@ const struct roc_ae_ec_group ae_ec_grp[ROC_AE_EC_ID_PMAX] = { 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45, 0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00}, - .length = 66}}}; + .length = 66}, + }, + {}, + {}, + {}, + { + .prime = {.data = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, + 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF}, + .length = 32}, + .order = {.data = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0x72, 0x03, 0xDF, 0x6B, 0x21, + 0xC6, 0x05, 0x2B, 0x53, 0xBB, 0xF4, 0x09, + 0x39, 0xD5, 0x41, 0x23}, + .length = 32}, + .consta = {.data = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, + 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFC}, + .length = 32}, + .constb = {.data = {0x28, 0xE9, 0xFA, 0x9E, 0x9D, 0x9F, 0x5E, + 0x34, 0x4D, 0x5A, 0x9E, 0x4B, 0xCF, 0x65, + 0x09, 0xA7, 0xF3, 0x97, 0x89, 0xF5, 0x15, + 0xAB, 0x8F, 0x92, 0xDD, 0xBC, 0xBD, 0x41, + 0x4D, 0x94, 0x0E, 0x93}, + .length = 32}, + }}; int roc_ae_ec_grp_get(struct roc_ae_ec_group **tbl) diff --git a/drivers/common/cnxk/roc_ae.h b/drivers/common/cnxk/roc_ae.h index d8ad0129b1..d459c5e680 100644 --- a/drivers/common/cnxk/roc_ae.h +++ b/drivers/common/cnxk/roc_ae.h @@ -34,7 +34,8 @@ typedef enum { ROC_AE_EC_ID_P160 = 5, ROC_AE_EC_ID_P320 = 6, ROC_AE_EC_ID_P512 = 7, - ROC_AE_EC_ID_PMAX = 8 + ROC_AE_EC_ID_SM2 = 8, + ROC_AE_EC_ID_PMAX } roc_ae_ec_id; /* Prime and order fields of built-in elliptic curves */ diff --git a/drivers/common/cnxk/roc_ae_fpm_tables.c b/drivers/common/cnxk/roc_ae_fpm_tables.c index f91570299b..ead3128e7f 100644 --- a/drivers/common/cnxk/roc_ae_fpm_tables.c +++ b/drivers/common/cnxk/roc_ae_fpm_tables.c @@ -1057,6 +1057,189 @@ const uint8_t ae_fpm_tbl_p521[AE_FPM_P521_LEN] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }; +const uint8_t ae_fpm_tbl_p256_sm2[AE_FPM_P256_LEN] = { + 0x71, 0x5A, 0x45, 0x89, 0x33, 0x4C, 0x74, 0xC7, 0x8F, 0xE3, 0x0B, 0xBF, + 0xF2, 0x66, 0x0B, 0xE1, 0x5F, 0x99, 0x04, 0x46, 0x6A, 0x39, 0xC9, 0x94, + 0x32, 0xC4, 0xAE, 0x2C, 0x1F, 0x19, 0x81, 0x19, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x02, 0xDF, 0x32, 0xE5, 0x21, 0x39, 0xF0, 0xA0, 0xD0, 0xA9, 0x87, 0x7C, + 0xC6, 0x2A, 0x47, 0x40, 0x59, 0xBD, 0xCE, 0xE3, 0x6B, 0x69, 0x21, 0x53, + 0xBC, 0x37, 0x36, 0xA2, 0xF4, 0xF6, 0x77, 0x9C, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xE1, 0x8B, 0xD5, 0x46, 0xB5, 0x82, 0x45, 0x17, 0x67, 0x38, 0x91, 0xD7, + 0x91, 0xCA, 0xA4, 0x86, 0xBA, 0x22, 0x0B, 0x99, 0xDF, 0x9F, 0x9A, 0x14, + 0x95, 0xAF, 0xBD, 0x11, 0x55, 0xC1, 0xDA, 0x54, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x8E, 0x44, 0x50, 0xEB, 0x33, 0x4A, 0xCD, 0xCB, 0xC3, 0xC7, 0xD1, 0x89, + 0x8A, 0x53, 0xF2, 0x0D, 0x2E, 0xEE, 0x75, 0x0F, 0x40, 0x53, 0x01, 0x7C, + 0xE8, 0xA6, 0xD8, 0x2C, 0x51, 0x73, 0x88, 0xC2, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xF8, 0x1C, 0x8D, 0xA9, 0xB9, 0x9F, 0xBA, 0x55, 0x13, 0x7F, 0x6C, 0x61, + 0x49, 0xFE, 0xEF, 0x6E, 0xCB, 0x12, 0x9A, 0xA4, 0x94, 0xDA, 0x9A, 0xD4, + 0x82, 0xA0, 0xF5, 0x40, 0x7D, 0x12, 0x3D, 0xB6, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xFD, 0xEC, 0xA0, 0x07, 0x72, 0xC4, 0xDB, 0xC9, 0xA9, 0x61, 0xB5, 0x8F, + 0x0C, 0xF5, 0x83, 0x73, 0xEC, 0xAC, 0xAB, 0x94, 0xE9, 0x73, 0xF9, 0xC3, + 0xF1, 0x2F, 0xA4, 0x69, 0x6A, 0x22, 0xCA, 0x3F, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xEA, 0xE3, 0xD9, 0xA9, 0xD1, 0x3A, 0x42, 0xED, 0x2B, 0x23, 0x08, 0xF6, + 0x48, 0x4E, 0x1B, 0x38, 0x3D, 0xB7, 0xB2, 0x48, 0x88, 0xC2, 0x1F, 0x3A, + 0xB6, 0x92, 0xE5, 0xB5, 0x74, 0xD5, 0x5D, 0xA9, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xD1, 0x86, 0x46, 0x9D, 0xE2, 0x95, 0xE5, 0xAB, 0xDB, 0x61, 0xAC, 0x17, + 0x73, 0x43, 0x8E, 0x6D, 0x5A, 0x92, 0x4F, 0x85, 0x54, 0x49, 0x26, 0xF9, + 0xA1, 0x75, 0x05, 0x1B, 0x0F, 0x3F, 0xB6, 0x13, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xA7, 0x2D, 0x08, 0x4F, 0x62, 0xC8, 0xD5, 0x8B, 0xE3, 0xD6, 0x46, 0x7D, + 0xEA, 0xF4, 0x8F, 0xD7, 0x8F, 0xE7, 0x5E, 0x5A, 0x12, 0x8A, 0x56, 0xA7, + 0xC0, 0x02, 0x3F, 0xE7, 0xFF, 0x2B, 0x68, 0xBD, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x64, 0xF6, 0x77, 0x82, 0x31, 0x68, 0x15, 0xF9, 0xB5, 0x2B, 0x6D, 0x9B, + 0x19, 0xA6, 0x9C, 0xD2, 0x5D, 0x1E, 0xD6, 0xFA, 0x89, 0xCB, 0xBA, 0xDE, + 0x79, 0x6C, 0x91, 0x0E, 0xE7, 0xF4, 0xCC, 0xDB, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x1B, 0x21, 0x50, 0xC1, 0xC5, 0xF1, 0x30, 0x15, 0xDA, 0xAB, 0xA9, 0x1B, + 0x5D, 0x95, 0x2C, 0x9B, 0x0E, 0x8C, 0xC2, 0x4C, 0x3F, 0x54, 0x61, 0x42, + 0x75, 0xA3, 0x4B, 0x24, 0x37, 0x05, 0xF2, 0x60, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x77, 0xD1, 0x95, 0x42, 0x1C, 0xEF, 0x13, 0x39, 0x63, 0x66, 0x44, 0xAA, + 0x0C, 0x3A, 0x06, 0x23, 0x46, 0x83, 0xDF, 0x17, 0x6E, 0xEB, 0x24, 0x44, + 0x64, 0x2C, 0xE3, 0xBD, 0x35, 0x35, 0xE7, 0x4D, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x4A, 0x59, 0xAC, 0x2C, 0x6E, 0x7E, 0xCC, 0x08, 0xAF, 0x2B, 0x71, 0x16, + 0x4F, 0x19, 0x1D, 0x63, 0x36, 0x22, 0xA8, 0x7F, 0xB2, 0x84, 0x55, 0x4F, + 0xD9, 0xEB, 0x39, 0x7B, 0x44, 0x1E, 0x9C, 0xD0, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xA6, 0x6B, 0x8A, 0x48, 0x93, 0xB6, 0xA5, 0x4D, 0x26, 0xFB, 0x89, 0xA4, + 0x0B, 0x4A, 0x66, 0x3A, 0xAF, 0xA8, 0x75, 0x01, 0xEE, 0xDF, 0xC9, 0xF4, + 0xF3, 0xF0, 0x00, 0xBC, 0x66, 0xF9, 0x81, 0x08, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xAD, 0x8B, 0xC6, 0x8C, 0xE0, 0x31, 0xD6, 0x16, 0x16, 0x88, 0x8D, 0x8E, + 0xE4, 0x00, 0x31, 0x87, 0x44, 0xC0, 0x75, 0x7F, 0x3B, 0xB8, 0xB6, 0x00, + 0x79, 0x3F, 0xAE, 0x7A, 0xF0, 0x16, 0x42, 0x45, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x21, 0x0C, 0xD0, 0x42, 0x97, 0x3F, 0x33, 0x3B, 0x08, 0x66, 0x6F, 0xF5, + 0x2D, 0xBD, 0x25, 0xF9, 0x65, 0xC5, 0xB1, 0x29, 0xF5, 0xF7, 0xAD, 0x5D, + 0xE0, 0x3D, 0x7A, 0x8D, 0x19, 0xB3, 0x21, 0x9A, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xD6, 0x8B, 0xFB, 0xAC, 0xE0, 0xE0, 0x03, 0x92, 0x26, 0x10, 0x14, 0xF7, + 0xD3, 0x44, 0x5D, 0xC7, 0xD9, 0xF4, 0x6B, 0x27, 0x14, 0xA0, 0x71, 0xEE, + 0x1B, 0x20, 0x0A, 0xF3, 0x08, 0x10, 0xB6, 0x82, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x0D, 0x91, 0xD8, 0xB1, 0x2A, 0xE6, 0x9B, 0xCD, 0x74, 0xA0, 0x8F, 0x17, + 0xBF, 0x8C, 0xD9, 0x81, 0xD8, 0x22, 0x91, 0x3C, 0xF0, 0xD2, 0xB8, 0x2D, + 0x24, 0x8B, 0x7A, 0xF0, 0xB0, 0x5B, 0xFA, 0xD2, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xBA, 0x11, 0x9A, 0x04, 0x9E, 0x62, 0xF2, 0xE2, 0xF2, 0x78, 0xE8, 0xA3, + 0x4D, 0xF0, 0x5A, 0xE5, 0xD2, 0x69, 0xF3, 0x56, 0x4E, 0xB5, 0xD1, 0x80, + 0x8E, 0x74, 0xAD, 0x0F, 0x4F, 0x95, 0x7C, 0xB1, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x11, 0x2F, 0xF4, 0xDA, 0xBD, 0x76, 0xE2, 0xDD, 0x91, 0x37, 0x3F, 0x20, + 0x63, 0x0F, 0xDB, 0x7F, 0xF4, 0x3E, 0xAB, 0x47, 0x49, 0x92, 0x90, 0x4C, + 0x55, 0xA5, 0xCC, 0xC7, 0xAF, 0x3B, 0x6D, 0xB4, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x5A, 0xD1, 0x04, 0xA8, 0xBD, 0xD2, 0x3D, 0xE9, 0xF5, 0xA9, 0xE5, 0x15, + 0xEB, 0x71, 0xC2, 0xC1, 0x39, 0x05, 0x42, 0xA0, 0xBA, 0x95, 0xC1, 0x74, + 0x4C, 0x55, 0xFB, 0x20, 0x42, 0x64, 0x91, 0xBF, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x91, 0x52, 0x57, 0x35, 0xEF, 0x62, 0x62, 0x89, 0xD2, 0xED, 0x97, 0x7F, + 0x88, 0xF0, 0x96, 0x35, 0xFD, 0x48, 0x73, 0x1B, 0x7A, 0x8A, 0x85, 0x21, + 0x08, 0xF8, 0x9A, 0x03, 0xB8, 0xFD, 0xEB, 0xEA, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x7E, 0x8E, 0x61, 0xEA, 0x35, 0xEB, 0x8E, 0x2E, 0x1B, 0xB2, 0x70, 0x0D, + 0xB9, 0x8A, 0x76, 0x2C, 0xD8, 0x1E, 0xA2, 0x3B, 0x77, 0x38, 0xC1, 0x7C, + 0xF9, 0xDE, 0xF2, 0xA4, 0x6D, 0xBA, 0x26, 0xA3, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x18, 0x3A, 0x79, 0x12, 0xD0, 0x5E, 0x32, 0x9F, 0x34, 0x66, 0x4A, 0x08, + 0x96, 0xCC, 0xDE, 0x0E, 0x56, 0xC2, 0x26, 0x52, 0x61, 0x42, 0x83, 0xBB, + 0x91, 0x69, 0x28, 0x99, 0xD5, 0xFF, 0x05, 0x13, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x44, 0x9D, 0x48, 0xD8, 0xF3, 0xBD, 0xBE, 0x19, 0xAB, 0x95, 0xDE, 0x03, + 0xCC, 0x85, 0x10, 0xCB, 0xAE, 0xF1, 0x59, 0x46, 0x3F, 0x8B, 0xFB, 0x25, + 0xDA, 0x72, 0xC3, 0x79, 0xDA, 0xE3, 0xCA, 0x8B, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xCB, 0xA9, 0x31, 0x5C, 0xE8, 0x2C, 0xC3, 0xEA, 0x4E, 0x52, 0x4B, 0xAC, + 0x38, 0xA5, 0x80, 0x20, 0x36, 0xBA, 0x27, 0x52, 0x53, 0x8E, 0x34, 0x8C, + 0xB1, 0x70, 0xD0, 0xDA, 0x75, 0xED, 0x45, 0x0F, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x94, 0x7A, 0xF0, 0xF5, 0x2B, 0x4F, 0x8D, 0xA6, 0x7E, 0xDA, 0x17, 0xD9, + 0x17, 0x82, 0x79, 0x76, 0x5B, 0xA7, 0x9A, 0x0C, 0x70, 0x58, 0x53, 0xA0, + 0xA5, 0xD9, 0x87, 0x3B, 0x3F, 0xB2, 0xDD, 0xC7, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xC2, 0xA4, 0x81, 0x62, 0xA5, 0xFD, 0x9C, 0xE9, 0x80, 0xEE, 0x8A, 0xE5, + 0x26, 0xF2, 0x5F, 0x02, 0xF6, 0x0C, 0x8E, 0xF6, 0x63, 0x3B, 0xE6, 0xA9, + 0xE2, 0xE2, 0x3F, 0x02, 0x29, 0xA8, 0x4A, 0x35, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xBC, 0x49, 0x45, 0xBD, 0x86, 0xBB, 0x6A, 0xFB, 0x23, 0x7E, 0xB7, 0x11, + 0xEB, 0xA4, 0x6F, 0xEE, 0x7C, 0x1D, 0xB5, 0x8B, 0x7B, 0x86, 0xEB, 0x33, + 0xD9, 0x4E, 0xB7, 0x28, 0x27, 0x3B, 0x3A, 0xC7, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xBE, 0x17, 0x17, 0xE5, 0x95, 0x68, 0xD0, 0xA4, 0x4A, 0x60, 0x67, 0xCC, + 0x45, 0xF7, 0x02, 0x12, 0x19, 0xB3, 0x2E, 0xB5, 0xAF, 0xC2, 0xFB, 0x17, + 0xBE, 0x3C, 0x1E, 0x7A, 0xC3, 0xAC, 0x9D, 0x3C, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +}; + const struct ae_fpm_entry ae_fpm_tbl_scalar[ROC_AE_EC_ID_PMAX] = { { .data = ae_fpm_tbl_p192, @@ -1077,6 +1260,13 @@ const struct ae_fpm_entry ae_fpm_tbl_scalar[ROC_AE_EC_ID_PMAX] = { { .data = ae_fpm_tbl_p521, .len = sizeof(ae_fpm_tbl_p521) + }, + {}, + {}, + {}, + { + .data = ae_fpm_tbl_p256_sm2, + .len = sizeof(ae_fpm_tbl_p256_sm2) } }; diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h index 8fdb45177b..3cb01b60d3 100644 --- a/drivers/crypto/cnxk/cnxk_ae.h +++ b/drivers/crypto/cnxk/cnxk_ae.h @@ -193,8 +193,11 @@ cnxk_ae_fill_ec_params(struct cnxk_ae_sess *sess, case RTE_CRYPTO_EC_GROUP_SECP521R1: ec->curveid = ROC_AE_EC_ID_P521; break; + case RTE_CRYPTO_EC_GROUP_SM2: + ec->curveid = ROC_AE_EC_ID_SM2; + break; default: - /* Only NIST curves (FIPS 186-4) are supported */ + /* Only NIST curves (FIPS 186-4) and SM2 are supported */ return -EINVAL; } @@ -235,6 +238,7 @@ cnxk_ae_fill_session_parameters(struct cnxk_ae_sess *sess, /* Fall through */ case RTE_CRYPTO_ASYM_XFORM_ECPM: case RTE_CRYPTO_ASYM_XFORM_ECFPM: + case RTE_CRYPTO_ASYM_XFORM_SM2: ret = cnxk_ae_fill_ec_params(sess, xform); break; default: @@ -1113,6 +1117,23 @@ cnxk_ae_dequeue_ecdsa_op(struct rte_crypto_ecdsa_op_param *ecdsa, uint8_t *rptr, ecdsa->s.length = prime_len; } +static __rte_always_inline void +cnxk_ae_dequeue_sm2_op(struct rte_crypto_sm2_op_param *sm2, uint8_t *rptr, + struct roc_ae_ec_ctx *ec, + struct roc_ae_ec_group **ec_grp) +{ + int prime_len = ec_grp[ec->curveid]->prime.length; + + if (sm2->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) + return; + + /* Separate out sign r and s components */ + rte_memcpy(sm2->r.data, rptr, prime_len); + rte_memcpy(sm2->s.data, rptr + RTE_ALIGN_CEIL(prime_len, 8), prime_len); + sm2->r.length = prime_len; + sm2->s.length = prime_len; +} + static __rte_always_inline void cnxk_ae_dequeue_ecpm_op(struct rte_crypto_ecpm_op_param *ecpm, uint8_t *rptr, struct roc_ae_ec_ctx *ec, @@ -1181,6 +1202,13 @@ cnxk_ae_enqueue(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op, if (unlikely(ret)) goto req_fail; break; + case RTE_CRYPTO_ASYM_XFORM_SM2: + ret = cnxk_ae_enqueue_sm2_op(op, &meta_buf, sess, + sess->cnxk_fpm_iova, + sess->ec_grp, inst); + if (unlikely(ret)) + goto req_fail; + break; case RTE_CRYPTO_ASYM_XFORM_ECPM: ret = cnxk_ae_ecpm_prep(&asym_op->ecpm, &meta_buf, sess->ec_grp[sess->ec_ctx.curveid], @@ -1230,6 +1258,10 @@ cnxk_ae_post_process(struct rte_crypto_op *cop, struct cnxk_ae_sess *sess, cnxk_ae_dequeue_ecdsa_op(&op->ecdsa, rptr, &sess->ec_ctx, sess->ec_grp); break; + case RTE_CRYPTO_ASYM_XFORM_SM2: + cnxk_ae_dequeue_sm2_op(&op->sm2, rptr, &sess->ec_ctx, + sess->ec_grp); + break; case RTE_CRYPTO_ASYM_XFORM_ECPM: case RTE_CRYPTO_ASYM_XFORM_ECFPM: cnxk_ae_dequeue_ecpm_op(&op->ecpm, rptr, &sess->ec_ctx, diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h index 09f5ba0650..9a321aa8c9 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev.h +++ b/drivers/crypto/cnxk/cnxk_cryptodev.h @@ -13,7 +13,7 @@ #define CNXK_CPT_MAX_CAPS 54 #define CNXK_SEC_CRYPTO_MAX_CAPS 16 #define CNXK_SEC_MAX_CAPS 9 -#define CNXK_AE_EC_ID_MAX 8 +#define CNXK_AE_EC_ID_MAX 9 /** * Device private data */ diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c index 4c6357353e..013d5789f6 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c +++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c @@ -1152,6 +1152,20 @@ static const struct rte_cryptodev_capabilities caps_sm4[] = { }, }; +static const struct rte_cryptodev_capabilities caps_sm2[] = { + { /* SM2 */ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, + {.asym = { + .xform_capa = { + .xform_type = RTE_CRYPTO_ASYM_XFORM_SM2, + .op_types = ((1 << RTE_CRYPTO_ASYM_OP_SIGN) | + (1 << RTE_CRYPTO_ASYM_OP_VERIFY)) + } + } + } + } +}; + static const struct rte_cryptodev_capabilities caps_end[] = { RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; @@ -1623,6 +1637,9 @@ cn10k_crypto_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm3); CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm4); } + + if (hw_caps[CPT_ENG_TYPE_AE].sm2) + CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm2); } static void