From patchwork Mon Oct 9 13:54:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 132426 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 14E154233C; Mon, 9 Oct 2023 15:55:11 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 94FD24069D; Mon, 9 Oct 2023 15:55:08 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id D91224069D for ; Mon, 9 Oct 2023 15:55:06 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 399CduXw021665; Mon, 9 Oct 2023 06:55:05 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=+DPyZzxJyrjZ2jXI1iU+AIE+W4oAqzaCj/fJbOBbZGY=; b=ImXkaTetFOg5vNJHpjUip/K506uA3g8dTtkPkUJmzzeoOVH1yO6bNYkVCrCYdSRiOdZw RTnBDTF7BlXUEVMuzFdj7X+rWX5TouhnEIgdaJOOpgfrDX3C+0MTmfhpitldg39vRofh uKrmwHh46ObCSWYTblqv2Gwelo9bYKaCpJClGw9eIU0cw6s4vcEU5xA3IIamINLutzaL UPqbdUe7tJURx2kZxhG3OZhBw5+RduHF5QqSekMn88jbD9PY+6DmD5BMjtM6oaCruMlD 8sw9qBg0J8kLUByGx/0XRDH/SYtOiyw+kSkJFtCLLzow89HTLUvc76zMj9i1Vn+eFY3F HA== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh9smdhp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 09 Oct 2023 06:55:05 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 9 Oct 2023 06:55:03 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 9 Oct 2023 06:55:03 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 25E583F70A8; Mon, 9 Oct 2023 06:55:00 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Ciara Power , Gowrishankar Muthukrishnan Subject: [PATCH v4 1/7] crypto/openssl: include SM2 in asymmetric capabilities Date: Mon, 9 Oct 2023 19:24:48 +0530 Message-ID: X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: VJqHYLwxY7kFUb-PacX1ahW4EH0dJlKv X-Proofpoint-ORIG-GUID: VJqHYLwxY7kFUb-PacX1ahW4EH0dJlKv X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Include SM2 algorithm in the asymmetric capabilities supported by OpenSSL PMD. Fixes: 3b7d638fb11f ("crypto/openssl: support asymmetric SM2") Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 85a4fa3e55..2eb450fcfd 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -593,6 +593,20 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { }, } }, + { /* SM2 */ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, + {.asym = { + .xform_capa = { + .xform_type = RTE_CRYPTO_ASYM_XFORM_SM2, + .op_types = + ((1< X-Patchwork-Id: 132427 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0B6AE4233C; Mon, 9 Oct 2023 15:55:18 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id C9A1F406FF; Mon, 9 Oct 2023 15:55:11 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 0C6B8406BC for ; Mon, 9 Oct 2023 15:55:09 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 399D4RTd000936; Mon, 9 Oct 2023 06:55:09 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=QW/CFrmEJeFOPJPwunVLcg2nANajSlF3UxP6qUsOkP4=; b=SEQ77PtogEQ4ViA8KaHx2TE5BFAmyiaF+crQey6T1hyLO2yhN1rF26oZsXQhQ16Mvu3w hGpqAxttpi8SXn9RQ84faXN2iGfFY/CMGJaTVdEY1JF01o2FymkTz0KkPmw6tf0ereJu 6eodzGSmhHBwbX2T7JWP0zYm64M66w2vkbv/YUD0cU31LC0HRq9zpDrtdQf4qKE18vrD LZb78RYXfHL8fy74NrJAakgIPXjNDLhp9ckfLcyu8qvVE01YEzU5uAD7RCNiJeu1pBXb eXZUiEqj9JKef7HTNgbkLw3o9Hw90Hj1fUohaUhK6trSJnd76cc6irCaojhnTLidQioa uw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh7ccd7y-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 09 Oct 2023 06:55:09 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 9 Oct 2023 06:55:07 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 9 Oct 2023 06:55:07 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 694233F70AD; Mon, 9 Oct 2023 06:55:04 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Ciara Power , Gowrishankar Muthukrishnan Subject: [PATCH v4 2/7] cryptodev: add hash algorithms in asymmetric capability Date: Mon, 9 Oct 2023 19:24:49 +0530 Message-ID: <549b4cf74e6b7c9e6c56d3c693b3eb7f78db8c60.1696859505.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: _UkVcQSWseUnVXTuK7730XIxvYvGDUR2 X-Proofpoint-ORIG-GUID: _UkVcQSWseUnVXTuK7730XIxvYvGDUR2 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Most of the asymmetric operations start with hash of the input. But a PMD might also support only plain input (eg openssl). Add a new field in asymmetric capability to declare support for hash operations that PMD can support for the asymmetric operations. Application can skip computing hash if PMD already supports it. Signed-off-by: Gowrishankar Muthukrishnan --- app/test/test_cryptodev_asym.c | 52 ++++++++++++++++++-- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 1 + lib/cryptodev/cryptodev_trace.h | 9 ++++ lib/cryptodev/cryptodev_trace_points.c | 3 ++ lib/cryptodev/rte_cryptodev.c | 16 ++++++ lib/cryptodev/rte_cryptodev.h | 19 +++++++ lib/cryptodev/version.map | 1 + 7 files changed, 97 insertions(+), 4 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 39de0bdac5..af323e02d9 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -1810,8 +1810,10 @@ _test_sm2_sign(bool rnd_secret) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_r[TEST_DATA_SIZE]; @@ -1822,6 +1824,12 @@ _test_sm2_sign(bool rnd_secret) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -1838,7 +1846,10 @@ _test_sm2_sign(bool rnd_secret) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -1993,8 +2004,10 @@ test_sm2_verify(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; struct rte_crypto_asym_xform xform; @@ -2003,6 +2016,12 @@ test_sm2_verify(void) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2019,7 +2038,10 @@ test_sm2_verify(void) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2094,9 +2116,11 @@ _test_sm2_enc(bool rnd_secret) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; struct rte_crypto_asym_xform xform; @@ -2105,6 +2129,12 @@ _test_sm2_enc(bool rnd_secret) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2120,7 +2150,10 @@ _test_sm2_enc(bool rnd_secret) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2273,8 +2306,10 @@ test_sm2_dec(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_m[TEST_DATA_SIZE]; @@ -2284,6 +2319,12 @@ test_sm2_dec(void) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2299,7 +2340,10 @@ test_sm2_dec(void) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 2eb450fcfd..d5dc365064 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -598,6 +598,7 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { {.asym = { .xform_capa = { .xform_type = RTE_CRYPTO_ASYM_XFORM_SM2, + .hash_algos = (1 << RTE_CRYPTO_AUTH_SM3), .op_types = ((1<hash_algos & (1 << hash)) + ret = true; + + rte_cryptodev_trace_asym_xform_capability_check_hash( + capability->hash_algos, hash, ret); + + return ret; +} + /* spinlock for crypto device enq callbacks */ static rte_spinlock_t rte_cryptodev_callback_lock = RTE_SPINLOCK_INITIALIZER; diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h index 9f07e1ed2c..3a1b4dc501 100644 --- a/lib/cryptodev/rte_cryptodev.h +++ b/lib/cryptodev/rte_cryptodev.h @@ -182,6 +182,9 @@ struct rte_cryptodev_asymmetric_xform_capability { * Value 0 mean implementation default */ }; + + uint64_t hash_algos; + /**< Bitmask of hash algorithms supported for op_type. */ }; /** @@ -340,6 +343,22 @@ rte_cryptodev_asym_xform_capability_check_modlen( const struct rte_cryptodev_asymmetric_xform_capability *capability, uint16_t modlen); +/** + * Check if hash algorithm is supported. + * + * @param capability Asymmetric crypto capability. + * @param hash Hash algorithm. + * + * @return + * - Return true if the hash algorithm is supported. + * - Return false if the hash algorithm is not supported. + */ +__rte_experimental +bool +rte_cryptodev_asym_xform_capability_check_hash( + const struct rte_cryptodev_asymmetric_xform_capability *capability, + enum rte_crypto_auth_algorithm hash); + /** * Provide the cipher algorithm enum, given an algorithm string * diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map index 20f7b24960..208919b819 100644 --- a/lib/cryptodev/version.map +++ b/lib/cryptodev/version.map @@ -51,6 +51,7 @@ EXPERIMENTAL { rte_cryptodev_asym_get_xform_enum; rte_cryptodev_asym_session_create; rte_cryptodev_asym_session_free; + rte_cryptodev_asym_xform_capability_check_hash; rte_cryptodev_asym_xform_capability_check_modlen; rte_cryptodev_asym_xform_capability_check_optype; rte_cryptodev_sym_cpu_crypto_process; From patchwork Mon Oct 9 13:54:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 132428 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6D58C4233C; Mon, 9 Oct 2023 15:55:26 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 08B2D406BC; Mon, 9 Oct 2023 15:55:15 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 406B840A6F for ; Mon, 9 Oct 2023 15:55:13 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 399CpdlN008257; Mon, 9 Oct 2023 06:55:12 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=RWI3ku3OzPmqnYwvaTdp4Z0xqZs9YhHk0iUhuMuY1hc=; b=Uew5oPtgFqaNnqog4gARf/tLb75k8mqwQjEHrfoVU23GHAzM7snr4HjiKDFKrVX8bQLm ocoRbCq2PsnR7g5t7AXbwrknzUywXvi2FgIyl3a7xHAaJlCIQrcngHglUnSI5T7S4B47 irMaW52/MpwOzxrYtxcsjOiU3O4Km2FrfA6ODi7+jKt2B5RwccZYQVgzOIC812iQA3SG zHdtZa/MheqFzb792kSqxhHhl9LmME/+ACUOoNLGueUKk2Dndx+Acwc8Oc9KraM4+IH0 BmdUiDxBEk0TFa5e+Sf2jVL5kzwjrzxhsWwF9waa3BrQ/sV8hznGhqK0vR7+7/l25xyQ PQ== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh7ccd83-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 09 Oct 2023 06:55:12 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 9 Oct 2023 06:55:10 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 9 Oct 2023 06:55:10 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id A44B03F70A4; Mon, 9 Oct 2023 06:55:07 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Ciara Power , Gowrishankar Muthukrishnan Subject: [PATCH v4 3/7] cryptodev: use generic EC xform params for SM2 Date: Mon, 9 Oct 2023 19:24:50 +0530 Message-ID: X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: uDILLAjgF9dTDaJ4Cz9d9udRleTDvHSx X-Proofpoint-ORIG-GUID: uDILLAjgF9dTDaJ4Cz9d9udRleTDvHSx X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org SM2 curve could use generic EC xform as it is yet another EC. This would also require SM2 curve ID enumerated along with other curves, as listed in: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- app/test/test_cryptodev_asym.c | 40 ++++++++++++-------- app/test/test_cryptodev_sm2_test_vectors.h | 4 +- doc/guides/rel_notes/release_23_11.rst | 2 + drivers/crypto/openssl/rte_openssl_pmd_ops.c | 3 -- lib/cryptodev/rte_crypto_asym.h | 19 +++------- 5 files changed, 34 insertions(+), 34 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index af323e02d9..514ea96b8b 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -1846,10 +1846,7 @@ _test_sm2_sign(bool rnd_secret) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; - else - xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; + xform.ec.curve_id = input_params.curve; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -1867,6 +1864,11 @@ _test_sm2_sign(bool rnd_secret) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_SIGN; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; + asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; asym_op->sm2.pkey.data = input_params.pkey.data; @@ -2038,10 +2040,7 @@ test_sm2_verify(void) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; - else - xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; + xform.ec.curve_id = input_params.curve; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2059,6 +2058,11 @@ test_sm2_verify(void) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; + asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; asym_op->sm2.pkey.data = input_params.pkey.data; @@ -2150,10 +2154,7 @@ _test_sm2_enc(bool rnd_secret) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; - else - xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; + xform.ec.curve_id = input_params.curve; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2171,6 +2172,11 @@ _test_sm2_enc(bool rnd_secret) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; + asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; asym_op->sm2.pkey.data = input_params.pkey.data; @@ -2340,10 +2346,7 @@ test_sm2_dec(void) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; - else - xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; + xform.ec.curve_id = input_params.curve; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2361,6 +2364,11 @@ test_sm2_dec(void) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; + asym_op->sm2.cipher.data = input_params.cipher.data; asym_op->sm2.cipher.length = input_params.cipher.length; asym_op->sm2.pkey.data = input_params.pkey.data; diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h index 7a4ce70c10..3d2dba1359 100644 --- a/app/test/test_cryptodev_sm2_test_vectors.h +++ b/app/test/test_cryptodev_sm2_test_vectors.h @@ -17,6 +17,7 @@ struct crypto_testsuite_sm2_params { rte_crypto_param id; rte_crypto_param cipher; rte_crypto_param message; + int curve; }; static uint8_t fp256_pkey[] = { @@ -123,7 +124,8 @@ struct crypto_testsuite_sm2_params sm2_param_fp256 = { .cipher = { .data = fp256_cipher, .length = sizeof(fp256_cipher), - } + }, + .curve = RTE_CRYPTO_EC_GROUP_SM2 }; #endif /* __TEST_CRYPTODEV_SM2_TEST_VECTORS_H__ */ diff --git a/doc/guides/rel_notes/release_23_11.rst b/doc/guides/rel_notes/release_23_11.rst index 250735efa9..53639543a6 100644 --- a/doc/guides/rel_notes/release_23_11.rst +++ b/doc/guides/rel_notes/release_23_11.rst @@ -122,6 +122,8 @@ Removed Items * security: Removed deprecated field ``reserved_opts`` from struct ``rte_security_ipsec_sa_options``. +* crypto: Removed SM2 xform parameter in asymmetric xform. + API Changes ----------- diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index d5dc365064..6252a36f94 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -1305,9 +1305,6 @@ static int openssl_set_asym_session_parameters( OSSL_PARAM *params = NULL; int ret = -1; - if (xform->sm2.hash != RTE_CRYPTO_AUTH_SM3) - return -1; - param_bld = OSSL_PARAM_BLD_new(); if (!param_bld) { OPENSSL_LOG(ERR, "failed to allocate params\n"); diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 2f000ab015..e56c8c7816 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -64,7 +64,8 @@ enum rte_crypto_curve_id { RTE_CRYPTO_EC_GROUP_SECP224R1 = 21, RTE_CRYPTO_EC_GROUP_SECP256R1 = 23, RTE_CRYPTO_EC_GROUP_SECP384R1 = 24, - RTE_CRYPTO_EC_GROUP_SECP521R1 = 25 + RTE_CRYPTO_EC_GROUP_SECP521R1 = 25, + RTE_CRYPTO_EC_GROUP_SM2 = 41, }; /** @@ -373,16 +374,6 @@ struct rte_crypto_ec_xform { /**< Pre-defined ec groups */ }; -/** - * Asymmetric SM2 transform data. - * - * Structure describing SM2 xform params. - */ -struct rte_crypto_sm2_xform { - enum rte_crypto_auth_algorithm hash; - /**< Hash algorithm used in SM2 op. */ -}; - /** * Operations params for modular operations: * exponentiation and multiplicative inverse @@ -639,9 +630,6 @@ struct rte_crypto_asym_xform { /**< EC xform parameters, used by elliptic curve based * operations. */ - - struct rte_crypto_sm2_xform sm2; - /**< SM2 xform parameters */ }; }; @@ -652,6 +640,9 @@ struct rte_crypto_sm2_op_param { enum rte_crypto_asym_op_type op_type; /**< Signature generation or verification. */ + enum rte_crypto_auth_algorithm hash; + /**< Hash algorithm used in EC op. */ + rte_crypto_uint pkey; /**< Private key for encryption or sign generation. */ From patchwork Mon Oct 9 13:54:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 132429 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3433C4233C; Mon, 9 Oct 2023 15:55:37 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A76F040A73; Mon, 9 Oct 2023 15:55:18 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id EEBBE40A81 for ; Mon, 9 Oct 2023 15:55:16 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 399CTOlN031944; Mon, 9 Oct 2023 06:55:16 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=ENt2sWk6N/zzxirFPXf56IqBT7z1VB/3yiqO5uNJ5cc=; b=ChTTP7XpAaDGui/BL697XmlI1rWCCuxCFxYUU9jhGhgm7NJpAfCvzslxUn0BpdbvLDXx //7nlFJNgJnuo+W3Lw51E4DR4wNMUtbe+kSJFlPqlZiKIpECZ34UoA6KLZLMvYGe+jrn Xoy/J4x31SsevInk4cx7V2nmYVIteioed79pIqXcJ6TwQjgVp7zv0pDEGGYZ7p892gSo W0kaosZF+FBzL7XPB2i9yOiwg/Q9ePiADt8sP+nTGZTWoch3pxg4Doac7tVLtNFW0nL5 E/QaFLEtmg0XWuCEmvGSqj48IWhv71zSMY62EdaJPpXC/JPFHNeq1ML5wLiGA4VZM6WO tQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh7ccd8e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 09 Oct 2023 06:55:15 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 9 Oct 2023 06:55:13 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 9 Oct 2023 06:55:13 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id E35483F70A7; Mon, 9 Oct 2023 06:55:10 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Ciara Power , Gowrishankar Muthukrishnan Subject: [PATCH v4 4/7] cryptodev: set private and public keys in EC session Date: Mon, 9 Oct 2023 19:24:51 +0530 Message-ID: <72dc3358636243c5a26683ce378ef68f106460bc.1696859505.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: en_3ZrpHXmrXGM8tSOI3xI3Tzpfrtjdt X-Proofpoint-ORIG-GUID: en_3ZrpHXmrXGM8tSOI3xI3Tzpfrtjdt X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Set EC private and public keys into xform so that, it can be maintained per session. Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Ciara Power --- app/test/test_cryptodev_asym.c | 60 ++++++++++---------- drivers/common/cnxk/roc_ae.h | 18 ++++++ drivers/common/cpt/cpt_mcode_defines.h | 18 ++++++ drivers/common/cpt/cpt_ucode_asym.h | 22 +++---- drivers/crypto/cnxk/cnxk_ae.h | 37 ++++++++---- drivers/crypto/openssl/rte_openssl_pmd.c | 53 +---------------- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 35 ++++++++++++ drivers/crypto/qat/qat_asym.c | 6 +- examples/fips_validation/main.c | 14 +++-- lib/cryptodev/rte_crypto_asym.h | 18 ++---- 10 files changed, 158 insertions(+), 123 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 514ea96b8b..a2bb1f9336 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -1503,6 +1503,12 @@ test_ecdsa_sign_verify(enum curve curve_id) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA; xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -1524,8 +1530,6 @@ test_ecdsa_sign_verify(enum curve curve_id) op->asym->ecdsa.message.length = input_params.digest.length; op->asym->ecdsa.k.data = input_params.scalar.data; op->asym->ecdsa.k.length = input_params.scalar.length; - op->asym->ecdsa.pkey.data = input_params.pkey.data; - op->asym->ecdsa.pkey.length = input_params.pkey.length; /* Init out buf */ op->asym->ecdsa.r.data = output_buf_r; @@ -1582,10 +1586,6 @@ test_ecdsa_sign_verify(enum curve curve_id) /* Populate op with operational details */ op->asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; - op->asym->ecdsa.q.x.data = input_params.pubkey_qx.data; - op->asym->ecdsa.q.x.length = input_params.pubkey_qx.length; - op->asym->ecdsa.q.y.data = input_params.pubkey_qy.data; - op->asym->ecdsa.q.y.length = input_params.pubkey_qx.length; op->asym->ecdsa.r.data = asym_op->ecdsa.r.data; op->asym->ecdsa.r.length = asym_op->ecdsa.r.length; op->asym->ecdsa.s.data = asym_op->ecdsa.s.data; @@ -1847,6 +1847,12 @@ _test_sm2_sign(bool rnd_secret) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -1871,12 +1877,6 @@ _test_sm2_sign(bool rnd_secret) asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; - asym_op->sm2.pkey.data = input_params.pkey.data; - asym_op->sm2.pkey.length = input_params.pkey.length; - asym_op->sm2.q.x.data = input_params.pubkey_qx.data; - asym_op->sm2.q.x.length = input_params.pubkey_qx.length; - asym_op->sm2.q.y.data = input_params.pubkey_qy.data; - asym_op->sm2.q.y.length = input_params.pubkey_qy.length; asym_op->sm2.id.data = input_params.id.data; asym_op->sm2.id.length = input_params.id.length; if (rnd_secret) { @@ -2041,6 +2041,12 @@ test_sm2_verify(void) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2065,12 +2071,6 @@ test_sm2_verify(void) asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; - asym_op->sm2.pkey.data = input_params.pkey.data; - asym_op->sm2.pkey.length = input_params.pkey.length; - asym_op->sm2.q.x.data = input_params.pubkey_qx.data; - asym_op->sm2.q.x.length = input_params.pubkey_qx.length; - asym_op->sm2.q.y.data = input_params.pubkey_qy.data; - asym_op->sm2.q.y.length = input_params.pubkey_qy.length; asym_op->sm2.r.data = input_params.sign_r.data; asym_op->sm2.r.length = input_params.sign_r.length; asym_op->sm2.s.data = input_params.sign_s.data; @@ -2155,6 +2155,12 @@ _test_sm2_enc(bool rnd_secret) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2179,12 +2185,6 @@ _test_sm2_enc(bool rnd_secret) asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; - asym_op->sm2.pkey.data = input_params.pkey.data; - asym_op->sm2.pkey.length = input_params.pkey.length; - asym_op->sm2.q.x.data = input_params.pubkey_qx.data; - asym_op->sm2.q.x.length = input_params.pubkey_qx.length; - asym_op->sm2.q.y.data = input_params.pubkey_qy.data; - asym_op->sm2.q.y.length = input_params.pubkey_qy.length; if (rnd_secret) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; @@ -2347,6 +2347,12 @@ test_sm2_dec(void) xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; xform.ec.curve_id = input_params.curve; + xform.ec.pkey.data = input_params.pkey.data; + xform.ec.pkey.length = input_params.pkey.length; + xform.ec.q.x.data = input_params.pubkey_qx.data; + xform.ec.q.x.length = input_params.pubkey_qx.length; + xform.ec.q.y.data = input_params.pubkey_qy.data; + xform.ec.q.y.length = input_params.pubkey_qy.length; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2371,12 +2377,6 @@ test_sm2_dec(void) asym_op->sm2.cipher.data = input_params.cipher.data; asym_op->sm2.cipher.length = input_params.cipher.length; - asym_op->sm2.pkey.data = input_params.pkey.data; - asym_op->sm2.pkey.length = input_params.pkey.length; - asym_op->sm2.q.x.data = input_params.pubkey_qx.data; - asym_op->sm2.q.x.length = input_params.pubkey_qx.length; - asym_op->sm2.q.y.data = input_params.pubkey_qy.data; - asym_op->sm2.q.y.length = input_params.pubkey_qy.length; /* Init out buf */ asym_op->sm2.message.data = output_buf_m; diff --git a/drivers/common/cnxk/roc_ae.h b/drivers/common/cnxk/roc_ae.h index c972878eff..d8ad0129b1 100644 --- a/drivers/common/cnxk/roc_ae.h +++ b/drivers/common/cnxk/roc_ae.h @@ -67,6 +67,24 @@ struct roc_ae_ec_group { struct roc_ae_ec_ctx { /* Prime length defined by microcode for EC operations */ uint8_t curveid; + + /* Private key */ + struct { + uint8_t data[66]; + unsigned int length; + } pkey; + + /* Public key */ + struct { + struct { + uint8_t data[66]; + unsigned int length; + } x; + struct { + uint8_t data[66]; + unsigned int length; + } y; + } q; }; /* Buffer pointer */ diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h index e6dcb7674c..b337dbc68d 100644 --- a/drivers/common/cpt/cpt_mcode_defines.h +++ b/drivers/common/cpt/cpt_mcode_defines.h @@ -364,6 +364,24 @@ struct cpt_ec_group { struct cpt_asym_ec_ctx { /* Prime length defined by microcode for EC operations */ uint8_t curveid; + + /* Private key */ + struct { + uint8_t data[66]; + unsigned int length; + } pkey; + + /* Public key */ + struct { + struct { + uint8_t data[66]; + unsigned int length; + } x; + struct { + uint8_t data[66]; + unsigned int length; + } y; + } q; }; struct cpt_asym_sess_misc { diff --git a/drivers/common/cpt/cpt_ucode_asym.h b/drivers/common/cpt/cpt_ucode_asym.h index 1105a0c125..e1034bbeb4 100644 --- a/drivers/common/cpt/cpt_ucode_asym.h +++ b/drivers/common/cpt/cpt_ucode_asym.h @@ -633,12 +633,13 @@ static __rte_always_inline void cpt_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, struct asym_op_params *ecdsa_params, uint64_t fpm_table_iova, - uint8_t curveid) + struct cpt_asym_sess_misc *sess) { struct cpt_request_info *req = ecdsa_params->req; uint16_t message_len = ecdsa->message.length; phys_addr_t mphys = ecdsa_params->meta_buf; - uint16_t pkey_len = ecdsa->pkey.length; + uint16_t pkey_len = sess->ec_ctx.pkey.length; + uint8_t curveid = sess->ec_ctx.curveid; uint16_t p_align, k_align, m_align; uint16_t k_len = ecdsa->k.length; uint16_t order_len, prime_len; @@ -688,7 +689,7 @@ cpt_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, memcpy(dptr + o_offset, ec_grp[curveid].order.data, order_len); dptr += p_align; - memcpy(dptr + pk_offset, ecdsa->pkey.data, pkey_len); + memcpy(dptr + pk_offset, sess->ec_ctx.pkey.data, pkey_len); dptr += p_align; memcpy(dptr, ecdsa->message.data, message_len); @@ -735,14 +736,15 @@ static __rte_always_inline void cpt_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, struct asym_op_params *ecdsa_params, uint64_t fpm_table_iova, - uint8_t curveid) + struct cpt_asym_sess_misc *sess) { struct cpt_request_info *req = ecdsa_params->req; uint32_t message_len = ecdsa->message.length; phys_addr_t mphys = ecdsa_params->meta_buf; + uint16_t qx_len = sess->ec_ctx.q.x.length; + uint16_t qy_len = sess->ec_ctx.q.y.length; + uint8_t curveid = sess->ec_ctx.curveid; uint16_t o_offset, r_offset, s_offset; - uint16_t qx_len = ecdsa->q.x.length; - uint16_t qy_len = ecdsa->q.y.length; uint16_t r_len = ecdsa->r.length; uint16_t s_len = ecdsa->s.length; uint16_t order_len, prime_len; @@ -802,10 +804,10 @@ cpt_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, memcpy(dptr, ec_grp[curveid].prime.data, prime_len); dptr += p_align; - memcpy(dptr + qx_offset, ecdsa->q.x.data, qx_len); + memcpy(dptr + qx_offset, sess->ec_ctx.q.x.data, qx_len); dptr += p_align; - memcpy(dptr + qy_offset, ecdsa->q.y.data, qy_len); + memcpy(dptr + qy_offset, sess->ec_ctx.q.y.data, qy_len); dptr += p_align; memcpy(dptr, ec_grp[curveid].consta.data, prime_len); @@ -852,10 +854,10 @@ cpt_enqueue_ecdsa_op(struct rte_crypto_op *op, uint8_t curveid = sess->ec_ctx.curveid; if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_SIGN) - cpt_ecdsa_sign_prep(ecdsa, params, fpm_iova[curveid], curveid); + cpt_ecdsa_sign_prep(ecdsa, params, fpm_iova[curveid], sess); else if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) cpt_ecdsa_verify_prep(ecdsa, params, fpm_iova[curveid], - curveid); + sess); else { op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; return -EINVAL; diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h index 209bcd0b43..2aa39d2226 100644 --- a/drivers/crypto/cnxk/cnxk_ae.h +++ b/drivers/crypto/cnxk/cnxk_ae.h @@ -198,6 +198,21 @@ cnxk_ae_fill_ec_params(struct cnxk_ae_sess *sess, return -EINVAL; } + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_ECPM) + return 0; + + ec->pkey.length = xform->ec.pkey.length; + if (xform->ec.pkey.length) + rte_memcpy(ec->pkey.data, xform->ec.pkey.data, xform->ec.pkey.length); + + ec->q.x.length = xform->ec.q.x.length; + if (xform->ec.q.x.length) + rte_memcpy(ec->q.x.data, xform->ec.q.x.data, xform->ec.q.x.length); + + ec->q.y.length = xform->ec.q.y.length; + if (xform->ec.q.y.length) + rte_memcpy(ec->q.y.data, xform->ec.q.y.data, xform->ec.q.y.length); + return 0; } @@ -502,10 +517,11 @@ static __rte_always_inline void cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, struct roc_ae_buf_ptr *meta_buf, uint64_t fpm_table_iova, struct roc_ae_ec_group *ec_grp, - uint8_t curveid, struct cpt_inst_s *inst) + struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) { uint16_t message_len = ecdsa->message.length; - uint16_t pkey_len = ecdsa->pkey.length; + uint16_t pkey_len = sess->ec_ctx.pkey.length; + uint8_t curveid = sess->ec_ctx.curveid; uint16_t p_align, k_align, m_align; uint16_t k_len = ecdsa->k.length; uint16_t order_len, prime_len; @@ -555,7 +571,7 @@ cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa, memcpy(dptr + o_offset, ec_grp->order.data, order_len); dptr += p_align; - memcpy(dptr + pk_offset, ecdsa->pkey.data, pkey_len); + memcpy(dptr + pk_offset, sess->ec_ctx.pkey.data, pkey_len); dptr += p_align; memcpy(dptr, ecdsa->message.data, message_len); @@ -583,13 +599,14 @@ static __rte_always_inline void cnxk_ae_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, struct roc_ae_buf_ptr *meta_buf, uint64_t fpm_table_iova, - struct roc_ae_ec_group *ec_grp, uint8_t curveid, + struct roc_ae_ec_group *ec_grp, struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) { uint32_t message_len = ecdsa->message.length; + uint16_t qx_len = sess->ec_ctx.q.x.length; + uint16_t qy_len = sess->ec_ctx.q.y.length; + uint8_t curveid = sess->ec_ctx.curveid; uint16_t o_offset, r_offset, s_offset; - uint16_t qx_len = ecdsa->q.x.length; - uint16_t qy_len = ecdsa->q.y.length; uint16_t r_len = ecdsa->r.length; uint16_t s_len = ecdsa->s.length; uint16_t order_len, prime_len; @@ -649,10 +666,10 @@ cnxk_ae_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa, memcpy(dptr, ec_grp->prime.data, prime_len); dptr += p_align; - memcpy(dptr + qx_offset, ecdsa->q.x.data, qx_len); + memcpy(dptr + qx_offset, sess->ec_ctx.q.x.data, qx_len); dptr += p_align; - memcpy(dptr + qy_offset, ecdsa->q.y.data, qy_len); + memcpy(dptr + qy_offset, sess->ec_ctx.q.y.data, qy_len); dptr += p_align; memcpy(dptr, ec_grp->consta.data, prime_len); @@ -685,10 +702,10 @@ cnxk_ae_enqueue_ecdsa_op(struct rte_crypto_op *op, if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_SIGN) cnxk_ae_ecdsa_sign_prep(ecdsa, meta_buf, fpm_iova[curveid], - ec_grp[curveid], curveid, inst); + ec_grp[curveid], sess, inst); else if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) cnxk_ae_ecdsa_verify_prep(ecdsa, meta_buf, fpm_iova[curveid], - ec_grp[curveid], curveid, inst); + ec_grp[curveid], sess, inst); else { op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; return -EINVAL; diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index 5e8624cebe..c234882417 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -2673,12 +2673,8 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop, { EVP_PKEY_CTX *kctx = NULL, *sctx = NULL, *cctx = NULL; struct rte_crypto_asym_op *op = cop->asym; - OSSL_PARAM_BLD *param_bld = NULL; - OSSL_PARAM *params = NULL; + OSSL_PARAM *params = sess->u.sm2.params; EVP_PKEY *pkey = NULL; - BIGNUM *pkey_bn = NULL; - uint8_t pubkey[64]; - size_t len = 0; int ret = -1; cop->status = RTE_CRYPTO_OP_STATUS_ERROR; @@ -2686,50 +2682,6 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop, if (cop->asym->sm2.k.data != NULL) goto err_sm2; - param_bld = OSSL_PARAM_BLD_new(); - if (!param_bld) { - OPENSSL_LOG(ERR, "failed to allocate params\n"); - goto err_sm2; - } - - ret = OSSL_PARAM_BLD_push_utf8_string(param_bld, - OSSL_PKEY_PARAM_GROUP_NAME, "SM2", 0); - if (!ret) { - OPENSSL_LOG(ERR, "failed to push params\n"); - goto err_sm2; - } - - pkey_bn = BN_bin2bn((const unsigned char *)op->sm2.pkey.data, - op->sm2.pkey.length, pkey_bn); - - memset(pubkey, 0, RTE_DIM(pubkey)); - pubkey[0] = 0x04; - len += 1; - memcpy(&pubkey[len], op->sm2.q.x.data, op->sm2.q.x.length); - len += op->sm2.q.x.length; - memcpy(&pubkey[len], op->sm2.q.y.data, op->sm2.q.y.length); - len += op->sm2.q.y.length; - - ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_PRIV_KEY, - pkey_bn); - if (!ret) { - OPENSSL_LOG(ERR, "failed to push params\n"); - goto err_sm2; - } - - ret = OSSL_PARAM_BLD_push_octet_string(param_bld, - OSSL_PKEY_PARAM_PUB_KEY, pubkey, len); - if (!ret) { - OPENSSL_LOG(ERR, "failed to push params\n"); - goto err_sm2; - } - - params = OSSL_PARAM_BLD_to_param(param_bld); - if (!params) { - OPENSSL_LOG(ERR, "failed to push params\n"); - goto err_sm2; - } - switch (op->sm2.op_type) { case RTE_CRYPTO_ASYM_OP_ENCRYPT: { @@ -2940,9 +2892,6 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop, if (pkey) EVP_PKEY_free(pkey); - if (param_bld) - OSSL_PARAM_BLD_free(param_bld); - return ret; } diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 6252a36f94..083ad63360 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -1303,6 +1303,9 @@ static int openssl_set_asym_session_parameters( #ifndef OPENSSL_NO_SM2 OSSL_PARAM_BLD *param_bld = NULL; OSSL_PARAM *params = NULL; + BIGNUM *pkey_bn = NULL; + uint8_t pubkey[64]; + size_t len = 0; int ret = -1; param_bld = OSSL_PARAM_BLD_new(); @@ -1318,6 +1321,38 @@ static int openssl_set_asym_session_parameters( goto err_sm2; } + ret = OSSL_PARAM_BLD_push_utf8_string(param_bld, + OSSL_PKEY_PARAM_GROUP_NAME, "SM2", 0); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_sm2; + } + + pkey_bn = BN_bin2bn((const unsigned char *)xform->ec.pkey.data, + xform->ec.pkey.length, pkey_bn); + + ret = OSSL_PARAM_BLD_push_BN(param_bld, OSSL_PKEY_PARAM_PRIV_KEY, + pkey_bn); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_sm2; + } + + memset(pubkey, 0, sizeof(pubkey)); + pubkey[0] = 0x04; + len += 1; + memcpy(&pubkey[len], xform->ec.q.x.data, xform->ec.q.x.length); + len += xform->ec.q.x.length; + memcpy(&pubkey[len], xform->ec.q.y.data, xform->ec.q.y.length); + len += xform->ec.q.y.length; + + ret = OSSL_PARAM_BLD_push_octet_string(param_bld, + OSSL_PKEY_PARAM_PUB_KEY, pubkey, len); + if (!ret) { + OPENSSL_LOG(ERR, "failed to push params\n"); + goto err_sm2; + } + params = OSSL_PARAM_BLD_to_param(param_bld); if (!params) { OPENSSL_LOG(ERR, "failed to push params\n"); diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 7abd513423..0f196ace30 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -593,7 +593,7 @@ ecdsa_set_input(struct icp_qat_fw_pke_request *qat_req, qat_func_alignsize = RTE_ALIGN_CEIL(qat_function.bytesize, 8); - SET_PKE_9A_IN(asym_op->ecdsa.pkey, 0); + SET_PKE_9A_IN(xform->ec.pkey, 0); SET_PKE_9A_IN(asym_op->ecdsa.message, 1); SET_PKE_9A_IN(asym_op->ecdsa.k, 2); SET_PKE_9A_EC(curve[curve_id], b, 3); @@ -635,8 +635,8 @@ ecdsa_set_input(struct icp_qat_fw_pke_request *qat_req, SET_PKE_9A_EC(curve[curve_id], n, 7); SET_PKE_9A_EC(curve[curve_id], x, 6); SET_PKE_9A_EC(curve[curve_id], y, 5); - SET_PKE_9A_IN(asym_op->ecdsa.q.x, 4); - SET_PKE_9A_IN(asym_op->ecdsa.q.y, 3); + SET_PKE_9A_IN(xform->ec.q.x, 4); + SET_PKE_9A_IN(xform->ec.q.y, 3); SET_PKE_9A_EC(curve[curve_id], a, 2); SET_PKE_9A_EC(curve[curve_id], b, 1); SET_PKE_9A_EC(curve[curve_id], p, 0); diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c index fed5596f36..7ae2c6c007 100644 --- a/examples/fips_validation/main.c +++ b/examples/fips_validation/main.c @@ -1006,8 +1006,6 @@ prepare_ecdsa_op(void) asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_SIGN; asym->ecdsa.message.data = msg.val; asym->ecdsa.message.length = msg.len; - asym->ecdsa.pkey.data = vec.ecdsa.pkey.val; - asym->ecdsa.pkey.length = vec.ecdsa.pkey.len; asym->ecdsa.k.data = vec.ecdsa.k.val; asym->ecdsa.k.length = vec.ecdsa.k.len; @@ -1029,10 +1027,6 @@ prepare_ecdsa_op(void) asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; asym->ecdsa.message.data = msg.val; asym->ecdsa.message.length = msg.len; - asym->ecdsa.q.x.data = vec.ecdsa.qx.val; - asym->ecdsa.q.x.length = vec.ecdsa.qx.len; - asym->ecdsa.q.y.data = vec.ecdsa.qy.val; - asym->ecdsa.q.y.length = vec.ecdsa.qy.len; asym->ecdsa.r.data = vec.ecdsa.r.val; asym->ecdsa.r.length = vec.ecdsa.r.len; asym->ecdsa.s.data = vec.ecdsa.s.val; @@ -1570,6 +1564,9 @@ prepare_ecdsa_xform(struct rte_crypto_asym_xform *xform) info.device_name, RTE_CRYPTO_ASYM_OP_SIGN); return -EPERM; } + + xform->ec.pkey.data = vec.ecdsa.pkey.val; + xform->ec.pkey.length = vec.ecdsa.pkey.len; break; case FIPS_TEST_ASYM_SIGVER: if (!rte_cryptodev_asym_xform_capability_check_optype(cap, @@ -1578,6 +1575,11 @@ prepare_ecdsa_xform(struct rte_crypto_asym_xform *xform) info.device_name, RTE_CRYPTO_ASYM_OP_VERIFY); return -EPERM; } + + xform->ec.q.x.data = vec.ecdsa.qx.val; + xform->ec.q.x.length = vec.ecdsa.qx.len; + xform->ec.q.y.data = vec.ecdsa.qy.val; + xform->ec.q.y.length = vec.ecdsa.qy.len; break; default: break; diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index e56c8c7816..39d3da3952 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -372,6 +372,12 @@ struct rte_crypto_dsa_xform { struct rte_crypto_ec_xform { enum rte_crypto_curve_id curve_id; /**< Pre-defined ec groups */ + + rte_crypto_uint pkey; + /**< Private key */ + + struct rte_crypto_ec_point q; + /**< Public key */ }; /** @@ -557,12 +563,6 @@ struct rte_crypto_ecdsa_op_param { enum rte_crypto_asym_op_type op_type; /**< Signature generation or verification */ - rte_crypto_uint pkey; - /**< Private key of the signer for signature generation */ - - struct rte_crypto_ec_point q; - /**< Public key of the signer for verification */ - rte_crypto_param message; /**< Input message digest to be signed or verified */ @@ -643,12 +643,6 @@ struct rte_crypto_sm2_op_param { enum rte_crypto_auth_algorithm hash; /**< Hash algorithm used in EC op. */ - rte_crypto_uint pkey; - /**< Private key for encryption or sign generation. */ - - struct rte_crypto_ec_point q; - /**< Public key for decryption or verification. */ - rte_crypto_param message; /**< * Pointer to input data From patchwork Mon Oct 9 13:54:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 132430 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 89BA34233C; Mon, 9 Oct 2023 15:55:47 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id C49B340A81; Mon, 9 Oct 2023 15:55:22 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 18B4740A75 for ; Mon, 9 Oct 2023 15:55:20 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 399DQ8GJ016392; Mon, 9 Oct 2023 06:55:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=Q9MIOJc7NwqWZbdeDANK0I9TOKhn01+NEAMyK4oJvbU=; b=LKMtTv3c9Tmyunl6faLz3Plg+nV2f4gVPczZPIvtLCL0WKMomXmsE/HsxxepaMlpTkOY r1guLHo7RlxySmky2aQqSLWKyk3bGvlvEfqyjiDSiKpdL9AlqGUMH/isLQ7liqNMOPqa rUWZ5CFM9Uu1nwFoeRMluUOQp8/Xw2vEMA6GuVANGG2eodYzikmegyVdzmpbTtWSK7HP paoQQiGDzCKjqF0rYb/YOUdGVUzzz6dEt7k/Ps1MS8ehw0ALa+Tgq6kbHfSTueMhvZls MdgNfCPSOhFZSWzJ8zY4Lzx/QTFcvXqs18M9ifiLUwr+CHa41NUZL4zDQHuBuO4j63vj cg== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh9smdjc-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 09 Oct 2023 06:55:20 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 9 Oct 2023 06:55:18 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 9 Oct 2023 06:55:18 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 2D9F93F70A8; Mon, 9 Oct 2023 06:55:13 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Ciara Power , Gowrishankar Muthukrishnan Subject: [PATCH v4 5/7] cryptodev: add RNG capability in EC based xform Date: Mon, 9 Oct 2023 19:24:52 +0530 Message-ID: <8d0cf687890fe128aa4eeaa50d03f7dd8b7fe142.1696859505.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: FifEuyjzgQUETHQ2bb4EzsdMsKZpb2w- X-Proofpoint-ORIG-GUID: FifEuyjzgQUETHQ2bb4EzsdMsKZpb2w- X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Elliptic curve based asymmetric operations use cryptographically secure random number in its computation. If PMD supports RNG for such ops, the application could skip computing on its own. This patch adds new field in asymmetric capability to declare this capability. Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 2 ++ lib/cryptodev/rte_cryptodev.h | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 083ad63360..2862c294a9 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -604,6 +604,8 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { (1 << RTE_CRYPTO_ASYM_OP_VERIFY) | (1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) | (1 << RTE_CRYPTO_ASYM_OP_DECRYPT)), + {.internal_rng = 1 + } } } } diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h index 3a1b4dc501..6c8f532797 100644 --- a/lib/cryptodev/rte_cryptodev.h +++ b/lib/cryptodev/rte_cryptodev.h @@ -181,6 +181,12 @@ struct rte_cryptodev_asymmetric_xform_capability { /**< Range of modulus length supported by modulus based xform. * Value 0 mean implementation default */ + + uint8_t internal_rng; + /**< Availability of random number generator for Elliptic curve based xform. + * Value 0 means unavailable, and application should pass the required + * random value. Otherwise, PMD would internally compute the random number. + */ }; uint64_t hash_algos; From patchwork Mon Oct 9 13:54:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 132431 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A19814233C; Mon, 9 Oct 2023 15:55:56 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DFAFE40A8B; Mon, 9 Oct 2023 15:55:24 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 3F24840A89 for ; Mon, 9 Oct 2023 15:55:23 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 399DQ8GK016392; Mon, 9 Oct 2023 06:55:22 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=lH2xO0NVVWJtliTbXWqBdLE+IFnixaYFPIITPN3tqWY=; b=KKLS3zGfL2lxgLgWwIzLNdYBa8KNtxUtPqZNidrxw34DTHCTChi1qLcO0X79IasQxZiX oJPOXNBwQ5R4ajhWTtbahDfd9GVMRRT+ibOkF+Tj3JSDXoYZkSjRswA4PrzEDaFwt7y4 dJ+YyMU2YzmVJJUCkpvNPn3CMLLtNJ3Dr0HLHKzI+jFOKBFw/MXOT6ZEN5/Ik1PamFsv eZano9/m6QtN/kaEx5o32EIfiAKKI3Zf9dBZeFq3yYynFAbbTW2a2M/YX9TKV42/forn lk/qGQImImUCEwzajIu7BVEway8V4X/Z6NwOw7/ZNfuhQwWSRK1tJabfBO7S8USdHmuT AA== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh9smdjf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 09 Oct 2023 06:55:22 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 9 Oct 2023 06:55:20 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 9 Oct 2023 06:55:20 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 6EBBA3F70AF; Mon, 9 Oct 2023 06:55:17 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Ciara Power , Gowrishankar Muthukrishnan Subject: [PATCH v4 6/7] crypto/cnxk: add SM2 support Date: Mon, 9 Oct 2023 19:24:53 +0530 Message-ID: X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: BVL7gge7JWyRTgLmzB9dYh0eWq_ws1-5 X-Proofpoint-ORIG-GUID: BVL7gge7JWyRTgLmzB9dYh0eWq_ws1-5 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add SM2 asymmetric algorithm support in cnxk PMD. Signed-off-by: Gowrishankar Muthukrishnan --- doc/guides/cryptodevs/features/cn10k.ini | 1 + doc/guides/rel_notes/release_23_11.rst | 4 + drivers/common/cnxk/hw/cpt.h | 2 +- drivers/common/cnxk/roc_ae.c | 32 ++- drivers/common/cnxk/roc_ae.h | 3 +- drivers/common/cnxk/roc_ae_fpm_tables.c | 190 ++++++++++++++ drivers/crypto/cnxk/cnxk_ae.h | 232 +++++++++++++++++- drivers/crypto/cnxk/cnxk_cryptodev.h | 2 +- .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 17 ++ 9 files changed, 478 insertions(+), 5 deletions(-) diff --git a/doc/guides/cryptodevs/features/cn10k.ini b/doc/guides/cryptodevs/features/cn10k.ini index 53ee2a720e..4f542c6038 100644 --- a/doc/guides/cryptodevs/features/cn10k.ini +++ b/doc/guides/cryptodevs/features/cn10k.ini @@ -104,6 +104,7 @@ Modular Inversion = Diffie-hellman = ECDSA = Y ECPM = Y +SM2 = Y ; ; Supported Operating systems of the 'cn10k' crypto driver. diff --git a/doc/guides/rel_notes/release_23_11.rst b/doc/guides/rel_notes/release_23_11.rst index 53639543a6..401230a1c0 100644 --- a/doc/guides/rel_notes/release_23_11.rst +++ b/doc/guides/rel_notes/release_23_11.rst @@ -96,6 +96,10 @@ New Features Added support for DOCSIS security protocol through the ``rte_security`` API callbacks. +* **Updated CNXK crypto driver.** + + Added SM2 algorithm support in asymmetric crypto operations. + Removed Items ------------- diff --git a/drivers/common/cnxk/hw/cpt.h b/drivers/common/cnxk/hw/cpt.h index cad4ed7e79..cf9046bbfb 100644 --- a/drivers/common/cnxk/hw/cpt.h +++ b/drivers/common/cnxk/hw/cpt.h @@ -78,7 +78,7 @@ union cpt_eng_caps { uint64_t __io sm4 : 1; uint64_t __io reserved_23_34 : 12; uint64_t __io sg_ver2 : 1; - uint64_t __io reserved36 : 1; + uint64_t __io sm2 : 1; uint64_t __io pdcp_chain_zuc256 : 1; uint64_t __io reserved_38_63 : 26; }; diff --git a/drivers/common/cnxk/roc_ae.c b/drivers/common/cnxk/roc_ae.c index 336b927641..e6a013d7c4 100644 --- a/drivers/common/cnxk/roc_ae.c +++ b/drivers/common/cnxk/roc_ae.c @@ -149,7 +149,37 @@ const struct roc_ae_ec_group ae_ec_grp[ROC_AE_EC_ID_PMAX] = { 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45, 0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00}, - .length = 66}}}; + .length = 66}, + }, + {}, + {}, + {}, + { + .prime = {.data = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, + 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF}, + .length = 32}, + .order = {.data = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0x72, 0x03, 0xDF, 0x6B, 0x21, + 0xC6, 0x05, 0x2B, 0x53, 0xBB, 0xF4, 0x09, + 0x39, 0xD5, 0x41, 0x23}, + .length = 32}, + .consta = {.data = {0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, + 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFC}, + .length = 32}, + .constb = {.data = {0x28, 0xE9, 0xFA, 0x9E, 0x9D, 0x9F, 0x5E, + 0x34, 0x4D, 0x5A, 0x9E, 0x4B, 0xCF, 0x65, + 0x09, 0xA7, 0xF3, 0x97, 0x89, 0xF5, 0x15, + 0xAB, 0x8F, 0x92, 0xDD, 0xBC, 0xBD, 0x41, + 0x4D, 0x94, 0x0E, 0x93}, + .length = 32}, + }}; int roc_ae_ec_grp_get(struct roc_ae_ec_group **tbl) diff --git a/drivers/common/cnxk/roc_ae.h b/drivers/common/cnxk/roc_ae.h index d8ad0129b1..d459c5e680 100644 --- a/drivers/common/cnxk/roc_ae.h +++ b/drivers/common/cnxk/roc_ae.h @@ -34,7 +34,8 @@ typedef enum { ROC_AE_EC_ID_P160 = 5, ROC_AE_EC_ID_P320 = 6, ROC_AE_EC_ID_P512 = 7, - ROC_AE_EC_ID_PMAX = 8 + ROC_AE_EC_ID_SM2 = 8, + ROC_AE_EC_ID_PMAX } roc_ae_ec_id; /* Prime and order fields of built-in elliptic curves */ diff --git a/drivers/common/cnxk/roc_ae_fpm_tables.c b/drivers/common/cnxk/roc_ae_fpm_tables.c index f91570299b..ead3128e7f 100644 --- a/drivers/common/cnxk/roc_ae_fpm_tables.c +++ b/drivers/common/cnxk/roc_ae_fpm_tables.c @@ -1057,6 +1057,189 @@ const uint8_t ae_fpm_tbl_p521[AE_FPM_P521_LEN] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }; +const uint8_t ae_fpm_tbl_p256_sm2[AE_FPM_P256_LEN] = { + 0x71, 0x5A, 0x45, 0x89, 0x33, 0x4C, 0x74, 0xC7, 0x8F, 0xE3, 0x0B, 0xBF, + 0xF2, 0x66, 0x0B, 0xE1, 0x5F, 0x99, 0x04, 0x46, 0x6A, 0x39, 0xC9, 0x94, + 0x32, 0xC4, 0xAE, 0x2C, 0x1F, 0x19, 0x81, 0x19, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x02, 0xDF, 0x32, 0xE5, 0x21, 0x39, 0xF0, 0xA0, 0xD0, 0xA9, 0x87, 0x7C, + 0xC6, 0x2A, 0x47, 0x40, 0x59, 0xBD, 0xCE, 0xE3, 0x6B, 0x69, 0x21, 0x53, + 0xBC, 0x37, 0x36, 0xA2, 0xF4, 0xF6, 0x77, 0x9C, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xE1, 0x8B, 0xD5, 0x46, 0xB5, 0x82, 0x45, 0x17, 0x67, 0x38, 0x91, 0xD7, + 0x91, 0xCA, 0xA4, 0x86, 0xBA, 0x22, 0x0B, 0x99, 0xDF, 0x9F, 0x9A, 0x14, + 0x95, 0xAF, 0xBD, 0x11, 0x55, 0xC1, 0xDA, 0x54, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x8E, 0x44, 0x50, 0xEB, 0x33, 0x4A, 0xCD, 0xCB, 0xC3, 0xC7, 0xD1, 0x89, + 0x8A, 0x53, 0xF2, 0x0D, 0x2E, 0xEE, 0x75, 0x0F, 0x40, 0x53, 0x01, 0x7C, + 0xE8, 0xA6, 0xD8, 0x2C, 0x51, 0x73, 0x88, 0xC2, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xF8, 0x1C, 0x8D, 0xA9, 0xB9, 0x9F, 0xBA, 0x55, 0x13, 0x7F, 0x6C, 0x61, + 0x49, 0xFE, 0xEF, 0x6E, 0xCB, 0x12, 0x9A, 0xA4, 0x94, 0xDA, 0x9A, 0xD4, + 0x82, 0xA0, 0xF5, 0x40, 0x7D, 0x12, 0x3D, 0xB6, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xFD, 0xEC, 0xA0, 0x07, 0x72, 0xC4, 0xDB, 0xC9, 0xA9, 0x61, 0xB5, 0x8F, + 0x0C, 0xF5, 0x83, 0x73, 0xEC, 0xAC, 0xAB, 0x94, 0xE9, 0x73, 0xF9, 0xC3, + 0xF1, 0x2F, 0xA4, 0x69, 0x6A, 0x22, 0xCA, 0x3F, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xEA, 0xE3, 0xD9, 0xA9, 0xD1, 0x3A, 0x42, 0xED, 0x2B, 0x23, 0x08, 0xF6, + 0x48, 0x4E, 0x1B, 0x38, 0x3D, 0xB7, 0xB2, 0x48, 0x88, 0xC2, 0x1F, 0x3A, + 0xB6, 0x92, 0xE5, 0xB5, 0x74, 0xD5, 0x5D, 0xA9, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xD1, 0x86, 0x46, 0x9D, 0xE2, 0x95, 0xE5, 0xAB, 0xDB, 0x61, 0xAC, 0x17, + 0x73, 0x43, 0x8E, 0x6D, 0x5A, 0x92, 0x4F, 0x85, 0x54, 0x49, 0x26, 0xF9, + 0xA1, 0x75, 0x05, 0x1B, 0x0F, 0x3F, 0xB6, 0x13, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xA7, 0x2D, 0x08, 0x4F, 0x62, 0xC8, 0xD5, 0x8B, 0xE3, 0xD6, 0x46, 0x7D, + 0xEA, 0xF4, 0x8F, 0xD7, 0x8F, 0xE7, 0x5E, 0x5A, 0x12, 0x8A, 0x56, 0xA7, + 0xC0, 0x02, 0x3F, 0xE7, 0xFF, 0x2B, 0x68, 0xBD, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x64, 0xF6, 0x77, 0x82, 0x31, 0x68, 0x15, 0xF9, 0xB5, 0x2B, 0x6D, 0x9B, + 0x19, 0xA6, 0x9C, 0xD2, 0x5D, 0x1E, 0xD6, 0xFA, 0x89, 0xCB, 0xBA, 0xDE, + 0x79, 0x6C, 0x91, 0x0E, 0xE7, 0xF4, 0xCC, 0xDB, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x1B, 0x21, 0x50, 0xC1, 0xC5, 0xF1, 0x30, 0x15, 0xDA, 0xAB, 0xA9, 0x1B, + 0x5D, 0x95, 0x2C, 0x9B, 0x0E, 0x8C, 0xC2, 0x4C, 0x3F, 0x54, 0x61, 0x42, + 0x75, 0xA3, 0x4B, 0x24, 0x37, 0x05, 0xF2, 0x60, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x77, 0xD1, 0x95, 0x42, 0x1C, 0xEF, 0x13, 0x39, 0x63, 0x66, 0x44, 0xAA, + 0x0C, 0x3A, 0x06, 0x23, 0x46, 0x83, 0xDF, 0x17, 0x6E, 0xEB, 0x24, 0x44, + 0x64, 0x2C, 0xE3, 0xBD, 0x35, 0x35, 0xE7, 0x4D, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x4A, 0x59, 0xAC, 0x2C, 0x6E, 0x7E, 0xCC, 0x08, 0xAF, 0x2B, 0x71, 0x16, + 0x4F, 0x19, 0x1D, 0x63, 0x36, 0x22, 0xA8, 0x7F, 0xB2, 0x84, 0x55, 0x4F, + 0xD9, 0xEB, 0x39, 0x7B, 0x44, 0x1E, 0x9C, 0xD0, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xA6, 0x6B, 0x8A, 0x48, 0x93, 0xB6, 0xA5, 0x4D, 0x26, 0xFB, 0x89, 0xA4, + 0x0B, 0x4A, 0x66, 0x3A, 0xAF, 0xA8, 0x75, 0x01, 0xEE, 0xDF, 0xC9, 0xF4, + 0xF3, 0xF0, 0x00, 0xBC, 0x66, 0xF9, 0x81, 0x08, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xAD, 0x8B, 0xC6, 0x8C, 0xE0, 0x31, 0xD6, 0x16, 0x16, 0x88, 0x8D, 0x8E, + 0xE4, 0x00, 0x31, 0x87, 0x44, 0xC0, 0x75, 0x7F, 0x3B, 0xB8, 0xB6, 0x00, + 0x79, 0x3F, 0xAE, 0x7A, 0xF0, 0x16, 0x42, 0x45, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x21, 0x0C, 0xD0, 0x42, 0x97, 0x3F, 0x33, 0x3B, 0x08, 0x66, 0x6F, 0xF5, + 0x2D, 0xBD, 0x25, 0xF9, 0x65, 0xC5, 0xB1, 0x29, 0xF5, 0xF7, 0xAD, 0x5D, + 0xE0, 0x3D, 0x7A, 0x8D, 0x19, 0xB3, 0x21, 0x9A, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xD6, 0x8B, 0xFB, 0xAC, 0xE0, 0xE0, 0x03, 0x92, 0x26, 0x10, 0x14, 0xF7, + 0xD3, 0x44, 0x5D, 0xC7, 0xD9, 0xF4, 0x6B, 0x27, 0x14, 0xA0, 0x71, 0xEE, + 0x1B, 0x20, 0x0A, 0xF3, 0x08, 0x10, 0xB6, 0x82, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x0D, 0x91, 0xD8, 0xB1, 0x2A, 0xE6, 0x9B, 0xCD, 0x74, 0xA0, 0x8F, 0x17, + 0xBF, 0x8C, 0xD9, 0x81, 0xD8, 0x22, 0x91, 0x3C, 0xF0, 0xD2, 0xB8, 0x2D, + 0x24, 0x8B, 0x7A, 0xF0, 0xB0, 0x5B, 0xFA, 0xD2, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xBA, 0x11, 0x9A, 0x04, 0x9E, 0x62, 0xF2, 0xE2, 0xF2, 0x78, 0xE8, 0xA3, + 0x4D, 0xF0, 0x5A, 0xE5, 0xD2, 0x69, 0xF3, 0x56, 0x4E, 0xB5, 0xD1, 0x80, + 0x8E, 0x74, 0xAD, 0x0F, 0x4F, 0x95, 0x7C, 0xB1, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x11, 0x2F, 0xF4, 0xDA, 0xBD, 0x76, 0xE2, 0xDD, 0x91, 0x37, 0x3F, 0x20, + 0x63, 0x0F, 0xDB, 0x7F, 0xF4, 0x3E, 0xAB, 0x47, 0x49, 0x92, 0x90, 0x4C, + 0x55, 0xA5, 0xCC, 0xC7, 0xAF, 0x3B, 0x6D, 0xB4, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x5A, 0xD1, 0x04, 0xA8, 0xBD, 0xD2, 0x3D, 0xE9, 0xF5, 0xA9, 0xE5, 0x15, + 0xEB, 0x71, 0xC2, 0xC1, 0x39, 0x05, 0x42, 0xA0, 0xBA, 0x95, 0xC1, 0x74, + 0x4C, 0x55, 0xFB, 0x20, 0x42, 0x64, 0x91, 0xBF, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x91, 0x52, 0x57, 0x35, 0xEF, 0x62, 0x62, 0x89, 0xD2, 0xED, 0x97, 0x7F, + 0x88, 0xF0, 0x96, 0x35, 0xFD, 0x48, 0x73, 0x1B, 0x7A, 0x8A, 0x85, 0x21, + 0x08, 0xF8, 0x9A, 0x03, 0xB8, 0xFD, 0xEB, 0xEA, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x7E, 0x8E, 0x61, 0xEA, 0x35, 0xEB, 0x8E, 0x2E, 0x1B, 0xB2, 0x70, 0x0D, + 0xB9, 0x8A, 0x76, 0x2C, 0xD8, 0x1E, 0xA2, 0x3B, 0x77, 0x38, 0xC1, 0x7C, + 0xF9, 0xDE, 0xF2, 0xA4, 0x6D, 0xBA, 0x26, 0xA3, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x18, 0x3A, 0x79, 0x12, 0xD0, 0x5E, 0x32, 0x9F, 0x34, 0x66, 0x4A, 0x08, + 0x96, 0xCC, 0xDE, 0x0E, 0x56, 0xC2, 0x26, 0x52, 0x61, 0x42, 0x83, 0xBB, + 0x91, 0x69, 0x28, 0x99, 0xD5, 0xFF, 0x05, 0x13, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x44, 0x9D, 0x48, 0xD8, 0xF3, 0xBD, 0xBE, 0x19, 0xAB, 0x95, 0xDE, 0x03, + 0xCC, 0x85, 0x10, 0xCB, 0xAE, 0xF1, 0x59, 0x46, 0x3F, 0x8B, 0xFB, 0x25, + 0xDA, 0x72, 0xC3, 0x79, 0xDA, 0xE3, 0xCA, 0x8B, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xCB, 0xA9, 0x31, 0x5C, 0xE8, 0x2C, 0xC3, 0xEA, 0x4E, 0x52, 0x4B, 0xAC, + 0x38, 0xA5, 0x80, 0x20, 0x36, 0xBA, 0x27, 0x52, 0x53, 0x8E, 0x34, 0x8C, + 0xB1, 0x70, 0xD0, 0xDA, 0x75, 0xED, 0x45, 0x0F, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x94, 0x7A, 0xF0, 0xF5, 0x2B, 0x4F, 0x8D, 0xA6, 0x7E, 0xDA, 0x17, 0xD9, + 0x17, 0x82, 0x79, 0x76, 0x5B, 0xA7, 0x9A, 0x0C, 0x70, 0x58, 0x53, 0xA0, + 0xA5, 0xD9, 0x87, 0x3B, 0x3F, 0xB2, 0xDD, 0xC7, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xC2, 0xA4, 0x81, 0x62, 0xA5, 0xFD, 0x9C, 0xE9, 0x80, 0xEE, 0x8A, 0xE5, + 0x26, 0xF2, 0x5F, 0x02, 0xF6, 0x0C, 0x8E, 0xF6, 0x63, 0x3B, 0xE6, 0xA9, + 0xE2, 0xE2, 0x3F, 0x02, 0x29, 0xA8, 0x4A, 0x35, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xBC, 0x49, 0x45, 0xBD, 0x86, 0xBB, 0x6A, 0xFB, 0x23, 0x7E, 0xB7, 0x11, + 0xEB, 0xA4, 0x6F, 0xEE, 0x7C, 0x1D, 0xB5, 0x8B, 0x7B, 0x86, 0xEB, 0x33, + 0xD9, 0x4E, 0xB7, 0x28, 0x27, 0x3B, 0x3A, 0xC7, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xBE, 0x17, 0x17, 0xE5, 0x95, 0x68, 0xD0, 0xA4, 0x4A, 0x60, 0x67, 0xCC, + 0x45, 0xF7, 0x02, 0x12, 0x19, 0xB3, 0x2E, 0xB5, 0xAF, 0xC2, 0xFB, 0x17, + 0xBE, 0x3C, 0x1E, 0x7A, 0xC3, 0xAC, 0x9D, 0x3C, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +}; + const struct ae_fpm_entry ae_fpm_tbl_scalar[ROC_AE_EC_ID_PMAX] = { { .data = ae_fpm_tbl_p192, @@ -1077,6 +1260,13 @@ const struct ae_fpm_entry ae_fpm_tbl_scalar[ROC_AE_EC_ID_PMAX] = { { .data = ae_fpm_tbl_p521, .len = sizeof(ae_fpm_tbl_p521) + }, + {}, + {}, + {}, + { + .data = ae_fpm_tbl_p256_sm2, + .len = sizeof(ae_fpm_tbl_p256_sm2) } }; diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h index 2aa39d2226..09468d58b0 100644 --- a/drivers/crypto/cnxk/cnxk_ae.h +++ b/drivers/crypto/cnxk/cnxk_ae.h @@ -193,8 +193,11 @@ cnxk_ae_fill_ec_params(struct cnxk_ae_sess *sess, case RTE_CRYPTO_EC_GROUP_SECP521R1: ec->curveid = ROC_AE_EC_ID_P521; break; + case RTE_CRYPTO_EC_GROUP_SM2: + ec->curveid = ROC_AE_EC_ID_SM2; + break; default: - /* Only NIST curves (FIPS 186-4) are supported */ + /* Only NIST curves (FIPS 186-4) and SM2 are supported */ return -EINVAL; } @@ -235,6 +238,7 @@ cnxk_ae_fill_session_parameters(struct cnxk_ae_sess *sess, /* Fall through */ case RTE_CRYPTO_ASYM_XFORM_ECPM: case RTE_CRYPTO_ASYM_XFORM_ECFPM: + case RTE_CRYPTO_ASYM_XFORM_SM2: ret = cnxk_ae_fill_ec_params(sess, xform); break; default: @@ -713,6 +717,204 @@ cnxk_ae_enqueue_ecdsa_op(struct rte_crypto_op *op, return 0; } +static __rte_always_inline void +cnxk_ae_sm2_sign_prep(struct rte_crypto_sm2_op_param *sm2, + struct roc_ae_buf_ptr *meta_buf, + uint64_t fpm_table_iova, struct roc_ae_ec_group *ec_grp, + struct cnxk_ae_sess *sess, struct cpt_inst_s *inst) +{ + uint16_t message_len = sm2->message.length; + uint16_t pkey_len = sess->ec_ctx.pkey.length; + uint16_t p_align, k_align, m_align; + uint16_t k_len = sm2->k.length; + uint16_t order_len, prime_len; + uint16_t o_offset, pk_offset; + union cpt_inst_w4 w4; + uint16_t dlen; + uint8_t *dptr; + + prime_len = ec_grp->prime.length; + order_len = ec_grp->order.length; + + /* Truncate input length to curve prime length */ + if (message_len > prime_len) + message_len = prime_len; + m_align = RTE_ALIGN_CEIL(message_len, 8); + + p_align = RTE_ALIGN_CEIL(prime_len, 8); + k_align = RTE_ALIGN_CEIL(k_len, 8); + + /* Set write offset for order and private key */ + o_offset = prime_len - order_len; + pk_offset = p_align - pkey_len; + + /* Input buffer */ + dptr = meta_buf->vaddr; + inst->dptr = (uintptr_t)dptr; + + /* + * Set dlen = sum(sizeof(fpm address), ROUNDUP8(scalar len, input len), + * ROUNDUP8(priv key len, prime len, order len)). + * Please note, private key, order cannot exceed prime + * length i.e 3 * p_align. + */ + dlen = sizeof(fpm_table_iova) + k_align + m_align + p_align * 5; + + memset(dptr, 0, dlen); + + *(uint64_t *)dptr = fpm_table_iova; + dptr += sizeof(fpm_table_iova); + + rte_memcpy(dptr, sm2->k.data, k_len); + dptr += k_align; + + rte_memcpy(dptr, ec_grp->prime.data, prime_len); + dptr += p_align; + + rte_memcpy(dptr + o_offset, ec_grp->order.data, order_len); + dptr += p_align; + + rte_memcpy(dptr + pk_offset, sess->ec_ctx.pkey.data, pkey_len); + dptr += p_align; + + rte_memcpy(dptr, sm2->message.data, message_len); + dptr += m_align; + + rte_memcpy(dptr, ec_grp->consta.data, prime_len); + dptr += p_align; + + rte_memcpy(dptr, ec_grp->constb.data, prime_len); + dptr += p_align; + + /* Setup opcodes */ + w4.s.opcode_major = ROC_AE_MAJOR_OP_ECDSA; + w4.s.opcode_minor = ROC_AE_MINOR_OP_ECDSA_SIGN; + + w4.s.param1 = 2 | 1 << 7 | 1 << 6 | (message_len << 8); + w4.s.param2 = (p_align << 8) | k_len; + w4.s.dlen = dlen; + + inst->w4.u64 = w4.u64; + inst->rptr = (uintptr_t)dptr; +} + +static __rte_always_inline void +cnxk_ae_sm2_verify_prep(struct rte_crypto_sm2_op_param *sm2, + struct roc_ae_buf_ptr *meta_buf, + uint64_t fpm_table_iova, + struct roc_ae_ec_group *ec_grp, struct cnxk_ae_sess *sess, + struct cpt_inst_s *inst) +{ + uint32_t message_len = sm2->message.length; + uint16_t o_offset, r_offset, s_offset; + uint16_t qx_len = sess->ec_ctx.q.x.length; + uint16_t qy_len = sess->ec_ctx.q.y.length; + uint16_t r_len = sm2->r.length; + uint16_t s_len = sm2->s.length; + uint16_t order_len, prime_len; + uint16_t qx_offset, qy_offset; + uint16_t p_align, m_align; + union cpt_inst_w4 w4; + uint16_t dlen; + uint8_t *dptr; + + prime_len = ec_grp->prime.length; + order_len = ec_grp->order.length; + + /* Truncate input length to curve prime length */ + if (message_len > prime_len) + message_len = prime_len; + + m_align = RTE_ALIGN_CEIL(message_len, 8); + p_align = RTE_ALIGN_CEIL(prime_len, 8); + + /* Set write offset for sign, order and public key coordinates */ + o_offset = prime_len - order_len; + qx_offset = prime_len - qx_len; + qy_offset = prime_len - qy_len; + r_offset = prime_len - r_len; + s_offset = prime_len - s_len; + + /* Input buffer */ + dptr = meta_buf->vaddr; + inst->dptr = (uintptr_t)dptr; + + /* + * Set dlen = sum(sizeof(fpm address), ROUNDUP8(message len), + * ROUNDUP8(sign len(r and s), public key len(x and y coordinates), + * prime len, order len)). + * Please note sign, public key and order can not exceed prime length + * i.e. 6 * p_align + */ + dlen = sizeof(fpm_table_iova) + m_align + (8 * p_align); + + memset(dptr, 0, dlen); + + *(uint64_t *)dptr = fpm_table_iova; + dptr += sizeof(fpm_table_iova); + + rte_memcpy(dptr + r_offset, sm2->r.data, r_len); + dptr += p_align; + + rte_memcpy(dptr + s_offset, sm2->s.data, s_len); + dptr += p_align; + + rte_memcpy(dptr, sm2->message.data, message_len); + dptr += m_align; + + rte_memcpy(dptr + o_offset, ec_grp->order.data, order_len); + dptr += p_align; + + rte_memcpy(dptr, ec_grp->prime.data, prime_len); + dptr += p_align; + + rte_memcpy(dptr + qx_offset, sess->ec_ctx.q.x.data, qx_len); + dptr += p_align; + + rte_memcpy(dptr + qy_offset, sess->ec_ctx.q.y.data, qy_len); + dptr += p_align; + + rte_memcpy(dptr, ec_grp->consta.data, prime_len); + dptr += p_align; + + rte_memcpy(dptr, ec_grp->constb.data, prime_len); + dptr += p_align; + + /* Setup opcodes */ + w4.s.opcode_major = ROC_AE_MAJOR_OP_ECDSA; + w4.s.opcode_minor = ROC_AE_MINOR_OP_ECDSA_VERIFY; + + w4.s.param1 = 2 | 1 << 7 | 1 << 6 | (message_len << 8); + w4.s.param2 = 0; + w4.s.dlen = dlen; + + inst->w4.u64 = w4.u64; + inst->rptr = (uintptr_t)dptr; +} + +static __rte_always_inline int __rte_hot +cnxk_ae_enqueue_sm2_op(struct rte_crypto_op *op, + struct roc_ae_buf_ptr *meta_buf, + struct cnxk_ae_sess *sess, uint64_t *fpm_iova, + struct roc_ae_ec_group **ec_grp, + struct cpt_inst_s *inst) +{ + struct rte_crypto_sm2_op_param *sm2 = &op->asym->sm2; + uint8_t curveid = sess->ec_ctx.curveid; + + if (sm2->op_type == RTE_CRYPTO_ASYM_OP_SIGN) + cnxk_ae_sm2_sign_prep(sm2, meta_buf, fpm_iova[curveid], + ec_grp[curveid], sess, inst); + else if (sm2->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) + cnxk_ae_sm2_verify_prep(sm2, meta_buf, fpm_iova[curveid], + ec_grp[curveid], sess, inst); + else { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + return -EINVAL; + } + return 0; +} + static __rte_always_inline int cnxk_ae_ecfpm_prep(struct rte_crypto_ecpm_op_param *ecpm, struct roc_ae_buf_ptr *meta_buf, uint64_t *fpm_iova, @@ -915,6 +1117,23 @@ cnxk_ae_dequeue_ecdsa_op(struct rte_crypto_ecdsa_op_param *ecdsa, uint8_t *rptr, ecdsa->s.length = prime_len; } +static __rte_always_inline void +cnxk_ae_dequeue_sm2_op(struct rte_crypto_sm2_op_param *sm2, uint8_t *rptr, + struct roc_ae_ec_ctx *ec, + struct roc_ae_ec_group **ec_grp) +{ + int prime_len = ec_grp[ec->curveid]->prime.length; + + if (sm2->op_type == RTE_CRYPTO_ASYM_OP_VERIFY) + return; + + /* Separate out sign r and s components */ + rte_memcpy(sm2->r.data, rptr, prime_len); + rte_memcpy(sm2->s.data, rptr + RTE_ALIGN_CEIL(prime_len, 8), prime_len); + sm2->r.length = prime_len; + sm2->s.length = prime_len; +} + static __rte_always_inline void cnxk_ae_dequeue_ecpm_op(struct rte_crypto_ecpm_op_param *ecpm, uint8_t *rptr, struct roc_ae_ec_ctx *ec, @@ -983,6 +1202,13 @@ cnxk_ae_enqueue(struct cnxk_cpt_qp *qp, struct rte_crypto_op *op, if (unlikely(ret)) goto req_fail; break; + case RTE_CRYPTO_ASYM_XFORM_SM2: + ret = cnxk_ae_enqueue_sm2_op(op, &meta_buf, sess, + sess->cnxk_fpm_iova, + sess->ec_grp, inst); + if (unlikely(ret)) + goto req_fail; + break; case RTE_CRYPTO_ASYM_XFORM_ECPM: ret = cnxk_ae_ecpm_prep(&asym_op->ecpm, &meta_buf, sess->ec_grp[sess->ec_ctx.curveid], @@ -1032,6 +1258,10 @@ cnxk_ae_post_process(struct rte_crypto_op *cop, struct cnxk_ae_sess *sess, cnxk_ae_dequeue_ecdsa_op(&op->ecdsa, rptr, &sess->ec_ctx, sess->ec_grp); break; + case RTE_CRYPTO_ASYM_XFORM_SM2: + cnxk_ae_dequeue_sm2_op(&op->sm2, rptr, &sess->ec_ctx, + sess->ec_grp); + break; case RTE_CRYPTO_ASYM_XFORM_ECPM: case RTE_CRYPTO_ASYM_XFORM_ECFPM: cnxk_ae_dequeue_ecpm_op(&op->ecpm, rptr, &sess->ec_ctx, diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h index 09f5ba0650..9a321aa8c9 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev.h +++ b/drivers/crypto/cnxk/cnxk_cryptodev.h @@ -13,7 +13,7 @@ #define CNXK_CPT_MAX_CAPS 54 #define CNXK_SEC_CRYPTO_MAX_CAPS 16 #define CNXK_SEC_MAX_CAPS 9 -#define CNXK_AE_EC_ID_MAX 8 +#define CNXK_AE_EC_ID_MAX 9 /** * Device private data */ diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c index fd91dec08f..b4864f66bf 100644 --- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c +++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c @@ -1152,6 +1152,20 @@ static const struct rte_cryptodev_capabilities caps_sm4[] = { }, }; +static const struct rte_cryptodev_capabilities caps_sm2[] = { + { /* SM2 */ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, + {.asym = { + .xform_capa = { + .xform_type = RTE_CRYPTO_ASYM_XFORM_SM2, + .op_types = ((1 << RTE_CRYPTO_ASYM_OP_SIGN) | + (1 << RTE_CRYPTO_ASYM_OP_VERIFY)) + } + } + } + } +}; + static const struct rte_cryptodev_capabilities caps_end[] = { RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; @@ -1623,6 +1637,9 @@ cn10k_crypto_caps_add(struct rte_cryptodev_capabilities cnxk_caps[], CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm3); CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm4); } + + if (hw_caps[CPT_ENG_TYPE_AE].sm2) + CPT_CAPS_ADD(cnxk_caps, cur_pos, hw_caps, sm2); } static void From patchwork Mon Oct 9 13:54:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 132432 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D48394233C; Mon, 9 Oct 2023 15:56:08 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 4B3FD40DDB; Mon, 9 Oct 2023 15:55:28 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 3827140DF5 for ; Mon, 9 Oct 2023 15:55:26 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 399DB8IX031863; Mon, 9 Oct 2023 06:55:25 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=zlLfuCxeyOG8ZjEqswcFsh4xUrIdurgpL0Io9aY9Avo=; b=cLV70Yn7kdMA3tkne4wyjLmviwFF0OjPLz5ChaySB7YTskNKAxe2C1eSXTFzZSPwbqVv vrYe2xOA6k0QqF21GZ+O/kY01n9D8RUbLeeqliMO8+XwRBcRMQWPynaKGCmjz6IZZMsL 6L4rVi+64VRLhwEUeAP9Jlsi7afPLWlXgnOns7ElGI4B0pzhKXzOIIhoe0UehHlmgJaM WSmlbUUfzSMTv/Js1XCB4Emn5z1GQSvX4j45DEJsaHoUtAtR76x1lvF4qwoeofh7H9MC xhsdWbXA3FjDdo3e4nwskqw/ScZPa6IwxpYVfR+bTwpMhLeOk+cUO/9SFSMtpMGPe9kL cg== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh7ccd90-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 09 Oct 2023 06:55:25 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 9 Oct 2023 06:55:23 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 9 Oct 2023 06:55:23 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id AA0543F70A3; Mon, 9 Oct 2023 06:55:20 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Ciara Power , Gowrishankar Muthukrishnan Subject: [PATCH v4 7/7] app/test: check asymmetric capabilities in SM2 test Date: Mon, 9 Oct 2023 19:24:54 +0530 Message-ID: <195e5614db371abda6b1338108456d86bc77eed8.1696859505.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: oB17UcZUQyRB6-FIlj0PUbuHZ6U_mkWi X-Proofpoint-ORIG-GUID: oB17UcZUQyRB6-FIlj0PUbuHZ6U_mkWi X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Check asymmetric capabilities such as SM3 hash support and internal RNG and accordingly choose op params for SM2 test. Signed-off-by: Gowrishankar Muthukrishnan Acked-by: Arkadiusz Kusztal --- app/test/test_cryptodev_asym.c | 77 +++++++++++----------- app/test/test_cryptodev_sm2_test_vectors.h | 28 +++++--- 2 files changed, 57 insertions(+), 48 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index a2bb1f9336..94bb091df3 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -608,6 +608,7 @@ static inline void print_asym_capa( break; case RTE_CRYPTO_ASYM_XFORM_ECDSA: case RTE_CRYPTO_ASYM_XFORM_ECPM: + case RTE_CRYPTO_ASYM_XFORM_SM2: default: break; } @@ -1806,7 +1807,7 @@ test_ecpm_all_curve(void) } static int -_test_sm2_sign(bool rnd_secret) +test_sm2_sign(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; @@ -1875,11 +1876,19 @@ _test_sm2_sign(bool rnd_secret) else asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; - asym_op->sm2.message.data = input_params.message.data; - asym_op->sm2.message.length = input_params.message.length; - asym_op->sm2.id.data = input_params.id.data; - asym_op->sm2.id.length = input_params.id.length; - if (rnd_secret) { + if (asym_op->sm2.hash == RTE_CRYPTO_AUTH_SM3) { + asym_op->sm2.message.data = input_params.message.data; + asym_op->sm2.message.length = input_params.message.length; + asym_op->sm2.id.data = input_params.id.data; + asym_op->sm2.id.length = input_params.id.length; + } else { + asym_op->sm2.message.data = input_params.digest.data; + asym_op->sm2.message.length = input_params.digest.length; + asym_op->sm2.id.data = NULL; + asym_op->sm2.id.length = 0; + } + + if (capa->internal_rng != 0) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; } else { @@ -1928,7 +1937,7 @@ _test_sm2_sign(bool rnd_secret) debug_hexdump(stdout, "s:", asym_op->sm2.s.data, asym_op->sm2.s.length); - if (!rnd_secret) { + if (capa->internal_rng == 0) { /* Verify sign (by comparison). */ if (memcmp(input_params.sign_r.data, asym_op->sm2.r.data, asym_op->sm2.r.length) != 0) { @@ -1989,18 +1998,6 @@ _test_sm2_sign(bool rnd_secret) return status; }; -static int -test_sm2_sign_rnd_secret(void) -{ - return _test_sm2_sign(true); -} - -__rte_used static int -test_sm2_sign_plain_secret(void) -{ - return _test_sm2_sign(false); -} - static int test_sm2_verify(void) { @@ -2064,19 +2061,28 @@ test_sm2_verify(void) /* Populate op with operational details */ asym_op->sm2.op_type = RTE_CRYPTO_ASYM_OP_VERIFY; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) asym_op->sm2.hash = RTE_CRYPTO_AUTH_SM3; else asym_op->sm2.hash = RTE_CRYPTO_AUTH_NULL; - asym_op->sm2.message.data = input_params.message.data; - asym_op->sm2.message.length = input_params.message.length; + if (asym_op->sm2.hash == RTE_CRYPTO_AUTH_SM3) { + asym_op->sm2.message.data = input_params.message.data; + asym_op->sm2.message.length = input_params.message.length; + asym_op->sm2.id.data = input_params.id.data; + asym_op->sm2.id.length = input_params.id.length; + } else { + asym_op->sm2.message.data = input_params.digest.data; + asym_op->sm2.message.length = input_params.digest.length; + asym_op->sm2.id.data = NULL; + asym_op->sm2.id.length = 0; + } + asym_op->sm2.r.data = input_params.sign_r.data; asym_op->sm2.r.length = input_params.sign_r.length; asym_op->sm2.s.data = input_params.sign_s.data; asym_op->sm2.s.length = input_params.sign_s.length; - asym_op->sm2.id.data = input_params.id.data; - asym_op->sm2.id.length = input_params.id.length; RTE_LOG(DEBUG, USER1, "Process ASYM operation\n"); @@ -2116,7 +2122,7 @@ test_sm2_verify(void) }; static int -_test_sm2_enc(bool rnd_secret) +test_sm2_enc(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; @@ -2185,7 +2191,8 @@ _test_sm2_enc(bool rnd_secret) asym_op->sm2.message.data = input_params.message.data; asym_op->sm2.message.length = input_params.message.length; - if (rnd_secret) { + + if (capa->internal_rng != 0) { asym_op->sm2.k.data = NULL; asym_op->sm2.k.length = 0; } else { @@ -2231,7 +2238,7 @@ _test_sm2_enc(bool rnd_secret) debug_hexdump(stdout, "cipher:", asym_op->sm2.cipher.data, asym_op->sm2.cipher.length); - if (!rnd_secret) { + if (capa->internal_rng == 0) { if (memcmp(input_params.cipher.data, asym_op->sm2.cipher.data, asym_op->sm2.cipher.length) != 0) { status = TEST_FAILED; @@ -2295,18 +2302,6 @@ _test_sm2_enc(bool rnd_secret) return status; }; -static int -test_sm2_enc_rnd_secret(void) -{ - return _test_sm2_enc(true); -} - -__rte_used static int -test_sm2_enc_plain_secret(void) -{ - return _test_sm2_enc(false); -} - static int test_sm2_dec(void) { @@ -2737,9 +2732,9 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = { TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dsa), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_dh_key_generation), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign_rnd_secret), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify), - TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc_rnd_secret), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_enc), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_dec), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_rsa_enc_dec), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, @@ -2803,6 +2798,8 @@ static struct unit_test_suite cryptodev_octeontx_asym_testsuite = { TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_mod_exp), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_ecdsa_sign_verify_all_curve), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_sign), + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_sm2_verify), TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_ecpm_all_curve), TEST_CASES_END() /**< NULL terminate unit test array */ diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h index 3d2dba1359..41f5f7074a 100644 --- a/app/test/test_cryptodev_sm2_test_vectors.h +++ b/app/test/test_cryptodev_sm2_test_vectors.h @@ -17,6 +17,7 @@ struct crypto_testsuite_sm2_params { rte_crypto_param id; rte_crypto_param cipher; rte_crypto_param message; + rte_crypto_param digest; int curve; }; @@ -46,17 +47,17 @@ static uint8_t fp256_k[] = { }; static uint8_t fp256_sign_r[] = { - 0xf3, 0x26, 0x10, 0xde, 0xfb, 0xbf, 0x13, 0xd4, - 0x73, 0xb1, 0xc2, 0x80, 0x51, 0x06, 0x29, 0xf9, - 0xfb, 0xc8, 0x11, 0xa7, 0x8d, 0x2c, 0xcb, 0x09, - 0x7c, 0xb2, 0xcf, 0x58, 0x0b, 0x5e, 0x25, 0xff + 0x75, 0x2B, 0x8C, 0x15, 0x38, 0x10, 0xF6, 0xC0, + 0x28, 0xC9, 0x8A, 0x51, 0xD0, 0x62, 0x69, 0x4B, + 0xF6, 0x58, 0x06, 0xEB, 0xF1, 0x91, 0x1F, 0x15, + 0x8B, 0x08, 0x09, 0xF9, 0x88, 0x0A, 0x44, 0x24 }; static uint8_t fp256_sign_s[] = { - 0x8d, 0x8d, 0xb5, 0x40, 0xe3, 0xfb, 0x98, 0xf9, - 0x8c, 0xe4, 0x58, 0x60, 0xf2, 0x78, 0x8f, 0xd9, - 0xbf, 0xb8, 0x47, 0x73, 0x88, 0xc1, 0xd1, 0xcd, - 0x2d, 0xdb, 0xe3, 0xc1, 0x44, 0x30, 0x25, 0x86 + 0x5A, 0x3C, 0x96, 0x3E, 0x1C, 0xB4, 0x19, 0xF9, + 0xD7, 0x78, 0xB8, 0xCE, 0xFF, 0x9D, 0xB1, 0x31, + 0x77, 0xDB, 0xA0, 0xFE, 0x84, 0x61, 0x1A, 0xD9, + 0x4E, 0xFF, 0x82, 0x13, 0x1C, 0xCA, 0x04, 0x75, }; static uint8_t fp256_id[] = { @@ -68,6 +69,13 @@ static uint8_t fp256_message[] = { 0x64, 0x69, 0x67, 0x65, 0x73, 0x74 }; +static uint8_t fp256_digest[] = { + 0x0F, 0xB5, 0xCE, 0xF3, 0x3C, 0xB7, 0xD1, 0x35, + 0xA9, 0x3A, 0xC7, 0xA7, 0x89, 0x2A, 0x6D, 0x9A, + 0xF3, 0x1E, 0xC5, 0x38, 0xD3, 0x65, 0x1B, 0xB9, + 0xDF, 0x5F, 0x7F, 0x4A, 0xD8, 0x89, 0x57, 0xF1 +}; + static uint8_t fp256_cipher[] = { 0x30, 0x78, 0x02, 0x21, 0x00, 0xAB, 0xBD, 0xE8, 0xE8, 0x80, 0x93, 0x36, 0x77, 0xB6, 0x44, 0x47, @@ -121,6 +129,10 @@ struct crypto_testsuite_sm2_params sm2_param_fp256 = { .data = fp256_message, .length = sizeof(fp256_message), }, + .digest = { + .data = fp256_digest, + .length = sizeof(fp256_digest), + }, .cipher = { .data = fp256_cipher, .length = sizeof(fp256_cipher),