From patchwork Tue Oct 31 21:26:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 133682 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 09F8943256; Tue, 31 Oct 2023 22:26:39 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8448F4067C; Tue, 31 Oct 2023 22:26:38 +0100 (CET) Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120]) by mails.dpdk.org (Postfix) with ESMTP id 6913F40294 for ; Tue, 31 Oct 2023 22:26:37 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1698787597; x=1730323597; h=from:to:cc:subject:date:message-id; bh=nk3vL8dILaVT3bqMgW/LG6nb98K86yH8UYa4sn6G8iI=; b=gRQ7UcjDF9N7iMRM6ila1aIEZJ96hYnsXuWA+9xMclUfQXj1llBXGnf/ ZEspPpR6fDqz9gyTZ3YNBgApNsPz366S4WeH5SkgIy+4SKN90CbU+o+md 0DT96gWRowylVz2N/fLtVpyFVJ8WlmOYXLntIA6HPTD9zr3h/1ZTUeSER 9udNR5o3ZYlfLB1SwtXuhvNEf/dhkFvo03zDtcGmm3C/dZM0E5PfLx24L VJQ0OGtO2fEeuWoMoD1/nMoSjpcyBUbU+X4GA6XMLhjagqI6kzgelmger spPqsfL4LoDoFBSqZ0T6nhPKY34eB7Aqtw9eCbuMvbwBZcwTHMzkc7Yau g==; X-IronPort-AV: E=McAfee;i="6600,9927,10880"; a="387260846" X-IronPort-AV: E=Sophos;i="6.03,266,1694761200"; d="scan'208";a="387260846" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Oct 2023 14:26:36 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10880"; a="826567698" X-IronPort-AV: E=Sophos;i="6.03,266,1694761200"; d="scan'208";a="826567698" Received: from silpixa00400308.ir.intel.com ([10.237.214.150]) by fmsmga008.fm.intel.com with ESMTP; 31 Oct 2023 14:26:34 -0700 From: Arkadiusz Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, kai.ji@intel.com, ciara.power@intel.com, Arkadiusz Kusztal Subject: [PATCH v2] crypto/qat: add sm2 ecdsa Date: Tue, 31 Oct 2023 21:26:32 +0000 Message-Id: <20231031212632.6663-1-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Added SM2 ECDSA feature to the Intel QuickAssist Technology symmetric crypto PMD. Signed-off-by: Arkadiusz Kusztal Acked-by: Ciara Power --- v2: - fixed build issues doc/guides/cryptodevs/features/qat.ini | 1 + doc/guides/cryptodevs/qat.rst | 1 + doc/guides/rel_notes/release_23_11.rst | 1 + .../common/qat/qat_adf/icp_qat_fw_mmp_ids.h | 18 ++++ drivers/common/qat/qat_adf/qat_pke.h | 20 +++++ drivers/crypto/qat/qat_asym.c | 84 +++++++++++++++++++ 6 files changed, 125 insertions(+) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 6358a43357..f41d29158f 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -94,6 +94,7 @@ RSA = Y ECDSA = Y ECPM = Y ECDH = Y +SM2 = Y ; ; Supported Operating systems of the 'qat' crypto driver. diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index b5d11df5eb..f82968c87d 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -186,6 +186,7 @@ The QAT ASYM PMD has support for: * ``RTE_CRYPTO_ASYM_XFORM_ECDSA`` * ``RTE_CRYPTO_ASYM_XFORM_ECPM`` * ``RTE_CRYPTO_ASYM_XFORM_ECDH`` +* ``RTE_CRYPTO_ASYM_XFORM_SM2`` Limitations ~~~~~~~~~~~ diff --git a/doc/guides/rel_notes/release_23_11.rst b/doc/guides/rel_notes/release_23_11.rst index 37ff1780a9..452aeb262d 100644 --- a/doc/guides/rel_notes/release_23_11.rst +++ b/doc/guides/rel_notes/release_23_11.rst @@ -195,6 +195,7 @@ New Features * **Updated Intel QuickAssist Technology driver.** * Enabled support for QAT 2.0c (4944) devices in QAT crypto driver. + * Added support for SM2 ECDSA algorithm. * **Updated Marvell cnxk crypto driver.** diff --git a/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h b/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h index 00813cffb9..630c6e1a9b 100644 --- a/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h +++ b/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h @@ -1524,6 +1524,24 @@ icp_qat_fw_mmp_ecdsa_verify_gfp_521_input::in in @endlink * icp_qat_fw_mmp_kpt_ecdsa_sign_rs_gfp_521_output::s s @endlink */ +#define PKE_ECSM2_SIGN_RS 0x222116fe +/**< Functionality ID for ECC SM2 Sign RS + * @li 3 input parameters : @link icp_qat_fw_mmp_ecsm2_sign_rs_input_s::k k + * @endlink @link icp_qat_fw_mmp_ecsm2_sign_rs_input_s::e e @endlink @link + * icp_qat_fw_mmp_ecsm2_sign_rs_input_s::d d @endlink + * @li 2 output parameters : @link icp_qat_fw_mmp_ecsm2_sign_rs_output_s::r r + * @endlink @link icp_qat_fw_mmp_ecsm2_sign_rs_output_s::s s @endlink + */ +#define PKE_ECSM2_VERIFY 0x29241743 +/**< Functionality ID for ECC SM2 Signature Verify + * @li 5 input parameters : @link icp_qat_fw_mmp_ecsm2_verify_input_s::e e + * @endlink @link icp_qat_fw_mmp_ecsm2_verify_input_s::r r @endlink @link + * icp_qat_fw_mmp_ecsm2_verify_input_s::s s @endlink @link + * icp_qat_fw_mmp_ecsm2_verify_input_s::xp xp @endlink @link + * icp_qat_fw_mmp_ecsm2_verify_input_s::yp yp @endlink + * @li no output parameters + */ + #define PKE_LIVENESS 0x00000001 /**< Functionality ID for PKE_LIVENESS * @li 0 input parameter(s) diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h index 4b09e76dbb..f88932a275 100644 --- a/drivers/common/qat/qat_adf/qat_pke.h +++ b/drivers/common/qat/qat_adf/qat_pke.h @@ -314,4 +314,24 @@ get_ec_verify_function(const struct rte_crypto_asym_xform *xform) return qat_function; } +static struct qat_asym_function +get_sm2_ecdsa_sign_function(void) +{ + struct qat_asym_function qat_function = { + PKE_ECSM2_SIGN_RS, 32 + }; + + return qat_function; +} + +static struct qat_asym_function +get_sm2_ecdsa_verify_function(void) +{ + struct qat_asym_function qat_function = { + PKE_ECSM2_VERIFY, 32 + }; + + return qat_function; +} + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 0f196ace30..2bf3060278 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -904,6 +904,77 @@ ecdh_collect(struct rte_crypto_asym_op *asym_op, return RTE_CRYPTO_OP_STATUS_SUCCESS; } +static int +sm2_ecdsa_sign_set_input(struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) +{ + const struct qat_asym_function qat_function = + get_sm2_ecdsa_sign_function(); + const uint32_t qat_func_alignsize = + qat_function.bytesize; + + SET_PKE_LN(asym_op->sm2.k, qat_func_alignsize, 0); + SET_PKE_LN(asym_op->sm2.message, qat_func_alignsize, 1); + SET_PKE_LN(xform->ec.pkey, qat_func_alignsize, 2); + + cookie->alg_bytesize = qat_function.bytesize; + cookie->qat_func_alignsize = qat_function.bytesize; + qat_req->pke_hdr.cd_pars.func_id = qat_function.func_id; + qat_req->input_param_count = 3; + qat_req->output_param_count = 2; + + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + +static int +sm2_ecdsa_verify_set_input(struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) +{ + const struct qat_asym_function qat_function = + get_sm2_ecdsa_verify_function(); + const uint32_t qat_func_alignsize = + qat_function.bytesize; + + SET_PKE_LN(asym_op->sm2.message, qat_func_alignsize, 0); + SET_PKE_LN(asym_op->sm2.r, qat_func_alignsize, 1); + SET_PKE_LN(asym_op->sm2.s, qat_func_alignsize, 2); + SET_PKE_LN(xform->ec.q.x, qat_func_alignsize, 3); + SET_PKE_LN(xform->ec.q.y, qat_func_alignsize, 4); + + cookie->alg_bytesize = qat_function.bytesize; + cookie->qat_func_alignsize = qat_function.bytesize; + qat_req->pke_hdr.cd_pars.func_id = qat_function.func_id; + qat_req->input_param_count = 5; + qat_req->output_param_count = 0; + + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + +static uint8_t +sm2_ecdsa_sign_collect(struct rte_crypto_asym_op *asym_op, + const struct qat_asym_op_cookie *cookie) +{ + uint32_t alg_bytesize = cookie->alg_bytesize; + + if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) + return RTE_CRYPTO_OP_STATUS_SUCCESS; + + rte_memcpy(asym_op->sm2.r.data, cookie->output_array[0], alg_bytesize); + rte_memcpy(asym_op->sm2.s.data, cookie->output_array[1], alg_bytesize); + asym_op->sm2.r.length = alg_bytesize; + asym_op->sm2.s.length = alg_bytesize; + + HEXDUMP("SM2 R", cookie->output_array[0], + alg_bytesize); + HEXDUMP("SM2 S", cookie->output_array[1], + alg_bytesize); + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + static int asym_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, @@ -934,6 +1005,15 @@ asym_set_input(struct icp_qat_fw_pke_request *qat_req, return ecdh_set_input(qat_req, cookie, asym_op, xform); } + case RTE_CRYPTO_ASYM_XFORM_SM2: + if (asym_op->sm2.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + return sm2_ecdsa_verify_set_input(qat_req, cookie, + asym_op, xform); + } else { + return sm2_ecdsa_sign_set_input(qat_req, cookie, + asym_op, xform); + } default: QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform"); return -EINVAL; @@ -1022,6 +1102,8 @@ qat_asym_collect_response(struct rte_crypto_op *op, return ecpm_collect(asym_op, cookie); case RTE_CRYPTO_ASYM_XFORM_ECDH: return ecdh_collect(asym_op, cookie); + case RTE_CRYPTO_ASYM_XFORM_SM2: + return sm2_ecdsa_sign_collect(asym_op, cookie); default: QAT_LOG(ERR, "Not supported xform type"); return RTE_CRYPTO_OP_STATUS_ERROR; @@ -1293,6 +1375,8 @@ qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused, case RTE_CRYPTO_ASYM_XFORM_ECDH: session_set_ec(qat_session, xform); break; + case RTE_CRYPTO_ASYM_XFORM_SM2: + break; default: ret = -ENOTSUP; }