From patchwork Mon Oct 9 13:54:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gowrishankar Muthukrishnan X-Patchwork-Id: 132427 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0B6AE4233C; Mon, 9 Oct 2023 15:55:18 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id C9A1F406FF; Mon, 9 Oct 2023 15:55:11 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 0C6B8406BC for ; Mon, 9 Oct 2023 15:55:09 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 399D4RTd000936; Mon, 9 Oct 2023 06:55:09 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=QW/CFrmEJeFOPJPwunVLcg2nANajSlF3UxP6qUsOkP4=; b=SEQ77PtogEQ4ViA8KaHx2TE5BFAmyiaF+crQey6T1hyLO2yhN1rF26oZsXQhQ16Mvu3w hGpqAxttpi8SXn9RQ84faXN2iGfFY/CMGJaTVdEY1JF01o2FymkTz0KkPmw6tf0ereJu 6eodzGSmhHBwbX2T7JWP0zYm64M66w2vkbv/YUD0cU31LC0HRq9zpDrtdQf4qKE18vrD LZb78RYXfHL8fy74NrJAakgIPXjNDLhp9ckfLcyu8qvVE01YEzU5uAD7RCNiJeu1pBXb eXZUiEqj9JKef7HTNgbkLw3o9Hw90Hj1fUohaUhK6trSJnd76cc6irCaojhnTLidQioa uw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3tkh7ccd7y-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 09 Oct 2023 06:55:09 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 9 Oct 2023 06:55:07 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 9 Oct 2023 06:55:07 -0700 Received: from BG-LT91401.marvell.com (BG-LT91401.marvell.com [10.28.168.34]) by maili.marvell.com (Postfix) with ESMTP id 694233F70AD; Mon, 9 Oct 2023 06:55:04 -0700 (PDT) From: Gowrishankar Muthukrishnan To: CC: , Akhil Goyal , Fan Zhang , Kai Ji , Arkadiusz Kusztal , Ciara Power , Gowrishankar Muthukrishnan Subject: [PATCH v4 2/7] cryptodev: add hash algorithms in asymmetric capability Date: Mon, 9 Oct 2023 19:24:49 +0530 Message-ID: <549b4cf74e6b7c9e6c56d3c693b3eb7f78db8c60.1696859505.git.gmuthukrishn@marvell.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: References: MIME-Version: 1.0 X-Proofpoint-GUID: _UkVcQSWseUnVXTuK7730XIxvYvGDUR2 X-Proofpoint-ORIG-GUID: _UkVcQSWseUnVXTuK7730XIxvYvGDUR2 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-09_11,2023-10-09_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Most of the asymmetric operations start with hash of the input. But a PMD might also support only plain input (eg openssl). Add a new field in asymmetric capability to declare support for hash operations that PMD can support for the asymmetric operations. Application can skip computing hash if PMD already supports it. Signed-off-by: Gowrishankar Muthukrishnan --- app/test/test_cryptodev_asym.c | 52 ++++++++++++++++++-- drivers/crypto/openssl/rte_openssl_pmd_ops.c | 1 + lib/cryptodev/cryptodev_trace.h | 9 ++++ lib/cryptodev/cryptodev_trace_points.c | 3 ++ lib/cryptodev/rte_cryptodev.c | 16 ++++++ lib/cryptodev/rte_cryptodev.h | 19 +++++++ lib/cryptodev/version.map | 1 + 7 files changed, 97 insertions(+), 4 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 39de0bdac5..af323e02d9 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -1810,8 +1810,10 @@ _test_sm2_sign(bool rnd_secret) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_r[TEST_DATA_SIZE]; @@ -1822,6 +1824,12 @@ _test_sm2_sign(bool rnd_secret) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -1838,7 +1846,10 @@ _test_sm2_sign(bool rnd_secret) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -1993,8 +2004,10 @@ test_sm2_verify(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; struct rte_crypto_asym_xform xform; @@ -2003,6 +2016,12 @@ test_sm2_verify(void) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2019,7 +2038,10 @@ test_sm2_verify(void) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2094,9 +2116,11 @@ _test_sm2_enc(bool rnd_secret) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; uint8_t output_buf[TEST_DATA_SIZE], *pbuf = NULL; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; struct rte_crypto_asym_xform xform; @@ -2105,6 +2129,12 @@ _test_sm2_enc(bool rnd_secret) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2120,7 +2150,10 @@ _test_sm2_enc(bool rnd_secret) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { @@ -2273,8 +2306,10 @@ test_sm2_dec(void) { struct crypto_testsuite_params_asym *ts_params = &testsuite_params; struct crypto_testsuite_sm2_params input_params = sm2_param_fp256; + const struct rte_cryptodev_asymmetric_xform_capability *capa; struct rte_mempool *sess_mpool = ts_params->session_mpool; struct rte_mempool *op_mpool = ts_params->op_mpool; + struct rte_cryptodev_asym_capability_idx idx; uint8_t dev_id = ts_params->valid_devs[0]; struct rte_crypto_op *result_op = NULL; uint8_t output_buf_m[TEST_DATA_SIZE]; @@ -2284,6 +2319,12 @@ test_sm2_dec(void) int ret, status = TEST_SUCCESS; void *sess = NULL; + /* Check SM2 capability */ + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return -ENOTSUP; + /* Setup crypto op data structure */ op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC); if (op == NULL) { @@ -2299,7 +2340,10 @@ test_sm2_dec(void) /* Setup asym xform */ xform.next = NULL; xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; - xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + if (rte_cryptodev_asym_xform_capability_check_hash(capa, RTE_CRYPTO_AUTH_SM3)) + xform.sm2.hash = RTE_CRYPTO_AUTH_SM3; + else + xform.sm2.hash = RTE_CRYPTO_AUTH_NULL; ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess); if (ret < 0) { diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index 2eb450fcfd..d5dc365064 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -598,6 +598,7 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { {.asym = { .xform_capa = { .xform_type = RTE_CRYPTO_ASYM_XFORM_SM2, + .hash_algos = (1 << RTE_CRYPTO_AUTH_SM3), .op_types = ((1<hash_algos & (1 << hash)) + ret = true; + + rte_cryptodev_trace_asym_xform_capability_check_hash( + capability->hash_algos, hash, ret); + + return ret; +} + /* spinlock for crypto device enq callbacks */ static rte_spinlock_t rte_cryptodev_callback_lock = RTE_SPINLOCK_INITIALIZER; diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h index 9f07e1ed2c..3a1b4dc501 100644 --- a/lib/cryptodev/rte_cryptodev.h +++ b/lib/cryptodev/rte_cryptodev.h @@ -182,6 +182,9 @@ struct rte_cryptodev_asymmetric_xform_capability { * Value 0 mean implementation default */ }; + + uint64_t hash_algos; + /**< Bitmask of hash algorithms supported for op_type. */ }; /** @@ -340,6 +343,22 @@ rte_cryptodev_asym_xform_capability_check_modlen( const struct rte_cryptodev_asymmetric_xform_capability *capability, uint16_t modlen); +/** + * Check if hash algorithm is supported. + * + * @param capability Asymmetric crypto capability. + * @param hash Hash algorithm. + * + * @return + * - Return true if the hash algorithm is supported. + * - Return false if the hash algorithm is not supported. + */ +__rte_experimental +bool +rte_cryptodev_asym_xform_capability_check_hash( + const struct rte_cryptodev_asymmetric_xform_capability *capability, + enum rte_crypto_auth_algorithm hash); + /** * Provide the cipher algorithm enum, given an algorithm string * diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map index 20f7b24960..208919b819 100644 --- a/lib/cryptodev/version.map +++ b/lib/cryptodev/version.map @@ -51,6 +51,7 @@ EXPERIMENTAL { rte_cryptodev_asym_get_xform_enum; rte_cryptodev_asym_session_create; rte_cryptodev_asym_session_free; + rte_cryptodev_asym_xform_capability_check_hash; rte_cryptodev_asym_xform_capability_check_modlen; rte_cryptodev_asym_xform_capability_check_optype; rte_cryptodev_sym_cpu_crypto_process;