From patchwork Tue Oct 22 14:04:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 61655 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 3F9071BEED; Tue, 22 Oct 2019 16:06:24 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 79B1C1BEA3 for ; Tue, 22 Oct 2019 16:06:20 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Oct 2019 07:06:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,327,1566889200"; d="scan'208";a="209681150" Received: from akusztax-mobl.ger.corp.intel.com ([10.103.104.118]) by fmsmga001.fm.intel.com with ESMTP; 22 Oct 2019 07:06:18 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Tue, 22 Oct 2019 16:04:25 +0200 Message-Id: <20191022140429.9008-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> References: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v4 1/5] crypto/qat: add sessionless implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds option to use asymmetric crypto pmd with session-less support. Signed-off-by: Arek Kusztal --- doc/guides/cryptodevs/features/qat.ini | 1 + doc/guides/rel_notes/release_19_11.rst | 4 + drivers/crypto/qat/qat_asym.c | 328 ++++++++++++++++++++------------- drivers/crypto/qat/qat_asym.h | 26 +-- drivers/crypto/qat/qat_asym_pmd.c | 3 +- 5 files changed, 208 insertions(+), 154 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 0832e59..cef8015 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -13,6 +13,7 @@ OOP SGL In LB Out = Y OOP LB In SGL Out = Y OOP LB In LB Out = Y Digest encrypted = Y +Asymmetric sessionless = Y ; ; Supported crypto algorithms of the 'qat' crypto driver. diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index 066bb3c..a96d567 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -152,6 +152,10 @@ New Features Added eBPF JIT support for arm64 architecture to improve the eBPF program performance. +* **Updated the Intel QuickAssist Technology (QAT) asymmetric crypto PMD.** + + Added support for asymmetric session-less operations. + Removed Items ------------- diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 4ddb0e5..1145425 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -26,38 +26,23 @@ static int qat_asym_get_sz_and_func_id(const uint32_t arr[][2], return -1; } -static void qat_asym_build_req_tmpl(void *sess_private_data, - struct rte_crypto_asym_xform *xform) +static inline void qat_fill_req_tmpl(struct icp_qat_fw_pke_request *qat_req) { - - struct icp_qat_fw_pke_request *qat_req; - struct qat_asym_session *session = sess_private_data; - - qat_req = &session->req_tmpl; memset(qat_req, 0, sizeof(*qat_req)); qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_CPM_FW_PKE; qat_req->pke_hdr.hdr_flags = ICP_QAT_FW_COMN_HDR_FLAGS_BUILD (ICP_QAT_FW_COMN_REQ_FLAG_SET); - qat_req->pke_hdr.comn_req_flags = 0; - qat_req->pke_hdr.resrvd1 = 0; - qat_req->pke_hdr.resrvd2 = 0; - qat_req->pke_hdr.kpt_mask = 0; - qat_req->pke_hdr.kpt_rn_mask = 0; - qat_req->pke_hdr.cd_pars.content_desc_addr = 0; - qat_req->pke_hdr.cd_pars.content_desc_resrvd = 0; - qat_req->resrvd1 = 0; - qat_req->resrvd2 = 0; - qat_req->next_req_adr = 0; +} - if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { - qat_req->output_param_count = 1; - qat_req->input_param_count = 3; - } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { - qat_req->output_param_count = 1; - qat_req->input_param_count = 2; - } +static inline void qat_asym_build_req_tmpl(void *sess_private_data) +{ + struct icp_qat_fw_pke_request *qat_req; + struct qat_asym_session *session = sess_private_data; + + qat_req = &session->req_tmpl; + qat_fill_req_tmpl(qat_req); } static size_t max_of(int n, ...) @@ -90,6 +75,19 @@ static void qat_clear_arrays(struct qat_asym_op_cookie *cookie, memset(cookie->output_array[i], 0x0, out_size); } +static void qat_clear_arrays_by_alg(struct qat_asym_op_cookie *cookie, + enum rte_crypto_asym_xform_type alg, int in_size, int out_size) +{ + if (alg == RTE_CRYPTO_ASYM_XFORM_MODEX) + qat_clear_arrays(cookie, QAT_ASYM_MODEXP_NUM_IN_PARAMS, + QAT_ASYM_MODEXP_NUM_OUT_PARAMS, in_size, + out_size); + else if (alg == RTE_CRYPTO_ASYM_XFORM_MODINV) + qat_clear_arrays(cookie, QAT_ASYM_MODINV_NUM_IN_PARAMS, + QAT_ASYM_MODINV_NUM_OUT_PARAMS, in_size, + out_size); +} + static int qat_asym_check_nonzero(rte_crypto_param n) { if (n.length < 8) { @@ -103,7 +101,7 @@ static int qat_asym_check_nonzero(rte_crypto_param n) if (n.data[i] != 0x0) break; if (i == n.length - 1) - return QAT_ASYM_ERROR_INVALID_PARAM; + return -(EINVAL); } } else if (*(uint64_t *)&n.data[ n.length - 8] == 0) { @@ -114,57 +112,40 @@ static int qat_asym_check_nonzero(rte_crypto_param n) if (n.data[i] != 0x0) break; if (i == n.length - 8) - return QAT_ASYM_ERROR_INVALID_PARAM; + return -(EINVAL); } return 0; } -int -qat_asym_build_request(void *in_op, - uint8_t *out_msg, - void *op_cookie, - __rte_unused enum qat_device_gen qat_dev_gen) +static int +qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, + struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) { - struct qat_asym_session *ctx; - struct rte_crypto_op *op = (struct rte_crypto_op *)in_op; - struct rte_crypto_asym_op *asym_op = op->asym; - struct icp_qat_fw_pke_request *qat_req = - (struct icp_qat_fw_pke_request *)out_msg; - struct qat_asym_op_cookie *cookie = - (struct qat_asym_op_cookie *)op_cookie; - - uint64_t err = 0; + int err = 0; size_t alg_size; size_t alg_size_in_bytes; - uint32_t func_id; - - ctx = (struct qat_asym_session *)get_asym_session_private_data( - op->asym->session, cryptodev_qat_asym_driver_id); - rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); - qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; - - qat_req->pke_mid.src_data_addr = cookie->input_addr; - qat_req->pke_mid.dest_data_addr = cookie->output_addr; + uint32_t func_id = 0; - if (ctx->alg == QAT_PKE_MODEXP) { - err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_exp.n); + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { + err = qat_asym_check_nonzero(xform->modex.modulus); if (err) { QAT_LOG(ERR, "Empty modulus in modular exponentiation," " aborting this operation"); - goto error; + return err; } alg_size_in_bytes = max_of(3, asym_op->modex.base.length, - ctx->sess_alg_params.mod_exp.e.length, - ctx->sess_alg_params.mod_exp.n.length); + xform->modex.exponent.length, + xform->modex.modulus.length); alg_size = alg_size_in_bytes << 3; if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE, sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return -(EINVAL); } alg_size_in_bytes = alg_size >> 3; @@ -173,54 +154,54 @@ qat_asym_build_request(void *in_op, , asym_op->modex.base.data, asym_op->modex.base.length); rte_memcpy(cookie->input_array[1] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.e.length - , ctx->sess_alg_params.mod_exp.e.data, - ctx->sess_alg_params.mod_exp.e.length); + xform->modex.exponent.length + , xform->modex.exponent.data, + xform->modex.exponent.length); rte_memcpy(cookie->input_array[2] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.n.length, - ctx->sess_alg_params.mod_exp.n.data, - ctx->sess_alg_params.mod_exp.n.length); + xform->modex.modulus.length, + xform->modex.modulus.data, + xform->modex.modulus.length); cookie->alg_size = alg_size; qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = QAT_ASYM_MODEXP_NUM_IN_PARAMS; + qat_req->output_param_count = QAT_ASYM_MODEXP_NUM_OUT_PARAMS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG - QAT_DP_HEXDUMP_LOG(DEBUG, "base", + QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp base", cookie->input_array[0], alg_size_in_bytes); - QAT_DP_HEXDUMP_LOG(DEBUG, "exponent", + QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp exponent", cookie->input_array[1], alg_size_in_bytes); - QAT_DP_HEXDUMP_LOG(DEBUG, "modulus", + QAT_DP_HEXDUMP_LOG(DEBUG, " ModExpmodulus", cookie->input_array[2], alg_size_in_bytes); #endif - } else if (ctx->alg == QAT_PKE_MODINV) { - err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_inv.n); + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { + err = qat_asym_check_nonzero(xform->modinv.modulus); if (err) { QAT_LOG(ERR, "Empty modulus in modular multiplicative" " inverse, aborting this operation"); - goto error; + return err; } alg_size_in_bytes = max_of(2, asym_op->modinv.base.length, - ctx->sess_alg_params.mod_inv.n.length); + xform->modinv.modulus.length); alg_size = alg_size_in_bytes << 3; - if (ctx->sess_alg_params.mod_inv.n.data[ - ctx->sess_alg_params.mod_inv.n.length - 1] & 0x01) { + if (xform->modinv.modulus.data[ + xform->modinv.modulus.length - 1] & 0x01) { if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_ODD, sizeof(MOD_INV_IDS_ODD)/ sizeof(*MOD_INV_IDS_ODD), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return -(EINVAL); } } else { if (qat_asym_get_sz_and_func_id(MOD_INV_IDS_EVEN, sizeof(MOD_INV_IDS_EVEN)/ sizeof(*MOD_INV_IDS_EVEN), &alg_size, &func_id)) { - err = QAT_ASYM_ERROR_INVALID_PARAM; - goto error; + return -(EINVAL); } } @@ -230,27 +211,93 @@ qat_asym_build_request(void *in_op, , asym_op->modinv.base.data, asym_op->modinv.base.length); rte_memcpy(cookie->input_array[1] + alg_size_in_bytes - - ctx->sess_alg_params.mod_inv.n.length - , ctx->sess_alg_params.mod_inv.n.data, - ctx->sess_alg_params.mod_inv.n.length); + xform->modinv.modulus.length + , xform->modinv.modulus.data, + xform->modinv.modulus.length); cookie->alg_size = alg_size; qat_req->pke_hdr.cd_pars.func_id = func_id; + qat_req->input_param_count = + QAT_ASYM_MODINV_NUM_IN_PARAMS; + qat_req->output_param_count = + QAT_ASYM_MODINV_NUM_OUT_PARAMS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG - QAT_DP_HEXDUMP_LOG(DEBUG, "base", + QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv base", cookie->input_array[0], alg_size_in_bytes); - QAT_DP_HEXDUMP_LOG(DEBUG, "modulus", + QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv modulus", cookie->input_array[1], alg_size_in_bytes); #endif + } else { + QAT_LOG(ERR, "Invalid asymmetric crypto xform"); + return -(EINVAL); + } + return 0; +} + +int +qat_asym_build_request(void *in_op, + uint8_t *out_msg, + void *op_cookie, + __rte_unused enum qat_device_gen qat_dev_gen) +{ + struct qat_asym_session *ctx; + struct rte_crypto_op *op = (struct rte_crypto_op *)in_op; + struct rte_crypto_asym_op *asym_op = op->asym; + struct icp_qat_fw_pke_request *qat_req = + (struct icp_qat_fw_pke_request *)out_msg; + struct qat_asym_op_cookie *cookie = + (struct qat_asym_op_cookie *)op_cookie; + int err = 0; + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + if (op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { + ctx = (struct qat_asym_session *) + get_asym_session_private_data( + op->asym->session, cryptodev_qat_asym_driver_id); + if (unlikely(ctx == NULL)) { + QAT_LOG(ERR, "Session has not been created for this device"); + goto error; + } + rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); + err = qat_asym_fill_arrays(asym_op, qat_req, cookie, ctx->xform); + if (err) { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + goto error; + } + } else if (op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { + qat_fill_req_tmpl(qat_req); + err = qat_asym_fill_arrays(asym_op, qat_req, cookie, + op->asym->xform); + if (err) { + op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + goto error; + } + } else { + QAT_DP_LOG(ERR, "Invalid session/xform settings"); + op->status = RTE_CRYPTO_OP_STATUS_INVALID_SESSION; + goto error; } + qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; + qat_req->pke_mid.src_data_addr = cookie->input_addr; + qat_req->pke_mid.dest_data_addr = cookie->output_addr; + #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req, sizeof(struct icp_qat_fw_pke_request)); #endif + return 0; error: + + qat_req->pke_mid.opaque = (uint64_t)(uintptr_t)op; + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req, + sizeof(struct icp_qat_fw_pke_request)); +#endif + qat_req->output_param_count = 0; qat_req->input_param_count = 0; qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL; @@ -259,42 +306,16 @@ qat_asym_build_request(void *in_op, return 0; } -void -qat_asym_process_response(void **op, uint8_t *resp, - void *op_cookie) +static void qat_asym_collect_response(struct rte_crypto_op *rx_op, + struct qat_asym_op_cookie *cookie, + struct rte_crypto_asym_xform *xform) { - struct qat_asym_session *ctx; - struct icp_qat_fw_pke_resp *resp_msg = - (struct icp_qat_fw_pke_resp *)resp; - struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t) - (resp_msg->opaque); + size_t alg_size, alg_size_in_bytes = 0; struct rte_crypto_asym_op *asym_op = rx_op->asym; - struct qat_asym_op_cookie *cookie = op_cookie; - size_t alg_size, alg_size_in_bytes; - - ctx = (struct qat_asym_session *)get_asym_session_private_data( - rx_op->asym->session, cryptodev_qat_asym_driver_id); - - *op = rx_op; - rx_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; - if (cookie->error) { - cookie->error = 0; - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Cookie status returned error"); - } else { - if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET( - resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) { - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Asymmetric response status returned error"); - } - if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) { - rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; - QAT_DP_LOG(ERR, "Asymmetric common status returned error"); - } - } + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { + rte_crypto_param n = xform->modex.modulus; - if (ctx->alg == QAT_PKE_MODEXP) { alg_size = cookie->alg_size; alg_size_in_bytes = alg_size >> 3; uint8_t *modexp_result = asym_op->modex.result.data; @@ -302,42 +323,83 @@ qat_asym_process_response(void **op, uint8_t *resp, if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) { rte_memcpy(modexp_result + (asym_op->modex.result.length - - ctx->sess_alg_params.mod_exp.n.length), + n.length), cookie->output_array[0] + alg_size_in_bytes - - ctx->sess_alg_params.mod_exp.n.length, - ctx->sess_alg_params.mod_exp.n.length + - n.length, n.length ); rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG - QAT_DP_HEXDUMP_LOG(DEBUG, "modexp_result", + QAT_DP_HEXDUMP_LOG(DEBUG, "ModExp result", cookie->output_array[0], alg_size_in_bytes); + #endif } - qat_clear_arrays(cookie, 3, 1, alg_size_in_bytes, - alg_size_in_bytes); - } else if (ctx->alg == QAT_PKE_MODINV) { + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { + rte_crypto_param n = xform->modinv.modulus; + alg_size = cookie->alg_size; alg_size_in_bytes = alg_size >> 3; uint8_t *modinv_result = asym_op->modinv.result.data; if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) { rte_memcpy(modinv_result + (asym_op->modinv.result.length - - ctx->sess_alg_params.mod_inv.n.length), + - n.length), cookie->output_array[0] + alg_size_in_bytes - - ctx->sess_alg_params.mod_inv.n.length, - ctx->sess_alg_params.mod_inv.n.length); + - n.length, n.length); rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG - QAT_DP_HEXDUMP_LOG(DEBUG, "modinv_result", + QAT_DP_HEXDUMP_LOG(DEBUG, "ModInv result", cookie->output_array[0], alg_size_in_bytes); #endif } - qat_clear_arrays(cookie, 2, 1, alg_size_in_bytes, + } + qat_clear_arrays_by_alg(cookie, xform->xform_type, alg_size_in_bytes, alg_size_in_bytes); +} + +void +qat_asym_process_response(void **op, uint8_t *resp, + void *op_cookie) +{ + struct qat_asym_session *ctx; + struct icp_qat_fw_pke_resp *resp_msg = + (struct icp_qat_fw_pke_resp *)resp; + struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t) + (resp_msg->opaque); + struct qat_asym_op_cookie *cookie = op_cookie; + + if (cookie->error) { + cookie->error = 0; + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Cookie status returned error"); + } else { + if (ICP_QAT_FW_PKE_RESP_PKE_STAT_GET( + resp_msg->pke_resp_hdr.resp_status.pke_resp_flags)) { + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Asymmetric response status" + " returned error"); + } + if (resp_msg->pke_resp_hdr.resp_status.comn_err_code) { + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) + rx_op->status = RTE_CRYPTO_OP_STATUS_ERROR; + QAT_DP_LOG(ERR, "Asymmetric common status" + " returned error"); + } } + if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { + ctx = (struct qat_asym_session *)get_asym_session_private_data( + rx_op->asym->session, cryptodev_qat_asym_driver_id); + qat_asym_collect_response(rx_op, cookie, ctx->xform); + } else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { + qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform); + } + *op = rx_op; + #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "resp_msg:", resp_msg, sizeof(struct icp_qat_fw_pke_resp)); @@ -362,10 +424,6 @@ qat_asym_session_configure(struct rte_cryptodev *dev, session = sess_private_data; if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { - session->sess_alg_params.mod_exp.e = xform->modex.exponent; - session->sess_alg_params.mod_exp.n = xform->modex.modulus; - session->alg = QAT_PKE_MODEXP; - if (xform->modex.exponent.length == 0 || xform->modex.modulus.length == 0) { QAT_LOG(ERR, "Invalid mod exp input parameter"); @@ -373,20 +431,24 @@ qat_asym_session_configure(struct rte_cryptodev *dev, goto error; } } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { - session->sess_alg_params.mod_inv.n = xform->modinv.modulus; - session->alg = QAT_PKE_MODINV; - if (xform->modinv.modulus.length == 0) { QAT_LOG(ERR, "Invalid mod inv input parameter"); err = -EINVAL; goto error; } - } else { + } else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END + || xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) { QAT_LOG(ERR, "Invalid asymmetric crypto xform"); err = -EINVAL; goto error; + } else { + QAT_LOG(ERR, "Asymmetric crypto xform not implemented"); + err = -EINVAL; + goto error; } - qat_asym_build_req_tmpl(sess_private_data, xform); + + session->xform = xform; + qat_asym_build_req_tmpl(sess_private_data); set_asym_session_private_data(sess, dev->driver_id, sess_private_data); diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index ce4839b..2959b07 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -17,7 +17,11 @@ typedef uint64_t large_int_ptr; #define QAT_PKE_MAX_LN_SIZE 512 #define _PKE_ALIGN_ __attribute__((__aligned__(8))) -#define QAT_ASYM_ERROR_INVALID_PARAM 0x01 +#define QAT_ASYM_MAX_PARAMS 8 +#define QAT_ASYM_MODINV_NUM_IN_PARAMS 2 +#define QAT_ASYM_MODINV_NUM_OUT_PARAMS 1 +#define QAT_ASYM_MODEXP_NUM_IN_PARAMS 3 +#define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 struct qat_asym_op_cookie { size_t alg_size; @@ -33,27 +37,9 @@ struct qat_asym_op_cookie { uint8_t output_array[MAX_PKE_PARAMS][QAT_PKE_MAX_LN_SIZE] _PKE_ALIGN_; } _PKE_ALIGN_; -enum qat_asym_alg { - QAT_PKE_RSA, - QAT_PKE_DH, - QAT_PKE_DSA, - QAT_PKE_MODEXP, - QAT_PKE_MODINV, -}; - struct qat_asym_session { - enum qat_asym_alg alg; struct icp_qat_fw_pke_request req_tmpl; - uint64_t flags; - union { - struct { - rte_crypto_param n; - rte_crypto_param e; - } mod_exp; - struct { - rte_crypto_param n; - } mod_inv; - } sess_alg_params; + struct rte_crypto_asym_xform *xform; }; int diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index c999799..71fd709 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -270,7 +270,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->dequeue_burst = qat_asym_pmd_dequeue_op_burst; cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | - RTE_CRYPTODEV_FF_HW_ACCELERATED; + RTE_CRYPTODEV_FF_HW_ACCELERATED | + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Tue Oct 22 14:04:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 61656 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 781541BEF8; Tue, 22 Oct 2019 16:06:27 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 317281BEA3 for ; Tue, 22 Oct 2019 16:06:22 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Oct 2019 07:06:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,327,1566889200"; d="scan'208";a="209681157" Received: from akusztax-mobl.ger.corp.intel.com ([10.103.104.118]) by fmsmga001.fm.intel.com with ESMTP; 22 Oct 2019 07:06:20 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Tue, 22 Oct 2019 16:04:26 +0200 Message-Id: <20191022140429.9008-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> References: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v4 2/5] crypto/qat: add rsa implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit adds rsa algorithm to asymmetric pmd using pair (n, d) private key Signed-off-by: Arek Kusztal --- doc/guides/cryptodevs/features/qat.ini | 2 + doc/guides/cryptodevs/qat.rst | 1 + doc/guides/rel_notes/release_19_11.rst | 2 + .../qat/qat_adf/qat_pke_functionality_arrays.h | 18 ++ drivers/crypto/qat/qat_asym.c | 252 ++++++++++++++++++++- drivers/crypto/qat/qat_asym.h | 2 + drivers/crypto/qat/qat_asym_capabilities.h | 21 ++ drivers/crypto/qat/qat_asym_pmd.c | 3 +- 8 files changed, 299 insertions(+), 2 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index cef8015..374b523 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -14,6 +14,7 @@ OOP LB In SGL Out = Y OOP LB In LB Out = Y Digest encrypted = Y Asymmetric sessionless = Y +RSA PRIV OP KEY EXP = Y ; ; Supported crypto algorithms of the 'qat' crypto driver. @@ -71,3 +72,4 @@ AES CCM (256) = Y [Asymmetric] Modular Exponentiation = Y Modular Inversion = Y +RSA = Y diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index ad685a7..8630e27 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -134,6 +134,7 @@ Limitations * Big integers longer than 4096 bits are not supported. * Queue pairs are not thread-safe (that is, within a single queue pair, RX and TX from different lcores is not supported). +* RSA-2560, RSA-3584 are not supported .. _building_qat: diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index a96d567..8603de7 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -156,6 +156,8 @@ New Features Added support for asymmetric session-less operations. + Added support for RSA algorithm with pair (n, d) private key representation. + Removed Items ------------- diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h index 8adf209..3e40b86 100644 --- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h +++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h @@ -49,4 +49,22 @@ static const uint32_t MOD_INV_IDS_EVEN[][2] = { { 4096, MATHS_MODINV_EVEN_L4096 }, }; +static const uint32_t RSA_ENC_IDS[][2] = { + { 512, PKE_RSA_EP_512 }, + { 1024, PKE_RSA_EP_1024 }, + { 1536, PKE_RSA_EP_1536 }, + { 2048, PKE_RSA_EP_2048 }, + { 3072, PKE_RSA_EP_3072 }, + { 4096, PKE_RSA_EP_4096 }, +}; + +static const uint32_t RSA_DEC_IDS[][2] = { + { 512, PKE_RSA_DP1_512 }, + { 1024, PKE_RSA_DP1_1024 }, + { 1536, PKE_RSA_DP1_1536 }, + { 2048, PKE_RSA_DP1_2048 }, + { 3072, PKE_RSA_DP1_3072 }, + { 4096, PKE_RSA_DP1_4096 }, +}; + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 1145425..070feb9 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -228,6 +228,171 @@ qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, cookie->input_array[1], alg_size_in_bytes); #endif + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + err = qat_asym_check_nonzero(xform->rsa.n); + if (err) { + QAT_LOG(ERR, "Empty modulus in RSA" + " inverse, aborting this operation"); + return err; + } + + alg_size_in_bytes = xform->rsa.n.length; + alg_size = alg_size_in_bytes << 3; + + qat_req->input_param_count = + QAT_ASYM_RSA_NUM_IN_PARAMS; + qat_req->output_param_count = + QAT_ASYM_RSA_NUM_OUT_PARAMS; + + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT || + asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + + if (qat_asym_get_sz_and_func_id(RSA_ENC_IDS, + sizeof(RSA_ENC_IDS)/ + sizeof(*RSA_ENC_IDS), + &alg_size, &func_id)) { + err = -(EINVAL); + QAT_LOG(ERR, + "Not supported RSA parameter size (key)"); + return err; + } + alg_size_in_bytes = alg_size >> 3; + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.message.length + , asym_op->rsa.message.data, + asym_op->rsa.message.length); + break; + default: + err = -(EINVAL); + QAT_LOG(ERR, + "Invalid RSA padding (Encryption)"); + return err; + } +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Message", + cookie->input_array[0], + alg_size_in_bytes); +#endif + } else { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0], + asym_op->rsa.sign.data, + alg_size_in_bytes); + break; + default: + err = -(EINVAL); + QAT_LOG(ERR, + "Invalid RSA padding (Verify)"); + return err; + } + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, " RSA Signature", + cookie->input_array[0], + alg_size_in_bytes); +#endif + + } + rte_memcpy(cookie->input_array[1] + + alg_size_in_bytes - + xform->rsa.e.length + , xform->rsa.e.data, + xform->rsa.e.length); + rte_memcpy(cookie->input_array[2] + + alg_size_in_bytes - + xform->rsa.n.length, + xform->rsa.n.data, + xform->rsa.n.length); + + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Public Key", + cookie->input_array[1], alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Modulus", + cookie->input_array[2], alg_size_in_bytes); +#endif + } else { + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_DECRYPT) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.cipher.length, + asym_op->rsa.cipher.data, + asym_op->rsa.cipher.length); + break; + default: + QAT_LOG(ERR, + "Invalid padding of RSA (Decrypt)"); + return -(EINVAL); + } + + } else if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_SIGN) { + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(cookie->input_array[0] + + alg_size_in_bytes - + asym_op->rsa.message.length, + asym_op->rsa.message.data, + asym_op->rsa.message.length); + break; + default: + QAT_LOG(ERR, + "Invalid padding of RSA (Signature)"); + return -(EINVAL); + } + } + + if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) { + QAT_LOG(ERR, "RSA CRT not implemented"); + return -(EINVAL); + } else if (xform->rsa.key_type == + RTE_RSA_KEY_TYPE_EXP) { + if (qat_asym_get_sz_and_func_id( + RSA_DEC_IDS, + sizeof(RSA_DEC_IDS)/ + sizeof(*RSA_DEC_IDS), + &alg_size, &func_id)) { + return -(EINVAL); + } + alg_size_in_bytes = alg_size >> 3; + rte_memcpy(cookie->input_array[1] + + alg_size_in_bytes - + xform->rsa.d.length, + xform->rsa.d.data, + xform->rsa.d.length); + rte_memcpy(cookie->input_array[2] + + alg_size_in_bytes - + xform->rsa.n.length, + xform->rsa.n.data, + xform->rsa.n.length); +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA ciphertext", + cookie->input_array[0], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA d", cookie->input_array[1], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA n", cookie->input_array[2], + alg_size_in_bytes); +#endif + + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; + } else { + QAT_LOG(ERR, "Invalid RSA key type"); + return -(EINVAL); + } + } } else { QAT_LOG(ERR, "Invalid asymmetric crypto xform"); return -(EINVAL); @@ -354,6 +519,85 @@ static void qat_asym_collect_response(struct rte_crypto_op *rx_op, alg_size_in_bytes); #endif } + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + + alg_size = cookie->alg_size; + alg_size_in_bytes = alg_size >> 3; + if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT || + asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_ENCRYPT) { + uint8_t *rsa_result = asym_op->rsa.cipher.data; + + rte_memcpy(rsa_result, + cookie->output_array[0], + alg_size_in_bytes); + rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Encrypted data", + cookie->output_array[0], + alg_size_in_bytes); +#endif + } else if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_VERIFY) { + uint8_t *rsa_result = asym_op->rsa.cipher.data; + + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(rsa_result, + cookie->output_array[0], + alg_size_in_bytes); + rx_op->status = + RTE_CRYPTO_OP_STATUS_SUCCESS; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature", + cookie->output_array[0], + alg_size_in_bytes); +#endif + break; + default: + QAT_LOG(ERR, "Padding not supported"); + rx_op->status = + RTE_CRYPTO_OP_STATUS_ERROR; + break; + } + } + } else { + if (asym_op->rsa.op_type == + RTE_CRYPTO_ASYM_OP_DECRYPT) { + uint8_t *rsa_result = asym_op->rsa.message.data; + + switch (asym_op->rsa.pad) { + case RTE_CRYPTO_RSA_PADDING_NONE: + rte_memcpy(rsa_result, + cookie->output_array[0], + alg_size_in_bytes); + break; + default: + QAT_LOG(ERR, "Padding not supported"); + rx_op->status = + RTE_CRYPTO_OP_STATUS_ERROR; + break; + } +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Decrypted Message", + rsa_result, alg_size_in_bytes); +#endif + } else if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { + uint8_t *rsa_result = asym_op->rsa.sign.data; + + rte_memcpy(rsa_result, + cookie->output_array[0], + alg_size_in_bytes); + rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "RSA Signature", + cookie->output_array[0], + alg_size_in_bytes); +#endif + } + } } qat_clear_arrays_by_alg(cookie, xform->xform_type, alg_size_in_bytes, alg_size_in_bytes); @@ -393,7 +637,7 @@ qat_asym_process_response(void **op, uint8_t *resp, if (rx_op->sess_type == RTE_CRYPTO_OP_WITH_SESSION) { ctx = (struct qat_asym_session *)get_asym_session_private_data( - rx_op->asym->session, cryptodev_qat_asym_driver_id); + rx_op->asym->session, cryptodev_qat_asym_driver_id); qat_asym_collect_response(rx_op, cookie, ctx->xform); } else if (rx_op->sess_type == RTE_CRYPTO_OP_SESSIONLESS) { qat_asym_collect_response(rx_op, cookie, rx_op->asym->xform); @@ -436,6 +680,12 @@ qat_asym_session_configure(struct rte_cryptodev *dev, err = -EINVAL; goto error; } + } else if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + if (xform->rsa.n.length == 0) { + QAT_LOG(ERR, "Invalid rsa input parameter"); + err = -EINVAL; + goto error; + } } else if (xform->xform_type >= RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END || xform->xform_type <= RTE_CRYPTO_ASYM_XFORM_NONE) { QAT_LOG(ERR, "Invalid asymmetric crypto xform"); diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index 2959b07..b1dec8f 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -22,6 +22,8 @@ typedef uint64_t large_int_ptr; #define QAT_ASYM_MODINV_NUM_OUT_PARAMS 1 #define QAT_ASYM_MODEXP_NUM_IN_PARAMS 3 #define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 +#define QAT_ASYM_RSA_NUM_IN_PARAMS 3 +#define QAT_ASYM_RSA_NUM_OUT_PARAMS 1 struct qat_asym_op_cookie { size_t alg_size; diff --git a/drivers/crypto/qat/qat_asym_capabilities.h b/drivers/crypto/qat/qat_asym_capabilities.h index f43c025..523b4da 100644 --- a/drivers/crypto/qat/qat_asym_capabilities.h +++ b/drivers/crypto/qat/qat_asym_capabilities.h @@ -37,6 +37,27 @@ } \ }, \ } \ + }, \ + { /* RSA */ \ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, \ + {.asym = { \ + .xform_capa = { \ + .xform_type = RTE_CRYPTO_ASYM_XFORM_RSA, \ + .op_types = ((1 << RTE_CRYPTO_ASYM_OP_SIGN) | \ + (1 << RTE_CRYPTO_ASYM_OP_VERIFY) | \ + (1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) | \ + (1 << RTE_CRYPTO_ASYM_OP_DECRYPT)), \ + { \ + .modlen = { \ + /* min length is based on openssl rsa keygen */ \ + .min = 64, \ + /* value 0 symbolizes no limit on max length */ \ + .max = 512, \ + .increment = 64 \ + }, } \ + } \ + }, \ + } \ } \ #endif /* _QAT_ASYM_CAPABILITIES_H_ */ diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index 71fd709..78fc2d7 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -271,7 +271,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | - RTE_CRYPTODEV_FF_ASYM_SESSIONLESS; + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Tue Oct 22 14:04:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 61657 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id AF53C1BEF1; Tue, 22 Oct 2019 16:06:30 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id AFFCA1BEA3 for ; Tue, 22 Oct 2019 16:06:23 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Oct 2019 07:06:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,327,1566889200"; d="scan'208";a="209681172" Received: from akusztax-mobl.ger.corp.intel.com ([10.103.104.118]) by fmsmga001.fm.intel.com with ESMTP; 22 Oct 2019 07:06:22 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Tue, 22 Oct 2019 16:04:27 +0200 Message-Id: <20191022140429.9008-4-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> References: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v4 3/5] crypto/qat: add rsa crt implementation to asym pmd X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit extends RSA implementation by CRT option Signed-off-by: Arek Kusztal --- doc/guides/cryptodevs/features/qat.ini | 1 + doc/guides/rel_notes/release_19_11.rst | 2 + .../qat/qat_adf/qat_pke_functionality_arrays.h | 9 ++++ drivers/crypto/qat/qat_asym.c | 62 ++++++++++++++++++++-- drivers/crypto/qat/qat_asym.h | 1 + drivers/crypto/qat/qat_asym_pmd.c | 3 +- 6 files changed, 74 insertions(+), 4 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 374b523..6e350eb 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -15,6 +15,7 @@ OOP LB In LB Out = Y Digest encrypted = Y Asymmetric sessionless = Y RSA PRIV OP KEY EXP = Y +RSA PRIV OP KEY QT = Y ; ; Supported crypto algorithms of the 'qat' crypto driver. diff --git a/doc/guides/rel_notes/release_19_11.rst b/doc/guides/rel_notes/release_19_11.rst index 8603de7..6d34249 100644 --- a/doc/guides/rel_notes/release_19_11.rst +++ b/doc/guides/rel_notes/release_19_11.rst @@ -158,6 +158,8 @@ New Features Added support for RSA algorithm with pair (n, d) private key representation. + Added support for RSA algorithm with quintuple private key representation. + Removed Items ------------- diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h index 3e40b86..42ffbba 100644 --- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h +++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h @@ -67,4 +67,13 @@ static const uint32_t RSA_DEC_IDS[][2] = { { 4096, PKE_RSA_DP1_4096 }, }; +static const uint32_t RSA_DEC_CRT_IDS[][2] = { + { 512, PKE_RSA_DP2_512 }, + { 1024, PKE_RSA_DP2_1024 }, + { 1536, PKE_RSA_DP2_1536 }, + { 2048, PKE_RSA_DP2_2048 }, + { 3072, PKE_RSA_DP2_3072 }, + { 4096, PKE_RSA_DP2_4096 }, +}; + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 070feb9..ae0dd79 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -352,10 +352,66 @@ qat_asym_fill_arrays(struct rte_crypto_asym_op *asym_op, return -(EINVAL); } } - if (xform->rsa.key_type == RTE_RSA_KET_TYPE_QT) { - QAT_LOG(ERR, "RSA CRT not implemented"); - return -(EINVAL); + + qat_req->input_param_count = + QAT_ASYM_RSA_QT_NUM_IN_PARAMS; + if (qat_asym_get_sz_and_func_id(RSA_DEC_CRT_IDS, + sizeof(RSA_DEC_CRT_IDS)/ + sizeof(*RSA_DEC_CRT_IDS), + &alg_size, &func_id)) { + return -(EINVAL); + } + alg_size_in_bytes = alg_size >> 3; + + rte_memcpy(cookie->input_array[1] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.p.length + , xform->rsa.qt.p.data, + xform->rsa.qt.p.length); + rte_memcpy(cookie->input_array[2] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.q.length + , xform->rsa.qt.q.data, + xform->rsa.qt.q.length); + rte_memcpy(cookie->input_array[3] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.dP.length + , xform->rsa.qt.dP.data, + xform->rsa.qt.dP.length); + rte_memcpy(cookie->input_array[4] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.dQ.length + , xform->rsa.qt.dQ.data, + xform->rsa.qt.dQ.length); + rte_memcpy(cookie->input_array[5] + + (alg_size_in_bytes >> 1) - + xform->rsa.qt.qInv.length + , xform->rsa.qt.qInv.data, + xform->rsa.qt.qInv.length); + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; + +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "C", + cookie->input_array[0], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "p", + cookie->input_array[1], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "q", + cookie->input_array[2], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "dP", cookie->input_array[3], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "dQ", cookie->input_array[4], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, + "qInv", cookie->input_array[5], + alg_size_in_bytes); +#endif } else if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_EXP) { if (qat_asym_get_sz_and_func_id( diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index b1dec8f..551edc3 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -24,6 +24,7 @@ typedef uint64_t large_int_ptr; #define QAT_ASYM_MODEXP_NUM_OUT_PARAMS 1 #define QAT_ASYM_RSA_NUM_IN_PARAMS 3 #define QAT_ASYM_RSA_NUM_OUT_PARAMS 1 +#define QAT_ASYM_RSA_QT_NUM_IN_PARAMS 6 struct qat_asym_op_cookie { size_t alg_size; diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index 78fc2d7..c8a52b6 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -272,7 +272,8 @@ qat_asym_dev_create(struct qat_pci_device *qat_pci_dev) cryptodev->feature_flags = RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO | RTE_CRYPTODEV_FF_HW_ACCELERATED | RTE_CRYPTODEV_FF_ASYM_SESSIONLESS | - RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP; + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_EXP | + RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT; internals = cryptodev->data->dev_private; internals->qat_dev = qat_pci_dev; qat_pci_dev->asym_dev = internals; From patchwork Tue Oct 22 14:04:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 61658 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 21D261BF0A; Tue, 22 Oct 2019 16:06:33 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 43FAC1BEA3 for ; Tue, 22 Oct 2019 16:06:25 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Oct 2019 07:06:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,327,1566889200"; d="scan'208";a="209681178" Received: from akusztax-mobl.ger.corp.intel.com ([10.103.104.118]) by fmsmga001.fm.intel.com with ESMTP; 22 Oct 2019 07:06:23 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Tue, 22 Oct 2019 16:04:28 +0200 Message-Id: <20191022140429.9008-5-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> References: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v4 4/5] test/crypto: add sessionless to asymmetric mod exp X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit adds asymmetric sessionless tests to mod exp. Signed-off-by: Arek Kusztal --- app/test/test_cryptodev_asym.c | 73 ++++++++++++++++++++++++++++-------------- 1 file changed, 49 insertions(+), 24 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index 6cc2f97..ea3005b 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -283,7 +283,7 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc, static int test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, union test_case_structure *data_tc, - char *test_msg) + char *test_msg, int sessionless) { struct rte_crypto_asym_op *asym_op = NULL; struct rte_crypto_op *op = NULL; @@ -382,27 +382,31 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } - sess = rte_cryptodev_asym_session_create(ts_params->session_mpool); - if (!sess) { - snprintf(test_msg, ASYM_TEST_MSG_LEN, - "line %u " - "FAILED: %s", __LINE__, - "Session creation failed"); - status = TEST_FAILED; - goto error_exit; - } - - if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc, - ts_params->session_mpool) < 0) { - snprintf(test_msg, ASYM_TEST_MSG_LEN, - "line %u FAILED: %s", - __LINE__, "unabled to config sym session"); - status = TEST_FAILED; - goto error_exit; - } + if (!sessionless) { + sess = rte_cryptodev_asym_session_create(ts_params->session_mpool); + if (!sess) { + snprintf(test_msg, ASYM_TEST_MSG_LEN, + "line %u " + "FAILED: %s", __LINE__, + "Session creation failed"); + status = TEST_FAILED; + goto error_exit; + } - rte_crypto_op_attach_asym_session(op, sess); + if (rte_cryptodev_asym_session_init(dev_id, sess, &xform_tc, + ts_params->session_mpool) < 0) { + snprintf(test_msg, ASYM_TEST_MSG_LEN, + "line %u FAILED: %s", + __LINE__, "unabled to config sym session"); + status = TEST_FAILED; + goto error_exit; + } + rte_crypto_op_attach_asym_session(op, sess); + } else { + asym_op->xform = &xform_tc; + op->sess_type = RTE_CRYPTO_OP_SESSIONLESS; + } RTE_LOG(DEBUG, USER1, "Process ASYM operation"); /* Process crypto operation */ @@ -433,7 +437,10 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } - snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS"); + if (!sessionless) + snprintf(test_msg, ASYM_TEST_MSG_LEN, "PASS"); + else + snprintf(test_msg, ASYM_TEST_MSG_LEN, "SESSIONLESS PASS"); error_exit: if (sess != NULL) { @@ -451,7 +458,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, } static int -test_one_case(const void *test_case) +test_one_case(const void *test_case, int sessionless) { int status = TEST_SUCCESS; char test_msg[ASYM_TEST_MSG_LEN + 1]; @@ -460,7 +467,8 @@ test_one_case(const void *test_case) union test_case_structure tc; memcpy(&tc, test_case, sizeof(tc)); - status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg); + status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg, + sessionless); printf(" %u) TestCase %s %s\n", test_index++, tc.modex.description, test_msg); @@ -501,14 +509,31 @@ static int test_one_by_one(void) { int status = TEST_SUCCESS; + struct crypto_testsuite_params *ts_params = &testsuite_params; uint32_t i = 0; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + int sessionless = 0; + + rte_cryptodev_info_get(dev_id, &dev_info); + if ((dev_info.feature_flags & + RTE_CRYPTODEV_FF_ASYM_SESSIONLESS)) { + sessionless = 1; + } /* Go through all test cases */ test_index = 0; for (i = 0; i < test_vector.size; i++) { - if (test_one_case(test_vector.address[i]) != TEST_SUCCESS) + if (test_one_case(test_vector.address[i], 0) != TEST_SUCCESS) status = TEST_FAILED; } + if (sessionless) { + for (i = 0; i < test_vector.size; i++) { + if (test_one_case(test_vector.address[i], 1) + != TEST_SUCCESS) + status = TEST_FAILED; + } + } TEST_ASSERT_EQUAL(status, 0, "Test failed"); return status; From patchwork Tue Oct 22 14:04:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 61659 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 509331BF12; Tue, 22 Oct 2019 16:06:35 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 2C40F1BEF1 for ; Tue, 22 Oct 2019 16:06:27 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Oct 2019 07:06:26 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,327,1566889200"; d="scan'208";a="209681187" Received: from akusztax-mobl.ger.corp.intel.com ([10.103.104.118]) by fmsmga001.fm.intel.com with ESMTP; 22 Oct 2019 07:06:25 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Tue, 22 Oct 2019 16:04:29 +0200 Message-Id: <20191022140429.9008-6-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> References: <20191022140429.9008-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v4 5/5] test/crypto: add rsa tests to qat and openssl with no padding X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit adds RSA tests to Intel QuickAssist Technology pmd and OpenSSL pmd test suite for session and session-less cases when PADDING_NONE selected Signed-off-by: Arek Kusztal --- app/test/test_cryptodev_asym.c | 140 ++++++++++++++++-- app/test/test_cryptodev_rsa_test_vectors.h | 226 +++++++++++++++++++++++++++++ 2 files changed, 351 insertions(+), 15 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index ea3005b..e49ab9d 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -54,6 +54,7 @@ struct crypto_unittest_params { union test_case_structure { struct modex_test_data modex; struct modinv_test_data modinv; + struct rsa_test_data_2 rsa_data; }; struct test_cases_array { @@ -246,10 +247,12 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess) return status; } static int -test_cryptodev_asym_ver(union test_case_structure *data_tc, - struct rte_crypto_op *result_op) +test_cryptodev_asym_ver(struct rte_crypto_op *op, + struct rte_crypto_asym_xform *xform_tc, + union test_case_structure *data_tc, + struct rte_crypto_op *result_op) { - int status = TEST_SUCCESS; + int status = TEST_FAILED; int ret = 0; uint8_t *data_expected = NULL, *data_received = NULL; size_t data_size = 0; @@ -265,17 +268,35 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc, data_received = result_op->asym->modinv.result.data; data_size = result_op->asym->modinv.result.length; break; + case RTE_CRYPTO_ASYM_XFORM_RSA: + if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + data_size = xform_tc->rsa.n.length; + data_received = result_op->asym->rsa.cipher.data; + data_expected = data_tc->rsa_data.ct.data; + } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { + data_size = xform_tc->rsa.n.length; + data_expected = data_tc->rsa_data.pt.data; + data_received = result_op->asym->rsa.message.data; + } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { + data_size = xform_tc->rsa.n.length; + data_expected = data_tc->rsa_data.sign.data; + data_received = result_op->asym->rsa.sign.data; + } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) { + data_size = xform_tc->rsa.n.length; + data_expected = data_tc->rsa_data.pt.data; + data_received = result_op->asym->rsa.cipher.data; + } + break; case RTE_CRYPTO_ASYM_XFORM_DH: case RTE_CRYPTO_ASYM_XFORM_DSA: - case RTE_CRYPTO_ASYM_XFORM_RSA: case RTE_CRYPTO_ASYM_XFORM_NONE: case RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED: default: break; } ret = memcmp(data_expected, data_received, data_size); - if (ret) - status = TEST_FAILED; + if (!ret && data_size) + status = TEST_SUCCESS; return status; } @@ -283,7 +304,8 @@ test_cryptodev_asym_ver(union test_case_structure *data_tc, static int test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, union test_case_structure *data_tc, - char *test_msg, int sessionless) + char *test_msg, int sessionless, enum rte_crypto_asym_op_type type, + enum rte_crypto_rsa_priv_key_type key_type) { struct rte_crypto_asym_op *asym_op = NULL; struct rte_crypto_op *op = NULL; @@ -368,9 +390,57 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } break; + case RTE_CRYPTO_ASYM_XFORM_RSA: + result = rte_zmalloc(NULL, data_tc->rsa_data.n.len, 0); + op->asym->rsa.op_type = type; + xform_tc.rsa.e.data = data_tc->rsa_data.e.data; + xform_tc.rsa.e.length = data_tc->rsa_data.e.len; + xform_tc.rsa.n.data = data_tc->rsa_data.n.data; + xform_tc.rsa.n.length = data_tc->rsa_data.n.len; + + if (key_type == RTE_RSA_KEY_TYPE_EXP) { + xform_tc.rsa.d.data = data_tc->rsa_data.d.data; + xform_tc.rsa.d.length = data_tc->rsa_data.d.len; + } else { + xform_tc.rsa.qt.p.data = data_tc->rsa_data.p.data; + xform_tc.rsa.qt.p.length = data_tc->rsa_data.p.len; + xform_tc.rsa.qt.q.data = data_tc->rsa_data.q.data; + xform_tc.rsa.qt.q.length = data_tc->rsa_data.q.len; + xform_tc.rsa.qt.dP.data = data_tc->rsa_data.dP.data; + xform_tc.rsa.qt.dP.length = data_tc->rsa_data.dP.len; + xform_tc.rsa.qt.dQ.data = data_tc->rsa_data.dQ.data; + xform_tc.rsa.qt.dQ.length = data_tc->rsa_data.dQ.len; + xform_tc.rsa.qt.qInv.data = data_tc->rsa_data.qInv.data; + xform_tc.rsa.qt.qInv.length = data_tc->rsa_data.qInv.len; + } + + xform_tc.rsa.key_type = key_type; + op->asym->rsa.pad = data_tc->rsa_data.padding; + + if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + asym_op->rsa.message.data = data_tc->rsa_data.pt.data; + asym_op->rsa.message.length = data_tc->rsa_data.pt.len; + asym_op->rsa.cipher.data = result; + asym_op->rsa.cipher.length = data_tc->rsa_data.n.len; + } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { + asym_op->rsa.message.data = result; + asym_op->rsa.message.length = data_tc->rsa_data.n.len; + asym_op->rsa.cipher.data = data_tc->rsa_data.ct.data; + asym_op->rsa.cipher.length = data_tc->rsa_data.ct.len; + } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { + asym_op->rsa.sign.data = result; + asym_op->rsa.sign.length = data_tc->rsa_data.n.len; + asym_op->rsa.message.data = data_tc->rsa_data.pt.data; + asym_op->rsa.message.length = data_tc->rsa_data.pt.len; + } else if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) { + asym_op->rsa.cipher.data = result; + asym_op->rsa.cipher.length = data_tc->rsa_data.n.len; + asym_op->rsa.sign.data = data_tc->rsa_data.sign.data; + asym_op->rsa.sign.length = data_tc->rsa_data.sign.len; + } + break; case RTE_CRYPTO_ASYM_XFORM_DH: case RTE_CRYPTO_ASYM_XFORM_DSA: - case RTE_CRYPTO_ASYM_XFORM_RSA: case RTE_CRYPTO_ASYM_XFORM_NONE: case RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED: default: @@ -429,7 +499,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, goto error_exit; } - if (test_cryptodev_asym_ver(data_tc, result_op) != TEST_SUCCESS) { + if (test_cryptodev_asym_ver(op, &xform_tc, data_tc, result_op) != TEST_SUCCESS) { snprintf(test_msg, ASYM_TEST_MSG_LEN, "line %u FAILED: %s", __LINE__, "Verification failed "); @@ -460,18 +530,47 @@ test_cryptodev_asym_op(struct crypto_testsuite_params *ts_params, static int test_one_case(const void *test_case, int sessionless) { - int status = TEST_SUCCESS; + int status = TEST_SUCCESS, i = 0; char test_msg[ASYM_TEST_MSG_LEN + 1]; /* Map the case to union */ union test_case_structure tc; memcpy(&tc, test_case, sizeof(tc)); - status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg, - sessionless); - - printf(" %u) TestCase %s %s\n", test_index++, - tc.modex.description, test_msg); + if (tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX + || tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_MODINV) { + status = test_cryptodev_asym_op(&testsuite_params, &tc, test_msg, + sessionless, 0, 0); + printf(" %u) TestCase %s %s\n", test_index++, + tc.modex.description, test_msg); + } else { + for (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) { + if (tc.modex.xform_type == RTE_CRYPTO_ASYM_XFORM_RSA) { + if (tc.rsa_data.op_type_flags & (1 << i)) { + if (tc.rsa_data.key_exp) { + status = test_cryptodev_asym_op( + &testsuite_params, &tc, + test_msg, sessionless, i, + RTE_RSA_KEY_TYPE_EXP); + } + if (status) + break; + if (tc.rsa_data.key_qt && (i == + RTE_CRYPTO_ASYM_OP_DECRYPT || + i == RTE_CRYPTO_ASYM_OP_SIGN)) { + status = test_cryptodev_asym_op( + &testsuite_params, + &tc, test_msg, sessionless, i, + RTE_RSA_KET_TYPE_QT); + } + if (status) + break; + } + } + } + printf(" %u) TestCase %s %s\n", test_index++, + tc.modex.description, test_msg); + } return status; } @@ -502,6 +601,17 @@ load_test_vectors(void) test_vector.address[test_vector.size] = &modinv_test_case[i]; test_vector.size++; } + /* Load RSA vector*/ + v_size = ARRAY_SIZE(rsa_test_case_list); + for (i = 0; i < v_size; i++) { + if (test_vector.size >= (TEST_VECTOR_SIZE)) { + RTE_LOG(DEBUG, USER1, + "TEST_VECTOR_SIZE too small\n"); + return -1; + } + test_vector.address[test_vector.size] = &rsa_test_case_list[i]; + test_vector.size++; + } return 0; } diff --git a/app/test/test_cryptodev_rsa_test_vectors.h b/app/test/test_cryptodev_rsa_test_vectors.h index 0dc0375..48a72e1 100644 --- a/app/test/test_cryptodev_rsa_test_vectors.h +++ b/app/test/test_cryptodev_rsa_test_vectors.h @@ -5,10 +5,236 @@ #ifndef TEST_CRYPTODEV_RSA_TEST_VECTORS_H__ #define TEST_CRYPTODEV_RSA_TEST_VECTORS_H__ +#include + #include "rte_crypto_asym.h" #define TEST_DATA_SIZE 4096 +struct rsa_test_data_2 { + enum rte_crypto_asym_xform_type xform_type; + const char *description; + uint64_t op_type_flags; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } pt; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } ct; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } sign; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } e; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } d; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } n; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } p; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } q; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } dP; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } dQ; + struct { + uint8_t data[DATA_SIZE]; + uint16_t len; + } qInv; + + uint16_t result_len; + enum rte_crypto_rsa_padding_type padding; + int key_exp; + int key_qt; +}; + +static const struct +rsa_test_data_2 rsa_test_case_list[] = { + { + .description = "RSA Encryption Decryption " + "(n=128, pt=20, e=3) EXP, QT", + .xform_type = RTE_CRYPTO_ASYM_XFORM_RSA, + .op_type_flags = 1UL << RTE_CRYPTO_ASYM_OP_ENCRYPT | + 1UL << RTE_CRYPTO_ASYM_OP_DECRYPT, + .pt = { + .data = { + 0x00, 0x02, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, + 0xbb, 0xbb, 0xbb, 0xbb, 0xf8, 0xba, 0x1a, 0x55, + 0xd0, 0x2f, 0x85, 0xae, 0x96, 0x7b, 0xb6, 0x2f, + 0xb6, 0xcd, 0xa8, 0xeb, 0x7e, 0x78, 0xa0, 0x50 + }, + .len = 128, + }, + .ct = { + .data = { + 0x3D, 0x8D, 0x2F, 0x85, 0xC0, 0xB7, 0x21, 0x3E, + 0x5B, 0x4A, 0x96, 0xB2, 0x85, 0x35, 0xAF, 0x0C, + 0x62, 0xE9, 0x73, 0xEF, 0x77, 0x76, 0x19, 0xD5, + 0x92, 0xF7, 0x1D, 0xB0, 0x15, 0x69, 0x65, 0x82, + 0x32, 0x30, 0x4E, 0x29, 0xE7, 0x83, 0xAD, 0x23, + 0x66, 0xD9, 0x91, 0x9B, 0xFF, 0x01, 0x10, 0x3B, + 0xB2, 0xF8, 0x78, 0x14, 0xD2, 0x6E, 0x3C, 0x59, + 0x6E, 0x1A, 0x90, 0x3C, 0x5A, 0xB3, 0x0B, 0x60, + 0xE2, 0x71, 0xCC, 0xF5, 0x0C, 0x57, 0x19, 0x03, + 0x5B, 0x04, 0x46, 0x7E, 0x13, 0x5B, 0xFF, 0x2C, + 0x01, 0x19, 0x75, 0x86, 0x6A, 0xAE, 0x60, 0xFB, + 0x0A, 0x4C, 0x14, 0x1A, 0xBC, 0x0E, 0x86, 0xF1, + 0x13, 0x10, 0xB3, 0x03, 0x8E, 0x66, 0x6F, 0xA5, + 0x53, 0x80, 0x5A, 0x91, 0xE6, 0x7C, 0x3C, 0x38, + 0x15, 0xB6, 0x69, 0x3E, 0xF6, 0x54, 0xB0, 0x60, + 0x83, 0xE9, 0x2B, 0xF3, 0x26, 0x53, 0x3E, 0x11 + }, + .len = 128, + }, + .e = { + .data = { + 0x01, 0x00, 0x01 + }, + .len = 3, + }, + .d = { + .data = { + 0x24, 0xd7, 0xea, 0xf4, 0x7f, 0xe0, 0xca, 0x31, + 0x4d, 0xee, 0xc4, 0xa1, 0xbe, 0xab, 0x06, 0x61, + 0x32, 0xe7, 0x51, 0x46, 0x27, 0xdf, 0x72, 0xe9, + 0x6f, 0xa8, 0x4c, 0xd1, 0x26, 0xef, 0x65, 0xeb, + 0x67, 0xff, 0x5f, 0xa7, 0x3b, 0x25, 0xb9, 0x08, + 0x8e, 0xa0, 0x47, 0x56, 0xe6, 0x8e, 0xf9, 0xd3, + 0x18, 0x06, 0x3d, 0xc6, 0xb1, 0xf8, 0xdc, 0x1b, + 0x8d, 0xe5, 0x30, 0x54, 0x26, 0xac, 0x16, 0x3b, + 0x7b, 0xad, 0x46, 0x9e, 0x21, 0x6a, 0x57, 0xe6, + 0x81, 0x56, 0x1d, 0x2a, 0xc4, 0x39, 0x63, 0x67, + 0x81, 0x2c, 0xca, 0xcc, 0xf8, 0x42, 0x04, 0xbe, + 0xcf, 0x8f, 0x6c, 0x5b, 0x81, 0x46, 0xb9, 0xc7, + 0x62, 0x90, 0x87, 0x35, 0x03, 0x9b, 0x89, 0xcb, + 0x37, 0xbd, 0xf1, 0x1b, 0x99, 0xa1, 0x9a, 0x78, + 0xd5, 0x4c, 0xdd, 0x3f, 0x41, 0x0c, 0xb7, 0x1a, + 0xd9, 0x7b, 0x87, 0x5f, 0xbe, 0xb1, 0x83, 0x41 + }, + .len = 128, + }, + .n = { + .data = { + 0xb3, 0xa1, 0xaf, 0xb7, 0x13, 0x08, 0x00, 0x0a, + 0x35, 0xdc, 0x2b, 0x20, 0x8d, 0xa1, 0xb5, 0xce, + 0x47, 0x8a, 0xc3, 0x80, 0xf4, 0x7d, 0x4a, 0xa2, + 0x62, 0xfd, 0x61, 0x7f, 0xb5, 0xa8, 0xde, 0x0a, + 0x17, 0x97, 0xa0, 0xbf, 0xdf, 0x56, 0x5a, 0x3d, + 0x51, 0x56, 0x4f, 0x70, 0x70, 0x3f, 0x63, 0x6a, + 0x44, 0x5b, 0xad, 0x84, 0x0d, 0x3f, 0x27, 0x6e, + 0x3b, 0x34, 0x91, 0x60, 0x14, 0xb9, 0xaa, 0x72, + 0xfd, 0xa3, 0x64, 0xd2, 0x03, 0xa7, 0x53, 0x87, + 0x9e, 0x88, 0x0b, 0xc1, 0x14, 0x93, 0x1a, 0x62, + 0xff, 0xb1, 0x5d, 0x74, 0xcd, 0x59, 0x63, 0x18, + 0x11, 0x3d, 0x4f, 0xba, 0x75, 0xd4, 0x33, 0x4e, + 0x23, 0x6b, 0x7b, 0x57, 0x44, 0xe1, 0xd3, 0x03, + 0x13, 0xa6, 0xf0, 0x8b, 0x60, 0xb0, 0x9e, 0xee, + 0x75, 0x08, 0x9d, 0x71, 0x63, 0x13, 0xcb, 0xa6, + 0x81, 0x92, 0x14, 0x03, 0x22, 0x2d, 0xde, 0x55 + }, + .len = 128, + }, + .p = { + .data = { + 0xdc, 0xba, 0x00, 0x01, 0x57, 0x93, 0xe3, 0x05, + 0xed, 0x61, 0x9a, 0xa3, 0xaf, 0x6a, 0xd3, 0x47, + 0x8f, 0x2d, 0x1e, 0x7f, 0x4d, 0x60, 0xc8, 0x8d, + 0x34, 0xb8, 0x17, 0x84, 0xbc, 0xd4, 0xe9, 0x79, + 0x95, 0x75, 0x19, 0x37, 0xe0, 0xcc, 0xfe, 0x4c, + 0x5d, 0x49, 0x53, 0x61, 0x29, 0xf1, 0xdc, 0x82, + 0x03, 0x96, 0x7d, 0x95, 0x4f, 0xdd, 0x3c, 0x0a, + 0x64, 0x8a, 0x43, 0x2f, 0x95, 0x4a, 0xed, 0xdd + }, + .len = 64, + }, + .q = { + .data = { + 0xd0, 0x56, 0x7a, 0x0a, 0xd5, 0x95, 0xa4, 0x85, + 0x53, 0x35, 0xa1, 0x48, 0x07, 0x6a, 0x7c, 0x08, + 0xe0, 0xfd, 0x4b, 0x88, 0x77, 0xa6, 0x15, 0x23, + 0x0f, 0xbf, 0x14, 0x46, 0x11, 0xee, 0x95, 0xc7, + 0x5e, 0x77, 0x65, 0xa2, 0xb5, 0x50, 0xdf, 0x19, + 0x07, 0xc7, 0x72, 0xdb, 0x29, 0xf6, 0x54, 0x86, + 0xe1, 0xb3, 0x97, 0x0a, 0x28, 0x64, 0x3a, 0x38, + 0xa6, 0x7d, 0x13, 0xc3, 0x79, 0xaa, 0x56, 0xd9 + }, + .len = 64, + }, + .dP = { + .data = { + 0xc5, 0x43, 0x0d, 0x82, 0x25, 0x8c, 0xab, 0x55, + 0xbe, 0xc2, 0x7d, 0xfb, 0x4f, 0x68, 0x3f, 0x0e, + 0x32, 0xec, 0xf5, 0xd6, 0x7b, 0x86, 0xc5, 0x75, + 0x3c, 0xea, 0x51, 0x4a, 0x75, 0xa0, 0x2a, 0x50, + 0x58, 0xbb, 0xe0, 0x1f, 0xca, 0x2e, 0x2a, 0x0e, + 0x81, 0x48, 0x68, 0xd5, 0xeb, 0x30, 0x96, 0x0b, + 0x33, 0xbd, 0xa8, 0xda, 0x6a, 0x17, 0xa3, 0xf2, + 0xfd, 0xcb, 0x7b, 0x23, 0xe9, 0x5e, 0x9f, 0x99 + }, + .len = 64, + }, + .dQ = { + .data = { + 0xbe, 0xff, 0xf9, 0x05, 0x43, 0xc8, 0xdc, 0x3b, + 0x0b, 0x0d, 0x28, 0xde, 0x73, 0x46, 0x11, 0x8e, + 0xc6, 0x4e, 0x11, 0xd8, 0x7b, 0xf0, 0xfc, 0x81, + 0xd7, 0x66, 0xd3, 0xbc, 0x65, 0xa6, 0x39, 0x14, + 0xbd, 0xab, 0x72, 0xb7, 0x57, 0xc9, 0x5b, 0xaf, + 0x83, 0xed, 0x3b, 0x84, 0x68, 0x15, 0x18, 0x6b, + 0x4c, 0x32, 0xac, 0x6f, 0x38, 0x96, 0xa2, 0xb5, + 0xdb, 0x14, 0xe2, 0x70, 0x9c, 0x73, 0x29, 0x09 + }, + .len = 64, + }, + .qInv = { + .data = { + 0x59, 0xbd, 0xb1, 0x37, 0xeb, 0x4e, 0xcf, 0x68, + 0xe7, 0x85, 0x91, 0xbb, 0xc0, 0xdb, 0x8e, 0x41, + 0x91, 0x4a, 0xc0, 0xb1, 0xc5, 0xe8, 0x91, 0xf6, + 0xc7, 0x5a, 0x98, 0x1a, 0x8a, 0x0f, 0x45, 0xb2, + 0x5b, 0xff, 0x7a, 0x2d, 0x98, 0x89, 0x55, 0xd9, + 0xbf, 0x6e, 0xdd, 0x2d, 0xd4, 0xe8, 0x0a, 0xaa, + 0xae, 0x2a, 0xc4, 0x16, 0xb5, 0xba, 0xe1, 0x69, + 0x71, 0x94, 0xdd, 0xa0, 0xf5, 0x1e, 0x6d, 0xcc + }, + .len = 64, + }, + .padding = RTE_CRYPTO_RSA_PADDING_NONE, + .key_exp = 1, + .key_qt = 1, + } +}; + struct rsa_test_data { uint8_t data[TEST_DATA_SIZE]; unsigned int len;