drivers/crypto/openssl/openssl_pmd_private.h

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright(c) 2016-2017 Intel Corporation
   3  */
   4
   5 #ifndef _OPENSSL_PMD_PRIVATE_H_
   6 #define _OPENSSL_PMD_PRIVATE_H_
   7
   8 #include <openssl/evp.h>
   9 #include <openssl/hmac.h>
  10 #include <openssl/des.h>
  11 #include <openssl/rsa.h>
  12 #include <openssl/dh.h>
  13 #include <openssl/dsa.h>
  14 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
  15 #include <openssl/provider.h>
  16 #include <openssl/core_names.h>
  17 #endif
  18
  19 #define CRYPTODEV_NAME_OPENSSL_PMD      crypto_openssl
  20 /**< Open SSL Crypto PMD device name */
  21
  22 /** OPENSSL PMD LOGTYPE DRIVER */
  23 extern int openssl_logtype_driver;
  24 #define OPENSSL_LOG(level, fmt, ...)  \
  25         rte_log(RTE_LOG_ ## level, openssl_logtype_driver,  \
  26                         "%s() line %u: " fmt "\n", __func__, __LINE__,  \
  27                                         ## __VA_ARGS__)
  28
  29 /* Maximum length for digest (SHA-512 needs 64 bytes) */
  30 #define DIGEST_LENGTH_MAX 64
  31
  32 /** OPENSSL operation order mode enumerator */
  33 enum openssl_chain_order {
  34         OPENSSL_CHAIN_ONLY_CIPHER,
  35         OPENSSL_CHAIN_ONLY_AUTH,
  36         OPENSSL_CHAIN_CIPHER_BPI,
  37         OPENSSL_CHAIN_CIPHER_AUTH,
  38         OPENSSL_CHAIN_AUTH_CIPHER,
  39         OPENSSL_CHAIN_COMBINED,
  40         OPENSSL_CHAIN_NOT_SUPPORTED
  41 };
  42
  43 /** OPENSSL cipher mode enumerator */
  44 enum openssl_cipher_mode {
  45         OPENSSL_CIPHER_LIB,
  46         OPENSSL_CIPHER_DES3CTR,
  47 };
  48
  49 /** OPENSSL auth mode enumerator */
  50 enum openssl_auth_mode {
  51         OPENSSL_AUTH_AS_AUTH,
  52         OPENSSL_AUTH_AS_HMAC,
  53 };
  54
  55 /** private data structure for each OPENSSL crypto device */
  56 struct openssl_private {
  57         unsigned int max_nb_qpairs;
  58         /**< Max number of queue pairs */
  59 };
  60
  61 /** OPENSSL crypto queue pair */
  62 struct openssl_qp {
  63         uint16_t id;
  64         /**< Queue Pair Identifier */
  65         char name[RTE_CRYPTODEV_NAME_MAX_LEN];
  66         /**< Unique Queue Pair Name */
  67         struct rte_ring *processed_ops;
  68         /**< Ring for placing process packets */
  69         struct rte_mempool *sess_mp;
  70         /**< Session Mempool */
  71         struct rte_mempool *sess_mp_priv;
  72         /**< Session Private Data Mempool */
  73         struct rte_cryptodev_stats stats;
  74         /**< Queue pair statistics */
  75         uint8_t temp_digest[DIGEST_LENGTH_MAX];
  76         /**< Buffer used to store the digest generated
  77          * by the driver when verifying a digest provided
  78          * by the user (using authentication verify operation)
  79          */
  80 } __rte_cache_aligned;
  81
  82 /** OPENSSL crypto private session structure */
  83 struct openssl_session {
  84         enum openssl_chain_order chain_order;
  85         /**< chain order mode */
  86
  87         struct {
  88                 uint16_t length;
  89                 uint16_t offset;
  90         } iv;
  91         /**< IV parameters */
  92
  93         enum rte_crypto_aead_algorithm aead_algo;
  94         /**< AEAD algorithm */
  95
  96         /** Cipher Parameters */
  97         struct {
  98                 enum rte_crypto_cipher_operation direction;
  99                 /**< cipher operation direction */
 100                 enum openssl_cipher_mode mode;
 101                 /**< cipher operation mode */
 102                 enum rte_crypto_cipher_algorithm algo;
 103                 /**< cipher algorithm */
 104
 105                 struct {
 106                         uint8_t data[32];
 107                         /**< key data */
 108                         size_t length;
 109                         /**< key length in bytes */
 110                 } key;
 111
 112                 const EVP_CIPHER *evp_algo;
 113                 /**< pointer to EVP algorithm function */
 114                 EVP_CIPHER_CTX *ctx;
 115                 /**< pointer to EVP context structure */
 116                 EVP_CIPHER_CTX *bpi_ctx;
 117         } cipher;
 118
 119         /** Authentication Parameters */
 120         struct {
 121                 enum rte_crypto_auth_operation operation;
 122                 /**< auth operation generate or verify */
 123                 enum openssl_auth_mode mode;
 124                 /**< auth operation mode */
 125                 enum rte_crypto_auth_algorithm algo;
 126                 /**< cipher algorithm */
 127
 128                 union {
 129                         struct {
 130                                 const EVP_MD *evp_algo;
 131                                 /**< pointer to EVP algorithm function */
 132                                 EVP_MD_CTX *ctx;
 133                                 /**< pointer to EVP context structure */
 134                         } auth;
 135
 136                         struct {
 137                                 EVP_PKEY *pkey;
 138                                 /**< pointer to EVP key */
 139                                 const EVP_MD *evp_algo;
 140                                 /**< pointer to EVP algorithm function */
 141 # if OPENSSL_VERSION_NUMBER >= 0x30000000L
 142                                 EVP_MAC_CTX * ctx;
 143 # else
 144                                 HMAC_CTX *ctx;
 145 # endif
 146                                 /**< pointer to EVP context structure */
 147                         } hmac;
 148                 };
 149
 150                 uint16_t aad_length;
 151                 /**< AAD length */
 152                 uint16_t digest_length;
 153                 /**< digest length */
 154         } auth;
 155
 156 } __rte_cache_aligned;
 157
 158 /** OPENSSL crypto private asymmetric session structure */
 159 struct openssl_asym_session {
 160         enum rte_crypto_asym_xform_type xfrm_type;
 161         union {
 162                 struct rsa {
 163                         RSA *rsa;
 164 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 165                         EVP_PKEY_CTX * ctx;
 166 #endif
 167                 } r;
 168                 struct exp {
 169                         BIGNUM *exp;
 170                         BIGNUM *mod;
 171                         BN_CTX *ctx;
 172                 } e;
 173                 struct mod {
 174                         BIGNUM *modulus;
 175                         BN_CTX *ctx;
 176                 } m;
 177                 struct dh {
 178                         DH *dh_key;
 179                         uint32_t key_op;
 180 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 181                         OSSL_PARAM_BLD * param_bld;
 182                         OSSL_PARAM_BLD *param_bld_peer;
 183 #endif
 184                 } dh;
 185                 struct {
 186                         DSA *dsa;
 187 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
 188                         OSSL_PARAM_BLD * param_bld;
 189 #endif
 190                 } s;
 191         } u;
 192 } __rte_cache_aligned;
 193 /** Set and validate OPENSSL crypto session parameters */
 194 extern int
 195 openssl_set_session_parameters(struct openssl_session *sess,
 196                 const struct rte_crypto_sym_xform *xform);
 197
 198 /** Reset OPENSSL crypto session parameters */
 199 extern void
 200 openssl_reset_session(struct openssl_session *sess);
 201
 202 /** device specific operations function pointer structure */
 203 extern struct rte_cryptodev_ops *rte_openssl_pmd_ops;
 204
 205 #endif /* _OPENSSL_PMD_PRIVATE_H_ */