4 * Copyright(c) 2016-2017 Intel Corporation. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * * Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * * Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
16 * * Neither the name of Intel Corporation nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
23 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
24 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
25 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
26 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #ifndef _OPENSSL_PMD_PRIVATE_H_
34 #define _OPENSSL_PMD_PRIVATE_H_
36 #include <openssl/evp.h>
37 #include <openssl/hmac.h>
38 #include <openssl/des.h>
40 #define CRYPTODEV_NAME_OPENSSL_PMD crypto_openssl
41 /**< Open SSL Crypto PMD device name */
43 #define OPENSSL_LOG_ERR(fmt, args...) \
44 RTE_LOG(ERR, CRYPTODEV, "[%s] %s() line %u: " fmt "\n", \
45 RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD), \
46 __func__, __LINE__, ## args)
48 #ifdef RTE_LIBRTE_OPENSSL_DEBUG
49 #define OPENSSL_LOG_INFO(fmt, args...) \
50 RTE_LOG(INFO, CRYPTODEV, "[%s] %s() line %u: " fmt "\n", \
51 RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD), \
52 __func__, __LINE__, ## args)
54 #define OPENSSL_LOG_DBG(fmt, args...) \
55 RTE_LOG(DEBUG, CRYPTODEV, "[%s] %s() line %u: " fmt "\n", \
56 RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD), \
57 __func__, __LINE__, ## args)
59 #define OPENSSL_LOG_INFO(fmt, args...)
60 #define OPENSSL_LOG_DBG(fmt, args...)
63 /* Maximum length for digest (SHA-512 needs 64 bytes) */
64 #define DIGEST_LENGTH_MAX 64
66 /** OPENSSL operation order mode enumerator */
67 enum openssl_chain_order {
68 OPENSSL_CHAIN_ONLY_CIPHER,
69 OPENSSL_CHAIN_ONLY_AUTH,
70 OPENSSL_CHAIN_CIPHER_BPI,
71 OPENSSL_CHAIN_CIPHER_AUTH,
72 OPENSSL_CHAIN_AUTH_CIPHER,
73 OPENSSL_CHAIN_COMBINED,
74 OPENSSL_CHAIN_NOT_SUPPORTED
77 /** OPENSSL cipher mode enumerator */
78 enum openssl_cipher_mode {
80 OPENSSL_CIPHER_DES3CTR,
83 /** OPENSSL auth mode enumerator */
84 enum openssl_auth_mode {
89 /** private data structure for each OPENSSL crypto device */
90 struct openssl_private {
91 unsigned int max_nb_qpairs;
92 /**< Max number of queue pairs */
93 unsigned int max_nb_sessions;
94 /**< Max number of sessions */
97 /** OPENSSL crypto queue pair */
100 /**< Queue Pair Identifier */
101 char name[RTE_CRYPTODEV_NAME_LEN];
102 /**< Unique Queue Pair Name */
103 struct rte_ring *processed_ops;
104 /**< Ring for placing process packets */
105 struct rte_mempool *sess_mp;
106 /**< Session Mempool */
107 struct rte_cryptodev_stats stats;
108 /**< Queue pair statistics */
109 uint8_t temp_digest[DIGEST_LENGTH_MAX];
110 /**< Buffer used to store the digest generated
111 * by the driver when verifying a digest provided
112 * by the user (using authentication verify operation)
114 } __rte_cache_aligned;
116 /** OPENSSL crypto private session structure */
117 struct openssl_session {
118 enum openssl_chain_order chain_order;
119 /**< chain order mode */
125 /**< IV parameters */
127 enum rte_crypto_aead_algorithm aead_algo;
128 /**< AEAD algorithm */
130 /** Cipher Parameters */
132 enum rte_crypto_cipher_operation direction;
133 /**< cipher operation direction */
134 enum openssl_cipher_mode mode;
135 /**< cipher operation mode */
136 enum rte_crypto_cipher_algorithm algo;
137 /**< cipher algorithm */
143 /**< key length in bytes */
146 const EVP_CIPHER *evp_algo;
147 /**< pointer to EVP algorithm function */
149 /**< pointer to EVP context structure */
150 EVP_CIPHER_CTX *bpi_ctx;
153 /** Authentication Parameters */
155 enum rte_crypto_auth_operation operation;
156 /**< auth operation generate or verify */
157 enum openssl_auth_mode mode;
158 /**< auth operation mode */
159 enum rte_crypto_auth_algorithm algo;
160 /**< cipher algorithm */
164 const EVP_MD *evp_algo;
165 /**< pointer to EVP algorithm function */
167 /**< pointer to EVP context structure */
172 /**< pointer to EVP key */
173 const EVP_MD *evp_algo;
174 /**< pointer to EVP algorithm function */
176 /**< pointer to EVP context structure */
182 uint16_t digest_length;
183 /**< digest length */
186 } __rte_cache_aligned;
188 /** Set and validate OPENSSL crypto session parameters */
190 openssl_set_session_parameters(struct openssl_session *sess,
191 const struct rte_crypto_sym_xform *xform);
193 /** Reset OPENSSL crypto session parameters */
195 openssl_reset_session(struct openssl_session *sess);
197 /** device specific operations function pointer structure */
198 extern struct rte_cryptodev_ops *rte_openssl_pmd_ops;
200 #endif /* _OPENSSL_PMD_PRIVATE_H_ */