X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=drivers%2Fcrypto%2Fopenssl%2Frte_openssl_pmd_ops.c;h=ed7587758146afe0388a99bd4597f225a9d9d813;hb=e863fe3a13da89787fdf3b5c590101a3c0f10af6;hp=bbc203edea27d6e9c079bf51dbb3ea608d497aa8;hpb=3e9d6bd447fbf567df50c456caa2a6f7b1c78e74;p=dpdk.git diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c index bbc203edea..ed75877581 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c @@ -8,7 +8,7 @@ #include #include -#include "rte_openssl_pmd_private.h" +#include "openssl_pmd_private.h" #include "compat.h" @@ -26,9 +26,9 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { .increment = 1 }, .digest_size = { - .min = 16, + .min = 1, .max = 16, - .increment = 0 + .increment = 1 }, .iv_size = { 0 } }, } @@ -68,9 +68,9 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { .increment = 1 }, .digest_size = { - .min = 20, + .min = 1, .max = 20, - .increment = 0 + .increment = 1 }, .iv_size = { 0 } }, } @@ -110,9 +110,9 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { .increment = 1 }, .digest_size = { - .min = 28, + .min = 1, .max = 28, - .increment = 0 + .increment = 1 }, .iv_size = { 0 } }, } @@ -131,9 +131,9 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { .increment = 0 }, .digest_size = { - .min = 28, + .min = 1, .max = 28, - .increment = 0 + .increment = 1 }, .iv_size = { 0 } }, } @@ -152,9 +152,9 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { .increment = 1 }, .digest_size = { - .min = 32, + .min = 1, .max = 32, - .increment = 0 + .increment = 1 }, .iv_size = { 0 } }, } @@ -194,9 +194,9 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { .increment = 1 }, .digest_size = { - .min = 48, + .min = 1, .max = 48, - .increment = 0 + .increment = 1 }, .iv_size = { 0 } }, } @@ -236,9 +236,9 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { .increment = 1 }, .digest_size = { - .min = 64, + .min = 1, .max = 64, - .increment = 0 + .increment = 1 }, .iv_size = { 0 } }, } @@ -527,6 +527,48 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = { }, } }, + { /* dh */ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, + {.asym = { + .xform_capa = { + .xform_type = RTE_CRYPTO_ASYM_XFORM_DH, + .op_types = + ((1<data->queue_pairs[qp_id] != NULL) { + struct openssl_qp *qp = dev->data->queue_pairs[qp_id]; + + if (qp->processed_ops) + rte_ring_free(qp->processed_ops); + rte_free(dev->data->queue_pairs[qp_id]); dev->data->queue_pairs[qp_id] = NULL; } @@ -668,7 +715,7 @@ openssl_pmd_qp_create_processed_ops_ring(struct openssl_qp *qp, static int openssl_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, const struct rte_cryptodev_qp_conf *qp_conf, - int socket_id, struct rte_mempool *session_pool) + int socket_id) { struct openssl_qp *qp = NULL; @@ -693,7 +740,8 @@ openssl_pmd_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, if (qp->processed_ops == NULL) goto qp_setup_cleanup; - qp->sess_mp = session_pool; + qp->sess_mp = qp_conf->mp_session; + qp->sess_mp_priv = qp_conf->mp_session_private; memset(&qp->stats, 0, sizeof(qp->stats)); @@ -706,13 +754,6 @@ qp_setup_cleanup: return -1; } -/** Return the number of allocated queue pairs */ -static uint32_t -openssl_pmd_qp_count(struct rte_cryptodev *dev) -{ - return dev->data->nb_queue_pairs; -} - /** Returns the size of the symmetric session structure */ static unsigned openssl_pmd_sym_session_get_size(struct rte_cryptodev *dev __rte_unused) @@ -769,7 +810,8 @@ static int openssl_set_asym_session_parameters( { int ret = 0; - if (xform->next != NULL) { + if ((xform->xform_type != RTE_CRYPTO_ASYM_XFORM_DH) && + (xform->next != NULL)) { OPENSSL_LOG(ERR, "chained xfrms are not supported on %s", rte_crypto_asym_xform_strings[xform->xform_type]); return -1; @@ -832,14 +874,14 @@ static int openssl_set_asym_session_parameters( RSA_free(rsa); goto err_rsa; } - set_rsa_params(rsa, p, q, ret); + ret = set_rsa_params(rsa, p, q); if (ret) { OPENSSL_LOG(ERR, "failed to set rsa params\n"); RSA_free(rsa); goto err_rsa; } - set_rsa_crt_params(rsa, dmp1, dmq1, iqmp, ret); + ret = set_rsa_crt_params(rsa, dmp1, dmq1, iqmp); if (ret) { OPENSSL_LOG(ERR, "failed to set crt params\n"); @@ -853,7 +895,7 @@ static int openssl_set_asym_session_parameters( } } - set_rsa_keys(rsa, n, e, d, ret); + ret = set_rsa_keys(rsa, n, e, d); if (ret) { OPENSSL_LOG(ERR, "Failed to load rsa keys\n"); RSA_free(rsa); @@ -863,22 +905,14 @@ static int openssl_set_asym_session_parameters( asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_RSA; break; err_rsa: - if (n) - BN_free(n); - if (e) - BN_free(e); - if (d) - BN_free(d); - if (p) - BN_free(p); - if (q) - BN_free(q); - if (dmp1) - BN_free(dmp1); - if (dmq1) - BN_free(dmq1); - if (iqmp) - BN_free(iqmp); + BN_clear_free(n); + BN_clear_free(e); + BN_clear_free(d); + BN_clear_free(p); + BN_clear_free(q); + BN_clear_free(dmp1); + BN_clear_free(dmq1); + BN_clear_free(iqmp); return -1; } @@ -940,6 +974,140 @@ err_rsa: asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_MODINV; break; } + case RTE_CRYPTO_ASYM_XFORM_DH: + { + BIGNUM *p = NULL; + BIGNUM *g = NULL; + + p = BN_bin2bn((const unsigned char *) + xform->dh.p.data, + xform->dh.p.length, + p); + g = BN_bin2bn((const unsigned char *) + xform->dh.g.data, + xform->dh.g.length, + g); + if (!p || !g) + goto err_dh; + + DH *dh = DH_new(); + if (dh == NULL) { + OPENSSL_LOG(ERR, + "failed to allocate resources\n"); + goto err_dh; + } + ret = set_dh_params(dh, p, g); + if (ret) { + DH_free(dh); + goto err_dh; + } + + /* + * setup xfrom for + * public key generate, or + * DH Priv key generate, or both + * public and private key generate + */ + asym_session->u.dh.key_op = (1 << xform->dh.type); + + if (xform->dh.type == + RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) { + /* check if next is pubkey */ + if ((xform->next != NULL) && + (xform->next->xform_type == + RTE_CRYPTO_ASYM_XFORM_DH) && + (xform->next->dh.type == + RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE) + ) { + /* + * setup op as pub/priv key + * pair generationi + */ + asym_session->u.dh.key_op |= + (1 << + RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE); + } + } + asym_session->u.dh.dh_key = dh; + asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_DH; + break; + +err_dh: + OPENSSL_LOG(ERR, " failed to set dh params\n"); + BN_free(p); + BN_free(g); + return -1; + } + case RTE_CRYPTO_ASYM_XFORM_DSA: + { + BIGNUM *p = NULL, *g = NULL; + BIGNUM *q = NULL, *priv_key = NULL; + BIGNUM *pub_key = BN_new(); + BN_zero(pub_key); + + p = BN_bin2bn((const unsigned char *) + xform->dsa.p.data, + xform->dsa.p.length, + p); + + g = BN_bin2bn((const unsigned char *) + xform->dsa.g.data, + xform->dsa.g.length, + g); + + q = BN_bin2bn((const unsigned char *) + xform->dsa.q.data, + xform->dsa.q.length, + q); + if (!p || !q || !g) + goto err_dsa; + + priv_key = BN_bin2bn((const unsigned char *) + xform->dsa.x.data, + xform->dsa.x.length, + priv_key); + if (priv_key == NULL) + goto err_dsa; + + DSA *dsa = DSA_new(); + if (dsa == NULL) { + OPENSSL_LOG(ERR, + " failed to allocate resources\n"); + goto err_dsa; + } + + ret = set_dsa_params(dsa, p, q, g); + if (ret) { + DSA_free(dsa); + OPENSSL_LOG(ERR, "Failed to dsa params\n"); + goto err_dsa; + } + + /* + * openssl 1.1.0 mandate that public key can't be + * NULL in very first call. so set a dummy pub key. + * to keep consistency, lets follow same approach for + * both versions + */ + /* just set dummy public for very 1st call */ + ret = set_dsa_keys(dsa, pub_key, priv_key); + if (ret) { + DSA_free(dsa); + OPENSSL_LOG(ERR, "Failed to set keys\n"); + return -1; + } + asym_session->u.s.dsa = dsa; + asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_DSA; + break; + +err_dsa: + BN_free(p); + BN_free(q); + BN_free(g); + BN_free(priv_key); + BN_free(pub_key); + return -1; + } default: return -1; } @@ -1021,6 +1189,14 @@ static void openssl_reset_asym_session(struct openssl_asym_session *sess) BN_CTX_free(sess->u.m.ctx); } break; + case RTE_CRYPTO_ASYM_XFORM_DH: + if (sess->u.dh.dh_key) + DH_free(sess->u.dh.dh_key); + break; + case RTE_CRYPTO_ASYM_XFORM_DSA: + if (sess->u.s.dsa) + DSA_free(sess->u.s.dsa); + break; default: break; } @@ -1059,7 +1235,6 @@ struct rte_cryptodev_ops openssl_pmd_ops = { .queue_pair_setup = openssl_pmd_qp_setup, .queue_pair_release = openssl_pmd_qp_release, - .queue_pair_count = openssl_pmd_qp_count, .sym_session_get_size = openssl_pmd_sym_session_get_size, .asym_session_get_size = openssl_pmd_asym_session_get_size,