From fb70b33b05bb28c822024ea6a789cc645e7d84ee Mon Sep 17 00:00:00 2001 From: Arek Kusztal Date: Thu, 28 Mar 2019 14:37:02 +0100 Subject: [PATCH] crypto/qat: add modular exponentiation This commit adds modular exponentiation to Intel QuickAssist Technology driver. For capabilities or limitations please refer to qat.rst or qat_asym_capabilities.h. Signed-off-by: Arek Kusztal Acked-by: Fiona Trahe --- doc/guides/cryptodevs/qat.rst | 2 + .../qat_adf/qat_pke_functionality_arrays.h | 2 +- drivers/crypto/qat/qat_asym.c | 125 ++++++++++++++++-- drivers/crypto/qat/qat_asym.h | 6 + drivers/crypto/qat/qat_asym_capabilities.h | 18 ++- drivers/crypto/qat/qat_asym_pmd.c | 1 + 6 files changed, 140 insertions(+), 14 deletions(-) diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index f8593835ba..b8599e103f 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -106,6 +106,8 @@ Asymmetric Crypto Service on QAT The QAT Asym PMD has support for: +* ``Modular exponentiation`` + Limitations ~~~~~~~~~~~ diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h index 1fdb45a912..ffea27e227 100644 --- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h +++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h @@ -10,7 +10,7 @@ /* * Modular exponentiation functionality IDs */ -static const uint32_t __rte_unused MOD_EXP_SIZE[][2] = { +static const uint32_t MOD_EXP_SIZE[][2] = { { 512, MATHS_MODEXP_L512 }, { 1024, MATHS_MODEXP_L1024 }, { 1536, MATHS_MODEXP_L1536 }, diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 708bafa5d5..6cd643544a 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -11,7 +11,7 @@ #define qat_asym_sz_2param(arg) (arg, sizeof(arg)/sizeof(*arg)) -static int __rte_unused qat_asym_get_sz_and_func_id(const uint32_t arr[][2], +static int qat_asym_get_sz_and_func_id(const uint32_t arr[][2], size_t arr_sz, size_t *size, uint32_t *func_id) { size_t i; @@ -27,7 +27,7 @@ static int __rte_unused qat_asym_get_sz_and_func_id(const uint32_t arr[][2], } static void qat_asym_build_req_tmpl(void *sess_private_data, - struct rte_crypto_asym_xform __rte_unused *xform) + struct rte_crypto_asym_xform *xform) { struct icp_qat_fw_pke_request *qat_req; @@ -50,9 +50,14 @@ static void qat_asym_build_req_tmpl(void *sess_private_data, qat_req->resrvd1 = 0; qat_req->resrvd2 = 0; qat_req->next_req_adr = 0; + + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { + qat_req->output_param_count = 1; + qat_req->input_param_count = 3; + } } -static size_t __rte_unused max_of(int n, ...) +static size_t max_of(int n, ...) { va_list args; size_t len = 0, num; @@ -71,7 +76,7 @@ static size_t __rte_unused max_of(int n, ...) return len; } -static void __rte_unused qat_clear_arrays(struct qat_asym_op_cookie *cookie, +static void qat_clear_arrays(struct qat_asym_op_cookie *cookie, int in_count, int out_count, int in_size, int out_size) { int i; @@ -82,7 +87,7 @@ static void __rte_unused qat_clear_arrays(struct qat_asym_op_cookie *cookie, memset(cookie->output_array[i], 0x0, out_size); } -static int __rte_unused qat_asym_check_nonzero(rte_crypto_param n) +static int qat_asym_check_nonzero(rte_crypto_param n) { if (n.length < 8) { /* Not a case for any cryptograpic function except for DH @@ -120,12 +125,17 @@ qat_asym_build_request(void *in_op, { struct qat_asym_session *ctx; struct rte_crypto_op *op = (struct rte_crypto_op *)in_op; - struct rte_crypto_asym_op __rte_unused *asym_op = op->asym; + struct rte_crypto_asym_op *asym_op = op->asym; struct icp_qat_fw_pke_request *qat_req = (struct icp_qat_fw_pke_request *)out_msg; struct qat_asym_op_cookie *cookie = (struct qat_asym_op_cookie *)op_cookie; + uint64_t err = 0; + size_t alg_size; + size_t alg_size_in_bytes; + uint32_t func_id; + ctx = (struct qat_asym_session *)get_asym_session_private_data( op->asym->session, cryptodev_qat_asym_driver_id); rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl)); @@ -134,7 +144,52 @@ qat_asym_build_request(void *in_op, qat_req->pke_mid.src_data_addr = cookie->input_addr; qat_req->pke_mid.dest_data_addr = cookie->output_addr; - goto error; + if (ctx->alg == QAT_PKE_MODEXP) { + err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_exp.n); + if (err) { + QAT_LOG(ERR, "Empty modulus, aborting this operation"); + goto error; + } + + alg_size_in_bytes = max_of(3, asym_op->modex.base.length, + ctx->sess_alg_params.mod_exp.e.length, + ctx->sess_alg_params.mod_exp.n.length); + alg_size = alg_size_in_bytes << 3; + + if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE, + sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE), + &alg_size, &func_id)) { + err = QAT_ASYM_ERROR_INVALID_PARAM; + goto error; + } + + alg_size_in_bytes = alg_size >> 3; + rte_memcpy(cookie->input_array[0] + alg_size_in_bytes - + asym_op->modex.base.length + , asym_op->modex.base.data, + asym_op->modex.base.length); + rte_memcpy(cookie->input_array[1] + alg_size_in_bytes - + ctx->sess_alg_params.mod_exp.e.length + , ctx->sess_alg_params.mod_exp.e.data, + ctx->sess_alg_params.mod_exp.e.length); + rte_memcpy(cookie->input_array[2] + alg_size_in_bytes - + ctx->sess_alg_params.mod_exp.n.length, + ctx->sess_alg_params.mod_exp.n.data, + ctx->sess_alg_params.mod_exp.n.length); + cookie->alg_size = alg_size; + qat_req->pke_hdr.cd_pars.func_id = func_id; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "base", + cookie->input_array[0], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "exponent", + cookie->input_array[1], + alg_size_in_bytes); + QAT_DP_HEXDUMP_LOG(DEBUG, "modulus", + cookie->input_array[2], + alg_size_in_bytes); +#endif + } #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req, @@ -145,7 +200,7 @@ error: qat_req->output_param_count = 0; qat_req->input_param_count = 0; qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL; - cookie->error |= QAT_ASYM_ERROR_INVALID_PARAM; + cookie->error |= err; return 0; } @@ -154,11 +209,17 @@ void qat_asym_process_response(void **op, uint8_t *resp, void *op_cookie) { + struct qat_asym_session *ctx; struct icp_qat_fw_pke_resp *resp_msg = (struct icp_qat_fw_pke_resp *)resp; struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t) (resp_msg->opaque); + struct rte_crypto_asym_op *asym_op = rx_op->asym; struct qat_asym_op_cookie *cookie = op_cookie; + size_t alg_size, alg_size_in_bytes; + + ctx = (struct qat_asym_session *)get_asym_session_private_data( + rx_op->asym->session, cryptodev_qat_asym_driver_id); *op = rx_op; rx_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; @@ -179,6 +240,30 @@ qat_asym_process_response(void **op, uint8_t *resp, } } + if (ctx->alg == QAT_PKE_MODEXP) { + alg_size = cookie->alg_size; + alg_size_in_bytes = alg_size >> 3; + uint8_t *modexp_result = asym_op->modex.result.data; + + if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) { + rte_memcpy(modexp_result + + (asym_op->modex.result.length - + ctx->sess_alg_params.mod_exp.n.length), + cookie->output_array[0] + alg_size_in_bytes + - ctx->sess_alg_params.mod_exp.n.length, + ctx->sess_alg_params.mod_exp.n.length + ); + rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS; +#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG + QAT_DP_HEXDUMP_LOG(DEBUG, "modexp_result", + cookie->output_array[0], + alg_size_in_bytes); +#endif + } + qat_clear_arrays(cookie, 3, 1, alg_size_in_bytes, + alg_size_in_bytes); + } + #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "resp_msg:", resp_msg, sizeof(struct icp_qat_fw_pke_resp)); @@ -191,24 +276,40 @@ qat_asym_session_configure(struct rte_cryptodev *dev, struct rte_cryptodev_asym_session *sess, struct rte_mempool *mempool) { - int err; + int err = 0; void *sess_private_data; + struct qat_asym_session *session; - err = -EINVAL; - goto error; if (rte_mempool_get(mempool, &sess_private_data)) { QAT_LOG(ERR, "Couldn't get object from session mempool"); return -ENOMEM; } + session = sess_private_data; + if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) { + session->sess_alg_params.mod_exp.e = xform->modex.exponent; + session->sess_alg_params.mod_exp.n = xform->modex.modulus; + session->alg = QAT_PKE_MODEXP; + + if (xform->modex.exponent.length == 0 || + xform->modex.modulus.length == 0) { + QAT_LOG(ERR, "Invalid mod exp input parameter"); + err = -EINVAL; + goto error; + } + } else { + QAT_LOG(ERR, "Invalid asymmetric crypto xform"); + err = -EINVAL; + goto error; + } qat_asym_build_req_tmpl(sess_private_data, xform); - set_asym_session_private_data(sess, dev->driver_id, sess_private_data); return 0; error: + rte_mempool_put(mempool, sess_private_data); return err; } diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h index 7e5982d8ca..228d2f7fb2 100644 --- a/drivers/crypto/qat/qat_asym.h +++ b/drivers/crypto/qat/qat_asym.h @@ -45,6 +45,12 @@ struct qat_asym_session { enum qat_asym_alg alg; struct icp_qat_fw_pke_request req_tmpl; uint64_t flags; + union { + struct { + rte_crypto_param n; + rte_crypto_param e; + } mod_exp; + } sess_alg_params; }; int diff --git a/drivers/crypto/qat/qat_asym_capabilities.h b/drivers/crypto/qat/qat_asym_capabilities.h index b50e061c1e..1d6323f611 100644 --- a/drivers/crypto/qat/qat_asym_capabilities.h +++ b/drivers/crypto/qat/qat_asym_capabilities.h @@ -5,6 +5,22 @@ #ifndef _QAT_ASYM_CAPABILITIES_H_ #define _QAT_ASYM_CAPABILITIES_H_ -#define QAT_BASE_GEN1_ASYM_CAPABILITIES +#define QAT_BASE_GEN1_ASYM_CAPABILITIES \ + { /* modexp */ \ + .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC, \ + {.asym = { \ + .xform_capa = { \ + .xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX, \ + .op_types = 0, \ + { \ + .modlen = { \ + .min = 1, \ + .max = 512, \ + .increment = 1 \ + }, } \ + } \ + }, \ + } \ + } \ #endif /* _QAT_ASYM_CAPABILITIES_H_ */ diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c index 254bc48a68..c9997996f4 100644 --- a/drivers/crypto/qat/qat_asym_pmd.c +++ b/drivers/crypto/qat/qat_asym_pmd.c @@ -14,6 +14,7 @@ uint8_t cryptodev_qat_asym_driver_id; static const struct rte_cryptodev_capabilities qat_gen1_asym_capabilities[] = { + QAT_BASE_GEN1_ASYM_CAPABILITIES, RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; -- 2.20.1