Skip to content

Commit c9bb2e1

Browse files
gmuthukrishnAkhil Goyal
gmuthukrishn
authored and
Akhil Goyal
committed
cryptodev: move RSA padding information into xform
RSA padding information could be a xform entity rather than part of crypto op, as it seems associated with hashing algorithm used for the entire crypto session, where this algorithm is used in message digest itself. Even in virtIO standard spec, this info is associated in the asymmetric session creation. Hence, moving this info from crypto op into xform structure. Signed-off-by: Gowrishankar Muthukrishnan <[email protected]> Acked-by: Arek Kusztal <[email protected]> Acked-by: Akhil Goyal <[email protected]>
1 parent 3477886 commit c9bb2e1

File tree

13 files changed

+67
-54
lines changed

13 files changed

+67
-54
lines changed

app/test/test_cryptodev_asym.c

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,6 @@ queue_ops_rsa_sign_verify(void *sess)
8181
asym_op->rsa.message.length = rsaplaintext.len;
8282
asym_op->rsa.sign.length = RTE_DIM(rsa_n);
8383
asym_op->rsa.sign.data = output_buf;
84-
asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
8584

8685
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
8786
asym_op->rsa.message.length);
@@ -113,7 +112,6 @@ queue_ops_rsa_sign_verify(void *sess)
113112

114113
/* Verify sign */
115114
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
116-
asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
117115

118116
/* Process crypto operation */
119117
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -172,7 +170,6 @@ queue_ops_rsa_enc_dec(void *sess)
172170
asym_op->rsa.cipher.data = cipher_buf;
173171
asym_op->rsa.cipher.length = RTE_DIM(rsa_n);
174172
asym_op->rsa.message.length = rsaplaintext.len;
175-
asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
176173

177174
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
178175
asym_op->rsa.message.length);
@@ -204,7 +201,6 @@ queue_ops_rsa_enc_dec(void *sess)
204201
asym_op = result_op->asym;
205202
asym_op->rsa.message.length = RTE_DIM(rsa_n);
206203
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
207-
asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
208204

209205
/* Process crypto operation */
210206
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -3650,7 +3646,6 @@ rsa_encrypt(const struct rsa_test_data_2 *vector, uint8_t *cipher_buf)
36503646
self->op->asym->rsa.cipher.data = cipher_buf;
36513647
self->op->asym->rsa.cipher.length = 0;
36523648
SET_RSA_PARAM(self->op->asym->rsa, vector, message);
3653-
self->op->asym->rsa.padding.type = vector->padding;
36543649

36553650
rte_crypto_op_attach_asym_session(self->op, self->sess);
36563651
TEST_ASSERT_SUCCESS(send_one(),
@@ -3674,7 +3669,6 @@ rsa_decrypt(const struct rsa_test_data_2 *vector, uint8_t *plaintext,
36743669
self->op->asym->rsa.message.data = plaintext;
36753670
self->op->asym->rsa.message.length = 0;
36763671
self->op->asym->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
3677-
self->op->asym->rsa.padding.type = vector->padding;
36783672
rte_crypto_op_attach_asym_session(self->op, self->sess);
36793673
TEST_ASSERT_SUCCESS(send_one(),
36803674
"Failed to process crypto op (Decryption)");
@@ -3716,6 +3710,7 @@ kat_rsa_encrypt(const void *data)
37163710
SET_RSA_PARAM(xform.rsa, vector, n);
37173711
SET_RSA_PARAM(xform.rsa, vector, e);
37183712
SET_RSA_PARAM(xform.rsa, vector, d);
3713+
xform.rsa.padding.type = vector->padding;
37193714
xform.rsa.key_type = RTE_RSA_KEY_TYPE_EXP;
37203715
int ret = rsa_init_session(&xform);
37213716

@@ -3746,6 +3741,7 @@ kat_rsa_encrypt_crt(const void *data)
37463741
SET_RSA_PARAM_QT(xform.rsa, vector, dP);
37473742
SET_RSA_PARAM_QT(xform.rsa, vector, dQ);
37483743
SET_RSA_PARAM_QT(xform.rsa, vector, qInv);
3744+
xform.rsa.padding.type = vector->padding;
37493745
xform.rsa.key_type = RTE_RSA_KEY_TYPE_QT;
37503746
int ret = rsa_init_session(&xform);
37513747
if (ret) {
@@ -3771,6 +3767,7 @@ kat_rsa_decrypt(const void *data)
37713767
SET_RSA_PARAM(xform.rsa, vector, n);
37723768
SET_RSA_PARAM(xform.rsa, vector, e);
37733769
SET_RSA_PARAM(xform.rsa, vector, d);
3770+
xform.rsa.padding.type = vector->padding;
37743771
xform.rsa.key_type = RTE_RSA_KEY_TYPE_EXP;
37753772
int ret = rsa_init_session(&xform);
37763773

@@ -3801,6 +3798,7 @@ kat_rsa_decrypt_crt(const void *data)
38013798
SET_RSA_PARAM_QT(xform.rsa, vector, dP);
38023799
SET_RSA_PARAM_QT(xform.rsa, vector, dQ);
38033800
SET_RSA_PARAM_QT(xform.rsa, vector, qInv);
3801+
xform.rsa.padding.type = vector->padding;
38043802
xform.rsa.key_type = RTE_RSA_KEY_TYPE_QT;
38053803
int ret = rsa_init_session(&xform);
38063804
if (ret) {

app/test/test_cryptodev_rsa_test_vectors.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -345,6 +345,7 @@ struct rte_crypto_asym_xform rsa_xform = {
345345
.next = NULL,
346346
.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
347347
.rsa = {
348+
.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
348349
.n = {
349350
.data = rsa_n,
350351
.length = sizeof(rsa_n)
@@ -366,6 +367,7 @@ struct rte_crypto_asym_xform rsa_xform_crt = {
366367
.next = NULL,
367368
.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,
368369
.rsa = {
370+
.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5,
369371
.n = {
370372
.data = rsa_n,
371373
.length = sizeof(rsa_n)

doc/guides/rel_notes/deprecation.rst

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -174,8 +174,6 @@ Deprecation Notices
174174
which got error interrupt to the application,
175175
so that application can reset that particular queue pair.
176176

177-
* cryptodev: Some changes may happen to manage RSA padding for virtio-crypto.
178-
179177
* cryptodev: The Intel IPsec Multi-Buffer version will be bumped
180178
to a minimum version of v1.4.
181179
This will effect the KASUMI, SNOW3G, ZUC, AESNI GCM, AESNI MB and CHACHAPOLY

doc/guides/rel_notes/release_24_11.rst

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -146,6 +146,11 @@ ABI Changes
146146
in either exponent or quintuple format is changed from union to struct data type.
147147
This change is to support ASN.1 syntax (RFC 3447 Appendix A.1.2).
148148

149+
* cryptodev: The padding struct ``rte_crypto_rsa_padding`` is moved from
150+
``rte_crypto_rsa_op_param`` to ``rte_crypto_rsa_xform`` as the padding information
151+
is part of session creation instead of per packet crypto operation.
152+
This change is required to support virtio-crypto specifications.
153+
149154

150155
Known Issues
151156
------------

drivers/common/cpt/cpt_ucode_asym.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -327,7 +327,7 @@ cpt_rsa_prep(struct asym_op_params *rsa_params,
327327
/* Result buffer */
328328
rlen = mod_len;
329329

330-
if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
330+
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
331331
/* Use mod_exp operation for no_padding type */
332332
vq_cmd_w0.s.opcode.minor = CPT_MINOR_OP_MODEX;
333333
vq_cmd_w0.s.param2 = exp_len;
@@ -412,7 +412,7 @@ cpt_rsa_crt_prep(struct asym_op_params *rsa_params,
412412
/* Result buffer */
413413
rlen = mod_len;
414414

415-
if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
415+
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
416416
/*Use mod_exp operation for no_padding type */
417417
vq_cmd_w0.s.opcode.minor = CPT_MINOR_OP_MODEX_CRT;
418418
} else {

drivers/crypto/cnxk/cnxk_ae.h

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -181,6 +181,9 @@ cnxk_ae_fill_rsa_params(struct cnxk_ae_sess *sess,
181181
rsa->n.length = mod_len;
182182
rsa->e.length = exp_len;
183183

184+
/* Set padding info */
185+
rsa->padding.type = xform->rsa.padding.type;
186+
184187
return 0;
185188
}
186189

@@ -390,7 +393,7 @@ cnxk_ae_rsa_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf,
390393
dptr += in_size;
391394
dlen = total_key_len + in_size;
392395

393-
if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
396+
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
394397
/* Use mod_exp operation for no_padding type */
395398
w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX;
396399
w4.s.param2 = exp_len;
@@ -445,7 +448,7 @@ cnxk_ae_rsa_exp_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf,
445448
dptr += in_size;
446449
dlen = mod_len + privkey_len + in_size;
447450

448-
if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
451+
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
449452
/* Use mod_exp operation for no_padding type */
450453
w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX;
451454
w4.s.param2 = privkey_len;
@@ -503,7 +506,7 @@ cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf,
503506
dptr += in_size;
504507
dlen = total_key_len + in_size;
505508

506-
if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
509+
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
507510
/*Use mod_exp operation for no_padding type */
508511
w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX_CRT;
509512
} else {
@@ -1558,7 +1561,7 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
15581561
memcpy(rsa->cipher.data, rptr, rsa->cipher.length);
15591562
break;
15601563
case RTE_CRYPTO_ASYM_OP_DECRYPT:
1561-
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
1564+
if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
15621565
rsa->message.length = rsa_ctx->n.length;
15631566
memcpy(rsa->message.data, rptr, rsa->message.length);
15641567
} else {
@@ -1578,7 +1581,7 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
15781581
memcpy(rsa->sign.data, rptr, rsa->sign.length);
15791582
break;
15801583
case RTE_CRYPTO_ASYM_OP_VERIFY:
1581-
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
1584+
if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
15821585
rsa->sign.length = rsa_ctx->n.length;
15831586
memcpy(rsa->sign.data, rptr, rsa->sign.length);
15841587
} else {

drivers/crypto/octeontx/otx_cryptodev_ops.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -708,7 +708,7 @@ otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info *req,
708708
memcpy(rsa->cipher.data, req->rptr, rsa->cipher.length);
709709
break;
710710
case RTE_CRYPTO_ASYM_OP_DECRYPT:
711-
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
711+
if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
712712
rsa->message.length = rsa_ctx->n.length;
713713
else {
714714
/* Get length of decrypted output */
@@ -725,7 +725,7 @@ otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info *req,
725725
memcpy(rsa->sign.data, req->rptr, rsa->sign.length);
726726
break;
727727
case RTE_CRYPTO_ASYM_OP_VERIFY:
728-
if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
728+
if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
729729
rsa->sign.length = rsa_ctx->n.length;
730730
else {
731731
/* Get length of decrypted output */

drivers/crypto/openssl/openssl_pmd_private.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -197,6 +197,7 @@ struct __rte_cache_aligned openssl_asym_session {
197197
union {
198198
struct rsa {
199199
RSA *rsa;
200+
uint32_t pad;
200201
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
201202
EVP_PKEY_CTX * ctx;
202203
#endif

drivers/crypto/openssl/rte_openssl_pmd.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2699,7 +2699,7 @@ process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
26992699
struct openssl_asym_session *sess)
27002700
{
27012701
struct rte_crypto_asym_op *op = cop->asym;
2702-
uint32_t pad = (op->rsa.padding.type);
2702+
uint32_t pad = sess->u.r.pad;
27032703
uint8_t *tmp;
27042704
size_t outlen = 0;
27052705
int ret = -1;
@@ -3273,7 +3273,7 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
32733273
int ret = 0;
32743274
struct rte_crypto_asym_op *op = cop->asym;
32753275
RSA *rsa = sess->u.r.rsa;
3276-
uint32_t pad = (op->rsa.padding.type);
3276+
uint32_t pad = sess->u.r.pad;
32773277
uint8_t *tmp;
32783278

32793279
cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;

drivers/crypto/openssl/rte_openssl_pmd_ops.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -913,6 +913,7 @@ static int openssl_set_asym_session_parameters(
913913
if (!n || !e)
914914
goto err_rsa;
915915

916+
asym_session->u.r.pad = xform->rsa.padding.type;
916917
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
917918
OSSL_PARAM_BLD * param_bld = OSSL_PARAM_BLD_new();
918919
if (!param_bld) {

0 commit comments

Comments
 (0)