[dpdk-dev] [PATCH v5 3/4] crypto/qat: add modular exponentiation to qat asym pmd

Arek Kusztal arkadiuszx.kusztal at intel.com
Thu Mar 28 14:37:02 CET 2019


This commit adds modular exponentiation to Intel QuickAssist
Technology driver. For capabilities or limitations please refer to
qat.rst or qat_asym_capabilities.h.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal at intel.com>
---
 doc/guides/cryptodevs/qat.rst                      |   2 +
 .../qat/qat_adf/qat_pke_functionality_arrays.h     |   2 +-
 drivers/crypto/qat/qat_asym.c                      | 125 +++++++++++++++++++--
 drivers/crypto/qat/qat_asym.h                      |   6 +
 drivers/crypto/qat/qat_asym_capabilities.h         |  18 ++-
 drivers/crypto/qat/qat_asym_pmd.c                  |   1 +
 6 files changed, 140 insertions(+), 14 deletions(-)

diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 53a8d61..e09ae8b 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -106,6 +106,8 @@ Asymmetric Crypto Service on QAT
 
 The QAT Asym PMD has support for:
 
+* ``Modular exponentiation``
+
 Limitations
 ~~~~~~~~~~~
 
diff --git a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
index 1fdb45a..ffea27e 100644
--- a/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
+++ b/drivers/common/qat/qat_adf/qat_pke_functionality_arrays.h
@@ -10,7 +10,7 @@
 /*
  * Modular exponentiation functionality IDs
  */
-static const uint32_t __rte_unused MOD_EXP_SIZE[][2] = {
+static const uint32_t MOD_EXP_SIZE[][2] = {
 		{ 512,	MATHS_MODEXP_L512 },
 		{ 1024, MATHS_MODEXP_L1024 },
 		{ 1536,	MATHS_MODEXP_L1536 },
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 708bafa..6cd6435 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -11,7 +11,7 @@
 
 #define qat_asym_sz_2param(arg) (arg, sizeof(arg)/sizeof(*arg))
 
-static int __rte_unused qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
+static int qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
 		size_t arr_sz, size_t *size, uint32_t *func_id)
 {
 	size_t i;
@@ -27,7 +27,7 @@ static int __rte_unused qat_asym_get_sz_and_func_id(const uint32_t arr[][2],
 }
 
 static void qat_asym_build_req_tmpl(void *sess_private_data,
-		struct rte_crypto_asym_xform __rte_unused *xform)
+		struct rte_crypto_asym_xform *xform)
 {
 
 	struct icp_qat_fw_pke_request *qat_req;
@@ -50,9 +50,14 @@ static void qat_asym_build_req_tmpl(void *sess_private_data,
 	qat_req->resrvd1 = 0;
 	qat_req->resrvd2 = 0;
 	qat_req->next_req_adr = 0;
+
+	if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
+		qat_req->output_param_count = 1;
+		qat_req->input_param_count = 3;
+	}
 }
 
-static size_t __rte_unused max_of(int n, ...)
+static size_t max_of(int n, ...)
 {
 	va_list args;
 	size_t len = 0, num;
@@ -71,7 +76,7 @@ static size_t __rte_unused max_of(int n, ...)
 	return len;
 }
 
-static void __rte_unused qat_clear_arrays(struct qat_asym_op_cookie *cookie,
+static void qat_clear_arrays(struct qat_asym_op_cookie *cookie,
 		int in_count, int out_count, int in_size, int out_size)
 {
 	int i;
@@ -82,7 +87,7 @@ static void __rte_unused qat_clear_arrays(struct qat_asym_op_cookie *cookie,
 		memset(cookie->output_array[i], 0x0, out_size);
 }
 
-static int __rte_unused qat_asym_check_nonzero(rte_crypto_param n)
+static int qat_asym_check_nonzero(rte_crypto_param n)
 {
 	if (n.length < 8) {
 		/* Not a case for any cryptograpic function except for DH
@@ -120,12 +125,17 @@ qat_asym_build_request(void *in_op,
 {
 	struct qat_asym_session *ctx;
 	struct rte_crypto_op *op = (struct rte_crypto_op *)in_op;
-	struct rte_crypto_asym_op __rte_unused *asym_op = op->asym;
+	struct rte_crypto_asym_op *asym_op = op->asym;
 	struct icp_qat_fw_pke_request *qat_req =
 			(struct icp_qat_fw_pke_request *)out_msg;
 	struct qat_asym_op_cookie *cookie =
 				(struct qat_asym_op_cookie *)op_cookie;
 
+	uint64_t err = 0;
+	size_t alg_size;
+	size_t alg_size_in_bytes;
+	uint32_t func_id;
+
 	ctx = (struct qat_asym_session *)get_asym_session_private_data(
 			op->asym->session, cryptodev_qat_asym_driver_id);
 	rte_mov64((uint8_t *)qat_req, (const uint8_t *)&(ctx->req_tmpl));
@@ -134,7 +144,52 @@ qat_asym_build_request(void *in_op,
 	qat_req->pke_mid.src_data_addr = cookie->input_addr;
 	qat_req->pke_mid.dest_data_addr = cookie->output_addr;
 
-	goto error;
+	if (ctx->alg == QAT_PKE_MODEXP) {
+		err = qat_asym_check_nonzero(ctx->sess_alg_params.mod_exp.n);
+		if (err) {
+			QAT_LOG(ERR, "Empty modulus, aborting this operation");
+			goto error;
+		}
+
+		alg_size_in_bytes = max_of(3, asym_op->modex.base.length,
+			       ctx->sess_alg_params.mod_exp.e.length,
+			       ctx->sess_alg_params.mod_exp.n.length);
+		alg_size = alg_size_in_bytes << 3;
+
+		if (qat_asym_get_sz_and_func_id(MOD_EXP_SIZE,
+				sizeof(MOD_EXP_SIZE)/sizeof(*MOD_EXP_SIZE),
+				&alg_size, &func_id)) {
+			err = QAT_ASYM_ERROR_INVALID_PARAM;
+			goto error;
+		}
+
+		alg_size_in_bytes = alg_size >> 3;
+		rte_memcpy(cookie->input_array[0] + alg_size_in_bytes -
+			asym_op->modex.base.length
+			, asym_op->modex.base.data,
+			asym_op->modex.base.length);
+		rte_memcpy(cookie->input_array[1] + alg_size_in_bytes -
+			ctx->sess_alg_params.mod_exp.e.length
+			, ctx->sess_alg_params.mod_exp.e.data,
+			ctx->sess_alg_params.mod_exp.e.length);
+		rte_memcpy(cookie->input_array[2]  + alg_size_in_bytes -
+			ctx->sess_alg_params.mod_exp.n.length,
+			ctx->sess_alg_params.mod_exp.n.data,
+			ctx->sess_alg_params.mod_exp.n.length);
+		cookie->alg_size = alg_size;
+		qat_req->pke_hdr.cd_pars.func_id = func_id;
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+		QAT_DP_HEXDUMP_LOG(DEBUG, "base",
+				cookie->input_array[0],
+				alg_size_in_bytes);
+		QAT_DP_HEXDUMP_LOG(DEBUG, "exponent",
+				cookie->input_array[1],
+				alg_size_in_bytes);
+		QAT_DP_HEXDUMP_LOG(DEBUG, "modulus",
+				cookie->input_array[2],
+				alg_size_in_bytes);
+#endif
+	}
 
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
 	QAT_DP_HEXDUMP_LOG(DEBUG, "qat_req:", qat_req,
@@ -145,7 +200,7 @@ qat_asym_build_request(void *in_op,
 	qat_req->output_param_count = 0;
 	qat_req->input_param_count = 0;
 	qat_req->pke_hdr.service_type = ICP_QAT_FW_COMN_REQ_NULL;
-	cookie->error |= QAT_ASYM_ERROR_INVALID_PARAM;
+	cookie->error |= err;
 
 	return 0;
 }
@@ -154,11 +209,17 @@ void
 qat_asym_process_response(void **op, uint8_t *resp,
 		void *op_cookie)
 {
+	struct qat_asym_session *ctx;
 	struct icp_qat_fw_pke_resp *resp_msg =
 			(struct icp_qat_fw_pke_resp *)resp;
 	struct rte_crypto_op *rx_op = (struct rte_crypto_op *)(uintptr_t)
 			(resp_msg->opaque);
+	struct rte_crypto_asym_op *asym_op = rx_op->asym;
 	struct qat_asym_op_cookie *cookie = op_cookie;
+	size_t alg_size, alg_size_in_bytes;
+
+	ctx = (struct qat_asym_session *)get_asym_session_private_data(
+			rx_op->asym->session, cryptodev_qat_asym_driver_id);
 
 	*op = rx_op;
 	rx_op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
@@ -179,6 +240,30 @@ qat_asym_process_response(void **op, uint8_t *resp,
 		}
 	}
 
+	if (ctx->alg == QAT_PKE_MODEXP) {
+		alg_size = cookie->alg_size;
+		alg_size_in_bytes = alg_size >> 3;
+		uint8_t *modexp_result = asym_op->modex.result.data;
+
+		if (rx_op->status == RTE_CRYPTO_OP_STATUS_NOT_PROCESSED) {
+			rte_memcpy(modexp_result +
+				(asym_op->modex.result.length -
+					ctx->sess_alg_params.mod_exp.n.length),
+				cookie->output_array[0] + alg_size_in_bytes
+				- ctx->sess_alg_params.mod_exp.n.length,
+				ctx->sess_alg_params.mod_exp.n.length
+				);
+			rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
+#if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
+			QAT_DP_HEXDUMP_LOG(DEBUG, "modexp_result",
+					cookie->output_array[0],
+					alg_size_in_bytes);
+#endif
+		}
+		qat_clear_arrays(cookie, 3, 1, alg_size_in_bytes,
+				alg_size_in_bytes);
+	}
+
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
 	QAT_DP_HEXDUMP_LOG(DEBUG, "resp_msg:", resp_msg,
 			sizeof(struct icp_qat_fw_pke_resp));
@@ -191,24 +276,40 @@ qat_asym_session_configure(struct rte_cryptodev *dev,
 		struct rte_cryptodev_asym_session *sess,
 		struct rte_mempool *mempool)
 {
-	int err;
+	int err = 0;
 	void *sess_private_data;
+	struct qat_asym_session *session;
 
-	err = -EINVAL;
-	goto error;
 	if (rte_mempool_get(mempool, &sess_private_data)) {
 		QAT_LOG(ERR,
 			"Couldn't get object from session mempool");
 		return -ENOMEM;
 	}
 
+	session = sess_private_data;
+	if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_MODEX) {
+		session->sess_alg_params.mod_exp.e = xform->modex.exponent;
+		session->sess_alg_params.mod_exp.n = xform->modex.modulus;
+		session->alg = QAT_PKE_MODEXP;
+
+		if (xform->modex.exponent.length == 0 ||
+				xform->modex.modulus.length == 0) {
+			QAT_LOG(ERR, "Invalid mod exp input parameter");
+			err = -EINVAL;
+			goto error;
+		}
+	} else {
+		QAT_LOG(ERR, "Invalid asymmetric crypto xform");
+		err = -EINVAL;
+		goto error;
+	}
 	qat_asym_build_req_tmpl(sess_private_data, xform);
-
 	set_asym_session_private_data(sess, dev->driver_id,
 		sess_private_data);
 
 	return 0;
 error:
+	rte_mempool_put(mempool, sess_private_data);
 	return err;
 }
 
diff --git a/drivers/crypto/qat/qat_asym.h b/drivers/crypto/qat/qat_asym.h
index 7e5982d..228d2f7 100644
--- a/drivers/crypto/qat/qat_asym.h
+++ b/drivers/crypto/qat/qat_asym.h
@@ -45,6 +45,12 @@ struct qat_asym_session {
 	enum qat_asym_alg alg;
 	struct icp_qat_fw_pke_request req_tmpl;
 	uint64_t flags;
+	union {
+		struct {
+			rte_crypto_param n;
+			rte_crypto_param e;
+		} mod_exp;
+	} sess_alg_params;
 };
 
 int
diff --git a/drivers/crypto/qat/qat_asym_capabilities.h b/drivers/crypto/qat/qat_asym_capabilities.h
index b50e061..1d6323f 100644
--- a/drivers/crypto/qat/qat_asym_capabilities.h
+++ b/drivers/crypto/qat/qat_asym_capabilities.h
@@ -5,6 +5,22 @@
 #ifndef _QAT_ASYM_CAPABILITIES_H_
 #define _QAT_ASYM_CAPABILITIES_H_
 
-#define QAT_BASE_GEN1_ASYM_CAPABILITIES
+#define QAT_BASE_GEN1_ASYM_CAPABILITIES						\
+	{	/* modexp */							\
+		.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,				\
+		{.asym = {							\
+			.xform_capa = {						\
+				.xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX,	\
+				.op_types = 0,					\
+				{						\
+				.modlen = {					\
+				.min = 1,					\
+				.max = 512,					\
+				.increment = 1					\
+				}, }						\
+			}							\
+		},								\
+		}								\
+	}									\
 
 #endif /* _QAT_ASYM_CAPABILITIES_H_ */
diff --git a/drivers/crypto/qat/qat_asym_pmd.c b/drivers/crypto/qat/qat_asym_pmd.c
index 254bc48..c999799 100644
--- a/drivers/crypto/qat/qat_asym_pmd.c
+++ b/drivers/crypto/qat/qat_asym_pmd.c
@@ -14,6 +14,7 @@
 uint8_t cryptodev_qat_asym_driver_id;
 
 static const struct rte_cryptodev_capabilities qat_gen1_asym_capabilities[] = {
+	QAT_BASE_GEN1_ASYM_CAPABILITIES,
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };
 
-- 
2.1.0



More information about the dev mailing list