Thread (42 messages) 42 messages, 4 authors, 2023-10-09

RE: [v1 3/6] cryptodev: add hash support in asymmetric capability

From: Kusztal, ArkadiuszX <hidden>
Date: 2023-09-26 20:03:11

Hi Gowrishankar,
quoted hunk ↗ jump to hunk
-----Original Message-----
From: Gowrishankar Muthukrishnan <redacted>
Sent: Thursday, August 10, 2023 11:35 AM
To: dev@dpdk.org
Cc: anoobj@marvell.com; Akhil Goyal <redacted>; Fan Zhang
[off-list ref]; Ji, Kai [off-list ref]; Gowrishankar
Muthukrishnan [off-list ref]
Subject: [v1 3/6] cryptodev: add hash support in asymmetric capability

Most of the asymmetric operations start with hash of the input.
Add a new field in asymmetric capability to declare support for hash operations
that PMD can support for the asymmetric operations. Application can skip
computing hash if PMD already supports it.

Signed-off-by: Gowrishankar Muthukrishnan <redacted>
---
 drivers/crypto/openssl/rte_openssl_pmd_ops.c |  1 +
 lib/cryptodev/cryptodev_trace.h              |  9 +++++++++
 lib/cryptodev/cryptodev_trace_points.c       |  3 +++
 lib/cryptodev/rte_crypto_asym.h              |  3 +++
 lib/cryptodev/rte_cryptodev.c                | 16 ++++++++++++++++
 lib/cryptodev/rte_cryptodev.h                | 19 +++++++++++++++++++
 lib/cryptodev/version.map                    |  1 +
 7 files changed, 52 insertions(+)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 0f88669f41..0b3601db40 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -598,6 +598,7 @@ static const struct rte_cryptodev_capabilities
openssl_pmd_capabilities[] = {
 		{.asym = {
 			.xform_capa = {
 				.xform_type =
RTE_CRYPTO_ASYM_XFORM_SM2,
+				.hash_algos = (1 << RTE_CRYPTO_AUTH_SM3),
 				.op_types =
 				((1<<RTE_CRYPTO_ASYM_OP_SIGN) |
 				 (1 << RTE_CRYPTO_ASYM_OP_VERIFY) | diff --
git a/lib/cryptodev/cryptodev_trace.h b/lib/cryptodev/cryptodev_trace.h index
aab44af96b..935f0d564b 100644
--- a/lib/cryptodev/cryptodev_trace.h
+++ b/lib/cryptodev/cryptodev_trace.h
@@ -520,6 +520,15 @@ RTE_TRACE_POINT(
 	rte_trace_point_emit_int(ret);
 )

+RTE_TRACE_POINT(
+	rte_cryptodev_trace_asym_xform_capability_check_hash,
+	RTE_TRACE_POINT_ARGS(uint64_t hash_algos,
+		enum rte_crypto_auth_algorithm hash, int ret),
+	rte_trace_point_emit_u64(hash_algos);
+	rte_trace_point_emit_int(hash);
+	rte_trace_point_emit_int(ret);
+)
+
 RTE_TRACE_POINT(
 	rte_cryptodev_trace_count,
 	RTE_TRACE_POINT_ARGS(uint8_t nb_devs), diff --git
a/lib/cryptodev/cryptodev_trace_points.c
b/lib/cryptodev/cryptodev_trace_points.c
index e2303fdb52..8c47ab1e78 100644
--- a/lib/cryptodev/cryptodev_trace_points.c
+++ b/lib/cryptodev/cryptodev_trace_points.c
@@ -144,6 +144,9 @@
RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_asym_xform_capability_ch
eck_modlen,

RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_asym_xform_capability_ch
eck_optype,
 	lib.cryptodev.asym.xform.capability.check.optype)

+RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_asym_xform_capability_c
heck_hash,
+	lib.cryptodev.asym.xform.capability.check.hash)
+
 RTE_TRACE_POINT_REGISTER(rte_cryptodev_trace_sym_cpu_crypto_process,
 	lib.cryptodev.sym.cpu.crypto.process)
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 8b5794fb7c..51f5476c6e 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -377,6 +377,9 @@ struct rte_crypto_dsa_xform {  struct
rte_crypto_ec_xform {
 	enum rte_crypto_curve_id curve_id;
 	/**< Pre-defined ec groups */
+
+	enum rte_crypto_auth_algorithm hash;
[Arek] I think that session should only contain information that are constant across its lifetime. Here we decided to have a curve id, but this could be curve + key. But hash may be different for any op, additionally this xform is used for key exchange; multiplication or potentially encryption/decryption., which usually does not need any hash. I would have it in the op.
quoted hunk ↗ jump to hunk
+	/**< Hash algorithm used in EC op. */
 };

 /**
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c index
c49d342b17..041d3074db 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -718,6 +718,22 @@ rte_cryptodev_asym_xform_capability_check_modlen(
 	return ret;
 }

+bool
+rte_cryptodev_asym_xform_capability_check_hash(
+	const struct rte_cryptodev_asymmetric_xform_capability *capability,
+	enum rte_crypto_auth_algorithm hash)
+{
+	bool ret = false;
+
+	if (capability->hash_algos & (1 << hash))
+		ret = true;
+
+	rte_cryptodev_trace_asym_xform_capability_check_hash(
+		capability->hash_algos, hash, ret);
+
+	return ret;
+}
+
 /* spinlock for crypto device enq callbacks */  static rte_spinlock_t
rte_cryptodev_callback_lock = RTE_SPINLOCK_INITIALIZER;
diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h index
64810c9ec4..536e082244 100644
--- a/lib/cryptodev/rte_cryptodev.h
+++ b/lib/cryptodev/rte_cryptodev.h
@@ -189,6 +189,9 @@ struct rte_cryptodev_asymmetric_xform_capability {
 		 * random value. Otherwise, PMD would internally compute the
random number.
 		 */
 	};
+
+	uint64_t hash_algos;
+	/**< Bitmask of hash algorithms supported for op_type. */
 };

 /**
@@ -348,6 +351,22 @@ rte_cryptodev_asym_xform_capability_check_modlen(
 	const struct rte_cryptodev_asymmetric_xform_capability *capability,
 		uint16_t modlen);

+/**
+ * Check if hash algorithm is supported.
+ *
+ * @param	capability	Asymmetric crypto capability.
+ * @param	hash		Hash algorithm.
+ *
+ * @return
+ *   - Return true if the hash algorithm is supported.
+ *   - Return false if the hash algorithm is not supported.
+ */
+__rte_experimental
+bool
+rte_cryptodev_asym_xform_capability_check_hash(
+	const struct rte_cryptodev_asymmetric_xform_capability *capability,
+	enum rte_crypto_auth_algorithm hash);
+
 /**
  * Provide the cipher algorithm enum, given an algorithm string
  *
diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map index
ae8d9327b4..3c2d1780e0 100644
--- a/lib/cryptodev/version.map
+++ b/lib/cryptodev/version.map
@@ -54,6 +54,7 @@ EXPERIMENTAL {
 	rte_cryptodev_asym_get_xform_enum;
 	rte_cryptodev_asym_session_create;
 	rte_cryptodev_asym_session_free;
+	rte_cryptodev_asym_xform_capability_check_hash;
 	rte_cryptodev_asym_xform_capability_check_modlen;
 	rte_cryptodev_asym_xform_capability_check_optype;
 	rte_cryptodev_sym_cpu_crypto_process;
--
2.25.1
  
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help