From 4915c97c957ad4d5ff5d70b72fb18486a36de20e Mon Sep 17 00:00:00 2001 From: Yogaraj Alamenda Date: Wed, 13 Oct 2021 20:17:25 +0100 Subject: [PATCH] Fix QAT_SW EC registration issue in non ICX platforms In a non ICX platform which doesnt support QAT_SW the expected behaviour is to fallback to use OpenSSL SW. The pkey method and ec method share a common reg function between QAT_HW and QAT_SW seperated using conditional compilation which is not registering any function. Refactored it with global variables fix register issue. Signed-off-by: Yogaraj Alamenda --- configure.ac | 2 +- e_qat.c | 37 +++++---- e_qat.h | 6 ++ e_qat.txt | 159 ++++++++++++++++++------------------ e_qat_err.c | 1 - e_qat_err.h | 159 ++++++++++++++++++------------------ qat_evp.c | 202 ++++++++++++++++++++++++++++++++-------------- qat_evp.h | 16 ++++ qat_hw_ecx.c | 73 +---------------- qat_hw_hkdf.c | 47 +++++------ qat_hw_prf.c | 18 ++--- qat_sw_ecx.c | 37 +-------- qat_sw_ecx.h | 3 - qatengine-sw.spec | 5 +- qatengine.spec | 7 +- 15 files changed, 384 insertions(+), 388 deletions(-) diff --git a/configure.ac b/configure.ac index 6d0097d0..12a57c01 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ([2.68]) -AC_INIT([qatengine], [0.6.8], []) +AC_INIT([qatengine], [0.6.9], []) AC_CONFIG_SRCDIR([config.h.in]) AC_CONFIG_HEADERS([config.h]) AC_CONFIG_AUX_DIR([.]) diff --git a/e_qat.c b/e_qat.c index 60176747..5d8e8950 100644 --- a/e_qat.c +++ b/e_qat.c @@ -154,13 +154,13 @@ const char *engine_qat_id = STR(QAT_ENGINE_ID); #if defined(QAT_HW) && defined(QAT_SW) const char *engine_qat_name = - "Reference implementation of QAT crypto engine(qat_hw & qat_sw) v0.6.8"; + "Reference implementation of QAT crypto engine(qat_hw & qat_sw) v0.6.9"; #elif QAT_HW const char *engine_qat_name = - "Reference implementation of QAT crypto engine(qat_hw) v0.6.8"; + "Reference implementation of QAT crypto engine(qat_hw) v0.6.9"; #else const char *engine_qat_name = - "Reference implementation of QAT crypto engine(qat_sw) v0.6.8"; + "Reference implementation of QAT crypto engine(qat_sw) v0.6.9"; #endif unsigned int engine_inited = 0; @@ -170,6 +170,12 @@ int qat_hw_rsa_offload = 0; int qat_hw_ecx_offload = 0; int qat_hw_ecdh_offload = 0; int qat_hw_ecdsa_offload = 0; +int qat_hw_prf_offload = 0; +int qat_hw_hkdf_offload = 0; +int qat_sw_rsa_offload = 0; +int qat_sw_ecx_offload = 0; +int qat_sw_ecdh_offload = 0; +int qat_sw_ecdsa_offload = 0; int qat_keep_polling = 1; int multibuff_keep_polling = 1; int enable_external_polling = 0; @@ -508,6 +514,13 @@ int qat_engine_finish_int(ENGINE *e, int reset_globals) qat_hw_ecx_offload = 0; qat_hw_ecdh_offload = 0; qat_hw_ecdsa_offload = 0; + qat_hw_prf_offload = 0; + qat_hw_hkdf_offload = 0; + qat_sw_rsa_offload = 0; + qat_sw_ecx_offload = 0; + qat_sw_ecdh_offload = 0; + qat_sw_ecdsa_offload = 0; + } qat_pthread_mutex_unlock(); CRYPTO_CLOSE_QAT_LOG(); @@ -929,7 +942,11 @@ static int bind_qat(ENGINE *e, const char *id) } #ifdef QAT_SW +# if defined(ENABLE_QAT_SW_RSA) || defined(ENABLE_QAT_SW_ECX) \ + || defined(ENABLE_QAT_SW_ECDH) || defined(ENABLE_QAT_SW_ECDSA) DEBUG("Registering QAT SW supported algorithms\n"); + qat_sw_offload = 1; +# endif # ifdef ENABLE_QAT_SW_RSA if (!qat_hw_rsa_offload && @@ -937,7 +954,6 @@ static int bind_qat(ENGINE *e, const char *id) mbx_get_algo_info(MBX_ALGO_RSA_3K) && mbx_get_algo_info(MBX_ALGO_RSA_4K)) { DEBUG("QAT SW RSA Supported\n"); - qat_sw_offload = 1; if (!ENGINE_set_RSA(e, multibuff_get_RSA_methods())) { WARN("ENGINE_set_RSA QAT SW failed\n"); goto end; @@ -963,25 +979,12 @@ static int bind_qat(ENGINE *e, const char *id) WARN("ENGINE_set_EC failed\n"); goto end; } -# if defined(ENABLE_QAT_SW_ECDH) || defined(ENABLE_QAT_SW_ECDSA) - if (mbx_get_algo_info(MBX_ALGO_ECDHE_NIST_P256) && - mbx_get_algo_info(MBX_ALGO_ECDHE_NIST_P384) && - mbx_get_algo_info(MBX_ALGO_ECDSA_NIST_P256) && - mbx_get_algo_info(MBX_ALGO_ECDSA_NIST_P384)) { - DEBUG("QAT SW ECDSA p256/p384 & ECDH p256/p384 Supported\n"); - qat_sw_offload = 1; - } -# endif # ifndef QAT_OPENSSL_3 if (!ENGINE_set_pkey_meths(e, qat_pkey_methods)) { WARN("ENGINE_set_pkey_meths failed\n"); goto end; } -# if ENABLE_QAT_SW_ECX - if (mbx_get_algo_info(MBX_ALGO_X25519)) - qat_sw_offload = 1; -# endif # endif #endif diff --git a/e_qat.h b/e_qat.h index d8b6eda1..8c55d207 100644 --- a/e_qat.h +++ b/e_qat.h @@ -309,6 +309,12 @@ extern int qat_hw_rsa_offload; extern int qat_hw_ecx_offload; extern int qat_hw_ecdh_offload; extern int qat_hw_ecdsa_offload; +extern int qat_hw_prf_offload; +extern int qat_hw_hkdf_offload; +extern int qat_sw_rsa_offload; +extern int qat_sw_ecx_offload; +extern int qat_sw_ecdh_offload; +extern int qat_sw_ecdsa_offload; extern int qat_keep_polling; extern int multibuff_keep_polling; extern int enable_external_polling; diff --git a/e_qat.txt b/e_qat.txt index db004df8..739f69e1 100644 --- a/e_qat.txt +++ b/e_qat.txt @@ -31,86 +31,85 @@ QAT_F_MULTIBUFF_RSA_PUB_ENC:121:multibuff_rsa_pub_enc QAT_F_MULTIBUFF_VALIDATE_ECX_DERIVE:122:multibuff_validate_ecx_derive QAT_F_MULTIBUFF_X25519_DERIVE:123:multibuff_x25519_derive QAT_F_MULTIBUFF_X25519_KEYGEN:124:multibuff_x25519_keygen -QAT_F_MULTIBUFF_X25519_PMETH:125:multibuff_x25519_pmeth -QAT_F_POLL_INSTANCES:126:poll_instances -QAT_F_QAT_ADJUST_THREAD_AFFINITY:127:qat_adjust_thread_affinity -QAT_F_QAT_AES_GCM_CIPHER:128:qat_aes_gcm_cipher -QAT_F_QAT_AES_GCM_CLEANUP:129:qat_aes_gcm_cleanup -QAT_F_QAT_AES_GCM_CTRL:130:qat_aes_gcm_ctrl -QAT_F_QAT_AES_GCM_INIT:131:qat_aes_gcm_init -QAT_F_QAT_AES_GCM_SESSION_INIT:132:qat_aes_gcm_session_init -QAT_F_QAT_AES_GCM_TLS_CIPHER:133:qat_aes_gcm_tls_cipher -QAT_F_QAT_CHACHA20_POLY1305_CLEANUP:134:qat_chacha20_poly1305_cleanup -QAT_F_QAT_CHACHA20_POLY1305_CTRL:135:qat_chacha20_poly1305_ctrl -QAT_F_QAT_CHACHA20_POLY1305_DO_CIPHER:136:qat_chacha20_poly1305_do_cipher -QAT_F_QAT_CHACHA20_POLY1305_INIT:137:qat_chacha20_poly1305_init -QAT_F_QAT_CHACHA20_POLY1305_INIT_KEY_IV:138:qat_chacha20_poly1305_init_key_iv -QAT_F_QAT_CHACHA20_POLY1305_MAC_KEYGEN:139:qat_chacha20_poly1305_mac_keygen -QAT_F_QAT_CHACHA20_POLY1305_TLS_CIPHER:140:qat_chacha20_poly1305_tls_cipher -QAT_F_QAT_CHACHAPOLY_SESSION_DATA_INIT:141:qat_chachapoly_session_data_init -QAT_F_QAT_CHACHAPOLY_SETUP_OP_PARAMS:142:qat_chachapoly_setup_op_params -QAT_F_QAT_CRYPTO_CALLBACKFN:143:qat_crypto_callbackFn -QAT_F_QAT_DH_COMPUTE_KEY:144:qat_dh_compute_key -QAT_F_QAT_DH_GENERATE_KEY:145:qat_dh_generate_key -QAT_F_QAT_DSA_DO_SIGN:146:qat_dsa_do_sign -QAT_F_QAT_DSA_DO_VERIFY:147:qat_dsa_do_verify -QAT_F_QAT_DSA_SIGN_SETUP:148:qat_dsa_sign_setup -QAT_F_QAT_ECDH_COMPUTE_KEY:149:qat_ecdh_compute_key -QAT_F_QAT_ECDH_GENERATE_KEY:150:qat_ecdh_generate_key -QAT_F_QAT_ECDSA_DO_SIGN:151:qat_ecdsa_do_sign -QAT_F_QAT_ECDSA_DO_VERIFY:152:qat_ecdsa_do_verify -QAT_F_QAT_ECDSA_SIGN:153:qat_ecdsa_sign -QAT_F_QAT_ECDSA_VERIFY:154:qat_ecdsa_verify -QAT_F_QAT_ENGINE_CTRL:155:qat_engine_ctrl -QAT_F_QAT_ENGINE_ECDH_COMPUTE_KEY:156:qat_engine_ecdh_compute_key -QAT_F_QAT_FD_CLEANUP:157:qat_fd_cleanup -QAT_F_QAT_FINISH_INT:158:qat_finish_int -QAT_F_QAT_FREE_DH_METHODS:159:qat_free_DH_methods -QAT_F_QAT_FREE_DSA_METHODS:160:qat_free_DSA_methods -QAT_F_QAT_GET_DH_METHODS:161:qat_get_DH_methods -QAT_F_QAT_GET_DSA_METHODS:162:qat_get_DSA_methods -QAT_F_QAT_GET_EC_METHODS:163:qat_get_EC_methods -QAT_F_QAT_GET_RSA_METHODS:164:qat_get_RSA_methods -QAT_F_QAT_HKDF_DERIVE:165:qat_hkdf_derive -QAT_F_QAT_HKDF_INIT:166:qat_hkdf_init -QAT_F_QAT_HKDF_PMETH:167:qat_hkdf_pmeth -QAT_F_QAT_INIT:168:qat_init -QAT_F_QAT_INIT_OP_DONE:169:qat_init_op_done -QAT_F_QAT_INIT_OP_DONE_PIPE:170:qat_init_op_done_pipe -QAT_F_QAT_INIT_OP_DONE_RSA_CRT:171:qat_init_op_done_rsa_crt -QAT_F_QAT_MOD_EXP:172:qat_mod_exp -QAT_F_QAT_PKEY_ECX_DERIVE25519:173:qat_pkey_ecx_derive25519 -QAT_F_QAT_PKEY_ECX_DERIVE448:174:qat_pkey_ecx_derive448 -QAT_F_QAT_PKEY_ECX_KEYGEN:175:qat_pkey_ecx_keygen -QAT_F_QAT_PRF_PMETH:176:qat_prf_pmeth -QAT_F_QAT_PRF_TLS_DERIVE:177:qat_prf_tls_derive -QAT_F_QAT_RSA_DECRYPT:178:qat_rsa_decrypt -QAT_F_QAT_RSA_DECRYPT_CRT:179:qat_rsa_decrypt_CRT -QAT_F_QAT_RSA_ENCRYPT:180:qat_rsa_encrypt -QAT_F_QAT_RSA_PRIV_DEC:181:qat_rsa_priv_dec -QAT_F_QAT_RSA_PRIV_ENC:182:qat_rsa_priv_enc -QAT_F_QAT_RSA_PUB_DEC:183:qat_rsa_pub_dec -QAT_F_QAT_RSA_PUB_ENC:184:qat_rsa_pub_enc -QAT_F_QAT_SESSION_DATA_INIT:185:qat_session_data_init -QAT_F_QAT_SET_AFFINE_COORDINATES:186:qat_set_affine_coordinates -QAT_F_QAT_SET_INSTANCE_FOR_THREAD:187:qat_set_instance_for_thread -QAT_F_QAT_SHA3_CLEANUP:188:qat_sha3_cleanup -QAT_F_QAT_SHA3_CTRL:189:qat_sha3_ctrl -QAT_F_QAT_SHA3_FINAL:190:qat_sha3_final -QAT_F_QAT_SHA3_SESSION_DATA_INIT:191:qat_sha3_session_data_init -QAT_F_QAT_SHA3_SETUP_PARAM:192:qat_sha3_setup_param -QAT_F_QAT_SHA3_UPDATE:193:qat_sha3_update -QAT_F_QAT_SYM_PERFORM_OP:194:qat_sym_perform_op -QAT_F_QAT_VALIDATE_ECX_DERIVE:195:qat_validate_ecx_derive -QAT_F_QAT_X25519_PMETH:196:qat_x25519_pmeth -QAT_F_QAT_X448_PMETH:197:qat_x448_pmeth -QAT_F_VAESGCM_CIPHERS_CTRL:198:vaesgcm_ciphers_ctrl -QAT_F_VAESGCM_CIPHERS_DO_CIPHER:199:vaesgcm_ciphers_do_cipher -QAT_F_VAESGCM_CIPHERS_INIT:200:vaesgcm_ciphers_init -QAT_F_VAESGCM_CREATE_CIPHER_METH:201:vaesgcm_create_cipher_meth -QAT_F_VAESGCM_INIT_GCM:202:vaesgcm_init_gcm -QAT_F_VAESGCM_INIT_IPSEC_MB_MGR:203:vaesgcm_init_ipsec_mb_mgr -QAT_F_VAESGCM_INIT_KEY:204:vaesgcm_init_key +QAT_F_POLL_INSTANCES:125:poll_instances +QAT_F_QAT_ADJUST_THREAD_AFFINITY:126:qat_adjust_thread_affinity +QAT_F_QAT_AES_GCM_CIPHER:127:qat_aes_gcm_cipher +QAT_F_QAT_AES_GCM_CLEANUP:128:qat_aes_gcm_cleanup +QAT_F_QAT_AES_GCM_CTRL:129:qat_aes_gcm_ctrl +QAT_F_QAT_AES_GCM_INIT:130:qat_aes_gcm_init +QAT_F_QAT_AES_GCM_SESSION_INIT:131:qat_aes_gcm_session_init +QAT_F_QAT_AES_GCM_TLS_CIPHER:132:qat_aes_gcm_tls_cipher +QAT_F_QAT_CHACHA20_POLY1305_CLEANUP:133:qat_chacha20_poly1305_cleanup +QAT_F_QAT_CHACHA20_POLY1305_CTRL:134:qat_chacha20_poly1305_ctrl +QAT_F_QAT_CHACHA20_POLY1305_DO_CIPHER:135:qat_chacha20_poly1305_do_cipher +QAT_F_QAT_CHACHA20_POLY1305_INIT:136:qat_chacha20_poly1305_init +QAT_F_QAT_CHACHA20_POLY1305_INIT_KEY_IV:137:qat_chacha20_poly1305_init_key_iv +QAT_F_QAT_CHACHA20_POLY1305_MAC_KEYGEN:138:qat_chacha20_poly1305_mac_keygen +QAT_F_QAT_CHACHA20_POLY1305_TLS_CIPHER:139:qat_chacha20_poly1305_tls_cipher +QAT_F_QAT_CHACHAPOLY_SESSION_DATA_INIT:140:qat_chachapoly_session_data_init +QAT_F_QAT_CHACHAPOLY_SETUP_OP_PARAMS:141:qat_chachapoly_setup_op_params +QAT_F_QAT_CRYPTO_CALLBACKFN:142:qat_crypto_callbackFn +QAT_F_QAT_DH_COMPUTE_KEY:143:qat_dh_compute_key +QAT_F_QAT_DH_GENERATE_KEY:144:qat_dh_generate_key +QAT_F_QAT_DSA_DO_SIGN:145:qat_dsa_do_sign +QAT_F_QAT_DSA_DO_VERIFY:146:qat_dsa_do_verify +QAT_F_QAT_DSA_SIGN_SETUP:147:qat_dsa_sign_setup +QAT_F_QAT_ECDH_COMPUTE_KEY:148:qat_ecdh_compute_key +QAT_F_QAT_ECDH_GENERATE_KEY:149:qat_ecdh_generate_key +QAT_F_QAT_ECDSA_DO_SIGN:150:qat_ecdsa_do_sign +QAT_F_QAT_ECDSA_DO_VERIFY:151:qat_ecdsa_do_verify +QAT_F_QAT_ECDSA_SIGN:152:qat_ecdsa_sign +QAT_F_QAT_ECDSA_VERIFY:153:qat_ecdsa_verify +QAT_F_QAT_ENGINE_CTRL:154:qat_engine_ctrl +QAT_F_QAT_ENGINE_ECDH_COMPUTE_KEY:155:qat_engine_ecdh_compute_key +QAT_F_QAT_FD_CLEANUP:156:qat_fd_cleanup +QAT_F_QAT_FINISH_INT:157:qat_finish_int +QAT_F_QAT_FREE_DH_METHODS:158:qat_free_DH_methods +QAT_F_QAT_FREE_DSA_METHODS:159:qat_free_DSA_methods +QAT_F_QAT_GET_DH_METHODS:160:qat_get_DH_methods +QAT_F_QAT_GET_DSA_METHODS:161:qat_get_DSA_methods +QAT_F_QAT_GET_EC_METHODS:162:qat_get_EC_methods +QAT_F_QAT_GET_RSA_METHODS:163:qat_get_RSA_methods +QAT_F_QAT_HKDF_DERIVE:164:qat_hkdf_derive +QAT_F_QAT_HKDF_INIT:165:qat_hkdf_init +QAT_F_QAT_HKDF_PMETH:166:qat_hkdf_pmeth +QAT_F_QAT_INIT:167:qat_init +QAT_F_QAT_INIT_OP_DONE:168:qat_init_op_done +QAT_F_QAT_INIT_OP_DONE_PIPE:169:qat_init_op_done_pipe +QAT_F_QAT_INIT_OP_DONE_RSA_CRT:170:qat_init_op_done_rsa_crt +QAT_F_QAT_MOD_EXP:171:qat_mod_exp +QAT_F_QAT_PKEY_ECX_DERIVE25519:172:qat_pkey_ecx_derive25519 +QAT_F_QAT_PKEY_ECX_DERIVE448:173:qat_pkey_ecx_derive448 +QAT_F_QAT_PKEY_ECX_KEYGEN:174:qat_pkey_ecx_keygen +QAT_F_QAT_PRF_PMETH:175:qat_prf_pmeth +QAT_F_QAT_PRF_TLS_DERIVE:176:qat_prf_tls_derive +QAT_F_QAT_RSA_DECRYPT:177:qat_rsa_decrypt +QAT_F_QAT_RSA_DECRYPT_CRT:178:qat_rsa_decrypt_CRT +QAT_F_QAT_RSA_ENCRYPT:179:qat_rsa_encrypt +QAT_F_QAT_RSA_PRIV_DEC:180:qat_rsa_priv_dec +QAT_F_QAT_RSA_PRIV_ENC:181:qat_rsa_priv_enc +QAT_F_QAT_RSA_PUB_DEC:182:qat_rsa_pub_dec +QAT_F_QAT_RSA_PUB_ENC:183:qat_rsa_pub_enc +QAT_F_QAT_SESSION_DATA_INIT:184:qat_session_data_init +QAT_F_QAT_SET_AFFINE_COORDINATES:185:qat_set_affine_coordinates +QAT_F_QAT_SET_INSTANCE_FOR_THREAD:186:qat_set_instance_for_thread +QAT_F_QAT_SHA3_CLEANUP:187:qat_sha3_cleanup +QAT_F_QAT_SHA3_CTRL:188:qat_sha3_ctrl +QAT_F_QAT_SHA3_FINAL:189:qat_sha3_final +QAT_F_QAT_SHA3_SESSION_DATA_INIT:190:qat_sha3_session_data_init +QAT_F_QAT_SHA3_SETUP_PARAM:191:qat_sha3_setup_param +QAT_F_QAT_SHA3_UPDATE:192:qat_sha3_update +QAT_F_QAT_SYM_PERFORM_OP:193:qat_sym_perform_op +QAT_F_QAT_VALIDATE_ECX_DERIVE:194:qat_validate_ecx_derive +QAT_F_QAT_X25519_PMETH:195:qat_x25519_pmeth +QAT_F_QAT_X448_PMETH:196:qat_x448_pmeth +QAT_F_VAESGCM_CIPHERS_CTRL:197:vaesgcm_ciphers_ctrl +QAT_F_VAESGCM_CIPHERS_DO_CIPHER:198:vaesgcm_ciphers_do_cipher +QAT_F_VAESGCM_CIPHERS_INIT:199:vaesgcm_ciphers_init +QAT_F_VAESGCM_CREATE_CIPHER_METH:200:vaesgcm_create_cipher_meth +QAT_F_VAESGCM_INIT_GCM:201:vaesgcm_init_gcm +QAT_F_VAESGCM_INIT_IPSEC_MB_MGR:202:vaesgcm_init_ipsec_mb_mgr +QAT_F_VAESGCM_INIT_KEY:203:vaesgcm_init_key #Reason codes QAT_R_AAD_INVALID_PTR:100:aad invalid ptr diff --git a/e_qat_err.c b/e_qat_err.c index 3e9aa7ec..e45ddd2b 100644 --- a/e_qat_err.c +++ b/e_qat_err.c @@ -45,7 +45,6 @@ static ERR_STRING_DATA QAT_str_functs[] = { "multibuff_validate_ecx_derive"}, {ERR_PACK(0, QAT_F_MULTIBUFF_X25519_DERIVE, 0), "multibuff_x25519_derive"}, {ERR_PACK(0, QAT_F_MULTIBUFF_X25519_KEYGEN, 0), "multibuff_x25519_keygen"}, - {ERR_PACK(0, QAT_F_MULTIBUFF_X25519_PMETH, 0), "multibuff_x25519_pmeth"}, {ERR_PACK(0, QAT_F_POLL_INSTANCES, 0), "poll_instances"}, {ERR_PACK(0, QAT_F_QAT_ADJUST_THREAD_AFFINITY, 0), "qat_adjust_thread_affinity"}, diff --git a/e_qat_err.h b/e_qat_err.h index e7fa2213..d4df8270 100644 --- a/e_qat_err.h +++ b/e_qat_err.h @@ -54,86 +54,85 @@ void ERR_QAT_error(int function, int reason, char *file, int line); # define QAT_F_MULTIBUFF_VALIDATE_ECX_DERIVE 122 # define QAT_F_MULTIBUFF_X25519_DERIVE 123 # define QAT_F_MULTIBUFF_X25519_KEYGEN 124 -# define QAT_F_MULTIBUFF_X25519_PMETH 125 -# define QAT_F_POLL_INSTANCES 126 -# define QAT_F_QAT_ADJUST_THREAD_AFFINITY 127 -# define QAT_F_QAT_AES_GCM_CIPHER 128 -# define QAT_F_QAT_AES_GCM_CLEANUP 129 -# define QAT_F_QAT_AES_GCM_CTRL 130 -# define QAT_F_QAT_AES_GCM_INIT 131 -# define QAT_F_QAT_AES_GCM_SESSION_INIT 132 -# define QAT_F_QAT_AES_GCM_TLS_CIPHER 133 -# define QAT_F_QAT_CHACHA20_POLY1305_CLEANUP 134 -# define QAT_F_QAT_CHACHA20_POLY1305_CTRL 135 -# define QAT_F_QAT_CHACHA20_POLY1305_DO_CIPHER 136 -# define QAT_F_QAT_CHACHA20_POLY1305_INIT 137 -# define QAT_F_QAT_CHACHA20_POLY1305_INIT_KEY_IV 138 -# define QAT_F_QAT_CHACHA20_POLY1305_MAC_KEYGEN 139 -# define QAT_F_QAT_CHACHA20_POLY1305_TLS_CIPHER 140 -# define QAT_F_QAT_CHACHAPOLY_SESSION_DATA_INIT 141 -# define QAT_F_QAT_CHACHAPOLY_SETUP_OP_PARAMS 142 -# define QAT_F_QAT_CRYPTO_CALLBACKFN 143 -# define QAT_F_QAT_DH_COMPUTE_KEY 144 -# define QAT_F_QAT_DH_GENERATE_KEY 145 -# define QAT_F_QAT_DSA_DO_SIGN 146 -# define QAT_F_QAT_DSA_DO_VERIFY 147 -# define QAT_F_QAT_DSA_SIGN_SETUP 148 -# define QAT_F_QAT_ECDH_COMPUTE_KEY 149 -# define QAT_F_QAT_ECDH_GENERATE_KEY 150 -# define QAT_F_QAT_ECDSA_DO_SIGN 151 -# define QAT_F_QAT_ECDSA_DO_VERIFY 152 -# define QAT_F_QAT_ECDSA_SIGN 153 -# define QAT_F_QAT_ECDSA_VERIFY 154 -# define QAT_F_QAT_ENGINE_CTRL 155 -# define QAT_F_QAT_ENGINE_ECDH_COMPUTE_KEY 156 -# define QAT_F_QAT_FD_CLEANUP 157 -# define QAT_F_QAT_FINISH_INT 158 -# define QAT_F_QAT_FREE_DH_METHODS 159 -# define QAT_F_QAT_FREE_DSA_METHODS 160 -# define QAT_F_QAT_GET_DH_METHODS 161 -# define QAT_F_QAT_GET_DSA_METHODS 162 -# define QAT_F_QAT_GET_EC_METHODS 163 -# define QAT_F_QAT_GET_RSA_METHODS 164 -# define QAT_F_QAT_HKDF_DERIVE 165 -# define QAT_F_QAT_HKDF_INIT 166 -# define QAT_F_QAT_HKDF_PMETH 167 -# define QAT_F_QAT_INIT 168 -# define QAT_F_QAT_INIT_OP_DONE 169 -# define QAT_F_QAT_INIT_OP_DONE_PIPE 170 -# define QAT_F_QAT_INIT_OP_DONE_RSA_CRT 171 -# define QAT_F_QAT_MOD_EXP 172 -# define QAT_F_QAT_PKEY_ECX_DERIVE25519 173 -# define QAT_F_QAT_PKEY_ECX_DERIVE448 174 -# define QAT_F_QAT_PKEY_ECX_KEYGEN 175 -# define QAT_F_QAT_PRF_PMETH 176 -# define QAT_F_QAT_PRF_TLS_DERIVE 177 -# define QAT_F_QAT_RSA_DECRYPT 178 -# define QAT_F_QAT_RSA_DECRYPT_CRT 179 -# define QAT_F_QAT_RSA_ENCRYPT 180 -# define QAT_F_QAT_RSA_PRIV_DEC 181 -# define QAT_F_QAT_RSA_PRIV_ENC 182 -# define QAT_F_QAT_RSA_PUB_DEC 183 -# define QAT_F_QAT_RSA_PUB_ENC 184 -# define QAT_F_QAT_SESSION_DATA_INIT 185 -# define QAT_F_QAT_SET_AFFINE_COORDINATES 186 -# define QAT_F_QAT_SET_INSTANCE_FOR_THREAD 187 -# define QAT_F_QAT_SHA3_CLEANUP 188 -# define QAT_F_QAT_SHA3_CTRL 189 -# define QAT_F_QAT_SHA3_FINAL 190 -# define QAT_F_QAT_SHA3_SESSION_DATA_INIT 191 -# define QAT_F_QAT_SHA3_SETUP_PARAM 192 -# define QAT_F_QAT_SHA3_UPDATE 193 -# define QAT_F_QAT_SYM_PERFORM_OP 194 -# define QAT_F_QAT_VALIDATE_ECX_DERIVE 195 -# define QAT_F_QAT_X25519_PMETH 196 -# define QAT_F_QAT_X448_PMETH 197 -# define QAT_F_VAESGCM_CIPHERS_CTRL 198 -# define QAT_F_VAESGCM_CIPHERS_DO_CIPHER 199 -# define QAT_F_VAESGCM_CIPHERS_INIT 200 -# define QAT_F_VAESGCM_CREATE_CIPHER_METH 201 -# define QAT_F_VAESGCM_INIT_GCM 202 -# define QAT_F_VAESGCM_INIT_IPSEC_MB_MGR 203 -# define QAT_F_VAESGCM_INIT_KEY 204 +# define QAT_F_POLL_INSTANCES 125 +# define QAT_F_QAT_ADJUST_THREAD_AFFINITY 126 +# define QAT_F_QAT_AES_GCM_CIPHER 127 +# define QAT_F_QAT_AES_GCM_CLEANUP 128 +# define QAT_F_QAT_AES_GCM_CTRL 129 +# define QAT_F_QAT_AES_GCM_INIT 130 +# define QAT_F_QAT_AES_GCM_SESSION_INIT 131 +# define QAT_F_QAT_AES_GCM_TLS_CIPHER 132 +# define QAT_F_QAT_CHACHA20_POLY1305_CLEANUP 133 +# define QAT_F_QAT_CHACHA20_POLY1305_CTRL 134 +# define QAT_F_QAT_CHACHA20_POLY1305_DO_CIPHER 135 +# define QAT_F_QAT_CHACHA20_POLY1305_INIT 136 +# define QAT_F_QAT_CHACHA20_POLY1305_INIT_KEY_IV 137 +# define QAT_F_QAT_CHACHA20_POLY1305_MAC_KEYGEN 138 +# define QAT_F_QAT_CHACHA20_POLY1305_TLS_CIPHER 139 +# define QAT_F_QAT_CHACHAPOLY_SESSION_DATA_INIT 140 +# define QAT_F_QAT_CHACHAPOLY_SETUP_OP_PARAMS 141 +# define QAT_F_QAT_CRYPTO_CALLBACKFN 142 +# define QAT_F_QAT_DH_COMPUTE_KEY 143 +# define QAT_F_QAT_DH_GENERATE_KEY 144 +# define QAT_F_QAT_DSA_DO_SIGN 145 +# define QAT_F_QAT_DSA_DO_VERIFY 146 +# define QAT_F_QAT_DSA_SIGN_SETUP 147 +# define QAT_F_QAT_ECDH_COMPUTE_KEY 148 +# define QAT_F_QAT_ECDH_GENERATE_KEY 149 +# define QAT_F_QAT_ECDSA_DO_SIGN 150 +# define QAT_F_QAT_ECDSA_DO_VERIFY 151 +# define QAT_F_QAT_ECDSA_SIGN 152 +# define QAT_F_QAT_ECDSA_VERIFY 153 +# define QAT_F_QAT_ENGINE_CTRL 154 +# define QAT_F_QAT_ENGINE_ECDH_COMPUTE_KEY 155 +# define QAT_F_QAT_FD_CLEANUP 156 +# define QAT_F_QAT_FINISH_INT 157 +# define QAT_F_QAT_FREE_DH_METHODS 158 +# define QAT_F_QAT_FREE_DSA_METHODS 159 +# define QAT_F_QAT_GET_DH_METHODS 160 +# define QAT_F_QAT_GET_DSA_METHODS 161 +# define QAT_F_QAT_GET_EC_METHODS 162 +# define QAT_F_QAT_GET_RSA_METHODS 163 +# define QAT_F_QAT_HKDF_DERIVE 164 +# define QAT_F_QAT_HKDF_INIT 165 +# define QAT_F_QAT_HKDF_PMETH 166 +# define QAT_F_QAT_INIT 167 +# define QAT_F_QAT_INIT_OP_DONE 168 +# define QAT_F_QAT_INIT_OP_DONE_PIPE 169 +# define QAT_F_QAT_INIT_OP_DONE_RSA_CRT 170 +# define QAT_F_QAT_MOD_EXP 171 +# define QAT_F_QAT_PKEY_ECX_DERIVE25519 172 +# define QAT_F_QAT_PKEY_ECX_DERIVE448 173 +# define QAT_F_QAT_PKEY_ECX_KEYGEN 174 +# define QAT_F_QAT_PRF_PMETH 175 +# define QAT_F_QAT_PRF_TLS_DERIVE 176 +# define QAT_F_QAT_RSA_DECRYPT 177 +# define QAT_F_QAT_RSA_DECRYPT_CRT 178 +# define QAT_F_QAT_RSA_ENCRYPT 179 +# define QAT_F_QAT_RSA_PRIV_DEC 180 +# define QAT_F_QAT_RSA_PRIV_ENC 181 +# define QAT_F_QAT_RSA_PUB_DEC 182 +# define QAT_F_QAT_RSA_PUB_ENC 183 +# define QAT_F_QAT_SESSION_DATA_INIT 184 +# define QAT_F_QAT_SET_AFFINE_COORDINATES 185 +# define QAT_F_QAT_SET_INSTANCE_FOR_THREAD 186 +# define QAT_F_QAT_SHA3_CLEANUP 187 +# define QAT_F_QAT_SHA3_CTRL 188 +# define QAT_F_QAT_SHA3_FINAL 189 +# define QAT_F_QAT_SHA3_SESSION_DATA_INIT 190 +# define QAT_F_QAT_SHA3_SETUP_PARAM 191 +# define QAT_F_QAT_SHA3_UPDATE 192 +# define QAT_F_QAT_SYM_PERFORM_OP 193 +# define QAT_F_QAT_VALIDATE_ECX_DERIVE 194 +# define QAT_F_QAT_X25519_PMETH 195 +# define QAT_F_QAT_X448_PMETH 196 +# define QAT_F_VAESGCM_CIPHERS_CTRL 197 +# define QAT_F_VAESGCM_CIPHERS_DO_CIPHER 198 +# define QAT_F_VAESGCM_CIPHERS_INIT 199 +# define QAT_F_VAESGCM_CREATE_CIPHER_METH 200 +# define QAT_F_VAESGCM_INIT_GCM 201 +# define QAT_F_VAESGCM_INIT_IPSEC_MB_MGR 202 +# define QAT_F_VAESGCM_INIT_KEY 203 /* * QAT reason codes. diff --git a/qat_evp.c b/qat_evp.c index fca83ada..aa2f3729 100644 --- a/qat_evp.c +++ b/qat_evp.c @@ -213,12 +213,18 @@ static PKT_THRESHOLD qat_pkt_threshold_table[] = { # endif }; -static EC_KEY_METHOD *qat_ec_method = NULL; - static int pkt_threshold_table_size = (sizeof(qat_pkt_threshold_table) / sizeof(qat_pkt_threshold_table[0])); #endif +static EC_KEY_METHOD *qat_ec_method = NULL; +static EVP_PKEY_METHOD *_hidden_x25519_pmeth = NULL; +static EVP_PKEY_METHOD *_hidden_x448_pmeth = NULL; + +/* Have a store of the s/w EVP_PKEY_METHOD for software fallback purposes. */ +const EVP_PKEY_METHOD *sw_x25519_pmeth = NULL; +const EVP_PKEY_METHOD *sw_x448_pmeth = NULL; + /****************************************************************************** * function: * qat_create_digest_meth(int nid , int pkeytype) @@ -288,6 +294,84 @@ int qat_digest_methods(ENGINE *e, const EVP_MD **md, return 0; } +EVP_PKEY_METHOD *qat_x25519_pmeth(void) +{ + if (_hidden_x25519_pmeth) + return _hidden_x25519_pmeth; + + if ((_hidden_x25519_pmeth = + EVP_PKEY_meth_new(EVP_PKEY_X25519, 0)) == NULL) { + QATerr(QAT_F_QAT_X25519_PMETH, QAT_R_ALLOC_QAT_X25519_METH_FAILURE); + return NULL; + } + + /* Now save the current (non-offloaded) x25519 pmeth to sw_x25519_pmeth */ + /* for software fallback purposes */ + if ((sw_x25519_pmeth = EVP_PKEY_meth_find(EVP_PKEY_X25519)) == NULL) { + QATerr(QAT_F_QAT_X25519_PMETH, ERR_R_INTERNAL_ERROR); + return NULL; + } + +#ifdef ENABLE_QAT_HW_ECX + if (qat_hw_offload) { + EVP_PKEY_meth_set_keygen(_hidden_x25519_pmeth, NULL, qat_pkey_ecx_keygen); + EVP_PKEY_meth_set_derive(_hidden_x25519_pmeth, NULL, qat_pkey_ecx_derive25519); + EVP_PKEY_meth_set_ctrl(_hidden_x25519_pmeth, qat_pkey_ecx_ctrl, NULL); + qat_hw_ecx_offload = 1; + DEBUG("QAT HW X25519 registration succeeded\n"); + } +#endif + +#ifdef ENABLE_QAT_SW_ECX + if (!qat_hw_ecx_offload && mbx_get_algo_info(MBX_ALGO_X25519)) { + EVP_PKEY_meth_set_keygen(_hidden_x25519_pmeth, NULL, multibuff_x25519_keygen); + EVP_PKEY_meth_set_derive(_hidden_x25519_pmeth, NULL, multibuff_x25519_derive); + EVP_PKEY_meth_set_ctrl(_hidden_x25519_pmeth, multibuff_x25519_ctrl, NULL); + qat_sw_ecx_offload = 1; + DEBUG("QAT SW X25519 registration succeeded\n"); + } +#endif + + if (qat_hw_ecx_offload == 0 && qat_sw_ecx_offload == 0) + EVP_PKEY_meth_copy(_hidden_x25519_pmeth, sw_x25519_pmeth); + + return _hidden_x25519_pmeth; +} + +EVP_PKEY_METHOD *qat_x448_pmeth(void) +{ + if (_hidden_x448_pmeth) + return _hidden_x448_pmeth; + + if ((_hidden_x448_pmeth = + EVP_PKEY_meth_new(EVP_PKEY_X448, 0)) == NULL) { + QATerr(QAT_F_QAT_X448_PMETH, QAT_R_ALLOC_QAT_X448_METH_FAILURE); + return NULL; + } + + /* Now save the current (non-offloaded) x448 pmeth to sw_x448_pmeth */ + /* for software fallback purposes */ + if ((sw_x448_pmeth = EVP_PKEY_meth_find(EVP_PKEY_X448)) == NULL) { + QATerr(QAT_F_QAT_X448_PMETH, ERR_R_INTERNAL_ERROR); + return NULL; + } + +#ifdef ENABLE_QAT_HW_ECX + if (qat_hw_offload) { + EVP_PKEY_meth_set_keygen(_hidden_x448_pmeth, NULL, qat_pkey_ecx_keygen); + EVP_PKEY_meth_set_derive(_hidden_x448_pmeth, NULL, qat_pkey_ecx_derive448); + EVP_PKEY_meth_set_ctrl(_hidden_x448_pmeth, qat_pkey_ecx_ctrl, NULL); + qat_hw_ecx_offload = 1; + DEBUG("QAT HW ECDH X448 Registration succeeded\n"); + } +#endif + + if (!qat_hw_ecx_offload) + EVP_PKEY_meth_copy(_hidden_x448_pmeth, sw_x448_pmeth); + + return _hidden_x448_pmeth; +} + /****************************************************************************** * function: * qat_create_pkey_meth(int nid) @@ -301,32 +385,29 @@ static EVP_PKEY_METHOD *qat_create_pkey_meth(int nid) { switch (nid) { # ifdef ENABLE_QAT_HW_PRF - case EVP_PKEY_TLS1_PRF: - return qat_prf_pmeth(); + case EVP_PKEY_TLS1_PRF: + return qat_prf_pmeth(); # endif + # if OPENSSL_VERSION_NUMBER > 0x10101000L -# ifdef ENABLE_QAT_HW_HKDF - case EVP_PKEY_HKDF: - return qat_hkdf_pmeth(); -# endif - case EVP_PKEY_X25519: -# ifdef ENABLE_QAT_HW_ECX - if(qat_hw_offload) - return qat_x25519_pmeth(); -# endif -# ifdef ENABLE_QAT_SW_ECX - if (mbx_get_algo_info(MBX_ALGO_X25519)) - return multibuff_x25519_pmeth(); -# endif -# ifdef ENABLE_QAT_HW_ECX - case EVP_PKEY_X448: - if (qat_hw_offload) - return qat_x448_pmeth(); +# ifdef ENABLE_QAT_HW_HKDF + case EVP_PKEY_HKDF: + return qat_hkdf_pmeth(); +# endif + +# if defined(ENABLE_QAT_HW_ECX) || defined(ENABLE_QAT_SW_ECX) + case EVP_PKEY_X25519: + return qat_x25519_pmeth(); # endif + +# ifdef ENABLE_QAT_HW_ECX + case EVP_PKEY_X448: + return qat_x448_pmeth(); +# endif # endif - default: - WARN("Invalid nid %d\n", nid); - return NULL; + default: + WARN("Invalid nid %d\n", nid); + return NULL; } } @@ -512,27 +593,16 @@ EC_KEY_METHOD *qat_get_EC_methods(void) if (qat_ec_method != NULL) return qat_ec_method; -#if (!defined(ENABLE_QAT_HW_ECDSA) && !defined(ENABLE_QAT_SW_ECDSA)) \ - || (!defined(ENABLE_QAT_HW_ECDH) && !defined(ENABLE_QAT_SW_ECDH)) \ - || defined(ENABLE_QAT_SW_ECDSA) EC_KEY_METHOD *def_ec_meth = (EC_KEY_METHOD *)EC_KEY_get_default_method(); -#endif -#if !defined(ENABLE_QAT_HW_ECDSA) && !defined(ENABLE_QAT_SW_ECDSA) PFUNC_SIGN sign_pfunc = NULL; PFUNC_SIGN_SETUP sign_setup_pfunc = NULL; PFUNC_SIGN_SIG sign_sig_pfunc = NULL; -#endif - -#if defined(ENABLE_QAT_SW_ECDSA) || !defined(ENABLE_QAT_HW_ECDSA) PFUNC_VERIFY verify_pfunc = NULL; PFUNC_VERIFY_SIG verify_sig_pfunc = NULL; -#endif - -#if !defined(ENABLE_QAT_HW_ECDH) && !defined(ENABLE_QAT_SW_ECDH) PFUNC_COMP_KEY comp_key_pfunc = NULL; PFUNC_GEN_KEY gen_key_pfunc = NULL; -#endif + if ((qat_ec_method = EC_KEY_METHOD_new(qat_ec_method)) == NULL) { WARN("Unable to allocate qat EC_KEY_METHOD\n"); QATerr(QAT_F_QAT_GET_EC_METHODS, QAT_R_QAT_GET_EC_METHOD_MALLOC_FAILURE); @@ -554,7 +624,11 @@ EC_KEY_METHOD *qat_get_EC_methods(void) #endif #ifdef ENABLE_QAT_SW_ECDSA - if (!qat_hw_ecdsa_offload) { + if (!qat_hw_ecdsa_offload && + (mbx_get_algo_info(MBX_ALGO_ECDHE_NIST_P256) && + mbx_get_algo_info(MBX_ALGO_ECDHE_NIST_P384) && + mbx_get_algo_info(MBX_ALGO_ECDSA_NIST_P256) && + mbx_get_algo_info(MBX_ALGO_ECDSA_NIST_P384))) { EC_KEY_METHOD_set_sign(qat_ec_method, mb_ecdsa_sign, mb_ecdsa_sign_setup, @@ -566,26 +640,28 @@ EC_KEY_METHOD *qat_get_EC_methods(void) EC_KEY_METHOD_set_verify(qat_ec_method, verify_pfunc, verify_sig_pfunc); + qat_sw_ecdsa_offload = 1; DEBUG("QAT SW ECDSA registration succeeded\n"); } #endif -#if !defined(ENABLE_QAT_HW_ECDSA) && !defined(ENABLE_QAT_SW_ECDSA) - EC_KEY_METHOD_get_sign(def_ec_meth, - &sign_pfunc, - &sign_setup_pfunc, - &sign_sig_pfunc); - EC_KEY_METHOD_set_sign(qat_ec_method, - sign_pfunc, - sign_setup_pfunc, - sign_sig_pfunc); - EC_KEY_METHOD_get_verify(def_ec_meth, - &verify_pfunc, - &verify_sig_pfunc); - EC_KEY_METHOD_set_verify(qat_ec_method, - verify_pfunc, - verify_sig_pfunc); -#endif + if ((qat_hw_ecdsa_offload == 0) && (qat_sw_ecdsa_offload == 0)) { + EC_KEY_METHOD_get_sign(def_ec_meth, + &sign_pfunc, + &sign_setup_pfunc, + &sign_sig_pfunc); + EC_KEY_METHOD_set_sign(qat_ec_method, + sign_pfunc, + sign_setup_pfunc, + sign_sig_pfunc); + EC_KEY_METHOD_get_verify(def_ec_meth, + &verify_pfunc, + &verify_sig_pfunc); + EC_KEY_METHOD_set_verify(qat_ec_method, + verify_pfunc, + verify_sig_pfunc); + DEBUG("QAT_HW and QAT_SW ECDSA not supported! Using OpenSSL SW method\n"); + } #ifdef ENABLE_QAT_HW_ECDH if (qat_hw_offload) { @@ -597,19 +673,25 @@ EC_KEY_METHOD *qat_get_EC_methods(void) #endif #ifdef ENABLE_QAT_SW_ECDH - if (!qat_hw_ecdh_offload) { + if (!qat_hw_ecdh_offload && + (mbx_get_algo_info(MBX_ALGO_ECDHE_NIST_P256) && + mbx_get_algo_info(MBX_ALGO_ECDHE_NIST_P384) && + mbx_get_algo_info(MBX_ALGO_ECDSA_NIST_P256) && + mbx_get_algo_info(MBX_ALGO_ECDSA_NIST_P384))) { EC_KEY_METHOD_set_keygen(qat_ec_method, mb_ecdh_generate_key); EC_KEY_METHOD_set_compute_key(qat_ec_method, mb_ecdh_compute_key); + qat_sw_ecdh_offload = 1; DEBUG("QAT SW ECDH registration succeeded\n"); } #endif -#if !defined(ENABLE_QAT_HW_ECDH) && !defined(ENABLE_QAT_SW_ECDH) - EC_KEY_METHOD_get_keygen(def_ec_meth, &gen_key_pfunc); - EC_KEY_METHOD_set_keygen(qat_ec_method, gen_key_pfunc); - EC_KEY_METHOD_get_compute_key(def_ec_meth, &comp_key_pfunc); - EC_KEY_METHOD_set_compute_key(qat_ec_method, comp_key_pfunc); -#endif + if ((qat_hw_ecdh_offload == 0) && (qat_sw_ecdh_offload == 0)) { + EC_KEY_METHOD_get_keygen(def_ec_meth, &gen_key_pfunc); + EC_KEY_METHOD_set_keygen(qat_ec_method, gen_key_pfunc); + EC_KEY_METHOD_get_compute_key(def_ec_meth, &comp_key_pfunc); + EC_KEY_METHOD_set_compute_key(qat_ec_method, comp_key_pfunc); + DEBUG("QAT_HW and QAT_SW ECDH not supported! Using OpenSSL SW method\n"); + } return qat_ec_method; } diff --git a/qat_evp.h b/qat_evp.h index b3c4d1ea..ea62356e 100644 --- a/qat_evp.h +++ b/qat_evp.h @@ -93,6 +93,22 @@ typedef int (*PFUNC_VERIFY_SIG)(const unsigned char *, int, const ECDSA_SIG *, EC_KEY *eckey); +extern const EVP_PKEY_METHOD *sw_x25519_pmeth; +extern const EVP_PKEY_METHOD *sw_x448_pmeth; + +# ifdef ENABLE_QAT_HW_ECX +int qat_pkey_ecx_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); +int qat_pkey_ecx_derive25519(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); +int qat_pkey_ecx_derive448(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); +int qat_pkey_ecx_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); +# endif + +# ifdef ENABLE_QAT_SW_ECX +int multibuff_x25519_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); +int multibuff_x25519_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); +int multibuff_x25519_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); +# endif + int qat_pkey_methods(ENGINE *e, EVP_PKEY_METHOD **pmeth, const int **nids, int nid); diff --git a/qat_hw_ecx.c b/qat_hw_ecx.c index 2a470ed1..4ea4297a 100644 --- a/qat_hw_ecx.c +++ b/qat_hw_ecx.c @@ -94,71 +94,6 @@ typedef struct { unsigned char *privkey; } ECX_KEY; -/* Function Declarations */ -static int qat_pkey_ecx_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); -static int qat_pkey_ecx_derive25519(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); -static int qat_pkey_ecx_derive448(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); -static int qat_pkey_ecx_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); - -static EVP_PKEY_METHOD *_hidden_x25519_pmeth = NULL; -static EVP_PKEY_METHOD *_hidden_x448_pmeth = NULL; - -/* Have a store of the s/w EVP_PKEY_METHOD for software fallback purposes. */ -static const EVP_PKEY_METHOD *sw_x25519_pmeth = NULL; -static const EVP_PKEY_METHOD *sw_x448_pmeth = NULL; - -EVP_PKEY_METHOD *qat_x25519_pmeth(void) -{ - if (_hidden_x25519_pmeth) - return _hidden_x25519_pmeth; - - if ((_hidden_x25519_pmeth = - EVP_PKEY_meth_new(EVP_PKEY_X25519, 0)) == NULL) { - QATerr(QAT_F_QAT_X25519_PMETH, QAT_R_ALLOC_QAT_X25519_METH_FAILURE); - return NULL; - } - - /* Now save the current (non-offloaded) x25519 pmeth to sw_x25519_pmeth */ - /* for software fallback purposes */ - if ((sw_x25519_pmeth = EVP_PKEY_meth_find(EVP_PKEY_X25519)) == NULL) { - QATerr(QAT_F_QAT_X25519_PMETH, ERR_R_INTERNAL_ERROR); - return NULL; - } - EVP_PKEY_meth_set_keygen(_hidden_x25519_pmeth, NULL, qat_pkey_ecx_keygen); - EVP_PKEY_meth_set_derive(_hidden_x25519_pmeth, NULL, qat_pkey_ecx_derive25519); - EVP_PKEY_meth_set_ctrl(_hidden_x25519_pmeth, qat_pkey_ecx_ctrl, NULL); - - DEBUG("QAT HW ECDH X25519 Registration succeeded\n"); - return _hidden_x25519_pmeth; -} - -EVP_PKEY_METHOD *qat_x448_pmeth(void) -{ - if (_hidden_x448_pmeth) - return _hidden_x448_pmeth; - - if ((_hidden_x448_pmeth = - EVP_PKEY_meth_new(EVP_PKEY_X448, 0)) == NULL) { - QATerr(QAT_F_QAT_X448_PMETH, QAT_R_ALLOC_QAT_X448_METH_FAILURE); - return NULL; - } - - /* Now save the current (non-offloaded) x448 pmeth to sw_x448_pmeth */ - /* for software fallback purposes */ - if ((sw_x448_pmeth = EVP_PKEY_meth_find(EVP_PKEY_X448)) == NULL) { - QATerr(QAT_F_QAT_X448_PMETH, ERR_R_INTERNAL_ERROR); - return NULL; - } - - EVP_PKEY_meth_set_keygen(_hidden_x448_pmeth, NULL, qat_pkey_ecx_keygen); - EVP_PKEY_meth_set_derive(_hidden_x448_pmeth, NULL, qat_pkey_ecx_derive448); - EVP_PKEY_meth_set_ctrl(_hidden_x448_pmeth, qat_pkey_ecx_ctrl, NULL); - - DEBUG("QAT HW ECDH X448 Registration succeeded\n"); - return _hidden_x448_pmeth; -} - - static inline int reverse_bytes(unsigned char *tobuffer, unsigned char *frombuffer, unsigned int size) { @@ -214,7 +149,7 @@ static void qat_ecx_cb(void *pCallbackTag, CpaStatus status, NULL, multiplyStatus); } -static int qat_pkey_ecx_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) +int qat_pkey_ecx_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { CpaCyEcMontEdwdsPointMultiplyOpData *qat_ecx_op_data = NULL; @@ -583,7 +518,7 @@ static int qat_validate_ecx_derive(EVP_PKEY_CTX *ctx, return 1; } -static int qat_pkey_ecx_derive25519(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) +int qat_pkey_ecx_derive25519(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) { CpaCyEcMontEdwdsPointMultiplyOpData *qat_ecx_op_data = NULL; @@ -876,7 +811,7 @@ static int qat_pkey_ecx_derive25519(EVP_PKEY_CTX *ctx, unsigned char *key, size_ return ret; } -static int qat_pkey_ecx_derive448(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) +int qat_pkey_ecx_derive448(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) { CpaCyEcMontEdwdsPointMultiplyOpData *qat_ecx_op_data = NULL; @@ -1168,7 +1103,7 @@ static int qat_pkey_ecx_derive448(EVP_PKEY_CTX *ctx, unsigned char *key, size_t return ret; } -static int qat_pkey_ecx_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) +int qat_pkey_ecx_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { DEBUG("Started\n"); diff --git a/qat_hw_hkdf.c b/qat_hw_hkdf.c index e17726a4..3fd9e739 100644 --- a/qat_hw_hkdf.c +++ b/qat_hw_hkdf.c @@ -88,7 +88,7 @@ */ #define QAT_HKDF_INFO_MAXBUF 1024 -#ifndef DISABLE_QAT_HW_HKDF +#ifdef ENABLE_QAT_HW_HKDF /* QAT TLS pkey context structure */ typedef struct { /* Mode: Extract, Expand or both */ @@ -106,55 +106,48 @@ static void qat_hkdf_cleanup(EVP_PKEY_CTX *ctx); static int qat_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *olen); static int qat_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); -#endif /* DISABLE_QAT_HW_HKDF */ - -static EVP_PKEY_METHOD *_hidden_hkdf_pmeth = NULL; +#endif /* ENABLE_QAT_HW_HKDF */ -#ifndef DISABLE_QAT_HW_HKDF /* Have a store of the s/w EVP_PKEY_METHOD for software fallback purposes. */ static const EVP_PKEY_METHOD *sw_hkdf_pmeth = NULL; -#endif +static EVP_PKEY_METHOD *_hidden_hkdf_pmeth = NULL; EVP_PKEY_METHOD *qat_hkdf_pmeth(void) { -#ifdef DISABLE_QAT_HW_HKDF - const EVP_PKEY_METHOD *current_hkdf_pmeth = NULL; -#endif if (_hidden_hkdf_pmeth) return _hidden_hkdf_pmeth; -#ifdef DISABLE_QAT_HW_HKDF - if ((current_hkdf_pmeth = EVP_PKEY_meth_find(EVP_PKEY_HKDF)) == NULL) { - QATerr(QAT_F_QAT_HKDF_PMETH, ERR_R_INTERNAL_ERROR); - return NULL; - } -#endif + if ((_hidden_hkdf_pmeth = EVP_PKEY_meth_new(EVP_PKEY_HKDF, 0)) == NULL) { QATerr(QAT_F_QAT_HKDF_PMETH, ERR_R_INTERNAL_ERROR); return NULL; } -#ifdef DISABLE_QAT_HW_HKDF - EVP_PKEY_meth_copy(_hidden_hkdf_pmeth, current_hkdf_pmeth); -#else /* Now save the current (non-offloaded) hkdf pmeth to sw_hkdf_pmeth */ /* for software fallback purposes */ if ((sw_hkdf_pmeth = EVP_PKEY_meth_find(EVP_PKEY_HKDF)) == NULL) { QATerr(QAT_F_QAT_HKDF_PMETH, ERR_R_INTERNAL_ERROR); return NULL; } - EVP_PKEY_meth_set_init(_hidden_hkdf_pmeth, qat_hkdf_init); - EVP_PKEY_meth_set_cleanup(_hidden_hkdf_pmeth, qat_hkdf_cleanup); - EVP_PKEY_meth_set_derive(_hidden_hkdf_pmeth, NULL, - qat_hkdf_derive); - EVP_PKEY_meth_set_ctrl(_hidden_hkdf_pmeth, qat_hkdf_ctrl, NULL); - - DEBUG("QAT HW HKDF Registration succeeded\n"); +#ifdef ENABLE_QAT_HW_HKDF + if (qat_hw_offload) { + EVP_PKEY_meth_set_init(_hidden_hkdf_pmeth, qat_hkdf_init); + EVP_PKEY_meth_set_cleanup(_hidden_hkdf_pmeth, qat_hkdf_cleanup); + EVP_PKEY_meth_set_derive(_hidden_hkdf_pmeth, NULL, + qat_hkdf_derive); + EVP_PKEY_meth_set_ctrl(_hidden_hkdf_pmeth, qat_hkdf_ctrl, NULL); + qat_hw_hkdf_offload = 1; + DEBUG("QAT HW HKDF Registration succeeded\n"); + } #endif + if (!qat_hw_hkdf_offload) { + EVP_PKEY_meth_copy(_hidden_hkdf_pmeth, sw_hkdf_pmeth); + DEBUG("OpenSSL SW HKDF\n"); + } return _hidden_hkdf_pmeth; } -#ifndef DISABLE_QAT_HW_HKDF +#ifdef ENABLE_QAT_HW_HKDF /****************************************************************************** * function: * qat_hkdf_init(EVP_PKEY_CTX *ctx) @@ -780,4 +773,4 @@ static int qat_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *olen) } return ret; } -#endif /* DISABLE_QAT_HW_HKDF */ +#endif /* ENABLE_QAT_HW_HKDF */ diff --git a/qat_hw_prf.c b/qat_hw_prf.c index 3f1e3104..dc692823 100644 --- a/qat_hw_prf.c +++ b/qat_hw_prf.c @@ -126,8 +126,6 @@ static const EVP_PKEY_METHOD *sw_prf_pmeth = NULL; EVP_PKEY_METHOD *qat_prf_pmeth(void) { - const EVP_PKEY_METHOD *current_prf_pmeth = NULL; - if (_hidden_prf_pmeth) return _hidden_prf_pmeth; @@ -144,23 +142,19 @@ EVP_PKEY_METHOD *qat_prf_pmeth(void) return NULL; } - if (qat_hw_offload) { #ifdef ENABLE_QAT_HW_PRF + if (qat_hw_offload) { EVP_PKEY_meth_set_init(_hidden_prf_pmeth, qat_tls1_prf_init); EVP_PKEY_meth_set_cleanup(_hidden_prf_pmeth, qat_prf_cleanup); EVP_PKEY_meth_set_derive(_hidden_prf_pmeth, NULL, qat_prf_tls_derive); EVP_PKEY_meth_set_ctrl(_hidden_prf_pmeth, qat_tls1_prf_ctrl, NULL); -#endif - } else { - if ((current_prf_pmeth = EVP_PKEY_meth_find(EVP_PKEY_TLS1_PRF)) == NULL) { - QATerr(QAT_F_QAT_PRF_PMETH, ERR_R_INTERNAL_ERROR); - return NULL; - } - EVP_PKEY_meth_copy(_hidden_prf_pmeth, current_prf_pmeth); + qat_hw_prf_offload = 1; + DEBUG("QAT HW PRF Registration succeeded\n"); } - - DEBUG("QAT HW PRF Registration succeeded\n"); +#endif + if (!qat_hw_prf_offload) + EVP_PKEY_meth_copy(_hidden_prf_pmeth, sw_prf_pmeth); return _hidden_prf_pmeth; } diff --git a/qat_sw_ecx.c b/qat_sw_ecx.c index 23b2a8bb..3ee5227a 100644 --- a/qat_sw_ecx.c +++ b/qat_sw_ecx.c @@ -62,6 +62,7 @@ #include "qat_utils.h" #include "qat_events.h" #include "qat_fork.h" +#include "qat_evp.h" #include "qat_sw_ecx.h" #include "qat_sw_request.h" @@ -83,40 +84,6 @@ int x25519_nid[] = { EVP_PKEY_X25519 }; -static EVP_PKEY_METHOD *_hidden_x25519_pmeth = NULL; - -/* Have a store of the s/w EVP_PKEY_METHOD for software fallback purposes. */ -static const EVP_PKEY_METHOD *sw_x25519_pmeth = NULL; -static int multibuff_x25519_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); -static int multibuff_x25519_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); -static int multibuff_x25519_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); - -/* Multibuff X25519 methods declaration */ -EVP_PKEY_METHOD *multibuff_x25519_pmeth(void) -{ - if (_hidden_x25519_pmeth) - return _hidden_x25519_pmeth; - - if ((_hidden_x25519_pmeth = - EVP_PKEY_meth_new(EVP_PKEY_X25519, 0)) == NULL) { - QATerr(QAT_F_MULTIBUFF_X25519_PMETH, ERR_R_INTERNAL_ERROR); - return NULL; - } - - /* Now save the current (non-offloaded) x25519 pmeth to sw_x25519_pmeth */ - /* for software fallback purposes */ - if ((sw_x25519_pmeth = EVP_PKEY_meth_find(EVP_PKEY_X25519)) == NULL) { - QATerr(QAT_F_MULTIBUFF_X25519_PMETH, ERR_R_INTERNAL_ERROR); - return NULL; - } - - EVP_PKEY_meth_set_keygen(_hidden_x25519_pmeth, NULL, multibuff_x25519_keygen); - EVP_PKEY_meth_set_derive(_hidden_x25519_pmeth, NULL, multibuff_x25519_derive); - EVP_PKEY_meth_set_ctrl(_hidden_x25519_pmeth, multibuff_x25519_ctrl, NULL); - - DEBUG("QAT SW X25519 registration succeeded\n"); - return _hidden_x25519_pmeth; -} void process_x25519_keygen_reqs(mb_thread_data *tlv) { @@ -500,7 +467,7 @@ int multibuff_x25519_derive(EVP_PKEY_CTX *ctx, return sts; } -static int multibuff_x25519_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) +int multibuff_x25519_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { /* Only need to handle peer key for derivation */ if (type == EVP_PKEY_CTRL_PEER_KEY) diff --git a/qat_sw_ecx.h b/qat_sw_ecx.h index 108b3857..4119451c 100644 --- a/qat_sw_ecx.h +++ b/qat_sw_ecx.h @@ -51,9 +51,6 @@ /* Multibuff X25519 methods declaration */ -int multibuff_x25519_pkey_methods(ENGINE *e, EVP_PKEY_METHOD **pmeth, - const int **nids, int nid); -EVP_PKEY_METHOD *multibuff_x25519_pmeth(void); void process_x25519_keygen_reqs(mb_thread_data *tlv); void process_x25519_derive_reqs(mb_thread_data *tlv); diff --git a/qatengine-sw.spec b/qatengine-sw.spec index 55534865..9760aa89 100644 --- a/qatengine-sw.spec +++ b/qatengine-sw.spec @@ -4,7 +4,7 @@ %global enginesdir %(pkg-config --variable=enginesdir libcrypto) Name: qatengine-sw -Version: 0.6.8 +Version: 0.6.9 Release: 1%{?dist} Summary: Intel QuickAssist Technology (QAT) OpenSSL Engine # Most of the source code is BSD, with the following exceptions: @@ -49,5 +49,8 @@ autoreconf -ivf %exclude %{enginesdir}/qatengine.la %changelog +* Mon Oct 18 2021 Yogaraj Alamenda - 0.6.9-1 +- Update to qatengine v0.6.9 + * Mon Aug 23 2021 Bernard Iremonger 0.6.8-1 - Initial version of rpm package diff --git a/qatengine.spec b/qatengine.spec index 28680b66..6046fca8 100644 --- a/qatengine.spec +++ b/qatengine.spec @@ -4,7 +4,7 @@ %global enginesdir %(pkg-config --variable=enginesdir libcrypto) Name: qatengine -Version: 0.6.8 +Version: 0.6.9 Release: 1%{?dist} Summary: Intel QuickAssist Technology (QAT) OpenSSL Engine # Most of the source code is BSD, with the following exceptions: @@ -18,7 +18,7 @@ Source0: https://github.com/intel/%{githubname}/archive/v%{version}/%{nam BuildRequires: gcc make pkg-config BuildRequires: autoconf automake libtool BuildRequires: openssl-devel >= 1.1.1 -BuildRequires: qatlib-devel >= 20.10.0 +BuildRequires: qatlib-devel >= 21.08.0 # https://bugzilla.redhat.com/show_bug.cgi?id=1909065 ExcludeArch: %{arm} aarch64 %{power64} s390x i686 @@ -46,6 +46,9 @@ autoreconf -ivf %exclude %{enginesdir}/qatengine.la %changelog +* Mon Oct 18 2021 Yogaraj Alamenda - 0.6.9-1 +- Update to qatengine v0.6.9 + * Fri Sep 10 2021 Yogaraj Alamenda - 0.6.8-1 - Update to qatengine v0.6.8