cryptodev: add cipher field to RSA op

Asymmetric nature of RSA algorithm suggest to use additional field for output. In place operations still can be done by setting cipher and message pointers with the same memory address. Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Acked-by: Shally Verma <shallyv@marvell.com>
2019-07-18 18:09:38 +02:00 · 2019-07-18 18:09:38 +02:00 · 501ed9c661
commit 501ed9c661
parent 2e728ed3e4
3 changed files with 45 additions and 11 deletions
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@ -92,6 +92,7 @@ queue_ops_rsa_sign_verify(struct rte_cryptodev_asym_session *sess)

 	asym_op->rsa.message.data = rsaplaintext.data;
 	asym_op->rsa.message.length = rsaplaintext.len;
+	asym_op->rsa.sign.length = 0;
 	asym_op->rsa.sign.data = output_buf;
 	asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;

@ -164,6 +165,7 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
 	uint8_t dev_id = ts_params->valid_devs[0];
 	struct rte_crypto_op *op, *result_op;
 	struct rte_crypto_asym_op *asym_op;
+	uint8_t cipher_buf[TEST_DATA_SIZE] = {0};
 	int ret, status = TEST_SUCCESS;

 	/* Set up crypto op data structure */
@ -180,6 +182,8 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
 	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;

 	asym_op->rsa.message.data = rsaplaintext.data;
+	asym_op->rsa.cipher.data = cipher_buf;
+	asym_op->rsa.cipher.length = 0;
 	asym_op->rsa.message.length = rsaplaintext.len;
 	asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;

@ -211,6 +215,7 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)

 	/* Use the resulted output as decryption Input vector*/
 	asym_op = result_op->asym;
+	asym_op->rsa.message.length = 0;
 	asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
 	asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;

--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@ -1867,19 +1867,19 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
 	case RTE_CRYPTO_ASYM_OP_ENCRYPT:
 		ret = RSA_public_encrypt(op->rsa.message.length,
 				op->rsa.message.data,
-				op->rsa.message.data,
+				op->rsa.cipher.data,
 				rsa,
 				pad);

 		if (ret > 0)
-			op->rsa.message.length = ret;
+			op->rsa.cipher.length = ret;
 		OPENSSL_LOG(DEBUG,
 				"length of encrypted text %d\n", ret);
 		break;

 	case RTE_CRYPTO_ASYM_OP_DECRYPT:
-		ret = RSA_private_decrypt(op->rsa.message.length,
-				op->rsa.message.data,
+		ret = RSA_private_decrypt(op->rsa.cipher.length,
+				op->rsa.cipher.data,
 				op->rsa.message.data,
 				rsa,
 				pad);
--- a/lib/librte_cryptodev/rte_crypto_asym.h
+++ b/lib/librte_cryptodev/rte_crypto_asym.h
@ -395,21 +395,50 @@ struct rte_crypto_rsa_op_param {

 	rte_crypto_param message;
 	/**<
-	 * Pointer to data
+	 * Pointer to input data
 	 * - to be encrypted for RSA public encrypt.
-	 * - to be decrypted for RSA private decrypt.
 	 * - to be signed for RSA sign generation.
 	 * - to be authenticated for RSA sign verification.
+	 *
+	 * Pointer to output data
+	 * - for RSA private decrypt.
+	 * In this case the underlying array should have been
+	 * allocated with enough memory to hold plaintext output
+	 * (i.e. must be at least RSA key size). The message.length
+	 * field should be 0 and will be overwritten by the PMD
+	 * with the decrypted length.
+	 *
+	 * All data is in Octet-string network byte order format.
+	 */
+
+	rte_crypto_param cipher;
+	/**<
+	 * Pointer to input data
+	 * - to be decrypted for RSA private decrypt.
+	 *
+	 * Pointer to output data
+	 * - for RSA public encrypt.
+	 * In this case the underlying array should have been allocated
+	 * with enough memory to hold ciphertext output (i.e. must be
+	 * at least RSA key size). The cipher.length field should
+	 * be 0 and will be overwritten by the PMD with the encrypted length.
+	 *
+	 * All data is in Octet-string network byte order format.
 	 */

 	rte_crypto_param sign;
 	/**<
-	 * Pointer to RSA signature data. If operation is RSA
-	 * sign @ref RTE_CRYPTO_ASYM_OP_SIGN, buffer will be
-	 * over-written with generated signature.
+	 * Pointer to input data
+	 * - to be verified for RSA public decrypt.
 	 *
-	 * Length of the signature data will be equal to the
-	 * RSA modulus length.
+	 * Pointer to output data
+	 * - for RSA private encrypt.
+	 * In this case the underlying array should have been allocated
+	 * with enough memory to hold signature output (i.e. must be
+	 * at least RSA key size). The sign.length field should
+	 * be 0 and will be overwritten by the PMD with the signature length.
+	 *
+	 * All data is in Octet-string network byte order format.
 	 */

 	enum rte_crypto_rsa_padding_type pad;