cryptodev: move DH type from xform to DH op

- Moved DH operation type to DH operation struct.
Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
be free to choose for any operation. One xf

cryptodev: move DH type from xform to DH op

- Moved DH operation type to DH operation struct.
Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
be free to choose for any operation. One xform/session should
be enough to perform both DH operations, if op_type would be xform
member, session would have to be created twice for the same
group. Similar problem would be observed in sessionless case.
Additionally, it will help extend DH to support Elliptic Curves.
- Changed order of Diffie-Hellman operation phases.
Now it corresponds with the order of operations.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

cryptodev: separate key exchange operation enum

- Separated key exchange enum from asym op type.
Key exchange and asymmetric crypto operations like signatures,
encryption/decryption should not share

cryptodev: separate key exchange operation enum

- Separated key exchange enum from asym op type.
Key exchange and asymmetric crypto operations like signatures,
encryption/decryption should not share same operation enum as
its use cases are unrelated and mutually exclusive.
Therefore op_type was separate into:
1) operation type
2) key exchange operation type

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

drivers/crypto: fix warnings for OpenSSL version

The API of the OpenSSL library has changed with version 3.0. This results
in a lot of compiler warnings like

../dpdk/drivers/crypto/ccp/ccp_cryp

drivers/crypto: fix warnings for OpenSSL version

The API of the OpenSSL library has changed with version 3.0. This results
in a lot of compiler warnings like

../dpdk/drivers/crypto/ccp/ccp_crypto.c:182:9:
warning: ‘SHA256_Transform’ is deprecated:
Since OpenSSL 3.0 [-Wdeprecated-declarations]

As many Linux distributions still use elder OpenSSL libraries we cannot
change the used API now. Instead define OPENSSL_API_COMPAT to indicate
that we are using the OpenSSL 1.1.0 API.

OPENSSL_API_COMPAT is introduced in *.c files and not in *.h files as some
*.c files directly include OpenSSL headers.

Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Daxue Gao <daxuex.gao@intel.com>
Tested-by: David Marchand <david.marchand@redhat.com>
Acked-by: Kai Ji <kai.ji@intel.com>

show more ...

cryptodev: use single mempool for asymmetric session

Rather than using a session buffer that contains pointers to private
session data elsewhere, have a single session buffer.
This session is create

cryptodev: use single mempool for asymmetric session

Rather than using a session buffer that contains pointers to private
session data elsewhere, have a single session buffer.
This session is created for a driver ID, and the mempool element
contains space for the max session private data needed for any driver.

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

remove unnecessary null checks

Functions like free, rte_free, and rte_mempool_free
already handle NULL pointer so the checks here are not necessary.

Remove redundant NULL pointer checks before free

remove unnecessary null checks

Functions like free, rte_free, and rte_mempool_free
already handle NULL pointer so the checks here are not necessary.

Remove redundant NULL pointer checks before free functions
found by nullfree.cocci

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

show more ...

cryptodev: expose driver interface as internal

The rte_cryptodev_pmd.* files are for drivers only and should be
private to DPDK, and not installed for app use.

Signed-off-by: Akhil Goyal <gakhil@ma

cryptodev: expose driver interface as internal

The rte_cryptodev_pmd.* files are for drivers only and should be
private to DPDK, and not installed for app use.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>

show more ...

cryptodev: remove unused operation for queue count

This commit removes unused function pointer (queue_pair_count)
from struct rte_cryptodev_ops. Related functions removed as well.

Signed-off-by: Ar

cryptodev: remove unused operation for queue count

This commit removes unused function pointer (queue_pair_count)
from struct rte_cryptodev_ops. Related functions removed as well.

Signed-off-by: Artur Trybula <arturx.trybula@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>

show more ...

rename private header files

Some of the internal header files have 'rte_' prefix
and some don't.
Remove 'rte_' prefix from all internal header files.

Suggested-by: Thomas Monjalon <thomas@monjalon.

rename private header files

Some of the internal header files have 'rte_' prefix
and some don't.
Remove 'rte_' prefix from all internal header files.

Suggested-by: Thomas Monjalon <thomas@monjalon.net>
Signed-off-by: Dharmik Thakkar <dharmik.thakkar@arm.com>
Reviewed-by: Phil Yang <phil.yang@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>

show more ...

crypto/openssl: fix free of asymmetric crypto keys

In case big number need to be freed, data it contains should
also be cleared before especially if it is critical data like
private keys.

Fixes: 3e

crypto/openssl: fix free of asymmetric crypto keys

In case big number need to be freed, data it contains should
also be cleared before especially if it is critical data like
private keys.

Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym operations")
Cc: stable@dpdk.org

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

show more ...

cryptodev: change queue pair configure structure

This patch changes the cryptodev queue pair configure structure
to enable two mempool passed into cryptodev PMD simutaneously.

Signed-off-by: Fan Zh

cryptodev: change queue pair configure structure

This patch changes the cryptodev queue pair configure structure
to enable two mempool passed into cryptodev PMD simutaneously.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

drivers/crypto: fix PMDs memory leak

This patch fixes the memory leak during queue pair release.
Originally the operation ring is not freed when releasing
queue pair, causing the next queue_pair con

drivers/crypto: fix PMDs memory leak

This patch fixes the memory leak during queue pair release.
Originally the operation ring is not freed when releasing
queue pair, causing the next queue_pair configure call fail
and memory leak.

Fixes: eec136f3c54f ("aesni_gcm: add driver for AES-GCM crypto operations")
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Fixes: 3aafc423cf4d ("snow3g: add driver for SNOW 3G library")
Fixes: 94b0ad8e0aa5 ("null_crypto: add driver for null crypto operations")
Cc: stable@dpdk.org

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

crypto/openssl: remove useless check before freeing

Remove if() condition prior to calling BN_free() as
BN_free(a) does nothing if a is NULL.

Signed-off-by: Akash Saxena <akash.saxena@caviumnetwork

crypto/openssl: remove useless check before freeing

Remove if() condition prior to calling BN_free() as
BN_free(a) does nothing if a is NULL.

Signed-off-by: Akash Saxena <akash.saxena@caviumnetworks.com>
Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

crypto/openssl: support truncated HMAC operations

IPsec requires truncated HMAC operations support. Extend OpenSSL crypto
PMD to support truncated HMAC operations necessary for IPsec.

Signed-off-by

crypto/openssl: support truncated HMAC operations

IPsec requires truncated HMAC operations support. Extend OpenSSL crypto
PMD to support truncated HMAC operations necessary for IPsec.

Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

crypto/openssl: replace macros by static inline functions

Replace macros by static inline functions in openssl version
compatibility layer

Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com

crypto/openssl: replace macros by static inline functions

Replace macros by static inline functions in openssl version
compatibility layer

Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

crypto/openssl: add DH and DSA asym operations

- Add dh key generation and shared compute
- Add dsa sign and verify operation

Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
Signed-off-

crypto/openssl: add DH and DSA asym operations

- Add dh key generation and shared compute
- Add dsa sign and verify operation

Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>

show more ...

crypto/openssl: add RSA and mod asym operations

- Add compat.h to make pmd compatible to openssl-1.1.0 and
backward version
- Add rsa sign/verify/encrypt/decrypt and modular operation
support

S

crypto/openssl: add RSA and mod asym operations

- Add compat.h to make pmd compatible to openssl-1.1.0 and
backward version
- Add rsa sign/verify/encrypt/decrypt and modular operation
support

Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>

show more ...

crypto/openssl: support 8-byte 3DES

Added extra case to support 8 byte key size
for 3DES CBC. Also changed capabilities to reflect
the change.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.

crypto/openssl: support 8-byte 3DES

Added extra case to support 8 byte key size
for 3DES CBC. Also changed capabilities to reflect
the change.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

cryptodev: rename PMD symmetric session API

The PMD specific API to configure, clear and
obtain session private size is renamed, including
the word _sym_ to clarify that it is API
for symmetric sess

cryptodev: rename PMD symmetric session API

The PMD specific API to configure, clear and
obtain session private size is renamed, including
the word _sym_ to clarify that it is API
for symmetric sessions, so there will not be any
conflicts for asymmetric and other type of sessions
in the future.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

cryptodev: remove queue start/stop functions

Removed cryptodev queue start/stop functions,
as they were marked deprecated in 18.05, since they
were not implemented by any driver.

Signed-off-by: Pab

cryptodev: remove queue start/stop functions

Removed cryptodev queue start/stop functions,
as they were marked deprecated in 18.05, since they
were not implemented by any driver.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

cryptodev: remove max number of sessions parameter

Most crypto PMDs do not have a limitation
of the number of the sessions that can be handled
internally. The value that was set before was not
actua

cryptodev: remove max number of sessions parameter

Most crypto PMDs do not have a limitation
of the number of the sessions that can be handled
internally. The value that was set before was not
actually used at all, since the sessions are created
at the application level.
Therefore, this value is not parsed from the initial
crypto parameters anymore and it is set to 0,
meaning that there is no actual limit.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

show more ...

crypto/openssl: add dynamic logging

Registered new dynamic logtype for driver and
replaced OPENSSL_LOG_ERR and CDEV_LOG_ERR macros with
new OPENSSL_LOG macro, which uses the new logtype.

Signed-off

crypto/openssl: add dynamic logging

Registered new dynamic logtype for driver and
replaced OPENSSL_LOG_ERR and CDEV_LOG_ERR macros with
new OPENSSL_LOG macro, which uses the new logtype.

Signed-off-by: Naga Suresh Somarowthu <naga.sureshx.somarowthu@intel.com>
Reviewed-by: Reshma Pattan <reshma.pattan@intel.com>
Reviewed-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

drivers: use SPDX tag for Intel copyright files

Replace the BSD license header with the SPDX tag for files
with only an Intel copyright on them.

Signed-off-by: Bruce Richardson <bruce.richardson@in

drivers: use SPDX tag for Intel copyright files

Replace the BSD license header with the SPDX tag for files
with only an Intel copyright on them.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>

show more ...

drivers/crypto: use snprintf return value correctly

snprintf return value is the length of was encoded into destination
array excluding '\0'. Thus return value equal to the length of the
destination

drivers/crypto: use snprintf return value correctly

snprintf return value is the length of was encoded into destination
array excluding '\0'. Thus return value equal to the length of the
destination array or more means truncation.

This commit fixes improper use of the return value.

Fixes: eec136f3c54f ("aesni_gcm: add driver for AES-GCM crypto operations")
Fixes: 924e84f87306 ("aesni_mb: add driver for multi buffer based crypto")
Fixes: 0f548b50a160 ("crypto/aesni_mb: process crypto op on dequeue")
Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
Fixes: 2773c86d061a ("crypto/kasumi: add driver for KASUMI library")
Fixes: 94b0ad8e0aa5 ("null_crypto: add driver for null crypto operations")
Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Fixes: 3aafc423cf4d ("snow3g: add driver for SNOW 3G library")
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org

Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>

show more ...

crypto/openssl: support AES-CCM

Add support to AES-CCM, for 128, 192 and 256-bit keys.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/openssl: support DES-CBC

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>