1b28f28aeSDharmik Thakkar /* SPDX-License-Identifier: BSD-3-Clause 2b28f28aeSDharmik Thakkar * Copyright(c) 2016-2017 Intel Corporation 3b28f28aeSDharmik Thakkar */ 4b28f28aeSDharmik Thakkar 5b28f28aeSDharmik Thakkar #ifndef _OPENSSL_PMD_PRIVATE_H_ 6b28f28aeSDharmik Thakkar #define _OPENSSL_PMD_PRIVATE_H_ 7b28f28aeSDharmik Thakkar 8b28f28aeSDharmik Thakkar #include <openssl/evp.h> 9b28f28aeSDharmik Thakkar #include <openssl/hmac.h> 10b28f28aeSDharmik Thakkar #include <openssl/des.h> 11b28f28aeSDharmik Thakkar #include <openssl/rsa.h> 12b28f28aeSDharmik Thakkar #include <openssl/dh.h> 13b28f28aeSDharmik Thakkar #include <openssl/dsa.h> 14b28f28aeSDharmik Thakkar 15b28f28aeSDharmik Thakkar #define CRYPTODEV_NAME_OPENSSL_PMD crypto_openssl 16b28f28aeSDharmik Thakkar /**< Open SSL Crypto PMD device name */ 17b28f28aeSDharmik Thakkar 18b28f28aeSDharmik Thakkar /** OPENSSL PMD LOGTYPE DRIVER */ 193071d471SBruce Richardson extern int openssl_logtype_driver; 20b28f28aeSDharmik Thakkar #define OPENSSL_LOG(level, fmt, ...) \ 21b28f28aeSDharmik Thakkar rte_log(RTE_LOG_ ## level, openssl_logtype_driver, \ 22b28f28aeSDharmik Thakkar "%s() line %u: " fmt "\n", __func__, __LINE__, \ 23b28f28aeSDharmik Thakkar ## __VA_ARGS__) 24b28f28aeSDharmik Thakkar 25b28f28aeSDharmik Thakkar /* Maximum length for digest (SHA-512 needs 64 bytes) */ 26b28f28aeSDharmik Thakkar #define DIGEST_LENGTH_MAX 64 27b28f28aeSDharmik Thakkar 28b28f28aeSDharmik Thakkar /** OPENSSL operation order mode enumerator */ 29b28f28aeSDharmik Thakkar enum openssl_chain_order { 30b28f28aeSDharmik Thakkar OPENSSL_CHAIN_ONLY_CIPHER, 31b28f28aeSDharmik Thakkar OPENSSL_CHAIN_ONLY_AUTH, 32b28f28aeSDharmik Thakkar OPENSSL_CHAIN_CIPHER_BPI, 33b28f28aeSDharmik Thakkar OPENSSL_CHAIN_CIPHER_AUTH, 34b28f28aeSDharmik Thakkar OPENSSL_CHAIN_AUTH_CIPHER, 35b28f28aeSDharmik Thakkar OPENSSL_CHAIN_COMBINED, 36b28f28aeSDharmik Thakkar OPENSSL_CHAIN_NOT_SUPPORTED 37b28f28aeSDharmik Thakkar }; 38b28f28aeSDharmik Thakkar 39b28f28aeSDharmik Thakkar /** OPENSSL cipher mode enumerator */ 40b28f28aeSDharmik Thakkar enum openssl_cipher_mode { 41b28f28aeSDharmik Thakkar OPENSSL_CIPHER_LIB, 42b28f28aeSDharmik Thakkar OPENSSL_CIPHER_DES3CTR, 43b28f28aeSDharmik Thakkar }; 44b28f28aeSDharmik Thakkar 45b28f28aeSDharmik Thakkar /** OPENSSL auth mode enumerator */ 46b28f28aeSDharmik Thakkar enum openssl_auth_mode { 47b28f28aeSDharmik Thakkar OPENSSL_AUTH_AS_AUTH, 48b28f28aeSDharmik Thakkar OPENSSL_AUTH_AS_HMAC, 49b28f28aeSDharmik Thakkar }; 50b28f28aeSDharmik Thakkar 51b28f28aeSDharmik Thakkar /** private data structure for each OPENSSL crypto device */ 52b28f28aeSDharmik Thakkar struct openssl_private { 53b28f28aeSDharmik Thakkar unsigned int max_nb_qpairs; 54b28f28aeSDharmik Thakkar /**< Max number of queue pairs */ 55b28f28aeSDharmik Thakkar }; 56b28f28aeSDharmik Thakkar 57b28f28aeSDharmik Thakkar /** OPENSSL crypto queue pair */ 58b28f28aeSDharmik Thakkar struct openssl_qp { 59b28f28aeSDharmik Thakkar uint16_t id; 60b28f28aeSDharmik Thakkar /**< Queue Pair Identifier */ 61b28f28aeSDharmik Thakkar char name[RTE_CRYPTODEV_NAME_MAX_LEN]; 62b28f28aeSDharmik Thakkar /**< Unique Queue Pair Name */ 63b28f28aeSDharmik Thakkar struct rte_ring *processed_ops; 64b28f28aeSDharmik Thakkar /**< Ring for placing process packets */ 65b28f28aeSDharmik Thakkar struct rte_mempool *sess_mp; 66b28f28aeSDharmik Thakkar /**< Session Mempool */ 67b28f28aeSDharmik Thakkar struct rte_mempool *sess_mp_priv; 68b28f28aeSDharmik Thakkar /**< Session Private Data Mempool */ 69b28f28aeSDharmik Thakkar struct rte_cryptodev_stats stats; 70b28f28aeSDharmik Thakkar /**< Queue pair statistics */ 71b28f28aeSDharmik Thakkar uint8_t temp_digest[DIGEST_LENGTH_MAX]; 72b28f28aeSDharmik Thakkar /**< Buffer used to store the digest generated 73b28f28aeSDharmik Thakkar * by the driver when verifying a digest provided 74b28f28aeSDharmik Thakkar * by the user (using authentication verify operation) 75b28f28aeSDharmik Thakkar */ 76b28f28aeSDharmik Thakkar } __rte_cache_aligned; 77b28f28aeSDharmik Thakkar 78b28f28aeSDharmik Thakkar /** OPENSSL crypto private session structure */ 79b28f28aeSDharmik Thakkar struct openssl_session { 80b28f28aeSDharmik Thakkar enum openssl_chain_order chain_order; 81b28f28aeSDharmik Thakkar /**< chain order mode */ 82b28f28aeSDharmik Thakkar 83b28f28aeSDharmik Thakkar struct { 84b28f28aeSDharmik Thakkar uint16_t length; 85b28f28aeSDharmik Thakkar uint16_t offset; 86b28f28aeSDharmik Thakkar } iv; 87b28f28aeSDharmik Thakkar /**< IV parameters */ 88b28f28aeSDharmik Thakkar 89b28f28aeSDharmik Thakkar enum rte_crypto_aead_algorithm aead_algo; 90b28f28aeSDharmik Thakkar /**< AEAD algorithm */ 91b28f28aeSDharmik Thakkar 92b28f28aeSDharmik Thakkar /** Cipher Parameters */ 93b28f28aeSDharmik Thakkar struct { 94b28f28aeSDharmik Thakkar enum rte_crypto_cipher_operation direction; 95b28f28aeSDharmik Thakkar /**< cipher operation direction */ 96b28f28aeSDharmik Thakkar enum openssl_cipher_mode mode; 97b28f28aeSDharmik Thakkar /**< cipher operation mode */ 98b28f28aeSDharmik Thakkar enum rte_crypto_cipher_algorithm algo; 99b28f28aeSDharmik Thakkar /**< cipher algorithm */ 100b28f28aeSDharmik Thakkar 101b28f28aeSDharmik Thakkar struct { 102b28f28aeSDharmik Thakkar uint8_t data[32]; 103b28f28aeSDharmik Thakkar /**< key data */ 104b28f28aeSDharmik Thakkar size_t length; 105b28f28aeSDharmik Thakkar /**< key length in bytes */ 106b28f28aeSDharmik Thakkar } key; 107b28f28aeSDharmik Thakkar 108b28f28aeSDharmik Thakkar const EVP_CIPHER *evp_algo; 109b28f28aeSDharmik Thakkar /**< pointer to EVP algorithm function */ 110b28f28aeSDharmik Thakkar EVP_CIPHER_CTX *ctx; 111b28f28aeSDharmik Thakkar /**< pointer to EVP context structure */ 112b28f28aeSDharmik Thakkar EVP_CIPHER_CTX *bpi_ctx; 113b28f28aeSDharmik Thakkar } cipher; 114b28f28aeSDharmik Thakkar 115b28f28aeSDharmik Thakkar /** Authentication Parameters */ 116b28f28aeSDharmik Thakkar struct { 117b28f28aeSDharmik Thakkar enum rte_crypto_auth_operation operation; 118b28f28aeSDharmik Thakkar /**< auth operation generate or verify */ 119b28f28aeSDharmik Thakkar enum openssl_auth_mode mode; 120b28f28aeSDharmik Thakkar /**< auth operation mode */ 121b28f28aeSDharmik Thakkar enum rte_crypto_auth_algorithm algo; 122b28f28aeSDharmik Thakkar /**< cipher algorithm */ 123b28f28aeSDharmik Thakkar 124b28f28aeSDharmik Thakkar union { 125b28f28aeSDharmik Thakkar struct { 126b28f28aeSDharmik Thakkar const EVP_MD *evp_algo; 127b28f28aeSDharmik Thakkar /**< pointer to EVP algorithm function */ 128b28f28aeSDharmik Thakkar EVP_MD_CTX *ctx; 129b28f28aeSDharmik Thakkar /**< pointer to EVP context structure */ 130b28f28aeSDharmik Thakkar } auth; 131b28f28aeSDharmik Thakkar 132b28f28aeSDharmik Thakkar struct { 133b28f28aeSDharmik Thakkar EVP_PKEY *pkey; 134b28f28aeSDharmik Thakkar /**< pointer to EVP key */ 135b28f28aeSDharmik Thakkar const EVP_MD *evp_algo; 136b28f28aeSDharmik Thakkar /**< pointer to EVP algorithm function */ 137*75adf1eaSKai Ji # if OPENSSL_VERSION_NUMBER >= 0x30000000L 138*75adf1eaSKai Ji EVP_MAC_CTX * ctx; 139*75adf1eaSKai Ji # else 140b28f28aeSDharmik Thakkar HMAC_CTX *ctx; 141*75adf1eaSKai Ji # endif 142b28f28aeSDharmik Thakkar /**< pointer to EVP context structure */ 143b28f28aeSDharmik Thakkar } hmac; 144b28f28aeSDharmik Thakkar }; 145b28f28aeSDharmik Thakkar 146b28f28aeSDharmik Thakkar uint16_t aad_length; 147b28f28aeSDharmik Thakkar /**< AAD length */ 148b28f28aeSDharmik Thakkar uint16_t digest_length; 149b28f28aeSDharmik Thakkar /**< digest length */ 150b28f28aeSDharmik Thakkar } auth; 151b28f28aeSDharmik Thakkar 152b28f28aeSDharmik Thakkar } __rte_cache_aligned; 153b28f28aeSDharmik Thakkar 154b28f28aeSDharmik Thakkar /** OPENSSL crypto private asymmetric session structure */ 155b28f28aeSDharmik Thakkar struct openssl_asym_session { 156b28f28aeSDharmik Thakkar enum rte_crypto_asym_xform_type xfrm_type; 157b28f28aeSDharmik Thakkar union { 158b28f28aeSDharmik Thakkar struct rsa { 159b28f28aeSDharmik Thakkar RSA *rsa; 160b28f28aeSDharmik Thakkar } r; 161b28f28aeSDharmik Thakkar struct exp { 162b28f28aeSDharmik Thakkar BIGNUM *exp; 163b28f28aeSDharmik Thakkar BIGNUM *mod; 164b28f28aeSDharmik Thakkar BN_CTX *ctx; 165b28f28aeSDharmik Thakkar } e; 166b28f28aeSDharmik Thakkar struct mod { 167b28f28aeSDharmik Thakkar BIGNUM *modulus; 168b28f28aeSDharmik Thakkar BN_CTX *ctx; 169b28f28aeSDharmik Thakkar } m; 170b28f28aeSDharmik Thakkar struct dh { 171b28f28aeSDharmik Thakkar DH *dh_key; 172b28f28aeSDharmik Thakkar uint32_t key_op; 173b28f28aeSDharmik Thakkar } dh; 174b28f28aeSDharmik Thakkar struct { 175b28f28aeSDharmik Thakkar DSA *dsa; 176b28f28aeSDharmik Thakkar } s; 177b28f28aeSDharmik Thakkar } u; 178b28f28aeSDharmik Thakkar } __rte_cache_aligned; 179b28f28aeSDharmik Thakkar /** Set and validate OPENSSL crypto session parameters */ 180b28f28aeSDharmik Thakkar extern int 181b28f28aeSDharmik Thakkar openssl_set_session_parameters(struct openssl_session *sess, 182b28f28aeSDharmik Thakkar const struct rte_crypto_sym_xform *xform); 183b28f28aeSDharmik Thakkar 184b28f28aeSDharmik Thakkar /** Reset OPENSSL crypto session parameters */ 185b28f28aeSDharmik Thakkar extern void 186b28f28aeSDharmik Thakkar openssl_reset_session(struct openssl_session *sess); 187b28f28aeSDharmik Thakkar 188b28f28aeSDharmik Thakkar /** device specific operations function pointer structure */ 189b28f28aeSDharmik Thakkar extern struct rte_cryptodev_ops *rte_openssl_pmd_ops; 190b28f28aeSDharmik Thakkar 191b28f28aeSDharmik Thakkar #endif /* _OPENSSL_PMD_PRIVATE_H_ */ 192