1*b28f28aeSDharmik Thakkar /* SPDX-License-Identifier: BSD-3-Clause 2*b28f28aeSDharmik Thakkar * Copyright(c) 2016-2017 Intel Corporation 3*b28f28aeSDharmik Thakkar */ 4*b28f28aeSDharmik Thakkar 5*b28f28aeSDharmik Thakkar #ifndef _OPENSSL_PMD_PRIVATE_H_ 6*b28f28aeSDharmik Thakkar #define _OPENSSL_PMD_PRIVATE_H_ 7*b28f28aeSDharmik Thakkar 8*b28f28aeSDharmik Thakkar #include <openssl/evp.h> 9*b28f28aeSDharmik Thakkar #include <openssl/hmac.h> 10*b28f28aeSDharmik Thakkar #include <openssl/des.h> 11*b28f28aeSDharmik Thakkar #include <openssl/rsa.h> 12*b28f28aeSDharmik Thakkar #include <openssl/dh.h> 13*b28f28aeSDharmik Thakkar #include <openssl/dsa.h> 14*b28f28aeSDharmik Thakkar 15*b28f28aeSDharmik Thakkar #define CRYPTODEV_NAME_OPENSSL_PMD crypto_openssl 16*b28f28aeSDharmik Thakkar /**< Open SSL Crypto PMD device name */ 17*b28f28aeSDharmik Thakkar 18*b28f28aeSDharmik Thakkar /** OPENSSL PMD LOGTYPE DRIVER */ 19*b28f28aeSDharmik Thakkar int openssl_logtype_driver; 20*b28f28aeSDharmik Thakkar #define OPENSSL_LOG(level, fmt, ...) \ 21*b28f28aeSDharmik Thakkar rte_log(RTE_LOG_ ## level, openssl_logtype_driver, \ 22*b28f28aeSDharmik Thakkar "%s() line %u: " fmt "\n", __func__, __LINE__, \ 23*b28f28aeSDharmik Thakkar ## __VA_ARGS__) 24*b28f28aeSDharmik Thakkar 25*b28f28aeSDharmik Thakkar /* Maximum length for digest (SHA-512 needs 64 bytes) */ 26*b28f28aeSDharmik Thakkar #define DIGEST_LENGTH_MAX 64 27*b28f28aeSDharmik Thakkar 28*b28f28aeSDharmik Thakkar /** OPENSSL operation order mode enumerator */ 29*b28f28aeSDharmik Thakkar enum openssl_chain_order { 30*b28f28aeSDharmik Thakkar OPENSSL_CHAIN_ONLY_CIPHER, 31*b28f28aeSDharmik Thakkar OPENSSL_CHAIN_ONLY_AUTH, 32*b28f28aeSDharmik Thakkar OPENSSL_CHAIN_CIPHER_BPI, 33*b28f28aeSDharmik Thakkar OPENSSL_CHAIN_CIPHER_AUTH, 34*b28f28aeSDharmik Thakkar OPENSSL_CHAIN_AUTH_CIPHER, 35*b28f28aeSDharmik Thakkar OPENSSL_CHAIN_COMBINED, 36*b28f28aeSDharmik Thakkar OPENSSL_CHAIN_NOT_SUPPORTED 37*b28f28aeSDharmik Thakkar }; 38*b28f28aeSDharmik Thakkar 39*b28f28aeSDharmik Thakkar /** OPENSSL cipher mode enumerator */ 40*b28f28aeSDharmik Thakkar enum openssl_cipher_mode { 41*b28f28aeSDharmik Thakkar OPENSSL_CIPHER_LIB, 42*b28f28aeSDharmik Thakkar OPENSSL_CIPHER_DES3CTR, 43*b28f28aeSDharmik Thakkar }; 44*b28f28aeSDharmik Thakkar 45*b28f28aeSDharmik Thakkar /** OPENSSL auth mode enumerator */ 46*b28f28aeSDharmik Thakkar enum openssl_auth_mode { 47*b28f28aeSDharmik Thakkar OPENSSL_AUTH_AS_AUTH, 48*b28f28aeSDharmik Thakkar OPENSSL_AUTH_AS_HMAC, 49*b28f28aeSDharmik Thakkar }; 50*b28f28aeSDharmik Thakkar 51*b28f28aeSDharmik Thakkar /** private data structure for each OPENSSL crypto device */ 52*b28f28aeSDharmik Thakkar struct openssl_private { 53*b28f28aeSDharmik Thakkar unsigned int max_nb_qpairs; 54*b28f28aeSDharmik Thakkar /**< Max number of queue pairs */ 55*b28f28aeSDharmik Thakkar }; 56*b28f28aeSDharmik Thakkar 57*b28f28aeSDharmik Thakkar /** OPENSSL crypto queue pair */ 58*b28f28aeSDharmik Thakkar struct openssl_qp { 59*b28f28aeSDharmik Thakkar uint16_t id; 60*b28f28aeSDharmik Thakkar /**< Queue Pair Identifier */ 61*b28f28aeSDharmik Thakkar char name[RTE_CRYPTODEV_NAME_MAX_LEN]; 62*b28f28aeSDharmik Thakkar /**< Unique Queue Pair Name */ 63*b28f28aeSDharmik Thakkar struct rte_ring *processed_ops; 64*b28f28aeSDharmik Thakkar /**< Ring for placing process packets */ 65*b28f28aeSDharmik Thakkar struct rte_mempool *sess_mp; 66*b28f28aeSDharmik Thakkar /**< Session Mempool */ 67*b28f28aeSDharmik Thakkar struct rte_mempool *sess_mp_priv; 68*b28f28aeSDharmik Thakkar /**< Session Private Data Mempool */ 69*b28f28aeSDharmik Thakkar struct rte_cryptodev_stats stats; 70*b28f28aeSDharmik Thakkar /**< Queue pair statistics */ 71*b28f28aeSDharmik Thakkar uint8_t temp_digest[DIGEST_LENGTH_MAX]; 72*b28f28aeSDharmik Thakkar /**< Buffer used to store the digest generated 73*b28f28aeSDharmik Thakkar * by the driver when verifying a digest provided 74*b28f28aeSDharmik Thakkar * by the user (using authentication verify operation) 75*b28f28aeSDharmik Thakkar */ 76*b28f28aeSDharmik Thakkar } __rte_cache_aligned; 77*b28f28aeSDharmik Thakkar 78*b28f28aeSDharmik Thakkar /** OPENSSL crypto private session structure */ 79*b28f28aeSDharmik Thakkar struct openssl_session { 80*b28f28aeSDharmik Thakkar enum openssl_chain_order chain_order; 81*b28f28aeSDharmik Thakkar /**< chain order mode */ 82*b28f28aeSDharmik Thakkar 83*b28f28aeSDharmik Thakkar struct { 84*b28f28aeSDharmik Thakkar uint16_t length; 85*b28f28aeSDharmik Thakkar uint16_t offset; 86*b28f28aeSDharmik Thakkar } iv; 87*b28f28aeSDharmik Thakkar /**< IV parameters */ 88*b28f28aeSDharmik Thakkar 89*b28f28aeSDharmik Thakkar enum rte_crypto_aead_algorithm aead_algo; 90*b28f28aeSDharmik Thakkar /**< AEAD algorithm */ 91*b28f28aeSDharmik Thakkar 92*b28f28aeSDharmik Thakkar /** Cipher Parameters */ 93*b28f28aeSDharmik Thakkar struct { 94*b28f28aeSDharmik Thakkar enum rte_crypto_cipher_operation direction; 95*b28f28aeSDharmik Thakkar /**< cipher operation direction */ 96*b28f28aeSDharmik Thakkar enum openssl_cipher_mode mode; 97*b28f28aeSDharmik Thakkar /**< cipher operation mode */ 98*b28f28aeSDharmik Thakkar enum rte_crypto_cipher_algorithm algo; 99*b28f28aeSDharmik Thakkar /**< cipher algorithm */ 100*b28f28aeSDharmik Thakkar 101*b28f28aeSDharmik Thakkar struct { 102*b28f28aeSDharmik Thakkar uint8_t data[32]; 103*b28f28aeSDharmik Thakkar /**< key data */ 104*b28f28aeSDharmik Thakkar size_t length; 105*b28f28aeSDharmik Thakkar /**< key length in bytes */ 106*b28f28aeSDharmik Thakkar } key; 107*b28f28aeSDharmik Thakkar 108*b28f28aeSDharmik Thakkar const EVP_CIPHER *evp_algo; 109*b28f28aeSDharmik Thakkar /**< pointer to EVP algorithm function */ 110*b28f28aeSDharmik Thakkar EVP_CIPHER_CTX *ctx; 111*b28f28aeSDharmik Thakkar /**< pointer to EVP context structure */ 112*b28f28aeSDharmik Thakkar EVP_CIPHER_CTX *bpi_ctx; 113*b28f28aeSDharmik Thakkar } cipher; 114*b28f28aeSDharmik Thakkar 115*b28f28aeSDharmik Thakkar /** Authentication Parameters */ 116*b28f28aeSDharmik Thakkar struct { 117*b28f28aeSDharmik Thakkar enum rte_crypto_auth_operation operation; 118*b28f28aeSDharmik Thakkar /**< auth operation generate or verify */ 119*b28f28aeSDharmik Thakkar enum openssl_auth_mode mode; 120*b28f28aeSDharmik Thakkar /**< auth operation mode */ 121*b28f28aeSDharmik Thakkar enum rte_crypto_auth_algorithm algo; 122*b28f28aeSDharmik Thakkar /**< cipher algorithm */ 123*b28f28aeSDharmik Thakkar 124*b28f28aeSDharmik Thakkar union { 125*b28f28aeSDharmik Thakkar struct { 126*b28f28aeSDharmik Thakkar const EVP_MD *evp_algo; 127*b28f28aeSDharmik Thakkar /**< pointer to EVP algorithm function */ 128*b28f28aeSDharmik Thakkar EVP_MD_CTX *ctx; 129*b28f28aeSDharmik Thakkar /**< pointer to EVP context structure */ 130*b28f28aeSDharmik Thakkar } auth; 131*b28f28aeSDharmik Thakkar 132*b28f28aeSDharmik Thakkar struct { 133*b28f28aeSDharmik Thakkar EVP_PKEY *pkey; 134*b28f28aeSDharmik Thakkar /**< pointer to EVP key */ 135*b28f28aeSDharmik Thakkar const EVP_MD *evp_algo; 136*b28f28aeSDharmik Thakkar /**< pointer to EVP algorithm function */ 137*b28f28aeSDharmik Thakkar HMAC_CTX *ctx; 138*b28f28aeSDharmik Thakkar /**< pointer to EVP context structure */ 139*b28f28aeSDharmik Thakkar } hmac; 140*b28f28aeSDharmik Thakkar }; 141*b28f28aeSDharmik Thakkar 142*b28f28aeSDharmik Thakkar uint16_t aad_length; 143*b28f28aeSDharmik Thakkar /**< AAD length */ 144*b28f28aeSDharmik Thakkar uint16_t digest_length; 145*b28f28aeSDharmik Thakkar /**< digest length */ 146*b28f28aeSDharmik Thakkar } auth; 147*b28f28aeSDharmik Thakkar 148*b28f28aeSDharmik Thakkar } __rte_cache_aligned; 149*b28f28aeSDharmik Thakkar 150*b28f28aeSDharmik Thakkar /** OPENSSL crypto private asymmetric session structure */ 151*b28f28aeSDharmik Thakkar struct openssl_asym_session { 152*b28f28aeSDharmik Thakkar enum rte_crypto_asym_xform_type xfrm_type; 153*b28f28aeSDharmik Thakkar union { 154*b28f28aeSDharmik Thakkar struct rsa { 155*b28f28aeSDharmik Thakkar RSA *rsa; 156*b28f28aeSDharmik Thakkar } r; 157*b28f28aeSDharmik Thakkar struct exp { 158*b28f28aeSDharmik Thakkar BIGNUM *exp; 159*b28f28aeSDharmik Thakkar BIGNUM *mod; 160*b28f28aeSDharmik Thakkar BN_CTX *ctx; 161*b28f28aeSDharmik Thakkar } e; 162*b28f28aeSDharmik Thakkar struct mod { 163*b28f28aeSDharmik Thakkar BIGNUM *modulus; 164*b28f28aeSDharmik Thakkar BN_CTX *ctx; 165*b28f28aeSDharmik Thakkar } m; 166*b28f28aeSDharmik Thakkar struct dh { 167*b28f28aeSDharmik Thakkar DH *dh_key; 168*b28f28aeSDharmik Thakkar uint32_t key_op; 169*b28f28aeSDharmik Thakkar } dh; 170*b28f28aeSDharmik Thakkar struct { 171*b28f28aeSDharmik Thakkar DSA *dsa; 172*b28f28aeSDharmik Thakkar } s; 173*b28f28aeSDharmik Thakkar } u; 174*b28f28aeSDharmik Thakkar } __rte_cache_aligned; 175*b28f28aeSDharmik Thakkar /** Set and validate OPENSSL crypto session parameters */ 176*b28f28aeSDharmik Thakkar extern int 177*b28f28aeSDharmik Thakkar openssl_set_session_parameters(struct openssl_session *sess, 178*b28f28aeSDharmik Thakkar const struct rte_crypto_sym_xform *xform); 179*b28f28aeSDharmik Thakkar 180*b28f28aeSDharmik Thakkar /** Reset OPENSSL crypto session parameters */ 181*b28f28aeSDharmik Thakkar extern void 182*b28f28aeSDharmik Thakkar openssl_reset_session(struct openssl_session *sess); 183*b28f28aeSDharmik Thakkar 184*b28f28aeSDharmik Thakkar /** device specific operations function pointer structure */ 185*b28f28aeSDharmik Thakkar extern struct rte_cryptodev_ops *rte_openssl_pmd_ops; 186*b28f28aeSDharmik Thakkar 187*b28f28aeSDharmik Thakkar #endif /* _OPENSSL_PMD_PRIVATE_H_ */ 188