xref: /dpdk/drivers/crypto/openssl/openssl_pmd_private.h (revision 8f1d23ece06adff5eae9f1b4365bdbbd3abee2b2) 
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(c) 2016-2017 Intel Corporation
3  */
4 
5 #ifndef _OPENSSL_PMD_PRIVATE_H_
6 #define _OPENSSL_PMD_PRIVATE_H_
7 
8 #include <openssl/evp.h>
9 #include <openssl/hmac.h>
10 #include <openssl/des.h>
11 #include <openssl/rsa.h>
12 #include <openssl/dh.h>
13 #include <openssl/dsa.h>
14 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
15 #include <openssl/provider.h>
16 #include <openssl/core_names.h>
17 #endif
18 
19 #define CRYPTODEV_NAME_OPENSSL_PMD	crypto_openssl
20 /**< Open SSL Crypto PMD device name */
21 
22 /** OPENSSL PMD LOGTYPE DRIVER */
23 extern int openssl_logtype_driver;
24 #define OPENSSL_LOG(level, fmt, ...)  \
25 	rte_log(RTE_LOG_ ## level, openssl_logtype_driver,  \
26 			"%s() line %u: " fmt "\n", __func__, __LINE__,  \
27 					## __VA_ARGS__)
28 
29 /* Maximum length for digest (SHA-512 needs 64 bytes) */
30 #define DIGEST_LENGTH_MAX 64
31 
32 /** OPENSSL operation order mode enumerator */
33 enum openssl_chain_order {
34 	OPENSSL_CHAIN_ONLY_CIPHER,
35 	OPENSSL_CHAIN_ONLY_AUTH,
36 	OPENSSL_CHAIN_CIPHER_BPI,
37 	OPENSSL_CHAIN_CIPHER_AUTH,
38 	OPENSSL_CHAIN_AUTH_CIPHER,
39 	OPENSSL_CHAIN_COMBINED,
40 	OPENSSL_CHAIN_NOT_SUPPORTED
41 };
42 
43 /** OPENSSL cipher mode enumerator */
44 enum openssl_cipher_mode {
45 	OPENSSL_CIPHER_LIB,
46 	OPENSSL_CIPHER_DES3CTR,
47 };
48 
49 /** OPENSSL auth mode enumerator */
50 enum openssl_auth_mode {
51 	OPENSSL_AUTH_AS_AUTH,
52 	OPENSSL_AUTH_AS_HMAC,
53 };
54 
55 /** private data structure for each OPENSSL crypto device */
56 struct openssl_private {
57 	unsigned int max_nb_qpairs;
58 	/**< Max number of queue pairs */
59 };
60 
61 /** OPENSSL crypto queue pair */
62 struct openssl_qp {
63 	uint16_t id;
64 	/**< Queue Pair Identifier */
65 	char name[RTE_CRYPTODEV_NAME_MAX_LEN];
66 	/**< Unique Queue Pair Name */
67 	struct rte_ring *processed_ops;
68 	/**< Ring for placing process packets */
69 	struct rte_mempool *sess_mp;
70 	/**< Session Mempool */
71 	struct rte_mempool *sess_mp_priv;
72 	/**< Session Private Data Mempool */
73 	struct rte_cryptodev_stats stats;
74 	/**< Queue pair statistics */
75 	uint8_t temp_digest[DIGEST_LENGTH_MAX];
76 	/**< Buffer used to store the digest generated
77 	 * by the driver when verifying a digest provided
78 	 * by the user (using authentication verify operation)
79 	 */
80 } __rte_cache_aligned;
81 
82 /** OPENSSL crypto private session structure */
83 struct openssl_session {
84 	enum openssl_chain_order chain_order;
85 	/**< chain order mode */
86 
87 	struct {
88 		uint16_t length;
89 		uint16_t offset;
90 	} iv;
91 	/**< IV parameters */
92 
93 	enum rte_crypto_aead_algorithm aead_algo;
94 	/**< AEAD algorithm */
95 
96 	/** Cipher Parameters */
97 	struct {
98 		enum rte_crypto_cipher_operation direction;
99 		/**< cipher operation direction */
100 		enum openssl_cipher_mode mode;
101 		/**< cipher operation mode */
102 		enum rte_crypto_cipher_algorithm algo;
103 		/**< cipher algorithm */
104 
105 		struct {
106 			uint8_t data[32];
107 			/**< key data */
108 			size_t length;
109 			/**< key length in bytes */
110 		} key;
111 
112 		const EVP_CIPHER *evp_algo;
113 		/**< pointer to EVP algorithm function */
114 		EVP_CIPHER_CTX *ctx;
115 		/**< pointer to EVP context structure */
116 		EVP_CIPHER_CTX *bpi_ctx;
117 	} cipher;
118 
119 	/** Authentication Parameters */
120 	struct {
121 		enum rte_crypto_auth_operation operation;
122 		/**< auth operation generate or verify */
123 		enum openssl_auth_mode mode;
124 		/**< auth operation mode */
125 		enum rte_crypto_auth_algorithm algo;
126 		/**< cipher algorithm */
127 
128 		union {
129 			struct {
130 				const EVP_MD *evp_algo;
131 				/**< pointer to EVP algorithm function */
132 				EVP_MD_CTX *ctx;
133 				/**< pointer to EVP context structure */
134 			} auth;
135 
136 			struct {
137 				EVP_PKEY *pkey;
138 				/**< pointer to EVP key */
139 				const EVP_MD *evp_algo;
140 				/**< pointer to EVP algorithm function */
141 # if OPENSSL_VERSION_NUMBER >= 0x30000000L
142 				EVP_MAC_CTX * ctx;
143 # else
144 				HMAC_CTX *ctx;
145 # endif
146 				/**< pointer to EVP context structure */
147 			} hmac;
148 		};
149 
150 		uint16_t aad_length;
151 		/**< AAD length */
152 		uint16_t digest_length;
153 		/**< digest length */
154 	} auth;
155 
156 } __rte_cache_aligned;
157 
158 /** OPENSSL crypto private asymmetric session structure */
159 struct openssl_asym_session {
160 	enum rte_crypto_asym_xform_type xfrm_type;
161 	union {
162 		struct rsa {
163 			RSA *rsa;
164 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
165 			EVP_PKEY_CTX * ctx;
166 #endif
167 		} r;
168 		struct exp {
169 			BIGNUM *exp;
170 			BIGNUM *mod;
171 			BN_CTX *ctx;
172 		} e;
173 		struct mod {
174 			BIGNUM *modulus;
175 			BN_CTX *ctx;
176 		} m;
177 		struct dh {
178 			DH *dh_key;
179 			uint32_t key_op;
180 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
181 			OSSL_PARAM_BLD * param_bld;
182 			OSSL_PARAM_BLD *param_bld_peer;
183 #endif
184 		} dh;
185 		struct {
186 			DSA *dsa;
187 #if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
188 			OSSL_PARAM_BLD * param_bld;
189 #endif
190 		} s;
191 	} u;
192 } __rte_cache_aligned;
193 /** Set and validate OPENSSL crypto session parameters */
194 extern int
195 openssl_set_session_parameters(struct openssl_session *sess,
196 		const struct rte_crypto_sym_xform *xform);
197 
198 /** Reset OPENSSL crypto session parameters */
199 extern void
200 openssl_reset_session(struct openssl_session *sess);
201 
202 /** device specific operations function pointer structure */
203 extern struct rte_cryptodev_ops *rte_openssl_pmd_ops;
204 
205 #endif /* _OPENSSL_PMD_PRIVATE_H_ */
206