cryptodev: set private and public keys in EC session

The EC private and public keys can be maintained per session,
hence, moved these keys from per packet asym op to EC xform.

Signed-off-by: Gowrishankar Muthukrishnan <[email protected]>
Acked-by: Ciara Power <[email protected]>

app/test/test_cryptodev_asym.c

@@ -1503,6 +1503,12 @@ test_ecdsa_sign_verify(enum curve curve_id)
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA;
 	xform.ec.curve_id = input_params.curve;
+	xform.ec.pkey.data = input_params.pkey.data;
+	xform.ec.pkey.length = input_params.pkey.length;
+	xform.ec.q.x.data = input_params.pubkey_qx.data;
+	xform.ec.q.x.length = input_params.pubkey_qx.length;
+	xform.ec.q.y.data = input_params.pubkey_qy.data;
+	xform.ec.q.y.length = input_params.pubkey_qy.length;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -1524,8 +1530,6 @@ test_ecdsa_sign_verify(enum curve curve_id)
 	op->asym->ecdsa.message.length = input_params.digest.length;
 	op->asym->ecdsa.k.data = input_params.scalar.data;
 	op->asym->ecdsa.k.length = input_params.scalar.length;
-	op->asym->ecdsa.pkey.data = input_params.pkey.data;
-	op->asym->ecdsa.pkey.length = input_params.pkey.length;
 
 	/* Init out buf */
 	op->asym->ecdsa.r.data = output_buf_r;
@@ -1582,10 +1586,6 @@ test_ecdsa_sign_verify(enum curve curve_id)
 
 	/* Populate op with operational details */
 	op->asym->ecdsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
-	op->asym->ecdsa.q.x.data = input_params.pubkey_qx.data;
-	op->asym->ecdsa.q.x.length = input_params.pubkey_qx.length;
-	op->asym->ecdsa.q.y.data = input_params.pubkey_qy.data;
-	op->asym->ecdsa.q.y.length = input_params.pubkey_qx.length;
 	op->asym->ecdsa.r.data = asym_op->ecdsa.r.data;
 	op->asym->ecdsa.r.length = asym_op->ecdsa.r.length;
 	op->asym->ecdsa.s.data = asym_op->ecdsa.s.data;
@@ -1847,6 +1847,12 @@ _test_sm2_sign(bool rnd_secret)
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
 	xform.ec.curve_id = input_params.curve;
+	xform.ec.pkey.data = input_params.pkey.data;
+	xform.ec.pkey.length = input_params.pkey.length;
+	xform.ec.q.x.data = input_params.pubkey_qx.data;
+	xform.ec.q.x.length = input_params.pubkey_qx.length;
+	xform.ec.q.y.data = input_params.pubkey_qy.data;
+	xform.ec.q.y.length = input_params.pubkey_qy.length;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -1871,12 +1877,6 @@ _test_sm2_sign(bool rnd_secret)
 
 	asym_op->sm2.message.data = input_params.message.data;
 	asym_op->sm2.message.length = input_params.message.length;
-	asym_op->sm2.pkey.data = input_params.pkey.data;
-	asym_op->sm2.pkey.length = input_params.pkey.length;
-	asym_op->sm2.q.x.data = input_params.pubkey_qx.data;
-	asym_op->sm2.q.x.length = input_params.pubkey_qx.length;
-	asym_op->sm2.q.y.data = input_params.pubkey_qy.data;
-	asym_op->sm2.q.y.length = input_params.pubkey_qy.length;
 	asym_op->sm2.id.data = input_params.id.data;
 	asym_op->sm2.id.length = input_params.id.length;
 	if (rnd_secret) {
@@ -2041,6 +2041,12 @@ test_sm2_verify(void)
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
 	xform.ec.curve_id = input_params.curve;
+	xform.ec.pkey.data = input_params.pkey.data;
+	xform.ec.pkey.length = input_params.pkey.length;
+	xform.ec.q.x.data = input_params.pubkey_qx.data;
+	xform.ec.q.x.length = input_params.pubkey_qx.length;
+	xform.ec.q.y.data = input_params.pubkey_qy.data;
+	xform.ec.q.y.length = input_params.pubkey_qy.length;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -2065,12 +2071,6 @@ test_sm2_verify(void)
 
 	asym_op->sm2.message.data = input_params.message.data;
 	asym_op->sm2.message.length = input_params.message.length;
-	asym_op->sm2.pkey.data = input_params.pkey.data;
-	asym_op->sm2.pkey.length = input_params.pkey.length;
-	asym_op->sm2.q.x.data = input_params.pubkey_qx.data;
-	asym_op->sm2.q.x.length = input_params.pubkey_qx.length;
-	asym_op->sm2.q.y.data = input_params.pubkey_qy.data;
-	asym_op->sm2.q.y.length = input_params.pubkey_qy.length;
 	asym_op->sm2.r.data = input_params.sign_r.data;
 	asym_op->sm2.r.length = input_params.sign_r.length;
 	asym_op->sm2.s.data = input_params.sign_s.data;
@@ -2155,6 +2155,12 @@ _test_sm2_enc(bool rnd_secret)
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
 	xform.ec.curve_id = input_params.curve;
+	xform.ec.pkey.data = input_params.pkey.data;
+	xform.ec.pkey.length = input_params.pkey.length;
+	xform.ec.q.x.data = input_params.pubkey_qx.data;
+	xform.ec.q.x.length = input_params.pubkey_qx.length;
+	xform.ec.q.y.data = input_params.pubkey_qy.data;
+	xform.ec.q.y.length = input_params.pubkey_qy.length;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -2179,12 +2185,6 @@ _test_sm2_enc(bool rnd_secret)
 
 	asym_op->sm2.message.data = input_params.message.data;
 	asym_op->sm2.message.length = input_params.message.length;
-	asym_op->sm2.pkey.data = input_params.pkey.data;
-	asym_op->sm2.pkey.length = input_params.pkey.length;
-	asym_op->sm2.q.x.data = input_params.pubkey_qx.data;
-	asym_op->sm2.q.x.length = input_params.pubkey_qx.length;
-	asym_op->sm2.q.y.data = input_params.pubkey_qy.data;
-	asym_op->sm2.q.y.length = input_params.pubkey_qy.length;
 	if (rnd_secret) {
 		asym_op->sm2.k.data = NULL;
 		asym_op->sm2.k.length = 0;
@@ -2347,6 +2347,12 @@ test_sm2_dec(void)
 	xform.next = NULL;
 	xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2;
 	xform.ec.curve_id = input_params.curve;
+	xform.ec.pkey.data = input_params.pkey.data;
+	xform.ec.pkey.length = input_params.pkey.length;
+	xform.ec.q.x.data = input_params.pubkey_qx.data;
+	xform.ec.q.x.length = input_params.pubkey_qx.length;
+	xform.ec.q.y.data = input_params.pubkey_qy.data;
+	xform.ec.q.y.length = input_params.pubkey_qy.length;
 
 	ret = rte_cryptodev_asym_session_create(dev_id, &xform, sess_mpool, &sess);
 	if (ret < 0) {
@@ -2371,12 +2377,6 @@ test_sm2_dec(void)
 
 	asym_op->sm2.cipher.data = input_params.cipher.data;
 	asym_op->sm2.cipher.length = input_params.cipher.length;
-	asym_op->sm2.pkey.data = input_params.pkey.data;
-	asym_op->sm2.pkey.length = input_params.pkey.length;
-	asym_op->sm2.q.x.data = input_params.pubkey_qx.data;
-	asym_op->sm2.q.x.length = input_params.pubkey_qx.length;
-	asym_op->sm2.q.y.data = input_params.pubkey_qy.data;
-	asym_op->sm2.q.y.length = input_params.pubkey_qy.length;
 
 	/* Init out buf */
 	asym_op->sm2.message.data = output_buf_m;

doc/guides/rel_notes/release_23_11.rst

@@ -214,6 +214,10 @@ API Changes
   ``rte_eth_bond_member_remove``, and
   ``rte_eth_bond_members_get``.
 
+* cryptodev: The elliptic curve asymmetric private and public keys can be maintained
+  per session. These keys are moved from per packet ``rte_crypto_ecdsa_op_param`` and
+  ``rte_crypto_sm2_op_param`` to generic EC xform ``rte_crypto_ec_xform``.
+
 * security: Structures ``rte_security_ops`` and ``rte_security_ctx`` were moved to
   internal library headers not visible to application.
 

drivers/common/cnxk/roc_ae.h

@@ -67,6 +67,24 @@ struct roc_ae_ec_group {
 struct roc_ae_ec_ctx {
 	/* Prime length defined by microcode for EC operations */
 	uint8_t curveid;
+
+	/* Private key */
+	struct {
+		uint8_t data[66];
+		unsigned int length;
+	} pkey;
+
+	/* Public key */
+	struct {
+		struct {
+			uint8_t data[66];
+			unsigned int length;
+		} x;
+		struct {
+			uint8_t data[66];
+			unsigned int length;
+		} y;
+	} q;
 };
 
 /* Buffer pointer */

drivers/common/cpt/cpt_mcode_defines.h

@@ -364,6 +364,24 @@ struct cpt_ec_group {
 struct cpt_asym_ec_ctx {
 	/* Prime length defined by microcode for EC operations */
 	uint8_t curveid;
+
+	/* Private key */
+	struct {
+		uint8_t data[66];
+		unsigned int length;
+	} pkey;
+
+	/* Public key */
+	struct {
+		struct {
+			uint8_t data[66];
+			unsigned int length;
+		} x;
+		struct {
+			uint8_t data[66];
+			unsigned int length;
+		} y;
+	} q;
 };
 
 struct cpt_asym_sess_misc {

drivers/common/cpt/cpt_ucode_asym.h

@@ -633,12 +633,13 @@ static __rte_always_inline void
 cpt_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
 		    struct asym_op_params *ecdsa_params,
 		    uint64_t fpm_table_iova,
-		    uint8_t curveid)
+		    struct cpt_asym_sess_misc *sess)
 {
 	struct cpt_request_info *req = ecdsa_params->req;
 	uint16_t message_len = ecdsa->message.length;
 	phys_addr_t mphys = ecdsa_params->meta_buf;
-	uint16_t pkey_len = ecdsa->pkey.length;
+	uint16_t pkey_len = sess->ec_ctx.pkey.length;
+	uint8_t curveid = sess->ec_ctx.curveid;
 	uint16_t p_align, k_align, m_align;
 	uint16_t k_len = ecdsa->k.length;
 	uint16_t order_len, prime_len;
@@ -688,7 +689,7 @@ cpt_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
 	memcpy(dptr + o_offset, ec_grp[curveid].order.data, order_len);
 	dptr += p_align;
 
-	memcpy(dptr + pk_offset, ecdsa->pkey.data, pkey_len);
+	memcpy(dptr + pk_offset, sess->ec_ctx.pkey.data, pkey_len);
 	dptr += p_align;
 
 	memcpy(dptr, ecdsa->message.data, message_len);
@@ -735,14 +736,15 @@ static __rte_always_inline void
 cpt_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
 		      struct asym_op_params *ecdsa_params,
 		      uint64_t fpm_table_iova,
-		      uint8_t curveid)
+		      struct cpt_asym_sess_misc *sess)
 {
 	struct cpt_request_info *req = ecdsa_params->req;
 	uint32_t message_len = ecdsa->message.length;
 	phys_addr_t mphys = ecdsa_params->meta_buf;
+	uint16_t qx_len = sess->ec_ctx.q.x.length;
+	uint16_t qy_len = sess->ec_ctx.q.y.length;
+	uint8_t curveid = sess->ec_ctx.curveid;
 	uint16_t o_offset, r_offset, s_offset;
-	uint16_t qx_len = ecdsa->q.x.length;
-	uint16_t qy_len = ecdsa->q.y.length;
 	uint16_t r_len = ecdsa->r.length;
 	uint16_t s_len = ecdsa->s.length;
 	uint16_t order_len, prime_len;
@@ -802,10 +804,10 @@ cpt_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
 	memcpy(dptr, ec_grp[curveid].prime.data, prime_len);
 	dptr += p_align;
 
-	memcpy(dptr + qx_offset, ecdsa->q.x.data, qx_len);
+	memcpy(dptr + qx_offset, sess->ec_ctx.q.x.data, qx_len);
 	dptr += p_align;
 
-	memcpy(dptr + qy_offset, ecdsa->q.y.data, qy_len);
+	memcpy(dptr + qy_offset, sess->ec_ctx.q.y.data, qy_len);
 	dptr += p_align;
 
 	memcpy(dptr, ec_grp[curveid].consta.data, prime_len);
@@ -852,10 +854,10 @@ cpt_enqueue_ecdsa_op(struct rte_crypto_op *op,
 	uint8_t curveid = sess->ec_ctx.curveid;
 
 	if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_SIGN)
-		cpt_ecdsa_sign_prep(ecdsa, params, fpm_iova[curveid], curveid);
+		cpt_ecdsa_sign_prep(ecdsa, params, fpm_iova[curveid], sess);
 	else if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_VERIFY)
 		cpt_ecdsa_verify_prep(ecdsa, params, fpm_iova[curveid],
-				      curveid);
+				      sess);
 	else {
 		op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
 		return -EINVAL;

drivers/crypto/cnxk/cnxk_ae.h

@@ -198,6 +198,21 @@ cnxk_ae_fill_ec_params(struct cnxk_ae_sess *sess,
 		return -EINVAL;
 	}
 
+	if (xform->xform_type == RTE_CRYPTO_ASYM_XFORM_ECPM)
+		return 0;
+
+	ec->pkey.length = xform->ec.pkey.length;
+	if (xform->ec.pkey.length)
+		rte_memcpy(ec->pkey.data, xform->ec.pkey.data, xform->ec.pkey.length);
+
+	ec->q.x.length = xform->ec.q.x.length;
+	if (xform->ec.q.x.length)
+		rte_memcpy(ec->q.x.data, xform->ec.q.x.data, xform->ec.q.x.length);
+
+	ec->q.y.length = xform->ec.q.y.length;
+	if (xform->ec.q.y.length)
+		rte_memcpy(ec->q.y.data, xform->ec.q.y.data, xform->ec.q.y.length);
+
 	return 0;
 }
 
@@ -502,10 +517,11 @@ static __rte_always_inline void
 cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
 			struct roc_ae_buf_ptr *meta_buf,
 			uint64_t fpm_table_iova, struct roc_ae_ec_group *ec_grp,
-			uint8_t curveid, struct cpt_inst_s *inst)
+			struct cnxk_ae_sess *sess, struct cpt_inst_s *inst)
 {
 	uint16_t message_len = ecdsa->message.length;
-	uint16_t pkey_len = ecdsa->pkey.length;
+	uint16_t pkey_len = sess->ec_ctx.pkey.length;
+	uint8_t curveid = sess->ec_ctx.curveid;
 	uint16_t p_align, k_align, m_align;
 	uint16_t k_len = ecdsa->k.length;
 	uint16_t order_len, prime_len;
@@ -555,7 +571,7 @@ cnxk_ae_ecdsa_sign_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
 	memcpy(dptr + o_offset, ec_grp->order.data, order_len);
 	dptr += p_align;
 
-	memcpy(dptr + pk_offset, ecdsa->pkey.data, pkey_len);
+	memcpy(dptr + pk_offset, sess->ec_ctx.pkey.data, pkey_len);
 	dptr += p_align;
 
 	memcpy(dptr, ecdsa->message.data, message_len);
@@ -583,13 +599,14 @@ static __rte_always_inline void
 cnxk_ae_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
 			  struct roc_ae_buf_ptr *meta_buf,
 			  uint64_t fpm_table_iova,
-			  struct roc_ae_ec_group *ec_grp, uint8_t curveid,
+			  struct roc_ae_ec_group *ec_grp, struct cnxk_ae_sess *sess,
 			  struct cpt_inst_s *inst)
 {
 	uint32_t message_len = ecdsa->message.length;
+	uint16_t qx_len = sess->ec_ctx.q.x.length;
+	uint16_t qy_len = sess->ec_ctx.q.y.length;
+	uint8_t curveid = sess->ec_ctx.curveid;
 	uint16_t o_offset, r_offset, s_offset;
-	uint16_t qx_len = ecdsa->q.x.length;
-	uint16_t qy_len = ecdsa->q.y.length;
 	uint16_t r_len = ecdsa->r.length;
 	uint16_t s_len = ecdsa->s.length;
 	uint16_t order_len, prime_len;
@@ -649,10 +666,10 @@ cnxk_ae_ecdsa_verify_prep(struct rte_crypto_ecdsa_op_param *ecdsa,
 	memcpy(dptr, ec_grp->prime.data, prime_len);
 	dptr += p_align;
 
-	memcpy(dptr + qx_offset, ecdsa->q.x.data, qx_len);
+	memcpy(dptr + qx_offset, sess->ec_ctx.q.x.data, qx_len);
 	dptr += p_align;
 
-	memcpy(dptr + qy_offset, ecdsa->q.y.data, qy_len);
+	memcpy(dptr + qy_offset, sess->ec_ctx.q.y.data, qy_len);
 	dptr += p_align;
 
 	memcpy(dptr, ec_grp->consta.data, prime_len);
@@ -685,10 +702,10 @@ cnxk_ae_enqueue_ecdsa_op(struct rte_crypto_op *op,
 
 	if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_SIGN)
 		cnxk_ae_ecdsa_sign_prep(ecdsa, meta_buf, fpm_iova[curveid],
-					ec_grp[curveid], curveid, inst);
+					ec_grp[curveid], sess, inst);
 	else if (ecdsa->op_type == RTE_CRYPTO_ASYM_OP_VERIFY)
 		cnxk_ae_ecdsa_verify_prep(ecdsa, meta_buf, fpm_iova[curveid],
-					  ec_grp[curveid], curveid, inst);
+					  ec_grp[curveid], sess, inst);
 	else {
 		op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
 		return -EINVAL;