[ceph.git] / ceph / src / seastar / dpdk / drivers / crypto / openssl / rte_openssl_pmd_private.h

/* SPDX-License-Identifier: BSD-3-Clause
 * Copyright(c) 2016-2017 Intel Corporation
 */

#ifndef _OPENSSL_PMD_PRIVATE_H_
#define _OPENSSL_PMD_PRIVATE_H_

#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/des.h>
#include <openssl/rsa.h>
#include <openssl/dh.h>
#include <openssl/dsa.h>

#define CRYPTODEV_NAME_OPENSSL_PMD	crypto_openssl
/**< Open SSL Crypto PMD device name */

/** OPENSSL PMD LOGTYPE DRIVER */
int openssl_logtype_driver;
#define OPENSSL_LOG(level, fmt, ...)  \
	rte_log(RTE_LOG_ ## level, openssl_logtype_driver,  \
			"%s() line %u: " fmt "\n", __func__, __LINE__,  \
					## __VA_ARGS__)

/* Maximum length for digest (SHA-512 needs 64 bytes) */
#define DIGEST_LENGTH_MAX 64

/** OPENSSL operation order mode enumerator */
enum openssl_chain_order {
	OPENSSL_CHAIN_ONLY_CIPHER,
	OPENSSL_CHAIN_ONLY_AUTH,
	OPENSSL_CHAIN_CIPHER_BPI,
	OPENSSL_CHAIN_CIPHER_AUTH,
	OPENSSL_CHAIN_AUTH_CIPHER,
	OPENSSL_CHAIN_COMBINED,
	OPENSSL_CHAIN_NOT_SUPPORTED
};

/** OPENSSL cipher mode enumerator */
enum openssl_cipher_mode {
	OPENSSL_CIPHER_LIB,
	OPENSSL_CIPHER_DES3CTR,
};

/** OPENSSL auth mode enumerator */
enum openssl_auth_mode {
	OPENSSL_AUTH_AS_AUTH,
	OPENSSL_AUTH_AS_HMAC,
};

/** private data structure for each OPENSSL crypto device */
struct openssl_private {
	unsigned int max_nb_qpairs;
	/**< Max number of queue pairs */
};

/** OPENSSL crypto queue pair */
struct openssl_qp {
	uint16_t id;
	/**< Queue Pair Identifier */
	char name[RTE_CRYPTODEV_NAME_MAX_LEN];
	/**< Unique Queue Pair Name */
	struct rte_ring *processed_ops;
	/**< Ring for placing process packets */
	struct rte_mempool *sess_mp;
	/**< Session Mempool */
	struct rte_mempool *sess_mp_priv;
	/**< Session Private Data Mempool */
	struct rte_cryptodev_stats stats;
	/**< Queue pair statistics */
	uint8_t temp_digest[DIGEST_LENGTH_MAX];
	/**< Buffer used to store the digest generated
	 * by the driver when verifying a digest provided
	 * by the user (using authentication verify operation)
	 */
} __rte_cache_aligned;

/** OPENSSL crypto private session structure */
struct openssl_session {
	enum openssl_chain_order chain_order;
	/**< chain order mode */

	struct {
		uint16_t length;
		uint16_t offset;
	} iv;
	/**< IV parameters */

	enum rte_crypto_aead_algorithm aead_algo;
	/**< AEAD algorithm */

	/** Cipher Parameters */
	struct {
		enum rte_crypto_cipher_operation direction;
		/**< cipher operation direction */
		enum openssl_cipher_mode mode;
		/**< cipher operation mode */
		enum rte_crypto_cipher_algorithm algo;
		/**< cipher algorithm */

		struct {
			uint8_t data[32];
			/**< key data */
			size_t length;
			/**< key length in bytes */
		} key;

		const EVP_CIPHER *evp_algo;
		/**< pointer to EVP algorithm function */
		EVP_CIPHER_CTX *ctx;
		/**< pointer to EVP context structure */
		EVP_CIPHER_CTX *bpi_ctx;
	} cipher;

	/** Authentication Parameters */
	struct {
		enum rte_crypto_auth_operation operation;
		/**< auth operation generate or verify */
		enum openssl_auth_mode mode;
		/**< auth operation mode */
		enum rte_crypto_auth_algorithm algo;
		/**< cipher algorithm */

		union {
			struct {
				const EVP_MD *evp_algo;
				/**< pointer to EVP algorithm function */
				EVP_MD_CTX *ctx;
				/**< pointer to EVP context structure */
			} auth;

			struct {
				EVP_PKEY *pkey;
				/**< pointer to EVP key */
				const EVP_MD *evp_algo;
				/**< pointer to EVP algorithm function */
				HMAC_CTX *ctx;
				/**< pointer to EVP context structure */
			} hmac;
		};

		uint16_t aad_length;
		/**< AAD length */
		uint16_t digest_length;
		/**< digest length */
	} auth;

} __rte_cache_aligned;

/** OPENSSL crypto private asymmetric session structure */
struct openssl_asym_session {
	enum rte_crypto_asym_xform_type xfrm_type;
	union {
		struct rsa {
			RSA *rsa;
		} r;
		struct exp {
			BIGNUM *exp;
			BIGNUM *mod;
			BN_CTX *ctx;
		} e;
		struct mod {
			BIGNUM *modulus;
			BN_CTX *ctx;
		} m;
		struct dh {
			DH *dh_key;
			uint32_t key_op;
		} dh;
		struct {
			DSA *dsa;
		} s;
	} u;
} __rte_cache_aligned;
/** Set and validate OPENSSL crypto session parameters */
extern int
openssl_set_session_parameters(struct openssl_session *sess,
		const struct rte_crypto_sym_xform *xform);

/** Reset OPENSSL crypto session parameters */
extern void
openssl_reset_session(struct openssl_session *sess);

/** device specific operations function pointer structure */
extern struct rte_cryptodev_ops *rte_openssl_pmd_ops;

#endif /* _OPENSSL_PMD_PRIVATE_H_ */
Commit	Line	Data
9f95a23c TL	1	/* SPDX-License-Identifier: BSD-3-Clause
9f95a23c TL	2	* Copyright(c) 2016-2017 Intel Corporation
7c673cae FG	3	*/
	4
	5	#ifndef _OPENSSL_PMD_PRIVATE_H_
	6	#define _OPENSSL_PMD_PRIVATE_H_
	7
	8	#include <openssl/evp.h>
9f95a23c	9	#include <openssl/hmac.h>
7c673cae	10	#include <openssl/des.h>
9f95a23c TL	11	#include <openssl/rsa.h>
	12	#include <openssl/dh.h>
	13	#include <openssl/dsa.h>
7c673cae	14
9f95a23c TL	15	#define CRYPTODEV_NAME_OPENSSL_PMD crypto_openssl
9f95a23c TL	16	/*< Open SSL Crypto PMD device name /
7c673cae	17
9f95a23c TL	18	/** OPENSSL PMD LOGTYPE DRIVER */
	19	int openssl_logtype_driver;
	20	#define OPENSSL_LOG(level, fmt, ...) \
	21	rte_log(RTE_LOG_ ## level, openssl_logtype_driver, \
	22	"%s() line %u: " fmt "\n", __func__, __LINE__, \
	23	## __VA_ARGS__)
7c673cae	24
9f95a23c TL	25	/* Maximum length for digest (SHA-512 needs 64 bytes) */
9f95a23c TL	26	#define DIGEST_LENGTH_MAX 64
7c673cae FG	27
	28	/** OPENSSL operation order mode enumerator */
	29	enum openssl_chain_order {
	30	OPENSSL_CHAIN_ONLY_CIPHER,
	31	OPENSSL_CHAIN_ONLY_AUTH,
11fdf7f2	32	OPENSSL_CHAIN_CIPHER_BPI,
7c673cae FG	33	OPENSSL_CHAIN_CIPHER_AUTH,
	34	OPENSSL_CHAIN_AUTH_CIPHER,
	35	OPENSSL_CHAIN_COMBINED,
	36	OPENSSL_CHAIN_NOT_SUPPORTED
	37	};
	38
	39	/** OPENSSL cipher mode enumerator */
	40	enum openssl_cipher_mode {
	41	OPENSSL_CIPHER_LIB,
	42	OPENSSL_CIPHER_DES3CTR,
	43	};
	44
	45	/** OPENSSL auth mode enumerator */
	46	enum openssl_auth_mode {
	47	OPENSSL_AUTH_AS_AUTH,
	48	OPENSSL_AUTH_AS_HMAC,
	49	};
	50
	51	/** private data structure for each OPENSSL crypto device */
	52	struct openssl_private {
	53	unsigned int max_nb_qpairs;
	54	/*< Max number of queue pairs /
7c673cae FG	55	};
	56
	57	/** OPENSSL crypto queue pair */
	58	struct openssl_qp {
	59	uint16_t id;
	60	/*< Queue Pair Identifier /
9f95a23c	61	char name[RTE_CRYPTODEV_NAME_MAX_LEN];
7c673cae FG	62	/*< Unique Queue Pair Name /
	63	struct rte_ring *processed_ops;
	64	/*< Ring for placing process packets /
	65	struct rte_mempool *sess_mp;
	66	/*< Session Mempool /
9f95a23c TL	67	struct rte_mempool *sess_mp_priv;
9f95a23c TL	68	/*< Session Private Data Mempool /
7c673cae FG	69	struct rte_cryptodev_stats stats;
7c673cae FG	70	/*< Queue pair statistics /
9f95a23c TL	71	uint8_t temp_digest[DIGEST_LENGTH_MAX];
	72	/**< Buffer used to store the digest generated
	73	* by the driver when verifying a digest provided
	74	* by the user (using authentication verify operation)
	75	*/
7c673cae FG	76	} __rte_cache_aligned;
	77
	78	/** OPENSSL crypto private session structure */
	79	struct openssl_session {
	80	enum openssl_chain_order chain_order;
	81	/*< chain order mode /
	82
9f95a23c TL	83	struct {
	84	uint16_t length;
	85	uint16_t offset;
	86	} iv;
	87	/*< IV parameters /
	88
	89	enum rte_crypto_aead_algorithm aead_algo;
	90	/*< AEAD algorithm /
	91
7c673cae FG	92	/** Cipher Parameters */
	93	struct {
	94	enum rte_crypto_cipher_operation direction;
	95	/*< cipher operation direction /
	96	enum openssl_cipher_mode mode;
	97	/*< cipher operation mode /
	98	enum rte_crypto_cipher_algorithm algo;
	99	/*< cipher algorithm /
	100
	101	struct {
	102	uint8_t data[32];
	103	/*< key data /
	104	size_t length;
	105	/*< key length in bytes /
	106	} key;
	107
	108	const EVP_CIPHER *evp_algo;
	109	/*< pointer to EVP algorithm function /
	110	EVP_CIPHER_CTX *ctx;
	111	/*< pointer to EVP context structure /
11fdf7f2	112	EVP_CIPHER_CTX *bpi_ctx;
7c673cae FG	113	} cipher;
	114
	115	/** Authentication Parameters */
	116	struct {
	117	enum rte_crypto_auth_operation operation;
	118	/*< auth operation generate or verify /
	119	enum openssl_auth_mode mode;
	120	/*< auth operation mode /
	121	enum rte_crypto_auth_algorithm algo;
	122	/*< cipher algorithm /
	123
	124	union {
	125	struct {
	126	const EVP_MD *evp_algo;
	127	/*< pointer to EVP algorithm function /
	128	EVP_MD_CTX *ctx;
	129	/*< pointer to EVP context structure /
	130	} auth;
	131
	132	struct {
	133	EVP_PKEY *pkey;
	134	/*< pointer to EVP key /
	135	const EVP_MD *evp_algo;
	136	/*< pointer to EVP algorithm function /
9f95a23c	137	HMAC_CTX *ctx;
7c673cae FG	138	/*< pointer to EVP context structure /
	139	} hmac;
	140	};
9f95a23c TL	141
	142	uint16_t aad_length;
	143	/*< AAD length /
	144	uint16_t digest_length;
	145	/*< digest length /
7c673cae FG	146	} auth;
	147
	148	} __rte_cache_aligned;
	149
9f95a23c TL	150	/** OPENSSL crypto private asymmetric session structure */
	151	struct openssl_asym_session {
	152	enum rte_crypto_asym_xform_type xfrm_type;
	153	union {
	154	struct rsa {
	155	RSA *rsa;
	156	} r;
	157	struct exp {
	158	BIGNUM *exp;
	159	BIGNUM *mod;
	160	BN_CTX *ctx;
	161	} e;
	162	struct mod {
	163	BIGNUM *modulus;
	164	BN_CTX *ctx;
	165	} m;
	166	struct dh {
	167	DH *dh_key;
	168	uint32_t key_op;
	169	} dh;
	170	struct {
	171	DSA *dsa;
	172	} s;
	173	} u;
	174	} __rte_cache_aligned;
7c673cae FG	175	/** Set and validate OPENSSL crypto session parameters */
	176	extern int
	177	openssl_set_session_parameters(struct openssl_session *sess,
	178	const struct rte_crypto_sym_xform *xform);
	179
	180	/** Reset OPENSSL crypto session parameters */
	181	extern void
	182	openssl_reset_session(struct openssl_session *sess);
	183
	184	/** device specific operations function pointer structure */
	185	extern struct rte_cryptodev_ops *rte_openssl_pmd_ops;
	186
	187	#endif /* _OPENSSL_PMD_PRIVATE_H_ */