Added SM3 support in openssl, and added SM4-EBC/
SM4-CBC/SM4-CTR support in openssl.
Signed-off-by: Sunyang Wu <sunyang...@jaguarmicro.com>
---
doc/guides/cryptodevs/features/openssl.ini | 4 +
doc/guides/cryptodevs/openssl.rst | 4 +
drivers/crypto/openssl/rte_openssl_pmd.c | 20 +++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 82 ++++++++++++++++++++
4 files changed, 110 insertions(+)
diff --git a/doc/guides/cryptodevs/features/openssl.ini
b/doc/guides/cryptodevs/features/openssl.ini
index 4b0f9b162e..efa339da55 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -27,6 +27,9 @@ AES CTR (256) = Y
3DES CBC = Y
3DES CTR = Y
DES DOCSIS BPI = Y
+SM4 ECB = Y
+SM4 CBC = Y
+SM4 CTR = Y
;
; Supported authentication algorithms of the 'openssl' crypto driver.
;
@@ -44,6 +47,7 @@ SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
AES GMAC = Y
+SM3 = Y
;
; Supported AEAD algorithms of the 'openssl' crypto driver.
diff --git a/doc/guides/cryptodevs/openssl.rst
b/doc/guides/cryptodevs/openssl.rst
index 03041ceda1..07dbd2763b 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -19,10 +19,13 @@ OpenSSL PMD has support for:
Supported cipher algorithms:
+* ``RTE_CRYPTO_CIPHER_SM4_ECB``
* ``RTE_CRYPTO_CIPHER_3DES_CBC``
* ``RTE_CRYPTO_CIPHER_AES_CBC``
+* ``RTE_CRYPTO_CIPHER_SM4_CBC``
* ``RTE_CRYPTO_CIPHER_AES_CTR``
* ``RTE_CRYPTO_CIPHER_3DES_CTR``
+* ``RTE_CRYPTO_CIPHER_SM4_CTR``
* ``RTE_CRYPTO_CIPHER_DES_DOCSISBPI``
Supported authentication algorithms:
@@ -34,6 +37,7 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SM3``
* ``RTE_CRYPTO_AUTH_MD5_HMAC``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c
b/drivers/crypto/openssl/rte_openssl_pmd.c
index abcb641a44..4c9f12355f 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -240,6 +240,17 @@ get_cipher_algo(enum rte_crypto_cipher_algorithm
sess_algo, size_t keylen,
res = -EINVAL;
}
break;
+#ifndef OPENSSL_NO_SM4
+ case RTE_CRYPTO_CIPHER_SM4_ECB:
+ *algo = EVP_sm4_ecb();
+ break;
+ case RTE_CRYPTO_CIPHER_SM4_CBC:
+ *algo = EVP_sm4_cbc();
+ break;
+ case RTE_CRYPTO_CIPHER_SM4_CTR:
+ *algo = EVP_sm4_ctr();
+ break;
+#endif
default:
res = -EINVAL;
break;
@@ -284,6 +295,11 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+#ifndef OPENSSL_NO_SM3
+ case RTE_CRYPTO_AUTH_SM3:
+ *algo = EVP_sm3();
+ break;
+#endif
default:
res = -EINVAL;
break;
@@ -483,6 +499,9 @@ openssl_set_session_cipher_parameters(struct
openssl_session *sess,
case RTE_CRYPTO_CIPHER_3DES_CBC:
case RTE_CRYPTO_CIPHER_AES_CBC:
case RTE_CRYPTO_CIPHER_AES_CTR:
+ case RTE_CRYPTO_CIPHER_SM4_ECB:
+ case RTE_CRYPTO_CIPHER_SM4_CBC:
+ case RTE_CRYPTO_CIPHER_SM4_CTR:
sess->cipher.mode = OPENSSL_CIPHER_LIB;
sess->cipher.algo = xform->cipher.algo;
sess->cipher.ctx = EVP_CIPHER_CTX_new();
@@ -636,6 +655,7 @@ openssl_set_session_auth_parameters(struct openssl_session
*sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SM3:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 29ad1b9505..bd908b40fa 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,28 @@ static const struct rte_cryptodev_capabilities
openssl_pmd_capabilities[] = {
}, }
}, }
},
+ {
+ /* SM3 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SM3,
+ .block_size = 64,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .aad_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
@@ -494,6 +516,66 @@ static const struct rte_cryptodev_capabilities
openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SM4 ECB */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SM4_ECB,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* SM4 CBC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SM4_CBC,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* SM4 CTR */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SM4_CTR,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
{ /* RSA */
.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
{.asym = {
--
2.19.0.rc0.windows.1
