1 /*************************************************************************** 2 * 3 * <COPYRIGHT_TAG> 4 * 5 ***************************************************************************/ 6 7 /** 8 ***************************************************************************** 9 * @file lac_sym_key.c 10 * 11 * @ingroup LacSymKey 12 * 13 * This file contains the implementation of all keygen functionality 14 * 15 *****************************************************************************/ 16 17 /* 18 ******************************************************************************* 19 * Include public/global header files 20 ******************************************************************************* 21 */ 22 #include "cpa.h" 23 #include "cpa_cy_key.h" 24 #include "cpa_cy_im.h" 25 26 /* 27 ******************************************************************************* 28 * Include private header files 29 ******************************************************************************* 30 */ 31 #include "icp_accel_devices.h" 32 #include "icp_adf_debug.h" 33 #include "icp_adf_init.h" 34 #include "icp_adf_transport.h" 35 36 #include "qat_utils.h" 37 38 #include "lac_log.h" 39 #include "lac_hooks.h" 40 #include "lac_sym.h" 41 #include "lac_sym_qat_hash_defs_lookup.h" 42 #include "lac_sym_qat.h" 43 #include "lac_sal.h" 44 #include "lac_sym_key.h" 45 #include "lac_sal_types_crypto.h" 46 #include "sal_service_state.h" 47 #include "lac_sym_qat_key.h" 48 #include "lac_sym_hash_defs.h" 49 #include "sal_statistics.h" 50 51 /* Number of statistics */ 52 #define LAC_KEY_NUM_STATS (sizeof(CpaCyKeyGenStats64) / sizeof(Cpa64U)) 53 54 #define LAC_KEY_STAT_INC(statistic, instanceHandle) \ 55 do { \ 56 sal_crypto_service_t *pService = NULL; \ 57 pService = (sal_crypto_service_t *)instanceHandle; \ 58 if (CPA_TRUE == \ 59 pService->generic_service_info.stats \ 60 ->bKeyGenStatsEnabled) { \ 61 qatUtilsAtomicInc( \ 62 &pService \ 63 ->pLacKeyStats[offsetof(CpaCyKeyGenStats64, \ 64 statistic) / \ 65 sizeof(Cpa64U)]); \ 66 } \ 67 } while (0) 68 /**< Macro to increment a Key stat (derives offset into array of atomics) */ 69 70 #define LAC_KEY_STATS32_GET(keyStats, instanceHandle) \ 71 do { \ 72 int i; \ 73 sal_crypto_service_t *pService = \ 74 (sal_crypto_service_t *)instanceHandle; \ 75 for (i = 0; i < LAC_KEY_NUM_STATS; i++) { \ 76 ((Cpa32U *)&(keyStats))[i] = \ 77 (Cpa32U)qatUtilsAtomicGet( \ 78 &pService->pLacKeyStats[i]); \ 79 } \ 80 } while (0) 81 /**< Macro to get all 32bit Key stats (from internal array of atomics) */ 82 83 #define LAC_KEY_STATS64_GET(keyStats, instanceHandle) \ 84 do { \ 85 int i; \ 86 sal_crypto_service_t *pService = \ 87 (sal_crypto_service_t *)instanceHandle; \ 88 for (i = 0; i < LAC_KEY_NUM_STATS; i++) { \ 89 ((Cpa64U *)&(keyStats))[i] = \ 90 qatUtilsAtomicGet(&pService->pLacKeyStats[i]); \ 91 } \ 92 } while (0) 93 /**< Macro to get all 64bit Key stats (from internal array of atomics) */ 94 95 #define IS_HKDF_UNSUPPORTED(cmdId, hkdfSupported) \ 96 ((ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= cmdId && \ 97 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL >= cmdId) && \ 98 !hkdfSupported) /**< macro to check whether the HKDF algorithm can be \ 99 supported on the device */ 100 101 /* Sublabel for HKDF TLS Key Generation, as defined in RFC8446. */ 102 const static Cpa8U key256[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 16, 9, 't', 103 'l', 's', '1', '3', 104 ' ', 'k', 'e', 'y', 105 0 }; 106 const static Cpa8U key384[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 32, 9, 't', 107 'l', 's', '1', '3', 108 ' ', 'k', 'e', 'y', 109 0 }; 110 const static Cpa8U keyChaChaPoly[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 32, 9, 111 't', 'l', 's', 112 '1', '3', ' ', 113 'k', 'e', 'y', 114 0 }; 115 /* Sublabel for HKDF TLS IV key Generation, as defined in RFC8446. */ 116 const static Cpa8U iv256[HKDF_SUB_LABEL_IV_LENGTH] = { 0, 12, 8, 't', 117 'l', 's', '1', '3', 118 ' ', 'i', 'v', 0 }; 119 const static Cpa8U iv384[HKDF_SUB_LABEL_IV_LENGTH] = { 0, 12, 8, 't', 120 'l', 's', '1', '3', 121 ' ', 'i', 'v', 0 }; 122 /* Sublabel for HKDF TLS RESUMPTION key Generation, as defined in RFC8446. */ 123 const static Cpa8U resumption256[HKDF_SUB_LABEL_RESUMPTION_LENGTH] = 124 { 0, 32, 16, 't', 'l', 's', '1', '3', ' ', 'r', 125 'e', 's', 'u', 'm', 'p', 't', 'i', 'o', 'n', 0 }; 126 const static Cpa8U resumption384[HKDF_SUB_LABEL_RESUMPTION_LENGTH] = 127 { 0, 48, 16, 't', 'l', 's', '1', '3', ' ', 'r', 128 'e', 's', 'u', 'm', 'p', 't', 'i', 'o', 'n', 0 }; 129 /* Sublabel for HKDF TLS FINISHED key Generation, as defined in RFC8446. */ 130 const static Cpa8U finished256[HKDF_SUB_LABEL_FINISHED_LENGTH] = 131 { 0, 32, 14, 't', 'l', 's', '1', '3', ' ', 132 'f', 'i', 'n', 'i', 's', 'h', 'e', 'd', 0 }; 133 const static Cpa8U finished384[HKDF_SUB_LABEL_FINISHED_LENGTH] = 134 { 0, 48, 14, 't', 'l', 's', '1', '3', ' ', 135 'f', 'i', 'n', 'i', 's', 'h', 'e', 'd', 0 }; 136 137 /** 138 ****************************************************************************** 139 * @ingroup LacSymKey 140 * SSL/TLS stat type 141 * 142 * @description 143 * This enum determines which stat should be incremented 144 *****************************************************************************/ 145 typedef enum { 146 LAC_KEY_REQUESTS = 0, 147 /**< Key requests sent */ 148 LAC_KEY_REQUEST_ERRORS, 149 /**< Key requests errors */ 150 LAC_KEY_COMPLETED, 151 /**< Key requests which received responses */ 152 LAC_KEY_COMPLETED_ERRORS 153 /**< Key requests which received responses with errors */ 154 } lac_key_stat_type_t; 155 156 /*** Local functions prototypes ***/ 157 static void 158 LacSymKey_MgfHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId, 159 void *pOpaqueData, 160 icp_qat_fw_comn_flags cmnRespFlags); 161 162 static CpaStatus 163 LacSymKey_MgfSync(const CpaInstanceHandle instanceHandle, 164 const CpaCyGenFlatBufCbFunc pKeyGenCb, 165 void *pCallbackTag, 166 const void *pKeyGenMgfOpData, 167 CpaFlatBuffer *pGeneratedMaskBuffer, 168 CpaBoolean bIsExtRequest); 169 170 static void 171 LacSymKey_SslTlsHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId, 172 void *pOpaqueData, 173 icp_qat_fw_comn_flags cmnRespFlags); 174 175 static CpaStatus 176 LacSymKey_SslTlsSync(CpaInstanceHandle instanceHandle, 177 const CpaCyGenFlatBufCbFunc pKeyGenCb, 178 void *pCallbackTag, 179 icp_qat_fw_la_cmd_id_t lacCmdId, 180 void *pKeyGenSslTlsOpData, 181 Cpa8U hashAlgorithm, 182 CpaFlatBuffer *pKeyGenOutpuData); 183 184 /*** Implementation ***/ 185 186 /** 187 ****************************************************************************** 188 * @ingroup LacSymKey 189 * Get the instance handle. Support single handle. 190 * @param[in] instanceHandle_in user supplied handle. 191 * @retval CpaInstanceHandle the instance handle 192 */ 193 static CpaInstanceHandle 194 LacKey_GetHandle(CpaInstanceHandle instanceHandle_in) 195 { 196 CpaInstanceHandle instanceHandle = NULL; 197 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 198 instanceHandle = 199 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 200 } else { 201 instanceHandle = instanceHandle_in; 202 } 203 return instanceHandle; 204 } 205 206 /** 207 ******************************************************************************* 208 * @ingroup LacSymKey 209 * Perform SSL/TLS key gen operation 210 * 211 * @description 212 * Perform SSL/TLS key gen operation 213 * 214 * @param[in] instanceHandle QAT device handle. 215 * @param[in] pKeyGenCb Pointer to callback function to be invoked 216 * when the operation is complete. 217 * @param[in] pCallbackTag Opaque User Data for this specific call. 218 * @param[in] lacCmdId Lac command ID (identify SSL & TLS ops) 219 * @param[in] pKeyGenSslTlsOpData Structure containing all the data needed to 220 * perform the SSL/TLS key generation 221 * operation. 222 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 223 * According to RFC5246, this should be 224 * "SHA-256 or a stronger standard hash 225 * function." 226 * @param[out] pKeyGenOutputData pointer to where output result should be 227 * written 228 * 229 * @retval CPA_STATUS_SUCCESS Function executed successfully. 230 * @retval CPA_STATUS_FAIL Function failed. 231 * @retval CPA_STATUS_RETRY Function should be retried. 232 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 233 * @retval CPA_STATUS_RESOURCE Error related to system resources. 234 * 235 *****************************************************************************/ 236 static CpaStatus 237 LacSymKey_KeyGenSslTls_GenCommon(CpaInstanceHandle instanceHandle, 238 const CpaCyGenFlatBufCbFunc pKeyGenCb, 239 void *pCallbackTag, 240 icp_qat_fw_la_cmd_id_t lacCmdId, 241 void *pKeyGenSslTlsOpData, 242 Cpa8U hashAlgorithm, 243 CpaFlatBuffer *pKeyGenOutputData); 244 245 /** 246 ****************************************************************************** 247 * @ingroup LacSymKey 248 * Increment stat for TLS or SSL operation 249 * 250 * @description 251 * This is a generic function to update the stats for either a TLS or SSL 252 * operation. 253 * 254 * @param[in] lacCmdId Indicate SSL or TLS operations 255 * @param[in] statType Statistics Type 256 * @param[in] instanceHandle Instance Handle 257 * 258 * @return None 259 * 260 *****************************************************************************/ 261 static void 262 LacKey_StatsInc(icp_qat_fw_la_cmd_id_t lacCmdId, 263 lac_key_stat_type_t statType, 264 CpaInstanceHandle instanceHandle) 265 { 266 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) { 267 switch (statType) { 268 case LAC_KEY_REQUESTS: 269 LAC_KEY_STAT_INC(numSslKeyGenRequests, instanceHandle); 270 break; 271 case LAC_KEY_REQUEST_ERRORS: 272 LAC_KEY_STAT_INC(numSslKeyGenRequestErrors, 273 instanceHandle); 274 break; 275 case LAC_KEY_COMPLETED: 276 LAC_KEY_STAT_INC(numSslKeyGenCompleted, instanceHandle); 277 break; 278 case LAC_KEY_COMPLETED_ERRORS: 279 LAC_KEY_STAT_INC(numSslKeyGenCompletedErrors, 280 instanceHandle); 281 break; 282 default: 283 QAT_UTILS_LOG("Invalid statistics type\n"); 284 break; 285 } 286 } else /* TLS v1.0/1.1 and 1.2 */ 287 { 288 switch (statType) { 289 case LAC_KEY_REQUESTS: 290 LAC_KEY_STAT_INC(numTlsKeyGenRequests, instanceHandle); 291 break; 292 case LAC_KEY_REQUEST_ERRORS: 293 LAC_KEY_STAT_INC(numTlsKeyGenRequestErrors, 294 instanceHandle); 295 break; 296 case LAC_KEY_COMPLETED: 297 LAC_KEY_STAT_INC(numTlsKeyGenCompleted, instanceHandle); 298 break; 299 case LAC_KEY_COMPLETED_ERRORS: 300 LAC_KEY_STAT_INC(numTlsKeyGenCompletedErrors, 301 instanceHandle); 302 break; 303 default: 304 QAT_UTILS_LOG("Invalid statistics type\n"); 305 break; 306 } 307 } 308 } 309 310 void 311 LacKeygen_StatsShow(CpaInstanceHandle instanceHandle) 312 { 313 CpaCyKeyGenStats64 keyStats = { 0 }; 314 315 LAC_KEY_STATS64_GET(keyStats, instanceHandle); 316 317 QAT_UTILS_LOG(SEPARATOR BORDER 318 " Key Stats: " BORDER 319 "\n" SEPARATOR); 320 321 QAT_UTILS_LOG(BORDER " SSL Key Requests: %16llu " BORDER 322 "\n" BORDER 323 " SSL Key Request Errors: %16llu " BORDER 324 "\n" BORDER 325 " SSL Key Completed %16llu " BORDER 326 "\n" BORDER 327 " SSL Key Complete Errors: %16llu " BORDER 328 "\n" SEPARATOR, 329 (unsigned long long)keyStats.numSslKeyGenRequests, 330 (unsigned long long)keyStats.numSslKeyGenRequestErrors, 331 (unsigned long long)keyStats.numSslKeyGenCompleted, 332 (unsigned long long)keyStats.numSslKeyGenCompletedErrors); 333 334 QAT_UTILS_LOG(BORDER " TLS Key Requests: %16llu " BORDER 335 "\n" BORDER 336 " TLS Key Request Errors: %16llu " BORDER 337 "\n" BORDER 338 " TLS Key Completed %16llu " BORDER 339 "\n" BORDER 340 " TLS Key Complete Errors: %16llu " BORDER 341 "\n" SEPARATOR, 342 (unsigned long long)keyStats.numTlsKeyGenRequests, 343 (unsigned long long)keyStats.numTlsKeyGenRequestErrors, 344 (unsigned long long)keyStats.numTlsKeyGenCompleted, 345 (unsigned long long)keyStats.numTlsKeyGenCompletedErrors); 346 347 QAT_UTILS_LOG(BORDER " MGF Key Requests: %16llu " BORDER 348 "\n" BORDER 349 " MGF Key Request Errors: %16llu " BORDER 350 "\n" BORDER 351 " MGF Key Completed %16llu " BORDER 352 "\n" BORDER 353 " MGF Key Complete Errors: %16llu " BORDER 354 "\n" SEPARATOR, 355 (unsigned long long)keyStats.numMgfKeyGenRequests, 356 (unsigned long long)keyStats.numMgfKeyGenRequestErrors, 357 (unsigned long long)keyStats.numMgfKeyGenCompleted, 358 (unsigned long long)keyStats.numMgfKeyGenCompletedErrors); 359 } 360 361 /** @ingroup LacSymKey */ 362 CpaStatus 363 cpaCyKeyGenQueryStats(CpaInstanceHandle instanceHandle_in, 364 struct _CpaCyKeyGenStats *pSymKeyStats) 365 { 366 CpaInstanceHandle instanceHandle = NULL; 367 368 369 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 370 instanceHandle = 371 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 372 } else { 373 instanceHandle = instanceHandle_in; 374 } 375 376 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 377 SAL_CHECK_INSTANCE_TYPE(instanceHandle, 378 (SAL_SERVICE_TYPE_CRYPTO | 379 SAL_SERVICE_TYPE_CRYPTO_SYM)); 380 LAC_CHECK_NULL_PARAM(pSymKeyStats); 381 382 SAL_RUNNING_CHECK(instanceHandle); 383 384 LAC_KEY_STATS32_GET(*pSymKeyStats, instanceHandle); 385 386 return CPA_STATUS_SUCCESS; 387 } 388 389 /** @ingroup LacSymKey */ 390 CpaStatus 391 cpaCyKeyGenQueryStats64(CpaInstanceHandle instanceHandle_in, 392 CpaCyKeyGenStats64 *pSymKeyStats) 393 { 394 CpaInstanceHandle instanceHandle = NULL; 395 396 397 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 398 instanceHandle = 399 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 400 } else { 401 instanceHandle = instanceHandle_in; 402 } 403 404 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 405 SAL_CHECK_INSTANCE_TYPE(instanceHandle, 406 (SAL_SERVICE_TYPE_CRYPTO | 407 SAL_SERVICE_TYPE_CRYPTO_SYM)); 408 LAC_CHECK_NULL_PARAM(pSymKeyStats); 409 410 SAL_RUNNING_CHECK(instanceHandle); 411 412 LAC_KEY_STATS64_GET(*pSymKeyStats, instanceHandle); 413 414 return CPA_STATUS_SUCCESS; 415 } 416 417 /** 418 ****************************************************************************** 419 * @ingroup LacSymKey 420 * Return the size of the digest for a specific hash algorithm. 421 * @description 422 * Return the expected digest size based on the sha algorithm submitted. 423 * The only supported value are sha256, sha384 and sha512. 424 * 425 * @param[in] hashAlgorithm either sha256, sha384 or sha512. 426 * @return the expected size or 0 for an invalid hash. 427 * 428 *****************************************************************************/ 429 static Cpa32U 430 getDigestSizeFromHashAlgo(CpaCySymHashAlgorithm hashAlgorithm) 431 { 432 switch (hashAlgorithm) { 433 case CPA_CY_SYM_HASH_SHA256: 434 return LAC_HASH_SHA256_DIGEST_SIZE; 435 case CPA_CY_SYM_HASH_SHA384: 436 return LAC_HASH_SHA384_DIGEST_SIZE; 437 case CPA_CY_SYM_HASH_SHA512: 438 return LAC_HASH_SHA512_DIGEST_SIZE; 439 case CPA_CY_SYM_HASH_SM3: 440 return LAC_HASH_SM3_DIGEST_SIZE; 441 default: 442 return 0; 443 } 444 } 445 446 /** 447 ****************************************************************************** 448 * @ingroup LacSymKey 449 * Return the hash algorithm for a specific cipher. 450 * @description 451 * Return the hash algorithm related to the cipher suite. 452 * Supported hash's are SHA256, and SHA384. 453 * 454 * @param[in] cipherSuite AES_128_GCM, AES_256_GCM, AES_128_CCM, 455 * and CHACHA20_POLY1305. 456 * @return the expected hash algorithm or 0 for an invalid cipher. 457 * 458 *****************************************************************************/ 459 static CpaCySymHashAlgorithm 460 getHashAlgorithmFromCipherSuiteHKDF(CpaCyKeyHKDFCipherSuite cipherSuite) 461 { 462 switch (cipherSuite) { 463 case CPA_CY_HKDF_TLS_AES_128_GCM_SHA256: /* Fall through */ 464 case CPA_CY_HKDF_TLS_CHACHA20_POLY1305_SHA256: 465 case CPA_CY_HKDF_TLS_AES_128_CCM_SHA256: 466 case CPA_CY_HKDF_TLS_AES_128_CCM_8_SHA256: 467 return CPA_CY_SYM_HASH_SHA256; 468 case CPA_CY_HKDF_TLS_AES_256_GCM_SHA384: 469 return CPA_CY_SYM_HASH_SHA384; 470 default: 471 return 0; 472 } 473 } 474 475 /** 476 ****************************************************************************** 477 * @ingroup LacSymKey 478 * Return the digest size of cipher. 479 * @description 480 * Return the output key size of specific cipher, for specified sub label 481 * 482 * @param[in] cipherSuite = AES_128_GCM, AES_256_GCM, AES_128_CCM, 483 * and CHACHA20_POLY1305. 484 * subLabels = KEY, IV, RESUMPTION, and FINISHED. 485 * @return the expected digest size of the cipher. 486 * 487 *****************************************************************************/ 488 static const Cpa32U cipherSuiteHKDFHashSizes 489 [LAC_KEY_HKDF_CIPHERS_MAX][LAC_KEY_HKDF_SUBLABELS_MAX] = { 490 {}, /* Not used */ 491 { 32, 16, 12, 32, 32 }, /* AES_128_GCM_SHA256 */ 492 { 48, 32, 12, 48, 48 }, /* AES_256_GCM_SHA384 */ 493 { 32, 32, 12, 32, 32 }, /* CHACHA20_POLY1305_SHA256 */ 494 { 32, 16, 12, 32, 32 }, /* AES_128_CCM_SHA256 */ 495 { 32, 16, 12, 32, 32 } /* AES_128_CCM_8_SHA256 */ 496 }; 497 498 /** 499 ****************************************************************************** 500 * @ingroup LacSymKey 501 * Key Generation MGF response handler 502 * 503 * @description 504 * Handles Key Generation MGF response messages from the QAT. 505 * 506 * @param[in] lacCmdId Command id of the original request 507 * @param[in] pOpaqueData Pointer to opaque data that was in request 508 * @param[in] cmnRespFlags Indicates whether request succeeded 509 * 510 * @return void 511 * 512 *****************************************************************************/ 513 static void 514 LacSymKey_MgfHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId, 515 void *pOpaqueData, 516 icp_qat_fw_comn_flags cmnRespFlags) 517 { 518 CpaCyKeyGenMgfOpData *pMgfOpData = NULL; 519 lac_sym_key_cookie_t *pCookie = NULL; 520 CpaCyGenFlatBufCbFunc pKeyGenMgfCb = NULL; 521 void *pCallbackTag = NULL; 522 CpaFlatBuffer *pGeneratedKeyBuffer = NULL; 523 CpaStatus status = CPA_STATUS_SUCCESS; 524 CpaBoolean respStatusOk = 525 (ICP_QAT_FW_COMN_STATUS_FLAG_OK == 526 ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(cmnRespFlags)) ? 527 CPA_TRUE : 528 CPA_FALSE; 529 530 pCookie = (lac_sym_key_cookie_t *)pOpaqueData; 531 532 if (CPA_TRUE == respStatusOk) { 533 status = CPA_STATUS_SUCCESS; 534 LAC_KEY_STAT_INC(numMgfKeyGenCompleted, 535 pCookie->instanceHandle); 536 } else { 537 status = CPA_STATUS_FAIL; 538 LAC_KEY_STAT_INC(numMgfKeyGenCompletedErrors, 539 pCookie->instanceHandle); 540 } 541 542 pKeyGenMgfCb = (CpaCyGenFlatBufCbFunc)(pCookie->pKeyGenCb); 543 544 pMgfOpData = pCookie->pKeyGenOpData; 545 pCallbackTag = pCookie->pCallbackTag; 546 pGeneratedKeyBuffer = pCookie->pKeyGenOutputData; 547 548 Lac_MemPoolEntryFree(pCookie); 549 550 (*pKeyGenMgfCb)(pCallbackTag, status, pMgfOpData, pGeneratedKeyBuffer); 551 } 552 553 /** 554 ****************************************************************************** 555 * @ingroup LacSymKey 556 * Synchronous mode of operation wrapper function 557 * 558 * @description 559 * Wrapper function to implement synchronous mode of operation for 560 * cpaCyKeyGenMgf and cpaCyKeyGenMgfExt function. 561 * 562 * @param[in] instanceHandle Instance handle 563 * @param[in] pKeyGenCb Internal callback function pointer 564 * @param[in] pCallbackTag Callback tag 565 * @param[in] pKeyGenMgfOpData Pointer to user provided Op Data structure 566 * @param[in] pGeneratedMaskBuffer Pointer to a buffer where generated mask 567 * will be stored 568 * @param[in] bIsExtRequest Indicates origin of function call; 569 * if CPA_TRUE then the call comes from 570 * cpaCyKeyGenMgfExt function, otherwise 571 * from cpaCyKeyGenMgf 572 * 573 * @retval CPA_STATUS_SUCCESS Function executed successfully. 574 * @retval CPA_STATUS_FAIL Function failed. 575 * @retval CPA_STATUS_RETRY Function should be retried. 576 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 577 * @retval CPA_STATUS_RESOURCE Error related to system resources. 578 * 579 *****************************************************************************/ 580 static CpaStatus 581 LacSymKey_MgfSync(const CpaInstanceHandle instanceHandle, 582 const CpaCyGenFlatBufCbFunc pKeyGenCb, 583 void *pCallbackTag, 584 const void *pKeyGenMgfOpData, 585 CpaFlatBuffer *pGeneratedMaskBuffer, 586 CpaBoolean bIsExtRequest) 587 { 588 CpaStatus status = CPA_STATUS_SUCCESS; 589 590 lac_sync_op_data_t *pSyncCallbackData = NULL; 591 592 status = LacSync_CreateSyncCookie(&pSyncCallbackData); 593 594 if (CPA_STATUS_SUCCESS == status) { 595 if (CPA_TRUE == bIsExtRequest) { 596 status = cpaCyKeyGenMgfExt( 597 instanceHandle, 598 LacSync_GenFlatBufCb, 599 pSyncCallbackData, 600 (const CpaCyKeyGenMgfOpDataExt *)pKeyGenMgfOpData, 601 pGeneratedMaskBuffer); 602 } else { 603 status = cpaCyKeyGenMgf(instanceHandle, 604 LacSync_GenFlatBufCb, 605 pSyncCallbackData, 606 (const CpaCyKeyGenMgfOpData *) 607 pKeyGenMgfOpData, 608 pGeneratedMaskBuffer); 609 } 610 } else { 611 /* Failure allocating sync cookie */ 612 LAC_KEY_STAT_INC(numMgfKeyGenRequestErrors, instanceHandle); 613 return status; 614 } 615 616 if (CPA_STATUS_SUCCESS == status) { 617 CpaStatus syncStatus = CPA_STATUS_SUCCESS; 618 619 syncStatus = 620 LacSync_WaitForCallback(pSyncCallbackData, 621 LAC_SYM_SYNC_CALLBACK_TIMEOUT, 622 &status, 623 NULL); 624 625 /* If callback doesn't come back */ 626 if (CPA_STATUS_SUCCESS != syncStatus) { 627 LAC_KEY_STAT_INC(numMgfKeyGenCompletedErrors, 628 instanceHandle); 629 LAC_LOG_ERROR("Callback timed out"); 630 status = syncStatus; 631 } 632 } else { 633 /* As the Request was not sent the Callback will never 634 * be called, so need to indicate that we're finished 635 * with cookie so it can be destroyed. 636 */ 637 LacSync_SetSyncCookieComplete(pSyncCallbackData); 638 } 639 640 LacSync_DestroySyncCookie(&pSyncCallbackData); 641 642 return status; 643 } 644 645 /** 646 ****************************************************************************** 647 * @ingroup LacSymKey 648 * Perform MGF key gen operation 649 * 650 * @description 651 * This function performs MGF key gen operation. It is common for requests 652 * coming from both cpaCyKeyGenMgf and cpaCyKeyGenMgfExt QAT API 653 * functions. 654 * 655 * @param[in] instanceHandle Instance handle 656 * @param[in] pKeyGenCb Pointer to callback function to be invoked 657 * when the operation is complete. 658 * @param[in] pCallbackTag Opaque User Data for this specific call. 659 * @param[in] pOpData Pointer to the Op Data structure provided by 660 * the user in API function call. For calls 661 * originating from cpaCyKeyGenMgfExt it will 662 * point to CpaCyKeyGenMgfOpDataExt type of 663 * structure while for calls originating from 664 * cpaCyKeyGenMgf it will point to 665 * CpaCyKeyGenMgfOpData type of structure. 666 * @param[in] pKeyGenMgfOpData Pointer to the user provided 667 * CpaCyKeyGenMgfOpData structure. For calls 668 * originating from cpaCyKeyGenMgf it will 669 * point to the same structure as pOpData 670 * parameter; for calls originating from 671 * cpaCyKeyGenMgfExt it will point to the 672 * baseOpData member of the 673 * CpaCyKeyGenMgfOpDataExt structure passed in 674 * as a parameter to the API function call. 675 * @param[in] pGeneratedMaskBuffer Pointer to a buffer where generated mask 676 * will be stored 677 * @param[in] hashAlgorithm Indicates which hash algorithm is to be used 678 * to perform MGF key gen operation. For calls 679 * originating from cpaCyKeyGenMgf it will 680 * always be CPA_CY_SYM_HASH_SHA1. 681 * 682 * @retval CPA_STATUS_SUCCESS Function executed successfully. 683 * @retval CPA_STATUS_FAIL Function failed. 684 * @retval CPA_STATUS_RETRY Function should be retried. 685 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 686 * @retval CPA_STATUS_RESOURCE Error related to system resources. 687 * 688 *****************************************************************************/ 689 static CpaStatus 690 LacSymKey_MgfCommon(const CpaInstanceHandle instanceHandle, 691 const CpaCyGenFlatBufCbFunc pKeyGenCb, 692 void *pCallbackTag, 693 const void *pOpData, 694 const CpaCyKeyGenMgfOpData *pKeyGenMgfOpData, 695 CpaFlatBuffer *pGeneratedMaskBuffer, 696 CpaCySymHashAlgorithm hashAlgorithm) 697 { 698 CpaStatus status = CPA_STATUS_SUCCESS; 699 700 icp_qat_fw_la_bulk_req_t keyGenReq = { { 0 } }; 701 icp_qat_la_bulk_req_hdr_t keyGenReqHdr = { { 0 } }; 702 icp_qat_fw_la_key_gen_common_t keyGenReqMid = { { 0 } }; 703 icp_qat_la_bulk_req_ftr_t keyGenReqFtr = { { { 0 } } }; 704 Cpa8U *pMsgDummy = NULL; 705 Cpa8U *pCacheDummyHdr = NULL; 706 Cpa8U *pCacheDummyMid = NULL; 707 Cpa8U *pCacheDummyFtr = NULL; 708 sal_qat_content_desc_info_t contentDescInfo = { 0 }; 709 lac_sym_key_cookie_t *pCookie = NULL; 710 lac_sym_cookie_t *pSymCookie = NULL; 711 sal_crypto_service_t *pService = NULL; 712 Cpa64U inputPhysAddr = 0; 713 Cpa64U outputPhysAddr = 0; 714 /* Structure initializer is supported by C99, but it is 715 * not supported by some former Intel compiler. 716 */ 717 CpaCySymHashSetupData hashSetupData = { 0 }; 718 Cpa32U hashBlkSizeInBytes = 0; 719 lac_sym_qat_hash_alg_info_t *pHashAlgInfo = NULL; 720 icp_qat_fw_serv_specif_flags laCmdFlags = 0; 721 icp_qat_fw_comn_flags cmnRequestFlags = 722 ICP_QAT_FW_COMN_FLAGS_BUILD(QAT_COMN_PTR_TYPE_FLAT, 723 QAT_COMN_CD_FLD_TYPE_64BIT_ADR); 724 725 pService = (sal_crypto_service_t *)instanceHandle; 726 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 727 SAL_CHECK_INSTANCE_TYPE(instanceHandle, 728 (SAL_SERVICE_TYPE_CRYPTO | 729 SAL_SERVICE_TYPE_CRYPTO_SYM)); 730 731 SAL_RUNNING_CHECK(instanceHandle); 732 LAC_CHECK_NULL_PARAM(pOpData); 733 LAC_CHECK_NULL_PARAM(pKeyGenMgfOpData); 734 LAC_CHECK_NULL_PARAM(pGeneratedMaskBuffer); 735 LAC_CHECK_NULL_PARAM(pGeneratedMaskBuffer->pData); 736 LAC_CHECK_NULL_PARAM(pKeyGenMgfOpData->seedBuffer.pData); 737 738 /* Maximum seed length for MGF1 request */ 739 if (pKeyGenMgfOpData->seedBuffer.dataLenInBytes > 740 ICP_QAT_FW_LA_MGF_SEED_LEN_MAX) { 741 LAC_INVALID_PARAM_LOG("seedBuffer.dataLenInBytes"); 742 return CPA_STATUS_INVALID_PARAM; 743 } 744 745 /* Maximum mask length for MGF1 request */ 746 if (pKeyGenMgfOpData->maskLenInBytes > ICP_QAT_FW_LA_MGF_MASK_LEN_MAX) { 747 LAC_INVALID_PARAM_LOG("maskLenInBytes"); 748 return CPA_STATUS_INVALID_PARAM; 749 } 750 751 /* check for enough space in the flat buffer */ 752 if (pKeyGenMgfOpData->maskLenInBytes > 753 pGeneratedMaskBuffer->dataLenInBytes) { 754 LAC_INVALID_PARAM_LOG("pGeneratedMaskBuffer.dataLenInBytes"); 755 return CPA_STATUS_INVALID_PARAM; 756 } 757 758 /* Get hash alg info */ 759 LacSymQat_HashAlgLookupGet(instanceHandle, 760 hashAlgorithm, 761 &pHashAlgInfo); 762 763 /* Allocate the cookie */ 764 pCookie = (lac_sym_key_cookie_t *)Lac_MemPoolEntryAlloc( 765 pService->lac_sym_cookie_pool); 766 if (NULL == pCookie) { 767 LAC_LOG_ERROR("Cannot get mem pool entry"); 768 status = CPA_STATUS_RESOURCE; 769 } else if ((void *)CPA_STATUS_RETRY == pCookie) { 770 pCookie = NULL; 771 status = CPA_STATUS_RETRY; 772 } else { 773 pSymCookie = (lac_sym_cookie_t *)pCookie; 774 } 775 776 if (CPA_STATUS_SUCCESS == status) { 777 /* populate the cookie */ 778 pCookie->instanceHandle = instanceHandle; 779 pCookie->pCallbackTag = pCallbackTag; 780 pCookie->pKeyGenOpData = (void *)LAC_CONST_PTR_CAST(pOpData); 781 pCookie->pKeyGenCb = pKeyGenCb; 782 pCookie->pKeyGenOutputData = pGeneratedMaskBuffer; 783 hashSetupData.hashAlgorithm = hashAlgorithm; 784 hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_PLAIN; 785 hashSetupData.digestResultLenInBytes = 786 pHashAlgInfo->digestLength; 787 788 /* Populate the CD ctrl Block (LW 27 - LW 31) 789 * and the CD Hash HW setup block 790 */ 791 LacSymQat_HashContentDescInit( 792 &(keyGenReqFtr), 793 instanceHandle, 794 &hashSetupData, 795 /* point to base of hw setup block */ 796 (Cpa8U *)pCookie->contentDesc, 797 LAC_SYM_KEY_NO_HASH_BLK_OFFSET_QW, 798 ICP_QAT_FW_SLICE_DRAM_WR, 799 ICP_QAT_HW_AUTH_MODE0, /* just a plain hash */ 800 CPA_FALSE, /* Not using sym Constants Table in Shared SRAM 801 */ 802 CPA_FALSE, /* not using the optimised Content Desc */ 803 NULL, 804 &hashBlkSizeInBytes); 805 806 /* Populate the Req param LW 14-26 */ 807 LacSymQat_KeyMgfRequestPopulate( 808 &keyGenReqHdr, 809 &keyGenReqMid, 810 pKeyGenMgfOpData->seedBuffer.dataLenInBytes, 811 pKeyGenMgfOpData->maskLenInBytes, 812 (Cpa8U)pHashAlgInfo->digestLength); 813 814 contentDescInfo.pData = pCookie->contentDesc; 815 contentDescInfo.hardwareSetupBlockPhys = 816 LAC_MEM_CAST_PTR_TO_UINT64( 817 pSymCookie->keyContentDescPhyAddr); 818 contentDescInfo.hwBlkSzQuadWords = 819 LAC_BYTES_TO_QUADWORDS(hashBlkSizeInBytes); 820 821 /* Populate common request fields */ 822 inputPhysAddr = 823 LAC_MEM_CAST_PTR_TO_UINT64(LAC_OS_VIRT_TO_PHYS_EXTERNAL( 824 pService->generic_service_info, 825 pKeyGenMgfOpData->seedBuffer.pData)); 826 827 if (inputPhysAddr == 0) { 828 LAC_LOG_ERROR( 829 "Unable to get the seed buffer physical address"); 830 status = CPA_STATUS_FAIL; 831 } 832 outputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 833 LAC_OS_VIRT_TO_PHYS_EXTERNAL(pService->generic_service_info, 834 pGeneratedMaskBuffer->pData)); 835 if (outputPhysAddr == 0) { 836 LAC_LOG_ERROR( 837 "Unable to get the physical address of the mask"); 838 status = CPA_STATUS_FAIL; 839 } 840 } 841 842 if (CPA_STATUS_SUCCESS == status) { 843 /* Make up the full keyGenReq struct from its constituents */ 844 pMsgDummy = (Cpa8U *)&(keyGenReq); 845 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 846 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 847 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 848 849 memcpy(pMsgDummy, 850 pCacheDummyHdr, 851 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW)); 852 memset((pMsgDummy + 853 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW)), 854 0, 855 (LAC_LONG_WORD_IN_BYTES * 856 LAC_SIZE_OF_CACHE_TO_CLEAR_IN_LW)); 857 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 858 LAC_START_OF_CACHE_MID_IN_LW), 859 pCacheDummyMid, 860 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_MID_IN_LW)); 861 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 862 LAC_START_OF_CACHE_FTR_IN_LW), 863 pCacheDummyFtr, 864 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_FTR_IN_LW)); 865 866 SalQatMsg_ContentDescHdrWrite((icp_qat_fw_comn_req_t *)&( 867 keyGenReq), 868 &(contentDescInfo)); 869 870 SalQatMsg_CmnHdrWrite((icp_qat_fw_comn_req_t *)&keyGenReq, 871 ICP_QAT_FW_COMN_REQ_CPM_FW_LA, 872 ICP_QAT_FW_LA_CMD_MGF1, 873 cmnRequestFlags, 874 laCmdFlags); 875 876 /* 877 * MGF uses a flat buffer but we can use zero for source and 878 * dest length because the firmware will use the seed length, 879 * hash length and mask length to find source length. 880 */ 881 SalQatMsg_CmnMidWrite((icp_qat_fw_la_bulk_req_t *)&(keyGenReq), 882 pCookie, 883 LAC_SYM_KEY_QAT_PTR_TYPE, 884 inputPhysAddr, 885 outputPhysAddr, 886 0, 887 0); 888 889 /* Send to QAT */ 890 status = icp_adf_transPutMsg(pService->trans_handle_sym_tx, 891 (void *)&(keyGenReq), 892 LAC_QAT_SYM_REQ_SZ_LW); 893 } 894 if (CPA_STATUS_SUCCESS == status) { 895 /* Update stats */ 896 LAC_KEY_STAT_INC(numMgfKeyGenRequests, instanceHandle); 897 } else { 898 LAC_KEY_STAT_INC(numMgfKeyGenRequestErrors, instanceHandle); 899 /* clean up memory */ 900 if (NULL != pCookie) { 901 Lac_MemPoolEntryFree(pCookie); 902 } 903 } 904 return status; 905 } 906 907 /** 908 * cpaCyKeyGenMgf 909 */ 910 CpaStatus 911 cpaCyKeyGenMgf(const CpaInstanceHandle instanceHandle_in, 912 const CpaCyGenFlatBufCbFunc pKeyGenCb, 913 void *pCallbackTag, 914 const CpaCyKeyGenMgfOpData *pKeyGenMgfOpData, 915 CpaFlatBuffer *pGeneratedMaskBuffer) 916 { 917 CpaInstanceHandle instanceHandle = NULL; 918 919 920 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 921 instanceHandle = 922 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 923 } else { 924 instanceHandle = instanceHandle_in; 925 } 926 927 /* If synchronous Operation */ 928 if (NULL == pKeyGenCb) { 929 return LacSymKey_MgfSync(instanceHandle, 930 pKeyGenCb, 931 pCallbackTag, 932 (const void *)pKeyGenMgfOpData, 933 pGeneratedMaskBuffer, 934 CPA_FALSE); 935 } 936 /* Asynchronous Operation */ 937 return LacSymKey_MgfCommon(instanceHandle, 938 pKeyGenCb, 939 pCallbackTag, 940 (const void *)pKeyGenMgfOpData, 941 pKeyGenMgfOpData, 942 pGeneratedMaskBuffer, 943 CPA_CY_SYM_HASH_SHA1); 944 } 945 946 /** 947 * cpaCyKeyGenMgfExt 948 */ 949 CpaStatus 950 cpaCyKeyGenMgfExt(const CpaInstanceHandle instanceHandle_in, 951 const CpaCyGenFlatBufCbFunc pKeyGenCb, 952 void *pCallbackTag, 953 const CpaCyKeyGenMgfOpDataExt *pKeyGenMgfOpDataExt, 954 CpaFlatBuffer *pGeneratedMaskBuffer) 955 { 956 CpaInstanceHandle instanceHandle = NULL; 957 958 959 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 960 instanceHandle = 961 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 962 } else { 963 instanceHandle = instanceHandle_in; 964 } 965 966 /* If synchronous Operation */ 967 if (NULL == pKeyGenCb) { 968 return LacSymKey_MgfSync(instanceHandle, 969 pKeyGenCb, 970 pCallbackTag, 971 (const void *)pKeyGenMgfOpDataExt, 972 pGeneratedMaskBuffer, 973 CPA_TRUE); 974 } 975 976 /* Param check specific for Ext function, rest of parameters validated 977 * in LacSymKey_MgfCommon 978 */ 979 LAC_CHECK_NULL_PARAM(pKeyGenMgfOpDataExt); 980 if (CPA_CY_SYM_HASH_MD5 > pKeyGenMgfOpDataExt->hashAlgorithm || 981 CPA_CY_SYM_HASH_SHA512 < pKeyGenMgfOpDataExt->hashAlgorithm) { 982 LAC_INVALID_PARAM_LOG("hashAlgorithm"); 983 return CPA_STATUS_INVALID_PARAM; 984 } 985 986 /* Asynchronous Operation */ 987 return LacSymKey_MgfCommon(instanceHandle, 988 pKeyGenCb, 989 pCallbackTag, 990 (const void *)pKeyGenMgfOpDataExt, 991 &pKeyGenMgfOpDataExt->baseOpData, 992 pGeneratedMaskBuffer, 993 pKeyGenMgfOpDataExt->hashAlgorithm); 994 } 995 996 /** 997 ****************************************************************************** 998 * @ingroup LacSymKey 999 * Key Generation SSL & TLS response handler 1000 * 1001 * @description 1002 * Handles Key Generation SSL & TLS response messages from the QAT. 1003 * 1004 * @param[in] lacCmdId Command id of the original request 1005 * @param[in] pOpaqueData Pointer to opaque data that was in request 1006 * @param[in] cmnRespFlags LA response flags 1007 * 1008 * @return void 1009 * 1010 *****************************************************************************/ 1011 static void 1012 LacSymKey_SslTlsHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId, 1013 void *pOpaqueData, 1014 icp_qat_fw_comn_flags cmnRespFlags) 1015 { 1016 void *pSslTlsOpData = NULL; 1017 CpaCyGenFlatBufCbFunc pKeyGenSslTlsCb = NULL; 1018 lac_sym_key_cookie_t *pCookie = NULL; 1019 void *pCallbackTag = NULL; 1020 CpaFlatBuffer *pGeneratedKeyBuffer = NULL; 1021 CpaStatus status = CPA_STATUS_SUCCESS; 1022 1023 CpaBoolean respStatusOk = 1024 (ICP_QAT_FW_COMN_STATUS_FLAG_OK == 1025 ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(cmnRespFlags)) ? 1026 CPA_TRUE : 1027 CPA_FALSE; 1028 1029 pCookie = (lac_sym_key_cookie_t *)pOpaqueData; 1030 1031 pSslTlsOpData = pCookie->pKeyGenOpData; 1032 1033 if (CPA_TRUE == respStatusOk) { 1034 LacKey_StatsInc(lacCmdId, 1035 LAC_KEY_COMPLETED, 1036 pCookie->instanceHandle); 1037 } else { 1038 status = CPA_STATUS_FAIL; 1039 LacKey_StatsInc(lacCmdId, 1040 LAC_KEY_COMPLETED_ERRORS, 1041 pCookie->instanceHandle); 1042 } 1043 1044 pKeyGenSslTlsCb = (CpaCyGenFlatBufCbFunc)(pCookie->pKeyGenCb); 1045 1046 pCallbackTag = pCookie->pCallbackTag; 1047 pGeneratedKeyBuffer = pCookie->pKeyGenOutputData; 1048 1049 Lac_MemPoolEntryFree(pCookie); 1050 1051 (*pKeyGenSslTlsCb)(pCallbackTag, 1052 status, 1053 pSslTlsOpData, 1054 pGeneratedKeyBuffer); 1055 } 1056 1057 /** 1058 ******************************************************************************* 1059 * @ingroup LacSymKey 1060 * Synchronous mode of operation function wrapper for performing SSL/TLS 1061 * key gen operation 1062 * 1063 * @description 1064 * Synchronous mode of operation function wrapper for performing SSL/TLS 1065 * key gen operation 1066 * 1067 * @param[in] instanceHandle QAT device handle. 1068 * @param[in] pKeyGenCb Pointer to callback function to be invoked 1069 * when the operation is complete. 1070 * @param[in] pCallbackTag Opaque User Data for this specific call. 1071 * @param[in] lacCmdId Lac command ID (identify SSL & TLS ops) 1072 * @param[in] pKeyGenSslTlsOpData Structure containing all the data needed to 1073 * perform the SSL/TLS key generation 1074 * operation. 1075 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 1076 * According to RFC5246, this should be 1077 * "SHA-256 or a stronger standard hash 1078 * function." 1079 * @param[out] pKeyGenOutputData pointer to where output result should be 1080 * written 1081 * 1082 * @retval CPA_STATUS_SUCCESS Function executed successfully. 1083 * @retval CPA_STATUS_FAIL Function failed. 1084 * @retval CPA_STATUS_RETRY Function should be retried. 1085 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 1086 * @retval CPA_STATUS_RESOURCE Error related to system resources. 1087 * 1088 *****************************************************************************/ 1089 static CpaStatus 1090 LacSymKey_SslTlsSync(CpaInstanceHandle instanceHandle, 1091 const CpaCyGenFlatBufCbFunc pKeyGenCb, 1092 void *pCallbackTag, 1093 icp_qat_fw_la_cmd_id_t lacCmdId, 1094 void *pKeyGenSslTlsOpData, 1095 Cpa8U hashAlgorithm, 1096 CpaFlatBuffer *pKeyGenOutpuData) 1097 { 1098 lac_sync_op_data_t *pSyncCallbackData = NULL; 1099 CpaStatus status = CPA_STATUS_SUCCESS; 1100 1101 status = LacSync_CreateSyncCookie(&pSyncCallbackData); 1102 if (CPA_STATUS_SUCCESS == status) { 1103 status = LacSymKey_KeyGenSslTls_GenCommon(instanceHandle, 1104 pKeyGenCb, 1105 pSyncCallbackData, 1106 lacCmdId, 1107 pKeyGenSslTlsOpData, 1108 hashAlgorithm, 1109 pKeyGenOutpuData); 1110 } else { 1111 /* Failure allocating sync cookie */ 1112 LacKey_StatsInc(lacCmdId, 1113 LAC_KEY_REQUEST_ERRORS, 1114 instanceHandle); 1115 return status; 1116 } 1117 1118 if (CPA_STATUS_SUCCESS == status) { 1119 CpaStatus syncStatus = CPA_STATUS_SUCCESS; 1120 1121 syncStatus = 1122 LacSync_WaitForCallback(pSyncCallbackData, 1123 LAC_SYM_SYNC_CALLBACK_TIMEOUT, 1124 &status, 1125 NULL); 1126 1127 /* If callback doesn't come back */ 1128 if (CPA_STATUS_SUCCESS != syncStatus) { 1129 LacKey_StatsInc(lacCmdId, 1130 LAC_KEY_COMPLETED_ERRORS, 1131 instanceHandle); 1132 LAC_LOG_ERROR("Callback timed out"); 1133 status = syncStatus; 1134 } 1135 } else { 1136 /* As the Request was not sent the Callback will never 1137 * be called, so need to indicate that we're finished 1138 * with cookie so it can be destroyed. 1139 */ 1140 LacSync_SetSyncCookieComplete(pSyncCallbackData); 1141 } 1142 1143 LacSync_DestroySyncCookie(&pSyncCallbackData); 1144 1145 return status; 1146 } 1147 1148 static CpaStatus 1149 computeHashKey(CpaFlatBuffer *secret, 1150 CpaFlatBuffer *hash, 1151 CpaCySymHashAlgorithm *hashAlgorithm) 1152 { 1153 CpaStatus status = CPA_STATUS_SUCCESS; 1154 1155 switch (*hashAlgorithm) { 1156 case CPA_CY_SYM_HASH_MD5: 1157 status = qatUtilsHashMD5Full(secret->pData, 1158 hash->pData, 1159 secret->dataLenInBytes); 1160 break; 1161 case CPA_CY_SYM_HASH_SHA1: 1162 status = qatUtilsHashSHA1Full(secret->pData, 1163 hash->pData, 1164 secret->dataLenInBytes); 1165 break; 1166 case CPA_CY_SYM_HASH_SHA256: 1167 status = qatUtilsHashSHA256Full(secret->pData, 1168 hash->pData, 1169 secret->dataLenInBytes); 1170 break; 1171 case CPA_CY_SYM_HASH_SHA384: 1172 status = qatUtilsHashSHA384Full(secret->pData, 1173 hash->pData, 1174 secret->dataLenInBytes); 1175 break; 1176 case CPA_CY_SYM_HASH_SHA512: 1177 status = qatUtilsHashSHA512Full(secret->pData, 1178 hash->pData, 1179 secret->dataLenInBytes); 1180 break; 1181 default: 1182 status = CPA_STATUS_FAIL; 1183 } 1184 return status; 1185 } 1186 1187 static CpaStatus 1188 LacSymKey_KeyGenSslTls_GenCommon(CpaInstanceHandle instanceHandle, 1189 const CpaCyGenFlatBufCbFunc pKeyGenCb, 1190 void *pCallbackTag, 1191 icp_qat_fw_la_cmd_id_t lacCmdId, 1192 void *pKeyGenSslTlsOpData, 1193 Cpa8U hashAlgCipher, 1194 CpaFlatBuffer *pKeyGenOutputData) 1195 { 1196 CpaStatus status = CPA_STATUS_SUCCESS; 1197 CpaBoolean precompute = CPA_FALSE; 1198 icp_qat_fw_la_bulk_req_t keyGenReq = { { 0 } }; 1199 icp_qat_la_bulk_req_hdr_t keyGenReqHdr = { { 0 } }; 1200 icp_qat_fw_la_key_gen_common_t keyGenReqMid = { { 0 } }; 1201 icp_qat_la_bulk_req_ftr_t keyGenReqFtr = { { { 0 } } }; 1202 Cpa8U *pMsgDummy = NULL; 1203 Cpa8U *pCacheDummyHdr = NULL; 1204 Cpa8U *pCacheDummyMid = NULL; 1205 Cpa8U *pCacheDummyFtr = NULL; 1206 lac_sym_key_cookie_t *pCookie = NULL; 1207 lac_sym_cookie_t *pSymCookie = NULL; 1208 Cpa64U inputPhysAddr = 0; 1209 Cpa64U outputPhysAddr = 0; 1210 /* Structure initializer is supported by C99, but it is 1211 * not supported by some former Intel compiler. 1212 */ 1213 CpaCySymHashSetupData hashSetupData = { 0 }; 1214 sal_qat_content_desc_info_t contentDescInfo = { 0 }; 1215 Cpa32U hashBlkSizeInBytes = 0; 1216 Cpa32U tlsPrefixLen = 0; 1217 1218 CpaFlatBuffer inputSecret = { 0 }; 1219 CpaFlatBuffer hashKeyOutput = { 0 }; 1220 Cpa32U uSecretLen = 0; 1221 CpaCySymHashNestedModeSetupData *pNestedModeSetupData = 1222 &(hashSetupData.nestedModeSetupData); 1223 icp_qat_fw_serv_specif_flags laCmdFlags = 0; 1224 icp_qat_fw_comn_flags cmnRequestFlags = 1225 ICP_QAT_FW_COMN_FLAGS_BUILD(QAT_COMN_PTR_TYPE_FLAT, 1226 QAT_COMN_CD_FLD_TYPE_64BIT_ADR); 1227 1228 sal_crypto_service_t *pService = (sal_crypto_service_t *)instanceHandle; 1229 1230 /* If synchronous Operation */ 1231 if (NULL == pKeyGenCb) { 1232 return LacSymKey_SslTlsSync(instanceHandle, 1233 LacSync_GenFlatBufCb, 1234 pCallbackTag, 1235 lacCmdId, 1236 pKeyGenSslTlsOpData, 1237 hashAlgCipher, 1238 pKeyGenOutputData); 1239 } 1240 /* Allocate the cookie */ 1241 pCookie = (lac_sym_key_cookie_t *)Lac_MemPoolEntryAlloc( 1242 pService->lac_sym_cookie_pool); 1243 if (NULL == pCookie) { 1244 LAC_LOG_ERROR("Cannot get mem pool entry"); 1245 status = CPA_STATUS_RESOURCE; 1246 } else if ((void *)CPA_STATUS_RETRY == pCookie) { 1247 pCookie = NULL; 1248 status = CPA_STATUS_RETRY; 1249 } else { 1250 pSymCookie = (lac_sym_cookie_t *)pCookie; 1251 } 1252 1253 if (CPA_STATUS_SUCCESS == status) { 1254 icp_qat_hw_auth_mode_t qatHashMode = 0; 1255 1256 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) { 1257 qatHashMode = ICP_QAT_HW_AUTH_MODE0; 1258 } else /* TLS v1.1, v1.2, v1.3 */ 1259 { 1260 qatHashMode = ICP_QAT_HW_AUTH_MODE2; 1261 } 1262 1263 pCookie->instanceHandle = pService; 1264 pCookie->pCallbackTag = pCallbackTag; 1265 pCookie->pKeyGenCb = pKeyGenCb; 1266 pCookie->pKeyGenOpData = pKeyGenSslTlsOpData; 1267 pCookie->pKeyGenOutputData = pKeyGenOutputData; 1268 hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_NESTED; 1269 1270 /* SSL3 */ 1271 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) { 1272 hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1; 1273 hashSetupData.digestResultLenInBytes = 1274 LAC_HASH_MD5_DIGEST_SIZE; 1275 pNestedModeSetupData->outerHashAlgorithm = 1276 CPA_CY_SYM_HASH_MD5; 1277 1278 pNestedModeSetupData->pInnerPrefixData = NULL; 1279 pNestedModeSetupData->innerPrefixLenInBytes = 0; 1280 pNestedModeSetupData->pOuterPrefixData = NULL; 1281 pNestedModeSetupData->outerPrefixLenInBytes = 0; 1282 } 1283 /* TLS v1.1 */ 1284 else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == lacCmdId) { 1285 CpaCyKeyGenTlsOpData *pKeyGenTlsOpData = 1286 (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData; 1287 1288 hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1; 1289 hashSetupData.digestResultLenInBytes = 1290 LAC_HASH_MD5_DIGEST_SIZE; 1291 pNestedModeSetupData->outerHashAlgorithm = 1292 CPA_CY_SYM_HASH_MD5; 1293 1294 uSecretLen = pKeyGenTlsOpData->secret.dataLenInBytes; 1295 1296 /* We want to handle pre_master_secret > 128 bytes 1297 * therefore we 1298 * only verify if the current operation is Master Secret 1299 * Derive. 1300 * The other operations remain unchanged. 1301 */ 1302 if ((uSecretLen > 1303 ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX) && 1304 (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE == 1305 pKeyGenTlsOpData->tlsOp || 1306 CPA_CY_KEY_TLS_OP_USER_DEFINED == 1307 pKeyGenTlsOpData->tlsOp)) { 1308 CpaCySymHashAlgorithm hashAlgorithm = 1309 (CpaCySymHashAlgorithm)hashAlgCipher; 1310 /* secret = [s1 | s2 ] 1311 * s1 = outer prefix, s2 = inner prefix 1312 * length of s1 and s2 = ceil(secret_length / 2) 1313 * (secret length + 1)/2 will always give the 1314 * ceil as 1315 * division by 2 1316 * (>>1) will give the smallest integral value 1317 * not less than 1318 * arg 1319 */ 1320 tlsPrefixLen = 1321 (pKeyGenTlsOpData->secret.dataLenInBytes + 1322 1) >> 1323 1; 1324 inputSecret.dataLenInBytes = tlsPrefixLen; 1325 inputSecret.pData = 1326 pKeyGenTlsOpData->secret.pData; 1327 1328 /* Since the pre_master_secret is > 128, we 1329 * split the input 1330 * pre_master_secret in 2 halves and compute the 1331 * MD5 of the 1332 * first half and the SHA1 on the second half. 1333 */ 1334 hashAlgorithm = CPA_CY_SYM_HASH_MD5; 1335 1336 /* Initialize pointer where MD5 key will go. */ 1337 hashKeyOutput.pData = 1338 &pCookie->hashKeyBuffer[0]; 1339 hashKeyOutput.dataLenInBytes = 1340 LAC_HASH_MD5_DIGEST_SIZE; 1341 computeHashKey(&inputSecret, 1342 &hashKeyOutput, 1343 &hashAlgorithm); 1344 1345 pNestedModeSetupData->pOuterPrefixData = 1346 &pCookie->hashKeyBuffer[0]; 1347 pNestedModeSetupData->outerPrefixLenInBytes = 1348 LAC_HASH_MD5_DIGEST_SIZE; 1349 1350 /* Point to the second half of the 1351 * pre_master_secret */ 1352 inputSecret.pData = 1353 pKeyGenTlsOpData->secret.pData + 1354 (pKeyGenTlsOpData->secret.dataLenInBytes - 1355 tlsPrefixLen); 1356 1357 /* Compute SHA1 on the second half of the 1358 * pre_master_secret 1359 */ 1360 hashAlgorithm = CPA_CY_SYM_HASH_SHA1; 1361 /* Initialize pointer where SHA1 key will go. */ 1362 hashKeyOutput.pData = 1363 &pCookie->hashKeyBuffer 1364 [LAC_HASH_MD5_DIGEST_SIZE]; 1365 hashKeyOutput.dataLenInBytes = 1366 LAC_HASH_SHA1_DIGEST_SIZE; 1367 computeHashKey(&inputSecret, 1368 &hashKeyOutput, 1369 &hashAlgorithm); 1370 1371 pNestedModeSetupData->pInnerPrefixData = 1372 &pCookie->hashKeyBuffer 1373 [LAC_HASH_MD5_DIGEST_SIZE]; 1374 pNestedModeSetupData->innerPrefixLenInBytes = 1375 LAC_HASH_SHA1_DIGEST_SIZE; 1376 } else { 1377 /* secret = [s1 | s2 ] 1378 * s1 = outer prefix, s2 = inner prefix 1379 * length of s1 and s2 = ceil(secret_length / 2) 1380 * (secret length + 1)/2 will always give the 1381 * ceil as 1382 * division by 2 1383 * (>>1) will give the smallest integral value 1384 * not less than 1385 * arg 1386 */ 1387 tlsPrefixLen = 1388 (pKeyGenTlsOpData->secret.dataLenInBytes + 1389 1) >> 1390 1; 1391 /* last byte of s1 will be first byte of s2 if 1392 * Length is odd 1393 */ 1394 pNestedModeSetupData->pInnerPrefixData = 1395 pKeyGenTlsOpData->secret.pData + 1396 (pKeyGenTlsOpData->secret.dataLenInBytes - 1397 tlsPrefixLen); 1398 1399 pNestedModeSetupData->pOuterPrefixData = 1400 pKeyGenTlsOpData->secret.pData; 1401 1402 pNestedModeSetupData->innerPrefixLenInBytes = 1403 pNestedModeSetupData 1404 ->outerPrefixLenInBytes = tlsPrefixLen; 1405 } 1406 } 1407 /* TLS v1.2 */ 1408 else if (ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == lacCmdId) { 1409 CpaCyKeyGenTlsOpData *pKeyGenTlsOpData = 1410 (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData; 1411 CpaCySymHashAlgorithm hashAlgorithm = 1412 (CpaCySymHashAlgorithm)hashAlgCipher; 1413 1414 uSecretLen = pKeyGenTlsOpData->secret.dataLenInBytes; 1415 1416 hashSetupData.hashAlgorithm = 1417 (CpaCySymHashAlgorithm)hashAlgorithm; 1418 hashSetupData.digestResultLenInBytes = 1419 (Cpa32U)getDigestSizeFromHashAlgo(hashAlgorithm); 1420 pNestedModeSetupData->outerHashAlgorithm = 1421 (CpaCySymHashAlgorithm)hashAlgorithm; 1422 if (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE == 1423 pKeyGenTlsOpData->tlsOp || 1424 CPA_CY_KEY_TLS_OP_USER_DEFINED == 1425 pKeyGenTlsOpData->tlsOp) { 1426 switch (hashAlgorithm) { 1427 case CPA_CY_SYM_HASH_SM3: 1428 precompute = CPA_FALSE; 1429 break; 1430 case CPA_CY_SYM_HASH_SHA256: 1431 if (uSecretLen > 1432 ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX) { 1433 precompute = CPA_TRUE; 1434 } 1435 break; 1436 case CPA_CY_SYM_HASH_SHA384: 1437 case CPA_CY_SYM_HASH_SHA512: 1438 if (uSecretLen > 1439 ICP_QAT_FW_LA_TLS_SECRET_LEN_MAX) { 1440 precompute = CPA_TRUE; 1441 } 1442 break; 1443 default: 1444 break; 1445 } 1446 } 1447 if (CPA_TRUE == precompute) { 1448 /* Case when secret > algorithm block size 1449 * RFC 4868: For SHA-256 Block size is 512 bits, 1450 * for SHA-384 1451 * and SHA-512 Block size is 1024 bits 1452 * Initialize pointer 1453 * where SHAxxx key will go. 1454 */ 1455 hashKeyOutput.pData = 1456 &pCookie->hashKeyBuffer[0]; 1457 hashKeyOutput.dataLenInBytes = 1458 hashSetupData.digestResultLenInBytes; 1459 computeHashKey(&pKeyGenTlsOpData->secret, 1460 &hashKeyOutput, 1461 &hashSetupData.hashAlgorithm); 1462 1463 /* Outer prefix = secret , inner prefix = secret 1464 * secret < 64 bytes 1465 */ 1466 pNestedModeSetupData->pInnerPrefixData = 1467 hashKeyOutput.pData; 1468 pNestedModeSetupData->pOuterPrefixData = 1469 hashKeyOutput.pData; 1470 pNestedModeSetupData->innerPrefixLenInBytes = 1471 hashKeyOutput.dataLenInBytes; 1472 pNestedModeSetupData->outerPrefixLenInBytes = 1473 hashKeyOutput.dataLenInBytes; 1474 } else { 1475 /* Outer prefix = secret , inner prefix = secret 1476 * secret <= 64 bytes 1477 */ 1478 pNestedModeSetupData->pInnerPrefixData = 1479 pKeyGenTlsOpData->secret.pData; 1480 1481 pNestedModeSetupData->pOuterPrefixData = 1482 pKeyGenTlsOpData->secret.pData; 1483 1484 pNestedModeSetupData->innerPrefixLenInBytes = 1485 pKeyGenTlsOpData->secret.dataLenInBytes; 1486 pNestedModeSetupData->outerPrefixLenInBytes = 1487 pKeyGenTlsOpData->secret.dataLenInBytes; 1488 } 1489 } 1490 /* TLS v1.3 */ 1491 else if ((ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= lacCmdId) && 1492 (ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL >= 1493 lacCmdId)) { 1494 CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData = 1495 (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData; 1496 CpaCySymHashAlgorithm hashAlgorithm = 1497 getHashAlgorithmFromCipherSuiteHKDF(hashAlgCipher); 1498 1499 /* Set HASH data */ 1500 hashSetupData.hashAlgorithm = hashAlgorithm; 1501 /* Calculate digest length from the HASH type */ 1502 hashSetupData.digestResultLenInBytes = 1503 cipherSuiteHKDFHashSizes[hashAlgCipher] 1504 [LAC_KEY_HKDF_DIGESTS]; 1505 /* Outer Hash type is the same as inner hash type */ 1506 pNestedModeSetupData->outerHashAlgorithm = 1507 hashAlgorithm; 1508 1509 /* EXPAND (PRK): 1510 * Outer prefix = secret, inner prefix = secret 1511 * EXTRACT (SEED/SALT): 1512 * Outer prefix = seed, inner prefix = seed 1513 * Secret <= 64 Bytes 1514 * We do not pre compute as secret can't be larger than 1515 * 64 bytes 1516 */ 1517 1518 if ((ICP_QAT_FW_LA_CMD_HKDF_EXPAND == lacCmdId) || 1519 (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == lacCmdId)) { 1520 pNestedModeSetupData->pInnerPrefixData = 1521 pKeyGenTlsOpData->secret; 1522 pNestedModeSetupData->pOuterPrefixData = 1523 pKeyGenTlsOpData->secret; 1524 pNestedModeSetupData->innerPrefixLenInBytes = 1525 pKeyGenTlsOpData->secretLen; 1526 pNestedModeSetupData->outerPrefixLenInBytes = 1527 pKeyGenTlsOpData->secretLen; 1528 } else { 1529 pNestedModeSetupData->pInnerPrefixData = 1530 pKeyGenTlsOpData->seed; 1531 pNestedModeSetupData->pOuterPrefixData = 1532 pKeyGenTlsOpData->seed; 1533 pNestedModeSetupData->innerPrefixLenInBytes = 1534 pKeyGenTlsOpData->seedLen; 1535 pNestedModeSetupData->outerPrefixLenInBytes = 1536 pKeyGenTlsOpData->seedLen; 1537 } 1538 } 1539 1540 /* Set the footer Data. 1541 * Note that following function doesn't look at inner/outer 1542 * prefix pointers in nested digest ctx 1543 */ 1544 LacSymQat_HashContentDescInit( 1545 &keyGenReqFtr, 1546 instanceHandle, 1547 &hashSetupData, 1548 pCookie 1549 ->contentDesc, /* Pointer to base of hw setup block */ 1550 LAC_SYM_KEY_NO_HASH_BLK_OFFSET_QW, 1551 ICP_QAT_FW_SLICE_DRAM_WR, 1552 qatHashMode, 1553 CPA_FALSE, /* Not using sym Constants Table in SRAM */ 1554 CPA_FALSE, /* Not using the optimised content Desc */ 1555 NULL, /* Precompute data */ 1556 &hashBlkSizeInBytes); 1557 1558 /* SSL3 */ 1559 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) { 1560 CpaCyKeyGenSslOpData *pKeyGenSslOpData = 1561 (CpaCyKeyGenSslOpData *)pKeyGenSslTlsOpData; 1562 Cpa8U *pLabel = NULL; 1563 Cpa32U labelLen = 0; 1564 Cpa8U iterations = 0; 1565 Cpa64U labelPhysAddr = 0; 1566 1567 /* Iterations = ceiling of output required / output per 1568 * iteration Ceiling of a / b = (a + (b-1)) / b 1569 */ 1570 iterations = 1571 (pKeyGenSslOpData->generatedKeyLenInBytes + 1572 (LAC_SYM_QAT_KEY_SSL_BYTES_PER_ITERATION - 1)) >> 1573 LAC_SYM_QAT_KEY_SSL_ITERATIONS_SHIFT; 1574 1575 if (CPA_CY_KEY_SSL_OP_USER_DEFINED == 1576 pKeyGenSslOpData->sslOp) { 1577 pLabel = pKeyGenSslOpData->userLabel.pData; 1578 labelLen = 1579 pKeyGenSslOpData->userLabel.dataLenInBytes; 1580 labelPhysAddr = LAC_OS_VIRT_TO_PHYS_EXTERNAL( 1581 pService->generic_service_info, pLabel); 1582 1583 if (labelPhysAddr == 0) { 1584 LAC_LOG_ERROR( 1585 "Unable to get the physical address of the" 1586 " label"); 1587 status = CPA_STATUS_FAIL; 1588 } 1589 } else { 1590 pLabel = pService->pSslLabel; 1591 1592 /* Calculate label length. 1593 * eg. 3 iterations is ABBCCC so length is 6 1594 */ 1595 labelLen = 1596 ((iterations * iterations) + iterations) >> 1597 1; 1598 labelPhysAddr = 1599 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1600 } 1601 1602 LacSymQat_KeySslRequestPopulate( 1603 &keyGenReqHdr, 1604 &keyGenReqMid, 1605 pKeyGenSslOpData->generatedKeyLenInBytes, 1606 labelLen, 1607 pKeyGenSslOpData->secret.dataLenInBytes, 1608 iterations); 1609 1610 LacSymQat_KeySslKeyMaterialInputPopulate( 1611 &(pService->generic_service_info), 1612 &(pCookie->u.sslKeyInput), 1613 pKeyGenSslOpData->seed.pData, 1614 labelPhysAddr, 1615 pKeyGenSslOpData->secret.pData); 1616 1617 inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1618 pSymCookie->keySslKeyInputPhyAddr); 1619 } 1620 /* TLS v1.1, v1.2 */ 1621 else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == lacCmdId || 1622 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == lacCmdId) { 1623 CpaCyKeyGenTlsOpData *pKeyGenTlsOpData = 1624 (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData; 1625 lac_sym_qat_hash_state_buffer_info_t 1626 hashStateBufferInfo = { 0 }; 1627 CpaBoolean hashStateBuffer = CPA_FALSE; 1628 icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock = 1629 (icp_qat_fw_auth_cd_ctrl_hdr_t *)&( 1630 keyGenReqFtr.cd_ctrl); 1631 icp_qat_la_auth_req_params_t *pHashReqParams = NULL; 1632 Cpa8U *pLabel = NULL; 1633 Cpa32U labelLen = 0; 1634 Cpa64U labelPhysAddr = 0; 1635 hashStateBufferInfo.pData = pCookie->hashStateBuffer; 1636 hashStateBufferInfo.pDataPhys = 1637 LAC_MEM_CAST_PTR_TO_UINT64( 1638 pSymCookie->keyHashStateBufferPhyAddr); 1639 hashStateBufferInfo.stateStorageSzQuadWords = 0; 1640 1641 LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr), 1642 instanceHandle, 1643 &(hashSetupData), 1644 hashStateBuffer, 1645 qatHashMode, 1646 CPA_FALSE); 1647 1648 pHashReqParams = (icp_qat_la_auth_req_params_t *)&( 1649 keyGenReqFtr.serv_specif_rqpars); 1650 1651 hashStateBufferInfo.prefixAadSzQuadWords = 1652 LAC_BYTES_TO_QUADWORDS( 1653 pHashReqParams->u2.inner_prefix_sz + 1654 pHashControlBlock->outer_prefix_sz); 1655 1656 /* Copy prefix data into hash state buffer */ 1657 pMsgDummy = (Cpa8U *)&(keyGenReq); 1658 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 1659 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 1660 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 1661 memcpy(pMsgDummy, 1662 pCacheDummyHdr, 1663 (LAC_LONG_WORD_IN_BYTES * 1664 LAC_SIZE_OF_CACHE_HDR_IN_LW)); 1665 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1666 LAC_START_OF_CACHE_MID_IN_LW), 1667 pCacheDummyMid, 1668 (LAC_LONG_WORD_IN_BYTES * 1669 LAC_SIZE_OF_CACHE_MID_IN_LW)); 1670 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1671 LAC_START_OF_CACHE_FTR_IN_LW), 1672 pCacheDummyFtr, 1673 (LAC_LONG_WORD_IN_BYTES * 1674 LAC_SIZE_OF_CACHE_FTR_IN_LW)); 1675 1676 LacSymQat_HashStatePrefixAadBufferPopulate( 1677 &hashStateBufferInfo, 1678 &keyGenReqFtr, 1679 pNestedModeSetupData->pInnerPrefixData, 1680 pNestedModeSetupData->innerPrefixLenInBytes, 1681 pNestedModeSetupData->pOuterPrefixData, 1682 pNestedModeSetupData->outerPrefixLenInBytes); 1683 1684 /* Firmware only looks at hash state buffer pointer and 1685 * the 1686 * hash state buffer size so all other fields are set to 1687 * 0 1688 */ 1689 LacSymQat_HashRequestParamsPopulate( 1690 &(keyGenReq), 1691 0, /* Auth offset */ 1692 0, /* Auth length */ 1693 &(pService->generic_service_info), 1694 &hashStateBufferInfo, /* Hash state prefix buffer */ 1695 ICP_QAT_FW_LA_PARTIAL_NONE, 1696 0, /* Hash result size */ 1697 CPA_FALSE, 1698 NULL, 1699 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 1700 NULL); /* HKDF only */ 1701 1702 /* Set up the labels and their length */ 1703 if (CPA_CY_KEY_TLS_OP_USER_DEFINED == 1704 pKeyGenTlsOpData->tlsOp) { 1705 pLabel = pKeyGenTlsOpData->userLabel.pData; 1706 labelLen = 1707 pKeyGenTlsOpData->userLabel.dataLenInBytes; 1708 labelPhysAddr = LAC_OS_VIRT_TO_PHYS_EXTERNAL( 1709 pService->generic_service_info, pLabel); 1710 1711 if (labelPhysAddr == 0) { 1712 LAC_LOG_ERROR( 1713 "Unable to get the physical address of the" 1714 " label"); 1715 status = CPA_STATUS_FAIL; 1716 } 1717 } else if (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE == 1718 pKeyGenTlsOpData->tlsOp) { 1719 pLabel = pService->pTlsLabel->masterSecret; 1720 labelLen = 1721 sizeof( 1722 LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL) - 1723 1; 1724 labelPhysAddr = 1725 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1726 } else if (CPA_CY_KEY_TLS_OP_KEY_MATERIAL_DERIVE == 1727 pKeyGenTlsOpData->tlsOp) { 1728 pLabel = pService->pTlsLabel->keyMaterial; 1729 labelLen = 1730 sizeof(LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL) - 1731 1; 1732 labelPhysAddr = 1733 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1734 } else if (CPA_CY_KEY_TLS_OP_CLIENT_FINISHED_DERIVE == 1735 pKeyGenTlsOpData->tlsOp) { 1736 pLabel = pService->pTlsLabel->clientFinished; 1737 labelLen = 1738 sizeof(LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL) - 1739 1; 1740 labelPhysAddr = 1741 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1742 } else { 1743 pLabel = pService->pTlsLabel->serverFinished; 1744 labelLen = 1745 sizeof(LAC_SYM_KEY_TLS_SERVER_FIN_LABEL) - 1746 1; 1747 labelPhysAddr = 1748 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1749 } 1750 LacSymQat_KeyTlsRequestPopulate( 1751 &keyGenReqMid, 1752 pKeyGenTlsOpData->generatedKeyLenInBytes, 1753 labelLen, 1754 pKeyGenTlsOpData->secret.dataLenInBytes, 1755 pKeyGenTlsOpData->seed.dataLenInBytes, 1756 lacCmdId); 1757 1758 LacSymQat_KeyTlsKeyMaterialInputPopulate( 1759 &(pService->generic_service_info), 1760 &(pCookie->u.tlsKeyInput), 1761 pKeyGenTlsOpData->seed.pData, 1762 labelPhysAddr); 1763 1764 inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1765 pSymCookie->keyTlsKeyInputPhyAddr); 1766 } 1767 /* TLS v1.3 */ 1768 else if (ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= lacCmdId && 1769 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND >= 1770 lacCmdId) { 1771 CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData = 1772 (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData; 1773 lac_sym_qat_hash_state_buffer_info_t 1774 hashStateBufferInfo = { 0 }; 1775 CpaBoolean hashStateBuffer = CPA_FALSE; 1776 icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock = 1777 (icp_qat_fw_auth_cd_ctrl_hdr_t *)&( 1778 keyGenReqFtr.cd_ctrl); 1779 icp_qat_la_auth_req_params_t *pHashReqParams = NULL; 1780 hashStateBufferInfo.pData = pCookie->hashStateBuffer; 1781 hashStateBufferInfo.pDataPhys = 1782 LAC_MEM_CAST_PTR_TO_UINT64( 1783 pSymCookie->keyHashStateBufferPhyAddr); 1784 hashStateBufferInfo.stateStorageSzQuadWords = 0; 1785 1786 LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr), 1787 instanceHandle, 1788 &(hashSetupData), 1789 hashStateBuffer, 1790 qatHashMode, 1791 CPA_FALSE); 1792 1793 pHashReqParams = (icp_qat_la_auth_req_params_t *)&( 1794 keyGenReqFtr.serv_specif_rqpars); 1795 1796 hashStateBufferInfo.prefixAadSzQuadWords = 1797 LAC_BYTES_TO_QUADWORDS( 1798 pHashReqParams->u2.inner_prefix_sz + 1799 pHashControlBlock->outer_prefix_sz); 1800 1801 /* Copy prefix data into hash state buffer */ 1802 pMsgDummy = (Cpa8U *)&(keyGenReq); 1803 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 1804 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 1805 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 1806 memcpy(pMsgDummy, 1807 pCacheDummyHdr, 1808 (LAC_LONG_WORD_IN_BYTES * 1809 LAC_SIZE_OF_CACHE_HDR_IN_LW)); 1810 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1811 LAC_START_OF_CACHE_MID_IN_LW), 1812 pCacheDummyMid, 1813 (LAC_LONG_WORD_IN_BYTES * 1814 LAC_SIZE_OF_CACHE_MID_IN_LW)); 1815 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1816 LAC_START_OF_CACHE_FTR_IN_LW), 1817 pCacheDummyFtr, 1818 (LAC_LONG_WORD_IN_BYTES * 1819 LAC_SIZE_OF_CACHE_FTR_IN_LW)); 1820 1821 LacSymQat_HashStatePrefixAadBufferPopulate( 1822 &hashStateBufferInfo, 1823 &keyGenReqFtr, 1824 pNestedModeSetupData->pInnerPrefixData, 1825 pNestedModeSetupData->innerPrefixLenInBytes, 1826 pNestedModeSetupData->pOuterPrefixData, 1827 pNestedModeSetupData->outerPrefixLenInBytes); 1828 1829 /* Firmware only looks at hash state buffer pointer and 1830 * the 1831 * hash state buffer size so all other fields are set to 1832 * 0 1833 */ 1834 LacSymQat_HashRequestParamsPopulate( 1835 &(keyGenReq), 1836 0, /* Auth offset */ 1837 0, /* Auth length */ 1838 &(pService->generic_service_info), 1839 &hashStateBufferInfo, /* Hash state prefix buffer */ 1840 ICP_QAT_FW_LA_PARTIAL_NONE, 1841 0, /* Hash result size */ 1842 CPA_FALSE, 1843 NULL, 1844 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 1845 pKeyGenTlsOpData->secret); /* IKM or PRK */ 1846 1847 LacSymQat_KeyTlsRequestPopulate( 1848 &keyGenReqMid, 1849 cipherSuiteHKDFHashSizes[hashAlgCipher] 1850 [LAC_KEY_HKDF_DIGESTS], 1851 /* For EXTRACT, EXPAND, FW expects info to be passed 1852 as label */ 1853 pKeyGenTlsOpData->infoLen, 1854 pKeyGenTlsOpData->secretLen, 1855 pKeyGenTlsOpData->seedLen, 1856 lacCmdId); 1857 1858 LacSymQat_KeyTlsHKDFKeyMaterialInputPopulate( 1859 &(pService->generic_service_info), 1860 &(pCookie->u.tlsHKDFKeyInput), 1861 pKeyGenTlsOpData, 1862 0, /* No subLabels used */ 1863 lacCmdId); /* Pass op being performed */ 1864 1865 inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1866 pSymCookie->keyTlsKeyInputPhyAddr); 1867 } 1868 /* TLS v1.3 LABEL */ 1869 else if (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == lacCmdId || 1870 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL == 1871 lacCmdId) { 1872 CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData = 1873 (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData; 1874 Cpa64U subLabelsPhysAddr = 0; 1875 lac_sym_qat_hash_state_buffer_info_t 1876 hashStateBufferInfo = { 0 }; 1877 CpaBoolean hashStateBuffer = CPA_FALSE; 1878 icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock = 1879 (icp_qat_fw_auth_cd_ctrl_hdr_t *)&( 1880 keyGenReqFtr.cd_ctrl); 1881 icp_qat_la_auth_req_params_t *pHashReqParams = NULL; 1882 hashStateBufferInfo.pData = pCookie->hashStateBuffer; 1883 hashStateBufferInfo.pDataPhys = 1884 LAC_MEM_CAST_PTR_TO_UINT64( 1885 pSymCookie->keyHashStateBufferPhyAddr); 1886 hashStateBufferInfo.stateStorageSzQuadWords = 0; 1887 1888 LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr), 1889 instanceHandle, 1890 &(hashSetupData), 1891 hashStateBuffer, 1892 qatHashMode, 1893 CPA_FALSE); 1894 1895 pHashReqParams = (icp_qat_la_auth_req_params_t *)&( 1896 keyGenReqFtr.serv_specif_rqpars); 1897 1898 hashStateBufferInfo.prefixAadSzQuadWords = 1899 LAC_BYTES_TO_QUADWORDS( 1900 pHashReqParams->u2.inner_prefix_sz + 1901 pHashControlBlock->outer_prefix_sz); 1902 1903 /* Copy prefix data into hash state buffer */ 1904 pMsgDummy = (Cpa8U *)&(keyGenReq); 1905 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 1906 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 1907 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 1908 memcpy(pMsgDummy, 1909 pCacheDummyHdr, 1910 (LAC_LONG_WORD_IN_BYTES * 1911 LAC_SIZE_OF_CACHE_HDR_IN_LW)); 1912 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1913 LAC_START_OF_CACHE_MID_IN_LW), 1914 pCacheDummyMid, 1915 (LAC_LONG_WORD_IN_BYTES * 1916 LAC_SIZE_OF_CACHE_MID_IN_LW)); 1917 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1918 LAC_START_OF_CACHE_FTR_IN_LW), 1919 pCacheDummyFtr, 1920 (LAC_LONG_WORD_IN_BYTES * 1921 LAC_SIZE_OF_CACHE_FTR_IN_LW)); 1922 1923 LacSymQat_HashStatePrefixAadBufferPopulate( 1924 &hashStateBufferInfo, 1925 &keyGenReqFtr, 1926 pNestedModeSetupData->pInnerPrefixData, 1927 pNestedModeSetupData->innerPrefixLenInBytes, 1928 pNestedModeSetupData->pOuterPrefixData, 1929 pNestedModeSetupData->outerPrefixLenInBytes); 1930 1931 /* Firmware only looks at hash state buffer pointer and 1932 * the 1933 * hash state buffer size so all other fields are set to 1934 * 0 1935 */ 1936 LacSymQat_HashRequestParamsPopulate( 1937 &(keyGenReq), 1938 0, /* Auth offset */ 1939 0, /* Auth length */ 1940 &(pService->generic_service_info), 1941 &hashStateBufferInfo, /* Hash state prefix buffer */ 1942 ICP_QAT_FW_LA_PARTIAL_NONE, 1943 0, /* Hash result size */ 1944 CPA_FALSE, 1945 NULL, 1946 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 1947 pKeyGenTlsOpData->secret); /* IKM or PRK */ 1948 1949 LacSymQat_KeyTlsRequestPopulate( 1950 &keyGenReqMid, 1951 cipherSuiteHKDFHashSizes[hashAlgCipher] 1952 [LAC_KEY_HKDF_DIGESTS], 1953 pKeyGenTlsOpData->numLabels, /* Number of Labels */ 1954 pKeyGenTlsOpData->secretLen, 1955 pKeyGenTlsOpData->seedLen, 1956 lacCmdId); 1957 1958 /* Get physical address of subLabels */ 1959 switch (hashAlgCipher) { 1960 case CPA_CY_HKDF_TLS_AES_128_GCM_SHA256: /* Fall Through 1961 */ 1962 case CPA_CY_HKDF_TLS_AES_128_CCM_SHA256: 1963 case CPA_CY_HKDF_TLS_AES_128_CCM_8_SHA256: 1964 subLabelsPhysAddr = pService->pTlsHKDFSubLabel 1965 ->sublabelPhysAddr256; 1966 break; 1967 case CPA_CY_HKDF_TLS_CHACHA20_POLY1305_SHA256: 1968 subLabelsPhysAddr = 1969 pService->pTlsHKDFSubLabel 1970 ->sublabelPhysAddrChaChaPoly; 1971 break; 1972 case CPA_CY_HKDF_TLS_AES_256_GCM_SHA384: 1973 subLabelsPhysAddr = pService->pTlsHKDFSubLabel 1974 ->sublabelPhysAddr384; 1975 break; 1976 default: 1977 break; 1978 } 1979 1980 LacSymQat_KeyTlsHKDFKeyMaterialInputPopulate( 1981 &(pService->generic_service_info), 1982 &(pCookie->u.tlsHKDFKeyInput), 1983 pKeyGenTlsOpData, 1984 subLabelsPhysAddr, 1985 lacCmdId); /* Pass op being performed */ 1986 1987 inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1988 pSymCookie->keyTlsKeyInputPhyAddr); 1989 } 1990 1991 outputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1992 LAC_OS_VIRT_TO_PHYS_EXTERNAL(pService->generic_service_info, 1993 pKeyGenOutputData->pData)); 1994 1995 if (outputPhysAddr == 0) { 1996 LAC_LOG_ERROR( 1997 "Unable to get the physical address of the" 1998 " output buffer"); 1999 status = CPA_STATUS_FAIL; 2000 } 2001 } 2002 if (CPA_STATUS_SUCCESS == status) { 2003 Cpa8U lw26[4]; 2004 char *tmp = NULL; 2005 unsigned char a; 2006 int n = 0; 2007 /* Make up the full keyGenReq struct from its constituents 2008 * before calling the SalQatMsg functions below. 2009 * Note: The full cache struct has been reduced to a 2010 * header, mid and footer for memory size reduction 2011 */ 2012 pMsgDummy = (Cpa8U *)&(keyGenReq); 2013 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 2014 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 2015 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 2016 2017 memcpy(pMsgDummy, 2018 pCacheDummyHdr, 2019 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW)); 2020 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2021 LAC_START_OF_CACHE_MID_IN_LW), 2022 pCacheDummyMid, 2023 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_MID_IN_LW)); 2024 memcpy(&lw26, 2025 pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2026 LAC_START_OF_CACHE_FTR_IN_LW), 2027 LAC_LONG_WORD_IN_BYTES); 2028 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2029 LAC_START_OF_CACHE_FTR_IN_LW), 2030 pCacheDummyFtr, 2031 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_FTR_IN_LW)); 2032 tmp = (char *)(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2033 LAC_START_OF_CACHE_FTR_IN_LW)); 2034 2035 /* Copy LW26, or'd with what's already there, into the Msg, for 2036 * TLS */ 2037 for (n = 0; n < LAC_LONG_WORD_IN_BYTES; n++) { 2038 a = (unsigned char)*(tmp + n); 2039 lw26[n] = lw26[n] | a; 2040 } 2041 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2042 LAC_START_OF_CACHE_FTR_IN_LW), 2043 &lw26, 2044 LAC_LONG_WORD_IN_BYTES); 2045 2046 contentDescInfo.pData = pCookie->contentDesc; 2047 contentDescInfo.hardwareSetupBlockPhys = 2048 LAC_MEM_CAST_PTR_TO_UINT64( 2049 pSymCookie->keyContentDescPhyAddr); 2050 contentDescInfo.hwBlkSzQuadWords = 2051 LAC_BYTES_TO_QUADWORDS(hashBlkSizeInBytes); 2052 2053 /* Populate common request fields */ 2054 SalQatMsg_ContentDescHdrWrite((icp_qat_fw_comn_req_t *)&( 2055 keyGenReq), 2056 &(contentDescInfo)); 2057 2058 SalQatMsg_CmnHdrWrite((icp_qat_fw_comn_req_t *)&keyGenReq, 2059 ICP_QAT_FW_COMN_REQ_CPM_FW_LA, 2060 lacCmdId, 2061 cmnRequestFlags, 2062 laCmdFlags); 2063 2064 SalQatMsg_CmnMidWrite((icp_qat_fw_la_bulk_req_t *)&(keyGenReq), 2065 pCookie, 2066 LAC_SYM_KEY_QAT_PTR_TYPE, 2067 inputPhysAddr, 2068 outputPhysAddr, 2069 0, 2070 0); 2071 2072 /* Send to QAT */ 2073 status = icp_adf_transPutMsg(pService->trans_handle_sym_tx, 2074 (void *)&(keyGenReq), 2075 LAC_QAT_SYM_REQ_SZ_LW); 2076 } 2077 if (CPA_STATUS_SUCCESS == status) { 2078 /* Update stats */ 2079 LacKey_StatsInc(lacCmdId, 2080 LAC_KEY_REQUESTS, 2081 pCookie->instanceHandle); 2082 } else { 2083 /* Clean up cookie memory */ 2084 if (NULL != pCookie) { 2085 LacKey_StatsInc(lacCmdId, 2086 LAC_KEY_REQUEST_ERRORS, 2087 pCookie->instanceHandle); 2088 Lac_MemPoolEntryFree(pCookie); 2089 } 2090 } 2091 return status; 2092 } 2093 2094 /** 2095 * @ingroup LacSymKey 2096 * Parameters check for TLS v1.0/1.1, v1.2, v1.3 and SSL3 2097 * @description 2098 * Check user parameters against the firmware/spec requirements. 2099 * 2100 * @param[in] pKeyGenOpData Pointer to a structure containing all 2101 * the data needed to perform the key 2102 * generation operation. 2103 * @param[in] hashAlgCipher Specifies the hash algorithm, 2104 * or cipher we are using. 2105 * According to RFC5246, this should be 2106 * "SHA-256 or a stronger standard hash 2107 * function." 2108 * @param[in] pGeneratedKeyBuffer User output buffers. 2109 * @param[in] cmdId Keygen operation to perform. 2110 */ 2111 static CpaStatus 2112 LacSymKey_CheckParamSslTls(const void *pKeyGenOpData, 2113 Cpa8U hashAlgCipher, 2114 const CpaFlatBuffer *pGeneratedKeyBuffer, 2115 icp_qat_fw_la_cmd_id_t cmdId) 2116 { 2117 /* Api max value */ 2118 Cpa32U maxSecretLen = 0; 2119 Cpa32U maxSeedLen = 0; 2120 Cpa32U maxOutputLen = 0; 2121 Cpa32U maxInfoLen = 0; 2122 Cpa32U maxLabelLen = 0; 2123 2124 /* User info */ 2125 Cpa32U uSecretLen = 0; 2126 Cpa32U uSeedLen = 0; 2127 Cpa32U uOutputLen = 0; 2128 2129 LAC_CHECK_NULL_PARAM(pKeyGenOpData); 2130 LAC_CHECK_NULL_PARAM(pGeneratedKeyBuffer); 2131 LAC_CHECK_NULL_PARAM(pGeneratedKeyBuffer->pData); 2132 2133 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == cmdId) { 2134 CpaCyKeyGenSslOpData *opData = 2135 (CpaCyKeyGenSslOpData *)pKeyGenOpData; 2136 2137 /* User info */ 2138 uSecretLen = opData->secret.dataLenInBytes; 2139 uSeedLen = opData->seed.dataLenInBytes; 2140 uOutputLen = opData->generatedKeyLenInBytes; 2141 2142 /* Api max value */ 2143 maxSecretLen = ICP_QAT_FW_LA_SSL_SECRET_LEN_MAX; 2144 maxSeedLen = ICP_QAT_FW_LA_SSL_SEED_LEN_MAX; 2145 maxOutputLen = ICP_QAT_FW_LA_SSL_OUTPUT_LEN_MAX; 2146 2147 /* Check user buffers */ 2148 LAC_CHECK_NULL_PARAM(opData->secret.pData); 2149 LAC_CHECK_NULL_PARAM(opData->seed.pData); 2150 2151 /* Check operation */ 2152 if ((Cpa32U)opData->sslOp > CPA_CY_KEY_SSL_OP_USER_DEFINED) { 2153 LAC_INVALID_PARAM_LOG("opData->sslOp"); 2154 return CPA_STATUS_INVALID_PARAM; 2155 } 2156 if ((Cpa32U)opData->sslOp == CPA_CY_KEY_SSL_OP_USER_DEFINED) { 2157 LAC_CHECK_NULL_PARAM(opData->userLabel.pData); 2158 /* Maximum label length for SSL Key Gen request */ 2159 if (opData->userLabel.dataLenInBytes > 2160 ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX) { 2161 LAC_INVALID_PARAM_LOG( 2162 "userLabel.dataLenInBytes"); 2163 return CPA_STATUS_INVALID_PARAM; 2164 } 2165 } 2166 2167 /* Only seed length for SSL3 Key Gen request */ 2168 if (maxSeedLen != uSeedLen) { 2169 LAC_INVALID_PARAM_LOG("seed.dataLenInBytes"); 2170 return CPA_STATUS_INVALID_PARAM; 2171 } 2172 2173 /* Maximum output length for SSL3 Key Gen request */ 2174 if (uOutputLen > maxOutputLen) { 2175 LAC_INVALID_PARAM_LOG("generatedKeyLenInBytes"); 2176 return CPA_STATUS_INVALID_PARAM; 2177 } 2178 } 2179 /* TLS v1.1 or TLS v.12 */ 2180 else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == cmdId || 2181 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == cmdId) { 2182 CpaCyKeyGenTlsOpData *opData = 2183 (CpaCyKeyGenTlsOpData *)pKeyGenOpData; 2184 2185 /* User info */ 2186 uSecretLen = opData->secret.dataLenInBytes; 2187 uSeedLen = opData->seed.dataLenInBytes; 2188 uOutputLen = opData->generatedKeyLenInBytes; 2189 2190 if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == cmdId) { 2191 /* Api max value */ 2192 /* ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX needs to be 2193 * multiplied 2194 * by 4 in order to verifiy the 512 conditions. We did 2195 * not change 2196 * ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX as it 2197 * represents 2198 * the max value tha firmware can handle. 2199 */ 2200 maxSecretLen = 2201 ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX * 4; 2202 } else { 2203 /* Api max value */ 2204 /* ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX needs to be 2205 * multiplied 2206 * by 8 in order to verifiy the 512 conditions. We did 2207 * not change 2208 * ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX as it 2209 * represents 2210 * the max value tha firmware can handle. 2211 */ 2212 maxSecretLen = 2213 ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX * 8; 2214 2215 /* Check Hash algorithm */ 2216 if (0 == getDigestSizeFromHashAlgo(hashAlgCipher)) { 2217 LAC_INVALID_PARAM_LOG("hashAlgorithm"); 2218 return CPA_STATUS_INVALID_PARAM; 2219 } 2220 } 2221 maxSeedLen = ICP_QAT_FW_LA_TLS_SEED_LEN_MAX; 2222 maxOutputLen = ICP_QAT_FW_LA_TLS_OUTPUT_LEN_MAX; 2223 /* Check user buffers */ 2224 LAC_CHECK_NULL_PARAM(opData->secret.pData); 2225 LAC_CHECK_NULL_PARAM(opData->seed.pData); 2226 2227 /* Check operation */ 2228 if ((Cpa32U)opData->tlsOp > CPA_CY_KEY_TLS_OP_USER_DEFINED) { 2229 LAC_INVALID_PARAM_LOG("opData->tlsOp"); 2230 return CPA_STATUS_INVALID_PARAM; 2231 } else if ((Cpa32U)opData->tlsOp == 2232 CPA_CY_KEY_TLS_OP_USER_DEFINED) { 2233 LAC_CHECK_NULL_PARAM(opData->userLabel.pData); 2234 /* Maximum label length for TLS Key Gen request */ 2235 if (opData->userLabel.dataLenInBytes > 2236 ICP_QAT_FW_LA_TLS_LABEL_LEN_MAX) { 2237 LAC_INVALID_PARAM_LOG( 2238 "userLabel.dataLenInBytes"); 2239 return CPA_STATUS_INVALID_PARAM; 2240 } 2241 } 2242 2243 /* Maximum/only seed length for TLS Key Gen request */ 2244 if (((Cpa32U)opData->tlsOp != 2245 CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE) && 2246 ((Cpa32U)opData->tlsOp != 2247 CPA_CY_KEY_TLS_OP_KEY_MATERIAL_DERIVE)) { 2248 if (uSeedLen > maxSeedLen) { 2249 LAC_INVALID_PARAM_LOG("seed.dataLenInBytes"); 2250 return CPA_STATUS_INVALID_PARAM; 2251 } 2252 } else { 2253 if (maxSeedLen != uSeedLen) { 2254 LAC_INVALID_PARAM_LOG("seed.dataLenInBytes"); 2255 return CPA_STATUS_INVALID_PARAM; 2256 } 2257 } 2258 2259 /* Maximum output length for TLS Key Gen request */ 2260 if (uOutputLen > maxOutputLen) { 2261 LAC_INVALID_PARAM_LOG("generatedKeyLenInBytes"); 2262 return CPA_STATUS_INVALID_PARAM; 2263 } 2264 } 2265 /* TLS v1.3 */ 2266 else if (cmdId >= ICP_QAT_FW_LA_CMD_HKDF_EXTRACT && 2267 cmdId <= ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL) { 2268 CpaCyKeyGenHKDFOpData *HKDF_Data = 2269 (CpaCyKeyGenHKDFOpData *)pKeyGenOpData; 2270 CpaCyKeyHKDFCipherSuite cipherSuite = hashAlgCipher; 2271 CpaCySymHashAlgorithm hashAlgorithm = 2272 getHashAlgorithmFromCipherSuiteHKDF(cipherSuite); 2273 maxSeedLen = 2274 cipherSuiteHKDFHashSizes[cipherSuite][LAC_KEY_HKDF_DIGESTS]; 2275 maxSecretLen = CPA_CY_HKDF_KEY_MAX_SECRET_SZ; 2276 maxInfoLen = CPA_CY_HKDF_KEY_MAX_INFO_SZ; 2277 maxLabelLen = CPA_CY_HKDF_KEY_MAX_LABEL_SZ; 2278 2279 uSecretLen = HKDF_Data->secretLen; 2280 2281 /* Check using supported hash function */ 2282 if (0 == 2283 (uOutputLen = getDigestSizeFromHashAlgo(hashAlgorithm))) { 2284 LAC_INVALID_PARAM_LOG("Hash function not supported"); 2285 return CPA_STATUS_INVALID_PARAM; 2286 } 2287 2288 /* Number of labels does not exceed the MAX */ 2289 if (HKDF_Data->numLabels > CPA_CY_HKDF_KEY_MAX_LABEL_COUNT) { 2290 LAC_INVALID_PARAM_LOG( 2291 "CpaCyKeyGenHKDFOpData.numLabels"); 2292 return CPA_STATUS_INVALID_PARAM; 2293 } 2294 2295 switch (cmdId) { 2296 case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT: 2297 if (maxSeedLen < HKDF_Data->seedLen) { 2298 LAC_INVALID_PARAM_LOG( 2299 "CpaCyKeyGenHKDFOpData.seedLen"); 2300 return CPA_STATUS_INVALID_PARAM; 2301 } 2302 break; 2303 case ICP_QAT_FW_LA_CMD_HKDF_EXPAND: 2304 maxSecretLen = 2305 cipherSuiteHKDFHashSizes[cipherSuite] 2306 [LAC_KEY_HKDF_DIGESTS]; 2307 2308 if (maxInfoLen < HKDF_Data->infoLen) { 2309 LAC_INVALID_PARAM_LOG( 2310 "CpaCyKeyGenHKDFOpData.infoLen"); 2311 return CPA_STATUS_INVALID_PARAM; 2312 } 2313 break; 2314 case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND: 2315 uOutputLen *= 2; 2316 if (maxSeedLen < HKDF_Data->seedLen) { 2317 LAC_INVALID_PARAM_LOG( 2318 "CpaCyKeyGenHKDFOpData.seedLen"); 2319 return CPA_STATUS_INVALID_PARAM; 2320 } 2321 if (maxInfoLen < HKDF_Data->infoLen) { 2322 LAC_INVALID_PARAM_LOG( 2323 "CpaCyKeyGenHKDFOpData.infoLen"); 2324 return CPA_STATUS_INVALID_PARAM; 2325 } 2326 break; 2327 case ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL: /* Fall through */ 2328 case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL: { 2329 Cpa8U subl_mask = 0, subl_number = 1; 2330 Cpa8U i = 0; 2331 2332 if (maxSeedLen < HKDF_Data->seedLen) { 2333 LAC_INVALID_PARAM_LOG( 2334 "CpaCyKeyGenHKDFOpData.seedLen"); 2335 return CPA_STATUS_INVALID_PARAM; 2336 } 2337 2338 /* If EXPAND set uOutputLen to zero */ 2339 if (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == cmdId) { 2340 uOutputLen = 0; 2341 maxSecretLen = cipherSuiteHKDFHashSizes 2342 [cipherSuite][LAC_KEY_HKDF_DIGESTS]; 2343 } 2344 2345 for (i = 0; i < HKDF_Data->numLabels; i++) { 2346 /* Check that the labelLen does not overflow */ 2347 if (maxLabelLen < 2348 HKDF_Data->label[i].labelLen) { 2349 LAC_INVALID_PARAM_LOG1( 2350 "CpaCyKeyGenHKDFOpData.label[%d].labelLen", 2351 i); 2352 return CPA_STATUS_INVALID_PARAM; 2353 } 2354 2355 if (HKDF_Data->label[i].sublabelFlag & 2356 ~HKDF_SUB_LABELS_ALL) { 2357 LAC_INVALID_PARAM_LOG1( 2358 "CpaCyKeyGenHKDFOpData.label[%d]." 2359 "subLabelFlag", 2360 i); 2361 return CPA_STATUS_INVALID_PARAM; 2362 } 2363 2364 /* Calculate the appended subLabel output 2365 * lengths and 2366 * check that the output buffer that the user 2367 * has 2368 * supplied is the correct length. 2369 */ 2370 uOutputLen += cipherSuiteHKDFHashSizes 2371 [cipherSuite][LAC_KEY_HKDF_DIGESTS]; 2372 /* Get mask of subLabel */ 2373 subl_mask = HKDF_Data->label[i].sublabelFlag; 2374 2375 for (subl_number = 1; 2376 subl_number <= LAC_KEY_HKDF_SUBLABELS_NUM; 2377 subl_number++) { 2378 /* Add the used subLabel key lengths */ 2379 if (subl_mask & 1) { 2380 uOutputLen += 2381 cipherSuiteHKDFHashSizes 2382 [cipherSuite] 2383 [subl_number]; 2384 } 2385 subl_mask >>= 1; 2386 } 2387 } 2388 } break; 2389 default: 2390 break; 2391 } 2392 } else { 2393 LAC_INVALID_PARAM_LOG("TLS/SSL operation"); 2394 return CPA_STATUS_INVALID_PARAM; 2395 } 2396 2397 /* Maximum secret length for TLS/SSL Key Gen request */ 2398 if (uSecretLen > maxSecretLen) { 2399 LAC_INVALID_PARAM_LOG("HKFD.secretLen/secret.dataLenInBytes"); 2400 return CPA_STATUS_INVALID_PARAM; 2401 } 2402 2403 /* Check for enough space in the flat buffer */ 2404 if (uOutputLen > pGeneratedKeyBuffer->dataLenInBytes) { 2405 LAC_INVALID_PARAM_LOG("pGeneratedKeyBuffer->dataLenInBytes"); 2406 return CPA_STATUS_INVALID_PARAM; 2407 } 2408 return CPA_STATUS_SUCCESS; 2409 } 2410 2411 /** 2412 * 2413 */ 2414 /** 2415 * @ingroup LacSymKey 2416 * Common Keygen Code for TLS v1.0/1.1, v1.2 and SSL3. 2417 * @description 2418 * Check user parameters and perform the required operation. 2419 * 2420 * @param[in] instanceHandle_in Instance handle. 2421 * @param[in] pKeyGenCb Pointer to callback function to be 2422 * invoked when the operation is complete. 2423 * If this is set to a NULL value the 2424 * function will operate synchronously. 2425 * @param[in] pCallbackTag Opaque User Data for this specific 2426 * call. Will be returned unchanged in the 2427 * callback. 2428 * @param[in] pKeyGenOpData Pointer to a structure containing all 2429 * the data needed to perform the key 2430 * generation operation. 2431 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 2432 * According to RFC5246, this should be 2433 * "SHA-256 or a stronger standard hash 2434 * function." 2435 * @param[out] pGeneratedKeyBuffer User output buffer. 2436 * @param[in] cmdId Keygen operation to perform. 2437 */ 2438 static CpaStatus 2439 LacSymKey_KeyGenSslTls(const CpaInstanceHandle instanceHandle_in, 2440 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2441 void *pCallbackTag, 2442 const void *pKeyGenOpData, 2443 Cpa8U hashAlgorithm, 2444 CpaFlatBuffer *pGeneratedKeyBuffer, 2445 icp_qat_fw_la_cmd_id_t cmdId) 2446 { 2447 CpaStatus status = CPA_STATUS_FAIL; 2448 CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in); 2449 CpaCyCapabilitiesInfo cyCapInfo; 2450 2451 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 2452 SAL_CHECK_INSTANCE_TYPE(instanceHandle, 2453 (SAL_SERVICE_TYPE_CRYPTO | 2454 SAL_SERVICE_TYPE_CRYPTO_SYM)); 2455 2456 SAL_RUNNING_CHECK(instanceHandle); 2457 SalCtrl_CyQueryCapabilities(instanceHandle, &cyCapInfo); 2458 2459 if (IS_HKDF_UNSUPPORTED(cmdId, cyCapInfo.hkdfSupported)) { 2460 LAC_LOG_ERROR("The device does not support HKDF"); 2461 return CPA_STATUS_UNSUPPORTED; 2462 } 2463 2464 status = LacSymKey_CheckParamSslTls(pKeyGenOpData, 2465 hashAlgorithm, 2466 pGeneratedKeyBuffer, 2467 cmdId); 2468 if (CPA_STATUS_SUCCESS != status) 2469 return status; 2470 return LacSymKey_KeyGenSslTls_GenCommon(instanceHandle, 2471 pKeyGenCb, 2472 pCallbackTag, 2473 cmdId, 2474 LAC_CONST_PTR_CAST( 2475 pKeyGenOpData), 2476 hashAlgorithm, 2477 pGeneratedKeyBuffer); 2478 } 2479 2480 /** 2481 * @ingroup LacSymKey 2482 * SSL Key Generation Function. 2483 * @description 2484 * This function is used for SSL key generation. It implements the key 2485 * generation function defined in section 6.2.2 of the SSL 3.0 2486 * specification as described in 2487 * http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt. 2488 * 2489 * The input seed is taken as a flat buffer and the generated key is 2490 * returned to caller in a flat destination data buffer. 2491 * 2492 * @param[in] instanceHandle_in Instance handle. 2493 * @param[in] pKeyGenCb Pointer to callback function to be 2494 * invoked when the operation is complete. 2495 * If this is set to a NULL value the 2496 * function will operate synchronously. 2497 * @param[in] pCallbackTag Opaque User Data for this specific 2498 * call. Will be returned unchanged in the 2499 * callback. 2500 * @param[in] pKeyGenSslOpData Pointer to a structure containing all 2501 * the data needed to perform the SSL key 2502 * generation operation. The client code 2503 * allocates the memory for this 2504 * structure. This component takes 2505 * ownership of the memory until it is 2506 * returned in the callback. 2507 * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 2508 * buffer to hold the key generation 2509 * output. The data pointer SHOULD be 2510 * aligned on an 8-byte boundary. The 2511 * length field passed in represents the 2512 * size of the buffer in bytes. The value 2513 * that is returned is the size of the 2514 * result key in bytes. 2515 * On invocation the callback function 2516 * will contain this parameter in the 2517 * pOut parameter. 2518 * 2519 * @retval CPA_STATUS_SUCCESS Function executed successfully. 2520 * @retval CPA_STATUS_FAIL Function failed. 2521 * @retval CPA_STATUS_RETRY Resubmit the request. 2522 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 2523 * @retval CPA_STATUS_RESOURCE Error related to system resources. 2524 */ 2525 CpaStatus 2526 cpaCyKeyGenSsl(const CpaInstanceHandle instanceHandle_in, 2527 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2528 void *pCallbackTag, 2529 const CpaCyKeyGenSslOpData *pKeyGenSslOpData, 2530 CpaFlatBuffer *pGeneratedKeyBuffer) 2531 { 2532 CpaInstanceHandle instanceHandle = NULL; 2533 2534 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 2535 instanceHandle = 2536 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 2537 } else { 2538 instanceHandle = instanceHandle_in; 2539 } 2540 2541 return LacSymKey_KeyGenSslTls(instanceHandle, 2542 pKeyGenCb, 2543 pCallbackTag, 2544 LAC_CONST_PTR_CAST(pKeyGenSslOpData), 2545 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 2546 pGeneratedKeyBuffer, 2547 ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE); 2548 } 2549 2550 /** 2551 * @ingroup LacSymKey 2552 * TLS Key Generation Function. 2553 * @description 2554 * This function is used for TLS key generation. It implements the 2555 * TLS PRF (Pseudo Random Function) as defined by RFC2246 (TLS v1.0) 2556 * and RFC4346 (TLS v1.1). 2557 * 2558 * The input seed is taken as a flat buffer and the generated key is 2559 * returned to caller in a flat destination data buffer. 2560 * 2561 * @param[in] instanceHandle_in Instance handle. 2562 * @param[in] pKeyGenCb Pointer to callback function to be 2563 * invoked when the operation is complete. 2564 * If this is set to a NULL value the 2565 * function will operate synchronously. 2566 * @param[in] pCallbackTag Opaque User Data for this specific 2567 * call. Will be returned unchanged in the 2568 * callback. 2569 * @param[in] pKeyGenTlsOpData Pointer to a structure containing all 2570 * the data needed to perform the TLS key 2571 * generation operation. The client code 2572 * allocates the memory for this 2573 * structure. This component takes 2574 * ownership of the memory until it is 2575 * returned in the callback. 2576 * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 2577 * buffer to hold the key generation 2578 * output. The data pointer SHOULD be 2579 * aligned on an 8-byte boundary. The 2580 * length field passed in represents the 2581 * size of the buffer in bytes. The value 2582 * that is returned is the size of the 2583 * result key in bytes. 2584 * On invocation the callback function 2585 * will contain this parameter in the 2586 * pOut parameter. 2587 * 2588 * @retval CPA_STATUS_SUCCESS Function executed successfully. 2589 * @retval CPA_STATUS_FAIL Function failed. 2590 * @retval CPA_STATUS_RETRY Resubmit the request. 2591 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 2592 * @retval CPA_STATUS_RESOURCE Error related to system resources. 2593 * 2594 */ 2595 CpaStatus 2596 cpaCyKeyGenTls(const CpaInstanceHandle instanceHandle_in, 2597 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2598 void *pCallbackTag, 2599 const CpaCyKeyGenTlsOpData *pKeyGenTlsOpData, 2600 CpaFlatBuffer *pGeneratedKeyBuffer) 2601 { 2602 CpaInstanceHandle instanceHandle = NULL; 2603 2604 2605 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 2606 instanceHandle = 2607 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 2608 } else { 2609 instanceHandle = instanceHandle_in; 2610 } 2611 2612 return LacSymKey_KeyGenSslTls(instanceHandle, 2613 pKeyGenCb, 2614 pCallbackTag, 2615 LAC_CONST_PTR_CAST(pKeyGenTlsOpData), 2616 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 2617 pGeneratedKeyBuffer, 2618 ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE); 2619 } 2620 2621 /** 2622 * @ingroup LacSymKey 2623 * @description 2624 * This function is used for TLS key generation. It implements the 2625 * TLS PRF (Pseudo Random Function) as defined by RFC5246 (TLS v1.2). 2626 * 2627 * The input seed is taken as a flat buffer and the generated key is 2628 * returned to caller in a flat destination data buffer. 2629 * 2630 * @param[in] instanceHandle_in Instance handle. 2631 * @param[in] pKeyGenCb Pointer to callback function to be 2632 * invoked when the operation is complete. 2633 * If this is set to a NULL value the 2634 * function will operate synchronously. 2635 * @param[in] pCallbackTag Opaque User Data for this specific 2636 * call. Will be returned unchanged in the 2637 * callback. 2638 * @param[in] pKeyGenTlsOpData Pointer to a structure containing all 2639 * the data needed to perform the TLS key 2640 * generation operation. The client code 2641 * allocates the memory for this 2642 * structure. This component takes 2643 * ownership of the memory until it is 2644 * returned in the callback. 2645 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 2646 * According to RFC5246, this should be 2647 * "SHA-256 or a stronger standard hash 2648 * function." 2649 * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 2650 * buffer to hold the key generation 2651 * output. The data pointer SHOULD be 2652 * aligned on an 8-byte boundary. The 2653 * length field passed in represents the 2654 * size of the buffer in bytes. The value 2655 * that is returned is the size of the 2656 * result key in bytes. 2657 * On invocation the callback function 2658 * will contain this parameter in the 2659 * pOut parameter. 2660 * 2661 * @retval CPA_STATUS_SUCCESS Function executed successfully. 2662 * @retval CPA_STATUS_FAIL Function failed. 2663 * @retval CPA_STATUS_RETRY Resubmit the request. 2664 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 2665 * @retval CPA_STATUS_RESOURCE Error related to system resources. 2666 */ 2667 CpaStatus 2668 cpaCyKeyGenTls2(const CpaInstanceHandle instanceHandle_in, 2669 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2670 void *pCallbackTag, 2671 const CpaCyKeyGenTlsOpData *pKeyGenTlsOpData, 2672 CpaCySymHashAlgorithm hashAlgorithm, 2673 CpaFlatBuffer *pGeneratedKeyBuffer) 2674 { 2675 CpaInstanceHandle instanceHandle = NULL; 2676 2677 2678 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 2679 instanceHandle = 2680 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 2681 } else { 2682 instanceHandle = instanceHandle_in; 2683 } 2684 2685 return LacSymKey_KeyGenSslTls(instanceHandle, 2686 pKeyGenCb, 2687 pCallbackTag, 2688 LAC_CONST_PTR_CAST(pKeyGenTlsOpData), 2689 hashAlgorithm, 2690 pGeneratedKeyBuffer, 2691 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE); 2692 } 2693 2694 /** 2695 * @ingroup LacSymKey 2696 * @description 2697 * This function is used for TLS1.3 HKDF key generation. It implements 2698 * the "extract-then-expand" paradigm as defined by RFC 5869. 2699 * 2700 * The input seed/secret/info is taken as a flat buffer and the generated 2701 * key(s)/labels are returned to caller in a flat data buffer. 2702 * 2703 * @param[in] instanceHandle_in Instance handle. 2704 * @param[in] pKeyGenCb Pointer to callback function to be 2705 * invoked when the operation is complete. 2706 * If this is set to a NULL value the 2707 * function will operate synchronously. 2708 * @param[in] pCallbackTag Opaque User Data for this specific 2709 * call. Will be returned unchanged in the 2710 * callback. 2711 * @param[in] pKeyGenTlsOpData Pointer to a structure containing 2712 * the data needed to perform the HKDF key 2713 * generation operation. 2714 * The client code allocates the memory 2715 * for this structure as contiguous 2716 * pinned memory. 2717 * This component takes ownership of the 2718 * memory until it is returned in the 2719 * callback. 2720 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 2721 * According to RFC5246, this should be 2722 * "SHA-256 or a stronger standard hash 2723 * function." 2724 * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 2725 * buffer to hold the key generation 2726 * output. The data pointer SHOULD be 2727 * aligned on an 8-byte boundary. The 2728 * length field passed in represents the 2729 * size of the buffer in bytes. The value 2730 * that is returned is the size of the 2731 * result key in bytes. 2732 * On invocation the callback function 2733 * will contain this parameter in the 2734 * pOut parameter. 2735 * 2736 * @retval CPA_STATUS_SUCCESS Function executed successfully. 2737 * @retval CPA_STATUS_FAIL Function failed. 2738 * @retval CPA_STATUS_RETRY Resubmit the request. 2739 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 2740 * @retval CPA_STATUS_RESOURCE Error related to system resources. 2741 */ 2742 CpaStatus 2743 cpaCyKeyGenTls3(const CpaInstanceHandle instanceHandle_in, 2744 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2745 void *pCallbackTag, 2746 const CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData, 2747 CpaCyKeyHKDFCipherSuite cipherSuite, 2748 CpaFlatBuffer *pGeneratedKeyBuffer) 2749 { 2750 2751 LAC_CHECK_NULL_PARAM(pKeyGenTlsOpData); 2752 switch (pKeyGenTlsOpData->hkdfKeyOp) { 2753 case CPA_CY_HKDF_KEY_EXTRACT: /* Fall through */ 2754 case CPA_CY_HKDF_KEY_EXPAND: 2755 case CPA_CY_HKDF_KEY_EXTRACT_EXPAND: 2756 case CPA_CY_HKDF_KEY_EXPAND_LABEL: 2757 case CPA_CY_HKDF_KEY_EXTRACT_EXPAND_LABEL: 2758 break; 2759 default: 2760 LAC_INVALID_PARAM_LOG("HKDF operation not supported"); 2761 return CPA_STATUS_INVALID_PARAM; 2762 } 2763 2764 2765 return LacSymKey_KeyGenSslTls(instanceHandle_in, 2766 pKeyGenCb, 2767 pCallbackTag, 2768 LAC_CONST_PTR_CAST(pKeyGenTlsOpData), 2769 cipherSuite, 2770 pGeneratedKeyBuffer, 2771 (icp_qat_fw_la_cmd_id_t) 2772 pKeyGenTlsOpData->hkdfKeyOp); 2773 } 2774 2775 /* 2776 * LacSymKey_Init 2777 */ 2778 CpaStatus 2779 LacSymKey_Init(CpaInstanceHandle instanceHandle_in) 2780 { 2781 CpaStatus status = CPA_STATUS_SUCCESS; 2782 CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in); 2783 sal_crypto_service_t *pService = NULL; 2784 2785 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 2786 2787 pService = (sal_crypto_service_t *)instanceHandle; 2788 2789 pService->pLacKeyStats = 2790 LAC_OS_MALLOC(LAC_KEY_NUM_STATS * sizeof(QatUtilsAtomic)); 2791 2792 if (NULL != pService->pLacKeyStats) { 2793 LAC_OS_BZERO((void *)pService->pLacKeyStats, 2794 LAC_KEY_NUM_STATS * sizeof(QatUtilsAtomic)); 2795 2796 status = LAC_OS_CAMALLOC(&pService->pSslLabel, 2797 ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX, 2798 LAC_8BYTE_ALIGNMENT, 2799 pService->nodeAffinity); 2800 } else { 2801 status = CPA_STATUS_RESOURCE; 2802 } 2803 2804 if (CPA_STATUS_SUCCESS == status) { 2805 Cpa32U i = 0; 2806 Cpa32U offset = 0; 2807 2808 /* Initialise SSL label ABBCCC..... */ 2809 for (i = 0; i < ICP_QAT_FW_LA_SSL_ITERATES_LEN_MAX; i++) { 2810 memset(pService->pSslLabel + offset, 'A' + i, i + 1); 2811 offset += (i + 1); 2812 } 2813 2814 /* Allocate memory for TLS labels */ 2815 status = LAC_OS_CAMALLOC(&pService->pTlsLabel, 2816 sizeof(lac_sym_key_tls_labels_t), 2817 LAC_8BYTE_ALIGNMENT, 2818 pService->nodeAffinity); 2819 } 2820 2821 if (CPA_STATUS_SUCCESS == status) { 2822 /* Allocate memory for HKDF sub_labels */ 2823 status = 2824 LAC_OS_CAMALLOC(&pService->pTlsHKDFSubLabel, 2825 sizeof(lac_sym_key_tls_hkdf_sub_labels_t), 2826 LAC_8BYTE_ALIGNMENT, 2827 pService->nodeAffinity); 2828 } 2829 2830 if (CPA_STATUS_SUCCESS == status) { 2831 LAC_OS_BZERO(pService->pTlsLabel, 2832 sizeof(lac_sym_key_tls_labels_t)); 2833 2834 /* Copy the TLS v1.2 labels into the dynamically allocated 2835 * structure */ 2836 memcpy(pService->pTlsLabel->masterSecret, 2837 LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL, 2838 sizeof(LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL) - 1); 2839 2840 memcpy(pService->pTlsLabel->keyMaterial, 2841 LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL, 2842 sizeof(LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL) - 1); 2843 2844 memcpy(pService->pTlsLabel->clientFinished, 2845 LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL, 2846 sizeof(LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL) - 1); 2847 2848 memcpy(pService->pTlsLabel->serverFinished, 2849 LAC_SYM_KEY_TLS_SERVER_FIN_LABEL, 2850 sizeof(LAC_SYM_KEY_TLS_SERVER_FIN_LABEL) - 1); 2851 2852 LAC_OS_BZERO(pService->pTlsHKDFSubLabel, 2853 sizeof(lac_sym_key_tls_hkdf_sub_labels_t)); 2854 2855 /* Copy the TLS v1.3 subLabels into the dynamically allocated 2856 * struct */ 2857 /* KEY SHA-256 */ 2858 memcpy(&pService->pTlsHKDFSubLabel->keySublabel256, 2859 &key256, 2860 HKDF_SUB_LABEL_KEY_LENGTH); 2861 pService->pTlsHKDFSubLabel->keySublabel256.labelLen = 2862 HKDF_SUB_LABEL_KEY_LENGTH; 2863 pService->pTlsHKDFSubLabel->keySublabel256.sublabelFlag = 1 2864 << QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS; 2865 /* KEY SHA-384 */ 2866 memcpy(&pService->pTlsHKDFSubLabel->keySublabel384, 2867 &key384, 2868 HKDF_SUB_LABEL_KEY_LENGTH); 2869 pService->pTlsHKDFSubLabel->keySublabel384.labelLen = 2870 HKDF_SUB_LABEL_KEY_LENGTH; 2871 pService->pTlsHKDFSubLabel->keySublabel384.sublabelFlag = 1 2872 << QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS; 2873 /* KEY CHACHAPOLY */ 2874 memcpy(&pService->pTlsHKDFSubLabel->keySublabelChaChaPoly, 2875 &keyChaChaPoly, 2876 HKDF_SUB_LABEL_KEY_LENGTH); 2877 pService->pTlsHKDFSubLabel->keySublabelChaChaPoly.labelLen = 2878 HKDF_SUB_LABEL_KEY_LENGTH; 2879 pService->pTlsHKDFSubLabel->keySublabelChaChaPoly.sublabelFlag = 2880 1 << QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS; 2881 /* IV SHA-256 */ 2882 memcpy(&pService->pTlsHKDFSubLabel->ivSublabel256, 2883 &iv256, 2884 HKDF_SUB_LABEL_IV_LENGTH); 2885 pService->pTlsHKDFSubLabel->ivSublabel256.labelLen = 2886 HKDF_SUB_LABEL_IV_LENGTH; 2887 pService->pTlsHKDFSubLabel->ivSublabel256.sublabelFlag = 1 2888 << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS; 2889 /* IV SHA-384 */ 2890 memcpy(&pService->pTlsHKDFSubLabel->ivSublabel384, 2891 &iv384, 2892 HKDF_SUB_LABEL_IV_LENGTH); 2893 pService->pTlsHKDFSubLabel->ivSublabel384.labelLen = 2894 HKDF_SUB_LABEL_IV_LENGTH; 2895 pService->pTlsHKDFSubLabel->ivSublabel384.sublabelFlag = 1 2896 << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS; 2897 /* IV CHACHAPOLY */ 2898 memcpy(&pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly, 2899 &iv256, 2900 HKDF_SUB_LABEL_IV_LENGTH); 2901 pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly.labelLen = 2902 HKDF_SUB_LABEL_IV_LENGTH; 2903 pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly.sublabelFlag = 2904 1 << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS; 2905 /* RESUMPTION SHA-256 */ 2906 memcpy(&pService->pTlsHKDFSubLabel->resumptionSublabel256, 2907 &resumption256, 2908 HKDF_SUB_LABEL_RESUMPTION_LENGTH); 2909 pService->pTlsHKDFSubLabel->resumptionSublabel256.labelLen = 2910 HKDF_SUB_LABEL_RESUMPTION_LENGTH; 2911 /* RESUMPTION SHA-384 */ 2912 memcpy(&pService->pTlsHKDFSubLabel->resumptionSublabel384, 2913 &resumption384, 2914 HKDF_SUB_LABEL_RESUMPTION_LENGTH); 2915 pService->pTlsHKDFSubLabel->resumptionSublabel384.labelLen = 2916 HKDF_SUB_LABEL_RESUMPTION_LENGTH; 2917 /* RESUMPTION CHACHAPOLY */ 2918 memcpy( 2919 &pService->pTlsHKDFSubLabel->resumptionSublabelChaChaPoly, 2920 &resumption256, 2921 HKDF_SUB_LABEL_RESUMPTION_LENGTH); 2922 pService->pTlsHKDFSubLabel->resumptionSublabelChaChaPoly 2923 .labelLen = HKDF_SUB_LABEL_RESUMPTION_LENGTH; 2924 /* FINISHED SHA-256 */ 2925 memcpy(&pService->pTlsHKDFSubLabel->finishedSublabel256, 2926 &finished256, 2927 HKDF_SUB_LABEL_FINISHED_LENGTH); 2928 pService->pTlsHKDFSubLabel->finishedSublabel256.labelLen = 2929 HKDF_SUB_LABEL_FINISHED_LENGTH; 2930 /* FINISHED SHA-384 */ 2931 memcpy(&pService->pTlsHKDFSubLabel->finishedSublabel384, 2932 &finished384, 2933 HKDF_SUB_LABEL_FINISHED_LENGTH); 2934 pService->pTlsHKDFSubLabel->finishedSublabel384.labelLen = 2935 HKDF_SUB_LABEL_FINISHED_LENGTH; 2936 /* FINISHED CHACHAPOLY */ 2937 memcpy(&pService->pTlsHKDFSubLabel->finishedSublabelChaChaPoly, 2938 &finished256, 2939 HKDF_SUB_LABEL_FINISHED_LENGTH); 2940 pService->pTlsHKDFSubLabel->finishedSublabelChaChaPoly 2941 .labelLen = HKDF_SUB_LABEL_FINISHED_LENGTH; 2942 2943 /* Set physical address of sublabels */ 2944 pService->pTlsHKDFSubLabel->sublabelPhysAddr256 = 2945 LAC_OS_VIRT_TO_PHYS_INTERNAL( 2946 &pService->pTlsHKDFSubLabel->keySublabel256); 2947 pService->pTlsHKDFSubLabel->sublabelPhysAddr384 = 2948 LAC_OS_VIRT_TO_PHYS_INTERNAL( 2949 &pService->pTlsHKDFSubLabel->keySublabel384); 2950 pService->pTlsHKDFSubLabel->sublabelPhysAddrChaChaPoly = 2951 LAC_OS_VIRT_TO_PHYS_INTERNAL( 2952 &pService->pTlsHKDFSubLabel->keySublabelChaChaPoly); 2953 2954 /* Register request handlers */ 2955 LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE, 2956 LacSymKey_SslTlsHandleResponse); 2957 2958 LacSymQat_RespHandlerRegister( 2959 ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE, 2960 LacSymKey_SslTlsHandleResponse); 2961 2962 LacSymQat_RespHandlerRegister( 2963 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE, 2964 LacSymKey_SslTlsHandleResponse); 2965 2966 LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_HKDF_EXTRACT, 2967 LacSymKey_SslTlsHandleResponse); 2968 2969 LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_HKDF_EXPAND, 2970 LacSymKey_SslTlsHandleResponse); 2971 2972 LacSymQat_RespHandlerRegister( 2973 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND, 2974 LacSymKey_SslTlsHandleResponse); 2975 2976 LacSymQat_RespHandlerRegister( 2977 ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL, 2978 LacSymKey_SslTlsHandleResponse); 2979 2980 LacSymQat_RespHandlerRegister( 2981 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL, 2982 LacSymKey_SslTlsHandleResponse); 2983 2984 LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_MGF1, 2985 LacSymKey_MgfHandleResponse); 2986 } 2987 2988 if (CPA_STATUS_SUCCESS != status) { 2989 LAC_OS_FREE(pService->pLacKeyStats); 2990 LAC_OS_CAFREE(pService->pSslLabel); 2991 LAC_OS_CAFREE(pService->pTlsLabel); 2992 LAC_OS_CAFREE(pService->pTlsHKDFSubLabel); 2993 } 2994 2995 return status; 2996 } 2997 2998 /* 2999 * LacSymKey_Shutdown 3000 */ 3001 CpaStatus 3002 LacSymKey_Shutdown(CpaInstanceHandle instanceHandle_in) 3003 { 3004 CpaStatus status = CPA_STATUS_SUCCESS; 3005 CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in); 3006 sal_crypto_service_t *pService = NULL; 3007 3008 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 3009 3010 pService = (sal_crypto_service_t *)instanceHandle; 3011 3012 if (NULL != pService->pLacKeyStats) { 3013 LAC_OS_FREE(pService->pLacKeyStats); 3014 } 3015 3016 LAC_OS_CAFREE(pService->pSslLabel); 3017 LAC_OS_CAFREE(pService->pTlsLabel); 3018 LAC_OS_CAFREE(pService->pTlsHKDFSubLabel); 3019 3020 return status; 3021 } 3022