178ee8d1cSJulian Grajkowski /***************************************************************************
278ee8d1cSJulian Grajkowski *
378ee8d1cSJulian Grajkowski * <COPYRIGHT_TAG>
478ee8d1cSJulian Grajkowski *
578ee8d1cSJulian Grajkowski ***************************************************************************/
678ee8d1cSJulian Grajkowski
778ee8d1cSJulian Grajkowski /**
878ee8d1cSJulian Grajkowski *****************************************************************************
978ee8d1cSJulian Grajkowski * @file lac_sym_key.c
1078ee8d1cSJulian Grajkowski *
1178ee8d1cSJulian Grajkowski * @ingroup LacSymKey
1278ee8d1cSJulian Grajkowski *
1378ee8d1cSJulian Grajkowski * This file contains the implementation of all keygen functionality
1478ee8d1cSJulian Grajkowski *
1578ee8d1cSJulian Grajkowski *****************************************************************************/
1678ee8d1cSJulian Grajkowski
1778ee8d1cSJulian Grajkowski /*
1878ee8d1cSJulian Grajkowski *******************************************************************************
1978ee8d1cSJulian Grajkowski * Include public/global header files
2078ee8d1cSJulian Grajkowski *******************************************************************************
2178ee8d1cSJulian Grajkowski */
2278ee8d1cSJulian Grajkowski #include "cpa.h"
2378ee8d1cSJulian Grajkowski #include "cpa_cy_key.h"
2478ee8d1cSJulian Grajkowski #include "cpa_cy_im.h"
2578ee8d1cSJulian Grajkowski
2678ee8d1cSJulian Grajkowski /*
2778ee8d1cSJulian Grajkowski *******************************************************************************
2878ee8d1cSJulian Grajkowski * Include private header files
2978ee8d1cSJulian Grajkowski *******************************************************************************
3078ee8d1cSJulian Grajkowski */
3178ee8d1cSJulian Grajkowski #include "icp_accel_devices.h"
3278ee8d1cSJulian Grajkowski #include "icp_adf_debug.h"
3378ee8d1cSJulian Grajkowski #include "icp_adf_init.h"
3478ee8d1cSJulian Grajkowski #include "icp_adf_transport.h"
3578ee8d1cSJulian Grajkowski
3678ee8d1cSJulian Grajkowski #include "qat_utils.h"
3778ee8d1cSJulian Grajkowski
3878ee8d1cSJulian Grajkowski #include "lac_log.h"
3978ee8d1cSJulian Grajkowski #include "lac_hooks.h"
4078ee8d1cSJulian Grajkowski #include "lac_sym.h"
4178ee8d1cSJulian Grajkowski #include "lac_sym_qat_hash_defs_lookup.h"
4278ee8d1cSJulian Grajkowski #include "lac_sym_qat.h"
4378ee8d1cSJulian Grajkowski #include "lac_sal.h"
4478ee8d1cSJulian Grajkowski #include "lac_sym_key.h"
4578ee8d1cSJulian Grajkowski #include "lac_sal_types_crypto.h"
4678ee8d1cSJulian Grajkowski #include "sal_service_state.h"
4778ee8d1cSJulian Grajkowski #include "lac_sym_qat_key.h"
4878ee8d1cSJulian Grajkowski #include "lac_sym_hash_defs.h"
4978ee8d1cSJulian Grajkowski #include "sal_statistics.h"
5078ee8d1cSJulian Grajkowski
5178ee8d1cSJulian Grajkowski /* Number of statistics */
5278ee8d1cSJulian Grajkowski #define LAC_KEY_NUM_STATS (sizeof(CpaCyKeyGenStats64) / sizeof(Cpa64U))
5378ee8d1cSJulian Grajkowski
5478ee8d1cSJulian Grajkowski #define LAC_KEY_STAT_INC(statistic, instanceHandle) \
5578ee8d1cSJulian Grajkowski do { \
5678ee8d1cSJulian Grajkowski sal_crypto_service_t *pService = NULL; \
5778ee8d1cSJulian Grajkowski pService = (sal_crypto_service_t *)instanceHandle; \
5878ee8d1cSJulian Grajkowski if (CPA_TRUE == \
5978ee8d1cSJulian Grajkowski pService->generic_service_info.stats \
6078ee8d1cSJulian Grajkowski ->bKeyGenStatsEnabled) { \
6178ee8d1cSJulian Grajkowski qatUtilsAtomicInc( \
6278ee8d1cSJulian Grajkowski &pService \
6378ee8d1cSJulian Grajkowski ->pLacKeyStats[offsetof(CpaCyKeyGenStats64, \
6478ee8d1cSJulian Grajkowski statistic) / \
6578ee8d1cSJulian Grajkowski sizeof(Cpa64U)]); \
6678ee8d1cSJulian Grajkowski } \
6778ee8d1cSJulian Grajkowski } while (0)
6878ee8d1cSJulian Grajkowski /**< Macro to increment a Key stat (derives offset into array of atomics) */
6978ee8d1cSJulian Grajkowski
7078ee8d1cSJulian Grajkowski #define LAC_KEY_STATS32_GET(keyStats, instanceHandle) \
7178ee8d1cSJulian Grajkowski do { \
7278ee8d1cSJulian Grajkowski int i; \
7378ee8d1cSJulian Grajkowski sal_crypto_service_t *pService = \
7478ee8d1cSJulian Grajkowski (sal_crypto_service_t *)instanceHandle; \
7578ee8d1cSJulian Grajkowski for (i = 0; i < LAC_KEY_NUM_STATS; i++) { \
7678ee8d1cSJulian Grajkowski ((Cpa32U *)&(keyStats))[i] = \
7778ee8d1cSJulian Grajkowski (Cpa32U)qatUtilsAtomicGet( \
7878ee8d1cSJulian Grajkowski &pService->pLacKeyStats[i]); \
7978ee8d1cSJulian Grajkowski } \
8078ee8d1cSJulian Grajkowski } while (0)
8178ee8d1cSJulian Grajkowski /**< Macro to get all 32bit Key stats (from internal array of atomics) */
8278ee8d1cSJulian Grajkowski
8378ee8d1cSJulian Grajkowski #define LAC_KEY_STATS64_GET(keyStats, instanceHandle) \
8478ee8d1cSJulian Grajkowski do { \
8578ee8d1cSJulian Grajkowski int i; \
8678ee8d1cSJulian Grajkowski sal_crypto_service_t *pService = \
8778ee8d1cSJulian Grajkowski (sal_crypto_service_t *)instanceHandle; \
8878ee8d1cSJulian Grajkowski for (i = 0; i < LAC_KEY_NUM_STATS; i++) { \
8978ee8d1cSJulian Grajkowski ((Cpa64U *)&(keyStats))[i] = \
9078ee8d1cSJulian Grajkowski qatUtilsAtomicGet(&pService->pLacKeyStats[i]); \
9178ee8d1cSJulian Grajkowski } \
9278ee8d1cSJulian Grajkowski } while (0)
9378ee8d1cSJulian Grajkowski /**< Macro to get all 64bit Key stats (from internal array of atomics) */
9478ee8d1cSJulian Grajkowski
9578ee8d1cSJulian Grajkowski #define IS_HKDF_UNSUPPORTED(cmdId, hkdfSupported) \
9678ee8d1cSJulian Grajkowski ((ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= cmdId && \
9778ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL >= cmdId) && \
9878ee8d1cSJulian Grajkowski !hkdfSupported) /**< macro to check whether the HKDF algorithm can be \
9978ee8d1cSJulian Grajkowski supported on the device */
10078ee8d1cSJulian Grajkowski
10178ee8d1cSJulian Grajkowski /* Sublabel for HKDF TLS Key Generation, as defined in RFC8446. */
10278ee8d1cSJulian Grajkowski const static Cpa8U key256[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 16, 9, 't',
10378ee8d1cSJulian Grajkowski 'l', 's', '1', '3',
10478ee8d1cSJulian Grajkowski ' ', 'k', 'e', 'y',
10578ee8d1cSJulian Grajkowski 0 };
10678ee8d1cSJulian Grajkowski const static Cpa8U key384[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 32, 9, 't',
10778ee8d1cSJulian Grajkowski 'l', 's', '1', '3',
10878ee8d1cSJulian Grajkowski ' ', 'k', 'e', 'y',
10978ee8d1cSJulian Grajkowski 0 };
11078ee8d1cSJulian Grajkowski const static Cpa8U keyChaChaPoly[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 32, 9,
11178ee8d1cSJulian Grajkowski 't', 'l', 's',
11278ee8d1cSJulian Grajkowski '1', '3', ' ',
11378ee8d1cSJulian Grajkowski 'k', 'e', 'y',
11478ee8d1cSJulian Grajkowski 0 };
11578ee8d1cSJulian Grajkowski /* Sublabel for HKDF TLS IV key Generation, as defined in RFC8446. */
11678ee8d1cSJulian Grajkowski const static Cpa8U iv256[HKDF_SUB_LABEL_IV_LENGTH] = { 0, 12, 8, 't',
11778ee8d1cSJulian Grajkowski 'l', 's', '1', '3',
11878ee8d1cSJulian Grajkowski ' ', 'i', 'v', 0 };
11978ee8d1cSJulian Grajkowski const static Cpa8U iv384[HKDF_SUB_LABEL_IV_LENGTH] = { 0, 12, 8, 't',
12078ee8d1cSJulian Grajkowski 'l', 's', '1', '3',
12178ee8d1cSJulian Grajkowski ' ', 'i', 'v', 0 };
12278ee8d1cSJulian Grajkowski /* Sublabel for HKDF TLS RESUMPTION key Generation, as defined in RFC8446. */
12378ee8d1cSJulian Grajkowski const static Cpa8U resumption256[HKDF_SUB_LABEL_RESUMPTION_LENGTH] =
12478ee8d1cSJulian Grajkowski { 0, 32, 16, 't', 'l', 's', '1', '3', ' ', 'r',
12578ee8d1cSJulian Grajkowski 'e', 's', 'u', 'm', 'p', 't', 'i', 'o', 'n', 0 };
12678ee8d1cSJulian Grajkowski const static Cpa8U resumption384[HKDF_SUB_LABEL_RESUMPTION_LENGTH] =
12778ee8d1cSJulian Grajkowski { 0, 48, 16, 't', 'l', 's', '1', '3', ' ', 'r',
12878ee8d1cSJulian Grajkowski 'e', 's', 'u', 'm', 'p', 't', 'i', 'o', 'n', 0 };
12978ee8d1cSJulian Grajkowski /* Sublabel for HKDF TLS FINISHED key Generation, as defined in RFC8446. */
13078ee8d1cSJulian Grajkowski const static Cpa8U finished256[HKDF_SUB_LABEL_FINISHED_LENGTH] =
13178ee8d1cSJulian Grajkowski { 0, 32, 14, 't', 'l', 's', '1', '3', ' ',
13278ee8d1cSJulian Grajkowski 'f', 'i', 'n', 'i', 's', 'h', 'e', 'd', 0 };
13378ee8d1cSJulian Grajkowski const static Cpa8U finished384[HKDF_SUB_LABEL_FINISHED_LENGTH] =
13478ee8d1cSJulian Grajkowski { 0, 48, 14, 't', 'l', 's', '1', '3', ' ',
13578ee8d1cSJulian Grajkowski 'f', 'i', 'n', 'i', 's', 'h', 'e', 'd', 0 };
13678ee8d1cSJulian Grajkowski
13778ee8d1cSJulian Grajkowski /**
13878ee8d1cSJulian Grajkowski ******************************************************************************
13978ee8d1cSJulian Grajkowski * @ingroup LacSymKey
14078ee8d1cSJulian Grajkowski * SSL/TLS stat type
14178ee8d1cSJulian Grajkowski *
14278ee8d1cSJulian Grajkowski * @description
14378ee8d1cSJulian Grajkowski * This enum determines which stat should be incremented
14478ee8d1cSJulian Grajkowski *****************************************************************************/
14578ee8d1cSJulian Grajkowski typedef enum {
14678ee8d1cSJulian Grajkowski LAC_KEY_REQUESTS = 0,
14778ee8d1cSJulian Grajkowski /**< Key requests sent */
14878ee8d1cSJulian Grajkowski LAC_KEY_REQUEST_ERRORS,
14978ee8d1cSJulian Grajkowski /**< Key requests errors */
15078ee8d1cSJulian Grajkowski LAC_KEY_COMPLETED,
15178ee8d1cSJulian Grajkowski /**< Key requests which received responses */
15278ee8d1cSJulian Grajkowski LAC_KEY_COMPLETED_ERRORS
15378ee8d1cSJulian Grajkowski /**< Key requests which received responses with errors */
15478ee8d1cSJulian Grajkowski } lac_key_stat_type_t;
15578ee8d1cSJulian Grajkowski
15678ee8d1cSJulian Grajkowski /*** Local functions prototypes ***/
15778ee8d1cSJulian Grajkowski static void
15878ee8d1cSJulian Grajkowski LacSymKey_MgfHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId,
15978ee8d1cSJulian Grajkowski void *pOpaqueData,
16078ee8d1cSJulian Grajkowski icp_qat_fw_comn_flags cmnRespFlags);
16178ee8d1cSJulian Grajkowski
16278ee8d1cSJulian Grajkowski static CpaStatus
16378ee8d1cSJulian Grajkowski LacSymKey_MgfSync(const CpaInstanceHandle instanceHandle,
16478ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
16578ee8d1cSJulian Grajkowski void *pCallbackTag,
16678ee8d1cSJulian Grajkowski const void *pKeyGenMgfOpData,
16778ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedMaskBuffer,
16878ee8d1cSJulian Grajkowski CpaBoolean bIsExtRequest);
16978ee8d1cSJulian Grajkowski
17078ee8d1cSJulian Grajkowski static void
17178ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId,
17278ee8d1cSJulian Grajkowski void *pOpaqueData,
17378ee8d1cSJulian Grajkowski icp_qat_fw_comn_flags cmnRespFlags);
17478ee8d1cSJulian Grajkowski
17578ee8d1cSJulian Grajkowski static CpaStatus
17678ee8d1cSJulian Grajkowski LacSymKey_SslTlsSync(CpaInstanceHandle instanceHandle,
17778ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
17878ee8d1cSJulian Grajkowski void *pCallbackTag,
17978ee8d1cSJulian Grajkowski icp_qat_fw_la_cmd_id_t lacCmdId,
18078ee8d1cSJulian Grajkowski void *pKeyGenSslTlsOpData,
18178ee8d1cSJulian Grajkowski Cpa8U hashAlgorithm,
18278ee8d1cSJulian Grajkowski CpaFlatBuffer *pKeyGenOutpuData);
18378ee8d1cSJulian Grajkowski
18478ee8d1cSJulian Grajkowski /*** Implementation ***/
18578ee8d1cSJulian Grajkowski
18678ee8d1cSJulian Grajkowski /**
18778ee8d1cSJulian Grajkowski ******************************************************************************
18878ee8d1cSJulian Grajkowski * @ingroup LacSymKey
18978ee8d1cSJulian Grajkowski * Get the instance handle. Support single handle.
19078ee8d1cSJulian Grajkowski * @param[in] instanceHandle_in user supplied handle.
19178ee8d1cSJulian Grajkowski * @retval CpaInstanceHandle the instance handle
19278ee8d1cSJulian Grajkowski */
19378ee8d1cSJulian Grajkowski static CpaInstanceHandle
LacKey_GetHandle(CpaInstanceHandle instanceHandle_in)19478ee8d1cSJulian Grajkowski LacKey_GetHandle(CpaInstanceHandle instanceHandle_in)
19578ee8d1cSJulian Grajkowski {
19678ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = NULL;
19778ee8d1cSJulian Grajkowski if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) {
19878ee8d1cSJulian Grajkowski instanceHandle =
19978ee8d1cSJulian Grajkowski Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM);
20078ee8d1cSJulian Grajkowski } else {
20178ee8d1cSJulian Grajkowski instanceHandle = instanceHandle_in;
20278ee8d1cSJulian Grajkowski }
20378ee8d1cSJulian Grajkowski return instanceHandle;
20478ee8d1cSJulian Grajkowski }
20578ee8d1cSJulian Grajkowski
20678ee8d1cSJulian Grajkowski /**
20778ee8d1cSJulian Grajkowski *******************************************************************************
20878ee8d1cSJulian Grajkowski * @ingroup LacSymKey
20978ee8d1cSJulian Grajkowski * Perform SSL/TLS key gen operation
21078ee8d1cSJulian Grajkowski *
21178ee8d1cSJulian Grajkowski * @description
21278ee8d1cSJulian Grajkowski * Perform SSL/TLS key gen operation
21378ee8d1cSJulian Grajkowski *
21478ee8d1cSJulian Grajkowski * @param[in] instanceHandle QAT device handle.
21578ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be invoked
21678ee8d1cSJulian Grajkowski * when the operation is complete.
21778ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific call.
21878ee8d1cSJulian Grajkowski * @param[in] lacCmdId Lac command ID (identify SSL & TLS ops)
21978ee8d1cSJulian Grajkowski * @param[in] pKeyGenSslTlsOpData Structure containing all the data needed to
22078ee8d1cSJulian Grajkowski * perform the SSL/TLS key generation
22178ee8d1cSJulian Grajkowski * operation.
22278ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm Specifies the hash algorithm to use.
22378ee8d1cSJulian Grajkowski * According to RFC5246, this should be
22478ee8d1cSJulian Grajkowski * "SHA-256 or a stronger standard hash
22578ee8d1cSJulian Grajkowski * function."
22678ee8d1cSJulian Grajkowski * @param[out] pKeyGenOutputData pointer to where output result should be
22778ee8d1cSJulian Grajkowski * written
22878ee8d1cSJulian Grajkowski *
22978ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully.
23078ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed.
23178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Function should be retried.
23278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in.
23378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources.
23478ee8d1cSJulian Grajkowski *
23578ee8d1cSJulian Grajkowski *****************************************************************************/
23678ee8d1cSJulian Grajkowski static CpaStatus
23778ee8d1cSJulian Grajkowski LacSymKey_KeyGenSslTls_GenCommon(CpaInstanceHandle instanceHandle,
23878ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
23978ee8d1cSJulian Grajkowski void *pCallbackTag,
24078ee8d1cSJulian Grajkowski icp_qat_fw_la_cmd_id_t lacCmdId,
24178ee8d1cSJulian Grajkowski void *pKeyGenSslTlsOpData,
24278ee8d1cSJulian Grajkowski Cpa8U hashAlgorithm,
24378ee8d1cSJulian Grajkowski CpaFlatBuffer *pKeyGenOutputData);
24478ee8d1cSJulian Grajkowski
24578ee8d1cSJulian Grajkowski /**
24678ee8d1cSJulian Grajkowski ******************************************************************************
24778ee8d1cSJulian Grajkowski * @ingroup LacSymKey
24878ee8d1cSJulian Grajkowski * Increment stat for TLS or SSL operation
24978ee8d1cSJulian Grajkowski *
25078ee8d1cSJulian Grajkowski * @description
25178ee8d1cSJulian Grajkowski * This is a generic function to update the stats for either a TLS or SSL
25278ee8d1cSJulian Grajkowski * operation.
25378ee8d1cSJulian Grajkowski *
25478ee8d1cSJulian Grajkowski * @param[in] lacCmdId Indicate SSL or TLS operations
25578ee8d1cSJulian Grajkowski * @param[in] statType Statistics Type
25678ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance Handle
25778ee8d1cSJulian Grajkowski *
25878ee8d1cSJulian Grajkowski * @return None
25978ee8d1cSJulian Grajkowski *
26078ee8d1cSJulian Grajkowski *****************************************************************************/
26178ee8d1cSJulian Grajkowski static void
LacKey_StatsInc(icp_qat_fw_la_cmd_id_t lacCmdId,lac_key_stat_type_t statType,CpaInstanceHandle instanceHandle)26278ee8d1cSJulian Grajkowski LacKey_StatsInc(icp_qat_fw_la_cmd_id_t lacCmdId,
26378ee8d1cSJulian Grajkowski lac_key_stat_type_t statType,
26478ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle)
26578ee8d1cSJulian Grajkowski {
26678ee8d1cSJulian Grajkowski if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) {
26778ee8d1cSJulian Grajkowski switch (statType) {
26878ee8d1cSJulian Grajkowski case LAC_KEY_REQUESTS:
26978ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numSslKeyGenRequests, instanceHandle);
27078ee8d1cSJulian Grajkowski break;
27178ee8d1cSJulian Grajkowski case LAC_KEY_REQUEST_ERRORS:
27278ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numSslKeyGenRequestErrors,
27378ee8d1cSJulian Grajkowski instanceHandle);
27478ee8d1cSJulian Grajkowski break;
27578ee8d1cSJulian Grajkowski case LAC_KEY_COMPLETED:
27678ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numSslKeyGenCompleted, instanceHandle);
27778ee8d1cSJulian Grajkowski break;
27878ee8d1cSJulian Grajkowski case LAC_KEY_COMPLETED_ERRORS:
27978ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numSslKeyGenCompletedErrors,
28078ee8d1cSJulian Grajkowski instanceHandle);
28178ee8d1cSJulian Grajkowski break;
28278ee8d1cSJulian Grajkowski default:
28378ee8d1cSJulian Grajkowski QAT_UTILS_LOG("Invalid statistics type\n");
28478ee8d1cSJulian Grajkowski break;
28578ee8d1cSJulian Grajkowski }
28678ee8d1cSJulian Grajkowski } else /* TLS v1.0/1.1 and 1.2 */
28778ee8d1cSJulian Grajkowski {
28878ee8d1cSJulian Grajkowski switch (statType) {
28978ee8d1cSJulian Grajkowski case LAC_KEY_REQUESTS:
29078ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numTlsKeyGenRequests, instanceHandle);
29178ee8d1cSJulian Grajkowski break;
29278ee8d1cSJulian Grajkowski case LAC_KEY_REQUEST_ERRORS:
29378ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numTlsKeyGenRequestErrors,
29478ee8d1cSJulian Grajkowski instanceHandle);
29578ee8d1cSJulian Grajkowski break;
29678ee8d1cSJulian Grajkowski case LAC_KEY_COMPLETED:
29778ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numTlsKeyGenCompleted, instanceHandle);
29878ee8d1cSJulian Grajkowski break;
29978ee8d1cSJulian Grajkowski case LAC_KEY_COMPLETED_ERRORS:
30078ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numTlsKeyGenCompletedErrors,
30178ee8d1cSJulian Grajkowski instanceHandle);
30278ee8d1cSJulian Grajkowski break;
30378ee8d1cSJulian Grajkowski default:
30478ee8d1cSJulian Grajkowski QAT_UTILS_LOG("Invalid statistics type\n");
30578ee8d1cSJulian Grajkowski break;
30678ee8d1cSJulian Grajkowski }
30778ee8d1cSJulian Grajkowski }
30878ee8d1cSJulian Grajkowski }
30978ee8d1cSJulian Grajkowski
31078ee8d1cSJulian Grajkowski void
LacKeygen_StatsShow(CpaInstanceHandle instanceHandle)31178ee8d1cSJulian Grajkowski LacKeygen_StatsShow(CpaInstanceHandle instanceHandle)
31278ee8d1cSJulian Grajkowski {
31378ee8d1cSJulian Grajkowski CpaCyKeyGenStats64 keyStats = { 0 };
31478ee8d1cSJulian Grajkowski
31578ee8d1cSJulian Grajkowski LAC_KEY_STATS64_GET(keyStats, instanceHandle);
31678ee8d1cSJulian Grajkowski
31778ee8d1cSJulian Grajkowski QAT_UTILS_LOG(SEPARATOR BORDER
31878ee8d1cSJulian Grajkowski " Key Stats: " BORDER
31978ee8d1cSJulian Grajkowski "\n" SEPARATOR);
32078ee8d1cSJulian Grajkowski
32178ee8d1cSJulian Grajkowski QAT_UTILS_LOG(BORDER " SSL Key Requests: %16llu " BORDER
32278ee8d1cSJulian Grajkowski "\n" BORDER
32378ee8d1cSJulian Grajkowski " SSL Key Request Errors: %16llu " BORDER
32478ee8d1cSJulian Grajkowski "\n" BORDER
32578ee8d1cSJulian Grajkowski " SSL Key Completed %16llu " BORDER
32678ee8d1cSJulian Grajkowski "\n" BORDER
32778ee8d1cSJulian Grajkowski " SSL Key Complete Errors: %16llu " BORDER
32878ee8d1cSJulian Grajkowski "\n" SEPARATOR,
32978ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numSslKeyGenRequests,
33078ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numSslKeyGenRequestErrors,
33178ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numSslKeyGenCompleted,
33278ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numSslKeyGenCompletedErrors);
33378ee8d1cSJulian Grajkowski
33478ee8d1cSJulian Grajkowski QAT_UTILS_LOG(BORDER " TLS Key Requests: %16llu " BORDER
33578ee8d1cSJulian Grajkowski "\n" BORDER
33678ee8d1cSJulian Grajkowski " TLS Key Request Errors: %16llu " BORDER
33778ee8d1cSJulian Grajkowski "\n" BORDER
33878ee8d1cSJulian Grajkowski " TLS Key Completed %16llu " BORDER
33978ee8d1cSJulian Grajkowski "\n" BORDER
34078ee8d1cSJulian Grajkowski " TLS Key Complete Errors: %16llu " BORDER
34178ee8d1cSJulian Grajkowski "\n" SEPARATOR,
34278ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numTlsKeyGenRequests,
34378ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numTlsKeyGenRequestErrors,
34478ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numTlsKeyGenCompleted,
34578ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numTlsKeyGenCompletedErrors);
34678ee8d1cSJulian Grajkowski
34778ee8d1cSJulian Grajkowski QAT_UTILS_LOG(BORDER " MGF Key Requests: %16llu " BORDER
34878ee8d1cSJulian Grajkowski "\n" BORDER
34978ee8d1cSJulian Grajkowski " MGF Key Request Errors: %16llu " BORDER
35078ee8d1cSJulian Grajkowski "\n" BORDER
35178ee8d1cSJulian Grajkowski " MGF Key Completed %16llu " BORDER
35278ee8d1cSJulian Grajkowski "\n" BORDER
35378ee8d1cSJulian Grajkowski " MGF Key Complete Errors: %16llu " BORDER
35478ee8d1cSJulian Grajkowski "\n" SEPARATOR,
35578ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numMgfKeyGenRequests,
35678ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numMgfKeyGenRequestErrors,
35778ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numMgfKeyGenCompleted,
35878ee8d1cSJulian Grajkowski (unsigned long long)keyStats.numMgfKeyGenCompletedErrors);
35978ee8d1cSJulian Grajkowski }
36078ee8d1cSJulian Grajkowski
36178ee8d1cSJulian Grajkowski /** @ingroup LacSymKey */
36278ee8d1cSJulian Grajkowski CpaStatus
cpaCyKeyGenQueryStats(CpaInstanceHandle instanceHandle_in,struct _CpaCyKeyGenStats * pSymKeyStats)36378ee8d1cSJulian Grajkowski cpaCyKeyGenQueryStats(CpaInstanceHandle instanceHandle_in,
36478ee8d1cSJulian Grajkowski struct _CpaCyKeyGenStats *pSymKeyStats)
36578ee8d1cSJulian Grajkowski {
36678ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = NULL;
36778ee8d1cSJulian Grajkowski
36878ee8d1cSJulian Grajkowski
36978ee8d1cSJulian Grajkowski if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) {
37078ee8d1cSJulian Grajkowski instanceHandle =
37178ee8d1cSJulian Grajkowski Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM);
37278ee8d1cSJulian Grajkowski } else {
37378ee8d1cSJulian Grajkowski instanceHandle = instanceHandle_in;
37478ee8d1cSJulian Grajkowski }
37578ee8d1cSJulian Grajkowski
37678ee8d1cSJulian Grajkowski LAC_CHECK_INSTANCE_HANDLE(instanceHandle);
37778ee8d1cSJulian Grajkowski SAL_CHECK_INSTANCE_TYPE(instanceHandle,
37878ee8d1cSJulian Grajkowski (SAL_SERVICE_TYPE_CRYPTO |
37978ee8d1cSJulian Grajkowski SAL_SERVICE_TYPE_CRYPTO_SYM));
38078ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pSymKeyStats);
38178ee8d1cSJulian Grajkowski
38278ee8d1cSJulian Grajkowski SAL_RUNNING_CHECK(instanceHandle);
38378ee8d1cSJulian Grajkowski
38478ee8d1cSJulian Grajkowski LAC_KEY_STATS32_GET(*pSymKeyStats, instanceHandle);
38578ee8d1cSJulian Grajkowski
38678ee8d1cSJulian Grajkowski return CPA_STATUS_SUCCESS;
38778ee8d1cSJulian Grajkowski }
38878ee8d1cSJulian Grajkowski
38978ee8d1cSJulian Grajkowski /** @ingroup LacSymKey */
39078ee8d1cSJulian Grajkowski CpaStatus
cpaCyKeyGenQueryStats64(CpaInstanceHandle instanceHandle_in,CpaCyKeyGenStats64 * pSymKeyStats)39178ee8d1cSJulian Grajkowski cpaCyKeyGenQueryStats64(CpaInstanceHandle instanceHandle_in,
39278ee8d1cSJulian Grajkowski CpaCyKeyGenStats64 *pSymKeyStats)
39378ee8d1cSJulian Grajkowski {
39478ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = NULL;
39578ee8d1cSJulian Grajkowski
39678ee8d1cSJulian Grajkowski
39778ee8d1cSJulian Grajkowski if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) {
39878ee8d1cSJulian Grajkowski instanceHandle =
39978ee8d1cSJulian Grajkowski Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM);
40078ee8d1cSJulian Grajkowski } else {
40178ee8d1cSJulian Grajkowski instanceHandle = instanceHandle_in;
40278ee8d1cSJulian Grajkowski }
40378ee8d1cSJulian Grajkowski
40478ee8d1cSJulian Grajkowski LAC_CHECK_INSTANCE_HANDLE(instanceHandle);
40578ee8d1cSJulian Grajkowski SAL_CHECK_INSTANCE_TYPE(instanceHandle,
40678ee8d1cSJulian Grajkowski (SAL_SERVICE_TYPE_CRYPTO |
40778ee8d1cSJulian Grajkowski SAL_SERVICE_TYPE_CRYPTO_SYM));
40878ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pSymKeyStats);
40978ee8d1cSJulian Grajkowski
41078ee8d1cSJulian Grajkowski SAL_RUNNING_CHECK(instanceHandle);
41178ee8d1cSJulian Grajkowski
41278ee8d1cSJulian Grajkowski LAC_KEY_STATS64_GET(*pSymKeyStats, instanceHandle);
41378ee8d1cSJulian Grajkowski
41478ee8d1cSJulian Grajkowski return CPA_STATUS_SUCCESS;
41578ee8d1cSJulian Grajkowski }
41678ee8d1cSJulian Grajkowski
41778ee8d1cSJulian Grajkowski /**
41878ee8d1cSJulian Grajkowski ******************************************************************************
41978ee8d1cSJulian Grajkowski * @ingroup LacSymKey
42078ee8d1cSJulian Grajkowski * Return the size of the digest for a specific hash algorithm.
42178ee8d1cSJulian Grajkowski * @description
42278ee8d1cSJulian Grajkowski * Return the expected digest size based on the sha algorithm submitted.
42378ee8d1cSJulian Grajkowski * The only supported value are sha256, sha384 and sha512.
42478ee8d1cSJulian Grajkowski *
42578ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm either sha256, sha384 or sha512.
42678ee8d1cSJulian Grajkowski * @return the expected size or 0 for an invalid hash.
42778ee8d1cSJulian Grajkowski *
42878ee8d1cSJulian Grajkowski *****************************************************************************/
42978ee8d1cSJulian Grajkowski static Cpa32U
getDigestSizeFromHashAlgo(CpaCySymHashAlgorithm hashAlgorithm)43078ee8d1cSJulian Grajkowski getDigestSizeFromHashAlgo(CpaCySymHashAlgorithm hashAlgorithm)
43178ee8d1cSJulian Grajkowski {
43278ee8d1cSJulian Grajkowski switch (hashAlgorithm) {
43378ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA256:
43478ee8d1cSJulian Grajkowski return LAC_HASH_SHA256_DIGEST_SIZE;
43578ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA384:
43678ee8d1cSJulian Grajkowski return LAC_HASH_SHA384_DIGEST_SIZE;
43778ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA512:
43878ee8d1cSJulian Grajkowski return LAC_HASH_SHA512_DIGEST_SIZE;
43978ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SM3:
44078ee8d1cSJulian Grajkowski return LAC_HASH_SM3_DIGEST_SIZE;
44178ee8d1cSJulian Grajkowski default:
44278ee8d1cSJulian Grajkowski return 0;
44378ee8d1cSJulian Grajkowski }
44478ee8d1cSJulian Grajkowski }
44578ee8d1cSJulian Grajkowski
44678ee8d1cSJulian Grajkowski /**
44778ee8d1cSJulian Grajkowski ******************************************************************************
44878ee8d1cSJulian Grajkowski * @ingroup LacSymKey
44978ee8d1cSJulian Grajkowski * Return the hash algorithm for a specific cipher.
45078ee8d1cSJulian Grajkowski * @description
45178ee8d1cSJulian Grajkowski * Return the hash algorithm related to the cipher suite.
45278ee8d1cSJulian Grajkowski * Supported hash's are SHA256, and SHA384.
45378ee8d1cSJulian Grajkowski *
45478ee8d1cSJulian Grajkowski * @param[in] cipherSuite AES_128_GCM, AES_256_GCM, AES_128_CCM,
45578ee8d1cSJulian Grajkowski * and CHACHA20_POLY1305.
45678ee8d1cSJulian Grajkowski * @return the expected hash algorithm or 0 for an invalid cipher.
45778ee8d1cSJulian Grajkowski *
45878ee8d1cSJulian Grajkowski *****************************************************************************/
45978ee8d1cSJulian Grajkowski static CpaCySymHashAlgorithm
getHashAlgorithmFromCipherSuiteHKDF(CpaCyKeyHKDFCipherSuite cipherSuite)46078ee8d1cSJulian Grajkowski getHashAlgorithmFromCipherSuiteHKDF(CpaCyKeyHKDFCipherSuite cipherSuite)
46178ee8d1cSJulian Grajkowski {
46278ee8d1cSJulian Grajkowski switch (cipherSuite) {
46378ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_AES_128_GCM_SHA256: /* Fall through */
46478ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_CHACHA20_POLY1305_SHA256:
46578ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_AES_128_CCM_SHA256:
46678ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_AES_128_CCM_8_SHA256:
46778ee8d1cSJulian Grajkowski return CPA_CY_SYM_HASH_SHA256;
46878ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_AES_256_GCM_SHA384:
46978ee8d1cSJulian Grajkowski return CPA_CY_SYM_HASH_SHA384;
47078ee8d1cSJulian Grajkowski default:
47178ee8d1cSJulian Grajkowski return 0;
47278ee8d1cSJulian Grajkowski }
47378ee8d1cSJulian Grajkowski }
47478ee8d1cSJulian Grajkowski
47578ee8d1cSJulian Grajkowski /**
47678ee8d1cSJulian Grajkowski ******************************************************************************
47778ee8d1cSJulian Grajkowski * @ingroup LacSymKey
47878ee8d1cSJulian Grajkowski * Return the digest size of cipher.
47978ee8d1cSJulian Grajkowski * @description
48078ee8d1cSJulian Grajkowski * Return the output key size of specific cipher, for specified sub label
48178ee8d1cSJulian Grajkowski *
48278ee8d1cSJulian Grajkowski * @param[in] cipherSuite = AES_128_GCM, AES_256_GCM, AES_128_CCM,
48378ee8d1cSJulian Grajkowski * and CHACHA20_POLY1305.
48478ee8d1cSJulian Grajkowski * subLabels = KEY, IV, RESUMPTION, and FINISHED.
48578ee8d1cSJulian Grajkowski * @return the expected digest size of the cipher.
48678ee8d1cSJulian Grajkowski *
48778ee8d1cSJulian Grajkowski *****************************************************************************/
48878ee8d1cSJulian Grajkowski static const Cpa32U cipherSuiteHKDFHashSizes
48978ee8d1cSJulian Grajkowski [LAC_KEY_HKDF_CIPHERS_MAX][LAC_KEY_HKDF_SUBLABELS_MAX] = {
49078ee8d1cSJulian Grajkowski {}, /* Not used */
49178ee8d1cSJulian Grajkowski { 32, 16, 12, 32, 32 }, /* AES_128_GCM_SHA256 */
49278ee8d1cSJulian Grajkowski { 48, 32, 12, 48, 48 }, /* AES_256_GCM_SHA384 */
49378ee8d1cSJulian Grajkowski { 32, 32, 12, 32, 32 }, /* CHACHA20_POLY1305_SHA256 */
49478ee8d1cSJulian Grajkowski { 32, 16, 12, 32, 32 }, /* AES_128_CCM_SHA256 */
49578ee8d1cSJulian Grajkowski { 32, 16, 12, 32, 32 } /* AES_128_CCM_8_SHA256 */
49678ee8d1cSJulian Grajkowski };
49778ee8d1cSJulian Grajkowski
49878ee8d1cSJulian Grajkowski /**
49978ee8d1cSJulian Grajkowski ******************************************************************************
50078ee8d1cSJulian Grajkowski * @ingroup LacSymKey
50178ee8d1cSJulian Grajkowski * Key Generation MGF response handler
50278ee8d1cSJulian Grajkowski *
50378ee8d1cSJulian Grajkowski * @description
50478ee8d1cSJulian Grajkowski * Handles Key Generation MGF response messages from the QAT.
50578ee8d1cSJulian Grajkowski *
50678ee8d1cSJulian Grajkowski * @param[in] lacCmdId Command id of the original request
50778ee8d1cSJulian Grajkowski * @param[in] pOpaqueData Pointer to opaque data that was in request
50878ee8d1cSJulian Grajkowski * @param[in] cmnRespFlags Indicates whether request succeeded
50978ee8d1cSJulian Grajkowski *
51078ee8d1cSJulian Grajkowski * @return void
51178ee8d1cSJulian Grajkowski *
51278ee8d1cSJulian Grajkowski *****************************************************************************/
51378ee8d1cSJulian Grajkowski static void
LacSymKey_MgfHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId,void * pOpaqueData,icp_qat_fw_comn_flags cmnRespFlags)51478ee8d1cSJulian Grajkowski LacSymKey_MgfHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId,
51578ee8d1cSJulian Grajkowski void *pOpaqueData,
51678ee8d1cSJulian Grajkowski icp_qat_fw_comn_flags cmnRespFlags)
51778ee8d1cSJulian Grajkowski {
51878ee8d1cSJulian Grajkowski CpaCyKeyGenMgfOpData *pMgfOpData = NULL;
51978ee8d1cSJulian Grajkowski lac_sym_key_cookie_t *pCookie = NULL;
52078ee8d1cSJulian Grajkowski CpaCyGenFlatBufCbFunc pKeyGenMgfCb = NULL;
52178ee8d1cSJulian Grajkowski void *pCallbackTag = NULL;
52278ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer = NULL;
52378ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
52478ee8d1cSJulian Grajkowski CpaBoolean respStatusOk =
52578ee8d1cSJulian Grajkowski (ICP_QAT_FW_COMN_STATUS_FLAG_OK ==
52678ee8d1cSJulian Grajkowski ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(cmnRespFlags)) ?
52778ee8d1cSJulian Grajkowski CPA_TRUE :
52878ee8d1cSJulian Grajkowski CPA_FALSE;
52978ee8d1cSJulian Grajkowski
53078ee8d1cSJulian Grajkowski pCookie = (lac_sym_key_cookie_t *)pOpaqueData;
53178ee8d1cSJulian Grajkowski
53278ee8d1cSJulian Grajkowski if (CPA_TRUE == respStatusOk) {
53378ee8d1cSJulian Grajkowski status = CPA_STATUS_SUCCESS;
53478ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numMgfKeyGenCompleted,
53578ee8d1cSJulian Grajkowski pCookie->instanceHandle);
53678ee8d1cSJulian Grajkowski } else {
53778ee8d1cSJulian Grajkowski status = CPA_STATUS_FAIL;
53878ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numMgfKeyGenCompletedErrors,
53978ee8d1cSJulian Grajkowski pCookie->instanceHandle);
54078ee8d1cSJulian Grajkowski }
54178ee8d1cSJulian Grajkowski
54278ee8d1cSJulian Grajkowski pKeyGenMgfCb = (CpaCyGenFlatBufCbFunc)(pCookie->pKeyGenCb);
54378ee8d1cSJulian Grajkowski
54478ee8d1cSJulian Grajkowski pMgfOpData = pCookie->pKeyGenOpData;
54578ee8d1cSJulian Grajkowski pCallbackTag = pCookie->pCallbackTag;
54678ee8d1cSJulian Grajkowski pGeneratedKeyBuffer = pCookie->pKeyGenOutputData;
54778ee8d1cSJulian Grajkowski
54878ee8d1cSJulian Grajkowski Lac_MemPoolEntryFree(pCookie);
54978ee8d1cSJulian Grajkowski
55078ee8d1cSJulian Grajkowski (*pKeyGenMgfCb)(pCallbackTag, status, pMgfOpData, pGeneratedKeyBuffer);
55178ee8d1cSJulian Grajkowski }
55278ee8d1cSJulian Grajkowski
55378ee8d1cSJulian Grajkowski /**
55478ee8d1cSJulian Grajkowski ******************************************************************************
55578ee8d1cSJulian Grajkowski * @ingroup LacSymKey
55678ee8d1cSJulian Grajkowski * Synchronous mode of operation wrapper function
55778ee8d1cSJulian Grajkowski *
55878ee8d1cSJulian Grajkowski * @description
55978ee8d1cSJulian Grajkowski * Wrapper function to implement synchronous mode of operation for
56078ee8d1cSJulian Grajkowski * cpaCyKeyGenMgf and cpaCyKeyGenMgfExt function.
56178ee8d1cSJulian Grajkowski *
56278ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle
56378ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Internal callback function pointer
56478ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Callback tag
56578ee8d1cSJulian Grajkowski * @param[in] pKeyGenMgfOpData Pointer to user provided Op Data structure
56678ee8d1cSJulian Grajkowski * @param[in] pGeneratedMaskBuffer Pointer to a buffer where generated mask
56778ee8d1cSJulian Grajkowski * will be stored
56878ee8d1cSJulian Grajkowski * @param[in] bIsExtRequest Indicates origin of function call;
56978ee8d1cSJulian Grajkowski * if CPA_TRUE then the call comes from
57078ee8d1cSJulian Grajkowski * cpaCyKeyGenMgfExt function, otherwise
57178ee8d1cSJulian Grajkowski * from cpaCyKeyGenMgf
57278ee8d1cSJulian Grajkowski *
57378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully.
57478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed.
57578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Function should be retried.
57678ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in.
57778ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources.
57878ee8d1cSJulian Grajkowski *
57978ee8d1cSJulian Grajkowski *****************************************************************************/
58078ee8d1cSJulian Grajkowski static CpaStatus
LacSymKey_MgfSync(const CpaInstanceHandle instanceHandle,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const void * pKeyGenMgfOpData,CpaFlatBuffer * pGeneratedMaskBuffer,CpaBoolean bIsExtRequest)58178ee8d1cSJulian Grajkowski LacSymKey_MgfSync(const CpaInstanceHandle instanceHandle,
58278ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
58378ee8d1cSJulian Grajkowski void *pCallbackTag,
58478ee8d1cSJulian Grajkowski const void *pKeyGenMgfOpData,
58578ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedMaskBuffer,
58678ee8d1cSJulian Grajkowski CpaBoolean bIsExtRequest)
58778ee8d1cSJulian Grajkowski {
58878ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
58978ee8d1cSJulian Grajkowski
59078ee8d1cSJulian Grajkowski lac_sync_op_data_t *pSyncCallbackData = NULL;
59178ee8d1cSJulian Grajkowski
59278ee8d1cSJulian Grajkowski status = LacSync_CreateSyncCookie(&pSyncCallbackData);
59378ee8d1cSJulian Grajkowski
59478ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
59578ee8d1cSJulian Grajkowski if (CPA_TRUE == bIsExtRequest) {
59678ee8d1cSJulian Grajkowski status = cpaCyKeyGenMgfExt(
59778ee8d1cSJulian Grajkowski instanceHandle,
59878ee8d1cSJulian Grajkowski LacSync_GenFlatBufCb,
59978ee8d1cSJulian Grajkowski pSyncCallbackData,
60078ee8d1cSJulian Grajkowski (const CpaCyKeyGenMgfOpDataExt *)pKeyGenMgfOpData,
60178ee8d1cSJulian Grajkowski pGeneratedMaskBuffer);
60278ee8d1cSJulian Grajkowski } else {
60378ee8d1cSJulian Grajkowski status = cpaCyKeyGenMgf(instanceHandle,
60478ee8d1cSJulian Grajkowski LacSync_GenFlatBufCb,
60578ee8d1cSJulian Grajkowski pSyncCallbackData,
60678ee8d1cSJulian Grajkowski (const CpaCyKeyGenMgfOpData *)
60778ee8d1cSJulian Grajkowski pKeyGenMgfOpData,
60878ee8d1cSJulian Grajkowski pGeneratedMaskBuffer);
60978ee8d1cSJulian Grajkowski }
61078ee8d1cSJulian Grajkowski } else {
61178ee8d1cSJulian Grajkowski /* Failure allocating sync cookie */
61278ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numMgfKeyGenRequestErrors, instanceHandle);
61378ee8d1cSJulian Grajkowski return status;
61478ee8d1cSJulian Grajkowski }
61578ee8d1cSJulian Grajkowski
61678ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
61778ee8d1cSJulian Grajkowski CpaStatus syncStatus = CPA_STATUS_SUCCESS;
61878ee8d1cSJulian Grajkowski
61978ee8d1cSJulian Grajkowski syncStatus =
62078ee8d1cSJulian Grajkowski LacSync_WaitForCallback(pSyncCallbackData,
62178ee8d1cSJulian Grajkowski LAC_SYM_SYNC_CALLBACK_TIMEOUT,
62278ee8d1cSJulian Grajkowski &status,
62378ee8d1cSJulian Grajkowski NULL);
62478ee8d1cSJulian Grajkowski
62578ee8d1cSJulian Grajkowski /* If callback doesn't come back */
62678ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS != syncStatus) {
62778ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numMgfKeyGenCompletedErrors,
62878ee8d1cSJulian Grajkowski instanceHandle);
62978ee8d1cSJulian Grajkowski LAC_LOG_ERROR("Callback timed out");
63078ee8d1cSJulian Grajkowski status = syncStatus;
63178ee8d1cSJulian Grajkowski }
63278ee8d1cSJulian Grajkowski } else {
63378ee8d1cSJulian Grajkowski /* As the Request was not sent the Callback will never
63478ee8d1cSJulian Grajkowski * be called, so need to indicate that we're finished
63578ee8d1cSJulian Grajkowski * with cookie so it can be destroyed.
63678ee8d1cSJulian Grajkowski */
63778ee8d1cSJulian Grajkowski LacSync_SetSyncCookieComplete(pSyncCallbackData);
63878ee8d1cSJulian Grajkowski }
63978ee8d1cSJulian Grajkowski
64078ee8d1cSJulian Grajkowski LacSync_DestroySyncCookie(&pSyncCallbackData);
64178ee8d1cSJulian Grajkowski
64278ee8d1cSJulian Grajkowski return status;
64378ee8d1cSJulian Grajkowski }
64478ee8d1cSJulian Grajkowski
64578ee8d1cSJulian Grajkowski /**
64678ee8d1cSJulian Grajkowski ******************************************************************************
64778ee8d1cSJulian Grajkowski * @ingroup LacSymKey
64878ee8d1cSJulian Grajkowski * Perform MGF key gen operation
64978ee8d1cSJulian Grajkowski *
65078ee8d1cSJulian Grajkowski * @description
65178ee8d1cSJulian Grajkowski * This function performs MGF key gen operation. It is common for requests
65278ee8d1cSJulian Grajkowski * coming from both cpaCyKeyGenMgf and cpaCyKeyGenMgfExt QAT API
65378ee8d1cSJulian Grajkowski * functions.
65478ee8d1cSJulian Grajkowski *
65578ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle
65678ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be invoked
65778ee8d1cSJulian Grajkowski * when the operation is complete.
65878ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific call.
65978ee8d1cSJulian Grajkowski * @param[in] pOpData Pointer to the Op Data structure provided by
66078ee8d1cSJulian Grajkowski * the user in API function call. For calls
66178ee8d1cSJulian Grajkowski * originating from cpaCyKeyGenMgfExt it will
66278ee8d1cSJulian Grajkowski * point to CpaCyKeyGenMgfOpDataExt type of
66378ee8d1cSJulian Grajkowski * structure while for calls originating from
66478ee8d1cSJulian Grajkowski * cpaCyKeyGenMgf it will point to
66578ee8d1cSJulian Grajkowski * CpaCyKeyGenMgfOpData type of structure.
66678ee8d1cSJulian Grajkowski * @param[in] pKeyGenMgfOpData Pointer to the user provided
66778ee8d1cSJulian Grajkowski * CpaCyKeyGenMgfOpData structure. For calls
66878ee8d1cSJulian Grajkowski * originating from cpaCyKeyGenMgf it will
66978ee8d1cSJulian Grajkowski * point to the same structure as pOpData
67078ee8d1cSJulian Grajkowski * parameter; for calls originating from
67178ee8d1cSJulian Grajkowski * cpaCyKeyGenMgfExt it will point to the
67278ee8d1cSJulian Grajkowski * baseOpData member of the
67378ee8d1cSJulian Grajkowski * CpaCyKeyGenMgfOpDataExt structure passed in
67478ee8d1cSJulian Grajkowski * as a parameter to the API function call.
67578ee8d1cSJulian Grajkowski * @param[in] pGeneratedMaskBuffer Pointer to a buffer where generated mask
67678ee8d1cSJulian Grajkowski * will be stored
67778ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm Indicates which hash algorithm is to be used
67878ee8d1cSJulian Grajkowski * to perform MGF key gen operation. For calls
67978ee8d1cSJulian Grajkowski * originating from cpaCyKeyGenMgf it will
68078ee8d1cSJulian Grajkowski * always be CPA_CY_SYM_HASH_SHA1.
68178ee8d1cSJulian Grajkowski *
68278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully.
68378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed.
68478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Function should be retried.
68578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in.
68678ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources.
68778ee8d1cSJulian Grajkowski *
68878ee8d1cSJulian Grajkowski *****************************************************************************/
68978ee8d1cSJulian Grajkowski static CpaStatus
LacSymKey_MgfCommon(const CpaInstanceHandle instanceHandle,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const void * pOpData,const CpaCyKeyGenMgfOpData * pKeyGenMgfOpData,CpaFlatBuffer * pGeneratedMaskBuffer,CpaCySymHashAlgorithm hashAlgorithm)69078ee8d1cSJulian Grajkowski LacSymKey_MgfCommon(const CpaInstanceHandle instanceHandle,
69178ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
69278ee8d1cSJulian Grajkowski void *pCallbackTag,
69378ee8d1cSJulian Grajkowski const void *pOpData,
69478ee8d1cSJulian Grajkowski const CpaCyKeyGenMgfOpData *pKeyGenMgfOpData,
69578ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedMaskBuffer,
69678ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm hashAlgorithm)
69778ee8d1cSJulian Grajkowski {
69878ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
69978ee8d1cSJulian Grajkowski
70078ee8d1cSJulian Grajkowski icp_qat_fw_la_bulk_req_t keyGenReq = { { 0 } };
70178ee8d1cSJulian Grajkowski icp_qat_la_bulk_req_hdr_t keyGenReqHdr = { { 0 } };
70278ee8d1cSJulian Grajkowski icp_qat_fw_la_key_gen_common_t keyGenReqMid = { { 0 } };
70378ee8d1cSJulian Grajkowski icp_qat_la_bulk_req_ftr_t keyGenReqFtr = { { { 0 } } };
70478ee8d1cSJulian Grajkowski Cpa8U *pMsgDummy = NULL;
70578ee8d1cSJulian Grajkowski Cpa8U *pCacheDummyHdr = NULL;
70678ee8d1cSJulian Grajkowski Cpa8U *pCacheDummyMid = NULL;
70778ee8d1cSJulian Grajkowski Cpa8U *pCacheDummyFtr = NULL;
70878ee8d1cSJulian Grajkowski sal_qat_content_desc_info_t contentDescInfo = { 0 };
70978ee8d1cSJulian Grajkowski lac_sym_key_cookie_t *pCookie = NULL;
71078ee8d1cSJulian Grajkowski lac_sym_cookie_t *pSymCookie = NULL;
71178ee8d1cSJulian Grajkowski sal_crypto_service_t *pService = NULL;
71278ee8d1cSJulian Grajkowski Cpa64U inputPhysAddr = 0;
71378ee8d1cSJulian Grajkowski Cpa64U outputPhysAddr = 0;
71478ee8d1cSJulian Grajkowski /* Structure initializer is supported by C99, but it is
71578ee8d1cSJulian Grajkowski * not supported by some former Intel compiler.
71678ee8d1cSJulian Grajkowski */
71778ee8d1cSJulian Grajkowski CpaCySymHashSetupData hashSetupData = { 0 };
71878ee8d1cSJulian Grajkowski Cpa32U hashBlkSizeInBytes = 0;
71978ee8d1cSJulian Grajkowski lac_sym_qat_hash_alg_info_t *pHashAlgInfo = NULL;
72078ee8d1cSJulian Grajkowski icp_qat_fw_serv_specif_flags laCmdFlags = 0;
72178ee8d1cSJulian Grajkowski icp_qat_fw_comn_flags cmnRequestFlags =
72278ee8d1cSJulian Grajkowski ICP_QAT_FW_COMN_FLAGS_BUILD(QAT_COMN_PTR_TYPE_FLAT,
72378ee8d1cSJulian Grajkowski QAT_COMN_CD_FLD_TYPE_64BIT_ADR);
72478ee8d1cSJulian Grajkowski
72578ee8d1cSJulian Grajkowski pService = (sal_crypto_service_t *)instanceHandle;
72678ee8d1cSJulian Grajkowski LAC_CHECK_INSTANCE_HANDLE(instanceHandle);
72778ee8d1cSJulian Grajkowski SAL_CHECK_INSTANCE_TYPE(instanceHandle,
72878ee8d1cSJulian Grajkowski (SAL_SERVICE_TYPE_CRYPTO |
72978ee8d1cSJulian Grajkowski SAL_SERVICE_TYPE_CRYPTO_SYM));
73078ee8d1cSJulian Grajkowski
73178ee8d1cSJulian Grajkowski SAL_RUNNING_CHECK(instanceHandle);
73278ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pOpData);
73378ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pKeyGenMgfOpData);
73478ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pGeneratedMaskBuffer);
73578ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pGeneratedMaskBuffer->pData);
73678ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pKeyGenMgfOpData->seedBuffer.pData);
73778ee8d1cSJulian Grajkowski
73878ee8d1cSJulian Grajkowski /* Maximum seed length for MGF1 request */
73978ee8d1cSJulian Grajkowski if (pKeyGenMgfOpData->seedBuffer.dataLenInBytes >
74078ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_MGF_SEED_LEN_MAX) {
74178ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("seedBuffer.dataLenInBytes");
74278ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
74378ee8d1cSJulian Grajkowski }
74478ee8d1cSJulian Grajkowski
74578ee8d1cSJulian Grajkowski /* Maximum mask length for MGF1 request */
74678ee8d1cSJulian Grajkowski if (pKeyGenMgfOpData->maskLenInBytes > ICP_QAT_FW_LA_MGF_MASK_LEN_MAX) {
74778ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("maskLenInBytes");
74878ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
74978ee8d1cSJulian Grajkowski }
75078ee8d1cSJulian Grajkowski
75178ee8d1cSJulian Grajkowski /* check for enough space in the flat buffer */
75278ee8d1cSJulian Grajkowski if (pKeyGenMgfOpData->maskLenInBytes >
75378ee8d1cSJulian Grajkowski pGeneratedMaskBuffer->dataLenInBytes) {
75478ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("pGeneratedMaskBuffer.dataLenInBytes");
75578ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
75678ee8d1cSJulian Grajkowski }
75778ee8d1cSJulian Grajkowski
75878ee8d1cSJulian Grajkowski /* Get hash alg info */
75978ee8d1cSJulian Grajkowski LacSymQat_HashAlgLookupGet(instanceHandle,
76078ee8d1cSJulian Grajkowski hashAlgorithm,
76178ee8d1cSJulian Grajkowski &pHashAlgInfo);
76278ee8d1cSJulian Grajkowski
76378ee8d1cSJulian Grajkowski /* Allocate the cookie */
76478ee8d1cSJulian Grajkowski pCookie = (lac_sym_key_cookie_t *)Lac_MemPoolEntryAlloc(
76578ee8d1cSJulian Grajkowski pService->lac_sym_cookie_pool);
76678ee8d1cSJulian Grajkowski if (NULL == pCookie) {
76778ee8d1cSJulian Grajkowski LAC_LOG_ERROR("Cannot get mem pool entry");
76878ee8d1cSJulian Grajkowski status = CPA_STATUS_RESOURCE;
76978ee8d1cSJulian Grajkowski } else if ((void *)CPA_STATUS_RETRY == pCookie) {
77078ee8d1cSJulian Grajkowski pCookie = NULL;
77178ee8d1cSJulian Grajkowski status = CPA_STATUS_RETRY;
77278ee8d1cSJulian Grajkowski } else {
77378ee8d1cSJulian Grajkowski pSymCookie = (lac_sym_cookie_t *)pCookie;
77478ee8d1cSJulian Grajkowski }
77578ee8d1cSJulian Grajkowski
77678ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
77778ee8d1cSJulian Grajkowski /* populate the cookie */
77878ee8d1cSJulian Grajkowski pCookie->instanceHandle = instanceHandle;
77978ee8d1cSJulian Grajkowski pCookie->pCallbackTag = pCallbackTag;
78078ee8d1cSJulian Grajkowski pCookie->pKeyGenOpData = (void *)LAC_CONST_PTR_CAST(pOpData);
78178ee8d1cSJulian Grajkowski pCookie->pKeyGenCb = pKeyGenCb;
78278ee8d1cSJulian Grajkowski pCookie->pKeyGenOutputData = pGeneratedMaskBuffer;
78378ee8d1cSJulian Grajkowski hashSetupData.hashAlgorithm = hashAlgorithm;
78478ee8d1cSJulian Grajkowski hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_PLAIN;
78578ee8d1cSJulian Grajkowski hashSetupData.digestResultLenInBytes =
78678ee8d1cSJulian Grajkowski pHashAlgInfo->digestLength;
78778ee8d1cSJulian Grajkowski
78878ee8d1cSJulian Grajkowski /* Populate the CD ctrl Block (LW 27 - LW 31)
78978ee8d1cSJulian Grajkowski * and the CD Hash HW setup block
79078ee8d1cSJulian Grajkowski */
79178ee8d1cSJulian Grajkowski LacSymQat_HashContentDescInit(
79278ee8d1cSJulian Grajkowski &(keyGenReqFtr),
79378ee8d1cSJulian Grajkowski instanceHandle,
79478ee8d1cSJulian Grajkowski &hashSetupData,
79578ee8d1cSJulian Grajkowski /* point to base of hw setup block */
79678ee8d1cSJulian Grajkowski (Cpa8U *)pCookie->contentDesc,
79778ee8d1cSJulian Grajkowski LAC_SYM_KEY_NO_HASH_BLK_OFFSET_QW,
79878ee8d1cSJulian Grajkowski ICP_QAT_FW_SLICE_DRAM_WR,
79978ee8d1cSJulian Grajkowski ICP_QAT_HW_AUTH_MODE0, /* just a plain hash */
80078ee8d1cSJulian Grajkowski CPA_FALSE, /* Not using sym Constants Table in Shared SRAM
80178ee8d1cSJulian Grajkowski */
80278ee8d1cSJulian Grajkowski CPA_FALSE, /* not using the optimised Content Desc */
803a977168cSMichal Gulbicki CPA_FALSE, /* Not using the stateful SHA3 Content Desc */
80478ee8d1cSJulian Grajkowski NULL,
80578ee8d1cSJulian Grajkowski &hashBlkSizeInBytes);
80678ee8d1cSJulian Grajkowski
80778ee8d1cSJulian Grajkowski /* Populate the Req param LW 14-26 */
80878ee8d1cSJulian Grajkowski LacSymQat_KeyMgfRequestPopulate(
80978ee8d1cSJulian Grajkowski &keyGenReqHdr,
81078ee8d1cSJulian Grajkowski &keyGenReqMid,
81178ee8d1cSJulian Grajkowski pKeyGenMgfOpData->seedBuffer.dataLenInBytes,
81278ee8d1cSJulian Grajkowski pKeyGenMgfOpData->maskLenInBytes,
81378ee8d1cSJulian Grajkowski (Cpa8U)pHashAlgInfo->digestLength);
81478ee8d1cSJulian Grajkowski
81578ee8d1cSJulian Grajkowski contentDescInfo.pData = pCookie->contentDesc;
81678ee8d1cSJulian Grajkowski contentDescInfo.hardwareSetupBlockPhys =
81778ee8d1cSJulian Grajkowski LAC_MEM_CAST_PTR_TO_UINT64(
81878ee8d1cSJulian Grajkowski pSymCookie->keyContentDescPhyAddr);
81978ee8d1cSJulian Grajkowski contentDescInfo.hwBlkSzQuadWords =
82078ee8d1cSJulian Grajkowski LAC_BYTES_TO_QUADWORDS(hashBlkSizeInBytes);
82178ee8d1cSJulian Grajkowski
82278ee8d1cSJulian Grajkowski /* Populate common request fields */
82378ee8d1cSJulian Grajkowski inputPhysAddr =
82478ee8d1cSJulian Grajkowski LAC_MEM_CAST_PTR_TO_UINT64(LAC_OS_VIRT_TO_PHYS_EXTERNAL(
82578ee8d1cSJulian Grajkowski pService->generic_service_info,
82678ee8d1cSJulian Grajkowski pKeyGenMgfOpData->seedBuffer.pData));
82778ee8d1cSJulian Grajkowski
82878ee8d1cSJulian Grajkowski if (inputPhysAddr == 0) {
82978ee8d1cSJulian Grajkowski LAC_LOG_ERROR(
83078ee8d1cSJulian Grajkowski "Unable to get the seed buffer physical address");
83178ee8d1cSJulian Grajkowski status = CPA_STATUS_FAIL;
83278ee8d1cSJulian Grajkowski }
83378ee8d1cSJulian Grajkowski outputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64(
83478ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_EXTERNAL(pService->generic_service_info,
83578ee8d1cSJulian Grajkowski pGeneratedMaskBuffer->pData));
83678ee8d1cSJulian Grajkowski if (outputPhysAddr == 0) {
83778ee8d1cSJulian Grajkowski LAC_LOG_ERROR(
83878ee8d1cSJulian Grajkowski "Unable to get the physical address of the mask");
83978ee8d1cSJulian Grajkowski status = CPA_STATUS_FAIL;
84078ee8d1cSJulian Grajkowski }
84178ee8d1cSJulian Grajkowski }
84278ee8d1cSJulian Grajkowski
84378ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
84478ee8d1cSJulian Grajkowski /* Make up the full keyGenReq struct from its constituents */
84578ee8d1cSJulian Grajkowski pMsgDummy = (Cpa8U *)&(keyGenReq);
84678ee8d1cSJulian Grajkowski pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr);
84778ee8d1cSJulian Grajkowski pCacheDummyMid = (Cpa8U *)&(keyGenReqMid);
84878ee8d1cSJulian Grajkowski pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr);
84978ee8d1cSJulian Grajkowski
85078ee8d1cSJulian Grajkowski memcpy(pMsgDummy,
85178ee8d1cSJulian Grajkowski pCacheDummyHdr,
85278ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW));
85378ee8d1cSJulian Grajkowski memset((pMsgDummy +
85478ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW)),
85578ee8d1cSJulian Grajkowski 0,
85678ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
85778ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_TO_CLEAR_IN_LW));
85878ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
85978ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_MID_IN_LW),
86078ee8d1cSJulian Grajkowski pCacheDummyMid,
86178ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_MID_IN_LW));
86278ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
86378ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_FTR_IN_LW),
86478ee8d1cSJulian Grajkowski pCacheDummyFtr,
86578ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_FTR_IN_LW));
86678ee8d1cSJulian Grajkowski
86778ee8d1cSJulian Grajkowski SalQatMsg_ContentDescHdrWrite((icp_qat_fw_comn_req_t *)&(
86878ee8d1cSJulian Grajkowski keyGenReq),
86978ee8d1cSJulian Grajkowski &(contentDescInfo));
87078ee8d1cSJulian Grajkowski
87178ee8d1cSJulian Grajkowski SalQatMsg_CmnHdrWrite((icp_qat_fw_comn_req_t *)&keyGenReq,
87278ee8d1cSJulian Grajkowski ICP_QAT_FW_COMN_REQ_CPM_FW_LA,
87378ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_MGF1,
87478ee8d1cSJulian Grajkowski cmnRequestFlags,
87578ee8d1cSJulian Grajkowski laCmdFlags);
87678ee8d1cSJulian Grajkowski
87778ee8d1cSJulian Grajkowski /*
87878ee8d1cSJulian Grajkowski * MGF uses a flat buffer but we can use zero for source and
87978ee8d1cSJulian Grajkowski * dest length because the firmware will use the seed length,
88078ee8d1cSJulian Grajkowski * hash length and mask length to find source length.
88178ee8d1cSJulian Grajkowski */
88278ee8d1cSJulian Grajkowski SalQatMsg_CmnMidWrite((icp_qat_fw_la_bulk_req_t *)&(keyGenReq),
88378ee8d1cSJulian Grajkowski pCookie,
88478ee8d1cSJulian Grajkowski LAC_SYM_KEY_QAT_PTR_TYPE,
88578ee8d1cSJulian Grajkowski inputPhysAddr,
88678ee8d1cSJulian Grajkowski outputPhysAddr,
88778ee8d1cSJulian Grajkowski 0,
88878ee8d1cSJulian Grajkowski 0);
88978ee8d1cSJulian Grajkowski
89078ee8d1cSJulian Grajkowski /* Send to QAT */
89178ee8d1cSJulian Grajkowski status = icp_adf_transPutMsg(pService->trans_handle_sym_tx,
89278ee8d1cSJulian Grajkowski (void *)&(keyGenReq),
89378ee8d1cSJulian Grajkowski LAC_QAT_SYM_REQ_SZ_LW);
89478ee8d1cSJulian Grajkowski }
89578ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
89678ee8d1cSJulian Grajkowski /* Update stats */
89778ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numMgfKeyGenRequests, instanceHandle);
89878ee8d1cSJulian Grajkowski } else {
89978ee8d1cSJulian Grajkowski LAC_KEY_STAT_INC(numMgfKeyGenRequestErrors, instanceHandle);
90078ee8d1cSJulian Grajkowski /* clean up memory */
90178ee8d1cSJulian Grajkowski if (NULL != pCookie) {
90278ee8d1cSJulian Grajkowski Lac_MemPoolEntryFree(pCookie);
90378ee8d1cSJulian Grajkowski }
90478ee8d1cSJulian Grajkowski }
90578ee8d1cSJulian Grajkowski return status;
90678ee8d1cSJulian Grajkowski }
90778ee8d1cSJulian Grajkowski
90878ee8d1cSJulian Grajkowski /**
90978ee8d1cSJulian Grajkowski * cpaCyKeyGenMgf
91078ee8d1cSJulian Grajkowski */
91178ee8d1cSJulian Grajkowski CpaStatus
cpaCyKeyGenMgf(const CpaInstanceHandle instanceHandle_in,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const CpaCyKeyGenMgfOpData * pKeyGenMgfOpData,CpaFlatBuffer * pGeneratedMaskBuffer)91278ee8d1cSJulian Grajkowski cpaCyKeyGenMgf(const CpaInstanceHandle instanceHandle_in,
91378ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
91478ee8d1cSJulian Grajkowski void *pCallbackTag,
91578ee8d1cSJulian Grajkowski const CpaCyKeyGenMgfOpData *pKeyGenMgfOpData,
91678ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedMaskBuffer)
91778ee8d1cSJulian Grajkowski {
91878ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = NULL;
91978ee8d1cSJulian Grajkowski
92078ee8d1cSJulian Grajkowski
92178ee8d1cSJulian Grajkowski if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) {
92278ee8d1cSJulian Grajkowski instanceHandle =
92378ee8d1cSJulian Grajkowski Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM);
92478ee8d1cSJulian Grajkowski } else {
92578ee8d1cSJulian Grajkowski instanceHandle = instanceHandle_in;
92678ee8d1cSJulian Grajkowski }
92778ee8d1cSJulian Grajkowski
92878ee8d1cSJulian Grajkowski /* If synchronous Operation */
92978ee8d1cSJulian Grajkowski if (NULL == pKeyGenCb) {
93078ee8d1cSJulian Grajkowski return LacSymKey_MgfSync(instanceHandle,
93178ee8d1cSJulian Grajkowski pKeyGenCb,
93278ee8d1cSJulian Grajkowski pCallbackTag,
93378ee8d1cSJulian Grajkowski (const void *)pKeyGenMgfOpData,
93478ee8d1cSJulian Grajkowski pGeneratedMaskBuffer,
93578ee8d1cSJulian Grajkowski CPA_FALSE);
93678ee8d1cSJulian Grajkowski }
93778ee8d1cSJulian Grajkowski /* Asynchronous Operation */
93878ee8d1cSJulian Grajkowski return LacSymKey_MgfCommon(instanceHandle,
93978ee8d1cSJulian Grajkowski pKeyGenCb,
94078ee8d1cSJulian Grajkowski pCallbackTag,
94178ee8d1cSJulian Grajkowski (const void *)pKeyGenMgfOpData,
94278ee8d1cSJulian Grajkowski pKeyGenMgfOpData,
94378ee8d1cSJulian Grajkowski pGeneratedMaskBuffer,
94478ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_SHA1);
94578ee8d1cSJulian Grajkowski }
94678ee8d1cSJulian Grajkowski
94778ee8d1cSJulian Grajkowski /**
94878ee8d1cSJulian Grajkowski * cpaCyKeyGenMgfExt
94978ee8d1cSJulian Grajkowski */
95078ee8d1cSJulian Grajkowski CpaStatus
cpaCyKeyGenMgfExt(const CpaInstanceHandle instanceHandle_in,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const CpaCyKeyGenMgfOpDataExt * pKeyGenMgfOpDataExt,CpaFlatBuffer * pGeneratedMaskBuffer)95178ee8d1cSJulian Grajkowski cpaCyKeyGenMgfExt(const CpaInstanceHandle instanceHandle_in,
95278ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
95378ee8d1cSJulian Grajkowski void *pCallbackTag,
95478ee8d1cSJulian Grajkowski const CpaCyKeyGenMgfOpDataExt *pKeyGenMgfOpDataExt,
95578ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedMaskBuffer)
95678ee8d1cSJulian Grajkowski {
95778ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = NULL;
95878ee8d1cSJulian Grajkowski
95978ee8d1cSJulian Grajkowski
96078ee8d1cSJulian Grajkowski if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) {
96178ee8d1cSJulian Grajkowski instanceHandle =
96278ee8d1cSJulian Grajkowski Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM);
96378ee8d1cSJulian Grajkowski } else {
96478ee8d1cSJulian Grajkowski instanceHandle = instanceHandle_in;
96578ee8d1cSJulian Grajkowski }
96678ee8d1cSJulian Grajkowski
96778ee8d1cSJulian Grajkowski /* If synchronous Operation */
96878ee8d1cSJulian Grajkowski if (NULL == pKeyGenCb) {
96978ee8d1cSJulian Grajkowski return LacSymKey_MgfSync(instanceHandle,
97078ee8d1cSJulian Grajkowski pKeyGenCb,
97178ee8d1cSJulian Grajkowski pCallbackTag,
97278ee8d1cSJulian Grajkowski (const void *)pKeyGenMgfOpDataExt,
97378ee8d1cSJulian Grajkowski pGeneratedMaskBuffer,
97478ee8d1cSJulian Grajkowski CPA_TRUE);
97578ee8d1cSJulian Grajkowski }
97678ee8d1cSJulian Grajkowski
97778ee8d1cSJulian Grajkowski /* Param check specific for Ext function, rest of parameters validated
97878ee8d1cSJulian Grajkowski * in LacSymKey_MgfCommon
97978ee8d1cSJulian Grajkowski */
98078ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pKeyGenMgfOpDataExt);
98178ee8d1cSJulian Grajkowski if (CPA_CY_SYM_HASH_MD5 > pKeyGenMgfOpDataExt->hashAlgorithm ||
98278ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_SHA512 < pKeyGenMgfOpDataExt->hashAlgorithm) {
98378ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("hashAlgorithm");
98478ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
98578ee8d1cSJulian Grajkowski }
98678ee8d1cSJulian Grajkowski
98778ee8d1cSJulian Grajkowski /* Asynchronous Operation */
98878ee8d1cSJulian Grajkowski return LacSymKey_MgfCommon(instanceHandle,
98978ee8d1cSJulian Grajkowski pKeyGenCb,
99078ee8d1cSJulian Grajkowski pCallbackTag,
99178ee8d1cSJulian Grajkowski (const void *)pKeyGenMgfOpDataExt,
99278ee8d1cSJulian Grajkowski &pKeyGenMgfOpDataExt->baseOpData,
99378ee8d1cSJulian Grajkowski pGeneratedMaskBuffer,
99478ee8d1cSJulian Grajkowski pKeyGenMgfOpDataExt->hashAlgorithm);
99578ee8d1cSJulian Grajkowski }
99678ee8d1cSJulian Grajkowski
99778ee8d1cSJulian Grajkowski /**
99878ee8d1cSJulian Grajkowski ******************************************************************************
99978ee8d1cSJulian Grajkowski * @ingroup LacSymKey
100078ee8d1cSJulian Grajkowski * Key Generation SSL & TLS response handler
100178ee8d1cSJulian Grajkowski *
100278ee8d1cSJulian Grajkowski * @description
100378ee8d1cSJulian Grajkowski * Handles Key Generation SSL & TLS response messages from the QAT.
100478ee8d1cSJulian Grajkowski *
100578ee8d1cSJulian Grajkowski * @param[in] lacCmdId Command id of the original request
100678ee8d1cSJulian Grajkowski * @param[in] pOpaqueData Pointer to opaque data that was in request
100778ee8d1cSJulian Grajkowski * @param[in] cmnRespFlags LA response flags
100878ee8d1cSJulian Grajkowski *
100978ee8d1cSJulian Grajkowski * @return void
101078ee8d1cSJulian Grajkowski *
101178ee8d1cSJulian Grajkowski *****************************************************************************/
101278ee8d1cSJulian Grajkowski static void
LacSymKey_SslTlsHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId,void * pOpaqueData,icp_qat_fw_comn_flags cmnRespFlags)101378ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId,
101478ee8d1cSJulian Grajkowski void *pOpaqueData,
101578ee8d1cSJulian Grajkowski icp_qat_fw_comn_flags cmnRespFlags)
101678ee8d1cSJulian Grajkowski {
101778ee8d1cSJulian Grajkowski void *pSslTlsOpData = NULL;
101878ee8d1cSJulian Grajkowski CpaCyGenFlatBufCbFunc pKeyGenSslTlsCb = NULL;
101978ee8d1cSJulian Grajkowski lac_sym_key_cookie_t *pCookie = NULL;
102078ee8d1cSJulian Grajkowski void *pCallbackTag = NULL;
102178ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer = NULL;
102278ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
102378ee8d1cSJulian Grajkowski
102478ee8d1cSJulian Grajkowski CpaBoolean respStatusOk =
102578ee8d1cSJulian Grajkowski (ICP_QAT_FW_COMN_STATUS_FLAG_OK ==
102678ee8d1cSJulian Grajkowski ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(cmnRespFlags)) ?
102778ee8d1cSJulian Grajkowski CPA_TRUE :
102878ee8d1cSJulian Grajkowski CPA_FALSE;
102978ee8d1cSJulian Grajkowski
103078ee8d1cSJulian Grajkowski pCookie = (lac_sym_key_cookie_t *)pOpaqueData;
103178ee8d1cSJulian Grajkowski
103278ee8d1cSJulian Grajkowski pSslTlsOpData = pCookie->pKeyGenOpData;
103378ee8d1cSJulian Grajkowski
103478ee8d1cSJulian Grajkowski if (CPA_TRUE == respStatusOk) {
103578ee8d1cSJulian Grajkowski LacKey_StatsInc(lacCmdId,
103678ee8d1cSJulian Grajkowski LAC_KEY_COMPLETED,
103778ee8d1cSJulian Grajkowski pCookie->instanceHandle);
103878ee8d1cSJulian Grajkowski } else {
103978ee8d1cSJulian Grajkowski status = CPA_STATUS_FAIL;
104078ee8d1cSJulian Grajkowski LacKey_StatsInc(lacCmdId,
104178ee8d1cSJulian Grajkowski LAC_KEY_COMPLETED_ERRORS,
104278ee8d1cSJulian Grajkowski pCookie->instanceHandle);
104378ee8d1cSJulian Grajkowski }
104478ee8d1cSJulian Grajkowski
104578ee8d1cSJulian Grajkowski pKeyGenSslTlsCb = (CpaCyGenFlatBufCbFunc)(pCookie->pKeyGenCb);
104678ee8d1cSJulian Grajkowski
104778ee8d1cSJulian Grajkowski pCallbackTag = pCookie->pCallbackTag;
104878ee8d1cSJulian Grajkowski pGeneratedKeyBuffer = pCookie->pKeyGenOutputData;
104978ee8d1cSJulian Grajkowski
105078ee8d1cSJulian Grajkowski Lac_MemPoolEntryFree(pCookie);
105178ee8d1cSJulian Grajkowski
105278ee8d1cSJulian Grajkowski (*pKeyGenSslTlsCb)(pCallbackTag,
105378ee8d1cSJulian Grajkowski status,
105478ee8d1cSJulian Grajkowski pSslTlsOpData,
105578ee8d1cSJulian Grajkowski pGeneratedKeyBuffer);
105678ee8d1cSJulian Grajkowski }
105778ee8d1cSJulian Grajkowski
105878ee8d1cSJulian Grajkowski /**
105978ee8d1cSJulian Grajkowski *******************************************************************************
106078ee8d1cSJulian Grajkowski * @ingroup LacSymKey
106178ee8d1cSJulian Grajkowski * Synchronous mode of operation function wrapper for performing SSL/TLS
106278ee8d1cSJulian Grajkowski * key gen operation
106378ee8d1cSJulian Grajkowski *
106478ee8d1cSJulian Grajkowski * @description
106578ee8d1cSJulian Grajkowski * Synchronous mode of operation function wrapper for performing SSL/TLS
106678ee8d1cSJulian Grajkowski * key gen operation
106778ee8d1cSJulian Grajkowski *
106878ee8d1cSJulian Grajkowski * @param[in] instanceHandle QAT device handle.
106978ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be invoked
107078ee8d1cSJulian Grajkowski * when the operation is complete.
107178ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific call.
107278ee8d1cSJulian Grajkowski * @param[in] lacCmdId Lac command ID (identify SSL & TLS ops)
107378ee8d1cSJulian Grajkowski * @param[in] pKeyGenSslTlsOpData Structure containing all the data needed to
107478ee8d1cSJulian Grajkowski * perform the SSL/TLS key generation
107578ee8d1cSJulian Grajkowski * operation.
107678ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm Specifies the hash algorithm to use.
107778ee8d1cSJulian Grajkowski * According to RFC5246, this should be
107878ee8d1cSJulian Grajkowski * "SHA-256 or a stronger standard hash
107978ee8d1cSJulian Grajkowski * function."
108078ee8d1cSJulian Grajkowski * @param[out] pKeyGenOutputData pointer to where output result should be
108178ee8d1cSJulian Grajkowski * written
108278ee8d1cSJulian Grajkowski *
108378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully.
108478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed.
108578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Function should be retried.
108678ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in.
108778ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources.
108878ee8d1cSJulian Grajkowski *
108978ee8d1cSJulian Grajkowski *****************************************************************************/
109078ee8d1cSJulian Grajkowski static CpaStatus
LacSymKey_SslTlsSync(CpaInstanceHandle instanceHandle,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,icp_qat_fw_la_cmd_id_t lacCmdId,void * pKeyGenSslTlsOpData,Cpa8U hashAlgorithm,CpaFlatBuffer * pKeyGenOutpuData)109178ee8d1cSJulian Grajkowski LacSymKey_SslTlsSync(CpaInstanceHandle instanceHandle,
109278ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
109378ee8d1cSJulian Grajkowski void *pCallbackTag,
109478ee8d1cSJulian Grajkowski icp_qat_fw_la_cmd_id_t lacCmdId,
109578ee8d1cSJulian Grajkowski void *pKeyGenSslTlsOpData,
109678ee8d1cSJulian Grajkowski Cpa8U hashAlgorithm,
109778ee8d1cSJulian Grajkowski CpaFlatBuffer *pKeyGenOutpuData)
109878ee8d1cSJulian Grajkowski {
109978ee8d1cSJulian Grajkowski lac_sync_op_data_t *pSyncCallbackData = NULL;
110078ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
110178ee8d1cSJulian Grajkowski
110278ee8d1cSJulian Grajkowski status = LacSync_CreateSyncCookie(&pSyncCallbackData);
110378ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
110478ee8d1cSJulian Grajkowski status = LacSymKey_KeyGenSslTls_GenCommon(instanceHandle,
110578ee8d1cSJulian Grajkowski pKeyGenCb,
110678ee8d1cSJulian Grajkowski pSyncCallbackData,
110778ee8d1cSJulian Grajkowski lacCmdId,
110878ee8d1cSJulian Grajkowski pKeyGenSslTlsOpData,
110978ee8d1cSJulian Grajkowski hashAlgorithm,
111078ee8d1cSJulian Grajkowski pKeyGenOutpuData);
111178ee8d1cSJulian Grajkowski } else {
111278ee8d1cSJulian Grajkowski /* Failure allocating sync cookie */
111378ee8d1cSJulian Grajkowski LacKey_StatsInc(lacCmdId,
111478ee8d1cSJulian Grajkowski LAC_KEY_REQUEST_ERRORS,
111578ee8d1cSJulian Grajkowski instanceHandle);
111678ee8d1cSJulian Grajkowski return status;
111778ee8d1cSJulian Grajkowski }
111878ee8d1cSJulian Grajkowski
111978ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
112078ee8d1cSJulian Grajkowski CpaStatus syncStatus = CPA_STATUS_SUCCESS;
112178ee8d1cSJulian Grajkowski
112278ee8d1cSJulian Grajkowski syncStatus =
112378ee8d1cSJulian Grajkowski LacSync_WaitForCallback(pSyncCallbackData,
112478ee8d1cSJulian Grajkowski LAC_SYM_SYNC_CALLBACK_TIMEOUT,
112578ee8d1cSJulian Grajkowski &status,
112678ee8d1cSJulian Grajkowski NULL);
112778ee8d1cSJulian Grajkowski
112878ee8d1cSJulian Grajkowski /* If callback doesn't come back */
112978ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS != syncStatus) {
113078ee8d1cSJulian Grajkowski LacKey_StatsInc(lacCmdId,
113178ee8d1cSJulian Grajkowski LAC_KEY_COMPLETED_ERRORS,
113278ee8d1cSJulian Grajkowski instanceHandle);
113378ee8d1cSJulian Grajkowski LAC_LOG_ERROR("Callback timed out");
113478ee8d1cSJulian Grajkowski status = syncStatus;
113578ee8d1cSJulian Grajkowski }
113678ee8d1cSJulian Grajkowski } else {
113778ee8d1cSJulian Grajkowski /* As the Request was not sent the Callback will never
113878ee8d1cSJulian Grajkowski * be called, so need to indicate that we're finished
113978ee8d1cSJulian Grajkowski * with cookie so it can be destroyed.
114078ee8d1cSJulian Grajkowski */
114178ee8d1cSJulian Grajkowski LacSync_SetSyncCookieComplete(pSyncCallbackData);
114278ee8d1cSJulian Grajkowski }
114378ee8d1cSJulian Grajkowski
114478ee8d1cSJulian Grajkowski LacSync_DestroySyncCookie(&pSyncCallbackData);
114578ee8d1cSJulian Grajkowski
114678ee8d1cSJulian Grajkowski return status;
114778ee8d1cSJulian Grajkowski }
114878ee8d1cSJulian Grajkowski
114978ee8d1cSJulian Grajkowski static CpaStatus
computeHashKey(CpaFlatBuffer * secret,CpaFlatBuffer * hash,CpaCySymHashAlgorithm * hashAlgorithm)115078ee8d1cSJulian Grajkowski computeHashKey(CpaFlatBuffer *secret,
115178ee8d1cSJulian Grajkowski CpaFlatBuffer *hash,
115278ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm *hashAlgorithm)
115378ee8d1cSJulian Grajkowski {
115478ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
115578ee8d1cSJulian Grajkowski
115678ee8d1cSJulian Grajkowski switch (*hashAlgorithm) {
115778ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_MD5:
115878ee8d1cSJulian Grajkowski status = qatUtilsHashMD5Full(secret->pData,
115978ee8d1cSJulian Grajkowski hash->pData,
116078ee8d1cSJulian Grajkowski secret->dataLenInBytes);
116178ee8d1cSJulian Grajkowski break;
116278ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA1:
116378ee8d1cSJulian Grajkowski status = qatUtilsHashSHA1Full(secret->pData,
116478ee8d1cSJulian Grajkowski hash->pData,
116578ee8d1cSJulian Grajkowski secret->dataLenInBytes);
116678ee8d1cSJulian Grajkowski break;
116778ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA256:
116878ee8d1cSJulian Grajkowski status = qatUtilsHashSHA256Full(secret->pData,
116978ee8d1cSJulian Grajkowski hash->pData,
117078ee8d1cSJulian Grajkowski secret->dataLenInBytes);
117178ee8d1cSJulian Grajkowski break;
117278ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA384:
117378ee8d1cSJulian Grajkowski status = qatUtilsHashSHA384Full(secret->pData,
117478ee8d1cSJulian Grajkowski hash->pData,
117578ee8d1cSJulian Grajkowski secret->dataLenInBytes);
117678ee8d1cSJulian Grajkowski break;
117778ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA512:
117878ee8d1cSJulian Grajkowski status = qatUtilsHashSHA512Full(secret->pData,
117978ee8d1cSJulian Grajkowski hash->pData,
118078ee8d1cSJulian Grajkowski secret->dataLenInBytes);
118178ee8d1cSJulian Grajkowski break;
118278ee8d1cSJulian Grajkowski default:
118378ee8d1cSJulian Grajkowski status = CPA_STATUS_FAIL;
118478ee8d1cSJulian Grajkowski }
118578ee8d1cSJulian Grajkowski return status;
118678ee8d1cSJulian Grajkowski }
118778ee8d1cSJulian Grajkowski
118878ee8d1cSJulian Grajkowski static CpaStatus
LacSymKey_KeyGenSslTls_GenCommon(CpaInstanceHandle instanceHandle,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,icp_qat_fw_la_cmd_id_t lacCmdId,void * pKeyGenSslTlsOpData,Cpa8U hashAlgCipher,CpaFlatBuffer * pKeyGenOutputData)118978ee8d1cSJulian Grajkowski LacSymKey_KeyGenSslTls_GenCommon(CpaInstanceHandle instanceHandle,
119078ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
119178ee8d1cSJulian Grajkowski void *pCallbackTag,
119278ee8d1cSJulian Grajkowski icp_qat_fw_la_cmd_id_t lacCmdId,
119378ee8d1cSJulian Grajkowski void *pKeyGenSslTlsOpData,
119478ee8d1cSJulian Grajkowski Cpa8U hashAlgCipher,
119578ee8d1cSJulian Grajkowski CpaFlatBuffer *pKeyGenOutputData)
119678ee8d1cSJulian Grajkowski {
119778ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
119878ee8d1cSJulian Grajkowski CpaBoolean precompute = CPA_FALSE;
119978ee8d1cSJulian Grajkowski icp_qat_fw_la_bulk_req_t keyGenReq = { { 0 } };
120078ee8d1cSJulian Grajkowski icp_qat_la_bulk_req_hdr_t keyGenReqHdr = { { 0 } };
120178ee8d1cSJulian Grajkowski icp_qat_fw_la_key_gen_common_t keyGenReqMid = { { 0 } };
120278ee8d1cSJulian Grajkowski icp_qat_la_bulk_req_ftr_t keyGenReqFtr = { { { 0 } } };
120378ee8d1cSJulian Grajkowski Cpa8U *pMsgDummy = NULL;
120478ee8d1cSJulian Grajkowski Cpa8U *pCacheDummyHdr = NULL;
120578ee8d1cSJulian Grajkowski Cpa8U *pCacheDummyMid = NULL;
120678ee8d1cSJulian Grajkowski Cpa8U *pCacheDummyFtr = NULL;
120778ee8d1cSJulian Grajkowski lac_sym_key_cookie_t *pCookie = NULL;
120878ee8d1cSJulian Grajkowski lac_sym_cookie_t *pSymCookie = NULL;
120978ee8d1cSJulian Grajkowski Cpa64U inputPhysAddr = 0;
121078ee8d1cSJulian Grajkowski Cpa64U outputPhysAddr = 0;
121178ee8d1cSJulian Grajkowski /* Structure initializer is supported by C99, but it is
121278ee8d1cSJulian Grajkowski * not supported by some former Intel compiler.
121378ee8d1cSJulian Grajkowski */
121478ee8d1cSJulian Grajkowski CpaCySymHashSetupData hashSetupData = { 0 };
121578ee8d1cSJulian Grajkowski sal_qat_content_desc_info_t contentDescInfo = { 0 };
121678ee8d1cSJulian Grajkowski Cpa32U hashBlkSizeInBytes = 0;
121778ee8d1cSJulian Grajkowski Cpa32U tlsPrefixLen = 0;
121878ee8d1cSJulian Grajkowski
121978ee8d1cSJulian Grajkowski CpaFlatBuffer inputSecret = { 0 };
122078ee8d1cSJulian Grajkowski CpaFlatBuffer hashKeyOutput = { 0 };
122178ee8d1cSJulian Grajkowski Cpa32U uSecretLen = 0;
122278ee8d1cSJulian Grajkowski CpaCySymHashNestedModeSetupData *pNestedModeSetupData =
122378ee8d1cSJulian Grajkowski &(hashSetupData.nestedModeSetupData);
122478ee8d1cSJulian Grajkowski icp_qat_fw_serv_specif_flags laCmdFlags = 0;
122578ee8d1cSJulian Grajkowski icp_qat_fw_comn_flags cmnRequestFlags =
122678ee8d1cSJulian Grajkowski ICP_QAT_FW_COMN_FLAGS_BUILD(QAT_COMN_PTR_TYPE_FLAT,
122778ee8d1cSJulian Grajkowski QAT_COMN_CD_FLD_TYPE_64BIT_ADR);
122878ee8d1cSJulian Grajkowski
122978ee8d1cSJulian Grajkowski sal_crypto_service_t *pService = (sal_crypto_service_t *)instanceHandle;
123078ee8d1cSJulian Grajkowski
123178ee8d1cSJulian Grajkowski /* If synchronous Operation */
123278ee8d1cSJulian Grajkowski if (NULL == pKeyGenCb) {
123378ee8d1cSJulian Grajkowski return LacSymKey_SslTlsSync(instanceHandle,
123478ee8d1cSJulian Grajkowski LacSync_GenFlatBufCb,
123578ee8d1cSJulian Grajkowski pCallbackTag,
123678ee8d1cSJulian Grajkowski lacCmdId,
123778ee8d1cSJulian Grajkowski pKeyGenSslTlsOpData,
123878ee8d1cSJulian Grajkowski hashAlgCipher,
123978ee8d1cSJulian Grajkowski pKeyGenOutputData);
124078ee8d1cSJulian Grajkowski }
124178ee8d1cSJulian Grajkowski /* Allocate the cookie */
124278ee8d1cSJulian Grajkowski pCookie = (lac_sym_key_cookie_t *)Lac_MemPoolEntryAlloc(
124378ee8d1cSJulian Grajkowski pService->lac_sym_cookie_pool);
124478ee8d1cSJulian Grajkowski if (NULL == pCookie) {
124578ee8d1cSJulian Grajkowski LAC_LOG_ERROR("Cannot get mem pool entry");
124678ee8d1cSJulian Grajkowski status = CPA_STATUS_RESOURCE;
124778ee8d1cSJulian Grajkowski } else if ((void *)CPA_STATUS_RETRY == pCookie) {
124878ee8d1cSJulian Grajkowski pCookie = NULL;
124978ee8d1cSJulian Grajkowski status = CPA_STATUS_RETRY;
125078ee8d1cSJulian Grajkowski } else {
125178ee8d1cSJulian Grajkowski pSymCookie = (lac_sym_cookie_t *)pCookie;
125278ee8d1cSJulian Grajkowski }
125378ee8d1cSJulian Grajkowski
125478ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
125578ee8d1cSJulian Grajkowski icp_qat_hw_auth_mode_t qatHashMode = 0;
125678ee8d1cSJulian Grajkowski
125778ee8d1cSJulian Grajkowski if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) {
125878ee8d1cSJulian Grajkowski qatHashMode = ICP_QAT_HW_AUTH_MODE0;
125978ee8d1cSJulian Grajkowski } else /* TLS v1.1, v1.2, v1.3 */
126078ee8d1cSJulian Grajkowski {
126178ee8d1cSJulian Grajkowski qatHashMode = ICP_QAT_HW_AUTH_MODE2;
126278ee8d1cSJulian Grajkowski }
126378ee8d1cSJulian Grajkowski
126478ee8d1cSJulian Grajkowski pCookie->instanceHandle = pService;
126578ee8d1cSJulian Grajkowski pCookie->pCallbackTag = pCallbackTag;
126678ee8d1cSJulian Grajkowski pCookie->pKeyGenCb = pKeyGenCb;
126778ee8d1cSJulian Grajkowski pCookie->pKeyGenOpData = pKeyGenSslTlsOpData;
126878ee8d1cSJulian Grajkowski pCookie->pKeyGenOutputData = pKeyGenOutputData;
126978ee8d1cSJulian Grajkowski hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_NESTED;
127078ee8d1cSJulian Grajkowski
127178ee8d1cSJulian Grajkowski /* SSL3 */
127278ee8d1cSJulian Grajkowski if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) {
127378ee8d1cSJulian Grajkowski hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1;
127478ee8d1cSJulian Grajkowski hashSetupData.digestResultLenInBytes =
127578ee8d1cSJulian Grajkowski LAC_HASH_MD5_DIGEST_SIZE;
127678ee8d1cSJulian Grajkowski pNestedModeSetupData->outerHashAlgorithm =
127778ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_MD5;
127878ee8d1cSJulian Grajkowski
127978ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData = NULL;
128078ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes = 0;
128178ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData = NULL;
128278ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes = 0;
128378ee8d1cSJulian Grajkowski }
128478ee8d1cSJulian Grajkowski /* TLS v1.1 */
128578ee8d1cSJulian Grajkowski else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == lacCmdId) {
128678ee8d1cSJulian Grajkowski CpaCyKeyGenTlsOpData *pKeyGenTlsOpData =
128778ee8d1cSJulian Grajkowski (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData;
128878ee8d1cSJulian Grajkowski
128978ee8d1cSJulian Grajkowski hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1;
129078ee8d1cSJulian Grajkowski hashSetupData.digestResultLenInBytes =
129178ee8d1cSJulian Grajkowski LAC_HASH_MD5_DIGEST_SIZE;
129278ee8d1cSJulian Grajkowski pNestedModeSetupData->outerHashAlgorithm =
129378ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_MD5;
129478ee8d1cSJulian Grajkowski
129578ee8d1cSJulian Grajkowski uSecretLen = pKeyGenTlsOpData->secret.dataLenInBytes;
129678ee8d1cSJulian Grajkowski
129778ee8d1cSJulian Grajkowski /* We want to handle pre_master_secret > 128 bytes
129878ee8d1cSJulian Grajkowski * therefore we
129978ee8d1cSJulian Grajkowski * only verify if the current operation is Master Secret
130078ee8d1cSJulian Grajkowski * Derive.
130178ee8d1cSJulian Grajkowski * The other operations remain unchanged.
130278ee8d1cSJulian Grajkowski */
130378ee8d1cSJulian Grajkowski if ((uSecretLen >
130478ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX) &&
130578ee8d1cSJulian Grajkowski (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE ==
130678ee8d1cSJulian Grajkowski pKeyGenTlsOpData->tlsOp ||
130778ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_USER_DEFINED ==
130878ee8d1cSJulian Grajkowski pKeyGenTlsOpData->tlsOp)) {
130978ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm hashAlgorithm =
131078ee8d1cSJulian Grajkowski (CpaCySymHashAlgorithm)hashAlgCipher;
131178ee8d1cSJulian Grajkowski /* secret = [s1 | s2 ]
131278ee8d1cSJulian Grajkowski * s1 = outer prefix, s2 = inner prefix
131378ee8d1cSJulian Grajkowski * length of s1 and s2 = ceil(secret_length / 2)
131478ee8d1cSJulian Grajkowski * (secret length + 1)/2 will always give the
131578ee8d1cSJulian Grajkowski * ceil as
131678ee8d1cSJulian Grajkowski * division by 2
131778ee8d1cSJulian Grajkowski * (>>1) will give the smallest integral value
131878ee8d1cSJulian Grajkowski * not less than
131978ee8d1cSJulian Grajkowski * arg
132078ee8d1cSJulian Grajkowski */
132178ee8d1cSJulian Grajkowski tlsPrefixLen =
132278ee8d1cSJulian Grajkowski (pKeyGenTlsOpData->secret.dataLenInBytes +
132378ee8d1cSJulian Grajkowski 1) >>
132478ee8d1cSJulian Grajkowski 1;
132578ee8d1cSJulian Grajkowski inputSecret.dataLenInBytes = tlsPrefixLen;
132678ee8d1cSJulian Grajkowski inputSecret.pData =
132778ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.pData;
132878ee8d1cSJulian Grajkowski
132978ee8d1cSJulian Grajkowski /* Since the pre_master_secret is > 128, we
133078ee8d1cSJulian Grajkowski * split the input
133178ee8d1cSJulian Grajkowski * pre_master_secret in 2 halves and compute the
133278ee8d1cSJulian Grajkowski * MD5 of the
133378ee8d1cSJulian Grajkowski * first half and the SHA1 on the second half.
133478ee8d1cSJulian Grajkowski */
133578ee8d1cSJulian Grajkowski hashAlgorithm = CPA_CY_SYM_HASH_MD5;
133678ee8d1cSJulian Grajkowski
133778ee8d1cSJulian Grajkowski /* Initialize pointer where MD5 key will go. */
133878ee8d1cSJulian Grajkowski hashKeyOutput.pData =
133978ee8d1cSJulian Grajkowski &pCookie->hashKeyBuffer[0];
134078ee8d1cSJulian Grajkowski hashKeyOutput.dataLenInBytes =
134178ee8d1cSJulian Grajkowski LAC_HASH_MD5_DIGEST_SIZE;
134278ee8d1cSJulian Grajkowski computeHashKey(&inputSecret,
134378ee8d1cSJulian Grajkowski &hashKeyOutput,
134478ee8d1cSJulian Grajkowski &hashAlgorithm);
134578ee8d1cSJulian Grajkowski
134678ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData =
134778ee8d1cSJulian Grajkowski &pCookie->hashKeyBuffer[0];
134878ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes =
134978ee8d1cSJulian Grajkowski LAC_HASH_MD5_DIGEST_SIZE;
135078ee8d1cSJulian Grajkowski
135178ee8d1cSJulian Grajkowski /* Point to the second half of the
135278ee8d1cSJulian Grajkowski * pre_master_secret */
135378ee8d1cSJulian Grajkowski inputSecret.pData =
135478ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.pData +
135578ee8d1cSJulian Grajkowski (pKeyGenTlsOpData->secret.dataLenInBytes -
135678ee8d1cSJulian Grajkowski tlsPrefixLen);
135778ee8d1cSJulian Grajkowski
135878ee8d1cSJulian Grajkowski /* Compute SHA1 on the second half of the
135978ee8d1cSJulian Grajkowski * pre_master_secret
136078ee8d1cSJulian Grajkowski */
136178ee8d1cSJulian Grajkowski hashAlgorithm = CPA_CY_SYM_HASH_SHA1;
136278ee8d1cSJulian Grajkowski /* Initialize pointer where SHA1 key will go. */
136378ee8d1cSJulian Grajkowski hashKeyOutput.pData =
136478ee8d1cSJulian Grajkowski &pCookie->hashKeyBuffer
136578ee8d1cSJulian Grajkowski [LAC_HASH_MD5_DIGEST_SIZE];
136678ee8d1cSJulian Grajkowski hashKeyOutput.dataLenInBytes =
136778ee8d1cSJulian Grajkowski LAC_HASH_SHA1_DIGEST_SIZE;
136878ee8d1cSJulian Grajkowski computeHashKey(&inputSecret,
136978ee8d1cSJulian Grajkowski &hashKeyOutput,
137078ee8d1cSJulian Grajkowski &hashAlgorithm);
137178ee8d1cSJulian Grajkowski
137278ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData =
137378ee8d1cSJulian Grajkowski &pCookie->hashKeyBuffer
137478ee8d1cSJulian Grajkowski [LAC_HASH_MD5_DIGEST_SIZE];
137578ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes =
137678ee8d1cSJulian Grajkowski LAC_HASH_SHA1_DIGEST_SIZE;
137778ee8d1cSJulian Grajkowski } else {
137878ee8d1cSJulian Grajkowski /* secret = [s1 | s2 ]
137978ee8d1cSJulian Grajkowski * s1 = outer prefix, s2 = inner prefix
138078ee8d1cSJulian Grajkowski * length of s1 and s2 = ceil(secret_length / 2)
138178ee8d1cSJulian Grajkowski * (secret length + 1)/2 will always give the
138278ee8d1cSJulian Grajkowski * ceil as
138378ee8d1cSJulian Grajkowski * division by 2
138478ee8d1cSJulian Grajkowski * (>>1) will give the smallest integral value
138578ee8d1cSJulian Grajkowski * not less than
138678ee8d1cSJulian Grajkowski * arg
138778ee8d1cSJulian Grajkowski */
138878ee8d1cSJulian Grajkowski tlsPrefixLen =
138978ee8d1cSJulian Grajkowski (pKeyGenTlsOpData->secret.dataLenInBytes +
139078ee8d1cSJulian Grajkowski 1) >>
139178ee8d1cSJulian Grajkowski 1;
139278ee8d1cSJulian Grajkowski /* last byte of s1 will be first byte of s2 if
139378ee8d1cSJulian Grajkowski * Length is odd
139478ee8d1cSJulian Grajkowski */
139578ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData =
139678ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.pData +
139778ee8d1cSJulian Grajkowski (pKeyGenTlsOpData->secret.dataLenInBytes -
139878ee8d1cSJulian Grajkowski tlsPrefixLen);
139978ee8d1cSJulian Grajkowski
140078ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData =
140178ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.pData;
140278ee8d1cSJulian Grajkowski
140378ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes =
140478ee8d1cSJulian Grajkowski pNestedModeSetupData
140578ee8d1cSJulian Grajkowski ->outerPrefixLenInBytes = tlsPrefixLen;
140678ee8d1cSJulian Grajkowski }
140778ee8d1cSJulian Grajkowski }
140878ee8d1cSJulian Grajkowski /* TLS v1.2 */
140978ee8d1cSJulian Grajkowski else if (ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == lacCmdId) {
141078ee8d1cSJulian Grajkowski CpaCyKeyGenTlsOpData *pKeyGenTlsOpData =
141178ee8d1cSJulian Grajkowski (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData;
141278ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm hashAlgorithm =
141378ee8d1cSJulian Grajkowski (CpaCySymHashAlgorithm)hashAlgCipher;
141478ee8d1cSJulian Grajkowski
141578ee8d1cSJulian Grajkowski uSecretLen = pKeyGenTlsOpData->secret.dataLenInBytes;
141678ee8d1cSJulian Grajkowski
141778ee8d1cSJulian Grajkowski hashSetupData.hashAlgorithm =
141878ee8d1cSJulian Grajkowski (CpaCySymHashAlgorithm)hashAlgorithm;
141978ee8d1cSJulian Grajkowski hashSetupData.digestResultLenInBytes =
142078ee8d1cSJulian Grajkowski (Cpa32U)getDigestSizeFromHashAlgo(hashAlgorithm);
142178ee8d1cSJulian Grajkowski pNestedModeSetupData->outerHashAlgorithm =
142278ee8d1cSJulian Grajkowski (CpaCySymHashAlgorithm)hashAlgorithm;
142378ee8d1cSJulian Grajkowski if (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE ==
142478ee8d1cSJulian Grajkowski pKeyGenTlsOpData->tlsOp ||
142578ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_USER_DEFINED ==
142678ee8d1cSJulian Grajkowski pKeyGenTlsOpData->tlsOp) {
142778ee8d1cSJulian Grajkowski switch (hashAlgorithm) {
142878ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SM3:
142978ee8d1cSJulian Grajkowski precompute = CPA_FALSE;
143078ee8d1cSJulian Grajkowski break;
143178ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA256:
143278ee8d1cSJulian Grajkowski if (uSecretLen >
143378ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX) {
143478ee8d1cSJulian Grajkowski precompute = CPA_TRUE;
143578ee8d1cSJulian Grajkowski }
143678ee8d1cSJulian Grajkowski break;
143778ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA384:
143878ee8d1cSJulian Grajkowski case CPA_CY_SYM_HASH_SHA512:
143978ee8d1cSJulian Grajkowski if (uSecretLen >
144078ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_TLS_SECRET_LEN_MAX) {
144178ee8d1cSJulian Grajkowski precompute = CPA_TRUE;
144278ee8d1cSJulian Grajkowski }
144378ee8d1cSJulian Grajkowski break;
144478ee8d1cSJulian Grajkowski default:
144578ee8d1cSJulian Grajkowski break;
144678ee8d1cSJulian Grajkowski }
144778ee8d1cSJulian Grajkowski }
144878ee8d1cSJulian Grajkowski if (CPA_TRUE == precompute) {
144978ee8d1cSJulian Grajkowski /* Case when secret > algorithm block size
145078ee8d1cSJulian Grajkowski * RFC 4868: For SHA-256 Block size is 512 bits,
145178ee8d1cSJulian Grajkowski * for SHA-384
145278ee8d1cSJulian Grajkowski * and SHA-512 Block size is 1024 bits
145378ee8d1cSJulian Grajkowski * Initialize pointer
145478ee8d1cSJulian Grajkowski * where SHAxxx key will go.
145578ee8d1cSJulian Grajkowski */
145678ee8d1cSJulian Grajkowski hashKeyOutput.pData =
145778ee8d1cSJulian Grajkowski &pCookie->hashKeyBuffer[0];
145878ee8d1cSJulian Grajkowski hashKeyOutput.dataLenInBytes =
145978ee8d1cSJulian Grajkowski hashSetupData.digestResultLenInBytes;
146078ee8d1cSJulian Grajkowski computeHashKey(&pKeyGenTlsOpData->secret,
146178ee8d1cSJulian Grajkowski &hashKeyOutput,
146278ee8d1cSJulian Grajkowski &hashSetupData.hashAlgorithm);
146378ee8d1cSJulian Grajkowski
146478ee8d1cSJulian Grajkowski /* Outer prefix = secret , inner prefix = secret
146578ee8d1cSJulian Grajkowski * secret < 64 bytes
146678ee8d1cSJulian Grajkowski */
146778ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData =
146878ee8d1cSJulian Grajkowski hashKeyOutput.pData;
146978ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData =
147078ee8d1cSJulian Grajkowski hashKeyOutput.pData;
147178ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes =
147278ee8d1cSJulian Grajkowski hashKeyOutput.dataLenInBytes;
147378ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes =
147478ee8d1cSJulian Grajkowski hashKeyOutput.dataLenInBytes;
147578ee8d1cSJulian Grajkowski } else {
147678ee8d1cSJulian Grajkowski /* Outer prefix = secret , inner prefix = secret
147778ee8d1cSJulian Grajkowski * secret <= 64 bytes
147878ee8d1cSJulian Grajkowski */
147978ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData =
148078ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.pData;
148178ee8d1cSJulian Grajkowski
148278ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData =
148378ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.pData;
148478ee8d1cSJulian Grajkowski
148578ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes =
148678ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.dataLenInBytes;
148778ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes =
148878ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.dataLenInBytes;
148978ee8d1cSJulian Grajkowski }
149078ee8d1cSJulian Grajkowski }
149178ee8d1cSJulian Grajkowski /* TLS v1.3 */
149278ee8d1cSJulian Grajkowski else if ((ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= lacCmdId) &&
149378ee8d1cSJulian Grajkowski (ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL >=
149478ee8d1cSJulian Grajkowski lacCmdId)) {
149578ee8d1cSJulian Grajkowski CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData =
149678ee8d1cSJulian Grajkowski (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData;
149778ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm hashAlgorithm =
149878ee8d1cSJulian Grajkowski getHashAlgorithmFromCipherSuiteHKDF(hashAlgCipher);
149978ee8d1cSJulian Grajkowski
150078ee8d1cSJulian Grajkowski /* Set HASH data */
150178ee8d1cSJulian Grajkowski hashSetupData.hashAlgorithm = hashAlgorithm;
150278ee8d1cSJulian Grajkowski /* Calculate digest length from the HASH type */
150378ee8d1cSJulian Grajkowski hashSetupData.digestResultLenInBytes =
150478ee8d1cSJulian Grajkowski cipherSuiteHKDFHashSizes[hashAlgCipher]
150578ee8d1cSJulian Grajkowski [LAC_KEY_HKDF_DIGESTS];
150678ee8d1cSJulian Grajkowski /* Outer Hash type is the same as inner hash type */
150778ee8d1cSJulian Grajkowski pNestedModeSetupData->outerHashAlgorithm =
150878ee8d1cSJulian Grajkowski hashAlgorithm;
150978ee8d1cSJulian Grajkowski
151078ee8d1cSJulian Grajkowski /* EXPAND (PRK):
151178ee8d1cSJulian Grajkowski * Outer prefix = secret, inner prefix = secret
151278ee8d1cSJulian Grajkowski * EXTRACT (SEED/SALT):
151378ee8d1cSJulian Grajkowski * Outer prefix = seed, inner prefix = seed
151478ee8d1cSJulian Grajkowski * Secret <= 64 Bytes
151578ee8d1cSJulian Grajkowski * We do not pre compute as secret can't be larger than
151678ee8d1cSJulian Grajkowski * 64 bytes
151778ee8d1cSJulian Grajkowski */
151878ee8d1cSJulian Grajkowski
151978ee8d1cSJulian Grajkowski if ((ICP_QAT_FW_LA_CMD_HKDF_EXPAND == lacCmdId) ||
152078ee8d1cSJulian Grajkowski (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == lacCmdId)) {
152178ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData =
152278ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret;
152378ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData =
152478ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret;
152578ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes =
152678ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secretLen;
152778ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes =
152878ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secretLen;
152978ee8d1cSJulian Grajkowski } else {
153078ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData =
153178ee8d1cSJulian Grajkowski pKeyGenTlsOpData->seed;
153278ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData =
153378ee8d1cSJulian Grajkowski pKeyGenTlsOpData->seed;
153478ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes =
153578ee8d1cSJulian Grajkowski pKeyGenTlsOpData->seedLen;
153678ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes =
153778ee8d1cSJulian Grajkowski pKeyGenTlsOpData->seedLen;
153878ee8d1cSJulian Grajkowski }
153978ee8d1cSJulian Grajkowski }
154078ee8d1cSJulian Grajkowski
154178ee8d1cSJulian Grajkowski /* Set the footer Data.
154278ee8d1cSJulian Grajkowski * Note that following function doesn't look at inner/outer
154378ee8d1cSJulian Grajkowski * prefix pointers in nested digest ctx
154478ee8d1cSJulian Grajkowski */
154578ee8d1cSJulian Grajkowski LacSymQat_HashContentDescInit(
154678ee8d1cSJulian Grajkowski &keyGenReqFtr,
154778ee8d1cSJulian Grajkowski instanceHandle,
154878ee8d1cSJulian Grajkowski &hashSetupData,
154978ee8d1cSJulian Grajkowski pCookie
155078ee8d1cSJulian Grajkowski ->contentDesc, /* Pointer to base of hw setup block */
155178ee8d1cSJulian Grajkowski LAC_SYM_KEY_NO_HASH_BLK_OFFSET_QW,
155278ee8d1cSJulian Grajkowski ICP_QAT_FW_SLICE_DRAM_WR,
155378ee8d1cSJulian Grajkowski qatHashMode,
1554a977168cSMichal Gulbicki CPA_FALSE, /* Not using sym Constants Table in Shared SRAM
1555a977168cSMichal Gulbicki */
1556a977168cSMichal Gulbicki CPA_FALSE, /* not using the optimised content Desc */
1557a977168cSMichal Gulbicki CPA_FALSE, /* Not using the stateful SHA3 Content Desc */
1558a977168cSMichal Gulbicki NULL, /* precompute data */
155978ee8d1cSJulian Grajkowski &hashBlkSizeInBytes);
156078ee8d1cSJulian Grajkowski
156178ee8d1cSJulian Grajkowski /* SSL3 */
156278ee8d1cSJulian Grajkowski if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) {
156378ee8d1cSJulian Grajkowski CpaCyKeyGenSslOpData *pKeyGenSslOpData =
156478ee8d1cSJulian Grajkowski (CpaCyKeyGenSslOpData *)pKeyGenSslTlsOpData;
156578ee8d1cSJulian Grajkowski Cpa8U *pLabel = NULL;
156678ee8d1cSJulian Grajkowski Cpa32U labelLen = 0;
156778ee8d1cSJulian Grajkowski Cpa8U iterations = 0;
156878ee8d1cSJulian Grajkowski Cpa64U labelPhysAddr = 0;
156978ee8d1cSJulian Grajkowski
157078ee8d1cSJulian Grajkowski /* Iterations = ceiling of output required / output per
157178ee8d1cSJulian Grajkowski * iteration Ceiling of a / b = (a + (b-1)) / b
157278ee8d1cSJulian Grajkowski */
157378ee8d1cSJulian Grajkowski iterations =
157478ee8d1cSJulian Grajkowski (pKeyGenSslOpData->generatedKeyLenInBytes +
157578ee8d1cSJulian Grajkowski (LAC_SYM_QAT_KEY_SSL_BYTES_PER_ITERATION - 1)) >>
157678ee8d1cSJulian Grajkowski LAC_SYM_QAT_KEY_SSL_ITERATIONS_SHIFT;
157778ee8d1cSJulian Grajkowski
157878ee8d1cSJulian Grajkowski if (CPA_CY_KEY_SSL_OP_USER_DEFINED ==
157978ee8d1cSJulian Grajkowski pKeyGenSslOpData->sslOp) {
158078ee8d1cSJulian Grajkowski pLabel = pKeyGenSslOpData->userLabel.pData;
158178ee8d1cSJulian Grajkowski labelLen =
158278ee8d1cSJulian Grajkowski pKeyGenSslOpData->userLabel.dataLenInBytes;
158378ee8d1cSJulian Grajkowski labelPhysAddr = LAC_OS_VIRT_TO_PHYS_EXTERNAL(
158478ee8d1cSJulian Grajkowski pService->generic_service_info, pLabel);
158578ee8d1cSJulian Grajkowski
158678ee8d1cSJulian Grajkowski if (labelPhysAddr == 0) {
158778ee8d1cSJulian Grajkowski LAC_LOG_ERROR(
158878ee8d1cSJulian Grajkowski "Unable to get the physical address of the"
158978ee8d1cSJulian Grajkowski " label");
159078ee8d1cSJulian Grajkowski status = CPA_STATUS_FAIL;
159178ee8d1cSJulian Grajkowski }
159278ee8d1cSJulian Grajkowski } else {
159378ee8d1cSJulian Grajkowski pLabel = pService->pSslLabel;
159478ee8d1cSJulian Grajkowski
159578ee8d1cSJulian Grajkowski /* Calculate label length.
159678ee8d1cSJulian Grajkowski * eg. 3 iterations is ABBCCC so length is 6
159778ee8d1cSJulian Grajkowski */
159878ee8d1cSJulian Grajkowski labelLen =
159978ee8d1cSJulian Grajkowski ((iterations * iterations) + iterations) >>
160078ee8d1cSJulian Grajkowski 1;
160178ee8d1cSJulian Grajkowski labelPhysAddr =
160278ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel);
160378ee8d1cSJulian Grajkowski }
160478ee8d1cSJulian Grajkowski
160578ee8d1cSJulian Grajkowski LacSymQat_KeySslRequestPopulate(
160678ee8d1cSJulian Grajkowski &keyGenReqHdr,
160778ee8d1cSJulian Grajkowski &keyGenReqMid,
160878ee8d1cSJulian Grajkowski pKeyGenSslOpData->generatedKeyLenInBytes,
160978ee8d1cSJulian Grajkowski labelLen,
161078ee8d1cSJulian Grajkowski pKeyGenSslOpData->secret.dataLenInBytes,
161178ee8d1cSJulian Grajkowski iterations);
161278ee8d1cSJulian Grajkowski
161378ee8d1cSJulian Grajkowski LacSymQat_KeySslKeyMaterialInputPopulate(
161478ee8d1cSJulian Grajkowski &(pService->generic_service_info),
161578ee8d1cSJulian Grajkowski &(pCookie->u.sslKeyInput),
161678ee8d1cSJulian Grajkowski pKeyGenSslOpData->seed.pData,
161778ee8d1cSJulian Grajkowski labelPhysAddr,
161878ee8d1cSJulian Grajkowski pKeyGenSslOpData->secret.pData);
161978ee8d1cSJulian Grajkowski
162078ee8d1cSJulian Grajkowski inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64(
162178ee8d1cSJulian Grajkowski pSymCookie->keySslKeyInputPhyAddr);
162278ee8d1cSJulian Grajkowski }
162378ee8d1cSJulian Grajkowski /* TLS v1.1, v1.2 */
162478ee8d1cSJulian Grajkowski else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == lacCmdId ||
162578ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == lacCmdId) {
162678ee8d1cSJulian Grajkowski CpaCyKeyGenTlsOpData *pKeyGenTlsOpData =
162778ee8d1cSJulian Grajkowski (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData;
162878ee8d1cSJulian Grajkowski lac_sym_qat_hash_state_buffer_info_t
162978ee8d1cSJulian Grajkowski hashStateBufferInfo = { 0 };
163078ee8d1cSJulian Grajkowski CpaBoolean hashStateBuffer = CPA_FALSE;
163178ee8d1cSJulian Grajkowski icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock =
163278ee8d1cSJulian Grajkowski (icp_qat_fw_auth_cd_ctrl_hdr_t *)&(
163378ee8d1cSJulian Grajkowski keyGenReqFtr.cd_ctrl);
163478ee8d1cSJulian Grajkowski icp_qat_la_auth_req_params_t *pHashReqParams = NULL;
163578ee8d1cSJulian Grajkowski Cpa8U *pLabel = NULL;
163678ee8d1cSJulian Grajkowski Cpa32U labelLen = 0;
163778ee8d1cSJulian Grajkowski Cpa64U labelPhysAddr = 0;
163878ee8d1cSJulian Grajkowski hashStateBufferInfo.pData = pCookie->hashStateBuffer;
163978ee8d1cSJulian Grajkowski hashStateBufferInfo.pDataPhys =
164078ee8d1cSJulian Grajkowski LAC_MEM_CAST_PTR_TO_UINT64(
164178ee8d1cSJulian Grajkowski pSymCookie->keyHashStateBufferPhyAddr);
164278ee8d1cSJulian Grajkowski hashStateBufferInfo.stateStorageSzQuadWords = 0;
164378ee8d1cSJulian Grajkowski
164478ee8d1cSJulian Grajkowski LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr),
164578ee8d1cSJulian Grajkowski instanceHandle,
164678ee8d1cSJulian Grajkowski &(hashSetupData),
164778ee8d1cSJulian Grajkowski hashStateBuffer,
164878ee8d1cSJulian Grajkowski qatHashMode,
164978ee8d1cSJulian Grajkowski CPA_FALSE);
165078ee8d1cSJulian Grajkowski
165178ee8d1cSJulian Grajkowski pHashReqParams = (icp_qat_la_auth_req_params_t *)&(
165278ee8d1cSJulian Grajkowski keyGenReqFtr.serv_specif_rqpars);
165378ee8d1cSJulian Grajkowski
165478ee8d1cSJulian Grajkowski hashStateBufferInfo.prefixAadSzQuadWords =
165578ee8d1cSJulian Grajkowski LAC_BYTES_TO_QUADWORDS(
165678ee8d1cSJulian Grajkowski pHashReqParams->u2.inner_prefix_sz +
165778ee8d1cSJulian Grajkowski pHashControlBlock->outer_prefix_sz);
165878ee8d1cSJulian Grajkowski
165978ee8d1cSJulian Grajkowski /* Copy prefix data into hash state buffer */
166078ee8d1cSJulian Grajkowski pMsgDummy = (Cpa8U *)&(keyGenReq);
166178ee8d1cSJulian Grajkowski pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr);
166278ee8d1cSJulian Grajkowski pCacheDummyMid = (Cpa8U *)&(keyGenReqMid);
166378ee8d1cSJulian Grajkowski pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr);
166478ee8d1cSJulian Grajkowski memcpy(pMsgDummy,
166578ee8d1cSJulian Grajkowski pCacheDummyHdr,
166678ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
166778ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_HDR_IN_LW));
166878ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
166978ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_MID_IN_LW),
167078ee8d1cSJulian Grajkowski pCacheDummyMid,
167178ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
167278ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_MID_IN_LW));
167378ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
167478ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_FTR_IN_LW),
167578ee8d1cSJulian Grajkowski pCacheDummyFtr,
167678ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
167778ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_FTR_IN_LW));
167878ee8d1cSJulian Grajkowski
167978ee8d1cSJulian Grajkowski LacSymQat_HashStatePrefixAadBufferPopulate(
168078ee8d1cSJulian Grajkowski &hashStateBufferInfo,
168178ee8d1cSJulian Grajkowski &keyGenReqFtr,
168278ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData,
168378ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes,
168478ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData,
168578ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes);
168678ee8d1cSJulian Grajkowski
168778ee8d1cSJulian Grajkowski /* Firmware only looks at hash state buffer pointer and
168878ee8d1cSJulian Grajkowski * the
168978ee8d1cSJulian Grajkowski * hash state buffer size so all other fields are set to
169078ee8d1cSJulian Grajkowski * 0
169178ee8d1cSJulian Grajkowski */
169278ee8d1cSJulian Grajkowski LacSymQat_HashRequestParamsPopulate(
169378ee8d1cSJulian Grajkowski &(keyGenReq),
169478ee8d1cSJulian Grajkowski 0, /* Auth offset */
169578ee8d1cSJulian Grajkowski 0, /* Auth length */
169678ee8d1cSJulian Grajkowski &(pService->generic_service_info),
169778ee8d1cSJulian Grajkowski &hashStateBufferInfo, /* Hash state prefix buffer */
169878ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_PARTIAL_NONE,
169978ee8d1cSJulian Grajkowski 0, /* Hash result size */
170078ee8d1cSJulian Grajkowski CPA_FALSE,
170178ee8d1cSJulian Grajkowski NULL,
170278ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_NONE, /* Hash algorithm */
170378ee8d1cSJulian Grajkowski NULL); /* HKDF only */
170478ee8d1cSJulian Grajkowski
170578ee8d1cSJulian Grajkowski /* Set up the labels and their length */
170678ee8d1cSJulian Grajkowski if (CPA_CY_KEY_TLS_OP_USER_DEFINED ==
170778ee8d1cSJulian Grajkowski pKeyGenTlsOpData->tlsOp) {
170878ee8d1cSJulian Grajkowski pLabel = pKeyGenTlsOpData->userLabel.pData;
170978ee8d1cSJulian Grajkowski labelLen =
171078ee8d1cSJulian Grajkowski pKeyGenTlsOpData->userLabel.dataLenInBytes;
171178ee8d1cSJulian Grajkowski labelPhysAddr = LAC_OS_VIRT_TO_PHYS_EXTERNAL(
171278ee8d1cSJulian Grajkowski pService->generic_service_info, pLabel);
171378ee8d1cSJulian Grajkowski
171478ee8d1cSJulian Grajkowski if (labelPhysAddr == 0) {
171578ee8d1cSJulian Grajkowski LAC_LOG_ERROR(
171678ee8d1cSJulian Grajkowski "Unable to get the physical address of the"
171778ee8d1cSJulian Grajkowski " label");
171878ee8d1cSJulian Grajkowski status = CPA_STATUS_FAIL;
171978ee8d1cSJulian Grajkowski }
172078ee8d1cSJulian Grajkowski } else if (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE ==
172178ee8d1cSJulian Grajkowski pKeyGenTlsOpData->tlsOp) {
172278ee8d1cSJulian Grajkowski pLabel = pService->pTlsLabel->masterSecret;
172378ee8d1cSJulian Grajkowski labelLen =
172478ee8d1cSJulian Grajkowski sizeof(
172578ee8d1cSJulian Grajkowski LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL) -
172678ee8d1cSJulian Grajkowski 1;
172778ee8d1cSJulian Grajkowski labelPhysAddr =
172878ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel);
172978ee8d1cSJulian Grajkowski } else if (CPA_CY_KEY_TLS_OP_KEY_MATERIAL_DERIVE ==
173078ee8d1cSJulian Grajkowski pKeyGenTlsOpData->tlsOp) {
173178ee8d1cSJulian Grajkowski pLabel = pService->pTlsLabel->keyMaterial;
173278ee8d1cSJulian Grajkowski labelLen =
173378ee8d1cSJulian Grajkowski sizeof(LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL) -
173478ee8d1cSJulian Grajkowski 1;
173578ee8d1cSJulian Grajkowski labelPhysAddr =
173678ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel);
173778ee8d1cSJulian Grajkowski } else if (CPA_CY_KEY_TLS_OP_CLIENT_FINISHED_DERIVE ==
173878ee8d1cSJulian Grajkowski pKeyGenTlsOpData->tlsOp) {
173978ee8d1cSJulian Grajkowski pLabel = pService->pTlsLabel->clientFinished;
174078ee8d1cSJulian Grajkowski labelLen =
174178ee8d1cSJulian Grajkowski sizeof(LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL) -
174278ee8d1cSJulian Grajkowski 1;
174378ee8d1cSJulian Grajkowski labelPhysAddr =
174478ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel);
174578ee8d1cSJulian Grajkowski } else {
174678ee8d1cSJulian Grajkowski pLabel = pService->pTlsLabel->serverFinished;
174778ee8d1cSJulian Grajkowski labelLen =
174878ee8d1cSJulian Grajkowski sizeof(LAC_SYM_KEY_TLS_SERVER_FIN_LABEL) -
174978ee8d1cSJulian Grajkowski 1;
175078ee8d1cSJulian Grajkowski labelPhysAddr =
175178ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel);
175278ee8d1cSJulian Grajkowski }
175378ee8d1cSJulian Grajkowski LacSymQat_KeyTlsRequestPopulate(
175478ee8d1cSJulian Grajkowski &keyGenReqMid,
175578ee8d1cSJulian Grajkowski pKeyGenTlsOpData->generatedKeyLenInBytes,
175678ee8d1cSJulian Grajkowski labelLen,
175778ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret.dataLenInBytes,
175878ee8d1cSJulian Grajkowski pKeyGenTlsOpData->seed.dataLenInBytes,
175978ee8d1cSJulian Grajkowski lacCmdId);
176078ee8d1cSJulian Grajkowski
176178ee8d1cSJulian Grajkowski LacSymQat_KeyTlsKeyMaterialInputPopulate(
176278ee8d1cSJulian Grajkowski &(pService->generic_service_info),
176378ee8d1cSJulian Grajkowski &(pCookie->u.tlsKeyInput),
176478ee8d1cSJulian Grajkowski pKeyGenTlsOpData->seed.pData,
176578ee8d1cSJulian Grajkowski labelPhysAddr);
176678ee8d1cSJulian Grajkowski
176778ee8d1cSJulian Grajkowski inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64(
176878ee8d1cSJulian Grajkowski pSymCookie->keyTlsKeyInputPhyAddr);
176978ee8d1cSJulian Grajkowski }
177078ee8d1cSJulian Grajkowski /* TLS v1.3 */
177178ee8d1cSJulian Grajkowski else if (ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= lacCmdId &&
177278ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND >=
177378ee8d1cSJulian Grajkowski lacCmdId) {
177478ee8d1cSJulian Grajkowski CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData =
177578ee8d1cSJulian Grajkowski (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData;
177678ee8d1cSJulian Grajkowski lac_sym_qat_hash_state_buffer_info_t
177778ee8d1cSJulian Grajkowski hashStateBufferInfo = { 0 };
177878ee8d1cSJulian Grajkowski CpaBoolean hashStateBuffer = CPA_FALSE;
177978ee8d1cSJulian Grajkowski icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock =
178078ee8d1cSJulian Grajkowski (icp_qat_fw_auth_cd_ctrl_hdr_t *)&(
178178ee8d1cSJulian Grajkowski keyGenReqFtr.cd_ctrl);
178278ee8d1cSJulian Grajkowski icp_qat_la_auth_req_params_t *pHashReqParams = NULL;
178378ee8d1cSJulian Grajkowski hashStateBufferInfo.pData = pCookie->hashStateBuffer;
178478ee8d1cSJulian Grajkowski hashStateBufferInfo.pDataPhys =
178578ee8d1cSJulian Grajkowski LAC_MEM_CAST_PTR_TO_UINT64(
178678ee8d1cSJulian Grajkowski pSymCookie->keyHashStateBufferPhyAddr);
178778ee8d1cSJulian Grajkowski hashStateBufferInfo.stateStorageSzQuadWords = 0;
178878ee8d1cSJulian Grajkowski
178978ee8d1cSJulian Grajkowski LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr),
179078ee8d1cSJulian Grajkowski instanceHandle,
179178ee8d1cSJulian Grajkowski &(hashSetupData),
179278ee8d1cSJulian Grajkowski hashStateBuffer,
179378ee8d1cSJulian Grajkowski qatHashMode,
179478ee8d1cSJulian Grajkowski CPA_FALSE);
179578ee8d1cSJulian Grajkowski
179678ee8d1cSJulian Grajkowski pHashReqParams = (icp_qat_la_auth_req_params_t *)&(
179778ee8d1cSJulian Grajkowski keyGenReqFtr.serv_specif_rqpars);
179878ee8d1cSJulian Grajkowski
179978ee8d1cSJulian Grajkowski hashStateBufferInfo.prefixAadSzQuadWords =
180078ee8d1cSJulian Grajkowski LAC_BYTES_TO_QUADWORDS(
180178ee8d1cSJulian Grajkowski pHashReqParams->u2.inner_prefix_sz +
180278ee8d1cSJulian Grajkowski pHashControlBlock->outer_prefix_sz);
180378ee8d1cSJulian Grajkowski
180478ee8d1cSJulian Grajkowski /* Copy prefix data into hash state buffer */
180578ee8d1cSJulian Grajkowski pMsgDummy = (Cpa8U *)&(keyGenReq);
180678ee8d1cSJulian Grajkowski pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr);
180778ee8d1cSJulian Grajkowski pCacheDummyMid = (Cpa8U *)&(keyGenReqMid);
180878ee8d1cSJulian Grajkowski pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr);
180978ee8d1cSJulian Grajkowski memcpy(pMsgDummy,
181078ee8d1cSJulian Grajkowski pCacheDummyHdr,
181178ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
181278ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_HDR_IN_LW));
181378ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
181478ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_MID_IN_LW),
181578ee8d1cSJulian Grajkowski pCacheDummyMid,
181678ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
181778ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_MID_IN_LW));
181878ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
181978ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_FTR_IN_LW),
182078ee8d1cSJulian Grajkowski pCacheDummyFtr,
182178ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
182278ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_FTR_IN_LW));
182378ee8d1cSJulian Grajkowski
182478ee8d1cSJulian Grajkowski LacSymQat_HashStatePrefixAadBufferPopulate(
182578ee8d1cSJulian Grajkowski &hashStateBufferInfo,
182678ee8d1cSJulian Grajkowski &keyGenReqFtr,
182778ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData,
182878ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes,
182978ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData,
183078ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes);
183178ee8d1cSJulian Grajkowski
183278ee8d1cSJulian Grajkowski /* Firmware only looks at hash state buffer pointer and
183378ee8d1cSJulian Grajkowski * the
183478ee8d1cSJulian Grajkowski * hash state buffer size so all other fields are set to
183578ee8d1cSJulian Grajkowski * 0
183678ee8d1cSJulian Grajkowski */
183778ee8d1cSJulian Grajkowski LacSymQat_HashRequestParamsPopulate(
183878ee8d1cSJulian Grajkowski &(keyGenReq),
183978ee8d1cSJulian Grajkowski 0, /* Auth offset */
184078ee8d1cSJulian Grajkowski 0, /* Auth length */
184178ee8d1cSJulian Grajkowski &(pService->generic_service_info),
184278ee8d1cSJulian Grajkowski &hashStateBufferInfo, /* Hash state prefix buffer */
184378ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_PARTIAL_NONE,
184478ee8d1cSJulian Grajkowski 0, /* Hash result size */
184578ee8d1cSJulian Grajkowski CPA_FALSE,
184678ee8d1cSJulian Grajkowski NULL,
184778ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_NONE, /* Hash algorithm */
184878ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret); /* IKM or PRK */
184978ee8d1cSJulian Grajkowski
185078ee8d1cSJulian Grajkowski LacSymQat_KeyTlsRequestPopulate(
185178ee8d1cSJulian Grajkowski &keyGenReqMid,
185278ee8d1cSJulian Grajkowski cipherSuiteHKDFHashSizes[hashAlgCipher]
185378ee8d1cSJulian Grajkowski [LAC_KEY_HKDF_DIGESTS],
185478ee8d1cSJulian Grajkowski /* For EXTRACT, EXPAND, FW expects info to be passed
185578ee8d1cSJulian Grajkowski as label */
185678ee8d1cSJulian Grajkowski pKeyGenTlsOpData->infoLen,
185778ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secretLen,
185878ee8d1cSJulian Grajkowski pKeyGenTlsOpData->seedLen,
185978ee8d1cSJulian Grajkowski lacCmdId);
186078ee8d1cSJulian Grajkowski
186178ee8d1cSJulian Grajkowski LacSymQat_KeyTlsHKDFKeyMaterialInputPopulate(
186278ee8d1cSJulian Grajkowski &(pService->generic_service_info),
186378ee8d1cSJulian Grajkowski &(pCookie->u.tlsHKDFKeyInput),
186478ee8d1cSJulian Grajkowski pKeyGenTlsOpData,
186578ee8d1cSJulian Grajkowski 0, /* No subLabels used */
186678ee8d1cSJulian Grajkowski lacCmdId); /* Pass op being performed */
186778ee8d1cSJulian Grajkowski
186878ee8d1cSJulian Grajkowski inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64(
186978ee8d1cSJulian Grajkowski pSymCookie->keyTlsKeyInputPhyAddr);
187078ee8d1cSJulian Grajkowski }
187178ee8d1cSJulian Grajkowski /* TLS v1.3 LABEL */
187278ee8d1cSJulian Grajkowski else if (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == lacCmdId ||
187378ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL ==
187478ee8d1cSJulian Grajkowski lacCmdId) {
187578ee8d1cSJulian Grajkowski CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData =
187678ee8d1cSJulian Grajkowski (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData;
187778ee8d1cSJulian Grajkowski Cpa64U subLabelsPhysAddr = 0;
187878ee8d1cSJulian Grajkowski lac_sym_qat_hash_state_buffer_info_t
187978ee8d1cSJulian Grajkowski hashStateBufferInfo = { 0 };
188078ee8d1cSJulian Grajkowski CpaBoolean hashStateBuffer = CPA_FALSE;
188178ee8d1cSJulian Grajkowski icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock =
188278ee8d1cSJulian Grajkowski (icp_qat_fw_auth_cd_ctrl_hdr_t *)&(
188378ee8d1cSJulian Grajkowski keyGenReqFtr.cd_ctrl);
188478ee8d1cSJulian Grajkowski icp_qat_la_auth_req_params_t *pHashReqParams = NULL;
188578ee8d1cSJulian Grajkowski hashStateBufferInfo.pData = pCookie->hashStateBuffer;
188678ee8d1cSJulian Grajkowski hashStateBufferInfo.pDataPhys =
188778ee8d1cSJulian Grajkowski LAC_MEM_CAST_PTR_TO_UINT64(
188878ee8d1cSJulian Grajkowski pSymCookie->keyHashStateBufferPhyAddr);
188978ee8d1cSJulian Grajkowski hashStateBufferInfo.stateStorageSzQuadWords = 0;
189078ee8d1cSJulian Grajkowski
189178ee8d1cSJulian Grajkowski LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr),
189278ee8d1cSJulian Grajkowski instanceHandle,
189378ee8d1cSJulian Grajkowski &(hashSetupData),
189478ee8d1cSJulian Grajkowski hashStateBuffer,
189578ee8d1cSJulian Grajkowski qatHashMode,
189678ee8d1cSJulian Grajkowski CPA_FALSE);
189778ee8d1cSJulian Grajkowski
189878ee8d1cSJulian Grajkowski pHashReqParams = (icp_qat_la_auth_req_params_t *)&(
189978ee8d1cSJulian Grajkowski keyGenReqFtr.serv_specif_rqpars);
190078ee8d1cSJulian Grajkowski
190178ee8d1cSJulian Grajkowski hashStateBufferInfo.prefixAadSzQuadWords =
190278ee8d1cSJulian Grajkowski LAC_BYTES_TO_QUADWORDS(
190378ee8d1cSJulian Grajkowski pHashReqParams->u2.inner_prefix_sz +
190478ee8d1cSJulian Grajkowski pHashControlBlock->outer_prefix_sz);
190578ee8d1cSJulian Grajkowski
190678ee8d1cSJulian Grajkowski /* Copy prefix data into hash state buffer */
190778ee8d1cSJulian Grajkowski pMsgDummy = (Cpa8U *)&(keyGenReq);
190878ee8d1cSJulian Grajkowski pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr);
190978ee8d1cSJulian Grajkowski pCacheDummyMid = (Cpa8U *)&(keyGenReqMid);
191078ee8d1cSJulian Grajkowski pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr);
191178ee8d1cSJulian Grajkowski memcpy(pMsgDummy,
191278ee8d1cSJulian Grajkowski pCacheDummyHdr,
191378ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
191478ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_HDR_IN_LW));
191578ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
191678ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_MID_IN_LW),
191778ee8d1cSJulian Grajkowski pCacheDummyMid,
191878ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
191978ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_MID_IN_LW));
192078ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
192178ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_FTR_IN_LW),
192278ee8d1cSJulian Grajkowski pCacheDummyFtr,
192378ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES *
192478ee8d1cSJulian Grajkowski LAC_SIZE_OF_CACHE_FTR_IN_LW));
192578ee8d1cSJulian Grajkowski
192678ee8d1cSJulian Grajkowski LacSymQat_HashStatePrefixAadBufferPopulate(
192778ee8d1cSJulian Grajkowski &hashStateBufferInfo,
192878ee8d1cSJulian Grajkowski &keyGenReqFtr,
192978ee8d1cSJulian Grajkowski pNestedModeSetupData->pInnerPrefixData,
193078ee8d1cSJulian Grajkowski pNestedModeSetupData->innerPrefixLenInBytes,
193178ee8d1cSJulian Grajkowski pNestedModeSetupData->pOuterPrefixData,
193278ee8d1cSJulian Grajkowski pNestedModeSetupData->outerPrefixLenInBytes);
193378ee8d1cSJulian Grajkowski
193478ee8d1cSJulian Grajkowski /* Firmware only looks at hash state buffer pointer and
193578ee8d1cSJulian Grajkowski * the
193678ee8d1cSJulian Grajkowski * hash state buffer size so all other fields are set to
193778ee8d1cSJulian Grajkowski * 0
193878ee8d1cSJulian Grajkowski */
193978ee8d1cSJulian Grajkowski LacSymQat_HashRequestParamsPopulate(
194078ee8d1cSJulian Grajkowski &(keyGenReq),
194178ee8d1cSJulian Grajkowski 0, /* Auth offset */
194278ee8d1cSJulian Grajkowski 0, /* Auth length */
194378ee8d1cSJulian Grajkowski &(pService->generic_service_info),
194478ee8d1cSJulian Grajkowski &hashStateBufferInfo, /* Hash state prefix buffer */
194578ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_PARTIAL_NONE,
194678ee8d1cSJulian Grajkowski 0, /* Hash result size */
194778ee8d1cSJulian Grajkowski CPA_FALSE,
194878ee8d1cSJulian Grajkowski NULL,
194978ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_NONE, /* Hash algorithm */
195078ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secret); /* IKM or PRK */
195178ee8d1cSJulian Grajkowski
195278ee8d1cSJulian Grajkowski LacSymQat_KeyTlsRequestPopulate(
195378ee8d1cSJulian Grajkowski &keyGenReqMid,
195478ee8d1cSJulian Grajkowski cipherSuiteHKDFHashSizes[hashAlgCipher]
195578ee8d1cSJulian Grajkowski [LAC_KEY_HKDF_DIGESTS],
195678ee8d1cSJulian Grajkowski pKeyGenTlsOpData->numLabels, /* Number of Labels */
195778ee8d1cSJulian Grajkowski pKeyGenTlsOpData->secretLen,
195878ee8d1cSJulian Grajkowski pKeyGenTlsOpData->seedLen,
195978ee8d1cSJulian Grajkowski lacCmdId);
196078ee8d1cSJulian Grajkowski
196178ee8d1cSJulian Grajkowski /* Get physical address of subLabels */
196278ee8d1cSJulian Grajkowski switch (hashAlgCipher) {
196378ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_AES_128_GCM_SHA256: /* Fall Through
196478ee8d1cSJulian Grajkowski */
196578ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_AES_128_CCM_SHA256:
196678ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_AES_128_CCM_8_SHA256:
196778ee8d1cSJulian Grajkowski subLabelsPhysAddr = pService->pTlsHKDFSubLabel
196878ee8d1cSJulian Grajkowski ->sublabelPhysAddr256;
196978ee8d1cSJulian Grajkowski break;
197078ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_CHACHA20_POLY1305_SHA256:
197178ee8d1cSJulian Grajkowski subLabelsPhysAddr =
197278ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel
197378ee8d1cSJulian Grajkowski ->sublabelPhysAddrChaChaPoly;
197478ee8d1cSJulian Grajkowski break;
197578ee8d1cSJulian Grajkowski case CPA_CY_HKDF_TLS_AES_256_GCM_SHA384:
197678ee8d1cSJulian Grajkowski subLabelsPhysAddr = pService->pTlsHKDFSubLabel
197778ee8d1cSJulian Grajkowski ->sublabelPhysAddr384;
197878ee8d1cSJulian Grajkowski break;
197978ee8d1cSJulian Grajkowski default:
198078ee8d1cSJulian Grajkowski break;
198178ee8d1cSJulian Grajkowski }
198278ee8d1cSJulian Grajkowski
198378ee8d1cSJulian Grajkowski LacSymQat_KeyTlsHKDFKeyMaterialInputPopulate(
198478ee8d1cSJulian Grajkowski &(pService->generic_service_info),
198578ee8d1cSJulian Grajkowski &(pCookie->u.tlsHKDFKeyInput),
198678ee8d1cSJulian Grajkowski pKeyGenTlsOpData,
198778ee8d1cSJulian Grajkowski subLabelsPhysAddr,
198878ee8d1cSJulian Grajkowski lacCmdId); /* Pass op being performed */
198978ee8d1cSJulian Grajkowski
199078ee8d1cSJulian Grajkowski inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64(
199178ee8d1cSJulian Grajkowski pSymCookie->keyTlsKeyInputPhyAddr);
199278ee8d1cSJulian Grajkowski }
199378ee8d1cSJulian Grajkowski
199478ee8d1cSJulian Grajkowski outputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64(
199578ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_EXTERNAL(pService->generic_service_info,
199678ee8d1cSJulian Grajkowski pKeyGenOutputData->pData));
199778ee8d1cSJulian Grajkowski
199878ee8d1cSJulian Grajkowski if (outputPhysAddr == 0) {
199978ee8d1cSJulian Grajkowski LAC_LOG_ERROR(
200078ee8d1cSJulian Grajkowski "Unable to get the physical address of the"
200178ee8d1cSJulian Grajkowski " output buffer");
200278ee8d1cSJulian Grajkowski status = CPA_STATUS_FAIL;
200378ee8d1cSJulian Grajkowski }
200478ee8d1cSJulian Grajkowski }
200578ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
200678ee8d1cSJulian Grajkowski Cpa8U lw26[4];
200778ee8d1cSJulian Grajkowski char *tmp = NULL;
200878ee8d1cSJulian Grajkowski unsigned char a;
200978ee8d1cSJulian Grajkowski int n = 0;
201078ee8d1cSJulian Grajkowski /* Make up the full keyGenReq struct from its constituents
201178ee8d1cSJulian Grajkowski * before calling the SalQatMsg functions below.
201278ee8d1cSJulian Grajkowski * Note: The full cache struct has been reduced to a
201378ee8d1cSJulian Grajkowski * header, mid and footer for memory size reduction
201478ee8d1cSJulian Grajkowski */
201578ee8d1cSJulian Grajkowski pMsgDummy = (Cpa8U *)&(keyGenReq);
201678ee8d1cSJulian Grajkowski pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr);
201778ee8d1cSJulian Grajkowski pCacheDummyMid = (Cpa8U *)&(keyGenReqMid);
201878ee8d1cSJulian Grajkowski pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr);
201978ee8d1cSJulian Grajkowski
202078ee8d1cSJulian Grajkowski memcpy(pMsgDummy,
202178ee8d1cSJulian Grajkowski pCacheDummyHdr,
202278ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW));
202378ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
202478ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_MID_IN_LW),
202578ee8d1cSJulian Grajkowski pCacheDummyMid,
202678ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_MID_IN_LW));
202778ee8d1cSJulian Grajkowski memcpy(&lw26,
202878ee8d1cSJulian Grajkowski pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
202978ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_FTR_IN_LW),
203078ee8d1cSJulian Grajkowski LAC_LONG_WORD_IN_BYTES);
203178ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
203278ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_FTR_IN_LW),
203378ee8d1cSJulian Grajkowski pCacheDummyFtr,
203478ee8d1cSJulian Grajkowski (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_FTR_IN_LW));
203578ee8d1cSJulian Grajkowski tmp = (char *)(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
203678ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_FTR_IN_LW));
203778ee8d1cSJulian Grajkowski
203878ee8d1cSJulian Grajkowski /* Copy LW26, or'd with what's already there, into the Msg, for
203978ee8d1cSJulian Grajkowski * TLS */
204078ee8d1cSJulian Grajkowski for (n = 0; n < LAC_LONG_WORD_IN_BYTES; n++) {
204178ee8d1cSJulian Grajkowski a = (unsigned char)*(tmp + n);
204278ee8d1cSJulian Grajkowski lw26[n] = lw26[n] | a;
204378ee8d1cSJulian Grajkowski }
204478ee8d1cSJulian Grajkowski memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES *
204578ee8d1cSJulian Grajkowski LAC_START_OF_CACHE_FTR_IN_LW),
204678ee8d1cSJulian Grajkowski &lw26,
204778ee8d1cSJulian Grajkowski LAC_LONG_WORD_IN_BYTES);
204878ee8d1cSJulian Grajkowski
204978ee8d1cSJulian Grajkowski contentDescInfo.pData = pCookie->contentDesc;
205078ee8d1cSJulian Grajkowski contentDescInfo.hardwareSetupBlockPhys =
205178ee8d1cSJulian Grajkowski LAC_MEM_CAST_PTR_TO_UINT64(
205278ee8d1cSJulian Grajkowski pSymCookie->keyContentDescPhyAddr);
205378ee8d1cSJulian Grajkowski contentDescInfo.hwBlkSzQuadWords =
205478ee8d1cSJulian Grajkowski LAC_BYTES_TO_QUADWORDS(hashBlkSizeInBytes);
205578ee8d1cSJulian Grajkowski
205678ee8d1cSJulian Grajkowski /* Populate common request fields */
205778ee8d1cSJulian Grajkowski SalQatMsg_ContentDescHdrWrite((icp_qat_fw_comn_req_t *)&(
205878ee8d1cSJulian Grajkowski keyGenReq),
205978ee8d1cSJulian Grajkowski &(contentDescInfo));
206078ee8d1cSJulian Grajkowski
206178ee8d1cSJulian Grajkowski SalQatMsg_CmnHdrWrite((icp_qat_fw_comn_req_t *)&keyGenReq,
206278ee8d1cSJulian Grajkowski ICP_QAT_FW_COMN_REQ_CPM_FW_LA,
206378ee8d1cSJulian Grajkowski lacCmdId,
206478ee8d1cSJulian Grajkowski cmnRequestFlags,
206578ee8d1cSJulian Grajkowski laCmdFlags);
206678ee8d1cSJulian Grajkowski
206778ee8d1cSJulian Grajkowski SalQatMsg_CmnMidWrite((icp_qat_fw_la_bulk_req_t *)&(keyGenReq),
206878ee8d1cSJulian Grajkowski pCookie,
206978ee8d1cSJulian Grajkowski LAC_SYM_KEY_QAT_PTR_TYPE,
207078ee8d1cSJulian Grajkowski inputPhysAddr,
207178ee8d1cSJulian Grajkowski outputPhysAddr,
207278ee8d1cSJulian Grajkowski 0,
207378ee8d1cSJulian Grajkowski 0);
207478ee8d1cSJulian Grajkowski
207578ee8d1cSJulian Grajkowski /* Send to QAT */
207678ee8d1cSJulian Grajkowski status = icp_adf_transPutMsg(pService->trans_handle_sym_tx,
207778ee8d1cSJulian Grajkowski (void *)&(keyGenReq),
207878ee8d1cSJulian Grajkowski LAC_QAT_SYM_REQ_SZ_LW);
207978ee8d1cSJulian Grajkowski }
208078ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
208178ee8d1cSJulian Grajkowski /* Update stats */
208278ee8d1cSJulian Grajkowski LacKey_StatsInc(lacCmdId,
208378ee8d1cSJulian Grajkowski LAC_KEY_REQUESTS,
208478ee8d1cSJulian Grajkowski pCookie->instanceHandle);
208578ee8d1cSJulian Grajkowski } else {
208678ee8d1cSJulian Grajkowski /* Clean up cookie memory */
208778ee8d1cSJulian Grajkowski if (NULL != pCookie) {
208878ee8d1cSJulian Grajkowski LacKey_StatsInc(lacCmdId,
208978ee8d1cSJulian Grajkowski LAC_KEY_REQUEST_ERRORS,
209078ee8d1cSJulian Grajkowski pCookie->instanceHandle);
209178ee8d1cSJulian Grajkowski Lac_MemPoolEntryFree(pCookie);
209278ee8d1cSJulian Grajkowski }
209378ee8d1cSJulian Grajkowski }
209478ee8d1cSJulian Grajkowski return status;
209578ee8d1cSJulian Grajkowski }
209678ee8d1cSJulian Grajkowski
209778ee8d1cSJulian Grajkowski /**
209878ee8d1cSJulian Grajkowski * @ingroup LacSymKey
209978ee8d1cSJulian Grajkowski * Parameters check for TLS v1.0/1.1, v1.2, v1.3 and SSL3
210078ee8d1cSJulian Grajkowski * @description
210178ee8d1cSJulian Grajkowski * Check user parameters against the firmware/spec requirements.
210278ee8d1cSJulian Grajkowski *
210378ee8d1cSJulian Grajkowski * @param[in] pKeyGenOpData Pointer to a structure containing all
210478ee8d1cSJulian Grajkowski * the data needed to perform the key
210578ee8d1cSJulian Grajkowski * generation operation.
210678ee8d1cSJulian Grajkowski * @param[in] hashAlgCipher Specifies the hash algorithm,
210778ee8d1cSJulian Grajkowski * or cipher we are using.
210878ee8d1cSJulian Grajkowski * According to RFC5246, this should be
210978ee8d1cSJulian Grajkowski * "SHA-256 or a stronger standard hash
211078ee8d1cSJulian Grajkowski * function."
211178ee8d1cSJulian Grajkowski * @param[in] pGeneratedKeyBuffer User output buffers.
211278ee8d1cSJulian Grajkowski * @param[in] cmdId Keygen operation to perform.
211378ee8d1cSJulian Grajkowski */
211478ee8d1cSJulian Grajkowski static CpaStatus
LacSymKey_CheckParamSslTls(const void * pKeyGenOpData,Cpa8U hashAlgCipher,const CpaFlatBuffer * pGeneratedKeyBuffer,icp_qat_fw_la_cmd_id_t cmdId)211578ee8d1cSJulian Grajkowski LacSymKey_CheckParamSslTls(const void *pKeyGenOpData,
211678ee8d1cSJulian Grajkowski Cpa8U hashAlgCipher,
211778ee8d1cSJulian Grajkowski const CpaFlatBuffer *pGeneratedKeyBuffer,
211878ee8d1cSJulian Grajkowski icp_qat_fw_la_cmd_id_t cmdId)
211978ee8d1cSJulian Grajkowski {
212078ee8d1cSJulian Grajkowski /* Api max value */
212178ee8d1cSJulian Grajkowski Cpa32U maxSecretLen = 0;
212278ee8d1cSJulian Grajkowski Cpa32U maxSeedLen = 0;
212378ee8d1cSJulian Grajkowski Cpa32U maxOutputLen = 0;
212478ee8d1cSJulian Grajkowski Cpa32U maxInfoLen = 0;
212578ee8d1cSJulian Grajkowski Cpa32U maxLabelLen = 0;
212678ee8d1cSJulian Grajkowski
212778ee8d1cSJulian Grajkowski /* User info */
212878ee8d1cSJulian Grajkowski Cpa32U uSecretLen = 0;
212978ee8d1cSJulian Grajkowski Cpa32U uSeedLen = 0;
213078ee8d1cSJulian Grajkowski Cpa32U uOutputLen = 0;
213178ee8d1cSJulian Grajkowski
213278ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pKeyGenOpData);
213378ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pGeneratedKeyBuffer);
213478ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pGeneratedKeyBuffer->pData);
213578ee8d1cSJulian Grajkowski
213678ee8d1cSJulian Grajkowski if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == cmdId) {
213778ee8d1cSJulian Grajkowski CpaCyKeyGenSslOpData *opData =
213878ee8d1cSJulian Grajkowski (CpaCyKeyGenSslOpData *)pKeyGenOpData;
213978ee8d1cSJulian Grajkowski
214078ee8d1cSJulian Grajkowski /* User info */
214178ee8d1cSJulian Grajkowski uSecretLen = opData->secret.dataLenInBytes;
214278ee8d1cSJulian Grajkowski uSeedLen = opData->seed.dataLenInBytes;
214378ee8d1cSJulian Grajkowski uOutputLen = opData->generatedKeyLenInBytes;
214478ee8d1cSJulian Grajkowski
214578ee8d1cSJulian Grajkowski /* Api max value */
214678ee8d1cSJulian Grajkowski maxSecretLen = ICP_QAT_FW_LA_SSL_SECRET_LEN_MAX;
214778ee8d1cSJulian Grajkowski maxSeedLen = ICP_QAT_FW_LA_SSL_SEED_LEN_MAX;
214878ee8d1cSJulian Grajkowski maxOutputLen = ICP_QAT_FW_LA_SSL_OUTPUT_LEN_MAX;
214978ee8d1cSJulian Grajkowski
215078ee8d1cSJulian Grajkowski /* Check user buffers */
215178ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(opData->secret.pData);
215278ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(opData->seed.pData);
215378ee8d1cSJulian Grajkowski
215478ee8d1cSJulian Grajkowski /* Check operation */
215578ee8d1cSJulian Grajkowski if ((Cpa32U)opData->sslOp > CPA_CY_KEY_SSL_OP_USER_DEFINED) {
215678ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("opData->sslOp");
215778ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
215878ee8d1cSJulian Grajkowski }
215978ee8d1cSJulian Grajkowski if ((Cpa32U)opData->sslOp == CPA_CY_KEY_SSL_OP_USER_DEFINED) {
216078ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(opData->userLabel.pData);
216178ee8d1cSJulian Grajkowski /* Maximum label length for SSL Key Gen request */
216278ee8d1cSJulian Grajkowski if (opData->userLabel.dataLenInBytes >
216378ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX) {
216478ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG(
216578ee8d1cSJulian Grajkowski "userLabel.dataLenInBytes");
216678ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
216778ee8d1cSJulian Grajkowski }
216878ee8d1cSJulian Grajkowski }
216978ee8d1cSJulian Grajkowski
217078ee8d1cSJulian Grajkowski /* Only seed length for SSL3 Key Gen request */
217178ee8d1cSJulian Grajkowski if (maxSeedLen != uSeedLen) {
217278ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("seed.dataLenInBytes");
217378ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
217478ee8d1cSJulian Grajkowski }
217578ee8d1cSJulian Grajkowski
217678ee8d1cSJulian Grajkowski /* Maximum output length for SSL3 Key Gen request */
217778ee8d1cSJulian Grajkowski if (uOutputLen > maxOutputLen) {
217878ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("generatedKeyLenInBytes");
217978ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
218078ee8d1cSJulian Grajkowski }
218178ee8d1cSJulian Grajkowski }
218278ee8d1cSJulian Grajkowski /* TLS v1.1 or TLS v.12 */
218378ee8d1cSJulian Grajkowski else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == cmdId ||
218478ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == cmdId) {
218578ee8d1cSJulian Grajkowski CpaCyKeyGenTlsOpData *opData =
218678ee8d1cSJulian Grajkowski (CpaCyKeyGenTlsOpData *)pKeyGenOpData;
218778ee8d1cSJulian Grajkowski
218878ee8d1cSJulian Grajkowski /* User info */
218978ee8d1cSJulian Grajkowski uSecretLen = opData->secret.dataLenInBytes;
219078ee8d1cSJulian Grajkowski uSeedLen = opData->seed.dataLenInBytes;
219178ee8d1cSJulian Grajkowski uOutputLen = opData->generatedKeyLenInBytes;
219278ee8d1cSJulian Grajkowski
219378ee8d1cSJulian Grajkowski if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == cmdId) {
219478ee8d1cSJulian Grajkowski /* Api max value */
219578ee8d1cSJulian Grajkowski /* ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX needs to be
219678ee8d1cSJulian Grajkowski * multiplied
219778ee8d1cSJulian Grajkowski * by 4 in order to verifiy the 512 conditions. We did
219878ee8d1cSJulian Grajkowski * not change
219978ee8d1cSJulian Grajkowski * ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX as it
220078ee8d1cSJulian Grajkowski * represents
220178ee8d1cSJulian Grajkowski * the max value tha firmware can handle.
220278ee8d1cSJulian Grajkowski */
220378ee8d1cSJulian Grajkowski maxSecretLen =
220478ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX * 4;
220578ee8d1cSJulian Grajkowski } else {
220678ee8d1cSJulian Grajkowski /* Api max value */
220778ee8d1cSJulian Grajkowski /* ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX needs to be
220878ee8d1cSJulian Grajkowski * multiplied
220978ee8d1cSJulian Grajkowski * by 8 in order to verifiy the 512 conditions. We did
221078ee8d1cSJulian Grajkowski * not change
221178ee8d1cSJulian Grajkowski * ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX as it
221278ee8d1cSJulian Grajkowski * represents
221378ee8d1cSJulian Grajkowski * the max value tha firmware can handle.
221478ee8d1cSJulian Grajkowski */
221578ee8d1cSJulian Grajkowski maxSecretLen =
221678ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX * 8;
221778ee8d1cSJulian Grajkowski
221878ee8d1cSJulian Grajkowski /* Check Hash algorithm */
221978ee8d1cSJulian Grajkowski if (0 == getDigestSizeFromHashAlgo(hashAlgCipher)) {
222078ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("hashAlgorithm");
222178ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
222278ee8d1cSJulian Grajkowski }
222378ee8d1cSJulian Grajkowski }
222478ee8d1cSJulian Grajkowski maxSeedLen = ICP_QAT_FW_LA_TLS_SEED_LEN_MAX;
222578ee8d1cSJulian Grajkowski maxOutputLen = ICP_QAT_FW_LA_TLS_OUTPUT_LEN_MAX;
222678ee8d1cSJulian Grajkowski /* Check user buffers */
222778ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(opData->secret.pData);
222878ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(opData->seed.pData);
222978ee8d1cSJulian Grajkowski
223078ee8d1cSJulian Grajkowski /* Check operation */
223178ee8d1cSJulian Grajkowski if ((Cpa32U)opData->tlsOp > CPA_CY_KEY_TLS_OP_USER_DEFINED) {
223278ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("opData->tlsOp");
223378ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
223478ee8d1cSJulian Grajkowski } else if ((Cpa32U)opData->tlsOp ==
223578ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_USER_DEFINED) {
223678ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(opData->userLabel.pData);
223778ee8d1cSJulian Grajkowski /* Maximum label length for TLS Key Gen request */
223878ee8d1cSJulian Grajkowski if (opData->userLabel.dataLenInBytes >
223978ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_TLS_LABEL_LEN_MAX) {
224078ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG(
224178ee8d1cSJulian Grajkowski "userLabel.dataLenInBytes");
224278ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
224378ee8d1cSJulian Grajkowski }
224478ee8d1cSJulian Grajkowski }
224578ee8d1cSJulian Grajkowski
224678ee8d1cSJulian Grajkowski /* Maximum/only seed length for TLS Key Gen request */
224778ee8d1cSJulian Grajkowski if (((Cpa32U)opData->tlsOp !=
224878ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE) &&
224978ee8d1cSJulian Grajkowski ((Cpa32U)opData->tlsOp !=
225078ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_KEY_MATERIAL_DERIVE)) {
225178ee8d1cSJulian Grajkowski if (uSeedLen > maxSeedLen) {
225278ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("seed.dataLenInBytes");
225378ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
225478ee8d1cSJulian Grajkowski }
225578ee8d1cSJulian Grajkowski } else {
225678ee8d1cSJulian Grajkowski if (maxSeedLen != uSeedLen) {
225778ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("seed.dataLenInBytes");
225878ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
225978ee8d1cSJulian Grajkowski }
226078ee8d1cSJulian Grajkowski }
226178ee8d1cSJulian Grajkowski
226278ee8d1cSJulian Grajkowski /* Maximum output length for TLS Key Gen request */
226378ee8d1cSJulian Grajkowski if (uOutputLen > maxOutputLen) {
226478ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("generatedKeyLenInBytes");
226578ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
226678ee8d1cSJulian Grajkowski }
226778ee8d1cSJulian Grajkowski }
226878ee8d1cSJulian Grajkowski /* TLS v1.3 */
226978ee8d1cSJulian Grajkowski else if (cmdId >= ICP_QAT_FW_LA_CMD_HKDF_EXTRACT &&
227078ee8d1cSJulian Grajkowski cmdId <= ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL) {
227178ee8d1cSJulian Grajkowski CpaCyKeyGenHKDFOpData *HKDF_Data =
227278ee8d1cSJulian Grajkowski (CpaCyKeyGenHKDFOpData *)pKeyGenOpData;
227378ee8d1cSJulian Grajkowski CpaCyKeyHKDFCipherSuite cipherSuite = hashAlgCipher;
227478ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm hashAlgorithm =
227578ee8d1cSJulian Grajkowski getHashAlgorithmFromCipherSuiteHKDF(cipherSuite);
227678ee8d1cSJulian Grajkowski maxSeedLen =
227778ee8d1cSJulian Grajkowski cipherSuiteHKDFHashSizes[cipherSuite][LAC_KEY_HKDF_DIGESTS];
227878ee8d1cSJulian Grajkowski maxSecretLen = CPA_CY_HKDF_KEY_MAX_SECRET_SZ;
227978ee8d1cSJulian Grajkowski maxInfoLen = CPA_CY_HKDF_KEY_MAX_INFO_SZ;
228078ee8d1cSJulian Grajkowski maxLabelLen = CPA_CY_HKDF_KEY_MAX_LABEL_SZ;
228178ee8d1cSJulian Grajkowski
228278ee8d1cSJulian Grajkowski uSecretLen = HKDF_Data->secretLen;
228378ee8d1cSJulian Grajkowski
228478ee8d1cSJulian Grajkowski /* Check using supported hash function */
228578ee8d1cSJulian Grajkowski if (0 ==
228678ee8d1cSJulian Grajkowski (uOutputLen = getDigestSizeFromHashAlgo(hashAlgorithm))) {
228778ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("Hash function not supported");
228878ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
228978ee8d1cSJulian Grajkowski }
229078ee8d1cSJulian Grajkowski
229178ee8d1cSJulian Grajkowski /* Number of labels does not exceed the MAX */
229278ee8d1cSJulian Grajkowski if (HKDF_Data->numLabels > CPA_CY_HKDF_KEY_MAX_LABEL_COUNT) {
229378ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG(
229478ee8d1cSJulian Grajkowski "CpaCyKeyGenHKDFOpData.numLabels");
229578ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
229678ee8d1cSJulian Grajkowski }
229778ee8d1cSJulian Grajkowski
229878ee8d1cSJulian Grajkowski switch (cmdId) {
229978ee8d1cSJulian Grajkowski case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT:
230078ee8d1cSJulian Grajkowski if (maxSeedLen < HKDF_Data->seedLen) {
230178ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG(
230278ee8d1cSJulian Grajkowski "CpaCyKeyGenHKDFOpData.seedLen");
230378ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
230478ee8d1cSJulian Grajkowski }
230578ee8d1cSJulian Grajkowski break;
230678ee8d1cSJulian Grajkowski case ICP_QAT_FW_LA_CMD_HKDF_EXPAND:
230778ee8d1cSJulian Grajkowski maxSecretLen =
230878ee8d1cSJulian Grajkowski cipherSuiteHKDFHashSizes[cipherSuite]
230978ee8d1cSJulian Grajkowski [LAC_KEY_HKDF_DIGESTS];
231078ee8d1cSJulian Grajkowski
231178ee8d1cSJulian Grajkowski if (maxInfoLen < HKDF_Data->infoLen) {
231278ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG(
231378ee8d1cSJulian Grajkowski "CpaCyKeyGenHKDFOpData.infoLen");
231478ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
231578ee8d1cSJulian Grajkowski }
231678ee8d1cSJulian Grajkowski break;
231778ee8d1cSJulian Grajkowski case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND:
231878ee8d1cSJulian Grajkowski uOutputLen *= 2;
231978ee8d1cSJulian Grajkowski if (maxSeedLen < HKDF_Data->seedLen) {
232078ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG(
232178ee8d1cSJulian Grajkowski "CpaCyKeyGenHKDFOpData.seedLen");
232278ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
232378ee8d1cSJulian Grajkowski }
232478ee8d1cSJulian Grajkowski if (maxInfoLen < HKDF_Data->infoLen) {
232578ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG(
232678ee8d1cSJulian Grajkowski "CpaCyKeyGenHKDFOpData.infoLen");
232778ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
232878ee8d1cSJulian Grajkowski }
232978ee8d1cSJulian Grajkowski break;
233078ee8d1cSJulian Grajkowski case ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL: /* Fall through */
233178ee8d1cSJulian Grajkowski case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL: {
233278ee8d1cSJulian Grajkowski Cpa8U subl_mask = 0, subl_number = 1;
233378ee8d1cSJulian Grajkowski Cpa8U i = 0;
233478ee8d1cSJulian Grajkowski
233578ee8d1cSJulian Grajkowski if (maxSeedLen < HKDF_Data->seedLen) {
233678ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG(
233778ee8d1cSJulian Grajkowski "CpaCyKeyGenHKDFOpData.seedLen");
233878ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
233978ee8d1cSJulian Grajkowski }
234078ee8d1cSJulian Grajkowski
234178ee8d1cSJulian Grajkowski /* If EXPAND set uOutputLen to zero */
234278ee8d1cSJulian Grajkowski if (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == cmdId) {
234378ee8d1cSJulian Grajkowski uOutputLen = 0;
234478ee8d1cSJulian Grajkowski maxSecretLen = cipherSuiteHKDFHashSizes
234578ee8d1cSJulian Grajkowski [cipherSuite][LAC_KEY_HKDF_DIGESTS];
234678ee8d1cSJulian Grajkowski }
234778ee8d1cSJulian Grajkowski
234878ee8d1cSJulian Grajkowski for (i = 0; i < HKDF_Data->numLabels; i++) {
234978ee8d1cSJulian Grajkowski /* Check that the labelLen does not overflow */
235078ee8d1cSJulian Grajkowski if (maxLabelLen <
235178ee8d1cSJulian Grajkowski HKDF_Data->label[i].labelLen) {
235278ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG1(
235378ee8d1cSJulian Grajkowski "CpaCyKeyGenHKDFOpData.label[%d].labelLen",
235478ee8d1cSJulian Grajkowski i);
235578ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
235678ee8d1cSJulian Grajkowski }
235778ee8d1cSJulian Grajkowski
235878ee8d1cSJulian Grajkowski if (HKDF_Data->label[i].sublabelFlag &
235978ee8d1cSJulian Grajkowski ~HKDF_SUB_LABELS_ALL) {
236078ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG1(
236178ee8d1cSJulian Grajkowski "CpaCyKeyGenHKDFOpData.label[%d]."
236278ee8d1cSJulian Grajkowski "subLabelFlag",
236378ee8d1cSJulian Grajkowski i);
236478ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
236578ee8d1cSJulian Grajkowski }
236678ee8d1cSJulian Grajkowski
236778ee8d1cSJulian Grajkowski /* Calculate the appended subLabel output
236878ee8d1cSJulian Grajkowski * lengths and
236978ee8d1cSJulian Grajkowski * check that the output buffer that the user
237078ee8d1cSJulian Grajkowski * has
237178ee8d1cSJulian Grajkowski * supplied is the correct length.
237278ee8d1cSJulian Grajkowski */
237378ee8d1cSJulian Grajkowski uOutputLen += cipherSuiteHKDFHashSizes
237478ee8d1cSJulian Grajkowski [cipherSuite][LAC_KEY_HKDF_DIGESTS];
237578ee8d1cSJulian Grajkowski /* Get mask of subLabel */
237678ee8d1cSJulian Grajkowski subl_mask = HKDF_Data->label[i].sublabelFlag;
237778ee8d1cSJulian Grajkowski
237878ee8d1cSJulian Grajkowski for (subl_number = 1;
237978ee8d1cSJulian Grajkowski subl_number <= LAC_KEY_HKDF_SUBLABELS_NUM;
238078ee8d1cSJulian Grajkowski subl_number++) {
238178ee8d1cSJulian Grajkowski /* Add the used subLabel key lengths */
238278ee8d1cSJulian Grajkowski if (subl_mask & 1) {
238378ee8d1cSJulian Grajkowski uOutputLen +=
238478ee8d1cSJulian Grajkowski cipherSuiteHKDFHashSizes
238578ee8d1cSJulian Grajkowski [cipherSuite]
238678ee8d1cSJulian Grajkowski [subl_number];
238778ee8d1cSJulian Grajkowski }
238878ee8d1cSJulian Grajkowski subl_mask >>= 1;
238978ee8d1cSJulian Grajkowski }
239078ee8d1cSJulian Grajkowski }
239178ee8d1cSJulian Grajkowski } break;
239278ee8d1cSJulian Grajkowski default:
239378ee8d1cSJulian Grajkowski break;
239478ee8d1cSJulian Grajkowski }
239578ee8d1cSJulian Grajkowski } else {
239678ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("TLS/SSL operation");
239778ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
239878ee8d1cSJulian Grajkowski }
239978ee8d1cSJulian Grajkowski
240078ee8d1cSJulian Grajkowski /* Maximum secret length for TLS/SSL Key Gen request */
240178ee8d1cSJulian Grajkowski if (uSecretLen > maxSecretLen) {
240278ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("HKFD.secretLen/secret.dataLenInBytes");
240378ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
240478ee8d1cSJulian Grajkowski }
240578ee8d1cSJulian Grajkowski
240678ee8d1cSJulian Grajkowski /* Check for enough space in the flat buffer */
240778ee8d1cSJulian Grajkowski if (uOutputLen > pGeneratedKeyBuffer->dataLenInBytes) {
240878ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("pGeneratedKeyBuffer->dataLenInBytes");
240978ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
241078ee8d1cSJulian Grajkowski }
241178ee8d1cSJulian Grajkowski return CPA_STATUS_SUCCESS;
241278ee8d1cSJulian Grajkowski }
241378ee8d1cSJulian Grajkowski
241478ee8d1cSJulian Grajkowski /**
241578ee8d1cSJulian Grajkowski *
241678ee8d1cSJulian Grajkowski */
241778ee8d1cSJulian Grajkowski /**
241878ee8d1cSJulian Grajkowski * @ingroup LacSymKey
241978ee8d1cSJulian Grajkowski * Common Keygen Code for TLS v1.0/1.1, v1.2 and SSL3.
242078ee8d1cSJulian Grajkowski * @description
242178ee8d1cSJulian Grajkowski * Check user parameters and perform the required operation.
242278ee8d1cSJulian Grajkowski *
242378ee8d1cSJulian Grajkowski * @param[in] instanceHandle_in Instance handle.
242478ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be
242578ee8d1cSJulian Grajkowski * invoked when the operation is complete.
242678ee8d1cSJulian Grajkowski * If this is set to a NULL value the
242778ee8d1cSJulian Grajkowski * function will operate synchronously.
242878ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific
242978ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the
243078ee8d1cSJulian Grajkowski * callback.
243178ee8d1cSJulian Grajkowski * @param[in] pKeyGenOpData Pointer to a structure containing all
243278ee8d1cSJulian Grajkowski * the data needed to perform the key
243378ee8d1cSJulian Grajkowski * generation operation.
243478ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm Specifies the hash algorithm to use.
243578ee8d1cSJulian Grajkowski * According to RFC5246, this should be
243678ee8d1cSJulian Grajkowski * "SHA-256 or a stronger standard hash
243778ee8d1cSJulian Grajkowski * function."
243878ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer User output buffer.
243978ee8d1cSJulian Grajkowski * @param[in] cmdId Keygen operation to perform.
244078ee8d1cSJulian Grajkowski */
244178ee8d1cSJulian Grajkowski static CpaStatus
LacSymKey_KeyGenSslTls(const CpaInstanceHandle instanceHandle_in,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const void * pKeyGenOpData,Cpa8U hashAlgorithm,CpaFlatBuffer * pGeneratedKeyBuffer,icp_qat_fw_la_cmd_id_t cmdId)244278ee8d1cSJulian Grajkowski LacSymKey_KeyGenSslTls(const CpaInstanceHandle instanceHandle_in,
244378ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
244478ee8d1cSJulian Grajkowski void *pCallbackTag,
244578ee8d1cSJulian Grajkowski const void *pKeyGenOpData,
244678ee8d1cSJulian Grajkowski Cpa8U hashAlgorithm,
244778ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer,
244878ee8d1cSJulian Grajkowski icp_qat_fw_la_cmd_id_t cmdId)
244978ee8d1cSJulian Grajkowski {
245078ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_FAIL;
245178ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in);
245278ee8d1cSJulian Grajkowski
245378ee8d1cSJulian Grajkowski LAC_CHECK_INSTANCE_HANDLE(instanceHandle);
245478ee8d1cSJulian Grajkowski SAL_CHECK_INSTANCE_TYPE(instanceHandle,
245578ee8d1cSJulian Grajkowski (SAL_SERVICE_TYPE_CRYPTO |
245678ee8d1cSJulian Grajkowski SAL_SERVICE_TYPE_CRYPTO_SYM));
245778ee8d1cSJulian Grajkowski SAL_RUNNING_CHECK(instanceHandle);
245878ee8d1cSJulian Grajkowski
245978ee8d1cSJulian Grajkowski status = LacSymKey_CheckParamSslTls(pKeyGenOpData,
246078ee8d1cSJulian Grajkowski hashAlgorithm,
246178ee8d1cSJulian Grajkowski pGeneratedKeyBuffer,
246278ee8d1cSJulian Grajkowski cmdId);
246378ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS != status)
246478ee8d1cSJulian Grajkowski return status;
246578ee8d1cSJulian Grajkowski return LacSymKey_KeyGenSslTls_GenCommon(instanceHandle,
246678ee8d1cSJulian Grajkowski pKeyGenCb,
246778ee8d1cSJulian Grajkowski pCallbackTag,
246878ee8d1cSJulian Grajkowski cmdId,
246978ee8d1cSJulian Grajkowski LAC_CONST_PTR_CAST(
247078ee8d1cSJulian Grajkowski pKeyGenOpData),
247178ee8d1cSJulian Grajkowski hashAlgorithm,
247278ee8d1cSJulian Grajkowski pGeneratedKeyBuffer);
247378ee8d1cSJulian Grajkowski }
247478ee8d1cSJulian Grajkowski
247578ee8d1cSJulian Grajkowski /**
247678ee8d1cSJulian Grajkowski * @ingroup LacSymKey
247778ee8d1cSJulian Grajkowski * SSL Key Generation Function.
247878ee8d1cSJulian Grajkowski * @description
247978ee8d1cSJulian Grajkowski * This function is used for SSL key generation. It implements the key
248078ee8d1cSJulian Grajkowski * generation function defined in section 6.2.2 of the SSL 3.0
248178ee8d1cSJulian Grajkowski * specification as described in
248278ee8d1cSJulian Grajkowski * http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt.
248378ee8d1cSJulian Grajkowski *
248478ee8d1cSJulian Grajkowski * The input seed is taken as a flat buffer and the generated key is
248578ee8d1cSJulian Grajkowski * returned to caller in a flat destination data buffer.
248678ee8d1cSJulian Grajkowski *
248778ee8d1cSJulian Grajkowski * @param[in] instanceHandle_in Instance handle.
248878ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be
248978ee8d1cSJulian Grajkowski * invoked when the operation is complete.
249078ee8d1cSJulian Grajkowski * If this is set to a NULL value the
249178ee8d1cSJulian Grajkowski * function will operate synchronously.
249278ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific
249378ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the
249478ee8d1cSJulian Grajkowski * callback.
249578ee8d1cSJulian Grajkowski * @param[in] pKeyGenSslOpData Pointer to a structure containing all
249678ee8d1cSJulian Grajkowski * the data needed to perform the SSL key
249778ee8d1cSJulian Grajkowski * generation operation. The client code
249878ee8d1cSJulian Grajkowski * allocates the memory for this
249978ee8d1cSJulian Grajkowski * structure. This component takes
250078ee8d1cSJulian Grajkowski * ownership of the memory until it is
250178ee8d1cSJulian Grajkowski * returned in the callback.
250278ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient
250378ee8d1cSJulian Grajkowski * buffer to hold the key generation
250478ee8d1cSJulian Grajkowski * output. The data pointer SHOULD be
250578ee8d1cSJulian Grajkowski * aligned on an 8-byte boundary. The
250678ee8d1cSJulian Grajkowski * length field passed in represents the
250778ee8d1cSJulian Grajkowski * size of the buffer in bytes. The value
250878ee8d1cSJulian Grajkowski * that is returned is the size of the
250978ee8d1cSJulian Grajkowski * result key in bytes.
251078ee8d1cSJulian Grajkowski * On invocation the callback function
251178ee8d1cSJulian Grajkowski * will contain this parameter in the
251278ee8d1cSJulian Grajkowski * pOut parameter.
251378ee8d1cSJulian Grajkowski *
251478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully.
251578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed.
251678ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request.
251778ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in.
251878ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources.
251978ee8d1cSJulian Grajkowski */
252078ee8d1cSJulian Grajkowski CpaStatus
cpaCyKeyGenSsl(const CpaInstanceHandle instanceHandle_in,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const CpaCyKeyGenSslOpData * pKeyGenSslOpData,CpaFlatBuffer * pGeneratedKeyBuffer)252178ee8d1cSJulian Grajkowski cpaCyKeyGenSsl(const CpaInstanceHandle instanceHandle_in,
252278ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
252378ee8d1cSJulian Grajkowski void *pCallbackTag,
252478ee8d1cSJulian Grajkowski const CpaCyKeyGenSslOpData *pKeyGenSslOpData,
252578ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer)
252678ee8d1cSJulian Grajkowski {
252778ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = NULL;
252878ee8d1cSJulian Grajkowski
252978ee8d1cSJulian Grajkowski if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) {
253078ee8d1cSJulian Grajkowski instanceHandle =
253178ee8d1cSJulian Grajkowski Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM);
253278ee8d1cSJulian Grajkowski } else {
253378ee8d1cSJulian Grajkowski instanceHandle = instanceHandle_in;
253478ee8d1cSJulian Grajkowski }
253578ee8d1cSJulian Grajkowski
253678ee8d1cSJulian Grajkowski return LacSymKey_KeyGenSslTls(instanceHandle,
253778ee8d1cSJulian Grajkowski pKeyGenCb,
253878ee8d1cSJulian Grajkowski pCallbackTag,
253978ee8d1cSJulian Grajkowski LAC_CONST_PTR_CAST(pKeyGenSslOpData),
254078ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_NONE, /* Hash algorithm */
254178ee8d1cSJulian Grajkowski pGeneratedKeyBuffer,
254278ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE);
254378ee8d1cSJulian Grajkowski }
254478ee8d1cSJulian Grajkowski
254578ee8d1cSJulian Grajkowski /**
254678ee8d1cSJulian Grajkowski * @ingroup LacSymKey
254778ee8d1cSJulian Grajkowski * TLS Key Generation Function.
254878ee8d1cSJulian Grajkowski * @description
254978ee8d1cSJulian Grajkowski * This function is used for TLS key generation. It implements the
255078ee8d1cSJulian Grajkowski * TLS PRF (Pseudo Random Function) as defined by RFC2246 (TLS v1.0)
255178ee8d1cSJulian Grajkowski * and RFC4346 (TLS v1.1).
255278ee8d1cSJulian Grajkowski *
255378ee8d1cSJulian Grajkowski * The input seed is taken as a flat buffer and the generated key is
255478ee8d1cSJulian Grajkowski * returned to caller in a flat destination data buffer.
255578ee8d1cSJulian Grajkowski *
255678ee8d1cSJulian Grajkowski * @param[in] instanceHandle_in Instance handle.
255778ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be
255878ee8d1cSJulian Grajkowski * invoked when the operation is complete.
255978ee8d1cSJulian Grajkowski * If this is set to a NULL value the
256078ee8d1cSJulian Grajkowski * function will operate synchronously.
256178ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific
256278ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the
256378ee8d1cSJulian Grajkowski * callback.
256478ee8d1cSJulian Grajkowski * @param[in] pKeyGenTlsOpData Pointer to a structure containing all
256578ee8d1cSJulian Grajkowski * the data needed to perform the TLS key
256678ee8d1cSJulian Grajkowski * generation operation. The client code
256778ee8d1cSJulian Grajkowski * allocates the memory for this
256878ee8d1cSJulian Grajkowski * structure. This component takes
256978ee8d1cSJulian Grajkowski * ownership of the memory until it is
257078ee8d1cSJulian Grajkowski * returned in the callback.
257178ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient
257278ee8d1cSJulian Grajkowski * buffer to hold the key generation
257378ee8d1cSJulian Grajkowski * output. The data pointer SHOULD be
257478ee8d1cSJulian Grajkowski * aligned on an 8-byte boundary. The
257578ee8d1cSJulian Grajkowski * length field passed in represents the
257678ee8d1cSJulian Grajkowski * size of the buffer in bytes. The value
257778ee8d1cSJulian Grajkowski * that is returned is the size of the
257878ee8d1cSJulian Grajkowski * result key in bytes.
257978ee8d1cSJulian Grajkowski * On invocation the callback function
258078ee8d1cSJulian Grajkowski * will contain this parameter in the
258178ee8d1cSJulian Grajkowski * pOut parameter.
258278ee8d1cSJulian Grajkowski *
258378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully.
258478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed.
258578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request.
258678ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in.
258778ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources.
258878ee8d1cSJulian Grajkowski *
258978ee8d1cSJulian Grajkowski */
259078ee8d1cSJulian Grajkowski CpaStatus
cpaCyKeyGenTls(const CpaInstanceHandle instanceHandle_in,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const CpaCyKeyGenTlsOpData * pKeyGenTlsOpData,CpaFlatBuffer * pGeneratedKeyBuffer)259178ee8d1cSJulian Grajkowski cpaCyKeyGenTls(const CpaInstanceHandle instanceHandle_in,
259278ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
259378ee8d1cSJulian Grajkowski void *pCallbackTag,
259478ee8d1cSJulian Grajkowski const CpaCyKeyGenTlsOpData *pKeyGenTlsOpData,
259578ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer)
259678ee8d1cSJulian Grajkowski {
259778ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = NULL;
259878ee8d1cSJulian Grajkowski
259978ee8d1cSJulian Grajkowski
260078ee8d1cSJulian Grajkowski if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) {
260178ee8d1cSJulian Grajkowski instanceHandle =
260278ee8d1cSJulian Grajkowski Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM);
260378ee8d1cSJulian Grajkowski } else {
260478ee8d1cSJulian Grajkowski instanceHandle = instanceHandle_in;
260578ee8d1cSJulian Grajkowski }
260678ee8d1cSJulian Grajkowski
260778ee8d1cSJulian Grajkowski return LacSymKey_KeyGenSslTls(instanceHandle,
260878ee8d1cSJulian Grajkowski pKeyGenCb,
260978ee8d1cSJulian Grajkowski pCallbackTag,
261078ee8d1cSJulian Grajkowski LAC_CONST_PTR_CAST(pKeyGenTlsOpData),
261178ee8d1cSJulian Grajkowski CPA_CY_SYM_HASH_NONE, /* Hash algorithm */
261278ee8d1cSJulian Grajkowski pGeneratedKeyBuffer,
261378ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE);
261478ee8d1cSJulian Grajkowski }
261578ee8d1cSJulian Grajkowski
261678ee8d1cSJulian Grajkowski /**
261778ee8d1cSJulian Grajkowski * @ingroup LacSymKey
261878ee8d1cSJulian Grajkowski * @description
261978ee8d1cSJulian Grajkowski * This function is used for TLS key generation. It implements the
262078ee8d1cSJulian Grajkowski * TLS PRF (Pseudo Random Function) as defined by RFC5246 (TLS v1.2).
262178ee8d1cSJulian Grajkowski *
262278ee8d1cSJulian Grajkowski * The input seed is taken as a flat buffer and the generated key is
262378ee8d1cSJulian Grajkowski * returned to caller in a flat destination data buffer.
262478ee8d1cSJulian Grajkowski *
262578ee8d1cSJulian Grajkowski * @param[in] instanceHandle_in Instance handle.
262678ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be
262778ee8d1cSJulian Grajkowski * invoked when the operation is complete.
262878ee8d1cSJulian Grajkowski * If this is set to a NULL value the
262978ee8d1cSJulian Grajkowski * function will operate synchronously.
263078ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific
263178ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the
263278ee8d1cSJulian Grajkowski * callback.
263378ee8d1cSJulian Grajkowski * @param[in] pKeyGenTlsOpData Pointer to a structure containing all
263478ee8d1cSJulian Grajkowski * the data needed to perform the TLS key
263578ee8d1cSJulian Grajkowski * generation operation. The client code
263678ee8d1cSJulian Grajkowski * allocates the memory for this
263778ee8d1cSJulian Grajkowski * structure. This component takes
263878ee8d1cSJulian Grajkowski * ownership of the memory until it is
263978ee8d1cSJulian Grajkowski * returned in the callback.
264078ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm Specifies the hash algorithm to use.
264178ee8d1cSJulian Grajkowski * According to RFC5246, this should be
264278ee8d1cSJulian Grajkowski * "SHA-256 or a stronger standard hash
264378ee8d1cSJulian Grajkowski * function."
264478ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient
264578ee8d1cSJulian Grajkowski * buffer to hold the key generation
264678ee8d1cSJulian Grajkowski * output. The data pointer SHOULD be
264778ee8d1cSJulian Grajkowski * aligned on an 8-byte boundary. The
264878ee8d1cSJulian Grajkowski * length field passed in represents the
264978ee8d1cSJulian Grajkowski * size of the buffer in bytes. The value
265078ee8d1cSJulian Grajkowski * that is returned is the size of the
265178ee8d1cSJulian Grajkowski * result key in bytes.
265278ee8d1cSJulian Grajkowski * On invocation the callback function
265378ee8d1cSJulian Grajkowski * will contain this parameter in the
265478ee8d1cSJulian Grajkowski * pOut parameter.
265578ee8d1cSJulian Grajkowski *
265678ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully.
265778ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed.
265878ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request.
265978ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in.
266078ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources.
266178ee8d1cSJulian Grajkowski */
266278ee8d1cSJulian Grajkowski CpaStatus
cpaCyKeyGenTls2(const CpaInstanceHandle instanceHandle_in,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const CpaCyKeyGenTlsOpData * pKeyGenTlsOpData,CpaCySymHashAlgorithm hashAlgorithm,CpaFlatBuffer * pGeneratedKeyBuffer)266378ee8d1cSJulian Grajkowski cpaCyKeyGenTls2(const CpaInstanceHandle instanceHandle_in,
266478ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
266578ee8d1cSJulian Grajkowski void *pCallbackTag,
266678ee8d1cSJulian Grajkowski const CpaCyKeyGenTlsOpData *pKeyGenTlsOpData,
266778ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm hashAlgorithm,
266878ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer)
266978ee8d1cSJulian Grajkowski {
267078ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = NULL;
267178ee8d1cSJulian Grajkowski
267278ee8d1cSJulian Grajkowski
267378ee8d1cSJulian Grajkowski if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) {
267478ee8d1cSJulian Grajkowski instanceHandle =
267578ee8d1cSJulian Grajkowski Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM);
267678ee8d1cSJulian Grajkowski } else {
267778ee8d1cSJulian Grajkowski instanceHandle = instanceHandle_in;
267878ee8d1cSJulian Grajkowski }
267978ee8d1cSJulian Grajkowski
268078ee8d1cSJulian Grajkowski return LacSymKey_KeyGenSslTls(instanceHandle,
268178ee8d1cSJulian Grajkowski pKeyGenCb,
268278ee8d1cSJulian Grajkowski pCallbackTag,
268378ee8d1cSJulian Grajkowski LAC_CONST_PTR_CAST(pKeyGenTlsOpData),
268478ee8d1cSJulian Grajkowski hashAlgorithm,
268578ee8d1cSJulian Grajkowski pGeneratedKeyBuffer,
268678ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE);
268778ee8d1cSJulian Grajkowski }
268878ee8d1cSJulian Grajkowski
268978ee8d1cSJulian Grajkowski /**
269078ee8d1cSJulian Grajkowski * @ingroup LacSymKey
269178ee8d1cSJulian Grajkowski * @description
269278ee8d1cSJulian Grajkowski * This function is used for TLS1.3 HKDF key generation. It implements
269378ee8d1cSJulian Grajkowski * the "extract-then-expand" paradigm as defined by RFC 5869.
269478ee8d1cSJulian Grajkowski *
269578ee8d1cSJulian Grajkowski * The input seed/secret/info is taken as a flat buffer and the generated
269678ee8d1cSJulian Grajkowski * key(s)/labels are returned to caller in a flat data buffer.
269778ee8d1cSJulian Grajkowski *
269878ee8d1cSJulian Grajkowski * @param[in] instanceHandle_in Instance handle.
269978ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be
270078ee8d1cSJulian Grajkowski * invoked when the operation is complete.
270178ee8d1cSJulian Grajkowski * If this is set to a NULL value the
270278ee8d1cSJulian Grajkowski * function will operate synchronously.
270378ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific
270478ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the
270578ee8d1cSJulian Grajkowski * callback.
270678ee8d1cSJulian Grajkowski * @param[in] pKeyGenTlsOpData Pointer to a structure containing
270778ee8d1cSJulian Grajkowski * the data needed to perform the HKDF key
270878ee8d1cSJulian Grajkowski * generation operation.
270978ee8d1cSJulian Grajkowski * The client code allocates the memory
271078ee8d1cSJulian Grajkowski * for this structure as contiguous
271178ee8d1cSJulian Grajkowski * pinned memory.
271278ee8d1cSJulian Grajkowski * This component takes ownership of the
271378ee8d1cSJulian Grajkowski * memory until it is returned in the
271478ee8d1cSJulian Grajkowski * callback.
271578ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm Specifies the hash algorithm to use.
271678ee8d1cSJulian Grajkowski * According to RFC5246, this should be
271778ee8d1cSJulian Grajkowski * "SHA-256 or a stronger standard hash
271878ee8d1cSJulian Grajkowski * function."
271978ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient
272078ee8d1cSJulian Grajkowski * buffer to hold the key generation
272178ee8d1cSJulian Grajkowski * output. The data pointer SHOULD be
272278ee8d1cSJulian Grajkowski * aligned on an 8-byte boundary. The
272378ee8d1cSJulian Grajkowski * length field passed in represents the
272478ee8d1cSJulian Grajkowski * size of the buffer in bytes. The value
272578ee8d1cSJulian Grajkowski * that is returned is the size of the
272678ee8d1cSJulian Grajkowski * result key in bytes.
272778ee8d1cSJulian Grajkowski * On invocation the callback function
272878ee8d1cSJulian Grajkowski * will contain this parameter in the
272978ee8d1cSJulian Grajkowski * pOut parameter.
273078ee8d1cSJulian Grajkowski *
273178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully.
273278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed.
273378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request.
273478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in.
273578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources.
273678ee8d1cSJulian Grajkowski */
273778ee8d1cSJulian Grajkowski CpaStatus
cpaCyKeyGenTls3(const CpaInstanceHandle instanceHandle_in,const CpaCyGenFlatBufCbFunc pKeyGenCb,void * pCallbackTag,const CpaCyKeyGenHKDFOpData * pKeyGenTlsOpData,CpaCyKeyHKDFCipherSuite cipherSuite,CpaFlatBuffer * pGeneratedKeyBuffer)273878ee8d1cSJulian Grajkowski cpaCyKeyGenTls3(const CpaInstanceHandle instanceHandle_in,
273978ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb,
274078ee8d1cSJulian Grajkowski void *pCallbackTag,
274178ee8d1cSJulian Grajkowski const CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData,
274278ee8d1cSJulian Grajkowski CpaCyKeyHKDFCipherSuite cipherSuite,
274378ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer)
274478ee8d1cSJulian Grajkowski {
274578ee8d1cSJulian Grajkowski
274678ee8d1cSJulian Grajkowski LAC_CHECK_NULL_PARAM(pKeyGenTlsOpData);
274778ee8d1cSJulian Grajkowski switch (pKeyGenTlsOpData->hkdfKeyOp) {
274878ee8d1cSJulian Grajkowski case CPA_CY_HKDF_KEY_EXTRACT: /* Fall through */
274978ee8d1cSJulian Grajkowski case CPA_CY_HKDF_KEY_EXPAND:
275078ee8d1cSJulian Grajkowski case CPA_CY_HKDF_KEY_EXTRACT_EXPAND:
275178ee8d1cSJulian Grajkowski case CPA_CY_HKDF_KEY_EXPAND_LABEL:
275278ee8d1cSJulian Grajkowski case CPA_CY_HKDF_KEY_EXTRACT_EXPAND_LABEL:
275378ee8d1cSJulian Grajkowski break;
275478ee8d1cSJulian Grajkowski default:
275578ee8d1cSJulian Grajkowski LAC_INVALID_PARAM_LOG("HKDF operation not supported");
275678ee8d1cSJulian Grajkowski return CPA_STATUS_INVALID_PARAM;
275778ee8d1cSJulian Grajkowski }
275878ee8d1cSJulian Grajkowski
275978ee8d1cSJulian Grajkowski
276078ee8d1cSJulian Grajkowski return LacSymKey_KeyGenSslTls(instanceHandle_in,
276178ee8d1cSJulian Grajkowski pKeyGenCb,
276278ee8d1cSJulian Grajkowski pCallbackTag,
276378ee8d1cSJulian Grajkowski LAC_CONST_PTR_CAST(pKeyGenTlsOpData),
276478ee8d1cSJulian Grajkowski cipherSuite,
276578ee8d1cSJulian Grajkowski pGeneratedKeyBuffer,
276678ee8d1cSJulian Grajkowski (icp_qat_fw_la_cmd_id_t)
276778ee8d1cSJulian Grajkowski pKeyGenTlsOpData->hkdfKeyOp);
276878ee8d1cSJulian Grajkowski }
276978ee8d1cSJulian Grajkowski
277078ee8d1cSJulian Grajkowski /*
277178ee8d1cSJulian Grajkowski * LacSymKey_Init
277278ee8d1cSJulian Grajkowski */
277378ee8d1cSJulian Grajkowski CpaStatus
LacSymKey_Init(CpaInstanceHandle instanceHandle_in)277478ee8d1cSJulian Grajkowski LacSymKey_Init(CpaInstanceHandle instanceHandle_in)
277578ee8d1cSJulian Grajkowski {
277678ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
277778ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in);
277878ee8d1cSJulian Grajkowski sal_crypto_service_t *pService = NULL;
277978ee8d1cSJulian Grajkowski
278078ee8d1cSJulian Grajkowski LAC_CHECK_INSTANCE_HANDLE(instanceHandle);
278178ee8d1cSJulian Grajkowski
278278ee8d1cSJulian Grajkowski pService = (sal_crypto_service_t *)instanceHandle;
278378ee8d1cSJulian Grajkowski
278478ee8d1cSJulian Grajkowski pService->pLacKeyStats =
278578ee8d1cSJulian Grajkowski LAC_OS_MALLOC(LAC_KEY_NUM_STATS * sizeof(QatUtilsAtomic));
278678ee8d1cSJulian Grajkowski
278778ee8d1cSJulian Grajkowski if (NULL != pService->pLacKeyStats) {
278878ee8d1cSJulian Grajkowski LAC_OS_BZERO((void *)pService->pLacKeyStats,
278978ee8d1cSJulian Grajkowski LAC_KEY_NUM_STATS * sizeof(QatUtilsAtomic));
279078ee8d1cSJulian Grajkowski
279178ee8d1cSJulian Grajkowski status = LAC_OS_CAMALLOC(&pService->pSslLabel,
279278ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX,
279378ee8d1cSJulian Grajkowski LAC_8BYTE_ALIGNMENT,
279478ee8d1cSJulian Grajkowski pService->nodeAffinity);
279578ee8d1cSJulian Grajkowski } else {
279678ee8d1cSJulian Grajkowski status = CPA_STATUS_RESOURCE;
279778ee8d1cSJulian Grajkowski }
279878ee8d1cSJulian Grajkowski
279978ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
280078ee8d1cSJulian Grajkowski Cpa32U i = 0;
280178ee8d1cSJulian Grajkowski Cpa32U offset = 0;
280278ee8d1cSJulian Grajkowski
280378ee8d1cSJulian Grajkowski /* Initialise SSL label ABBCCC..... */
280478ee8d1cSJulian Grajkowski for (i = 0; i < ICP_QAT_FW_LA_SSL_ITERATES_LEN_MAX; i++) {
280578ee8d1cSJulian Grajkowski memset(pService->pSslLabel + offset, 'A' + i, i + 1);
280678ee8d1cSJulian Grajkowski offset += (i + 1);
280778ee8d1cSJulian Grajkowski }
280878ee8d1cSJulian Grajkowski
280978ee8d1cSJulian Grajkowski /* Allocate memory for TLS labels */
281078ee8d1cSJulian Grajkowski status = LAC_OS_CAMALLOC(&pService->pTlsLabel,
281178ee8d1cSJulian Grajkowski sizeof(lac_sym_key_tls_labels_t),
281278ee8d1cSJulian Grajkowski LAC_8BYTE_ALIGNMENT,
281378ee8d1cSJulian Grajkowski pService->nodeAffinity);
281478ee8d1cSJulian Grajkowski }
281578ee8d1cSJulian Grajkowski
281678ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
281778ee8d1cSJulian Grajkowski /* Allocate memory for HKDF sub_labels */
281878ee8d1cSJulian Grajkowski status =
281978ee8d1cSJulian Grajkowski LAC_OS_CAMALLOC(&pService->pTlsHKDFSubLabel,
282078ee8d1cSJulian Grajkowski sizeof(lac_sym_key_tls_hkdf_sub_labels_t),
282178ee8d1cSJulian Grajkowski LAC_8BYTE_ALIGNMENT,
282278ee8d1cSJulian Grajkowski pService->nodeAffinity);
282378ee8d1cSJulian Grajkowski }
282478ee8d1cSJulian Grajkowski
282578ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS == status) {
282678ee8d1cSJulian Grajkowski LAC_OS_BZERO(pService->pTlsLabel,
282778ee8d1cSJulian Grajkowski sizeof(lac_sym_key_tls_labels_t));
282878ee8d1cSJulian Grajkowski
282978ee8d1cSJulian Grajkowski /* Copy the TLS v1.2 labels into the dynamically allocated
283078ee8d1cSJulian Grajkowski * structure */
283178ee8d1cSJulian Grajkowski memcpy(pService->pTlsLabel->masterSecret,
283278ee8d1cSJulian Grajkowski LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL,
283378ee8d1cSJulian Grajkowski sizeof(LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL) - 1);
283478ee8d1cSJulian Grajkowski
283578ee8d1cSJulian Grajkowski memcpy(pService->pTlsLabel->keyMaterial,
283678ee8d1cSJulian Grajkowski LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL,
283778ee8d1cSJulian Grajkowski sizeof(LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL) - 1);
283878ee8d1cSJulian Grajkowski
283978ee8d1cSJulian Grajkowski memcpy(pService->pTlsLabel->clientFinished,
284078ee8d1cSJulian Grajkowski LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL,
284178ee8d1cSJulian Grajkowski sizeof(LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL) - 1);
284278ee8d1cSJulian Grajkowski
284378ee8d1cSJulian Grajkowski memcpy(pService->pTlsLabel->serverFinished,
284478ee8d1cSJulian Grajkowski LAC_SYM_KEY_TLS_SERVER_FIN_LABEL,
284578ee8d1cSJulian Grajkowski sizeof(LAC_SYM_KEY_TLS_SERVER_FIN_LABEL) - 1);
284678ee8d1cSJulian Grajkowski
284778ee8d1cSJulian Grajkowski LAC_OS_BZERO(pService->pTlsHKDFSubLabel,
284878ee8d1cSJulian Grajkowski sizeof(lac_sym_key_tls_hkdf_sub_labels_t));
284978ee8d1cSJulian Grajkowski
285078ee8d1cSJulian Grajkowski /* Copy the TLS v1.3 subLabels into the dynamically allocated
285178ee8d1cSJulian Grajkowski * struct */
285278ee8d1cSJulian Grajkowski /* KEY SHA-256 */
285378ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->keySublabel256,
285478ee8d1cSJulian Grajkowski &key256,
285578ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_KEY_LENGTH);
285678ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->keySublabel256.labelLen =
285778ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_KEY_LENGTH;
285878ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->keySublabel256.sublabelFlag = 1
285978ee8d1cSJulian Grajkowski << QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS;
286078ee8d1cSJulian Grajkowski /* KEY SHA-384 */
286178ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->keySublabel384,
286278ee8d1cSJulian Grajkowski &key384,
286378ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_KEY_LENGTH);
286478ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->keySublabel384.labelLen =
286578ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_KEY_LENGTH;
286678ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->keySublabel384.sublabelFlag = 1
286778ee8d1cSJulian Grajkowski << QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS;
286878ee8d1cSJulian Grajkowski /* KEY CHACHAPOLY */
286978ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->keySublabelChaChaPoly,
287078ee8d1cSJulian Grajkowski &keyChaChaPoly,
287178ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_KEY_LENGTH);
287278ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->keySublabelChaChaPoly.labelLen =
287378ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_KEY_LENGTH;
287478ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->keySublabelChaChaPoly.sublabelFlag =
287578ee8d1cSJulian Grajkowski 1 << QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS;
287678ee8d1cSJulian Grajkowski /* IV SHA-256 */
287778ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->ivSublabel256,
287878ee8d1cSJulian Grajkowski &iv256,
287978ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_IV_LENGTH);
288078ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->ivSublabel256.labelLen =
288178ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_IV_LENGTH;
288278ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->ivSublabel256.sublabelFlag = 1
288378ee8d1cSJulian Grajkowski << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS;
288478ee8d1cSJulian Grajkowski /* IV SHA-384 */
288578ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->ivSublabel384,
288678ee8d1cSJulian Grajkowski &iv384,
288778ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_IV_LENGTH);
288878ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->ivSublabel384.labelLen =
288978ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_IV_LENGTH;
289078ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->ivSublabel384.sublabelFlag = 1
289178ee8d1cSJulian Grajkowski << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS;
289278ee8d1cSJulian Grajkowski /* IV CHACHAPOLY */
289378ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly,
289478ee8d1cSJulian Grajkowski &iv256,
289578ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_IV_LENGTH);
289678ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly.labelLen =
289778ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_IV_LENGTH;
289878ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly.sublabelFlag =
289978ee8d1cSJulian Grajkowski 1 << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS;
290078ee8d1cSJulian Grajkowski /* RESUMPTION SHA-256 */
290178ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->resumptionSublabel256,
290278ee8d1cSJulian Grajkowski &resumption256,
290378ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_RESUMPTION_LENGTH);
290478ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->resumptionSublabel256.labelLen =
290578ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_RESUMPTION_LENGTH;
290678ee8d1cSJulian Grajkowski /* RESUMPTION SHA-384 */
290778ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->resumptionSublabel384,
290878ee8d1cSJulian Grajkowski &resumption384,
290978ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_RESUMPTION_LENGTH);
291078ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->resumptionSublabel384.labelLen =
291178ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_RESUMPTION_LENGTH;
291278ee8d1cSJulian Grajkowski /* RESUMPTION CHACHAPOLY */
291378ee8d1cSJulian Grajkowski memcpy(
291478ee8d1cSJulian Grajkowski &pService->pTlsHKDFSubLabel->resumptionSublabelChaChaPoly,
291578ee8d1cSJulian Grajkowski &resumption256,
291678ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_RESUMPTION_LENGTH);
291778ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->resumptionSublabelChaChaPoly
291878ee8d1cSJulian Grajkowski .labelLen = HKDF_SUB_LABEL_RESUMPTION_LENGTH;
291978ee8d1cSJulian Grajkowski /* FINISHED SHA-256 */
292078ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->finishedSublabel256,
292178ee8d1cSJulian Grajkowski &finished256,
292278ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_FINISHED_LENGTH);
292378ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->finishedSublabel256.labelLen =
292478ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_FINISHED_LENGTH;
292578ee8d1cSJulian Grajkowski /* FINISHED SHA-384 */
292678ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->finishedSublabel384,
292778ee8d1cSJulian Grajkowski &finished384,
292878ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_FINISHED_LENGTH);
292978ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->finishedSublabel384.labelLen =
293078ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_FINISHED_LENGTH;
293178ee8d1cSJulian Grajkowski /* FINISHED CHACHAPOLY */
293278ee8d1cSJulian Grajkowski memcpy(&pService->pTlsHKDFSubLabel->finishedSublabelChaChaPoly,
293378ee8d1cSJulian Grajkowski &finished256,
293478ee8d1cSJulian Grajkowski HKDF_SUB_LABEL_FINISHED_LENGTH);
293578ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->finishedSublabelChaChaPoly
293678ee8d1cSJulian Grajkowski .labelLen = HKDF_SUB_LABEL_FINISHED_LENGTH;
293778ee8d1cSJulian Grajkowski
293878ee8d1cSJulian Grajkowski /* Set physical address of sublabels */
293978ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->sublabelPhysAddr256 =
294078ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_INTERNAL(
294178ee8d1cSJulian Grajkowski &pService->pTlsHKDFSubLabel->keySublabel256);
294278ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->sublabelPhysAddr384 =
294378ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_INTERNAL(
294478ee8d1cSJulian Grajkowski &pService->pTlsHKDFSubLabel->keySublabel384);
294578ee8d1cSJulian Grajkowski pService->pTlsHKDFSubLabel->sublabelPhysAddrChaChaPoly =
294678ee8d1cSJulian Grajkowski LAC_OS_VIRT_TO_PHYS_INTERNAL(
294778ee8d1cSJulian Grajkowski &pService->pTlsHKDFSubLabel->keySublabelChaChaPoly);
294878ee8d1cSJulian Grajkowski
294978ee8d1cSJulian Grajkowski /* Register request handlers */
295078ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE,
295178ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse);
295278ee8d1cSJulian Grajkowski
295378ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(
295478ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE,
295578ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse);
295678ee8d1cSJulian Grajkowski
295778ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(
295878ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE,
295978ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse);
296078ee8d1cSJulian Grajkowski
296178ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_HKDF_EXTRACT,
296278ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse);
296378ee8d1cSJulian Grajkowski
296478ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_HKDF_EXPAND,
296578ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse);
296678ee8d1cSJulian Grajkowski
296778ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(
296878ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND,
296978ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse);
297078ee8d1cSJulian Grajkowski
297178ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(
297278ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL,
297378ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse);
297478ee8d1cSJulian Grajkowski
297578ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(
297678ee8d1cSJulian Grajkowski ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL,
297778ee8d1cSJulian Grajkowski LacSymKey_SslTlsHandleResponse);
297878ee8d1cSJulian Grajkowski
297978ee8d1cSJulian Grajkowski LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_MGF1,
298078ee8d1cSJulian Grajkowski LacSymKey_MgfHandleResponse);
298178ee8d1cSJulian Grajkowski }
298278ee8d1cSJulian Grajkowski
298378ee8d1cSJulian Grajkowski if (CPA_STATUS_SUCCESS != status) {
298478ee8d1cSJulian Grajkowski LAC_OS_FREE(pService->pLacKeyStats);
298578ee8d1cSJulian Grajkowski LAC_OS_CAFREE(pService->pSslLabel);
298678ee8d1cSJulian Grajkowski LAC_OS_CAFREE(pService->pTlsLabel);
298778ee8d1cSJulian Grajkowski LAC_OS_CAFREE(pService->pTlsHKDFSubLabel);
298878ee8d1cSJulian Grajkowski }
298978ee8d1cSJulian Grajkowski
299078ee8d1cSJulian Grajkowski return status;
299178ee8d1cSJulian Grajkowski }
299278ee8d1cSJulian Grajkowski
299378ee8d1cSJulian Grajkowski /*
299478ee8d1cSJulian Grajkowski * LacSymKey_Shutdown
299578ee8d1cSJulian Grajkowski */
299678ee8d1cSJulian Grajkowski CpaStatus
LacSymKey_Shutdown(CpaInstanceHandle instanceHandle_in)299778ee8d1cSJulian Grajkowski LacSymKey_Shutdown(CpaInstanceHandle instanceHandle_in)
299878ee8d1cSJulian Grajkowski {
299978ee8d1cSJulian Grajkowski CpaStatus status = CPA_STATUS_SUCCESS;
300078ee8d1cSJulian Grajkowski CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in);
300178ee8d1cSJulian Grajkowski sal_crypto_service_t *pService = NULL;
300278ee8d1cSJulian Grajkowski
300378ee8d1cSJulian Grajkowski LAC_CHECK_INSTANCE_HANDLE(instanceHandle);
300478ee8d1cSJulian Grajkowski
300578ee8d1cSJulian Grajkowski pService = (sal_crypto_service_t *)instanceHandle;
300678ee8d1cSJulian Grajkowski
300778ee8d1cSJulian Grajkowski if (NULL != pService->pLacKeyStats) {
300878ee8d1cSJulian Grajkowski LAC_OS_FREE(pService->pLacKeyStats);
300978ee8d1cSJulian Grajkowski }
301078ee8d1cSJulian Grajkowski
301178ee8d1cSJulian Grajkowski LAC_OS_CAFREE(pService->pSslLabel);
301278ee8d1cSJulian Grajkowski LAC_OS_CAFREE(pService->pTlsLabel);
301378ee8d1cSJulian Grajkowski LAC_OS_CAFREE(pService->pTlsHKDFSubLabel);
301478ee8d1cSJulian Grajkowski
301578ee8d1cSJulian Grajkowski return status;
301678ee8d1cSJulian Grajkowski }
3017