1 /*************************************************************************** 2 * 3 * <COPYRIGHT_TAG> 4 * 5 ***************************************************************************/ 6 7 /** 8 ***************************************************************************** 9 * @file lac_sym_key.c 10 * 11 * @ingroup LacSymKey 12 * 13 * This file contains the implementation of all keygen functionality 14 * 15 *****************************************************************************/ 16 17 /* 18 ******************************************************************************* 19 * Include public/global header files 20 ******************************************************************************* 21 */ 22 #include "cpa.h" 23 #include "cpa_cy_key.h" 24 #include "cpa_cy_im.h" 25 26 /* 27 ******************************************************************************* 28 * Include private header files 29 ******************************************************************************* 30 */ 31 #include "icp_accel_devices.h" 32 #include "icp_adf_debug.h" 33 #include "icp_adf_init.h" 34 #include "icp_adf_transport.h" 35 36 #include "qat_utils.h" 37 38 #include "lac_log.h" 39 #include "lac_hooks.h" 40 #include "lac_sym.h" 41 #include "lac_sym_qat_hash_defs_lookup.h" 42 #include "lac_sym_qat.h" 43 #include "lac_sal.h" 44 #include "lac_sym_key.h" 45 #include "lac_sal_types_crypto.h" 46 #include "sal_service_state.h" 47 #include "lac_sym_qat_key.h" 48 #include "lac_sym_hash_defs.h" 49 #include "sal_statistics.h" 50 51 /* Number of statistics */ 52 #define LAC_KEY_NUM_STATS (sizeof(CpaCyKeyGenStats64) / sizeof(Cpa64U)) 53 54 #define LAC_KEY_STAT_INC(statistic, instanceHandle) \ 55 do { \ 56 sal_crypto_service_t *pService = NULL; \ 57 pService = (sal_crypto_service_t *)instanceHandle; \ 58 if (CPA_TRUE == \ 59 pService->generic_service_info.stats \ 60 ->bKeyGenStatsEnabled) { \ 61 qatUtilsAtomicInc( \ 62 &pService \ 63 ->pLacKeyStats[offsetof(CpaCyKeyGenStats64, \ 64 statistic) / \ 65 sizeof(Cpa64U)]); \ 66 } \ 67 } while (0) 68 /**< Macro to increment a Key stat (derives offset into array of atomics) */ 69 70 #define LAC_KEY_STATS32_GET(keyStats, instanceHandle) \ 71 do { \ 72 int i; \ 73 sal_crypto_service_t *pService = \ 74 (sal_crypto_service_t *)instanceHandle; \ 75 for (i = 0; i < LAC_KEY_NUM_STATS; i++) { \ 76 ((Cpa32U *)&(keyStats))[i] = \ 77 (Cpa32U)qatUtilsAtomicGet( \ 78 &pService->pLacKeyStats[i]); \ 79 } \ 80 } while (0) 81 /**< Macro to get all 32bit Key stats (from internal array of atomics) */ 82 83 #define LAC_KEY_STATS64_GET(keyStats, instanceHandle) \ 84 do { \ 85 int i; \ 86 sal_crypto_service_t *pService = \ 87 (sal_crypto_service_t *)instanceHandle; \ 88 for (i = 0; i < LAC_KEY_NUM_STATS; i++) { \ 89 ((Cpa64U *)&(keyStats))[i] = \ 90 qatUtilsAtomicGet(&pService->pLacKeyStats[i]); \ 91 } \ 92 } while (0) 93 /**< Macro to get all 64bit Key stats (from internal array of atomics) */ 94 95 #define IS_HKDF_UNSUPPORTED(cmdId, hkdfSupported) \ 96 ((ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= cmdId && \ 97 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL >= cmdId) && \ 98 !hkdfSupported) /**< macro to check whether the HKDF algorithm can be \ 99 supported on the device */ 100 101 /* Sublabel for HKDF TLS Key Generation, as defined in RFC8446. */ 102 const static Cpa8U key256[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 16, 9, 't', 103 'l', 's', '1', '3', 104 ' ', 'k', 'e', 'y', 105 0 }; 106 const static Cpa8U key384[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 32, 9, 't', 107 'l', 's', '1', '3', 108 ' ', 'k', 'e', 'y', 109 0 }; 110 const static Cpa8U keyChaChaPoly[HKDF_SUB_LABEL_KEY_LENGTH] = { 0, 32, 9, 111 't', 'l', 's', 112 '1', '3', ' ', 113 'k', 'e', 'y', 114 0 }; 115 /* Sublabel for HKDF TLS IV key Generation, as defined in RFC8446. */ 116 const static Cpa8U iv256[HKDF_SUB_LABEL_IV_LENGTH] = { 0, 12, 8, 't', 117 'l', 's', '1', '3', 118 ' ', 'i', 'v', 0 }; 119 const static Cpa8U iv384[HKDF_SUB_LABEL_IV_LENGTH] = { 0, 12, 8, 't', 120 'l', 's', '1', '3', 121 ' ', 'i', 'v', 0 }; 122 /* Sublabel for HKDF TLS RESUMPTION key Generation, as defined in RFC8446. */ 123 const static Cpa8U resumption256[HKDF_SUB_LABEL_RESUMPTION_LENGTH] = 124 { 0, 32, 16, 't', 'l', 's', '1', '3', ' ', 'r', 125 'e', 's', 'u', 'm', 'p', 't', 'i', 'o', 'n', 0 }; 126 const static Cpa8U resumption384[HKDF_SUB_LABEL_RESUMPTION_LENGTH] = 127 { 0, 48, 16, 't', 'l', 's', '1', '3', ' ', 'r', 128 'e', 's', 'u', 'm', 'p', 't', 'i', 'o', 'n', 0 }; 129 /* Sublabel for HKDF TLS FINISHED key Generation, as defined in RFC8446. */ 130 const static Cpa8U finished256[HKDF_SUB_LABEL_FINISHED_LENGTH] = 131 { 0, 32, 14, 't', 'l', 's', '1', '3', ' ', 132 'f', 'i', 'n', 'i', 's', 'h', 'e', 'd', 0 }; 133 const static Cpa8U finished384[HKDF_SUB_LABEL_FINISHED_LENGTH] = 134 { 0, 48, 14, 't', 'l', 's', '1', '3', ' ', 135 'f', 'i', 'n', 'i', 's', 'h', 'e', 'd', 0 }; 136 137 /** 138 ****************************************************************************** 139 * @ingroup LacSymKey 140 * SSL/TLS stat type 141 * 142 * @description 143 * This enum determines which stat should be incremented 144 *****************************************************************************/ 145 typedef enum { 146 LAC_KEY_REQUESTS = 0, 147 /**< Key requests sent */ 148 LAC_KEY_REQUEST_ERRORS, 149 /**< Key requests errors */ 150 LAC_KEY_COMPLETED, 151 /**< Key requests which received responses */ 152 LAC_KEY_COMPLETED_ERRORS 153 /**< Key requests which received responses with errors */ 154 } lac_key_stat_type_t; 155 156 /*** Local functions prototypes ***/ 157 static void 158 LacSymKey_MgfHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId, 159 void *pOpaqueData, 160 icp_qat_fw_comn_flags cmnRespFlags); 161 162 static CpaStatus 163 LacSymKey_MgfSync(const CpaInstanceHandle instanceHandle, 164 const CpaCyGenFlatBufCbFunc pKeyGenCb, 165 void *pCallbackTag, 166 const void *pKeyGenMgfOpData, 167 CpaFlatBuffer *pGeneratedMaskBuffer, 168 CpaBoolean bIsExtRequest); 169 170 static void 171 LacSymKey_SslTlsHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId, 172 void *pOpaqueData, 173 icp_qat_fw_comn_flags cmnRespFlags); 174 175 static CpaStatus 176 LacSymKey_SslTlsSync(CpaInstanceHandle instanceHandle, 177 const CpaCyGenFlatBufCbFunc pKeyGenCb, 178 void *pCallbackTag, 179 icp_qat_fw_la_cmd_id_t lacCmdId, 180 void *pKeyGenSslTlsOpData, 181 Cpa8U hashAlgorithm, 182 CpaFlatBuffer *pKeyGenOutpuData); 183 184 /*** Implementation ***/ 185 186 /** 187 ****************************************************************************** 188 * @ingroup LacSymKey 189 * Get the instance handle. Support single handle. 190 * @param[in] instanceHandle_in user supplied handle. 191 * @retval CpaInstanceHandle the instance handle 192 */ 193 static CpaInstanceHandle 194 LacKey_GetHandle(CpaInstanceHandle instanceHandle_in) 195 { 196 CpaInstanceHandle instanceHandle = NULL; 197 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 198 instanceHandle = 199 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 200 } else { 201 instanceHandle = instanceHandle_in; 202 } 203 return instanceHandle; 204 } 205 206 /** 207 ******************************************************************************* 208 * @ingroup LacSymKey 209 * Perform SSL/TLS key gen operation 210 * 211 * @description 212 * Perform SSL/TLS key gen operation 213 * 214 * @param[in] instanceHandle QAT device handle. 215 * @param[in] pKeyGenCb Pointer to callback function to be invoked 216 * when the operation is complete. 217 * @param[in] pCallbackTag Opaque User Data for this specific call. 218 * @param[in] lacCmdId Lac command ID (identify SSL & TLS ops) 219 * @param[in] pKeyGenSslTlsOpData Structure containing all the data needed to 220 * perform the SSL/TLS key generation 221 * operation. 222 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 223 * According to RFC5246, this should be 224 * "SHA-256 or a stronger standard hash 225 * function." 226 * @param[out] pKeyGenOutputData pointer to where output result should be 227 * written 228 * 229 * @retval CPA_STATUS_SUCCESS Function executed successfully. 230 * @retval CPA_STATUS_FAIL Function failed. 231 * @retval CPA_STATUS_RETRY Function should be retried. 232 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 233 * @retval CPA_STATUS_RESOURCE Error related to system resources. 234 * 235 *****************************************************************************/ 236 static CpaStatus 237 LacSymKey_KeyGenSslTls_GenCommon(CpaInstanceHandle instanceHandle, 238 const CpaCyGenFlatBufCbFunc pKeyGenCb, 239 void *pCallbackTag, 240 icp_qat_fw_la_cmd_id_t lacCmdId, 241 void *pKeyGenSslTlsOpData, 242 Cpa8U hashAlgorithm, 243 CpaFlatBuffer *pKeyGenOutputData); 244 245 /** 246 ****************************************************************************** 247 * @ingroup LacSymKey 248 * Increment stat for TLS or SSL operation 249 * 250 * @description 251 * This is a generic function to update the stats for either a TLS or SSL 252 * operation. 253 * 254 * @param[in] lacCmdId Indicate SSL or TLS operations 255 * @param[in] statType Statistics Type 256 * @param[in] instanceHandle Instance Handle 257 * 258 * @return None 259 * 260 *****************************************************************************/ 261 static void 262 LacKey_StatsInc(icp_qat_fw_la_cmd_id_t lacCmdId, 263 lac_key_stat_type_t statType, 264 CpaInstanceHandle instanceHandle) 265 { 266 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) { 267 switch (statType) { 268 case LAC_KEY_REQUESTS: 269 LAC_KEY_STAT_INC(numSslKeyGenRequests, instanceHandle); 270 break; 271 case LAC_KEY_REQUEST_ERRORS: 272 LAC_KEY_STAT_INC(numSslKeyGenRequestErrors, 273 instanceHandle); 274 break; 275 case LAC_KEY_COMPLETED: 276 LAC_KEY_STAT_INC(numSslKeyGenCompleted, instanceHandle); 277 break; 278 case LAC_KEY_COMPLETED_ERRORS: 279 LAC_KEY_STAT_INC(numSslKeyGenCompletedErrors, 280 instanceHandle); 281 break; 282 default: 283 QAT_UTILS_LOG("Invalid statistics type\n"); 284 break; 285 } 286 } else /* TLS v1.0/1.1 and 1.2 */ 287 { 288 switch (statType) { 289 case LAC_KEY_REQUESTS: 290 LAC_KEY_STAT_INC(numTlsKeyGenRequests, instanceHandle); 291 break; 292 case LAC_KEY_REQUEST_ERRORS: 293 LAC_KEY_STAT_INC(numTlsKeyGenRequestErrors, 294 instanceHandle); 295 break; 296 case LAC_KEY_COMPLETED: 297 LAC_KEY_STAT_INC(numTlsKeyGenCompleted, instanceHandle); 298 break; 299 case LAC_KEY_COMPLETED_ERRORS: 300 LAC_KEY_STAT_INC(numTlsKeyGenCompletedErrors, 301 instanceHandle); 302 break; 303 default: 304 QAT_UTILS_LOG("Invalid statistics type\n"); 305 break; 306 } 307 } 308 } 309 310 void 311 LacKeygen_StatsShow(CpaInstanceHandle instanceHandle) 312 { 313 CpaCyKeyGenStats64 keyStats = { 0 }; 314 315 LAC_KEY_STATS64_GET(keyStats, instanceHandle); 316 317 QAT_UTILS_LOG(SEPARATOR BORDER 318 " Key Stats: " BORDER 319 "\n" SEPARATOR); 320 321 QAT_UTILS_LOG(BORDER " SSL Key Requests: %16llu " BORDER 322 "\n" BORDER 323 " SSL Key Request Errors: %16llu " BORDER 324 "\n" BORDER 325 " SSL Key Completed %16llu " BORDER 326 "\n" BORDER 327 " SSL Key Complete Errors: %16llu " BORDER 328 "\n" SEPARATOR, 329 (unsigned long long)keyStats.numSslKeyGenRequests, 330 (unsigned long long)keyStats.numSslKeyGenRequestErrors, 331 (unsigned long long)keyStats.numSslKeyGenCompleted, 332 (unsigned long long)keyStats.numSslKeyGenCompletedErrors); 333 334 QAT_UTILS_LOG(BORDER " TLS Key Requests: %16llu " BORDER 335 "\n" BORDER 336 " TLS Key Request Errors: %16llu " BORDER 337 "\n" BORDER 338 " TLS Key Completed %16llu " BORDER 339 "\n" BORDER 340 " TLS Key Complete Errors: %16llu " BORDER 341 "\n" SEPARATOR, 342 (unsigned long long)keyStats.numTlsKeyGenRequests, 343 (unsigned long long)keyStats.numTlsKeyGenRequestErrors, 344 (unsigned long long)keyStats.numTlsKeyGenCompleted, 345 (unsigned long long)keyStats.numTlsKeyGenCompletedErrors); 346 347 QAT_UTILS_LOG(BORDER " MGF Key Requests: %16llu " BORDER 348 "\n" BORDER 349 " MGF Key Request Errors: %16llu " BORDER 350 "\n" BORDER 351 " MGF Key Completed %16llu " BORDER 352 "\n" BORDER 353 " MGF Key Complete Errors: %16llu " BORDER 354 "\n" SEPARATOR, 355 (unsigned long long)keyStats.numMgfKeyGenRequests, 356 (unsigned long long)keyStats.numMgfKeyGenRequestErrors, 357 (unsigned long long)keyStats.numMgfKeyGenCompleted, 358 (unsigned long long)keyStats.numMgfKeyGenCompletedErrors); 359 } 360 361 /** @ingroup LacSymKey */ 362 CpaStatus 363 cpaCyKeyGenQueryStats(CpaInstanceHandle instanceHandle_in, 364 struct _CpaCyKeyGenStats *pSymKeyStats) 365 { 366 CpaInstanceHandle instanceHandle = NULL; 367 368 369 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 370 instanceHandle = 371 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 372 } else { 373 instanceHandle = instanceHandle_in; 374 } 375 376 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 377 SAL_CHECK_INSTANCE_TYPE(instanceHandle, 378 (SAL_SERVICE_TYPE_CRYPTO | 379 SAL_SERVICE_TYPE_CRYPTO_SYM)); 380 LAC_CHECK_NULL_PARAM(pSymKeyStats); 381 382 SAL_RUNNING_CHECK(instanceHandle); 383 384 LAC_KEY_STATS32_GET(*pSymKeyStats, instanceHandle); 385 386 return CPA_STATUS_SUCCESS; 387 } 388 389 /** @ingroup LacSymKey */ 390 CpaStatus 391 cpaCyKeyGenQueryStats64(CpaInstanceHandle instanceHandle_in, 392 CpaCyKeyGenStats64 *pSymKeyStats) 393 { 394 CpaInstanceHandle instanceHandle = NULL; 395 396 397 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 398 instanceHandle = 399 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 400 } else { 401 instanceHandle = instanceHandle_in; 402 } 403 404 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 405 SAL_CHECK_INSTANCE_TYPE(instanceHandle, 406 (SAL_SERVICE_TYPE_CRYPTO | 407 SAL_SERVICE_TYPE_CRYPTO_SYM)); 408 LAC_CHECK_NULL_PARAM(pSymKeyStats); 409 410 SAL_RUNNING_CHECK(instanceHandle); 411 412 LAC_KEY_STATS64_GET(*pSymKeyStats, instanceHandle); 413 414 return CPA_STATUS_SUCCESS; 415 } 416 417 /** 418 ****************************************************************************** 419 * @ingroup LacSymKey 420 * Return the size of the digest for a specific hash algorithm. 421 * @description 422 * Return the expected digest size based on the sha algorithm submitted. 423 * The only supported value are sha256, sha384 and sha512. 424 * 425 * @param[in] hashAlgorithm either sha256, sha384 or sha512. 426 * @return the expected size or 0 for an invalid hash. 427 * 428 *****************************************************************************/ 429 static Cpa32U 430 getDigestSizeFromHashAlgo(CpaCySymHashAlgorithm hashAlgorithm) 431 { 432 switch (hashAlgorithm) { 433 case CPA_CY_SYM_HASH_SHA256: 434 return LAC_HASH_SHA256_DIGEST_SIZE; 435 case CPA_CY_SYM_HASH_SHA384: 436 return LAC_HASH_SHA384_DIGEST_SIZE; 437 case CPA_CY_SYM_HASH_SHA512: 438 return LAC_HASH_SHA512_DIGEST_SIZE; 439 case CPA_CY_SYM_HASH_SM3: 440 return LAC_HASH_SM3_DIGEST_SIZE; 441 default: 442 return 0; 443 } 444 } 445 446 /** 447 ****************************************************************************** 448 * @ingroup LacSymKey 449 * Return the hash algorithm for a specific cipher. 450 * @description 451 * Return the hash algorithm related to the cipher suite. 452 * Supported hash's are SHA256, and SHA384. 453 * 454 * @param[in] cipherSuite AES_128_GCM, AES_256_GCM, AES_128_CCM, 455 * and CHACHA20_POLY1305. 456 * @return the expected hash algorithm or 0 for an invalid cipher. 457 * 458 *****************************************************************************/ 459 static CpaCySymHashAlgorithm 460 getHashAlgorithmFromCipherSuiteHKDF(CpaCyKeyHKDFCipherSuite cipherSuite) 461 { 462 switch (cipherSuite) { 463 case CPA_CY_HKDF_TLS_AES_128_GCM_SHA256: /* Fall through */ 464 case CPA_CY_HKDF_TLS_CHACHA20_POLY1305_SHA256: 465 case CPA_CY_HKDF_TLS_AES_128_CCM_SHA256: 466 case CPA_CY_HKDF_TLS_AES_128_CCM_8_SHA256: 467 return CPA_CY_SYM_HASH_SHA256; 468 case CPA_CY_HKDF_TLS_AES_256_GCM_SHA384: 469 return CPA_CY_SYM_HASH_SHA384; 470 default: 471 return 0; 472 } 473 } 474 475 /** 476 ****************************************************************************** 477 * @ingroup LacSymKey 478 * Return the digest size of cipher. 479 * @description 480 * Return the output key size of specific cipher, for specified sub label 481 * 482 * @param[in] cipherSuite = AES_128_GCM, AES_256_GCM, AES_128_CCM, 483 * and CHACHA20_POLY1305. 484 * subLabels = KEY, IV, RESUMPTION, and FINISHED. 485 * @return the expected digest size of the cipher. 486 * 487 *****************************************************************************/ 488 static const Cpa32U cipherSuiteHKDFHashSizes 489 [LAC_KEY_HKDF_CIPHERS_MAX][LAC_KEY_HKDF_SUBLABELS_MAX] = { 490 {}, /* Not used */ 491 { 32, 16, 12, 32, 32 }, /* AES_128_GCM_SHA256 */ 492 { 48, 32, 12, 48, 48 }, /* AES_256_GCM_SHA384 */ 493 { 32, 32, 12, 32, 32 }, /* CHACHA20_POLY1305_SHA256 */ 494 { 32, 16, 12, 32, 32 }, /* AES_128_CCM_SHA256 */ 495 { 32, 16, 12, 32, 32 } /* AES_128_CCM_8_SHA256 */ 496 }; 497 498 /** 499 ****************************************************************************** 500 * @ingroup LacSymKey 501 * Key Generation MGF response handler 502 * 503 * @description 504 * Handles Key Generation MGF response messages from the QAT. 505 * 506 * @param[in] lacCmdId Command id of the original request 507 * @param[in] pOpaqueData Pointer to opaque data that was in request 508 * @param[in] cmnRespFlags Indicates whether request succeeded 509 * 510 * @return void 511 * 512 *****************************************************************************/ 513 static void 514 LacSymKey_MgfHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId, 515 void *pOpaqueData, 516 icp_qat_fw_comn_flags cmnRespFlags) 517 { 518 CpaCyKeyGenMgfOpData *pMgfOpData = NULL; 519 lac_sym_key_cookie_t *pCookie = NULL; 520 CpaCyGenFlatBufCbFunc pKeyGenMgfCb = NULL; 521 void *pCallbackTag = NULL; 522 CpaFlatBuffer *pGeneratedKeyBuffer = NULL; 523 CpaStatus status = CPA_STATUS_SUCCESS; 524 CpaBoolean respStatusOk = 525 (ICP_QAT_FW_COMN_STATUS_FLAG_OK == 526 ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(cmnRespFlags)) ? 527 CPA_TRUE : 528 CPA_FALSE; 529 530 pCookie = (lac_sym_key_cookie_t *)pOpaqueData; 531 532 if (CPA_TRUE == respStatusOk) { 533 status = CPA_STATUS_SUCCESS; 534 LAC_KEY_STAT_INC(numMgfKeyGenCompleted, 535 pCookie->instanceHandle); 536 } else { 537 status = CPA_STATUS_FAIL; 538 LAC_KEY_STAT_INC(numMgfKeyGenCompletedErrors, 539 pCookie->instanceHandle); 540 } 541 542 pKeyGenMgfCb = (CpaCyGenFlatBufCbFunc)(pCookie->pKeyGenCb); 543 544 pMgfOpData = pCookie->pKeyGenOpData; 545 pCallbackTag = pCookie->pCallbackTag; 546 pGeneratedKeyBuffer = pCookie->pKeyGenOutputData; 547 548 Lac_MemPoolEntryFree(pCookie); 549 550 (*pKeyGenMgfCb)(pCallbackTag, status, pMgfOpData, pGeneratedKeyBuffer); 551 } 552 553 /** 554 ****************************************************************************** 555 * @ingroup LacSymKey 556 * Synchronous mode of operation wrapper function 557 * 558 * @description 559 * Wrapper function to implement synchronous mode of operation for 560 * cpaCyKeyGenMgf and cpaCyKeyGenMgfExt function. 561 * 562 * @param[in] instanceHandle Instance handle 563 * @param[in] pKeyGenCb Internal callback function pointer 564 * @param[in] pCallbackTag Callback tag 565 * @param[in] pKeyGenMgfOpData Pointer to user provided Op Data structure 566 * @param[in] pGeneratedMaskBuffer Pointer to a buffer where generated mask 567 * will be stored 568 * @param[in] bIsExtRequest Indicates origin of function call; 569 * if CPA_TRUE then the call comes from 570 * cpaCyKeyGenMgfExt function, otherwise 571 * from cpaCyKeyGenMgf 572 * 573 * @retval CPA_STATUS_SUCCESS Function executed successfully. 574 * @retval CPA_STATUS_FAIL Function failed. 575 * @retval CPA_STATUS_RETRY Function should be retried. 576 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 577 * @retval CPA_STATUS_RESOURCE Error related to system resources. 578 * 579 *****************************************************************************/ 580 static CpaStatus 581 LacSymKey_MgfSync(const CpaInstanceHandle instanceHandle, 582 const CpaCyGenFlatBufCbFunc pKeyGenCb, 583 void *pCallbackTag, 584 const void *pKeyGenMgfOpData, 585 CpaFlatBuffer *pGeneratedMaskBuffer, 586 CpaBoolean bIsExtRequest) 587 { 588 CpaStatus status = CPA_STATUS_SUCCESS; 589 590 lac_sync_op_data_t *pSyncCallbackData = NULL; 591 592 status = LacSync_CreateSyncCookie(&pSyncCallbackData); 593 594 if (CPA_STATUS_SUCCESS == status) { 595 if (CPA_TRUE == bIsExtRequest) { 596 status = cpaCyKeyGenMgfExt( 597 instanceHandle, 598 LacSync_GenFlatBufCb, 599 pSyncCallbackData, 600 (const CpaCyKeyGenMgfOpDataExt *)pKeyGenMgfOpData, 601 pGeneratedMaskBuffer); 602 } else { 603 status = cpaCyKeyGenMgf(instanceHandle, 604 LacSync_GenFlatBufCb, 605 pSyncCallbackData, 606 (const CpaCyKeyGenMgfOpData *) 607 pKeyGenMgfOpData, 608 pGeneratedMaskBuffer); 609 } 610 } else { 611 /* Failure allocating sync cookie */ 612 LAC_KEY_STAT_INC(numMgfKeyGenRequestErrors, instanceHandle); 613 return status; 614 } 615 616 if (CPA_STATUS_SUCCESS == status) { 617 CpaStatus syncStatus = CPA_STATUS_SUCCESS; 618 619 syncStatus = 620 LacSync_WaitForCallback(pSyncCallbackData, 621 LAC_SYM_SYNC_CALLBACK_TIMEOUT, 622 &status, 623 NULL); 624 625 /* If callback doesn't come back */ 626 if (CPA_STATUS_SUCCESS != syncStatus) { 627 LAC_KEY_STAT_INC(numMgfKeyGenCompletedErrors, 628 instanceHandle); 629 LAC_LOG_ERROR("Callback timed out"); 630 status = syncStatus; 631 } 632 } else { 633 /* As the Request was not sent the Callback will never 634 * be called, so need to indicate that we're finished 635 * with cookie so it can be destroyed. 636 */ 637 LacSync_SetSyncCookieComplete(pSyncCallbackData); 638 } 639 640 LacSync_DestroySyncCookie(&pSyncCallbackData); 641 642 return status; 643 } 644 645 /** 646 ****************************************************************************** 647 * @ingroup LacSymKey 648 * Perform MGF key gen operation 649 * 650 * @description 651 * This function performs MGF key gen operation. It is common for requests 652 * coming from both cpaCyKeyGenMgf and cpaCyKeyGenMgfExt QAT API 653 * functions. 654 * 655 * @param[in] instanceHandle Instance handle 656 * @param[in] pKeyGenCb Pointer to callback function to be invoked 657 * when the operation is complete. 658 * @param[in] pCallbackTag Opaque User Data for this specific call. 659 * @param[in] pOpData Pointer to the Op Data structure provided by 660 * the user in API function call. For calls 661 * originating from cpaCyKeyGenMgfExt it will 662 * point to CpaCyKeyGenMgfOpDataExt type of 663 * structure while for calls originating from 664 * cpaCyKeyGenMgf it will point to 665 * CpaCyKeyGenMgfOpData type of structure. 666 * @param[in] pKeyGenMgfOpData Pointer to the user provided 667 * CpaCyKeyGenMgfOpData structure. For calls 668 * originating from cpaCyKeyGenMgf it will 669 * point to the same structure as pOpData 670 * parameter; for calls originating from 671 * cpaCyKeyGenMgfExt it will point to the 672 * baseOpData member of the 673 * CpaCyKeyGenMgfOpDataExt structure passed in 674 * as a parameter to the API function call. 675 * @param[in] pGeneratedMaskBuffer Pointer to a buffer where generated mask 676 * will be stored 677 * @param[in] hashAlgorithm Indicates which hash algorithm is to be used 678 * to perform MGF key gen operation. For calls 679 * originating from cpaCyKeyGenMgf it will 680 * always be CPA_CY_SYM_HASH_SHA1. 681 * 682 * @retval CPA_STATUS_SUCCESS Function executed successfully. 683 * @retval CPA_STATUS_FAIL Function failed. 684 * @retval CPA_STATUS_RETRY Function should be retried. 685 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 686 * @retval CPA_STATUS_RESOURCE Error related to system resources. 687 * 688 *****************************************************************************/ 689 static CpaStatus 690 LacSymKey_MgfCommon(const CpaInstanceHandle instanceHandle, 691 const CpaCyGenFlatBufCbFunc pKeyGenCb, 692 void *pCallbackTag, 693 const void *pOpData, 694 const CpaCyKeyGenMgfOpData *pKeyGenMgfOpData, 695 CpaFlatBuffer *pGeneratedMaskBuffer, 696 CpaCySymHashAlgorithm hashAlgorithm) 697 { 698 CpaStatus status = CPA_STATUS_SUCCESS; 699 700 icp_qat_fw_la_bulk_req_t keyGenReq = { { 0 } }; 701 icp_qat_la_bulk_req_hdr_t keyGenReqHdr = { { 0 } }; 702 icp_qat_fw_la_key_gen_common_t keyGenReqMid = { { 0 } }; 703 icp_qat_la_bulk_req_ftr_t keyGenReqFtr = { { { 0 } } }; 704 Cpa8U *pMsgDummy = NULL; 705 Cpa8U *pCacheDummyHdr = NULL; 706 Cpa8U *pCacheDummyMid = NULL; 707 Cpa8U *pCacheDummyFtr = NULL; 708 sal_qat_content_desc_info_t contentDescInfo = { 0 }; 709 lac_sym_key_cookie_t *pCookie = NULL; 710 lac_sym_cookie_t *pSymCookie = NULL; 711 sal_crypto_service_t *pService = NULL; 712 Cpa64U inputPhysAddr = 0; 713 Cpa64U outputPhysAddr = 0; 714 /* Structure initializer is supported by C99, but it is 715 * not supported by some former Intel compiler. 716 */ 717 CpaCySymHashSetupData hashSetupData = { 0 }; 718 Cpa32U hashBlkSizeInBytes = 0; 719 lac_sym_qat_hash_alg_info_t *pHashAlgInfo = NULL; 720 icp_qat_fw_serv_specif_flags laCmdFlags = 0; 721 icp_qat_fw_comn_flags cmnRequestFlags = 722 ICP_QAT_FW_COMN_FLAGS_BUILD(QAT_COMN_PTR_TYPE_FLAT, 723 QAT_COMN_CD_FLD_TYPE_64BIT_ADR); 724 725 pService = (sal_crypto_service_t *)instanceHandle; 726 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 727 SAL_CHECK_INSTANCE_TYPE(instanceHandle, 728 (SAL_SERVICE_TYPE_CRYPTO | 729 SAL_SERVICE_TYPE_CRYPTO_SYM)); 730 731 SAL_RUNNING_CHECK(instanceHandle); 732 LAC_CHECK_NULL_PARAM(pOpData); 733 LAC_CHECK_NULL_PARAM(pKeyGenMgfOpData); 734 LAC_CHECK_NULL_PARAM(pGeneratedMaskBuffer); 735 LAC_CHECK_NULL_PARAM(pGeneratedMaskBuffer->pData); 736 LAC_CHECK_NULL_PARAM(pKeyGenMgfOpData->seedBuffer.pData); 737 738 /* Maximum seed length for MGF1 request */ 739 if (pKeyGenMgfOpData->seedBuffer.dataLenInBytes > 740 ICP_QAT_FW_LA_MGF_SEED_LEN_MAX) { 741 LAC_INVALID_PARAM_LOG("seedBuffer.dataLenInBytes"); 742 return CPA_STATUS_INVALID_PARAM; 743 } 744 745 /* Maximum mask length for MGF1 request */ 746 if (pKeyGenMgfOpData->maskLenInBytes > ICP_QAT_FW_LA_MGF_MASK_LEN_MAX) { 747 LAC_INVALID_PARAM_LOG("maskLenInBytes"); 748 return CPA_STATUS_INVALID_PARAM; 749 } 750 751 /* check for enough space in the flat buffer */ 752 if (pKeyGenMgfOpData->maskLenInBytes > 753 pGeneratedMaskBuffer->dataLenInBytes) { 754 LAC_INVALID_PARAM_LOG("pGeneratedMaskBuffer.dataLenInBytes"); 755 return CPA_STATUS_INVALID_PARAM; 756 } 757 758 /* Get hash alg info */ 759 LacSymQat_HashAlgLookupGet(instanceHandle, 760 hashAlgorithm, 761 &pHashAlgInfo); 762 763 /* Allocate the cookie */ 764 pCookie = (lac_sym_key_cookie_t *)Lac_MemPoolEntryAlloc( 765 pService->lac_sym_cookie_pool); 766 if (NULL == pCookie) { 767 LAC_LOG_ERROR("Cannot get mem pool entry"); 768 status = CPA_STATUS_RESOURCE; 769 } else if ((void *)CPA_STATUS_RETRY == pCookie) { 770 pCookie = NULL; 771 status = CPA_STATUS_RETRY; 772 } else { 773 pSymCookie = (lac_sym_cookie_t *)pCookie; 774 } 775 776 if (CPA_STATUS_SUCCESS == status) { 777 /* populate the cookie */ 778 pCookie->instanceHandle = instanceHandle; 779 pCookie->pCallbackTag = pCallbackTag; 780 pCookie->pKeyGenOpData = (void *)LAC_CONST_PTR_CAST(pOpData); 781 pCookie->pKeyGenCb = pKeyGenCb; 782 pCookie->pKeyGenOutputData = pGeneratedMaskBuffer; 783 hashSetupData.hashAlgorithm = hashAlgorithm; 784 hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_PLAIN; 785 hashSetupData.digestResultLenInBytes = 786 pHashAlgInfo->digestLength; 787 788 /* Populate the CD ctrl Block (LW 27 - LW 31) 789 * and the CD Hash HW setup block 790 */ 791 LacSymQat_HashContentDescInit( 792 &(keyGenReqFtr), 793 instanceHandle, 794 &hashSetupData, 795 /* point to base of hw setup block */ 796 (Cpa8U *)pCookie->contentDesc, 797 LAC_SYM_KEY_NO_HASH_BLK_OFFSET_QW, 798 ICP_QAT_FW_SLICE_DRAM_WR, 799 ICP_QAT_HW_AUTH_MODE0, /* just a plain hash */ 800 CPA_FALSE, /* Not using sym Constants Table in Shared SRAM 801 */ 802 CPA_FALSE, /* not using the optimised Content Desc */ 803 CPA_FALSE, /* Not using the stateful SHA3 Content Desc */ 804 NULL, 805 &hashBlkSizeInBytes); 806 807 /* Populate the Req param LW 14-26 */ 808 LacSymQat_KeyMgfRequestPopulate( 809 &keyGenReqHdr, 810 &keyGenReqMid, 811 pKeyGenMgfOpData->seedBuffer.dataLenInBytes, 812 pKeyGenMgfOpData->maskLenInBytes, 813 (Cpa8U)pHashAlgInfo->digestLength); 814 815 contentDescInfo.pData = pCookie->contentDesc; 816 contentDescInfo.hardwareSetupBlockPhys = 817 LAC_MEM_CAST_PTR_TO_UINT64( 818 pSymCookie->keyContentDescPhyAddr); 819 contentDescInfo.hwBlkSzQuadWords = 820 LAC_BYTES_TO_QUADWORDS(hashBlkSizeInBytes); 821 822 /* Populate common request fields */ 823 inputPhysAddr = 824 LAC_MEM_CAST_PTR_TO_UINT64(LAC_OS_VIRT_TO_PHYS_EXTERNAL( 825 pService->generic_service_info, 826 pKeyGenMgfOpData->seedBuffer.pData)); 827 828 if (inputPhysAddr == 0) { 829 LAC_LOG_ERROR( 830 "Unable to get the seed buffer physical address"); 831 status = CPA_STATUS_FAIL; 832 } 833 outputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 834 LAC_OS_VIRT_TO_PHYS_EXTERNAL(pService->generic_service_info, 835 pGeneratedMaskBuffer->pData)); 836 if (outputPhysAddr == 0) { 837 LAC_LOG_ERROR( 838 "Unable to get the physical address of the mask"); 839 status = CPA_STATUS_FAIL; 840 } 841 } 842 843 if (CPA_STATUS_SUCCESS == status) { 844 /* Make up the full keyGenReq struct from its constituents */ 845 pMsgDummy = (Cpa8U *)&(keyGenReq); 846 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 847 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 848 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 849 850 memcpy(pMsgDummy, 851 pCacheDummyHdr, 852 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW)); 853 memset((pMsgDummy + 854 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW)), 855 0, 856 (LAC_LONG_WORD_IN_BYTES * 857 LAC_SIZE_OF_CACHE_TO_CLEAR_IN_LW)); 858 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 859 LAC_START_OF_CACHE_MID_IN_LW), 860 pCacheDummyMid, 861 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_MID_IN_LW)); 862 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 863 LAC_START_OF_CACHE_FTR_IN_LW), 864 pCacheDummyFtr, 865 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_FTR_IN_LW)); 866 867 SalQatMsg_ContentDescHdrWrite((icp_qat_fw_comn_req_t *)&( 868 keyGenReq), 869 &(contentDescInfo)); 870 871 SalQatMsg_CmnHdrWrite((icp_qat_fw_comn_req_t *)&keyGenReq, 872 ICP_QAT_FW_COMN_REQ_CPM_FW_LA, 873 ICP_QAT_FW_LA_CMD_MGF1, 874 cmnRequestFlags, 875 laCmdFlags); 876 877 /* 878 * MGF uses a flat buffer but we can use zero for source and 879 * dest length because the firmware will use the seed length, 880 * hash length and mask length to find source length. 881 */ 882 SalQatMsg_CmnMidWrite((icp_qat_fw_la_bulk_req_t *)&(keyGenReq), 883 pCookie, 884 LAC_SYM_KEY_QAT_PTR_TYPE, 885 inputPhysAddr, 886 outputPhysAddr, 887 0, 888 0); 889 890 /* Send to QAT */ 891 status = icp_adf_transPutMsg(pService->trans_handle_sym_tx, 892 (void *)&(keyGenReq), 893 LAC_QAT_SYM_REQ_SZ_LW); 894 } 895 if (CPA_STATUS_SUCCESS == status) { 896 /* Update stats */ 897 LAC_KEY_STAT_INC(numMgfKeyGenRequests, instanceHandle); 898 } else { 899 LAC_KEY_STAT_INC(numMgfKeyGenRequestErrors, instanceHandle); 900 /* clean up memory */ 901 if (NULL != pCookie) { 902 Lac_MemPoolEntryFree(pCookie); 903 } 904 } 905 return status; 906 } 907 908 /** 909 * cpaCyKeyGenMgf 910 */ 911 CpaStatus 912 cpaCyKeyGenMgf(const CpaInstanceHandle instanceHandle_in, 913 const CpaCyGenFlatBufCbFunc pKeyGenCb, 914 void *pCallbackTag, 915 const CpaCyKeyGenMgfOpData *pKeyGenMgfOpData, 916 CpaFlatBuffer *pGeneratedMaskBuffer) 917 { 918 CpaInstanceHandle instanceHandle = NULL; 919 920 921 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 922 instanceHandle = 923 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 924 } else { 925 instanceHandle = instanceHandle_in; 926 } 927 928 /* If synchronous Operation */ 929 if (NULL == pKeyGenCb) { 930 return LacSymKey_MgfSync(instanceHandle, 931 pKeyGenCb, 932 pCallbackTag, 933 (const void *)pKeyGenMgfOpData, 934 pGeneratedMaskBuffer, 935 CPA_FALSE); 936 } 937 /* Asynchronous Operation */ 938 return LacSymKey_MgfCommon(instanceHandle, 939 pKeyGenCb, 940 pCallbackTag, 941 (const void *)pKeyGenMgfOpData, 942 pKeyGenMgfOpData, 943 pGeneratedMaskBuffer, 944 CPA_CY_SYM_HASH_SHA1); 945 } 946 947 /** 948 * cpaCyKeyGenMgfExt 949 */ 950 CpaStatus 951 cpaCyKeyGenMgfExt(const CpaInstanceHandle instanceHandle_in, 952 const CpaCyGenFlatBufCbFunc pKeyGenCb, 953 void *pCallbackTag, 954 const CpaCyKeyGenMgfOpDataExt *pKeyGenMgfOpDataExt, 955 CpaFlatBuffer *pGeneratedMaskBuffer) 956 { 957 CpaInstanceHandle instanceHandle = NULL; 958 959 960 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 961 instanceHandle = 962 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 963 } else { 964 instanceHandle = instanceHandle_in; 965 } 966 967 /* If synchronous Operation */ 968 if (NULL == pKeyGenCb) { 969 return LacSymKey_MgfSync(instanceHandle, 970 pKeyGenCb, 971 pCallbackTag, 972 (const void *)pKeyGenMgfOpDataExt, 973 pGeneratedMaskBuffer, 974 CPA_TRUE); 975 } 976 977 /* Param check specific for Ext function, rest of parameters validated 978 * in LacSymKey_MgfCommon 979 */ 980 LAC_CHECK_NULL_PARAM(pKeyGenMgfOpDataExt); 981 if (CPA_CY_SYM_HASH_MD5 > pKeyGenMgfOpDataExt->hashAlgorithm || 982 CPA_CY_SYM_HASH_SHA512 < pKeyGenMgfOpDataExt->hashAlgorithm) { 983 LAC_INVALID_PARAM_LOG("hashAlgorithm"); 984 return CPA_STATUS_INVALID_PARAM; 985 } 986 987 /* Asynchronous Operation */ 988 return LacSymKey_MgfCommon(instanceHandle, 989 pKeyGenCb, 990 pCallbackTag, 991 (const void *)pKeyGenMgfOpDataExt, 992 &pKeyGenMgfOpDataExt->baseOpData, 993 pGeneratedMaskBuffer, 994 pKeyGenMgfOpDataExt->hashAlgorithm); 995 } 996 997 /** 998 ****************************************************************************** 999 * @ingroup LacSymKey 1000 * Key Generation SSL & TLS response handler 1001 * 1002 * @description 1003 * Handles Key Generation SSL & TLS response messages from the QAT. 1004 * 1005 * @param[in] lacCmdId Command id of the original request 1006 * @param[in] pOpaqueData Pointer to opaque data that was in request 1007 * @param[in] cmnRespFlags LA response flags 1008 * 1009 * @return void 1010 * 1011 *****************************************************************************/ 1012 static void 1013 LacSymKey_SslTlsHandleResponse(icp_qat_fw_la_cmd_id_t lacCmdId, 1014 void *pOpaqueData, 1015 icp_qat_fw_comn_flags cmnRespFlags) 1016 { 1017 void *pSslTlsOpData = NULL; 1018 CpaCyGenFlatBufCbFunc pKeyGenSslTlsCb = NULL; 1019 lac_sym_key_cookie_t *pCookie = NULL; 1020 void *pCallbackTag = NULL; 1021 CpaFlatBuffer *pGeneratedKeyBuffer = NULL; 1022 CpaStatus status = CPA_STATUS_SUCCESS; 1023 1024 CpaBoolean respStatusOk = 1025 (ICP_QAT_FW_COMN_STATUS_FLAG_OK == 1026 ICP_QAT_FW_COMN_RESP_CRYPTO_STAT_GET(cmnRespFlags)) ? 1027 CPA_TRUE : 1028 CPA_FALSE; 1029 1030 pCookie = (lac_sym_key_cookie_t *)pOpaqueData; 1031 1032 pSslTlsOpData = pCookie->pKeyGenOpData; 1033 1034 if (CPA_TRUE == respStatusOk) { 1035 LacKey_StatsInc(lacCmdId, 1036 LAC_KEY_COMPLETED, 1037 pCookie->instanceHandle); 1038 } else { 1039 status = CPA_STATUS_FAIL; 1040 LacKey_StatsInc(lacCmdId, 1041 LAC_KEY_COMPLETED_ERRORS, 1042 pCookie->instanceHandle); 1043 } 1044 1045 pKeyGenSslTlsCb = (CpaCyGenFlatBufCbFunc)(pCookie->pKeyGenCb); 1046 1047 pCallbackTag = pCookie->pCallbackTag; 1048 pGeneratedKeyBuffer = pCookie->pKeyGenOutputData; 1049 1050 Lac_MemPoolEntryFree(pCookie); 1051 1052 (*pKeyGenSslTlsCb)(pCallbackTag, 1053 status, 1054 pSslTlsOpData, 1055 pGeneratedKeyBuffer); 1056 } 1057 1058 /** 1059 ******************************************************************************* 1060 * @ingroup LacSymKey 1061 * Synchronous mode of operation function wrapper for performing SSL/TLS 1062 * key gen operation 1063 * 1064 * @description 1065 * Synchronous mode of operation function wrapper for performing SSL/TLS 1066 * key gen operation 1067 * 1068 * @param[in] instanceHandle QAT device handle. 1069 * @param[in] pKeyGenCb Pointer to callback function to be invoked 1070 * when the operation is complete. 1071 * @param[in] pCallbackTag Opaque User Data for this specific call. 1072 * @param[in] lacCmdId Lac command ID (identify SSL & TLS ops) 1073 * @param[in] pKeyGenSslTlsOpData Structure containing all the data needed to 1074 * perform the SSL/TLS key generation 1075 * operation. 1076 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 1077 * According to RFC5246, this should be 1078 * "SHA-256 or a stronger standard hash 1079 * function." 1080 * @param[out] pKeyGenOutputData pointer to where output result should be 1081 * written 1082 * 1083 * @retval CPA_STATUS_SUCCESS Function executed successfully. 1084 * @retval CPA_STATUS_FAIL Function failed. 1085 * @retval CPA_STATUS_RETRY Function should be retried. 1086 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 1087 * @retval CPA_STATUS_RESOURCE Error related to system resources. 1088 * 1089 *****************************************************************************/ 1090 static CpaStatus 1091 LacSymKey_SslTlsSync(CpaInstanceHandle instanceHandle, 1092 const CpaCyGenFlatBufCbFunc pKeyGenCb, 1093 void *pCallbackTag, 1094 icp_qat_fw_la_cmd_id_t lacCmdId, 1095 void *pKeyGenSslTlsOpData, 1096 Cpa8U hashAlgorithm, 1097 CpaFlatBuffer *pKeyGenOutpuData) 1098 { 1099 lac_sync_op_data_t *pSyncCallbackData = NULL; 1100 CpaStatus status = CPA_STATUS_SUCCESS; 1101 1102 status = LacSync_CreateSyncCookie(&pSyncCallbackData); 1103 if (CPA_STATUS_SUCCESS == status) { 1104 status = LacSymKey_KeyGenSslTls_GenCommon(instanceHandle, 1105 pKeyGenCb, 1106 pSyncCallbackData, 1107 lacCmdId, 1108 pKeyGenSslTlsOpData, 1109 hashAlgorithm, 1110 pKeyGenOutpuData); 1111 } else { 1112 /* Failure allocating sync cookie */ 1113 LacKey_StatsInc(lacCmdId, 1114 LAC_KEY_REQUEST_ERRORS, 1115 instanceHandle); 1116 return status; 1117 } 1118 1119 if (CPA_STATUS_SUCCESS == status) { 1120 CpaStatus syncStatus = CPA_STATUS_SUCCESS; 1121 1122 syncStatus = 1123 LacSync_WaitForCallback(pSyncCallbackData, 1124 LAC_SYM_SYNC_CALLBACK_TIMEOUT, 1125 &status, 1126 NULL); 1127 1128 /* If callback doesn't come back */ 1129 if (CPA_STATUS_SUCCESS != syncStatus) { 1130 LacKey_StatsInc(lacCmdId, 1131 LAC_KEY_COMPLETED_ERRORS, 1132 instanceHandle); 1133 LAC_LOG_ERROR("Callback timed out"); 1134 status = syncStatus; 1135 } 1136 } else { 1137 /* As the Request was not sent the Callback will never 1138 * be called, so need to indicate that we're finished 1139 * with cookie so it can be destroyed. 1140 */ 1141 LacSync_SetSyncCookieComplete(pSyncCallbackData); 1142 } 1143 1144 LacSync_DestroySyncCookie(&pSyncCallbackData); 1145 1146 return status; 1147 } 1148 1149 static CpaStatus 1150 computeHashKey(CpaFlatBuffer *secret, 1151 CpaFlatBuffer *hash, 1152 CpaCySymHashAlgorithm *hashAlgorithm) 1153 { 1154 CpaStatus status = CPA_STATUS_SUCCESS; 1155 1156 switch (*hashAlgorithm) { 1157 case CPA_CY_SYM_HASH_MD5: 1158 status = qatUtilsHashMD5Full(secret->pData, 1159 hash->pData, 1160 secret->dataLenInBytes); 1161 break; 1162 case CPA_CY_SYM_HASH_SHA1: 1163 status = qatUtilsHashSHA1Full(secret->pData, 1164 hash->pData, 1165 secret->dataLenInBytes); 1166 break; 1167 case CPA_CY_SYM_HASH_SHA256: 1168 status = qatUtilsHashSHA256Full(secret->pData, 1169 hash->pData, 1170 secret->dataLenInBytes); 1171 break; 1172 case CPA_CY_SYM_HASH_SHA384: 1173 status = qatUtilsHashSHA384Full(secret->pData, 1174 hash->pData, 1175 secret->dataLenInBytes); 1176 break; 1177 case CPA_CY_SYM_HASH_SHA512: 1178 status = qatUtilsHashSHA512Full(secret->pData, 1179 hash->pData, 1180 secret->dataLenInBytes); 1181 break; 1182 default: 1183 status = CPA_STATUS_FAIL; 1184 } 1185 return status; 1186 } 1187 1188 static CpaStatus 1189 LacSymKey_KeyGenSslTls_GenCommon(CpaInstanceHandle instanceHandle, 1190 const CpaCyGenFlatBufCbFunc pKeyGenCb, 1191 void *pCallbackTag, 1192 icp_qat_fw_la_cmd_id_t lacCmdId, 1193 void *pKeyGenSslTlsOpData, 1194 Cpa8U hashAlgCipher, 1195 CpaFlatBuffer *pKeyGenOutputData) 1196 { 1197 CpaStatus status = CPA_STATUS_SUCCESS; 1198 CpaBoolean precompute = CPA_FALSE; 1199 icp_qat_fw_la_bulk_req_t keyGenReq = { { 0 } }; 1200 icp_qat_la_bulk_req_hdr_t keyGenReqHdr = { { 0 } }; 1201 icp_qat_fw_la_key_gen_common_t keyGenReqMid = { { 0 } }; 1202 icp_qat_la_bulk_req_ftr_t keyGenReqFtr = { { { 0 } } }; 1203 Cpa8U *pMsgDummy = NULL; 1204 Cpa8U *pCacheDummyHdr = NULL; 1205 Cpa8U *pCacheDummyMid = NULL; 1206 Cpa8U *pCacheDummyFtr = NULL; 1207 lac_sym_key_cookie_t *pCookie = NULL; 1208 lac_sym_cookie_t *pSymCookie = NULL; 1209 Cpa64U inputPhysAddr = 0; 1210 Cpa64U outputPhysAddr = 0; 1211 /* Structure initializer is supported by C99, but it is 1212 * not supported by some former Intel compiler. 1213 */ 1214 CpaCySymHashSetupData hashSetupData = { 0 }; 1215 sal_qat_content_desc_info_t contentDescInfo = { 0 }; 1216 Cpa32U hashBlkSizeInBytes = 0; 1217 Cpa32U tlsPrefixLen = 0; 1218 1219 CpaFlatBuffer inputSecret = { 0 }; 1220 CpaFlatBuffer hashKeyOutput = { 0 }; 1221 Cpa32U uSecretLen = 0; 1222 CpaCySymHashNestedModeSetupData *pNestedModeSetupData = 1223 &(hashSetupData.nestedModeSetupData); 1224 icp_qat_fw_serv_specif_flags laCmdFlags = 0; 1225 icp_qat_fw_comn_flags cmnRequestFlags = 1226 ICP_QAT_FW_COMN_FLAGS_BUILD(QAT_COMN_PTR_TYPE_FLAT, 1227 QAT_COMN_CD_FLD_TYPE_64BIT_ADR); 1228 1229 sal_crypto_service_t *pService = (sal_crypto_service_t *)instanceHandle; 1230 1231 /* If synchronous Operation */ 1232 if (NULL == pKeyGenCb) { 1233 return LacSymKey_SslTlsSync(instanceHandle, 1234 LacSync_GenFlatBufCb, 1235 pCallbackTag, 1236 lacCmdId, 1237 pKeyGenSslTlsOpData, 1238 hashAlgCipher, 1239 pKeyGenOutputData); 1240 } 1241 /* Allocate the cookie */ 1242 pCookie = (lac_sym_key_cookie_t *)Lac_MemPoolEntryAlloc( 1243 pService->lac_sym_cookie_pool); 1244 if (NULL == pCookie) { 1245 LAC_LOG_ERROR("Cannot get mem pool entry"); 1246 status = CPA_STATUS_RESOURCE; 1247 } else if ((void *)CPA_STATUS_RETRY == pCookie) { 1248 pCookie = NULL; 1249 status = CPA_STATUS_RETRY; 1250 } else { 1251 pSymCookie = (lac_sym_cookie_t *)pCookie; 1252 } 1253 1254 if (CPA_STATUS_SUCCESS == status) { 1255 icp_qat_hw_auth_mode_t qatHashMode = 0; 1256 1257 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) { 1258 qatHashMode = ICP_QAT_HW_AUTH_MODE0; 1259 } else /* TLS v1.1, v1.2, v1.3 */ 1260 { 1261 qatHashMode = ICP_QAT_HW_AUTH_MODE2; 1262 } 1263 1264 pCookie->instanceHandle = pService; 1265 pCookie->pCallbackTag = pCallbackTag; 1266 pCookie->pKeyGenCb = pKeyGenCb; 1267 pCookie->pKeyGenOpData = pKeyGenSslTlsOpData; 1268 pCookie->pKeyGenOutputData = pKeyGenOutputData; 1269 hashSetupData.hashMode = CPA_CY_SYM_HASH_MODE_NESTED; 1270 1271 /* SSL3 */ 1272 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) { 1273 hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1; 1274 hashSetupData.digestResultLenInBytes = 1275 LAC_HASH_MD5_DIGEST_SIZE; 1276 pNestedModeSetupData->outerHashAlgorithm = 1277 CPA_CY_SYM_HASH_MD5; 1278 1279 pNestedModeSetupData->pInnerPrefixData = NULL; 1280 pNestedModeSetupData->innerPrefixLenInBytes = 0; 1281 pNestedModeSetupData->pOuterPrefixData = NULL; 1282 pNestedModeSetupData->outerPrefixLenInBytes = 0; 1283 } 1284 /* TLS v1.1 */ 1285 else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == lacCmdId) { 1286 CpaCyKeyGenTlsOpData *pKeyGenTlsOpData = 1287 (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData; 1288 1289 hashSetupData.hashAlgorithm = CPA_CY_SYM_HASH_SHA1; 1290 hashSetupData.digestResultLenInBytes = 1291 LAC_HASH_MD5_DIGEST_SIZE; 1292 pNestedModeSetupData->outerHashAlgorithm = 1293 CPA_CY_SYM_HASH_MD5; 1294 1295 uSecretLen = pKeyGenTlsOpData->secret.dataLenInBytes; 1296 1297 /* We want to handle pre_master_secret > 128 bytes 1298 * therefore we 1299 * only verify if the current operation is Master Secret 1300 * Derive. 1301 * The other operations remain unchanged. 1302 */ 1303 if ((uSecretLen > 1304 ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX) && 1305 (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE == 1306 pKeyGenTlsOpData->tlsOp || 1307 CPA_CY_KEY_TLS_OP_USER_DEFINED == 1308 pKeyGenTlsOpData->tlsOp)) { 1309 CpaCySymHashAlgorithm hashAlgorithm = 1310 (CpaCySymHashAlgorithm)hashAlgCipher; 1311 /* secret = [s1 | s2 ] 1312 * s1 = outer prefix, s2 = inner prefix 1313 * length of s1 and s2 = ceil(secret_length / 2) 1314 * (secret length + 1)/2 will always give the 1315 * ceil as 1316 * division by 2 1317 * (>>1) will give the smallest integral value 1318 * not less than 1319 * arg 1320 */ 1321 tlsPrefixLen = 1322 (pKeyGenTlsOpData->secret.dataLenInBytes + 1323 1) >> 1324 1; 1325 inputSecret.dataLenInBytes = tlsPrefixLen; 1326 inputSecret.pData = 1327 pKeyGenTlsOpData->secret.pData; 1328 1329 /* Since the pre_master_secret is > 128, we 1330 * split the input 1331 * pre_master_secret in 2 halves and compute the 1332 * MD5 of the 1333 * first half and the SHA1 on the second half. 1334 */ 1335 hashAlgorithm = CPA_CY_SYM_HASH_MD5; 1336 1337 /* Initialize pointer where MD5 key will go. */ 1338 hashKeyOutput.pData = 1339 &pCookie->hashKeyBuffer[0]; 1340 hashKeyOutput.dataLenInBytes = 1341 LAC_HASH_MD5_DIGEST_SIZE; 1342 computeHashKey(&inputSecret, 1343 &hashKeyOutput, 1344 &hashAlgorithm); 1345 1346 pNestedModeSetupData->pOuterPrefixData = 1347 &pCookie->hashKeyBuffer[0]; 1348 pNestedModeSetupData->outerPrefixLenInBytes = 1349 LAC_HASH_MD5_DIGEST_SIZE; 1350 1351 /* Point to the second half of the 1352 * pre_master_secret */ 1353 inputSecret.pData = 1354 pKeyGenTlsOpData->secret.pData + 1355 (pKeyGenTlsOpData->secret.dataLenInBytes - 1356 tlsPrefixLen); 1357 1358 /* Compute SHA1 on the second half of the 1359 * pre_master_secret 1360 */ 1361 hashAlgorithm = CPA_CY_SYM_HASH_SHA1; 1362 /* Initialize pointer where SHA1 key will go. */ 1363 hashKeyOutput.pData = 1364 &pCookie->hashKeyBuffer 1365 [LAC_HASH_MD5_DIGEST_SIZE]; 1366 hashKeyOutput.dataLenInBytes = 1367 LAC_HASH_SHA1_DIGEST_SIZE; 1368 computeHashKey(&inputSecret, 1369 &hashKeyOutput, 1370 &hashAlgorithm); 1371 1372 pNestedModeSetupData->pInnerPrefixData = 1373 &pCookie->hashKeyBuffer 1374 [LAC_HASH_MD5_DIGEST_SIZE]; 1375 pNestedModeSetupData->innerPrefixLenInBytes = 1376 LAC_HASH_SHA1_DIGEST_SIZE; 1377 } else { 1378 /* secret = [s1 | s2 ] 1379 * s1 = outer prefix, s2 = inner prefix 1380 * length of s1 and s2 = ceil(secret_length / 2) 1381 * (secret length + 1)/2 will always give the 1382 * ceil as 1383 * division by 2 1384 * (>>1) will give the smallest integral value 1385 * not less than 1386 * arg 1387 */ 1388 tlsPrefixLen = 1389 (pKeyGenTlsOpData->secret.dataLenInBytes + 1390 1) >> 1391 1; 1392 /* last byte of s1 will be first byte of s2 if 1393 * Length is odd 1394 */ 1395 pNestedModeSetupData->pInnerPrefixData = 1396 pKeyGenTlsOpData->secret.pData + 1397 (pKeyGenTlsOpData->secret.dataLenInBytes - 1398 tlsPrefixLen); 1399 1400 pNestedModeSetupData->pOuterPrefixData = 1401 pKeyGenTlsOpData->secret.pData; 1402 1403 pNestedModeSetupData->innerPrefixLenInBytes = 1404 pNestedModeSetupData 1405 ->outerPrefixLenInBytes = tlsPrefixLen; 1406 } 1407 } 1408 /* TLS v1.2 */ 1409 else if (ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == lacCmdId) { 1410 CpaCyKeyGenTlsOpData *pKeyGenTlsOpData = 1411 (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData; 1412 CpaCySymHashAlgorithm hashAlgorithm = 1413 (CpaCySymHashAlgorithm)hashAlgCipher; 1414 1415 uSecretLen = pKeyGenTlsOpData->secret.dataLenInBytes; 1416 1417 hashSetupData.hashAlgorithm = 1418 (CpaCySymHashAlgorithm)hashAlgorithm; 1419 hashSetupData.digestResultLenInBytes = 1420 (Cpa32U)getDigestSizeFromHashAlgo(hashAlgorithm); 1421 pNestedModeSetupData->outerHashAlgorithm = 1422 (CpaCySymHashAlgorithm)hashAlgorithm; 1423 if (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE == 1424 pKeyGenTlsOpData->tlsOp || 1425 CPA_CY_KEY_TLS_OP_USER_DEFINED == 1426 pKeyGenTlsOpData->tlsOp) { 1427 switch (hashAlgorithm) { 1428 case CPA_CY_SYM_HASH_SM3: 1429 precompute = CPA_FALSE; 1430 break; 1431 case CPA_CY_SYM_HASH_SHA256: 1432 if (uSecretLen > 1433 ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX) { 1434 precompute = CPA_TRUE; 1435 } 1436 break; 1437 case CPA_CY_SYM_HASH_SHA384: 1438 case CPA_CY_SYM_HASH_SHA512: 1439 if (uSecretLen > 1440 ICP_QAT_FW_LA_TLS_SECRET_LEN_MAX) { 1441 precompute = CPA_TRUE; 1442 } 1443 break; 1444 default: 1445 break; 1446 } 1447 } 1448 if (CPA_TRUE == precompute) { 1449 /* Case when secret > algorithm block size 1450 * RFC 4868: For SHA-256 Block size is 512 bits, 1451 * for SHA-384 1452 * and SHA-512 Block size is 1024 bits 1453 * Initialize pointer 1454 * where SHAxxx key will go. 1455 */ 1456 hashKeyOutput.pData = 1457 &pCookie->hashKeyBuffer[0]; 1458 hashKeyOutput.dataLenInBytes = 1459 hashSetupData.digestResultLenInBytes; 1460 computeHashKey(&pKeyGenTlsOpData->secret, 1461 &hashKeyOutput, 1462 &hashSetupData.hashAlgorithm); 1463 1464 /* Outer prefix = secret , inner prefix = secret 1465 * secret < 64 bytes 1466 */ 1467 pNestedModeSetupData->pInnerPrefixData = 1468 hashKeyOutput.pData; 1469 pNestedModeSetupData->pOuterPrefixData = 1470 hashKeyOutput.pData; 1471 pNestedModeSetupData->innerPrefixLenInBytes = 1472 hashKeyOutput.dataLenInBytes; 1473 pNestedModeSetupData->outerPrefixLenInBytes = 1474 hashKeyOutput.dataLenInBytes; 1475 } else { 1476 /* Outer prefix = secret , inner prefix = secret 1477 * secret <= 64 bytes 1478 */ 1479 pNestedModeSetupData->pInnerPrefixData = 1480 pKeyGenTlsOpData->secret.pData; 1481 1482 pNestedModeSetupData->pOuterPrefixData = 1483 pKeyGenTlsOpData->secret.pData; 1484 1485 pNestedModeSetupData->innerPrefixLenInBytes = 1486 pKeyGenTlsOpData->secret.dataLenInBytes; 1487 pNestedModeSetupData->outerPrefixLenInBytes = 1488 pKeyGenTlsOpData->secret.dataLenInBytes; 1489 } 1490 } 1491 /* TLS v1.3 */ 1492 else if ((ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= lacCmdId) && 1493 (ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL >= 1494 lacCmdId)) { 1495 CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData = 1496 (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData; 1497 CpaCySymHashAlgorithm hashAlgorithm = 1498 getHashAlgorithmFromCipherSuiteHKDF(hashAlgCipher); 1499 1500 /* Set HASH data */ 1501 hashSetupData.hashAlgorithm = hashAlgorithm; 1502 /* Calculate digest length from the HASH type */ 1503 hashSetupData.digestResultLenInBytes = 1504 cipherSuiteHKDFHashSizes[hashAlgCipher] 1505 [LAC_KEY_HKDF_DIGESTS]; 1506 /* Outer Hash type is the same as inner hash type */ 1507 pNestedModeSetupData->outerHashAlgorithm = 1508 hashAlgorithm; 1509 1510 /* EXPAND (PRK): 1511 * Outer prefix = secret, inner prefix = secret 1512 * EXTRACT (SEED/SALT): 1513 * Outer prefix = seed, inner prefix = seed 1514 * Secret <= 64 Bytes 1515 * We do not pre compute as secret can't be larger than 1516 * 64 bytes 1517 */ 1518 1519 if ((ICP_QAT_FW_LA_CMD_HKDF_EXPAND == lacCmdId) || 1520 (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == lacCmdId)) { 1521 pNestedModeSetupData->pInnerPrefixData = 1522 pKeyGenTlsOpData->secret; 1523 pNestedModeSetupData->pOuterPrefixData = 1524 pKeyGenTlsOpData->secret; 1525 pNestedModeSetupData->innerPrefixLenInBytes = 1526 pKeyGenTlsOpData->secretLen; 1527 pNestedModeSetupData->outerPrefixLenInBytes = 1528 pKeyGenTlsOpData->secretLen; 1529 } else { 1530 pNestedModeSetupData->pInnerPrefixData = 1531 pKeyGenTlsOpData->seed; 1532 pNestedModeSetupData->pOuterPrefixData = 1533 pKeyGenTlsOpData->seed; 1534 pNestedModeSetupData->innerPrefixLenInBytes = 1535 pKeyGenTlsOpData->seedLen; 1536 pNestedModeSetupData->outerPrefixLenInBytes = 1537 pKeyGenTlsOpData->seedLen; 1538 } 1539 } 1540 1541 /* Set the footer Data. 1542 * Note that following function doesn't look at inner/outer 1543 * prefix pointers in nested digest ctx 1544 */ 1545 LacSymQat_HashContentDescInit( 1546 &keyGenReqFtr, 1547 instanceHandle, 1548 &hashSetupData, 1549 pCookie 1550 ->contentDesc, /* Pointer to base of hw setup block */ 1551 LAC_SYM_KEY_NO_HASH_BLK_OFFSET_QW, 1552 ICP_QAT_FW_SLICE_DRAM_WR, 1553 qatHashMode, 1554 CPA_FALSE, /* Not using sym Constants Table in Shared SRAM 1555 */ 1556 CPA_FALSE, /* not using the optimised content Desc */ 1557 CPA_FALSE, /* Not using the stateful SHA3 Content Desc */ 1558 NULL, /* precompute data */ 1559 &hashBlkSizeInBytes); 1560 1561 /* SSL3 */ 1562 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == lacCmdId) { 1563 CpaCyKeyGenSslOpData *pKeyGenSslOpData = 1564 (CpaCyKeyGenSslOpData *)pKeyGenSslTlsOpData; 1565 Cpa8U *pLabel = NULL; 1566 Cpa32U labelLen = 0; 1567 Cpa8U iterations = 0; 1568 Cpa64U labelPhysAddr = 0; 1569 1570 /* Iterations = ceiling of output required / output per 1571 * iteration Ceiling of a / b = (a + (b-1)) / b 1572 */ 1573 iterations = 1574 (pKeyGenSslOpData->generatedKeyLenInBytes + 1575 (LAC_SYM_QAT_KEY_SSL_BYTES_PER_ITERATION - 1)) >> 1576 LAC_SYM_QAT_KEY_SSL_ITERATIONS_SHIFT; 1577 1578 if (CPA_CY_KEY_SSL_OP_USER_DEFINED == 1579 pKeyGenSslOpData->sslOp) { 1580 pLabel = pKeyGenSslOpData->userLabel.pData; 1581 labelLen = 1582 pKeyGenSslOpData->userLabel.dataLenInBytes; 1583 labelPhysAddr = LAC_OS_VIRT_TO_PHYS_EXTERNAL( 1584 pService->generic_service_info, pLabel); 1585 1586 if (labelPhysAddr == 0) { 1587 LAC_LOG_ERROR( 1588 "Unable to get the physical address of the" 1589 " label"); 1590 status = CPA_STATUS_FAIL; 1591 } 1592 } else { 1593 pLabel = pService->pSslLabel; 1594 1595 /* Calculate label length. 1596 * eg. 3 iterations is ABBCCC so length is 6 1597 */ 1598 labelLen = 1599 ((iterations * iterations) + iterations) >> 1600 1; 1601 labelPhysAddr = 1602 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1603 } 1604 1605 LacSymQat_KeySslRequestPopulate( 1606 &keyGenReqHdr, 1607 &keyGenReqMid, 1608 pKeyGenSslOpData->generatedKeyLenInBytes, 1609 labelLen, 1610 pKeyGenSslOpData->secret.dataLenInBytes, 1611 iterations); 1612 1613 LacSymQat_KeySslKeyMaterialInputPopulate( 1614 &(pService->generic_service_info), 1615 &(pCookie->u.sslKeyInput), 1616 pKeyGenSslOpData->seed.pData, 1617 labelPhysAddr, 1618 pKeyGenSslOpData->secret.pData); 1619 1620 inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1621 pSymCookie->keySslKeyInputPhyAddr); 1622 } 1623 /* TLS v1.1, v1.2 */ 1624 else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == lacCmdId || 1625 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == lacCmdId) { 1626 CpaCyKeyGenTlsOpData *pKeyGenTlsOpData = 1627 (CpaCyKeyGenTlsOpData *)pKeyGenSslTlsOpData; 1628 lac_sym_qat_hash_state_buffer_info_t 1629 hashStateBufferInfo = { 0 }; 1630 CpaBoolean hashStateBuffer = CPA_FALSE; 1631 icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock = 1632 (icp_qat_fw_auth_cd_ctrl_hdr_t *)&( 1633 keyGenReqFtr.cd_ctrl); 1634 icp_qat_la_auth_req_params_t *pHashReqParams = NULL; 1635 Cpa8U *pLabel = NULL; 1636 Cpa32U labelLen = 0; 1637 Cpa64U labelPhysAddr = 0; 1638 hashStateBufferInfo.pData = pCookie->hashStateBuffer; 1639 hashStateBufferInfo.pDataPhys = 1640 LAC_MEM_CAST_PTR_TO_UINT64( 1641 pSymCookie->keyHashStateBufferPhyAddr); 1642 hashStateBufferInfo.stateStorageSzQuadWords = 0; 1643 1644 LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr), 1645 instanceHandle, 1646 &(hashSetupData), 1647 hashStateBuffer, 1648 qatHashMode, 1649 CPA_FALSE); 1650 1651 pHashReqParams = (icp_qat_la_auth_req_params_t *)&( 1652 keyGenReqFtr.serv_specif_rqpars); 1653 1654 hashStateBufferInfo.prefixAadSzQuadWords = 1655 LAC_BYTES_TO_QUADWORDS( 1656 pHashReqParams->u2.inner_prefix_sz + 1657 pHashControlBlock->outer_prefix_sz); 1658 1659 /* Copy prefix data into hash state buffer */ 1660 pMsgDummy = (Cpa8U *)&(keyGenReq); 1661 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 1662 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 1663 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 1664 memcpy(pMsgDummy, 1665 pCacheDummyHdr, 1666 (LAC_LONG_WORD_IN_BYTES * 1667 LAC_SIZE_OF_CACHE_HDR_IN_LW)); 1668 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1669 LAC_START_OF_CACHE_MID_IN_LW), 1670 pCacheDummyMid, 1671 (LAC_LONG_WORD_IN_BYTES * 1672 LAC_SIZE_OF_CACHE_MID_IN_LW)); 1673 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1674 LAC_START_OF_CACHE_FTR_IN_LW), 1675 pCacheDummyFtr, 1676 (LAC_LONG_WORD_IN_BYTES * 1677 LAC_SIZE_OF_CACHE_FTR_IN_LW)); 1678 1679 LacSymQat_HashStatePrefixAadBufferPopulate( 1680 &hashStateBufferInfo, 1681 &keyGenReqFtr, 1682 pNestedModeSetupData->pInnerPrefixData, 1683 pNestedModeSetupData->innerPrefixLenInBytes, 1684 pNestedModeSetupData->pOuterPrefixData, 1685 pNestedModeSetupData->outerPrefixLenInBytes); 1686 1687 /* Firmware only looks at hash state buffer pointer and 1688 * the 1689 * hash state buffer size so all other fields are set to 1690 * 0 1691 */ 1692 LacSymQat_HashRequestParamsPopulate( 1693 &(keyGenReq), 1694 0, /* Auth offset */ 1695 0, /* Auth length */ 1696 &(pService->generic_service_info), 1697 &hashStateBufferInfo, /* Hash state prefix buffer */ 1698 ICP_QAT_FW_LA_PARTIAL_NONE, 1699 0, /* Hash result size */ 1700 CPA_FALSE, 1701 NULL, 1702 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 1703 NULL); /* HKDF only */ 1704 1705 /* Set up the labels and their length */ 1706 if (CPA_CY_KEY_TLS_OP_USER_DEFINED == 1707 pKeyGenTlsOpData->tlsOp) { 1708 pLabel = pKeyGenTlsOpData->userLabel.pData; 1709 labelLen = 1710 pKeyGenTlsOpData->userLabel.dataLenInBytes; 1711 labelPhysAddr = LAC_OS_VIRT_TO_PHYS_EXTERNAL( 1712 pService->generic_service_info, pLabel); 1713 1714 if (labelPhysAddr == 0) { 1715 LAC_LOG_ERROR( 1716 "Unable to get the physical address of the" 1717 " label"); 1718 status = CPA_STATUS_FAIL; 1719 } 1720 } else if (CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE == 1721 pKeyGenTlsOpData->tlsOp) { 1722 pLabel = pService->pTlsLabel->masterSecret; 1723 labelLen = 1724 sizeof( 1725 LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL) - 1726 1; 1727 labelPhysAddr = 1728 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1729 } else if (CPA_CY_KEY_TLS_OP_KEY_MATERIAL_DERIVE == 1730 pKeyGenTlsOpData->tlsOp) { 1731 pLabel = pService->pTlsLabel->keyMaterial; 1732 labelLen = 1733 sizeof(LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL) - 1734 1; 1735 labelPhysAddr = 1736 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1737 } else if (CPA_CY_KEY_TLS_OP_CLIENT_FINISHED_DERIVE == 1738 pKeyGenTlsOpData->tlsOp) { 1739 pLabel = pService->pTlsLabel->clientFinished; 1740 labelLen = 1741 sizeof(LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL) - 1742 1; 1743 labelPhysAddr = 1744 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1745 } else { 1746 pLabel = pService->pTlsLabel->serverFinished; 1747 labelLen = 1748 sizeof(LAC_SYM_KEY_TLS_SERVER_FIN_LABEL) - 1749 1; 1750 labelPhysAddr = 1751 LAC_OS_VIRT_TO_PHYS_INTERNAL(pLabel); 1752 } 1753 LacSymQat_KeyTlsRequestPopulate( 1754 &keyGenReqMid, 1755 pKeyGenTlsOpData->generatedKeyLenInBytes, 1756 labelLen, 1757 pKeyGenTlsOpData->secret.dataLenInBytes, 1758 pKeyGenTlsOpData->seed.dataLenInBytes, 1759 lacCmdId); 1760 1761 LacSymQat_KeyTlsKeyMaterialInputPopulate( 1762 &(pService->generic_service_info), 1763 &(pCookie->u.tlsKeyInput), 1764 pKeyGenTlsOpData->seed.pData, 1765 labelPhysAddr); 1766 1767 inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1768 pSymCookie->keyTlsKeyInputPhyAddr); 1769 } 1770 /* TLS v1.3 */ 1771 else if (ICP_QAT_FW_LA_CMD_HKDF_EXTRACT <= lacCmdId && 1772 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND >= 1773 lacCmdId) { 1774 CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData = 1775 (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData; 1776 lac_sym_qat_hash_state_buffer_info_t 1777 hashStateBufferInfo = { 0 }; 1778 CpaBoolean hashStateBuffer = CPA_FALSE; 1779 icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock = 1780 (icp_qat_fw_auth_cd_ctrl_hdr_t *)&( 1781 keyGenReqFtr.cd_ctrl); 1782 icp_qat_la_auth_req_params_t *pHashReqParams = NULL; 1783 hashStateBufferInfo.pData = pCookie->hashStateBuffer; 1784 hashStateBufferInfo.pDataPhys = 1785 LAC_MEM_CAST_PTR_TO_UINT64( 1786 pSymCookie->keyHashStateBufferPhyAddr); 1787 hashStateBufferInfo.stateStorageSzQuadWords = 0; 1788 1789 LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr), 1790 instanceHandle, 1791 &(hashSetupData), 1792 hashStateBuffer, 1793 qatHashMode, 1794 CPA_FALSE); 1795 1796 pHashReqParams = (icp_qat_la_auth_req_params_t *)&( 1797 keyGenReqFtr.serv_specif_rqpars); 1798 1799 hashStateBufferInfo.prefixAadSzQuadWords = 1800 LAC_BYTES_TO_QUADWORDS( 1801 pHashReqParams->u2.inner_prefix_sz + 1802 pHashControlBlock->outer_prefix_sz); 1803 1804 /* Copy prefix data into hash state buffer */ 1805 pMsgDummy = (Cpa8U *)&(keyGenReq); 1806 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 1807 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 1808 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 1809 memcpy(pMsgDummy, 1810 pCacheDummyHdr, 1811 (LAC_LONG_WORD_IN_BYTES * 1812 LAC_SIZE_OF_CACHE_HDR_IN_LW)); 1813 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1814 LAC_START_OF_CACHE_MID_IN_LW), 1815 pCacheDummyMid, 1816 (LAC_LONG_WORD_IN_BYTES * 1817 LAC_SIZE_OF_CACHE_MID_IN_LW)); 1818 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1819 LAC_START_OF_CACHE_FTR_IN_LW), 1820 pCacheDummyFtr, 1821 (LAC_LONG_WORD_IN_BYTES * 1822 LAC_SIZE_OF_CACHE_FTR_IN_LW)); 1823 1824 LacSymQat_HashStatePrefixAadBufferPopulate( 1825 &hashStateBufferInfo, 1826 &keyGenReqFtr, 1827 pNestedModeSetupData->pInnerPrefixData, 1828 pNestedModeSetupData->innerPrefixLenInBytes, 1829 pNestedModeSetupData->pOuterPrefixData, 1830 pNestedModeSetupData->outerPrefixLenInBytes); 1831 1832 /* Firmware only looks at hash state buffer pointer and 1833 * the 1834 * hash state buffer size so all other fields are set to 1835 * 0 1836 */ 1837 LacSymQat_HashRequestParamsPopulate( 1838 &(keyGenReq), 1839 0, /* Auth offset */ 1840 0, /* Auth length */ 1841 &(pService->generic_service_info), 1842 &hashStateBufferInfo, /* Hash state prefix buffer */ 1843 ICP_QAT_FW_LA_PARTIAL_NONE, 1844 0, /* Hash result size */ 1845 CPA_FALSE, 1846 NULL, 1847 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 1848 pKeyGenTlsOpData->secret); /* IKM or PRK */ 1849 1850 LacSymQat_KeyTlsRequestPopulate( 1851 &keyGenReqMid, 1852 cipherSuiteHKDFHashSizes[hashAlgCipher] 1853 [LAC_KEY_HKDF_DIGESTS], 1854 /* For EXTRACT, EXPAND, FW expects info to be passed 1855 as label */ 1856 pKeyGenTlsOpData->infoLen, 1857 pKeyGenTlsOpData->secretLen, 1858 pKeyGenTlsOpData->seedLen, 1859 lacCmdId); 1860 1861 LacSymQat_KeyTlsHKDFKeyMaterialInputPopulate( 1862 &(pService->generic_service_info), 1863 &(pCookie->u.tlsHKDFKeyInput), 1864 pKeyGenTlsOpData, 1865 0, /* No subLabels used */ 1866 lacCmdId); /* Pass op being performed */ 1867 1868 inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1869 pSymCookie->keyTlsKeyInputPhyAddr); 1870 } 1871 /* TLS v1.3 LABEL */ 1872 else if (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == lacCmdId || 1873 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL == 1874 lacCmdId) { 1875 CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData = 1876 (CpaCyKeyGenHKDFOpData *)pKeyGenSslTlsOpData; 1877 Cpa64U subLabelsPhysAddr = 0; 1878 lac_sym_qat_hash_state_buffer_info_t 1879 hashStateBufferInfo = { 0 }; 1880 CpaBoolean hashStateBuffer = CPA_FALSE; 1881 icp_qat_fw_auth_cd_ctrl_hdr_t *pHashControlBlock = 1882 (icp_qat_fw_auth_cd_ctrl_hdr_t *)&( 1883 keyGenReqFtr.cd_ctrl); 1884 icp_qat_la_auth_req_params_t *pHashReqParams = NULL; 1885 hashStateBufferInfo.pData = pCookie->hashStateBuffer; 1886 hashStateBufferInfo.pDataPhys = 1887 LAC_MEM_CAST_PTR_TO_UINT64( 1888 pSymCookie->keyHashStateBufferPhyAddr); 1889 hashStateBufferInfo.stateStorageSzQuadWords = 0; 1890 1891 LacSymQat_HashSetupReqParamsMetaData(&(keyGenReqFtr), 1892 instanceHandle, 1893 &(hashSetupData), 1894 hashStateBuffer, 1895 qatHashMode, 1896 CPA_FALSE); 1897 1898 pHashReqParams = (icp_qat_la_auth_req_params_t *)&( 1899 keyGenReqFtr.serv_specif_rqpars); 1900 1901 hashStateBufferInfo.prefixAadSzQuadWords = 1902 LAC_BYTES_TO_QUADWORDS( 1903 pHashReqParams->u2.inner_prefix_sz + 1904 pHashControlBlock->outer_prefix_sz); 1905 1906 /* Copy prefix data into hash state buffer */ 1907 pMsgDummy = (Cpa8U *)&(keyGenReq); 1908 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 1909 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 1910 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 1911 memcpy(pMsgDummy, 1912 pCacheDummyHdr, 1913 (LAC_LONG_WORD_IN_BYTES * 1914 LAC_SIZE_OF_CACHE_HDR_IN_LW)); 1915 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1916 LAC_START_OF_CACHE_MID_IN_LW), 1917 pCacheDummyMid, 1918 (LAC_LONG_WORD_IN_BYTES * 1919 LAC_SIZE_OF_CACHE_MID_IN_LW)); 1920 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 1921 LAC_START_OF_CACHE_FTR_IN_LW), 1922 pCacheDummyFtr, 1923 (LAC_LONG_WORD_IN_BYTES * 1924 LAC_SIZE_OF_CACHE_FTR_IN_LW)); 1925 1926 LacSymQat_HashStatePrefixAadBufferPopulate( 1927 &hashStateBufferInfo, 1928 &keyGenReqFtr, 1929 pNestedModeSetupData->pInnerPrefixData, 1930 pNestedModeSetupData->innerPrefixLenInBytes, 1931 pNestedModeSetupData->pOuterPrefixData, 1932 pNestedModeSetupData->outerPrefixLenInBytes); 1933 1934 /* Firmware only looks at hash state buffer pointer and 1935 * the 1936 * hash state buffer size so all other fields are set to 1937 * 0 1938 */ 1939 LacSymQat_HashRequestParamsPopulate( 1940 &(keyGenReq), 1941 0, /* Auth offset */ 1942 0, /* Auth length */ 1943 &(pService->generic_service_info), 1944 &hashStateBufferInfo, /* Hash state prefix buffer */ 1945 ICP_QAT_FW_LA_PARTIAL_NONE, 1946 0, /* Hash result size */ 1947 CPA_FALSE, 1948 NULL, 1949 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 1950 pKeyGenTlsOpData->secret); /* IKM or PRK */ 1951 1952 LacSymQat_KeyTlsRequestPopulate( 1953 &keyGenReqMid, 1954 cipherSuiteHKDFHashSizes[hashAlgCipher] 1955 [LAC_KEY_HKDF_DIGESTS], 1956 pKeyGenTlsOpData->numLabels, /* Number of Labels */ 1957 pKeyGenTlsOpData->secretLen, 1958 pKeyGenTlsOpData->seedLen, 1959 lacCmdId); 1960 1961 /* Get physical address of subLabels */ 1962 switch (hashAlgCipher) { 1963 case CPA_CY_HKDF_TLS_AES_128_GCM_SHA256: /* Fall Through 1964 */ 1965 case CPA_CY_HKDF_TLS_AES_128_CCM_SHA256: 1966 case CPA_CY_HKDF_TLS_AES_128_CCM_8_SHA256: 1967 subLabelsPhysAddr = pService->pTlsHKDFSubLabel 1968 ->sublabelPhysAddr256; 1969 break; 1970 case CPA_CY_HKDF_TLS_CHACHA20_POLY1305_SHA256: 1971 subLabelsPhysAddr = 1972 pService->pTlsHKDFSubLabel 1973 ->sublabelPhysAddrChaChaPoly; 1974 break; 1975 case CPA_CY_HKDF_TLS_AES_256_GCM_SHA384: 1976 subLabelsPhysAddr = pService->pTlsHKDFSubLabel 1977 ->sublabelPhysAddr384; 1978 break; 1979 default: 1980 break; 1981 } 1982 1983 LacSymQat_KeyTlsHKDFKeyMaterialInputPopulate( 1984 &(pService->generic_service_info), 1985 &(pCookie->u.tlsHKDFKeyInput), 1986 pKeyGenTlsOpData, 1987 subLabelsPhysAddr, 1988 lacCmdId); /* Pass op being performed */ 1989 1990 inputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1991 pSymCookie->keyTlsKeyInputPhyAddr); 1992 } 1993 1994 outputPhysAddr = LAC_MEM_CAST_PTR_TO_UINT64( 1995 LAC_OS_VIRT_TO_PHYS_EXTERNAL(pService->generic_service_info, 1996 pKeyGenOutputData->pData)); 1997 1998 if (outputPhysAddr == 0) { 1999 LAC_LOG_ERROR( 2000 "Unable to get the physical address of the" 2001 " output buffer"); 2002 status = CPA_STATUS_FAIL; 2003 } 2004 } 2005 if (CPA_STATUS_SUCCESS == status) { 2006 Cpa8U lw26[4]; 2007 char *tmp = NULL; 2008 unsigned char a; 2009 int n = 0; 2010 /* Make up the full keyGenReq struct from its constituents 2011 * before calling the SalQatMsg functions below. 2012 * Note: The full cache struct has been reduced to a 2013 * header, mid and footer for memory size reduction 2014 */ 2015 pMsgDummy = (Cpa8U *)&(keyGenReq); 2016 pCacheDummyHdr = (Cpa8U *)&(keyGenReqHdr); 2017 pCacheDummyMid = (Cpa8U *)&(keyGenReqMid); 2018 pCacheDummyFtr = (Cpa8U *)&(keyGenReqFtr); 2019 2020 memcpy(pMsgDummy, 2021 pCacheDummyHdr, 2022 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_HDR_IN_LW)); 2023 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2024 LAC_START_OF_CACHE_MID_IN_LW), 2025 pCacheDummyMid, 2026 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_MID_IN_LW)); 2027 memcpy(&lw26, 2028 pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2029 LAC_START_OF_CACHE_FTR_IN_LW), 2030 LAC_LONG_WORD_IN_BYTES); 2031 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2032 LAC_START_OF_CACHE_FTR_IN_LW), 2033 pCacheDummyFtr, 2034 (LAC_LONG_WORD_IN_BYTES * LAC_SIZE_OF_CACHE_FTR_IN_LW)); 2035 tmp = (char *)(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2036 LAC_START_OF_CACHE_FTR_IN_LW)); 2037 2038 /* Copy LW26, or'd with what's already there, into the Msg, for 2039 * TLS */ 2040 for (n = 0; n < LAC_LONG_WORD_IN_BYTES; n++) { 2041 a = (unsigned char)*(tmp + n); 2042 lw26[n] = lw26[n] | a; 2043 } 2044 memcpy(pMsgDummy + (LAC_LONG_WORD_IN_BYTES * 2045 LAC_START_OF_CACHE_FTR_IN_LW), 2046 &lw26, 2047 LAC_LONG_WORD_IN_BYTES); 2048 2049 contentDescInfo.pData = pCookie->contentDesc; 2050 contentDescInfo.hardwareSetupBlockPhys = 2051 LAC_MEM_CAST_PTR_TO_UINT64( 2052 pSymCookie->keyContentDescPhyAddr); 2053 contentDescInfo.hwBlkSzQuadWords = 2054 LAC_BYTES_TO_QUADWORDS(hashBlkSizeInBytes); 2055 2056 /* Populate common request fields */ 2057 SalQatMsg_ContentDescHdrWrite((icp_qat_fw_comn_req_t *)&( 2058 keyGenReq), 2059 &(contentDescInfo)); 2060 2061 SalQatMsg_CmnHdrWrite((icp_qat_fw_comn_req_t *)&keyGenReq, 2062 ICP_QAT_FW_COMN_REQ_CPM_FW_LA, 2063 lacCmdId, 2064 cmnRequestFlags, 2065 laCmdFlags); 2066 2067 SalQatMsg_CmnMidWrite((icp_qat_fw_la_bulk_req_t *)&(keyGenReq), 2068 pCookie, 2069 LAC_SYM_KEY_QAT_PTR_TYPE, 2070 inputPhysAddr, 2071 outputPhysAddr, 2072 0, 2073 0); 2074 2075 /* Send to QAT */ 2076 status = icp_adf_transPutMsg(pService->trans_handle_sym_tx, 2077 (void *)&(keyGenReq), 2078 LAC_QAT_SYM_REQ_SZ_LW); 2079 } 2080 if (CPA_STATUS_SUCCESS == status) { 2081 /* Update stats */ 2082 LacKey_StatsInc(lacCmdId, 2083 LAC_KEY_REQUESTS, 2084 pCookie->instanceHandle); 2085 } else { 2086 /* Clean up cookie memory */ 2087 if (NULL != pCookie) { 2088 LacKey_StatsInc(lacCmdId, 2089 LAC_KEY_REQUEST_ERRORS, 2090 pCookie->instanceHandle); 2091 Lac_MemPoolEntryFree(pCookie); 2092 } 2093 } 2094 return status; 2095 } 2096 2097 /** 2098 * @ingroup LacSymKey 2099 * Parameters check for TLS v1.0/1.1, v1.2, v1.3 and SSL3 2100 * @description 2101 * Check user parameters against the firmware/spec requirements. 2102 * 2103 * @param[in] pKeyGenOpData Pointer to a structure containing all 2104 * the data needed to perform the key 2105 * generation operation. 2106 * @param[in] hashAlgCipher Specifies the hash algorithm, 2107 * or cipher we are using. 2108 * According to RFC5246, this should be 2109 * "SHA-256 or a stronger standard hash 2110 * function." 2111 * @param[in] pGeneratedKeyBuffer User output buffers. 2112 * @param[in] cmdId Keygen operation to perform. 2113 */ 2114 static CpaStatus 2115 LacSymKey_CheckParamSslTls(const void *pKeyGenOpData, 2116 Cpa8U hashAlgCipher, 2117 const CpaFlatBuffer *pGeneratedKeyBuffer, 2118 icp_qat_fw_la_cmd_id_t cmdId) 2119 { 2120 /* Api max value */ 2121 Cpa32U maxSecretLen = 0; 2122 Cpa32U maxSeedLen = 0; 2123 Cpa32U maxOutputLen = 0; 2124 Cpa32U maxInfoLen = 0; 2125 Cpa32U maxLabelLen = 0; 2126 2127 /* User info */ 2128 Cpa32U uSecretLen = 0; 2129 Cpa32U uSeedLen = 0; 2130 Cpa32U uOutputLen = 0; 2131 2132 LAC_CHECK_NULL_PARAM(pKeyGenOpData); 2133 LAC_CHECK_NULL_PARAM(pGeneratedKeyBuffer); 2134 LAC_CHECK_NULL_PARAM(pGeneratedKeyBuffer->pData); 2135 2136 if (ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE == cmdId) { 2137 CpaCyKeyGenSslOpData *opData = 2138 (CpaCyKeyGenSslOpData *)pKeyGenOpData; 2139 2140 /* User info */ 2141 uSecretLen = opData->secret.dataLenInBytes; 2142 uSeedLen = opData->seed.dataLenInBytes; 2143 uOutputLen = opData->generatedKeyLenInBytes; 2144 2145 /* Api max value */ 2146 maxSecretLen = ICP_QAT_FW_LA_SSL_SECRET_LEN_MAX; 2147 maxSeedLen = ICP_QAT_FW_LA_SSL_SEED_LEN_MAX; 2148 maxOutputLen = ICP_QAT_FW_LA_SSL_OUTPUT_LEN_MAX; 2149 2150 /* Check user buffers */ 2151 LAC_CHECK_NULL_PARAM(opData->secret.pData); 2152 LAC_CHECK_NULL_PARAM(opData->seed.pData); 2153 2154 /* Check operation */ 2155 if ((Cpa32U)opData->sslOp > CPA_CY_KEY_SSL_OP_USER_DEFINED) { 2156 LAC_INVALID_PARAM_LOG("opData->sslOp"); 2157 return CPA_STATUS_INVALID_PARAM; 2158 } 2159 if ((Cpa32U)opData->sslOp == CPA_CY_KEY_SSL_OP_USER_DEFINED) { 2160 LAC_CHECK_NULL_PARAM(opData->userLabel.pData); 2161 /* Maximum label length for SSL Key Gen request */ 2162 if (opData->userLabel.dataLenInBytes > 2163 ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX) { 2164 LAC_INVALID_PARAM_LOG( 2165 "userLabel.dataLenInBytes"); 2166 return CPA_STATUS_INVALID_PARAM; 2167 } 2168 } 2169 2170 /* Only seed length for SSL3 Key Gen request */ 2171 if (maxSeedLen != uSeedLen) { 2172 LAC_INVALID_PARAM_LOG("seed.dataLenInBytes"); 2173 return CPA_STATUS_INVALID_PARAM; 2174 } 2175 2176 /* Maximum output length for SSL3 Key Gen request */ 2177 if (uOutputLen > maxOutputLen) { 2178 LAC_INVALID_PARAM_LOG("generatedKeyLenInBytes"); 2179 return CPA_STATUS_INVALID_PARAM; 2180 } 2181 } 2182 /* TLS v1.1 or TLS v.12 */ 2183 else if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == cmdId || 2184 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE == cmdId) { 2185 CpaCyKeyGenTlsOpData *opData = 2186 (CpaCyKeyGenTlsOpData *)pKeyGenOpData; 2187 2188 /* User info */ 2189 uSecretLen = opData->secret.dataLenInBytes; 2190 uSeedLen = opData->seed.dataLenInBytes; 2191 uOutputLen = opData->generatedKeyLenInBytes; 2192 2193 if (ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE == cmdId) { 2194 /* Api max value */ 2195 /* ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX needs to be 2196 * multiplied 2197 * by 4 in order to verifiy the 512 conditions. We did 2198 * not change 2199 * ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX as it 2200 * represents 2201 * the max value tha firmware can handle. 2202 */ 2203 maxSecretLen = 2204 ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX * 4; 2205 } else { 2206 /* Api max value */ 2207 /* ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX needs to be 2208 * multiplied 2209 * by 8 in order to verifiy the 512 conditions. We did 2210 * not change 2211 * ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX as it 2212 * represents 2213 * the max value tha firmware can handle. 2214 */ 2215 maxSecretLen = 2216 ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX * 8; 2217 2218 /* Check Hash algorithm */ 2219 if (0 == getDigestSizeFromHashAlgo(hashAlgCipher)) { 2220 LAC_INVALID_PARAM_LOG("hashAlgorithm"); 2221 return CPA_STATUS_INVALID_PARAM; 2222 } 2223 } 2224 maxSeedLen = ICP_QAT_FW_LA_TLS_SEED_LEN_MAX; 2225 maxOutputLen = ICP_QAT_FW_LA_TLS_OUTPUT_LEN_MAX; 2226 /* Check user buffers */ 2227 LAC_CHECK_NULL_PARAM(opData->secret.pData); 2228 LAC_CHECK_NULL_PARAM(opData->seed.pData); 2229 2230 /* Check operation */ 2231 if ((Cpa32U)opData->tlsOp > CPA_CY_KEY_TLS_OP_USER_DEFINED) { 2232 LAC_INVALID_PARAM_LOG("opData->tlsOp"); 2233 return CPA_STATUS_INVALID_PARAM; 2234 } else if ((Cpa32U)opData->tlsOp == 2235 CPA_CY_KEY_TLS_OP_USER_DEFINED) { 2236 LAC_CHECK_NULL_PARAM(opData->userLabel.pData); 2237 /* Maximum label length for TLS Key Gen request */ 2238 if (opData->userLabel.dataLenInBytes > 2239 ICP_QAT_FW_LA_TLS_LABEL_LEN_MAX) { 2240 LAC_INVALID_PARAM_LOG( 2241 "userLabel.dataLenInBytes"); 2242 return CPA_STATUS_INVALID_PARAM; 2243 } 2244 } 2245 2246 /* Maximum/only seed length for TLS Key Gen request */ 2247 if (((Cpa32U)opData->tlsOp != 2248 CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE) && 2249 ((Cpa32U)opData->tlsOp != 2250 CPA_CY_KEY_TLS_OP_KEY_MATERIAL_DERIVE)) { 2251 if (uSeedLen > maxSeedLen) { 2252 LAC_INVALID_PARAM_LOG("seed.dataLenInBytes"); 2253 return CPA_STATUS_INVALID_PARAM; 2254 } 2255 } else { 2256 if (maxSeedLen != uSeedLen) { 2257 LAC_INVALID_PARAM_LOG("seed.dataLenInBytes"); 2258 return CPA_STATUS_INVALID_PARAM; 2259 } 2260 } 2261 2262 /* Maximum output length for TLS Key Gen request */ 2263 if (uOutputLen > maxOutputLen) { 2264 LAC_INVALID_PARAM_LOG("generatedKeyLenInBytes"); 2265 return CPA_STATUS_INVALID_PARAM; 2266 } 2267 } 2268 /* TLS v1.3 */ 2269 else if (cmdId >= ICP_QAT_FW_LA_CMD_HKDF_EXTRACT && 2270 cmdId <= ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL) { 2271 CpaCyKeyGenHKDFOpData *HKDF_Data = 2272 (CpaCyKeyGenHKDFOpData *)pKeyGenOpData; 2273 CpaCyKeyHKDFCipherSuite cipherSuite = hashAlgCipher; 2274 CpaCySymHashAlgorithm hashAlgorithm = 2275 getHashAlgorithmFromCipherSuiteHKDF(cipherSuite); 2276 maxSeedLen = 2277 cipherSuiteHKDFHashSizes[cipherSuite][LAC_KEY_HKDF_DIGESTS]; 2278 maxSecretLen = CPA_CY_HKDF_KEY_MAX_SECRET_SZ; 2279 maxInfoLen = CPA_CY_HKDF_KEY_MAX_INFO_SZ; 2280 maxLabelLen = CPA_CY_HKDF_KEY_MAX_LABEL_SZ; 2281 2282 uSecretLen = HKDF_Data->secretLen; 2283 2284 /* Check using supported hash function */ 2285 if (0 == 2286 (uOutputLen = getDigestSizeFromHashAlgo(hashAlgorithm))) { 2287 LAC_INVALID_PARAM_LOG("Hash function not supported"); 2288 return CPA_STATUS_INVALID_PARAM; 2289 } 2290 2291 /* Number of labels does not exceed the MAX */ 2292 if (HKDF_Data->numLabels > CPA_CY_HKDF_KEY_MAX_LABEL_COUNT) { 2293 LAC_INVALID_PARAM_LOG( 2294 "CpaCyKeyGenHKDFOpData.numLabels"); 2295 return CPA_STATUS_INVALID_PARAM; 2296 } 2297 2298 switch (cmdId) { 2299 case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT: 2300 if (maxSeedLen < HKDF_Data->seedLen) { 2301 LAC_INVALID_PARAM_LOG( 2302 "CpaCyKeyGenHKDFOpData.seedLen"); 2303 return CPA_STATUS_INVALID_PARAM; 2304 } 2305 break; 2306 case ICP_QAT_FW_LA_CMD_HKDF_EXPAND: 2307 maxSecretLen = 2308 cipherSuiteHKDFHashSizes[cipherSuite] 2309 [LAC_KEY_HKDF_DIGESTS]; 2310 2311 if (maxInfoLen < HKDF_Data->infoLen) { 2312 LAC_INVALID_PARAM_LOG( 2313 "CpaCyKeyGenHKDFOpData.infoLen"); 2314 return CPA_STATUS_INVALID_PARAM; 2315 } 2316 break; 2317 case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND: 2318 uOutputLen *= 2; 2319 if (maxSeedLen < HKDF_Data->seedLen) { 2320 LAC_INVALID_PARAM_LOG( 2321 "CpaCyKeyGenHKDFOpData.seedLen"); 2322 return CPA_STATUS_INVALID_PARAM; 2323 } 2324 if (maxInfoLen < HKDF_Data->infoLen) { 2325 LAC_INVALID_PARAM_LOG( 2326 "CpaCyKeyGenHKDFOpData.infoLen"); 2327 return CPA_STATUS_INVALID_PARAM; 2328 } 2329 break; 2330 case ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL: /* Fall through */ 2331 case ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL: { 2332 Cpa8U subl_mask = 0, subl_number = 1; 2333 Cpa8U i = 0; 2334 2335 if (maxSeedLen < HKDF_Data->seedLen) { 2336 LAC_INVALID_PARAM_LOG( 2337 "CpaCyKeyGenHKDFOpData.seedLen"); 2338 return CPA_STATUS_INVALID_PARAM; 2339 } 2340 2341 /* If EXPAND set uOutputLen to zero */ 2342 if (ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL == cmdId) { 2343 uOutputLen = 0; 2344 maxSecretLen = cipherSuiteHKDFHashSizes 2345 [cipherSuite][LAC_KEY_HKDF_DIGESTS]; 2346 } 2347 2348 for (i = 0; i < HKDF_Data->numLabels; i++) { 2349 /* Check that the labelLen does not overflow */ 2350 if (maxLabelLen < 2351 HKDF_Data->label[i].labelLen) { 2352 LAC_INVALID_PARAM_LOG1( 2353 "CpaCyKeyGenHKDFOpData.label[%d].labelLen", 2354 i); 2355 return CPA_STATUS_INVALID_PARAM; 2356 } 2357 2358 if (HKDF_Data->label[i].sublabelFlag & 2359 ~HKDF_SUB_LABELS_ALL) { 2360 LAC_INVALID_PARAM_LOG1( 2361 "CpaCyKeyGenHKDFOpData.label[%d]." 2362 "subLabelFlag", 2363 i); 2364 return CPA_STATUS_INVALID_PARAM; 2365 } 2366 2367 /* Calculate the appended subLabel output 2368 * lengths and 2369 * check that the output buffer that the user 2370 * has 2371 * supplied is the correct length. 2372 */ 2373 uOutputLen += cipherSuiteHKDFHashSizes 2374 [cipherSuite][LAC_KEY_HKDF_DIGESTS]; 2375 /* Get mask of subLabel */ 2376 subl_mask = HKDF_Data->label[i].sublabelFlag; 2377 2378 for (subl_number = 1; 2379 subl_number <= LAC_KEY_HKDF_SUBLABELS_NUM; 2380 subl_number++) { 2381 /* Add the used subLabel key lengths */ 2382 if (subl_mask & 1) { 2383 uOutputLen += 2384 cipherSuiteHKDFHashSizes 2385 [cipherSuite] 2386 [subl_number]; 2387 } 2388 subl_mask >>= 1; 2389 } 2390 } 2391 } break; 2392 default: 2393 break; 2394 } 2395 } else { 2396 LAC_INVALID_PARAM_LOG("TLS/SSL operation"); 2397 return CPA_STATUS_INVALID_PARAM; 2398 } 2399 2400 /* Maximum secret length for TLS/SSL Key Gen request */ 2401 if (uSecretLen > maxSecretLen) { 2402 LAC_INVALID_PARAM_LOG("HKFD.secretLen/secret.dataLenInBytes"); 2403 return CPA_STATUS_INVALID_PARAM; 2404 } 2405 2406 /* Check for enough space in the flat buffer */ 2407 if (uOutputLen > pGeneratedKeyBuffer->dataLenInBytes) { 2408 LAC_INVALID_PARAM_LOG("pGeneratedKeyBuffer->dataLenInBytes"); 2409 return CPA_STATUS_INVALID_PARAM; 2410 } 2411 return CPA_STATUS_SUCCESS; 2412 } 2413 2414 /** 2415 * 2416 */ 2417 /** 2418 * @ingroup LacSymKey 2419 * Common Keygen Code for TLS v1.0/1.1, v1.2 and SSL3. 2420 * @description 2421 * Check user parameters and perform the required operation. 2422 * 2423 * @param[in] instanceHandle_in Instance handle. 2424 * @param[in] pKeyGenCb Pointer to callback function to be 2425 * invoked when the operation is complete. 2426 * If this is set to a NULL value the 2427 * function will operate synchronously. 2428 * @param[in] pCallbackTag Opaque User Data for this specific 2429 * call. Will be returned unchanged in the 2430 * callback. 2431 * @param[in] pKeyGenOpData Pointer to a structure containing all 2432 * the data needed to perform the key 2433 * generation operation. 2434 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 2435 * According to RFC5246, this should be 2436 * "SHA-256 or a stronger standard hash 2437 * function." 2438 * @param[out] pGeneratedKeyBuffer User output buffer. 2439 * @param[in] cmdId Keygen operation to perform. 2440 */ 2441 static CpaStatus 2442 LacSymKey_KeyGenSslTls(const CpaInstanceHandle instanceHandle_in, 2443 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2444 void *pCallbackTag, 2445 const void *pKeyGenOpData, 2446 Cpa8U hashAlgorithm, 2447 CpaFlatBuffer *pGeneratedKeyBuffer, 2448 icp_qat_fw_la_cmd_id_t cmdId) 2449 { 2450 CpaStatus status = CPA_STATUS_FAIL; 2451 CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in); 2452 CpaCyCapabilitiesInfo cyCapInfo; 2453 2454 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 2455 SAL_CHECK_INSTANCE_TYPE(instanceHandle, 2456 (SAL_SERVICE_TYPE_CRYPTO | 2457 SAL_SERVICE_TYPE_CRYPTO_SYM)); 2458 2459 SAL_RUNNING_CHECK(instanceHandle); 2460 SalCtrl_CyQueryCapabilities(instanceHandle, &cyCapInfo); 2461 2462 if (IS_HKDF_UNSUPPORTED(cmdId, cyCapInfo.hkdfSupported)) { 2463 LAC_LOG_ERROR("The device does not support HKDF"); 2464 return CPA_STATUS_UNSUPPORTED; 2465 } 2466 2467 status = LacSymKey_CheckParamSslTls(pKeyGenOpData, 2468 hashAlgorithm, 2469 pGeneratedKeyBuffer, 2470 cmdId); 2471 if (CPA_STATUS_SUCCESS != status) 2472 return status; 2473 return LacSymKey_KeyGenSslTls_GenCommon(instanceHandle, 2474 pKeyGenCb, 2475 pCallbackTag, 2476 cmdId, 2477 LAC_CONST_PTR_CAST( 2478 pKeyGenOpData), 2479 hashAlgorithm, 2480 pGeneratedKeyBuffer); 2481 } 2482 2483 /** 2484 * @ingroup LacSymKey 2485 * SSL Key Generation Function. 2486 * @description 2487 * This function is used for SSL key generation. It implements the key 2488 * generation function defined in section 6.2.2 of the SSL 3.0 2489 * specification as described in 2490 * http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt. 2491 * 2492 * The input seed is taken as a flat buffer and the generated key is 2493 * returned to caller in a flat destination data buffer. 2494 * 2495 * @param[in] instanceHandle_in Instance handle. 2496 * @param[in] pKeyGenCb Pointer to callback function to be 2497 * invoked when the operation is complete. 2498 * If this is set to a NULL value the 2499 * function will operate synchronously. 2500 * @param[in] pCallbackTag Opaque User Data for this specific 2501 * call. Will be returned unchanged in the 2502 * callback. 2503 * @param[in] pKeyGenSslOpData Pointer to a structure containing all 2504 * the data needed to perform the SSL key 2505 * generation operation. The client code 2506 * allocates the memory for this 2507 * structure. This component takes 2508 * ownership of the memory until it is 2509 * returned in the callback. 2510 * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 2511 * buffer to hold the key generation 2512 * output. The data pointer SHOULD be 2513 * aligned on an 8-byte boundary. The 2514 * length field passed in represents the 2515 * size of the buffer in bytes. The value 2516 * that is returned is the size of the 2517 * result key in bytes. 2518 * On invocation the callback function 2519 * will contain this parameter in the 2520 * pOut parameter. 2521 * 2522 * @retval CPA_STATUS_SUCCESS Function executed successfully. 2523 * @retval CPA_STATUS_FAIL Function failed. 2524 * @retval CPA_STATUS_RETRY Resubmit the request. 2525 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 2526 * @retval CPA_STATUS_RESOURCE Error related to system resources. 2527 */ 2528 CpaStatus 2529 cpaCyKeyGenSsl(const CpaInstanceHandle instanceHandle_in, 2530 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2531 void *pCallbackTag, 2532 const CpaCyKeyGenSslOpData *pKeyGenSslOpData, 2533 CpaFlatBuffer *pGeneratedKeyBuffer) 2534 { 2535 CpaInstanceHandle instanceHandle = NULL; 2536 2537 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 2538 instanceHandle = 2539 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 2540 } else { 2541 instanceHandle = instanceHandle_in; 2542 } 2543 2544 return LacSymKey_KeyGenSslTls(instanceHandle, 2545 pKeyGenCb, 2546 pCallbackTag, 2547 LAC_CONST_PTR_CAST(pKeyGenSslOpData), 2548 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 2549 pGeneratedKeyBuffer, 2550 ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE); 2551 } 2552 2553 /** 2554 * @ingroup LacSymKey 2555 * TLS Key Generation Function. 2556 * @description 2557 * This function is used for TLS key generation. It implements the 2558 * TLS PRF (Pseudo Random Function) as defined by RFC2246 (TLS v1.0) 2559 * and RFC4346 (TLS v1.1). 2560 * 2561 * The input seed is taken as a flat buffer and the generated key is 2562 * returned to caller in a flat destination data buffer. 2563 * 2564 * @param[in] instanceHandle_in Instance handle. 2565 * @param[in] pKeyGenCb Pointer to callback function to be 2566 * invoked when the operation is complete. 2567 * If this is set to a NULL value the 2568 * function will operate synchronously. 2569 * @param[in] pCallbackTag Opaque User Data for this specific 2570 * call. Will be returned unchanged in the 2571 * callback. 2572 * @param[in] pKeyGenTlsOpData Pointer to a structure containing all 2573 * the data needed to perform the TLS key 2574 * generation operation. The client code 2575 * allocates the memory for this 2576 * structure. This component takes 2577 * ownership of the memory until it is 2578 * returned in the callback. 2579 * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 2580 * buffer to hold the key generation 2581 * output. The data pointer SHOULD be 2582 * aligned on an 8-byte boundary. The 2583 * length field passed in represents the 2584 * size of the buffer in bytes. The value 2585 * that is returned is the size of the 2586 * result key in bytes. 2587 * On invocation the callback function 2588 * will contain this parameter in the 2589 * pOut parameter. 2590 * 2591 * @retval CPA_STATUS_SUCCESS Function executed successfully. 2592 * @retval CPA_STATUS_FAIL Function failed. 2593 * @retval CPA_STATUS_RETRY Resubmit the request. 2594 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 2595 * @retval CPA_STATUS_RESOURCE Error related to system resources. 2596 * 2597 */ 2598 CpaStatus 2599 cpaCyKeyGenTls(const CpaInstanceHandle instanceHandle_in, 2600 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2601 void *pCallbackTag, 2602 const CpaCyKeyGenTlsOpData *pKeyGenTlsOpData, 2603 CpaFlatBuffer *pGeneratedKeyBuffer) 2604 { 2605 CpaInstanceHandle instanceHandle = NULL; 2606 2607 2608 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 2609 instanceHandle = 2610 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 2611 } else { 2612 instanceHandle = instanceHandle_in; 2613 } 2614 2615 return LacSymKey_KeyGenSslTls(instanceHandle, 2616 pKeyGenCb, 2617 pCallbackTag, 2618 LAC_CONST_PTR_CAST(pKeyGenTlsOpData), 2619 CPA_CY_SYM_HASH_NONE, /* Hash algorithm */ 2620 pGeneratedKeyBuffer, 2621 ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE); 2622 } 2623 2624 /** 2625 * @ingroup LacSymKey 2626 * @description 2627 * This function is used for TLS key generation. It implements the 2628 * TLS PRF (Pseudo Random Function) as defined by RFC5246 (TLS v1.2). 2629 * 2630 * The input seed is taken as a flat buffer and the generated key is 2631 * returned to caller in a flat destination data buffer. 2632 * 2633 * @param[in] instanceHandle_in Instance handle. 2634 * @param[in] pKeyGenCb Pointer to callback function to be 2635 * invoked when the operation is complete. 2636 * If this is set to a NULL value the 2637 * function will operate synchronously. 2638 * @param[in] pCallbackTag Opaque User Data for this specific 2639 * call. Will be returned unchanged in the 2640 * callback. 2641 * @param[in] pKeyGenTlsOpData Pointer to a structure containing all 2642 * the data needed to perform the TLS key 2643 * generation operation. The client code 2644 * allocates the memory for this 2645 * structure. This component takes 2646 * ownership of the memory until it is 2647 * returned in the callback. 2648 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 2649 * According to RFC5246, this should be 2650 * "SHA-256 or a stronger standard hash 2651 * function." 2652 * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 2653 * buffer to hold the key generation 2654 * output. The data pointer SHOULD be 2655 * aligned on an 8-byte boundary. The 2656 * length field passed in represents the 2657 * size of the buffer in bytes. The value 2658 * that is returned is the size of the 2659 * result key in bytes. 2660 * On invocation the callback function 2661 * will contain this parameter in the 2662 * pOut parameter. 2663 * 2664 * @retval CPA_STATUS_SUCCESS Function executed successfully. 2665 * @retval CPA_STATUS_FAIL Function failed. 2666 * @retval CPA_STATUS_RETRY Resubmit the request. 2667 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 2668 * @retval CPA_STATUS_RESOURCE Error related to system resources. 2669 */ 2670 CpaStatus 2671 cpaCyKeyGenTls2(const CpaInstanceHandle instanceHandle_in, 2672 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2673 void *pCallbackTag, 2674 const CpaCyKeyGenTlsOpData *pKeyGenTlsOpData, 2675 CpaCySymHashAlgorithm hashAlgorithm, 2676 CpaFlatBuffer *pGeneratedKeyBuffer) 2677 { 2678 CpaInstanceHandle instanceHandle = NULL; 2679 2680 2681 if (CPA_INSTANCE_HANDLE_SINGLE == instanceHandle_in) { 2682 instanceHandle = 2683 Lac_GetFirstHandle(SAL_SERVICE_TYPE_CRYPTO_SYM); 2684 } else { 2685 instanceHandle = instanceHandle_in; 2686 } 2687 2688 return LacSymKey_KeyGenSslTls(instanceHandle, 2689 pKeyGenCb, 2690 pCallbackTag, 2691 LAC_CONST_PTR_CAST(pKeyGenTlsOpData), 2692 hashAlgorithm, 2693 pGeneratedKeyBuffer, 2694 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE); 2695 } 2696 2697 /** 2698 * @ingroup LacSymKey 2699 * @description 2700 * This function is used for TLS1.3 HKDF key generation. It implements 2701 * the "extract-then-expand" paradigm as defined by RFC 5869. 2702 * 2703 * The input seed/secret/info is taken as a flat buffer and the generated 2704 * key(s)/labels are returned to caller in a flat data buffer. 2705 * 2706 * @param[in] instanceHandle_in Instance handle. 2707 * @param[in] pKeyGenCb Pointer to callback function to be 2708 * invoked when the operation is complete. 2709 * If this is set to a NULL value the 2710 * function will operate synchronously. 2711 * @param[in] pCallbackTag Opaque User Data for this specific 2712 * call. Will be returned unchanged in the 2713 * callback. 2714 * @param[in] pKeyGenTlsOpData Pointer to a structure containing 2715 * the data needed to perform the HKDF key 2716 * generation operation. 2717 * The client code allocates the memory 2718 * for this structure as contiguous 2719 * pinned memory. 2720 * This component takes ownership of the 2721 * memory until it is returned in the 2722 * callback. 2723 * @param[in] hashAlgorithm Specifies the hash algorithm to use. 2724 * According to RFC5246, this should be 2725 * "SHA-256 or a stronger standard hash 2726 * function." 2727 * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 2728 * buffer to hold the key generation 2729 * output. The data pointer SHOULD be 2730 * aligned on an 8-byte boundary. The 2731 * length field passed in represents the 2732 * size of the buffer in bytes. The value 2733 * that is returned is the size of the 2734 * result key in bytes. 2735 * On invocation the callback function 2736 * will contain this parameter in the 2737 * pOut parameter. 2738 * 2739 * @retval CPA_STATUS_SUCCESS Function executed successfully. 2740 * @retval CPA_STATUS_FAIL Function failed. 2741 * @retval CPA_STATUS_RETRY Resubmit the request. 2742 * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 2743 * @retval CPA_STATUS_RESOURCE Error related to system resources. 2744 */ 2745 CpaStatus 2746 cpaCyKeyGenTls3(const CpaInstanceHandle instanceHandle_in, 2747 const CpaCyGenFlatBufCbFunc pKeyGenCb, 2748 void *pCallbackTag, 2749 const CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData, 2750 CpaCyKeyHKDFCipherSuite cipherSuite, 2751 CpaFlatBuffer *pGeneratedKeyBuffer) 2752 { 2753 2754 LAC_CHECK_NULL_PARAM(pKeyGenTlsOpData); 2755 switch (pKeyGenTlsOpData->hkdfKeyOp) { 2756 case CPA_CY_HKDF_KEY_EXTRACT: /* Fall through */ 2757 case CPA_CY_HKDF_KEY_EXPAND: 2758 case CPA_CY_HKDF_KEY_EXTRACT_EXPAND: 2759 case CPA_CY_HKDF_KEY_EXPAND_LABEL: 2760 case CPA_CY_HKDF_KEY_EXTRACT_EXPAND_LABEL: 2761 break; 2762 default: 2763 LAC_INVALID_PARAM_LOG("HKDF operation not supported"); 2764 return CPA_STATUS_INVALID_PARAM; 2765 } 2766 2767 2768 return LacSymKey_KeyGenSslTls(instanceHandle_in, 2769 pKeyGenCb, 2770 pCallbackTag, 2771 LAC_CONST_PTR_CAST(pKeyGenTlsOpData), 2772 cipherSuite, 2773 pGeneratedKeyBuffer, 2774 (icp_qat_fw_la_cmd_id_t) 2775 pKeyGenTlsOpData->hkdfKeyOp); 2776 } 2777 2778 /* 2779 * LacSymKey_Init 2780 */ 2781 CpaStatus 2782 LacSymKey_Init(CpaInstanceHandle instanceHandle_in) 2783 { 2784 CpaStatus status = CPA_STATUS_SUCCESS; 2785 CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in); 2786 sal_crypto_service_t *pService = NULL; 2787 2788 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 2789 2790 pService = (sal_crypto_service_t *)instanceHandle; 2791 2792 pService->pLacKeyStats = 2793 LAC_OS_MALLOC(LAC_KEY_NUM_STATS * sizeof(QatUtilsAtomic)); 2794 2795 if (NULL != pService->pLacKeyStats) { 2796 LAC_OS_BZERO((void *)pService->pLacKeyStats, 2797 LAC_KEY_NUM_STATS * sizeof(QatUtilsAtomic)); 2798 2799 status = LAC_OS_CAMALLOC(&pService->pSslLabel, 2800 ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX, 2801 LAC_8BYTE_ALIGNMENT, 2802 pService->nodeAffinity); 2803 } else { 2804 status = CPA_STATUS_RESOURCE; 2805 } 2806 2807 if (CPA_STATUS_SUCCESS == status) { 2808 Cpa32U i = 0; 2809 Cpa32U offset = 0; 2810 2811 /* Initialise SSL label ABBCCC..... */ 2812 for (i = 0; i < ICP_QAT_FW_LA_SSL_ITERATES_LEN_MAX; i++) { 2813 memset(pService->pSslLabel + offset, 'A' + i, i + 1); 2814 offset += (i + 1); 2815 } 2816 2817 /* Allocate memory for TLS labels */ 2818 status = LAC_OS_CAMALLOC(&pService->pTlsLabel, 2819 sizeof(lac_sym_key_tls_labels_t), 2820 LAC_8BYTE_ALIGNMENT, 2821 pService->nodeAffinity); 2822 } 2823 2824 if (CPA_STATUS_SUCCESS == status) { 2825 /* Allocate memory for HKDF sub_labels */ 2826 status = 2827 LAC_OS_CAMALLOC(&pService->pTlsHKDFSubLabel, 2828 sizeof(lac_sym_key_tls_hkdf_sub_labels_t), 2829 LAC_8BYTE_ALIGNMENT, 2830 pService->nodeAffinity); 2831 } 2832 2833 if (CPA_STATUS_SUCCESS == status) { 2834 LAC_OS_BZERO(pService->pTlsLabel, 2835 sizeof(lac_sym_key_tls_labels_t)); 2836 2837 /* Copy the TLS v1.2 labels into the dynamically allocated 2838 * structure */ 2839 memcpy(pService->pTlsLabel->masterSecret, 2840 LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL, 2841 sizeof(LAC_SYM_KEY_TLS_MASTER_SECRET_LABEL) - 1); 2842 2843 memcpy(pService->pTlsLabel->keyMaterial, 2844 LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL, 2845 sizeof(LAC_SYM_KEY_TLS_KEY_MATERIAL_LABEL) - 1); 2846 2847 memcpy(pService->pTlsLabel->clientFinished, 2848 LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL, 2849 sizeof(LAC_SYM_KEY_TLS_CLIENT_FIN_LABEL) - 1); 2850 2851 memcpy(pService->pTlsLabel->serverFinished, 2852 LAC_SYM_KEY_TLS_SERVER_FIN_LABEL, 2853 sizeof(LAC_SYM_KEY_TLS_SERVER_FIN_LABEL) - 1); 2854 2855 LAC_OS_BZERO(pService->pTlsHKDFSubLabel, 2856 sizeof(lac_sym_key_tls_hkdf_sub_labels_t)); 2857 2858 /* Copy the TLS v1.3 subLabels into the dynamically allocated 2859 * struct */ 2860 /* KEY SHA-256 */ 2861 memcpy(&pService->pTlsHKDFSubLabel->keySublabel256, 2862 &key256, 2863 HKDF_SUB_LABEL_KEY_LENGTH); 2864 pService->pTlsHKDFSubLabel->keySublabel256.labelLen = 2865 HKDF_SUB_LABEL_KEY_LENGTH; 2866 pService->pTlsHKDFSubLabel->keySublabel256.sublabelFlag = 1 2867 << QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS; 2868 /* KEY SHA-384 */ 2869 memcpy(&pService->pTlsHKDFSubLabel->keySublabel384, 2870 &key384, 2871 HKDF_SUB_LABEL_KEY_LENGTH); 2872 pService->pTlsHKDFSubLabel->keySublabel384.labelLen = 2873 HKDF_SUB_LABEL_KEY_LENGTH; 2874 pService->pTlsHKDFSubLabel->keySublabel384.sublabelFlag = 1 2875 << QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS; 2876 /* KEY CHACHAPOLY */ 2877 memcpy(&pService->pTlsHKDFSubLabel->keySublabelChaChaPoly, 2878 &keyChaChaPoly, 2879 HKDF_SUB_LABEL_KEY_LENGTH); 2880 pService->pTlsHKDFSubLabel->keySublabelChaChaPoly.labelLen = 2881 HKDF_SUB_LABEL_KEY_LENGTH; 2882 pService->pTlsHKDFSubLabel->keySublabelChaChaPoly.sublabelFlag = 2883 1 << QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS; 2884 /* IV SHA-256 */ 2885 memcpy(&pService->pTlsHKDFSubLabel->ivSublabel256, 2886 &iv256, 2887 HKDF_SUB_LABEL_IV_LENGTH); 2888 pService->pTlsHKDFSubLabel->ivSublabel256.labelLen = 2889 HKDF_SUB_LABEL_IV_LENGTH; 2890 pService->pTlsHKDFSubLabel->ivSublabel256.sublabelFlag = 1 2891 << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS; 2892 /* IV SHA-384 */ 2893 memcpy(&pService->pTlsHKDFSubLabel->ivSublabel384, 2894 &iv384, 2895 HKDF_SUB_LABEL_IV_LENGTH); 2896 pService->pTlsHKDFSubLabel->ivSublabel384.labelLen = 2897 HKDF_SUB_LABEL_IV_LENGTH; 2898 pService->pTlsHKDFSubLabel->ivSublabel384.sublabelFlag = 1 2899 << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS; 2900 /* IV CHACHAPOLY */ 2901 memcpy(&pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly, 2902 &iv256, 2903 HKDF_SUB_LABEL_IV_LENGTH); 2904 pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly.labelLen = 2905 HKDF_SUB_LABEL_IV_LENGTH; 2906 pService->pTlsHKDFSubLabel->ivSublabelChaChaPoly.sublabelFlag = 2907 1 << QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS; 2908 /* RESUMPTION SHA-256 */ 2909 memcpy(&pService->pTlsHKDFSubLabel->resumptionSublabel256, 2910 &resumption256, 2911 HKDF_SUB_LABEL_RESUMPTION_LENGTH); 2912 pService->pTlsHKDFSubLabel->resumptionSublabel256.labelLen = 2913 HKDF_SUB_LABEL_RESUMPTION_LENGTH; 2914 /* RESUMPTION SHA-384 */ 2915 memcpy(&pService->pTlsHKDFSubLabel->resumptionSublabel384, 2916 &resumption384, 2917 HKDF_SUB_LABEL_RESUMPTION_LENGTH); 2918 pService->pTlsHKDFSubLabel->resumptionSublabel384.labelLen = 2919 HKDF_SUB_LABEL_RESUMPTION_LENGTH; 2920 /* RESUMPTION CHACHAPOLY */ 2921 memcpy( 2922 &pService->pTlsHKDFSubLabel->resumptionSublabelChaChaPoly, 2923 &resumption256, 2924 HKDF_SUB_LABEL_RESUMPTION_LENGTH); 2925 pService->pTlsHKDFSubLabel->resumptionSublabelChaChaPoly 2926 .labelLen = HKDF_SUB_LABEL_RESUMPTION_LENGTH; 2927 /* FINISHED SHA-256 */ 2928 memcpy(&pService->pTlsHKDFSubLabel->finishedSublabel256, 2929 &finished256, 2930 HKDF_SUB_LABEL_FINISHED_LENGTH); 2931 pService->pTlsHKDFSubLabel->finishedSublabel256.labelLen = 2932 HKDF_SUB_LABEL_FINISHED_LENGTH; 2933 /* FINISHED SHA-384 */ 2934 memcpy(&pService->pTlsHKDFSubLabel->finishedSublabel384, 2935 &finished384, 2936 HKDF_SUB_LABEL_FINISHED_LENGTH); 2937 pService->pTlsHKDFSubLabel->finishedSublabel384.labelLen = 2938 HKDF_SUB_LABEL_FINISHED_LENGTH; 2939 /* FINISHED CHACHAPOLY */ 2940 memcpy(&pService->pTlsHKDFSubLabel->finishedSublabelChaChaPoly, 2941 &finished256, 2942 HKDF_SUB_LABEL_FINISHED_LENGTH); 2943 pService->pTlsHKDFSubLabel->finishedSublabelChaChaPoly 2944 .labelLen = HKDF_SUB_LABEL_FINISHED_LENGTH; 2945 2946 /* Set physical address of sublabels */ 2947 pService->pTlsHKDFSubLabel->sublabelPhysAddr256 = 2948 LAC_OS_VIRT_TO_PHYS_INTERNAL( 2949 &pService->pTlsHKDFSubLabel->keySublabel256); 2950 pService->pTlsHKDFSubLabel->sublabelPhysAddr384 = 2951 LAC_OS_VIRT_TO_PHYS_INTERNAL( 2952 &pService->pTlsHKDFSubLabel->keySublabel384); 2953 pService->pTlsHKDFSubLabel->sublabelPhysAddrChaChaPoly = 2954 LAC_OS_VIRT_TO_PHYS_INTERNAL( 2955 &pService->pTlsHKDFSubLabel->keySublabelChaChaPoly); 2956 2957 /* Register request handlers */ 2958 LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE, 2959 LacSymKey_SslTlsHandleResponse); 2960 2961 LacSymQat_RespHandlerRegister( 2962 ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE, 2963 LacSymKey_SslTlsHandleResponse); 2964 2965 LacSymQat_RespHandlerRegister( 2966 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE, 2967 LacSymKey_SslTlsHandleResponse); 2968 2969 LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_HKDF_EXTRACT, 2970 LacSymKey_SslTlsHandleResponse); 2971 2972 LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_HKDF_EXPAND, 2973 LacSymKey_SslTlsHandleResponse); 2974 2975 LacSymQat_RespHandlerRegister( 2976 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND, 2977 LacSymKey_SslTlsHandleResponse); 2978 2979 LacSymQat_RespHandlerRegister( 2980 ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL, 2981 LacSymKey_SslTlsHandleResponse); 2982 2983 LacSymQat_RespHandlerRegister( 2984 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL, 2985 LacSymKey_SslTlsHandleResponse); 2986 2987 LacSymQat_RespHandlerRegister(ICP_QAT_FW_LA_CMD_MGF1, 2988 LacSymKey_MgfHandleResponse); 2989 } 2990 2991 if (CPA_STATUS_SUCCESS != status) { 2992 LAC_OS_FREE(pService->pLacKeyStats); 2993 LAC_OS_CAFREE(pService->pSslLabel); 2994 LAC_OS_CAFREE(pService->pTlsLabel); 2995 LAC_OS_CAFREE(pService->pTlsHKDFSubLabel); 2996 } 2997 2998 return status; 2999 } 3000 3001 /* 3002 * LacSymKey_Shutdown 3003 */ 3004 CpaStatus 3005 LacSymKey_Shutdown(CpaInstanceHandle instanceHandle_in) 3006 { 3007 CpaStatus status = CPA_STATUS_SUCCESS; 3008 CpaInstanceHandle instanceHandle = LacKey_GetHandle(instanceHandle_in); 3009 sal_crypto_service_t *pService = NULL; 3010 3011 LAC_CHECK_INSTANCE_HANDLE(instanceHandle); 3012 3013 pService = (sal_crypto_service_t *)instanceHandle; 3014 3015 if (NULL != pService->pLacKeyStats) { 3016 LAC_OS_FREE(pService->pLacKeyStats); 3017 } 3018 3019 LAC_OS_CAFREE(pService->pSslLabel); 3020 LAC_OS_CAFREE(pService->pTlsLabel); 3021 LAC_OS_CAFREE(pService->pTlsHKDFSubLabel); 3022 3023 return status; 3024 } 3025