blob: cda6ca3b718a12f4414a9849acc5fce0ed1c4628 [file] [log] [blame]
Gonglei1653a5f2016-10-28 16:33:23 +08001/*
2 * QEMU Cryptodev backend for QEMU cipher APIs
3 *
4 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
5 *
6 * Authors:
7 * Gonglei <arei.gonglei@huawei.com>
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
Chetan Pant0dda0012020-10-14 13:37:22 +000012 * version 2.1 of the License, or (at your option) any later version.
Gonglei1653a5f2016-10-28 16:33:23 +080013 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 *
22 */
23
24#include "qemu/osdep.h"
25#include "sysemu/cryptodev.h"
Gonglei1653a5f2016-10-28 16:33:23 +080026#include "qapi/error.h"
27#include "standard-headers/linux/virtio_crypto.h"
28#include "crypto/cipher.h"
zhenwei pi0e660a62022-06-11 14:42:43 +080029#include "crypto/akcipher.h"
Eduardo Habkostdb1015e2020-09-03 16:43:22 -040030#include "qom/object.h"
Gonglei1653a5f2016-10-28 16:33:23 +080031
32
33/**
34 * @TYPE_CRYPTODEV_BACKEND_BUILTIN:
35 * name of backend that uses QEMU cipher API
36 */
37#define TYPE_CRYPTODEV_BACKEND_BUILTIN "cryptodev-backend-builtin"
38
Eduardo Habkost80633962020-09-16 14:25:19 -040039OBJECT_DECLARE_SIMPLE_TYPE(CryptoDevBackendBuiltin, CRYPTODEV_BACKEND_BUILTIN)
Gonglei1653a5f2016-10-28 16:33:23 +080040
Gonglei1653a5f2016-10-28 16:33:23 +080041
42typedef struct CryptoDevBackendBuiltinSession {
43 QCryptoCipher *cipher;
44 uint8_t direction; /* encryption or decryption */
45 uint8_t type; /* cipher? hash? aead? */
zhenwei pi0e660a62022-06-11 14:42:43 +080046 QCryptoAkCipher *akcipher;
Gonglei1653a5f2016-10-28 16:33:23 +080047 QTAILQ_ENTRY(CryptoDevBackendBuiltinSession) next;
48} CryptoDevBackendBuiltinSession;
49
zhenwei pi0e660a62022-06-11 14:42:43 +080050/* Max number of symmetric/asymmetric sessions */
Gonglei1653a5f2016-10-28 16:33:23 +080051#define MAX_NUM_SESSIONS 256
52
53#define CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN 512
54#define CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN 64
55
56struct CryptoDevBackendBuiltin {
57 CryptoDevBackend parent_obj;
58
59 CryptoDevBackendBuiltinSession *sessions[MAX_NUM_SESSIONS];
60};
61
62static void cryptodev_builtin_init(
63 CryptoDevBackend *backend, Error **errp)
64{
65 /* Only support one queue */
66 int queues = backend->conf.peers.queues;
67 CryptoDevBackendClient *cc;
68
69 if (queues != 1) {
70 error_setg(errp,
71 "Only support one queue in cryptdov-builtin backend");
72 return;
73 }
74
75 cc = cryptodev_backend_new_client(
76 "cryptodev-builtin", NULL);
77 cc->info_str = g_strdup_printf("cryptodev-builtin0");
78 cc->queue_index = 0;
Gonglei5da73da2018-03-01 21:46:29 +080079 cc->type = CRYPTODEV_BACKEND_TYPE_BUILTIN;
Gonglei1653a5f2016-10-28 16:33:23 +080080 backend->conf.peers.ccs[0] = cc;
81
82 backend->conf.crypto_services =
83 1u << VIRTIO_CRYPTO_SERVICE_CIPHER |
84 1u << VIRTIO_CRYPTO_SERVICE_HASH |
zhenwei pi0e660a62022-06-11 14:42:43 +080085 1u << VIRTIO_CRYPTO_SERVICE_MAC |
86 1u << VIRTIO_CRYPTO_SERVICE_AKCIPHER;
Gonglei1653a5f2016-10-28 16:33:23 +080087 backend->conf.cipher_algo_l = 1u << VIRTIO_CRYPTO_CIPHER_AES_CBC;
88 backend->conf.hash_algo = 1u << VIRTIO_CRYPTO_HASH_SHA1;
zhenwei pi0e660a62022-06-11 14:42:43 +080089 backend->conf.akcipher_algo = 1u << VIRTIO_CRYPTO_AKCIPHER_RSA;
Gonglei1653a5f2016-10-28 16:33:23 +080090 /*
91 * Set the Maximum length of crypto request.
92 * Why this value? Just avoid to overflow when
93 * memory allocation for each crypto request.
94 */
zhenwei pi0e660a62022-06-11 14:42:43 +080095 backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendOpInfo);
Gonglei1653a5f2016-10-28 16:33:23 +080096 backend->conf.max_cipher_key_len = CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN;
97 backend->conf.max_auth_key_len = CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN;
Gonglei6138dbd2016-12-22 11:12:39 +080098
99 cryptodev_backend_set_ready(backend, true);
Gonglei1653a5f2016-10-28 16:33:23 +0800100}
101
102static int
103cryptodev_builtin_get_unused_session_index(
104 CryptoDevBackendBuiltin *builtin)
105{
106 size_t i;
107
108 for (i = 0; i < MAX_NUM_SESSIONS; i++) {
109 if (builtin->sessions[i] == NULL) {
110 return i;
111 }
112 }
113
114 return -1;
115}
116
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800117#define AES_KEYSIZE_128 16
118#define AES_KEYSIZE_192 24
119#define AES_KEYSIZE_256 32
120#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256
121#define AES_KEYSIZE_256_XTS 64
122
Gonglei1653a5f2016-10-28 16:33:23 +0800123static int
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800124cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
Gonglei1653a5f2016-10-28 16:33:23 +0800125{
126 int algo;
127
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800128 if (key_len == AES_KEYSIZE_128) {
Gonglei1653a5f2016-10-28 16:33:23 +0800129 algo = QCRYPTO_CIPHER_ALG_AES_128;
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800130 } else if (key_len == AES_KEYSIZE_192) {
Gonglei1653a5f2016-10-28 16:33:23 +0800131 algo = QCRYPTO_CIPHER_ALG_AES_192;
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800132 } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */
133 if (mode == QCRYPTO_CIPHER_MODE_XTS) {
134 algo = QCRYPTO_CIPHER_ALG_AES_128;
135 } else {
136 algo = QCRYPTO_CIPHER_ALG_AES_256;
137 }
138 } else if (key_len == AES_KEYSIZE_256_XTS) {
139 if (mode == QCRYPTO_CIPHER_MODE_XTS) {
140 algo = QCRYPTO_CIPHER_ALG_AES_256;
141 } else {
142 goto err;
143 }
Gonglei1653a5f2016-10-28 16:33:23 +0800144 } else {
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800145 goto err;
Gonglei1653a5f2016-10-28 16:33:23 +0800146 }
147
148 return algo;
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800149
150err:
151 error_setg(errp, "Unsupported key length :%u", key_len);
152 return -1;
Gonglei1653a5f2016-10-28 16:33:23 +0800153}
154
zhenwei pi0e660a62022-06-11 14:42:43 +0800155static int cryptodev_builtin_get_rsa_hash_algo(
156 int virtio_rsa_hash, Error **errp)
157{
158 switch (virtio_rsa_hash) {
159 case VIRTIO_CRYPTO_RSA_MD5:
160 return QCRYPTO_HASH_ALG_MD5;
161
162 case VIRTIO_CRYPTO_RSA_SHA1:
163 return QCRYPTO_HASH_ALG_SHA1;
164
165 case VIRTIO_CRYPTO_RSA_SHA256:
166 return QCRYPTO_HASH_ALG_SHA256;
167
168 case VIRTIO_CRYPTO_RSA_SHA512:
169 return QCRYPTO_HASH_ALG_SHA512;
170
171 default:
172 error_setg(errp, "Unsupported rsa hash algo: %d", virtio_rsa_hash);
173 return -1;
174 }
175}
176
177static int cryptodev_builtin_set_rsa_options(
178 int virtio_padding_algo,
179 int virtio_hash_algo,
180 QCryptoAkCipherOptionsRSA *opt,
181 Error **errp)
182{
183 if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_PKCS1_PADDING) {
184 int hash_alg;
185
186 hash_alg = cryptodev_builtin_get_rsa_hash_algo(virtio_hash_algo, errp);
187 if (hash_alg < 0) {
188 return -1;
189 }
190 opt->hash_alg = hash_alg;
191 opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1;
192 return 0;
193 }
194
195 if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_RAW_PADDING) {
196 opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
197 return 0;
198 }
199
200 error_setg(errp, "Unsupported rsa padding algo: %d", virtio_padding_algo);
201 return -1;
202}
203
Gonglei1653a5f2016-10-28 16:33:23 +0800204static int cryptodev_builtin_create_cipher_session(
205 CryptoDevBackendBuiltin *builtin,
206 CryptoDevBackendSymSessionInfo *sess_info,
207 Error **errp)
208{
209 int algo;
210 int mode;
211 QCryptoCipher *cipher;
212 int index;
213 CryptoDevBackendBuiltinSession *sess;
214
215 if (sess_info->op_type != VIRTIO_CRYPTO_SYM_OP_CIPHER) {
216 error_setg(errp, "Unsupported optype :%u", sess_info->op_type);
217 return -1;
218 }
219
220 index = cryptodev_builtin_get_unused_session_index(builtin);
221 if (index < 0) {
222 error_setg(errp, "Total number of sessions created exceeds %u",
223 MAX_NUM_SESSIONS);
224 return -1;
225 }
226
227 switch (sess_info->cipher_alg) {
228 case VIRTIO_CRYPTO_CIPHER_AES_ECB:
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800229 mode = QCRYPTO_CIPHER_MODE_ECB;
Gonglei1653a5f2016-10-28 16:33:23 +0800230 algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800231 mode, errp);
Gonglei1653a5f2016-10-28 16:33:23 +0800232 if (algo < 0) {
233 return -1;
234 }
Gonglei1653a5f2016-10-28 16:33:23 +0800235 break;
236 case VIRTIO_CRYPTO_CIPHER_AES_CBC:
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800237 mode = QCRYPTO_CIPHER_MODE_CBC;
Gonglei1653a5f2016-10-28 16:33:23 +0800238 algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800239 mode, errp);
Gonglei1653a5f2016-10-28 16:33:23 +0800240 if (algo < 0) {
241 return -1;
242 }
Gonglei1653a5f2016-10-28 16:33:23 +0800243 break;
244 case VIRTIO_CRYPTO_CIPHER_AES_CTR:
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800245 mode = QCRYPTO_CIPHER_MODE_CTR;
Gonglei1653a5f2016-10-28 16:33:23 +0800246 algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
Longpeng(Mike)465f2fe2016-12-05 19:39:08 +0800247 mode, errp);
Gonglei1653a5f2016-10-28 16:33:23 +0800248 if (algo < 0) {
249 return -1;
250 }
Gonglei1653a5f2016-10-28 16:33:23 +0800251 break;
Longpeng(Mike)eaa57402016-12-05 19:39:09 +0800252 case VIRTIO_CRYPTO_CIPHER_AES_XTS:
253 mode = QCRYPTO_CIPHER_MODE_XTS;
254 algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
255 mode, errp);
256 if (algo < 0) {
257 return -1;
258 }
259 break;
Longpeng(Mike)48ae36c2016-12-08 10:44:02 +0800260 case VIRTIO_CRYPTO_CIPHER_3DES_ECB:
261 mode = QCRYPTO_CIPHER_MODE_ECB;
262 algo = QCRYPTO_CIPHER_ALG_3DES;
263 break;
264 case VIRTIO_CRYPTO_CIPHER_3DES_CBC:
265 mode = QCRYPTO_CIPHER_MODE_CBC;
266 algo = QCRYPTO_CIPHER_ALG_3DES;
267 break;
268 case VIRTIO_CRYPTO_CIPHER_3DES_CTR:
269 mode = QCRYPTO_CIPHER_MODE_CTR;
270 algo = QCRYPTO_CIPHER_ALG_3DES;
271 break;
Gonglei1653a5f2016-10-28 16:33:23 +0800272 default:
273 error_setg(errp, "Unsupported cipher alg :%u",
274 sess_info->cipher_alg);
275 return -1;
276 }
277
278 cipher = qcrypto_cipher_new(algo, mode,
279 sess_info->cipher_key,
280 sess_info->key_len,
281 errp);
282 if (!cipher) {
283 return -1;
284 }
285
286 sess = g_new0(CryptoDevBackendBuiltinSession, 1);
287 sess->cipher = cipher;
288 sess->direction = sess_info->direction;
289 sess->type = sess_info->op_type;
290
291 builtin->sessions[index] = sess;
292
293 return index;
294}
295
zhenwei pi0e660a62022-06-11 14:42:43 +0800296static int cryptodev_builtin_create_akcipher_session(
297 CryptoDevBackendBuiltin *builtin,
298 CryptoDevBackendAsymSessionInfo *sess_info,
299 Error **errp)
300{
301 CryptoDevBackendBuiltinSession *sess;
302 QCryptoAkCipher *akcipher;
303 int index;
304 QCryptoAkCipherKeyType type;
305 QCryptoAkCipherOptions opts;
306
307 switch (sess_info->algo) {
308 case VIRTIO_CRYPTO_AKCIPHER_RSA:
309 opts.alg = QCRYPTO_AKCIPHER_ALG_RSA;
310 if (cryptodev_builtin_set_rsa_options(sess_info->u.rsa.padding_algo,
311 sess_info->u.rsa.hash_algo, &opts.u.rsa, errp) != 0) {
312 return -1;
313 }
314 break;
315
316 /* TODO support DSA&ECDSA until qemu crypto framework support these */
317
318 default:
319 error_setg(errp, "Unsupported akcipher alg %u", sess_info->algo);
320 return -1;
321 }
322
323 switch (sess_info->keytype) {
324 case VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PUBLIC:
325 type = QCRYPTO_AKCIPHER_KEY_TYPE_PUBLIC;
326 break;
327
328 case VIRTIO_CRYPTO_AKCIPHER_KEY_TYPE_PRIVATE:
329 type = QCRYPTO_AKCIPHER_KEY_TYPE_PRIVATE;
330 break;
331
332 default:
333 error_setg(errp, "Unsupported akcipher keytype %u", sess_info->keytype);
334 return -1;
335 }
336
337 index = cryptodev_builtin_get_unused_session_index(builtin);
338 if (index < 0) {
339 error_setg(errp, "Total number of sessions created exceeds %u",
340 MAX_NUM_SESSIONS);
341 return -1;
342 }
343
344 akcipher = qcrypto_akcipher_new(&opts, type, sess_info->key,
345 sess_info->keylen, errp);
346 if (!akcipher) {
347 return -1;
348 }
349
350 sess = g_new0(CryptoDevBackendBuiltinSession, 1);
351 sess->akcipher = akcipher;
352
353 builtin->sessions[index] = sess;
354
355 return index;
356}
357
Lei He2fda1012022-10-08 16:50:27 +0800358static int cryptodev_builtin_create_session(
Gonglei1653a5f2016-10-28 16:33:23 +0800359 CryptoDevBackend *backend,
zhenwei pi0e660a62022-06-11 14:42:43 +0800360 CryptoDevBackendSessionInfo *sess_info,
Lei He2fda1012022-10-08 16:50:27 +0800361 uint32_t queue_index,
362 CryptoDevCompletionFunc cb,
363 void *opaque)
Gonglei1653a5f2016-10-28 16:33:23 +0800364{
365 CryptoDevBackendBuiltin *builtin =
366 CRYPTODEV_BACKEND_BUILTIN(backend);
zhenwei pi0e660a62022-06-11 14:42:43 +0800367 CryptoDevBackendSymSessionInfo *sym_sess_info;
368 CryptoDevBackendAsymSessionInfo *asym_sess_info;
Lei He2fda1012022-10-08 16:50:27 +0800369 int ret, status;
370 Error *local_error = NULL;
Gonglei1653a5f2016-10-28 16:33:23 +0800371
372 switch (sess_info->op_code) {
373 case VIRTIO_CRYPTO_CIPHER_CREATE_SESSION:
zhenwei pi0e660a62022-06-11 14:42:43 +0800374 sym_sess_info = &sess_info->u.sym_sess_info;
Lei He2fda1012022-10-08 16:50:27 +0800375 ret = cryptodev_builtin_create_cipher_session(
376 builtin, sym_sess_info, &local_error);
377 break;
zhenwei pi0e660a62022-06-11 14:42:43 +0800378
379 case VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION:
380 asym_sess_info = &sess_info->u.asym_sess_info;
Lei He2fda1012022-10-08 16:50:27 +0800381 ret = cryptodev_builtin_create_akcipher_session(
382 builtin, asym_sess_info, &local_error);
383 break;
zhenwei pi0e660a62022-06-11 14:42:43 +0800384
Gonglei1653a5f2016-10-28 16:33:23 +0800385 case VIRTIO_CRYPTO_HASH_CREATE_SESSION:
386 case VIRTIO_CRYPTO_MAC_CREATE_SESSION:
387 default:
Lei He2fda1012022-10-08 16:50:27 +0800388 error_setg(&local_error, "Unsupported opcode :%" PRIu32 "",
Gonglei1653a5f2016-10-28 16:33:23 +0800389 sess_info->op_code);
Lei He2fda1012022-10-08 16:50:27 +0800390 return -VIRTIO_CRYPTO_NOTSUPP;
Gonglei1653a5f2016-10-28 16:33:23 +0800391 }
392
Lei He2fda1012022-10-08 16:50:27 +0800393 if (local_error) {
394 error_report_err(local_error);
395 }
396 if (ret < 0) {
397 status = -VIRTIO_CRYPTO_ERR;
398 } else {
399 sess_info->session_id = ret;
400 status = VIRTIO_CRYPTO_OK;
401 }
402 if (cb) {
403 cb(opaque, status);
404 }
405 return 0;
Gonglei1653a5f2016-10-28 16:33:23 +0800406}
407
zhenwei pi0e660a62022-06-11 14:42:43 +0800408static int cryptodev_builtin_close_session(
Gonglei1653a5f2016-10-28 16:33:23 +0800409 CryptoDevBackend *backend,
410 uint64_t session_id,
Lei He2fda1012022-10-08 16:50:27 +0800411 uint32_t queue_index,
412 CryptoDevCompletionFunc cb,
413 void *opaque)
Gonglei1653a5f2016-10-28 16:33:23 +0800414{
415 CryptoDevBackendBuiltin *builtin =
416 CRYPTODEV_BACKEND_BUILTIN(backend);
zhenwei pi0e660a62022-06-11 14:42:43 +0800417 CryptoDevBackendBuiltinSession *session;
Gonglei1653a5f2016-10-28 16:33:23 +0800418
Markus Armbruster2a340b62020-04-22 15:07:06 +0200419 assert(session_id < MAX_NUM_SESSIONS && builtin->sessions[session_id]);
Gonglei1653a5f2016-10-28 16:33:23 +0800420
zhenwei pi0e660a62022-06-11 14:42:43 +0800421 session = builtin->sessions[session_id];
422 if (session->cipher) {
423 qcrypto_cipher_free(session->cipher);
424 } else if (session->akcipher) {
425 qcrypto_akcipher_free(session->akcipher);
426 }
427
428 g_free(session);
Gonglei1653a5f2016-10-28 16:33:23 +0800429 builtin->sessions[session_id] = NULL;
Lei He2fda1012022-10-08 16:50:27 +0800430 if (cb) {
431 cb(opaque, VIRTIO_CRYPTO_OK);
432 }
Gonglei1653a5f2016-10-28 16:33:23 +0800433 return 0;
434}
435
436static int cryptodev_builtin_sym_operation(
zhenwei pi0e660a62022-06-11 14:42:43 +0800437 CryptoDevBackendBuiltinSession *sess,
438 CryptoDevBackendSymOpInfo *op_info, Error **errp)
Gonglei1653a5f2016-10-28 16:33:23 +0800439{
Gonglei1653a5f2016-10-28 16:33:23 +0800440 int ret;
441
Gonglei1653a5f2016-10-28 16:33:23 +0800442 if (op_info->op_type == VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING) {
443 error_setg(errp,
444 "Algorithm chain is unsupported for cryptdoev-builtin");
445 return -VIRTIO_CRYPTO_NOTSUPP;
446 }
447
Longpeng(Mike)50d19cf2017-01-14 14:14:27 +0800448 if (op_info->iv_len > 0) {
449 ret = qcrypto_cipher_setiv(sess->cipher, op_info->iv,
450 op_info->iv_len, errp);
451 if (ret < 0) {
452 return -VIRTIO_CRYPTO_ERR;
453 }
Gonglei1653a5f2016-10-28 16:33:23 +0800454 }
455
456 if (sess->direction == VIRTIO_CRYPTO_OP_ENCRYPT) {
457 ret = qcrypto_cipher_encrypt(sess->cipher, op_info->src,
458 op_info->dst, op_info->src_len, errp);
459 if (ret < 0) {
460 return -VIRTIO_CRYPTO_ERR;
461 }
462 } else {
463 ret = qcrypto_cipher_decrypt(sess->cipher, op_info->src,
464 op_info->dst, op_info->src_len, errp);
465 if (ret < 0) {
466 return -VIRTIO_CRYPTO_ERR;
467 }
468 }
zhenwei pi0e660a62022-06-11 14:42:43 +0800469
Gonglei1653a5f2016-10-28 16:33:23 +0800470 return VIRTIO_CRYPTO_OK;
471}
472
zhenwei pi0e660a62022-06-11 14:42:43 +0800473static int cryptodev_builtin_asym_operation(
474 CryptoDevBackendBuiltinSession *sess, uint32_t op_code,
475 CryptoDevBackendAsymOpInfo *op_info, Error **errp)
476{
477 int ret;
478
479 switch (op_code) {
480 case VIRTIO_CRYPTO_AKCIPHER_ENCRYPT:
481 ret = qcrypto_akcipher_encrypt(sess->akcipher,
482 op_info->src, op_info->src_len,
483 op_info->dst, op_info->dst_len, errp);
484 break;
485
486 case VIRTIO_CRYPTO_AKCIPHER_DECRYPT:
487 ret = qcrypto_akcipher_decrypt(sess->akcipher,
488 op_info->src, op_info->src_len,
489 op_info->dst, op_info->dst_len, errp);
490 break;
491
492 case VIRTIO_CRYPTO_AKCIPHER_SIGN:
493 ret = qcrypto_akcipher_sign(sess->akcipher,
494 op_info->src, op_info->src_len,
495 op_info->dst, op_info->dst_len, errp);
496 break;
497
498 case VIRTIO_CRYPTO_AKCIPHER_VERIFY:
499 ret = qcrypto_akcipher_verify(sess->akcipher,
500 op_info->src, op_info->src_len,
501 op_info->dst, op_info->dst_len, errp);
502 break;
503
504 default:
505 return -VIRTIO_CRYPTO_ERR;
506 }
507
508 if (ret < 0) {
509 if (op_code == VIRTIO_CRYPTO_AKCIPHER_VERIFY) {
510 return -VIRTIO_CRYPTO_KEY_REJECTED;
511 }
512 return -VIRTIO_CRYPTO_ERR;
513 }
514
515 /* Buffer is too short, typically the driver should handle this case */
516 if (unlikely(ret > op_info->dst_len)) {
517 if (errp && !*errp) {
518 error_setg(errp, "dst buffer too short");
519 }
520
521 return -VIRTIO_CRYPTO_ERR;
522 }
523
524 op_info->dst_len = ret;
525
526 return VIRTIO_CRYPTO_OK;
527}
528
529static int cryptodev_builtin_operation(
530 CryptoDevBackend *backend,
531 CryptoDevBackendOpInfo *op_info,
Lei He2fda1012022-10-08 16:50:27 +0800532 uint32_t queue_index,
533 CryptoDevCompletionFunc cb,
534 void *opaque)
zhenwei pi0e660a62022-06-11 14:42:43 +0800535{
536 CryptoDevBackendBuiltin *builtin =
537 CRYPTODEV_BACKEND_BUILTIN(backend);
538 CryptoDevBackendBuiltinSession *sess;
539 CryptoDevBackendSymOpInfo *sym_op_info;
540 CryptoDevBackendAsymOpInfo *asym_op_info;
541 enum CryptoDevBackendAlgType algtype = op_info->algtype;
Lei He2fda1012022-10-08 16:50:27 +0800542 int status = -VIRTIO_CRYPTO_ERR;
543 Error *local_error = NULL;
zhenwei pi0e660a62022-06-11 14:42:43 +0800544
545 if (op_info->session_id >= MAX_NUM_SESSIONS ||
546 builtin->sessions[op_info->session_id] == NULL) {
Lei He2fda1012022-10-08 16:50:27 +0800547 error_setg(&local_error, "Cannot find a valid session id: %" PRIu64 "",
zhenwei pi0e660a62022-06-11 14:42:43 +0800548 op_info->session_id);
549 return -VIRTIO_CRYPTO_INVSESS;
550 }
551
552 sess = builtin->sessions[op_info->session_id];
553 if (algtype == CRYPTODEV_BACKEND_ALG_SYM) {
554 sym_op_info = op_info->u.sym_op_info;
Lei He2fda1012022-10-08 16:50:27 +0800555 status = cryptodev_builtin_sym_operation(sess, sym_op_info,
556 &local_error);
zhenwei pi0e660a62022-06-11 14:42:43 +0800557 } else if (algtype == CRYPTODEV_BACKEND_ALG_ASYM) {
558 asym_op_info = op_info->u.asym_op_info;
Lei He2fda1012022-10-08 16:50:27 +0800559 status = cryptodev_builtin_asym_operation(sess, op_info->op_code,
560 asym_op_info, &local_error);
zhenwei pi0e660a62022-06-11 14:42:43 +0800561 }
562
Lei He2fda1012022-10-08 16:50:27 +0800563 if (local_error) {
564 error_report_err(local_error);
565 }
566 if (cb) {
567 cb(opaque, status);
568 }
569 return 0;
zhenwei pi0e660a62022-06-11 14:42:43 +0800570}
571
Gonglei1653a5f2016-10-28 16:33:23 +0800572static void cryptodev_builtin_cleanup(
573 CryptoDevBackend *backend,
574 Error **errp)
575{
576 CryptoDevBackendBuiltin *builtin =
577 CRYPTODEV_BACKEND_BUILTIN(backend);
578 size_t i;
579 int queues = backend->conf.peers.queues;
580 CryptoDevBackendClient *cc;
581
582 for (i = 0; i < MAX_NUM_SESSIONS; i++) {
583 if (builtin->sessions[i] != NULL) {
Lei He2fda1012022-10-08 16:50:27 +0800584 cryptodev_builtin_close_session(backend, i, 0, NULL, NULL);
Gonglei1653a5f2016-10-28 16:33:23 +0800585 }
586 }
587
Gonglei1653a5f2016-10-28 16:33:23 +0800588 for (i = 0; i < queues; i++) {
589 cc = backend->conf.peers.ccs[i];
590 if (cc) {
591 cryptodev_backend_free_client(cc);
592 backend->conf.peers.ccs[i] = NULL;
593 }
594 }
Gonglei6138dbd2016-12-22 11:12:39 +0800595
596 cryptodev_backend_set_ready(backend, false);
Gonglei1653a5f2016-10-28 16:33:23 +0800597}
598
599static void
600cryptodev_builtin_class_init(ObjectClass *oc, void *data)
601{
602 CryptoDevBackendClass *bc = CRYPTODEV_BACKEND_CLASS(oc);
603
604 bc->init = cryptodev_builtin_init;
605 bc->cleanup = cryptodev_builtin_cleanup;
zhenwei pi0e660a62022-06-11 14:42:43 +0800606 bc->create_session = cryptodev_builtin_create_session;
607 bc->close_session = cryptodev_builtin_close_session;
608 bc->do_op = cryptodev_builtin_operation;
Gonglei1653a5f2016-10-28 16:33:23 +0800609}
610
611static const TypeInfo cryptodev_builtin_info = {
612 .name = TYPE_CRYPTODEV_BACKEND_BUILTIN,
613 .parent = TYPE_CRYPTODEV_BACKEND,
614 .class_init = cryptodev_builtin_class_init,
615 .instance_size = sizeof(CryptoDevBackendBuiltin),
616};
617
618static void
619cryptodev_builtin_register_types(void)
620{
621 type_register_static(&cryptodev_builtin_info);
622}
623
624type_init(cryptodev_builtin_register_types);