intel
diff --git a/‎Makefile.am‎
Lines changed: 9 additions & 1 deletion b/‎Makefile.am‎
Lines changed: 9 additions & 1 deletion
diff --git a/‎configure.ac‎
Lines changed: 3 additions & 3 deletions b/‎configure.ac‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎docs/limitations.md‎
Lines changed: 5 additions & 2 deletions b/‎docs/limitations.md‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎docs/qat_common.md‎
Lines changed: 23 additions & 3 deletions b/‎docs/qat_common.md‎
Lines changed: 23 additions & 3 deletions
diff --git a/‎qat_evp.c‎
Lines changed: 6 additions & 2 deletions b/‎qat_evp.c‎
Lines changed: 6 additions & 2 deletions
@@ -36,7 +36,15 @@ if QAT_PROVIDER
  qat_prov_ciphers.c \
  qat_prov_kmgmt_ec.c \
  qat_prov_ecdsa.c \
- qat_prov_ecdh.c
+ qat_prov_ecdh.c \
+ qat_prov_dsa.c \
+ qat_prov_kmgmt_dsa.c \
+ qat_prov_dh.c \
+ qat_prov_kmgmt_dh.c \
+ qat_prov_hkdf.c \
+ qat_prov_prf.c \
+ qat_prov_cbc.c \
+ qat_prov_sha3.c
 
 endif
 
 
@@ -544,7 +544,7 @@ else
  AC_MSG_NOTICE([Not Accelerating DH to Hardware])
 fi
 
-if test "x$enable_qat_hw_prf" != "xno" -a "x$cflags_qat_hw" != "x" -a "x$cflags_openssl_3" = "x"
+if test "x$enable_qat_hw_prf" != "xno" -a "x$cflags_qat_hw" != "x"
 then
  enable_qat_hw_prf="-DENABLE_QAT_HW_PRF"
  AC_MSG_NOTICE([Accelerating PRF to Hardware])
@@ -553,7 +553,7 @@ else
  AC_MSG_NOTICE([Not Accelerating PRF to Hardware])
 fi
 
-if test "x$enable_qat_hw_hkdf" = "xyes" -a "x$cflags_qat_hw" != "x" -a "x$cflags_openssl_3" = "x"
+if test "x$enable_qat_hw_hkdf" = "xyes" -a "x$cflags_qat_hw" != "x"
 then
  enable_qat_hw_hkdf="-DENABLE_QAT_HW_HKDF"
  AC_MSG_NOTICE([Accelerating HKDF to Hardware])
@@ -562,7 +562,7 @@ else
  AC_MSG_NOTICE([Not Accelerating HKDF to Hardware])
 fi
 
-if test "x$enable_qat_hw_ciphers" != "xno" -a "x$cflags_qat_hw" != "x" -a "x$cflags_openssl_3" = "x"
+if test "x$enable_qat_hw_ciphers" != "xno" -a "x$cflags_qat_hw" != "x"
 then
  enable_qat_hw_ciphers="-DENABLE_QAT_HW_CIPHERS"
  AC_MSG_NOTICE([Accelerating CIPHERS to Hardware])
 
@@ -38,5 +38,8 @@
  due to the locks at engine_table_select in OpenSSL.
 * OpenSSL 1.1.1n introduced misleading error message(undefined symbol: EVP_PKEY_get_base_id)
  during engine load which can be ignored as it is not a real failure. Details of error
- message can be found [here] [1]
- [1]:https://github.com/openssl/openssl/issues/17962
+ message can be found [here][1]
+* AES-CBC-HMAC-SHA chained ciphers does not support pipeline feature when built with
+ OpenSSL 3.0 as the corresponding support is not available in OpenSSL 3.0.
+
+[1]:https://github.com/openssl/openssl/issues/17962
@@ -21,9 +21,29 @@ flags (eg:--enable-qat_sw_rsa) in which case the individual algorithms enabled
 
 Intel&reg; QAT OpenSSL\* Engine supports Provider interface for OpenSSL 3.0.
 The qatprovider support can be enabled using configure flag `--enable-qat_provider`
-and the default if not specified will use engine interface. Currently RSA, ECDSA,
-ECDH, ECX and AES-GCM algorithms are only supported for both QAT_HW
-and QAT_SW. This support is added as an experimental feature and tested with
+and the default if not specified will use engine interface.
+
+| Algorithms | Supported by |
+| :---: | :---: |
+| RSA | QAT_HW & QAT_SW |
+| ECDSA | QAT_HW & QAT_SW |
+| ECDH | QAT_HW & QAT_SW |
+| ECX | QAT_HW & QAT_SW |
+| AES-GCM | QAT_HW & QAT_SW |
+| DSA | QAT_HW |
+| DH | QAT_HW |
+| HKDF | QAT_HW |
+| PRF | QAT_HW |
+| AES128_CBC_HMAC_SHA1 | QAT_HW |
+| AES256_CBC_HMAC_SHA1 | QAT_HW |
+| AES128_CBC_HMAC_SHA256 | QAT_HW |
+| AES256_CBC_HMAC_SHA256 | QAT_HW |
+| SHA3-224 | QAT_HW |
+| SHA3-256 | QAT_HW |
+| SHA3-384 | QAT_HW |
+| SHA3-512 | QAT_HW |
+
+This support is added as an experimental feature and tested with
 OpenSSL Speed and testapp only and not tested with any application.
 
 Example OpenSSL Speed command to test using qatprovider:
 
@@ -532,12 +532,14 @@ const EVP_CIPHER *qat_create_gcm_cipher_meth(int nid, int keylen)
 #ifndef QAT_OPENSSL_PROVIDER
  res &= EVP_CIPHER_meth_set_init(c, vaesgcm_ciphers_init);
  res &= EVP_CIPHER_meth_set_do_cipher(c, vaesgcm_ciphers_do_cipher);
-#endif
  res &= EVP_CIPHER_meth_set_cleanup(c, vaesgcm_ciphers_cleanup);
+#endif
  res &= EVP_CIPHER_meth_set_impl_ctx_size(c, sizeof(vaesgcm_ctx));
  res &= EVP_CIPHER_meth_set_set_asn1_params(c, NULL);
  res &= EVP_CIPHER_meth_set_get_asn1_params(c, NULL);
+#ifndef QAT_OPENSSL_PROVIDER
  res &= EVP_CIPHER_meth_set_ctrl(c, vaesgcm_ciphers_ctrl);
+#endif
  qat_sw_gcm_offload = 1;
  DEBUG("QAT SW AES_GCM registration\n");
  }
@@ -558,14 +560,16 @@ const EVP_CIPHER *qat_create_gcm_cipher_meth(int nid, int keylen)
 #ifndef QAT_OPENSSL_PROVIDER
  res &= EVP_CIPHER_meth_set_init(c, qat_aes_gcm_init);
  res &= EVP_CIPHER_meth_set_do_cipher(c, qat_aes_gcm_cipher);
-#endif
  res &= EVP_CIPHER_meth_set_cleanup(c, qat_aes_gcm_cleanup);
+#endif
  res &= EVP_CIPHER_meth_set_impl_ctx_size(c, sizeof(qat_gcm_ctx));
  res &= EVP_CIPHER_meth_set_set_asn1_params(c, EVP_CIPH_FLAG_DEFAULT_ASN1 ?
  NULL : EVP_CIPHER_set_asn1_iv);
  res &= EVP_CIPHER_meth_set_get_asn1_params(c, EVP_CIPH_FLAG_DEFAULT_ASN1 ?
  NULL : EVP_CIPHER_get_asn1_iv);
+#ifndef QAT_OPENSSL_PROVIDER
  res &= EVP_CIPHER_meth_set_ctrl(c, qat_aes_gcm_ctrl);
+#endif
  qat_hw_gcm_offload = 1;
  DEBUG("QAT HW AES_GCM registration\n");
  }