From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0082.outbound.protection.outlook.com [104.47.32.82]) by dpdk.org (Postfix) with ESMTP id EC5321B1DA for ; Fri, 5 Jan 2018 10:40:45 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Eij/6jLl1RR4v78Yjet+1N3WldocqSZpyBLp+uRsqMU=; b=gLM9kiNl0HPvXI3mj6jxD+yCatbte9Z372hU8DUAfmJt42556tH+1ih9cXaIF64sCr908d28jZx3dh1D0p4UMMhDBno9+xEVaph1nD7u1SK4Tkdzj6QkVQWhIm+3IOxoGv0nUzcrw1ZnzDX9mwhSrSSkBWBsoyvU0EpH1TMNHF0= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by BN6PR12MB1508.namprd12.prod.outlook.com (10.172.24.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.386.5; Fri, 5 Jan 2018 09:40:43 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com Date: Fri, 5 Jan 2018 04:39:52 -0500 Message-Id: <1515145198-97367-14-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515145198-97367-1-git-send-email-Ravi1.kumar@amd.com> References: <1512047553-118101-1-git-send-email-Ravi1.kumar@amd.com> <1515145198-97367-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: PN1PR01CA0084.INDPRD01.PROD.OUTLOOK.COM (10.174.144.152) To BN6PR12MB1508.namprd12.prod.outlook.com (10.172.24.149) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 32c1e512-d2ac-4ec0-d429-08d55420648a X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(48565401081)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060); SRVR:BN6PR12MB1508; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 3:X9T6QU9LFc9uYnnDCnYyVWkkj3kmqVbwQ7IUZAWN/nqkymNt0+Amx17tRjFI/H9VxNcs4/rBIADGc6q21Zl9ihKXDeo7mnCkABXphSqFDpH2ZfgUgJYZsTgNp4zXX9szkx0PwU7wliIeND8ZNEvactrZkwfkNJmp2fGJ8V40pHRC5QzfX2nMYggUp3GTpqaywsWmGRHjl73AKWujSyFJRe+ggy4Abz7b+5oAKLqRVlRkJrk4hlBSPsPUNm4aGbwf; 25:puTR5PoZPojFccW5ZI79qIDElJdB9AJVBazWo6+snXEdUYuWquL1QuVAX2hGB7uoOj2rde7TalWsMgr6lNrNMBszlPLeLD4U2NY/ljVE9X9AFoqr6a856BaudcMEkK6Q7dDnNF3lNwHbyrl5wJrFzsfXVXsSsmjmH59fajBc6BAB2q+wwLW9wd6HReGS8rHra3oIYp8hU8ZltaYU6x2Qtu37kWEd3pCStt6xQfTLc02+3AU0bc/qmfzv5iMkfQuzLOnQZR+gztwJbu5u/oxeJIx+hwG0pLrnExEJCi+Q0bPhd7ahBFKkE8Dg9F+mSAdtEkOozDphkboprmhf6xXAYA==; 31:l61rQN9znLEzzhslCRd2+fgYxZ8UbFtkecUz1CLlLoFA1cbzw8BzKl81XNXyXm/XEupDjeH0ImwX2uAMpXSmD/4YFiEYvhA815qixpc4ElNf4ctNze4BF0v+JpZoqVICGhQX/a+lIn6VSO8Dn44+EF5VV6E76weBVKzQnM6/Kc3m7B2/cyYfxPEpsKjkqHLLRGe89s8/ay5/pdHTeZ6+ZPqNTRaw6VRWDhpuQhexGWo= X-MS-TrafficTypeDiagnostic: BN6PR12MB1508: X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 20:Onaf6neSsRFDtPzCZB7UxlGHRsWqvkmRxVZLpg4M8ZR+m24EqR0JWhS/d4cVeN98YM3VNUTm9W9a7H/wEr26WSqB/HHYCQ5cIOhOl9rorzL+5wiE7CAdMF9zPMoQI+gcw2nKGhkzt1LsmhQDHTaUlLY9AbjekQKN/72V+x5oRb2ij9OmoW7rAY6PWAwEdh8rNFZDfYRLeDQgjxBYSLmVMlrwgk6SmMxMhegFMM7Ht26AVxuCbXzspgSdSuL/NyPA2p0Xhvd66r016whkjjZbet6T5bAHxBZV21rEUgL3+8qXZt34bhhARRXuEHhHL8bAn5Exai4pY3V6NtNIiIOK6Dp+2hc05sFtoZhKPvARrTd49BNgiJelQtvPtqVK6oZHcJMO0pJ4XJi9xK6LaCjrc5EyQvAeuJH6Iz8DHq5HNB5qCzNfZBXY/ylF3iOZBAX1UN25pSTfyrukKzGpWQIOJ7mLUVyymZ2c+PyfPdI4v0y3hZD4RuB0Eivnk2EKJ/jO; 4:Y6WIJ33SwdScBktIBMCNzEtoIFoOKTRXlmiVNQgwChGKOnuPGCThX+/xm7NSLSwZtQEy2z5OfMuQ3Dh6mE9HTEcbYiZpVkromScWnm/ATXmXgVDfBTWwoZIkQilprTgQikjSeBX3GanwnsMk4O++l7sBuYwb4KpUgJjDKbQ8iaksVoZu4FndiYyWcvgS4QDNW9GKAI/6YX8VJCQYyqX5R1fFAIOLdqEbrcz9o8SmERyi9woT3BbtGvwkwcsF4xIg8YLnngVWDenYGHmV2cJnw/F1C5f+4Ne9cLCDBVBGlOZuH8pWwBT89Hee71Xpxcx1 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231023)(944501075)(6055026)(6041268)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011); SRVR:BN6PR12MB1508; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:BN6PR12MB1508; X-Forefront-PRVS: 05437568AA X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(366004)(346002)(39380400002)(376002)(199004)(189003)(6486002)(2361001)(6116002)(106356001)(386003)(105586002)(3846002)(6916009)(2950100002)(16586007)(6666003)(16526018)(36756003)(4326008)(2906002)(316002)(97736004)(25786009)(478600001)(86362001)(68736007)(575784001)(8676002)(48376002)(51416003)(81166006)(2351001)(81156014)(52116002)(8936002)(53936002)(305945005)(50226002)(76176011)(72206003)(50466002)(53416004)(7696005)(47776003)(66066001)(59450400001)(5660300001)(7736002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR12MB1508; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR12MB1508; 23:QMJluuKZgo5uuRmLgFcR8jZcn5Cbmg35r8yGgFdUv?= =?us-ascii?Q?vLib5nA471J19q/avXQfFvlhyLbKKJL33QtFHfGeWCaAJjfkKQ6TA5FnRbMH?= =?us-ascii?Q?msv9ZDoZeNeToxHQ8CmCeGdIa43b83os14Vv4JvsZSAxIUlWytxWTh5Bh3Rv?= =?us-ascii?Q?S6plxdQMdE3vpqAaieYoZahf5n3UwEDKtSc7rKxv46Oh/CXP2j0C/svIXyEj?= =?us-ascii?Q?ypHDqz16jOVUzdRwkVh4W/kPORs6JML/L6W25hsWCcgaKl2Jr9m1vdv8Eyo3?= =?us-ascii?Q?/QZDWLAsIqbKY4pV7+az81yRq17dSXeox1WXwKgo3OUW8fbC2zrnkWs0JIzU?= =?us-ascii?Q?0acTAUBWOuVDbosKxihdCnocPnuWhFSFZyVhNftDStYef+VNkuSCLSWkNjHf?= =?us-ascii?Q?10QRloddLs+GHkm8z5pzEqX+bWwNDorDiplFhVSALgyLwILAerueZO+I0Jfy?= =?us-ascii?Q?ZQSj3Y9XbWfiwD/cWm03fa5HdLtapqYuwaPsZiGRXnaxdnHStHTlR4MoDDfh?= =?us-ascii?Q?tY9/auGaOShBwnu9gKtJvKLax53xma8lboYKI3grJfRxDaZZTTWY+aa8VG8z?= =?us-ascii?Q?Ex07htDg5yLrF51xG0t+FDOS+vsUXLku0nS7vrWaZQ07kRyshpVjiF/2beYQ?= =?us-ascii?Q?zfbs4WrAKJWvvJN1M+udK9ZiJv68dmcmgRBVkCyE3BiP/+nIIwyTCRMUyU4n?= =?us-ascii?Q?hn2JEC1JYsBBQG6bqtcBTaRVL4wRkLWlSBSNUQJmA9Ih53nVUjYI829dCwsM?= =?us-ascii?Q?qF2WNQAWf0h8sStweU+Jth62BX4pmh0PQ6yBt9LuynX4rSqaiHUexF7+ySrf?= =?us-ascii?Q?t3FEfNNgQTyMmTErogp5teZVHH48fFuxxbsIRa55IMInLYOy/VH/yJLRucWB?= =?us-ascii?Q?IML5Id7bTcTRIeiOdYKX2cvQdseRyC9LnICCah0KjBnDySXvWDGK0zbJiufG?= =?us-ascii?Q?aZwuO/OVfE3SiDcr4T2lRxSnVAhX1I6XFboYifVasilDwjnuR1S8lILdQl+T?= =?us-ascii?Q?U++PJs1lwQZakBKCw4RGB7BJZMWVSc2MzC+Bfext6ci7jbmsXAqjRnXvJTy6?= =?us-ascii?Q?guNELl9bKs0ce9QBONVrCnLH+Li88XxAix8CMB0eXTEebC7y4yVLaCJdTQ6W?= =?us-ascii?Q?o+cNr0HHsjQV8S12PArrd30VtLEGnhTatNbp56YWqpvHExVQnw68PI7rx2Cc?= =?us-ascii?Q?xmh0JPL6Azmbl0=3D?= X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 6:vmYCcT8Q/i0Z1iXrwHEtuXmWqAMjlmKbYdMHdsyg3d63Mospz6W4WJvqtNHrydVrBgd2QBLAvoldp/Byg0ASyEHq03VbDkRUkaSTflb3aYXA64dXJVQ/sgrXilLV/wToVdSAnK5BabtYevx3Ygp4vzAi7ljWV5nWCB/Tl9I2/wc83nySePfj/nfBAk7aCpafbxpt+uK04m54TEGO96/cSF8r93Yt47+EnxFJ3lgszIMUwrw1NPKGZIyS2qxLysTx8oIi4rNZBWXIIULx5qzXpAAvcxTBb0JtTYd8RPHBs/EzgoD7BkOhsdPF1fyEHKORiLhCdPEyj4conAxWxdJlEuORkmbi9ifM5MXEJ+ojWU4=; 5:IdcAfuZlgY0td4too+Z3EWdZV0liGXymXMB73hl4Iw/WJXXM0JoaRJ9qQBJ0WaOY7X7ss/4YRsZJMKxUiTgdTg9lLkmt3GokZF1n1zElrYpdet5HLIyhfj8bUj44q0FMDmPhdvM1vOeKyYAVMZnmL8aMA34ce9cW9PnPJNsr7Ks=; 24:xTfJel3cSA9uD/k9d2cyqihaFFpi/Qp9DQc0qvfBRHiZZkle9GcS54gCc52LCywFzExj8tKqQ0FyEXFz0PbKT/XBVsLkbk6qYBy8WggOz0g=; 7:ydAj95g6LtRTuWbLsKdpMSJ4Gfyu3tVv34yvRpar707svOQHKhln3k5/yGBln6YvFfKrQynRSr29Sa94F8CA5lt6iVphA0K6wGkWhptlg2q2K0bwqDoOuUn45sqUivXeqXFxGJF2tnHADoYhx3NBIs1impM5LpFznme+WhNeONgaSessu/BQz26KvDItwwjuhSZXrb5tT+O7NkqNuU/6FQLUau8i2/gpELgDR0/lgPsQf3yLThEi9d9G+q3nwJWf SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 20:XK30DRNY3mOMtWCwGLqEmY9eBMaE1v0MAmFlI48f7EEdpEkMdxWojKNOkms3accS8OuIPE48/UJT95ICOOFPQPcdLarVHKpdI9xj54kI6+IMyqezckicYPix6ay0xNj2603OToimEv/AWP366vpvByYGjkvRhZdTNkxGei0BWH3zBiNGkL3Jfnn07m/4rLuF4D0iQLrMWzOCSlqBJ3pRm+M/UmOTmqeLDeYJ1sjjO2zjzDeQAM77rz/dNjl7MJvj X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jan 2018 09:40:43.6080 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 32c1e512-d2ac-4ec0-d429-08d55420648a X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1508 Subject: [dpdk-dev] [PATCH v2 14/20] crypto/ccp: add sha1 auth algo support X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2018 09:40:46 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 367 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 23 +++ drivers/crypto/ccp/ccp_pmd_ops.c | 42 +++++ 3 files changed, 432 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index 4ced193..a137405 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -36,6 +36,7 @@ #include #include #include +#include #include /*sub key apis*/ #include /*sub key apis*/ @@ -52,6 +53,14 @@ #include "ccp_pci.h" #include "ccp_pmd_private.h" +/* SHA initial context values */ +static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA1_H4, SHA1_H3, + SHA1_H2, SHA1_H1, + SHA1_H0, 0x0U, + 0x0U, 0x0U, +}; + static enum ccp_cmd_order ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) { @@ -76,6 +85,59 @@ ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) return res; } +/* partial hash using openssl */ +static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) +{ + SHA_CTX ctx; + + if (!SHA1_Init(&ctx)) + return -EFAULT; + SHA1_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); + return 0; +} + +static int generate_partial_hash(struct ccp_session *sess) +{ + + uint8_t ipad[sess->auth.block_size]; + uint8_t opad[sess->auth.block_size]; + uint8_t *ipad_t, *opad_t; + uint32_t *hash_value_be32, hash_temp32[8]; + int i, count; + + opad_t = ipad_t = (uint8_t *)sess->auth.key; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute); + + /* considering key size is always equal to block size of algorithm */ + for (i = 0; i < sess->auth.block_size; i++) { + ipad[i] = (ipad_t[i] ^ HMAC_IPAD_VALUE); + opad[i] = (opad_t[i] ^ HMAC_OPAD_VALUE); + } + + switch (sess->auth.algo) { + case CCP_AUTH_ALGO_SHA1_HMAC: + count = SHA1_DIGEST_SIZE >> 2; + + if (partial_hash_sha1(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha1(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + default: + CCP_LOG_ERR("Invalid auth algo"); + return -1; + } +} + /* prepare temporary keys K1 and K2 */ static void prepare_key(unsigned char *k, unsigned char *l, int bl) { @@ -260,6 +322,31 @@ ccp_configure_session_auth(struct ccp_session *sess, else sess->auth.op = CCP_AUTH_OP_VERIFY; switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_SHA1: + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.algo = CCP_AUTH_ALGO_SHA1; + sess->auth.ut.sha_type = CCP_SHA_TYPE_1; + sess->auth.ctx = (void *)ccp_sha1_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA1_HMAC: + if (auth_xform->key.length > SHA1_BLOCK_SIZE) + return -1; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.algo = CCP_AUTH_ALGO_SHA1_HMAC; + sess->auth.ut.sha_type = CCP_SHA_TYPE_1; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; + sess->auth.block_size = SHA1_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; case RTE_CRYPTO_AUTH_AES_CMAC: sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; sess->auth.engine = CCP_ENGINE_AES; @@ -453,6 +540,13 @@ ccp_auth_slot(struct ccp_session *session) int count = 0; switch (session->auth.algo) { + case CCP_AUTH_ALGO_SHA1: + count = 3; + /**< op + lsb passthrough cpy to/from*/ + break; + case CCP_AUTH_ALGO_SHA1_HMAC: + count = 6; + break; case CCP_AUTH_ALGO_AES_CMAC: count = 4; /** @@ -578,6 +672,271 @@ ccp_perform_passthru(struct ccp_passthru *pst, } static int +ccp_perform_hmac(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + + struct ccp_session *session; + union ccp_function function; + struct ccp_desc *desc; + uint32_t tail; + phys_addr_t src_addr, dest_addr, dest_addr_t; + struct ccp_passthru pst; + uint64_t auth_msg_bits; + void *append_ptr; + uint8_t *addr; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + addr = session->auth.pre_compute; + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr); + dest_addr_t = dest_addr; + + /** Load PHash1 to LSB*/ + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**sha engine command descriptor for IntermediateHash*/ + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + auth_msg_bits = (op->sym->auth.data.length + + session->auth.block_size) * 8; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Intermediate Hash value retrieve */ + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) { + + pst.src_addr = + (phys_addr_t)((cmd_q->sb_sha + 1) * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t; + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t + CCP_SB_BYTES; + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + } else { + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + } + + /** Load PHash2 to LSB*/ + addr += session->auth.ctx_len; + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**sha engine command descriptor for FinalHash*/ + dest_addr_t += session->auth.offset; + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = (session->auth.ctx_len - + session->auth.offset); + auth_msg_bits = (session->auth.block_size + + session->auth.ctx_len - + session->auth.offset) * 8; + + CCP_CMD_SRC_LO(desc) = (uint32_t)(dest_addr_t); + CCP_CMD_SRC_HI(desc) = high32_value(dest_addr_t); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Retrieve hmac output */ + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + else + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; + +} + +static int +ccp_perform_sha(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + struct ccp_session *session; + union ccp_function function; + struct ccp_desc *desc; + uint32_t tail; + phys_addr_t src_addr, dest_addr; + struct ccp_passthru pst; + void *append_ptr; + uint64_t auth_msg_bits; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + + append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr); + + /** Passthru sha context*/ + + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *) + session->auth.ctx); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**prepare sha command descriptor*/ + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + auth_msg_bits = op->sym->auth.data.length * 8; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Hash value retrieve */ + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + else + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; + +} + +static int ccp_perform_aes_cmac(struct rte_crypto_op *op, struct ccp_queue *cmd_q) { @@ -1148,6 +1507,14 @@ ccp_crypto_auth(struct rte_crypto_op *op, ccp_cryptodev_driver_id); switch (session->auth.algo) { + case CCP_AUTH_ALGO_SHA1: + result = ccp_perform_sha(op, cmd_q); + b_info->desccnt += 3; + break; + case CCP_AUTH_ALGO_SHA1_HMAC: + result = ccp_perform_hmac(op, cmd_q); + b_info->desccnt += 6; + break; case CCP_AUTH_ALGO_AES_CMAC: result = ccp_perform_aes_cmac(op, cmd_q); b_info->desccnt += 4; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index d528ec9..42179de 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -60,9 +60,32 @@ #define CCP_DES_ENCRYPT(p) ((p)->des.encrypt) #define CCP_DES_MODE(p) ((p)->des.mode) #define CCP_DES_TYPE(p) ((p)->des.type) +#define CCP_SHA_TYPE(p) ((p)->sha.type) #define CCP_PT_BYTESWAP(p) ((p)->pt.byteswap) #define CCP_PT_BITWISE(p) ((p)->pt.bitwise) +/* HMAC */ +#define HMAC_IPAD_VALUE 0x36 +#define HMAC_OPAD_VALUE 0x5c + +#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH +#define MD5_DIGEST_SIZE 16 +#define MD5_BLOCK_SIZE 64 +#endif + +/* SHA */ +#define SHA_COMMON_DIGEST_SIZE 32 +#define SHA1_DIGEST_SIZE 20 +#define SHA1_BLOCK_SIZE 64 + +/* SHA LSB intialiazation values */ + +#define SHA1_H0 0x67452301UL +#define SHA1_H1 0xefcdab89UL +#define SHA1_H2 0x98badcfeUL +#define SHA1_H3 0x10325476UL +#define SHA1_H4 0xc3d2e1f0UL + /** * CCP supported AES modes */ diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 2309e9f..19d0491 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -39,6 +39,48 @@ #include "ccp_crypto.h" static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { + { /* SHA1 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA1 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /*AES-CMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4