From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0089.outbound.protection.outlook.com [104.47.32.89]) by dpdk.org (Postfix) with ESMTP id D846C1B172 for ; Fri, 5 Jan 2018 10:40:47 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=M2X6N4OKkld7VHZht1V0msVUnbJAiGULMTfwqePV95U=; b=G8A6l2DrumjRB0tcN7wq9yI8drn3LT4j37I5m8adwZ8qjtrI+zQiwbm+xAfA1DH6vlox2/kkG/CHrJdmI2Cs1pVs1DcdU2JPARhMJiONurmRTWvywQQUy0lwPgnz4HpetAsu5Ccj8ew0ScwSzXBv+xMo3/6kGYEX6ERIpRZeJ8o= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by BN6PR12MB1508.namprd12.prod.outlook.com (10.172.24.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.386.5; Fri, 5 Jan 2018 09:40:45 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com Date: Fri, 5 Jan 2018 04:39:53 -0500 Message-Id: <1515145198-97367-15-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515145198-97367-1-git-send-email-Ravi1.kumar@amd.com> References: <1512047553-118101-1-git-send-email-Ravi1.kumar@amd.com> <1515145198-97367-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: PN1PR01CA0084.INDPRD01.PROD.OUTLOOK.COM (10.174.144.152) To BN6PR12MB1508.namprd12.prod.outlook.com (10.172.24.149) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: d28e0e69-dbaf-4da3-3180-08d554206566 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(48565401081)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060); SRVR:BN6PR12MB1508; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 3:G1Aw9R3JHECMM0FOHpqQ+jdMhw9GRpzHS645KyIms9VTTB5b00X30mrlVyCxnOcvFCw15Yt/+Gs2jyYlmP+8hk9bDi/yQ+lFYzu+EyJEr75Zh3uA/v5PRhzXfU5bzfmlyiZziotGTzIcT5vxOgx8lebkWvOygz5ZaSYsZQWb0RhiU33r5q7RGST5LpaYyBZ0Cv5kBXCcFIWP4Qt/ae/VVQOG4XM8RSKemiN/Eyd6XDwOg3EWrJ6fgmTTUraTctqf; 25:x1ZwbaZBqLV258022sQqleq2xmPwNdl72tWPI6QyB9i8YugBT5ZXRinZbE/P9maf2sjO3AN1zdROK8uuhY381KUoVMoWE5E7MLXO+0L20/Kqc8jIu0mTyRvQ8M1/5IeBW9iXM+IqJPZzpbHHcI4NV40xlSS2qZX09N0m8+NqTq9MoRS0qF0GfsdnPzuRE/NmTkI0jo8EQ/5KSojKs0dMemNRuCOg94yWVnjTDH/4PcAPUSiSII1dvt+CRwLI7DoYF6fc/fWp1FV9IeEz6EKIFZlDBu/GqHhrSF5NJpPnpQRoDuzf/WCqyFve5QXhZQcenLcm/snp2BexgHvtgTg97A==; 31:o3zrYkJKfie4mDS6WcB3O4SaaG0a9VZezhEXGKXecKITrjb3FdhVcs/TRZs4/ApImSuMGH0Lv9nTD3vt/oeP+Cp4hDtD/d9AICv2k31GuhE2EaCNT77vQfDrV9mo7Q045IjI6Ol2MpWsRe+zl4sqjBJ1w1n2yp9g4jgAbsQiDW8gaIeR3DSXfLEHEEAob49grB4pXt8YQLiFHUlZHpZg+7dc8wYd9QExSkdpLb/e/u8= X-MS-TrafficTypeDiagnostic: BN6PR12MB1508: X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 20:BCr/ZPRK2FX1XSIAbh+Fjk2bhdhd5/I3pXtPFKrSB0MNQL2JBpstOcXLlFCCkcInsYONXek5TMMpqMwhPBnOKfgI6mKnFcvOCkUEz8qAl6URCDPYIxn+FwenRDJddQBca2VpeCOEhTYkvOQGSRDanbs1Qy/fmhWcH9en+DVr4Gbx+/XS1LcPNOsCBIwl7C7oSfL7bryC4RzbGe5jPiBqfwZ6FNDtGzaCwmZMS3QbkXVSBBudwaQiqGccSNVg+sM0iOIH+DSyg9eqgznlY91VjMfhM5g1GogYyqnBrcIga5ODBC3RHe9yuhbgHMz6F26KIE68NqwMuiUH7p3Hx+T2sqRbVq0NxL4oItEl86LIfSkN9RYxl1u2z/Xzb2d2oRhINWfiX1ospJ3A5Avnhuyn51Ql+P7YMjXvKAsk3ft3oXLwC+aEXeb46WNGYybVKYRYDThZh4YqSxQ4t2YCZXJBeVvLf7p3Ib2wKfbqbuuzqzPUDQ92V8qVsiaylRlTCR9d; 4:Xgph8+Tzu1SpuYvpgob4bjApL4Hp8M0EQSzzDcvAcAbTKarB2+OXQV9mm5sGEt2EebncH3LQSoK7FFhctAL89iqCntn5KjEu/R2xM7XRIrrKNQJvwOxbltoJrc0JQyM6O42avElJ+6ebbusG3x25WHVsS7TGm8G7CflEwlnSpvsvV0vygUpaEjs9XbiS4Qe6UW8Amztwza5FpzQAj5S4UMkzPiOj1OXsJC8dXy1f8euQvU5HQr0VCL58KdkUmKaxlDLV21sGqD+teY+UbEKE1j118aeWJnB8XpcfbKd8pZk1gbu2HDGq3d2pB6yLNjos X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231023)(944501075)(6055026)(6041268)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011); SRVR:BN6PR12MB1508; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:BN6PR12MB1508; X-Forefront-PRVS: 05437568AA X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(366004)(346002)(39380400002)(376002)(199004)(189003)(6486002)(2361001)(6116002)(106356001)(386003)(105586002)(3846002)(6916009)(2950100002)(16586007)(6666003)(16526018)(36756003)(4326008)(2906002)(316002)(97736004)(25786009)(478600001)(86362001)(68736007)(575784001)(8676002)(48376002)(51416003)(81166006)(2351001)(81156014)(52116002)(8936002)(53936002)(305945005)(50226002)(76176011)(72206003)(50466002)(53416004)(7696005)(47776003)(66066001)(59450400001)(5660300001)(7736002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR12MB1508; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR12MB1508; 23:TNSGZwOMN4mP/f39K14Gxl7tsI59oV93toOZIPxe5?= =?us-ascii?Q?97dVmBrRwxU0ECIR2NULx879t80b7y3ahhK1L1C2XwEVYLMqdQ5hZG1CbTun?= =?us-ascii?Q?jUQktWKR0WF9psfYxSgp9Z/Uydf5Shb6w3F6C5Whth55M2aOKU9D2bd3YYOa?= =?us-ascii?Q?n1Xrm4CmF/L09hjtXNe7ZvvW5/cgr5VTgTbr9KrSTKhp6kk/vPGZmCh7zntb?= =?us-ascii?Q?9cVe2jAfELFDiKlg27IWSg9WLxR2D8DMG51Er+ujD5342liO6RPuFCio8Nj6?= =?us-ascii?Q?Uvn78r6/VryxBxckTnZxjqRGsVaU9wcFvcB0FFa2VErP0d2cMpQEYGeLLiGN?= =?us-ascii?Q?saT3Z07d0neMtai4Xq++dGaD7uWf6QPJvI0f+bxRdNcbX4a+EfHUbXuscJ75?= =?us-ascii?Q?6lGaPP56SmJi9qu/Zl6IYaSPFHXDdyBrooDt65qrJope1Eq2hWdIxso3/T1Y?= =?us-ascii?Q?8K76K53nOISs30xDxxcxoVvUzCkzwy3mFsrqx23L04tfoTVyY0bSwnTAteJ0?= =?us-ascii?Q?uC8EbPYIQDzelFciEec21ZfbNpegPVOmGmQojP5SmCSqqhWxIxCNgFi5SGW0?= =?us-ascii?Q?se5Oyb3Uv0pDCk48HCqo1WNsn4Of98W7odCOup5p2xxbVQpruMgxQJlS8TeN?= =?us-ascii?Q?RAferVAcrkeO4TasABhJeoxjay5B7fDontxXv94AK2SMea8GowiS7h4gDGDE?= =?us-ascii?Q?d+DNe614kgbv0n15wfX6kx8Mh86JHBavN/7TAapj0NdISs5uzZ/sDOlw4BLJ?= =?us-ascii?Q?BsVOv9t/uww94GKuR9k7KcnOUa0UwGtp54cpLx3aJJhNHQPGBPbmWip8P5jW?= =?us-ascii?Q?1mO5EFgbLWCdFB411Mb2BASWeXOLyJzcoJFv/7rS4tizOdsi+ApThcgeGJjn?= =?us-ascii?Q?nlx/KFKE3tvA7Pj9lEti1476ZKL6973H3neZcE1ycYw/DU2CgTdP3Picj57h?= =?us-ascii?Q?oBfQ36KW+ILmlTEm/CAcGuI2PYkbndfk8ZQF3OMyPpgpZgCMlPRvR8sJeI7V?= =?us-ascii?Q?0WYFMbziBQNO92yzYuLaZOB7Pc7OmSBisLTMdAFvJ1TK4lA94GGDX8QEUE9F?= =?us-ascii?Q?HvnXFHBWAJZI2xX9yZunn7JjkmUd9VrGfCCKy0ikWmPwxuOqRDthIKLrAX0l?= =?us-ascii?Q?YAhHSOCx8WJGA5PQ4NPYjYZE3I6rcEIPoTjFSwD2T5Nsk8VgDpZWOrj2diCL?= =?us-ascii?Q?S8dV30of7mg+GI=3D?= X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 6:ppPJREFAAZNOtrq1iDfx9SM2r2hGK/S2+66RAKsLFvqkDjFzTNlXv4WX6iNBR/Q5Q7+4aiTuzWZJh/EIIoc6NTIXMgsJMZlOrQqJ1XJO4eTCzYJcdtpLctt8jeCEU1EVUO3D5hiTNI0uS33WKte+xVycdtmofS30+R0piz4tacQVGr2FRZ+6eYxID8UwikyayEwkGAIE/d6YvNNwnJMHkPmmqgO8mUohwcSPNbtiJ7DfUX04bsiBDz7sdpW87TbKF4F1mw71WoqEunnBKCmxYxs52/MyQxxjInrkv14ij4WnkTG4czTOzwiMuB+za+JC/aPvNgjvI1O/xEV8sQzp7SsaHr6wpfl0/GiTGFu+ewc=; 5:dPWgOFNbsJ2YyHXN+/fLYzqdPxEqYZX88hdxi3SRGCQIwqqLKmn0heBhqA8GKndGDrBNO4JlWyJl4FDcQXGoWmZN7WpyKOUFKVXQgb1jrRf4Mr5P7fBauPM890H57YLHzHkd8pDq/3kvl3kNLYl6jDuUw+1WHiz4sypEkfqfCUQ=; 24:J1dBDKK/yUwsSLO03rezkhaQ8uZGpH2u4ZGq5JmTEjEwyhAp07n5jKVE1Tbqi2F8cZt4O9xDeAdir+dAq2KYzqdfTmRwa+CTYz0Uq3Q1p9U=; 7:6WKgbvUI9asg8OIjgwS++PLu/GIVC56+q1AIjkbZIytc2RC3Ktj9Df3H0yjpyMs18zidNVQVI4G5utO2sfWVB5J/f+LFWAst8XFjXJBwLtosEJCiU31d+na37yCqrPcJyYrvMwnQxvMBq6hVNCU0HPMrtK05p6Sus3cg6lWb2g5TXjHZTsPkvvG0hbQFN+BHGbHAXc+o98b9Y3NHyrTgt4/eOxZ4ucRJzOC2VbWkB8DG5ocz9qm7Xc54mL19E7Ud SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 20:NPP9ETwLDEN3K/Tqpl0ai3v4/pV9148qdgEcRCD2YQwwsC253pWxnzX4SZcvHnqOKFK7brH9AFz8XIo1JOULArhA1Qz4N28fHh/p0u8J1ok7CiXK6aKl0MzqpWlZRuYpIYV2SqUYMn3wO+SWz7o82yJGWbnVp8bTUKsBqVnLGQCoD1rJxpB7XR60x8rOXawd+hoeFyXOkDXMqE/EiB2kV+1uM7XrpZOJy1zfNi+1Ng4GkaLrksdE4LWAYvtsGUjH X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jan 2018 09:40:45.0612 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d28e0e69-dbaf-4da3-3180-08d554206566 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1508 Subject: [dpdk-dev] [PATCH v2 15/20] crypto/ccp: add sha2 family auth algo support X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jan 2018 09:40:48 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 270 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 48 +++++++ drivers/crypto/ccp/ccp_pmd_ops.c | 168 ++++++++++++++++++++++++ 3 files changed, 486 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index a137405..52eb76c 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -61,6 +61,34 @@ static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { 0x0U, 0x0U, }; +uint32_t ccp_sha224_init[SHA256_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA224_H7, SHA224_H6, + SHA224_H5, SHA224_H4, + SHA224_H3, SHA224_H2, + SHA224_H1, SHA224_H0, +}; + +uint32_t ccp_sha256_init[SHA256_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA256_H7, SHA256_H6, + SHA256_H5, SHA256_H4, + SHA256_H3, SHA256_H2, + SHA256_H1, SHA256_H0, +}; + +uint64_t ccp_sha384_init[SHA512_DIGEST_SIZE / sizeof(uint64_t)] = { + SHA384_H7, SHA384_H6, + SHA384_H5, SHA384_H4, + SHA384_H3, SHA384_H2, + SHA384_H1, SHA384_H0, +}; + +uint64_t ccp_sha512_init[SHA512_DIGEST_SIZE / sizeof(uint64_t)] = { + SHA512_H7, SHA512_H6, + SHA512_H5, SHA512_H4, + SHA512_H3, SHA512_H2, + SHA512_H1, SHA512_H0, +}; + static enum ccp_cmd_order ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) { @@ -97,6 +125,54 @@ static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) return 0; } +static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) +{ + SHA256_CTX ctx; + + if (!SHA224_Init(&ctx)) + return -EFAULT; + SHA256_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA256_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) +{ + SHA256_CTX ctx; + + if (!SHA256_Init(&ctx)) + return -EFAULT; + SHA256_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA256_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) +{ + SHA512_CTX ctx; + + if (!SHA384_Init(&ctx)) + return -EFAULT; + SHA512_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA512_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) +{ + SHA512_CTX ctx; + + if (!SHA512_Init(&ctx)) + return -EFAULT; + SHA512_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA512_DIGEST_LENGTH); + return 0; +} + static int generate_partial_hash(struct ccp_session *sess) { @@ -104,11 +180,13 @@ static int generate_partial_hash(struct ccp_session *sess) uint8_t opad[sess->auth.block_size]; uint8_t *ipad_t, *opad_t; uint32_t *hash_value_be32, hash_temp32[8]; + uint64_t *hash_value_be64, hash_temp64[8]; int i, count; opad_t = ipad_t = (uint8_t *)sess->auth.key; hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute); + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute); /* considering key size is always equal to block size of algorithm */ for (i = 0; i < sess->auth.block_size; i++) { @@ -132,6 +210,66 @@ static int generate_partial_hash(struct ccp_session *sess) for (i = 0; i < count; i++, hash_value_be32++) *hash_value_be32 = hash_temp32[count - 1 - i]; return 0; + case CCP_AUTH_ALGO_SHA224_HMAC: + count = SHA256_DIGEST_SIZE >> 2; + + if (partial_hash_sha224(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha224(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA256_HMAC: + count = SHA256_DIGEST_SIZE >> 2; + + if (partial_hash_sha256(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha256(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA384_HMAC: + count = SHA512_DIGEST_SIZE >> 3; + + if (partial_hash_sha384(ipad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha384(opad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA512_HMAC: + count = SHA512_DIGEST_SIZE >> 3; + + if (partial_hash_sha512(ipad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha512(opad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + return 0; default: CCP_LOG_ERR("Invalid auth algo"); return -1; @@ -347,6 +485,107 @@ ccp_configure_session_auth(struct ccp_session *sess, if (generate_partial_hash(sess)) return -1; break; + case RTE_CRYPTO_AUTH_SHA224: + sess->auth.algo = CCP_AUTH_ALGO_SHA224; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_224; + sess->auth.ctx = (void *)ccp_sha224_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA224_HMAC: + if (auth_xform->key.length > SHA224_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA224_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_224; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; + sess->auth.block_size = SHA224_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA256: + sess->auth.algo = CCP_AUTH_ALGO_SHA256; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_256; + sess->auth.ctx = (void *)ccp_sha256_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA256_HMAC: + if (auth_xform->key.length > SHA256_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA256_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_256; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; + sess->auth.block_size = SHA256_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA384: + sess->auth.algo = CCP_AUTH_ALGO_SHA384; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_384; + sess->auth.ctx = (void *)ccp_sha384_init; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA384_HMAC: + if (auth_xform->key.length > SHA384_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA384_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_384; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; + sess->auth.block_size = SHA384_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA512: + sess->auth.algo = CCP_AUTH_ALGO_SHA512; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_512; + sess->auth.ctx = (void *)ccp_sha512_init; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA512_HMAC: + if (auth_xform->key.length > SHA512_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA512_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_512; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; + sess->auth.block_size = SHA512_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; sess->auth.engine = CCP_ENGINE_AES; @@ -541,12 +780,32 @@ ccp_auth_slot(struct ccp_session *session) switch (session->auth.algo) { case CCP_AUTH_ALGO_SHA1: + case CCP_AUTH_ALGO_SHA224: + case CCP_AUTH_ALGO_SHA256: + case CCP_AUTH_ALGO_SHA384: + case CCP_AUTH_ALGO_SHA512: count = 3; /**< op + lsb passthrough cpy to/from*/ break; case CCP_AUTH_ALGO_SHA1_HMAC: + case CCP_AUTH_ALGO_SHA224_HMAC: + case CCP_AUTH_ALGO_SHA256_HMAC: count = 6; break; + case CCP_AUTH_ALGO_SHA384_HMAC: + case CCP_AUTH_ALGO_SHA512_HMAC: + count = 7; + /** + * 1. Load PHash1 = H(k ^ ipad); to LSB + * 2. generate IHash = H(hash on meassage with PHash1 + * as init values); + * 3. Retrieve IHash 2 slots for 384/512 + * 4. Load Phash2 = H(k ^ opad); to LSB + * 5. generate FHash = H(hash on Ihash with Phash2 + * as init value); + * 6. Retrieve HMAC output from LSB to host memory + */ + break; case CCP_AUTH_ALGO_AES_CMAC: count = 4; /** @@ -1508,13 +1767,24 @@ ccp_crypto_auth(struct rte_crypto_op *op, switch (session->auth.algo) { case CCP_AUTH_ALGO_SHA1: + case CCP_AUTH_ALGO_SHA224: + case CCP_AUTH_ALGO_SHA256: + case CCP_AUTH_ALGO_SHA384: + case CCP_AUTH_ALGO_SHA512: result = ccp_perform_sha(op, cmd_q); b_info->desccnt += 3; break; case CCP_AUTH_ALGO_SHA1_HMAC: + case CCP_AUTH_ALGO_SHA224_HMAC: + case CCP_AUTH_ALGO_SHA256_HMAC: result = ccp_perform_hmac(op, cmd_q); b_info->desccnt += 6; break; + case CCP_AUTH_ALGO_SHA384_HMAC: + case CCP_AUTH_ALGO_SHA512_HMAC: + result = ccp_perform_hmac(op, cmd_q); + b_info->desccnt += 7; + break; case CCP_AUTH_ALGO_AES_CMAC: result = ccp_perform_aes_cmac(op, cmd_q); b_info->desccnt += 4; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index 42179de..ca1c1a8 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -78,6 +78,18 @@ #define SHA1_DIGEST_SIZE 20 #define SHA1_BLOCK_SIZE 64 +#define SHA224_DIGEST_SIZE 28 +#define SHA224_BLOCK_SIZE 64 + +#define SHA256_DIGEST_SIZE 32 +#define SHA256_BLOCK_SIZE 64 + +#define SHA384_DIGEST_SIZE 48 +#define SHA384_BLOCK_SIZE 128 + +#define SHA512_DIGEST_SIZE 64 +#define SHA512_BLOCK_SIZE 128 + /* SHA LSB intialiazation values */ #define SHA1_H0 0x67452301UL @@ -86,6 +98,42 @@ #define SHA1_H3 0x10325476UL #define SHA1_H4 0xc3d2e1f0UL +#define SHA224_H0 0xc1059ed8UL +#define SHA224_H1 0x367cd507UL +#define SHA224_H2 0x3070dd17UL +#define SHA224_H3 0xf70e5939UL +#define SHA224_H4 0xffc00b31UL +#define SHA224_H5 0x68581511UL +#define SHA224_H6 0x64f98fa7UL +#define SHA224_H7 0xbefa4fa4UL + +#define SHA256_H0 0x6a09e667UL +#define SHA256_H1 0xbb67ae85UL +#define SHA256_H2 0x3c6ef372UL +#define SHA256_H3 0xa54ff53aUL +#define SHA256_H4 0x510e527fUL +#define SHA256_H5 0x9b05688cUL +#define SHA256_H6 0x1f83d9abUL +#define SHA256_H7 0x5be0cd19UL + +#define SHA384_H0 0xcbbb9d5dc1059ed8ULL +#define SHA384_H1 0x629a292a367cd507ULL +#define SHA384_H2 0x9159015a3070dd17ULL +#define SHA384_H3 0x152fecd8f70e5939ULL +#define SHA384_H4 0x67332667ffc00b31ULL +#define SHA384_H5 0x8eb44a8768581511ULL +#define SHA384_H6 0xdb0c2e0d64f98fa7ULL +#define SHA384_H7 0x47b5481dbefa4fa4ULL + +#define SHA512_H0 0x6a09e667f3bcc908ULL +#define SHA512_H1 0xbb67ae8584caa73bULL +#define SHA512_H2 0x3c6ef372fe94f82bULL +#define SHA512_H3 0xa54ff53a5f1d36f1ULL +#define SHA512_H4 0x510e527fade682d1ULL +#define SHA512_H5 0x9b05688c2b3e6c1fULL +#define SHA512_H6 0x1f83d9abfb41bd6bULL +#define SHA512_H7 0x5be0cd19137e2179ULL + /** * CCP supported AES modes */ diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 19d0491..57d202f 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -81,6 +81,174 @@ static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { }, } }, } }, + { /* SHA224 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA224 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA256 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA256 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA384 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA384 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 128, + .increment = 1 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA512 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA512 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 128, + .increment = 1 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /*AES-CMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4