From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0051.outbound.protection.outlook.com [104.47.34.51]) by dpdk.org (Postfix) with ESMTP id B25C74CA6 for ; Fri, 9 Mar 2018 09:36:00 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=RogvdWgX66dCBVrzGZSo9SOlbBkQ4KystSBd8lX4Ltk=; b=i6EBVqzkGOg2uoBCjHczacLhdLS7SnyKY4FozpM6az7sYgLkO8u5Fuk/zOIjWoSiSQ2emb+91nEv278aZOAtEwDBmnHRjAYMPFVpKSeA78P5XwYHaC4ozIWqcVXJB4ArSEAUMlhEsEJtVZJOSG8icZZ5ZyCZMUice3u2bgb4cS0= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by MWHPR12MB1518.namprd12.prod.outlook.com (2603:10b6:301:b::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.14; Fri, 9 Mar 2018 08:35:57 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com Date: Fri, 9 Mar 2018 03:35:12 -0500 Message-Id: <1520584520-130522-12-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520584520-130522-1-git-send-email-Ravi1.kumar@amd.com> References: <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com> <1520584520-130522-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: MA1PR0101CA0050.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a00:20::12) To MWHPR12MB1518.namprd12.prod.outlook.com (2603:10b6:301:b::22) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: f6ab5577-87c5-4598-a51c-08d58598c880 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:MWHPR12MB1518; X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 3:Ew7x2SAxToytCKBmK0hk5YXKDDYbfKZaTdtaF7z7WRBkQLs8YV6yWwJhYwaiX+YpDjEf17rY96YuvMdqCTMHsJibNfCJNwkEGM95ARa8kYGkZyFdeqZt4bNCUvZThNEOBmhjkwSe7qnLJKukRMSehvzVvX0XRXXcblWNMN5YODqbFZwKvfz/LY2su4o83DqbX2Vm5cC1jQpzupGw7wVhIlQpM1cR+P6dtO/1xk1pfe2ehHuYUQgm+pD/wGe1T0eo; 25:A0QVjrxA7z8+tESbeFmtr9Rhc/O8uQj1QlMajkO9yq1Fstm6zxSn2bKXBN7YTijs8RHHqHQEiv9XfvWx6drg0HLTgfhWid2aB8WahDnbJL+QSt52S4Zood8gyc2lj6fbyWXJjMfs3kZvMAKof4PGJVyXquuyx9Qm6lTY/jkoN1S3xp+Emx7+FE+J2pBre/e12vEhv08aBeNB2E6ushd3DSwdx3Kq0GAdAvV/Y6xJLzvbecmL+fkAZF47HkSWDiKmpKmIPbLDOV4mBvtmsJ2LZfn6PvpPiPUl/YGrjDsDpqD0f29v3rQfSijIry08qxYa8WfNkXcezt3fuxFNkrYmkQ==; 31:+963K3HWw66TsPUmDozB3VEdVDrSnMWvOgKUMVYhtenoWmPt/jSqTKdjFn0nvxg+FTVfdo3kz+4ZCiBAHXoEYQ03pWfGtci56oonx5ZUyC9+TZzcItd7CYf6799/DGskclcu6cuUfwLAJY5TW/CJ8WfkNWXsKd5mJyFbsjGmmcSCXC9xDLDzqyQZ+ZhLl1Us0twGdKG4FriwSmDazfyvIy2l563X4EkgYVh7B8GM86M= X-MS-TrafficTypeDiagnostic: MWHPR12MB1518: X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 20:hyNDvOchsjepESHY1HicIYNBXwjFawZrE+/RZs0XQSlbhOFYYHL9Z0Vx9RPAcN+iZ1kaxIpSb6Igik7aq0GYK/+kaNOMrrFo/4uXWBpqxu8BtP+8HZ3+wasJxd3BoH3JJ9uXmWxMAnTf8q9bxkjHl41WPgeMQ0NmoeQz7FRWsbs+e3xWuMcG/pTFL7FEO6+Lse7lWu0TUb62/7Ko8KwhObuF47hHGJx8QB1rcSceuHz5uXNrYDauYNB22kklwOhI/N+J97PCoEfVbRFtv6+IZ4SLK2CrURiSeGXi6S//jZ8GepTuEoG1OfI9VegHuL5QIRAttbAV2vD3D/PP7O3PiVbOsyi0uEjXHuv7S8AO4otxEmW+OmBbEDOERd/vmFeMpOyiiwuPpglN6dTX9qTcfF1v9fFssiSvscqh4nUs4HlL7tj05eXUXl25YU051Of2gB8Vq6XGiPZJO42R1hdsPC+stJpLh/Xz5hBPVyf7k+qYps29y805Hh6Yv2hp2GQG; 4:/8OV84i3PS15/iYb0e/Ong/hO07CRHTKC3UTfXj/pqTQz/pjqwfoRGotBqYFegDA0LlFjHsa7KirI4QaNnhlOm/It5zfAG18bph+OdPhaLQPXnuzsnqZOBhdrEWOrehmo7TaM+esMMiOVF0mWsA1MtkfMLzQfPHXa/MND5mhN3BZ1CgAONQtx5cjuW7qB787gHPYV35TBB+KAmm0BwqpFNiT64yrbrAO+XzKn4N2I0wSO4yiZdT+GxkafcdyQjHvpHRQO08QIlNf2+6/F9112/UX+Xvo/jZknGNCwPfnPwLoem/1K8ctjQdwlNCJAK8p X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(3231220)(944501244)(52105095)(10201501046)(93006095)(93001095)(6055026)(6041310)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:MWHPR12MB1518; BCL:0; PCL:0; RULEID:; SRVR:MWHPR12MB1518; X-Forefront-PRVS: 0606BBEB39 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39860400002)(39380400002)(396003)(366004)(376002)(346002)(199004)(189003)(16586007)(26005)(81156014)(16526019)(8676002)(186003)(81166006)(25786009)(7736002)(3846002)(386003)(305945005)(4326008)(6116002)(6666003)(316002)(86362001)(76176011)(52116002)(8936002)(51416003)(50226002)(5660300001)(2906002)(2950100002)(6916009)(59450400001)(7696005)(36756003)(106356001)(105586002)(6486002)(68736007)(48376002)(97736004)(53416004)(2361001)(2351001)(53936002)(50466002)(478600001)(47776003)(66066001)(72206003); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR12MB1518; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; MWHPR12MB1518; 23:LPU+VkxZ/FncCJu0UYw7LyyGqoTkIAVVfDDJ8v15a?= =?us-ascii?Q?SmQI50rHbVaxNj8oHIyyRkDObhl40FjGq1u/TFnM1R0v2tbL8yTuUWm7YYI0?= =?us-ascii?Q?7YWOk+ta3xF+FauO++vE4q7XD/p1xaVmhe9flPuxITPYTkhW4vxdKY0fld+y?= =?us-ascii?Q?SvRQQNnnoHPHhczDCFvjUnnnJmS6WoU+V4agBpvPybp4MUPAeOg5kTomETPp?= =?us-ascii?Q?zrfJo90Yk0nWla0I7gRj024rIqdopchI/ZlnbOg8xjtQ6j4Bk0qj/rj5TIVR?= =?us-ascii?Q?A2KloWKHmHyie0RLfjdiqiy135BIavQt2twuEDbGAXBi+YSX2zr9ct9jopbi?= =?us-ascii?Q?YXg2bGAxSqaFxvKjlbp8tq9Pfd4y16VPOHFqV6ItHMnXw/gwbjm3hGdQ7I9D?= =?us-ascii?Q?jqP3HMiJue+Q1u0o2Klcm1L8CB8VS+qkZOFDyzo2/RGpKDVx7Rz/KTtKbotc?= =?us-ascii?Q?2CraKQi5I9+vaNQOMcFNvLDTd87H8w13YOVHfiY6YiQCZ3aD2el5Nlkn2u79?= =?us-ascii?Q?mZZnPIEQVsB9DwTpTYxATYopHNG+5T8QeWEd8wLXLldPYfdRLqv/+CXrTmGI?= =?us-ascii?Q?NuCXdGoAO+luYL7Cr3sD39MkSUZeYoW38utqddjgoVTCp9MR7LIf6b4pQne3?= =?us-ascii?Q?6DawQ5+MPgHVzdUqy3Kw+wZiDkbDNkZcRc/qHekhflOwIJCMQ3Vwpth96eyl?= =?us-ascii?Q?auUeEZMFJrWW4X+N1kKBEt7DIDVVN8f1NfUAK1nCJeIsxSIEjR4Z5Y640m05?= =?us-ascii?Q?nxiNK898JaEtRbQ+ZN+vTT5HquCX2A57EHdtN02ZaxWcl49XFlbmnnEd4v7E?= =?us-ascii?Q?B/CqPceZp1jnxkm38tGPhgpkOTqoasXEXTJ4HT1DmBDEhRHObo5zRtizMMPl?= =?us-ascii?Q?TGlyq9rYqz+XKXhXNWhQfvFZoTyKjcagIiIYQNW8JAVI66RkDV+P4bzR+Ik0?= =?us-ascii?Q?/MUvqWcEZCNJVr89GnXhKkSNurrHghpZOf0jOqz9/UuKZDQv4Cin9FMfNxVe?= =?us-ascii?Q?VMYoH1ZBCmAUn5K9j3eWvNOOSPZwuFoldLlOfH9hQwQQodG7txLu8ocwvLmu?= =?us-ascii?Q?Ta2UUHrsba1mZNNT9KwxBWYPIMaOTMaUn20AcRU4AN+Tny72nmT3PbQDcH0B?= =?us-ascii?Q?VwEUEugHNJU6/VDuibsRTy6F83Qm7TCNDv9UFXDFPoAeakgC7lUZ2sAEh/n4?= =?us-ascii?Q?CIkqeiKx7Xg6XM=3D?= X-Microsoft-Antispam-Message-Info: t9mM+lWWtgh3M2a+peQyhtfPt1njQW0Ay+FFvISGgQljGkM8A/1AD5gouzDdvajTUKmlbonW8I7Ca3qsqiHxW88/U04A2wVcabpjp5r56e4tXwo6R8JJ/H4ZvwvDFGvtYpOfJmC6pUxYTH/8Xly5kJwW6YBA49FhU++BVL9t+5t3WMBMYqYFcOt+g0x+3i0Q X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 6:XObPrWJabJcIK7ltd39SWYFF59OIN9DcPX0mK50sbvui86UeE73+gltVqaBOndXkaqdb0Ilp8SuPZR74quP/tKdYwfKQ72yH7TIUlhtaS5g3eL1OSkw6wHbNPRqW7OxhRmurNERptEMkCRA+IYLSwyH5bT0ikhwr3vSkFhX4da0ZIg266O+ZpHS7T+Zg+CJHUwCDfu8c0tkucBnBgp1AZUzVZCT95ZQKmeh0FMGX+yu4QNOnTAT6y1e6j/8PhvSeoWMLr1ycpf6eN0kSiBNOWWAU4cMGp7AhALJ+beFtEjh4XHQU5vVB2xQx6YZeS1GhF/npQ7BF2QvwI4mN6eCSsW3LJ6wKhGXsdH4HpP8OjC0=; 5:Tda8TbQWyKSnDL5gwJd8LZOKyiAv8TZgX5lNySJ+XBFc4oQrKRbeapZjV71rAu4IsTTWV8C9D5MAsB8782LIw2VycXf3mFunJ0Y/8GVuRfiTXeZ98sOtRW2QxF7h3/LTrsN6wFYvVbVu/LWic/NwHSaTGnaTOLqiO3yWoLE2bLA=; 24:08PiUrWdBwwNf6rU2GkZIWikVVUcyH+Co3VJNOSDSvShZVvOIYwi6AXQT69FE6oRv7kCb5O7BxJ/X9pof6u5i6Ne85ZJD/hc+8CDqOVQ0ek=; 7:TVHt/1T2FkdvxEf88hpOPa3XijlK+O42IPFwNj8UGrmoDDahlloE5ixTWjttEhRmSVyaBpzk8C06tOpo0B74zyhjxg8bnGDR6TAUCyv1DI87o/xuxbWwM+i+xzFLrpfEXnijk+8SryBkPB4MK4/pPku9g/ddOnNGi7ocmrujPq4Fu5WJvIy1a552d49B2AiuEtJnD/opH9FZ6cvvbt9rltWsQryDhKD1jrY5i/Taw2kpDTTnMuL1iNCZnqh/p+3v SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 20:UlCrePPim3h2iiuYc8P2QjJGMIgsJtiAuDnsG3kwr02scOoafIjSseP6KG5HbFENbCW/bnIZNGX1IaYC+atoOwIS3LcpKgG6tnJBEoTD7m3ZCK4r7GrMOeBSJErzftTwQ9Fj2L7bJy9OTxI+bK3uvBeRjG1z71cMDm1RUZ6VDa42iA5CmhQJaDLHPhnOaazhxFLkgMHoWXNnWNqclbFgLJQOR2zB9uTuw+PrpWzbVFeTC8YgcnmITmpzZfXRpxaa X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Mar 2018 08:35:57.9596 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f6ab5577-87c5-4598-a51c-08d58598c880 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1518 Subject: [dpdk-dev] [PATCH v4 12/20] crypto/ccp: support aes-cmac auth algo X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Mar 2018 08:36:01 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 277 ++++++++++++++++++++++++++++++++++++++- drivers/crypto/ccp/ccp_pmd_ops.c | 20 +++ 2 files changed, 295 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index 0660761..6e593d8 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -36,6 +36,8 @@ #include #include #include +#include /*sub key apis*/ +#include /*sub key apis*/ #include #include @@ -74,6 +76,84 @@ ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) return res; } +/* prepare temporary keys K1 and K2 */ +static void prepare_key(unsigned char *k, unsigned char *l, int bl) +{ + int i; + /* Shift block to left, including carry */ + for (i = 0; i < bl; i++) { + k[i] = l[i] << 1; + if (i < bl - 1 && l[i + 1] & 0x80) + k[i] |= 1; + } + /* If MSB set fixup with R */ + if (l[0] & 0x80) + k[bl - 1] ^= bl == 16 ? 0x87 : 0x1b; +} + +/* subkeys K1 and K2 generation for CMAC */ +static int +generate_cmac_subkeys(struct ccp_session *sess) +{ + const EVP_CIPHER *algo; + EVP_CIPHER_CTX *ctx; + unsigned char *ccp_ctx; + size_t i; + int dstlen, totlen; + unsigned char zero_iv[AES_BLOCK_SIZE] = {0}; + unsigned char dst[2 * AES_BLOCK_SIZE] = {0}; + unsigned char k1[AES_BLOCK_SIZE] = {0}; + unsigned char k2[AES_BLOCK_SIZE] = {0}; + + if (sess->auth.ut.aes_type == CCP_AES_TYPE_128) + algo = EVP_aes_128_cbc(); + else if (sess->auth.ut.aes_type == CCP_AES_TYPE_192) + algo = EVP_aes_192_cbc(); + else if (sess->auth.ut.aes_type == CCP_AES_TYPE_256) + algo = EVP_aes_256_cbc(); + else { + CCP_LOG_ERR("Invalid CMAC type length"); + return -1; + } + + ctx = EVP_CIPHER_CTX_new(); + if (!ctx) { + CCP_LOG_ERR("ctx creation failed"); + return -1; + } + if (EVP_EncryptInit(ctx, algo, (unsigned char *)sess->auth.key, + (unsigned char *)zero_iv) <= 0) + goto key_generate_err; + if (EVP_CIPHER_CTX_set_padding(ctx, 0) <= 0) + goto key_generate_err; + if (EVP_EncryptUpdate(ctx, dst, &dstlen, zero_iv, + AES_BLOCK_SIZE) <= 0) + goto key_generate_err; + if (EVP_EncryptFinal_ex(ctx, dst + dstlen, &totlen) <= 0) + goto key_generate_err; + + memset(sess->auth.pre_compute, 0, CCP_SB_BYTES * 2); + + ccp_ctx = (unsigned char *)(sess->auth.pre_compute + CCP_SB_BYTES - 1); + prepare_key(k1, dst, AES_BLOCK_SIZE); + for (i = 0; i < AES_BLOCK_SIZE; i++, ccp_ctx--) + *ccp_ctx = k1[i]; + + ccp_ctx = (unsigned char *)(sess->auth.pre_compute + + (2 * CCP_SB_BYTES) - 1); + prepare_key(k2, k1, AES_BLOCK_SIZE); + for (i = 0; i < AES_BLOCK_SIZE; i++, ccp_ctx--) + *ccp_ctx = k2[i]; + + EVP_CIPHER_CTX_free(ctx); + + return 0; + +key_generate_err: + CCP_LOG_ERR("CMAC Init failed"); + return -1; +} + /* configure session */ static int ccp_configure_session_cipher(struct ccp_session *sess, @@ -170,6 +250,7 @@ ccp_configure_session_auth(struct ccp_session *sess, const struct rte_crypto_sym_xform *xform) { const struct rte_crypto_auth_xform *auth_xform = NULL; + size_t i; auth_xform = &xform->auth; @@ -179,6 +260,33 @@ ccp_configure_session_auth(struct ccp_session *sess, else sess->auth.op = CCP_AUTH_OP_VERIFY; switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_AES_CMAC: + sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; + sess->auth.engine = CCP_ENGINE_AES; + sess->auth.um.aes_mode = CCP_AES_MODE_CMAC; + sess->auth.key_length = auth_xform->key.length; + /**auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = AES_BLOCK_SIZE; + sess->auth.block_size = AES_BLOCK_SIZE; + if (sess->auth.key_length == 16) + sess->auth.ut.aes_type = CCP_AES_TYPE_128; + else if (sess->auth.key_length == 24) + sess->auth.ut.aes_type = CCP_AES_TYPE_192; + else if (sess->auth.key_length == 32) + sess->auth.ut.aes_type = CCP_AES_TYPE_256; + else { + CCP_LOG_ERR("Invalid CMAC key length"); + return -1; + } + rte_memcpy(sess->auth.key, auth_xform->key.data, + sess->auth.key_length); + for (i = 0; i < sess->auth.key_length; i++) + sess->auth.key_ccp[sess->auth.key_length - i - 1] = + sess->auth.key[i]; + if (generate_cmac_subkeys(sess)) + return -1; + break; default: CCP_LOG_ERR("Unsupported hash algo"); return -ENOTSUP; @@ -316,6 +424,15 @@ ccp_auth_slot(struct ccp_session *session) int count = 0; switch (session->auth.algo) { + case CCP_AUTH_ALGO_AES_CMAC: + count = 4; + /** + * op + * extra descriptor in padding case + * (k1/k2(255:128) with iv(127:0)) + * Retrieve result + */ + break; default: CCP_LOG_ERR("Unsupported auth algo %d", session->auth.algo); @@ -415,6 +532,158 @@ ccp_perform_passthru(struct ccp_passthru *pst, } static int +ccp_perform_aes_cmac(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + struct ccp_session *session; + union ccp_function function; + struct ccp_passthru pst; + struct ccp_desc *desc; + uint32_t tail; + uint8_t *src_tb, *append_ptr, *ctx_addr; + phys_addr_t src_addr, dest_addr, key_addr; + int length, non_align_len; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + key_addr = rte_mem_virt2phy(session->auth.key_ccp); + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + append_ptr = (uint8_t *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy((void *)append_ptr); + + function.raw = 0; + CCP_AES_ENCRYPT(&function) = CCP_CIPHER_DIR_ENCRYPT; + CCP_AES_MODE(&function) = session->auth.um.aes_mode; + CCP_AES_TYPE(&function) = session->auth.ut.aes_type; + + if (op->sym->auth.data.length % session->auth.block_size == 0) { + + ctx_addr = session->auth.pre_compute; + memset(ctx_addr, 0, AES_BLOCK_SIZE); + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)ctx_addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES); + pst.len = CCP_SB_BYTES; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + /* prepare desc for aes-cmac command */ + CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr); + CCP_CMD_KEY_HI(desc) = high32_value(key_addr); + CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM; + CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv; + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = + (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + } else { + ctx_addr = session->auth.pre_compute + CCP_SB_BYTES; + memset(ctx_addr, 0, AES_BLOCK_SIZE); + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)ctx_addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES); + pst.len = CCP_SB_BYTES; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + length = (op->sym->auth.data.length / AES_BLOCK_SIZE); + length *= AES_BLOCK_SIZE; + non_align_len = op->sym->auth.data.length - length; + /* prepare desc for aes-cmac command */ + /*Command 1*/ + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = length; + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr); + CCP_CMD_KEY_HI(desc) = high32_value(key_addr); + CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM; + CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv; + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + /*Command 2*/ + append_ptr = append_ptr + CCP_SB_BYTES; + memset(append_ptr, 0, AES_BLOCK_SIZE); + src_tb = rte_pktmbuf_mtod_offset(op->sym->m_src, + uint8_t *, + op->sym->auth.data.offset + + length); + rte_memcpy(append_ptr, src_tb, non_align_len); + append_ptr[non_align_len] = CMAC_PAD_VALUE; + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_FUNCTION(desc) = function.raw; + CCP_CMD_LEN(desc) = AES_BLOCK_SIZE; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)(dest_addr + CCP_SB_BYTES)); + CCP_CMD_SRC_HI(desc) = high32_value(dest_addr + CCP_SB_BYTES); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr); + CCP_CMD_KEY_HI(desc) = high32_value(key_addr); + CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM; + CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv; + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + tail = + (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + } + /* Retrieve result */ + pst.dest_addr = dest_addr; + pst.src_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES); + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; +} + +static int ccp_perform_aes(struct rte_crypto_op *op, struct ccp_queue *cmd_q, struct ccp_batch_info *b_info) @@ -643,8 +912,8 @@ ccp_crypto_cipher(struct rte_crypto_op *op, static inline int ccp_crypto_auth(struct rte_crypto_op *op, - struct ccp_queue *cmd_q __rte_unused, - struct ccp_batch_info *b_info __rte_unused) + struct ccp_queue *cmd_q, + struct ccp_batch_info *b_info) { int result = 0; @@ -655,6 +924,10 @@ ccp_crypto_auth(struct rte_crypto_op *op, ccp_cryptodev_driver_id); switch (session->auth.algo) { + case CCP_AUTH_ALGO_AES_CMAC: + result = ccp_perform_aes_cmac(op, cmd_q); + b_info->desccnt += 4; + break; default: CCP_LOG_ERR("Unsupported auth algo %d", session->auth.algo); diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 3a16be8..1fb6a6d 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -39,6 +39,26 @@ #include "ccp_crypto.h" static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { + { /*AES-CMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_AES_CMAC, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + }, } + }, } + }, { /* AES ECB */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4