From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0083.outbound.protection.outlook.com [104.47.34.83]) by dpdk.org (Postfix) with ESMTP id D32905F65 for ; Fri, 9 Mar 2018 09:36:02 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=DN8EwVrj/eqH39FU7WlP0TmcvDClWkM3C+Pw1YPZgKA=; b=OSjgZd+/ES1wtYXVS/ZrV3WZfuC7n6ebIH9An6XHDgD+eLWaDG2O1/jbK8RLnV9/ZGssiz9g3AkGEFxVKbKlm4qMZw097pOp1ffXSLzkg/k5psnMwWDSw9qGvgjfeXfeXhM/uM296tvqo7d7l06/kjfSSsrIXgX0jbF6if+dvuk= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by MWHPR12MB1518.namprd12.prod.outlook.com (2603:10b6:301:b::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.14; Fri, 9 Mar 2018 08:36:00 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com Date: Fri, 9 Mar 2018 03:35:14 -0500 Message-Id: <1520584520-130522-14-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520584520-130522-1-git-send-email-Ravi1.kumar@amd.com> References: <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com> <1520584520-130522-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: MA1PR0101CA0050.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a00:20::12) To MWHPR12MB1518.namprd12.prod.outlook.com (2603:10b6:301:b::22) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 04d69db1-147f-4a7c-6c0d-08d58598ca0c X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:MWHPR12MB1518; X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 3:JD+GKsXksiPPa0Tvj3KXKXKFXLlNEs9eLOllIhD1HY5WU/JEWk9R31k8W3IrSsdC17ZJgoKs6whp0jKIJytDoYPnbhLaUcajypm3UqK0lScrR5zwZlr9CpmbdnNWhVRSmfitRWQ+Y8tabkDcUN6rxmrzGhcODQCv/E5mmMXEiUUTkE/KiO+X2U91L82OpmifKzw4Gmni6ASY3I/DJIKI6au3+LaaaN7qkdEdlY8i/kLORFACiIPRyRDnK4jJTPFq; 25:9LkCrEfO9L2qEeULKVOxto04MWtu6u8LuVOlzTRjN3eBf9PtCARmNv1znZhxF3rtgxfdFUt4ELRVxT/cXj65j85XlQH0nhqDNZNte1OhO/wEj3HxRP09zElMbSzUpDylPLcgwLjdxTmdp4WmiCVOxP6XmKjwVG7rpoX/rDydDPMF9ZGPT2UdN1w+FSKSZyyjth/bVXA+ei29kgRvSsjPvx+6P2C8axwUQAXjdWXlYmJsQv0QnLj7vOvBTuOML53QVVWVcGyLoZZ78uKukcohErDt45zEv2OA4f2kRGkdfULA4DitIBe+/7ENr2rV8tGmXckaaRWNULuOKUn1rvWmag==; 31:jiVOvyUtCiOQgMHf8Uk3inX9IZcmOMIkdQfvUJMmMimh0OLFGggs65eaYu7QT4arfLeaH//5aq+DxdFAMAuUcbKlkjys5rYkfyNlgFfB1nmMK4J2b35FhSPQ1xu+4UrgZWW5X6jwYABN1H15Ia+lYvEz6xUs9HBmVRL69qtImRQkT3BvVI0Vu4YBadvFapibscG10RRQ9NL8gxmhkVfU9T6iaVdkLt43n2fDUxLsilE= X-MS-TrafficTypeDiagnostic: MWHPR12MB1518: X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 20:3LicSeh2JrncZXJRXY9HKKjB6HWz/rCHd/OiDVuFMWbDLeYHlsdzmMdStO4MiJJrLj3W7zGjw0e8EJC1Fx9czcpF6LXTP5+7g74BsRy/JxvLfw/tn+pVzfQA4kLiYBQhGQtq4soF2zt0Ec//UZaMZzyWKk7dgcbMKmg4DN2mbLmE3+uQXvHDVZNnuO7tnfA0XLU2ya8DYLBjkBYIzU4d7gcCrkCOK/X6AOh3rLNHtgdu++jtJgnutlK4zUuZKSmEREQnOpZhsz5vZDbE61T5VgnfPaUAdYks5ltlTRKrMQn2A0pW9N+lGafubwkZQM156jY7SnGBb6959/LbEbFZM6plkb71DvTcFPzv2/0A1YWn/+42o3+sVX8lFwiOkYUmt1/zQQRIRXNxy46SSb5SxxfsbgaTiwXjJXWOZKqD3QSk4/++F4MTVVVvLGbub1okyfi7GG+uLJlM5p0oRL7L5Kq0Zrgfu6Kr9440405EqGzWRYglixB4w98SV70C9htX; 4:mvtot+PbeblR2VyEsZ/cTze1Lcg8VHLm6zobgXl6opp7UFaH0Sc6t2f3zoTTpp9wWWrl65xen66AdMcFLVSrhcQJGX1nxE0iTfmpx0IVLnanzXIMNJXsEQX1kzkLE0I/Oqn9fOD3ZSVRSIKKu2TaGR0jMefGtxVs54wM7MiYddJ6n4dwK3DiucwZK4B6dm4PEFehh3c/wcwOKIxgWoB3nMwj08Tla7a1xaWcoTetDOeID33uYSKRjqtrP+N5lEnSouvIwbhnX2wQQX8qY8Lqwl1jwkf5PRNWlSZNBCt41FtQY9T4/BPcRR8mpanlyNQQ X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(3231220)(944501244)(52105095)(10201501046)(93006095)(93001095)(6055026)(6041310)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:MWHPR12MB1518; BCL:0; PCL:0; RULEID:; SRVR:MWHPR12MB1518; X-Forefront-PRVS: 0606BBEB39 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39860400002)(39380400002)(396003)(366004)(376002)(346002)(199004)(189003)(16586007)(26005)(81156014)(16526019)(8676002)(186003)(81166006)(25786009)(7736002)(3846002)(386003)(305945005)(4326008)(6116002)(6666003)(316002)(86362001)(76176011)(52116002)(8936002)(51416003)(575784001)(50226002)(5660300001)(2906002)(2950100002)(6916009)(59450400001)(7696005)(36756003)(106356001)(105586002)(6486002)(68736007)(48376002)(97736004)(53416004)(2361001)(2351001)(53936002)(50466002)(478600001)(47776003)(66066001)(72206003); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR12MB1518; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; MWHPR12MB1518; 23:+SRXsMJfoPZmiLV0NA3D67k/p6vzPkSCDCLEgCFDR?= =?us-ascii?Q?iP3JtEVwRiG3BFtK7m34WfU3MGuX7yahZiMIm0JAixJTZNxUqipmc0erCcoK?= =?us-ascii?Q?EYFP2VyLUKqJR9SQljd9Ja7D3JBM9pV8D+ArYaKNhVaxOxvBp/sw5IMDv9lZ?= =?us-ascii?Q?dd844+QU5fRXwI0QnhxLKRN1/gZYxNLaekcckns8hXEBmv7wcSnqVnwfzQ6K?= =?us-ascii?Q?9A9WGVxNaVGY0yH3PF7CNYrIq6TF4nIYvlYbCJRe1n50tFbbb3P3vtrUgOxM?= =?us-ascii?Q?iZWUzevxMnDeDsGYZtQ6GKX7HqkvFadpYAc4Sox9zrDJ5WvOXVLCsHUWNf7G?= =?us-ascii?Q?RYJBjcbGcNN3MTU6h5UuWnNi/gOsyUuPG9aBfcI38zGQlB3qUdcZaLXVWr07?= =?us-ascii?Q?V+wZMfpQFr2Gr8eyg79byxtQFh50npa72Z3rP1uljIexubJR73VAnwxL/njk?= =?us-ascii?Q?4QY8Z11clV7/7iuXBF/KUJ6JR6b/rwz8TyVQ2pzsSe/lD59+ZF69RujXoozz?= =?us-ascii?Q?XuLjQfDwLQ8/VXbP6dNAULN1FzmP2WhlW5M2Oy8PJbjQ9txgAKcU9LIEXkN3?= =?us-ascii?Q?k5ELmgwWxwKQNurkoA3jnHx88tYYCAjyXqAPkoUZEbv/gFhC3aO4XQK0g9wv?= =?us-ascii?Q?07ddwruigAzczc0mcFCmwgtnyF7HnhPljOd7CoCWEOXQT03BETIpuY7NpF6i?= =?us-ascii?Q?4mzItreaHtcqqaX/udP6NLY6z81jQBL90VslvxfHqOKN5MzpwdTOp2RW4YkS?= =?us-ascii?Q?mM4DoHRyFzvVlo3xnGWQ+VB3/dYNNwYSyoPIppwos/pJFgCgf6srK07Dmw31?= =?us-ascii?Q?OBOXeeY9jXIaq25hgLB5VQu3DcGwgLEbMwAPdRBej2DBeobFxK8UUJeeGtms?= =?us-ascii?Q?g0ozO2SuEhpp3VLTGfputrS6R7c6TOj48BH5klBPmhYp3/5e6MJX7YgXJC6V?= =?us-ascii?Q?8QTo/lIgjb+1avC28PgRaAAym5tjr4e1qFJFp1dEU0XmIN+GcKLh49nvdJtc?= =?us-ascii?Q?LOiorATjX8ypKFGC+fsoM+b/BDyP2+Imx7a0B31cW6420ccjAaJR9twDvPnW?= =?us-ascii?Q?D4w1uxZ88ewJqTcFWeKT9j5HAc0O0x6nnvvz49tpsP5HE7NhYJNUmKKL/sRH?= =?us-ascii?Q?0vHouJL+o2wybReSSbxbREUeb91jcoAlnPvXNc4yHNz0KTGti7aaHW9jYX6y?= =?us-ascii?Q?gTdNzlOfLP480I0pOIhgGfr5sH6A80k+irR?= X-Microsoft-Antispam-Message-Info: 4ORCquM5LCmRTPohSekx699LufO37JvnepxfzI9tPq5bRKhGJ/4f3Xnq4ib1VMUWcbPFQplH2WuurAmpF8J8QnuUrbk+epxH3xEyNZ1cYvdj0eHDAzYtTpgQGlkoD5zOpRIQohCVfoVGy+eKPghNF343bLV8eOUDKCKlU4Wqb9vtndP9u60OPcvD2DHdo9+5 X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 6:rarb3GlcM8vkspvnBFUwZXYSj/mJIoT1DZTyuCae9MeAcfLzr25I75TLkl7KMi09nDPXkqZ9/qMEvg6jgvwFe8sy9A6V0LChq/cbwixHIGB/8UHNkh1Fr71GwizYoUtbG/kHMeKZHa046N7RJCNT7taIxJWRkswM4PPlLlLJgqjsIQdw6v5VjSOCV783AqOI4DWePQm+38BZ6NurFQWHUCBWKcZN9x53cS6LX9swVtJsWLA/1vJyDq0pdMLU217uhCCAXfmxrNjYX9yDXLf5FIcLXqchIUf6zpC64tmAGJc7Rfs2MffCCxlggt64eoSZYV951YDgqoOnwGYIMuULY81G9gDZ/2HzTRl4ZLi0jRY=; 5:NZ65ywcfEZt8W8eJT5geR1SBOXrB9mL5u6qLGkCz8pbN98Lq3gCNDiw1Le54hzJi/VNf8Q/skGkdrHX4I6yZBuaEacnIFjl6EZI3GgQNt5afeDNbzf87wEDBf8a7FIwDABAUID0zITWpoCW6LHFWghjXC5duw+56Ai3hu/4mbmc=; 24:Sb7ilMszxwD4bn/MjMfVSVVgixIV0DfAP5EQizV85jkBJFnIqbyr8NKu9LsIIEyGpGpExuLvVb8TVN5q1LfsOy07UeAcGcy1S1S/tzszWs0=; 7:TjndruRY7BWvOj87hpnPejDUJmU99W9t1LBS45jKgPVl9nPlj0F/ewSBoFF8KyyeKTqCHEIsqeXK6ztUeBmiuQW3P8C9ANsFi0hczd4FruhoQ2aqT6yVRCSp/TTyXo5JFcigoSmZOl03jQPfpvIPkIs2Q9JNLlRr0V8a++Pig1lx3AFFjTkzcU5NuyllEb+GihD1VE6NDlS3358FpVIfUDhb+urVgi3tRnLi29wPVjq4KRIgbPoaGaPA3z1e7vmn SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 20:45CocuhuZsDOC20lVVoCTr64ILI12NCuH5M3BcpCwn5K66Lp85k1TEDQXuEAZBhUUTGcEYcVXGXo5N9vvE4nJXPj61tbJi4X3r3piLOKasEGnKuf23jHc7+ezzTpRz9SrBbKGAdFnI9xzcjxwLUQwgGXMCuPSSjvQqpg5E0vBDGjYHMc9HRKwXSSVoTExQbBDqZ/WPoKyz9cd9JiEKEC4mNeH26e2CVQhhiOJ8JrP2BRQGMnCoKWIcM6afdi2k1f X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Mar 2018 08:36:00.5690 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 04d69db1-147f-4a7c-6c0d-08d58598ca0c X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1518 Subject: [dpdk-dev] [PATCH v4 14/20] crypto/ccp: support sha1 authentication algo X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Mar 2018 08:36:03 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 367 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 23 +++ drivers/crypto/ccp/ccp_pmd_ops.c | 42 +++++ 3 files changed, 432 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index ad9fa8e..c575dc1 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -36,6 +36,7 @@ #include #include #include +#include #include /*sub key apis*/ #include /*sub key apis*/ @@ -52,6 +53,14 @@ #include "ccp_pci.h" #include "ccp_pmd_private.h" +/* SHA initial context values */ +static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA1_H4, SHA1_H3, + SHA1_H2, SHA1_H1, + SHA1_H0, 0x0U, + 0x0U, 0x0U, +}; + static enum ccp_cmd_order ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) { @@ -76,6 +85,59 @@ ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) return res; } +/* partial hash using openssl */ +static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) +{ + SHA_CTX ctx; + + if (!SHA1_Init(&ctx)) + return -EFAULT; + SHA1_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); + return 0; +} + +static int generate_partial_hash(struct ccp_session *sess) +{ + + uint8_t ipad[sess->auth.block_size]; + uint8_t opad[sess->auth.block_size]; + uint8_t *ipad_t, *opad_t; + uint32_t *hash_value_be32, hash_temp32[8]; + int i, count; + + opad_t = ipad_t = (uint8_t *)sess->auth.key; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute); + + /* considering key size is always equal to block size of algorithm */ + for (i = 0; i < sess->auth.block_size; i++) { + ipad[i] = (ipad_t[i] ^ HMAC_IPAD_VALUE); + opad[i] = (opad_t[i] ^ HMAC_OPAD_VALUE); + } + + switch (sess->auth.algo) { + case CCP_AUTH_ALGO_SHA1_HMAC: + count = SHA1_DIGEST_SIZE >> 2; + + if (partial_hash_sha1(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha1(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + default: + CCP_LOG_ERR("Invalid auth algo"); + return -1; + } +} + /* prepare temporary keys K1 and K2 */ static void prepare_key(unsigned char *k, unsigned char *l, int bl) { @@ -260,6 +322,31 @@ ccp_configure_session_auth(struct ccp_session *sess, else sess->auth.op = CCP_AUTH_OP_VERIFY; switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_SHA1: + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.algo = CCP_AUTH_ALGO_SHA1; + sess->auth.ut.sha_type = CCP_SHA_TYPE_1; + sess->auth.ctx = (void *)ccp_sha1_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA1_HMAC: + if (auth_xform->key.length > SHA1_BLOCK_SIZE) + return -1; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.algo = CCP_AUTH_ALGO_SHA1_HMAC; + sess->auth.ut.sha_type = CCP_SHA_TYPE_1; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; + sess->auth.block_size = SHA1_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; case RTE_CRYPTO_AUTH_AES_CMAC: sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; sess->auth.engine = CCP_ENGINE_AES; @@ -453,6 +540,13 @@ ccp_auth_slot(struct ccp_session *session) int count = 0; switch (session->auth.algo) { + case CCP_AUTH_ALGO_SHA1: + count = 3; + /**< op + lsb passthrough cpy to/from*/ + break; + case CCP_AUTH_ALGO_SHA1_HMAC: + count = 6; + break; case CCP_AUTH_ALGO_AES_CMAC: count = 4; /** @@ -578,6 +672,271 @@ ccp_perform_passthru(struct ccp_passthru *pst, } static int +ccp_perform_hmac(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + + struct ccp_session *session; + union ccp_function function; + struct ccp_desc *desc; + uint32_t tail; + phys_addr_t src_addr, dest_addr, dest_addr_t; + struct ccp_passthru pst; + uint64_t auth_msg_bits; + void *append_ptr; + uint8_t *addr; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + addr = session->auth.pre_compute; + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr); + dest_addr_t = dest_addr; + + /** Load PHash1 to LSB*/ + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**sha engine command descriptor for IntermediateHash*/ + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + auth_msg_bits = (op->sym->auth.data.length + + session->auth.block_size) * 8; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Intermediate Hash value retrieve */ + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) { + + pst.src_addr = + (phys_addr_t)((cmd_q->sb_sha + 1) * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t; + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t + CCP_SB_BYTES; + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + } else { + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + } + + /** Load PHash2 to LSB*/ + addr += session->auth.ctx_len; + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**sha engine command descriptor for FinalHash*/ + dest_addr_t += session->auth.offset; + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = (session->auth.ctx_len - + session->auth.offset); + auth_msg_bits = (session->auth.block_size + + session->auth.ctx_len - + session->auth.offset) * 8; + + CCP_CMD_SRC_LO(desc) = (uint32_t)(dest_addr_t); + CCP_CMD_SRC_HI(desc) = high32_value(dest_addr_t); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Retrieve hmac output */ + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + else + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; + +} + +static int +ccp_perform_sha(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + struct ccp_session *session; + union ccp_function function; + struct ccp_desc *desc; + uint32_t tail; + phys_addr_t src_addr, dest_addr; + struct ccp_passthru pst; + void *append_ptr; + uint64_t auth_msg_bits; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + + append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr); + + /** Passthru sha context*/ + + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *) + session->auth.ctx); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**prepare sha command descriptor*/ + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + auth_msg_bits = op->sym->auth.data.length * 8; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Hash value retrieve */ + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + else + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; + +} + +static int ccp_perform_aes_cmac(struct rte_crypto_op *op, struct ccp_queue *cmd_q) { @@ -1143,6 +1502,14 @@ ccp_crypto_auth(struct rte_crypto_op *op, ccp_cryptodev_driver_id); switch (session->auth.algo) { + case CCP_AUTH_ALGO_SHA1: + result = ccp_perform_sha(op, cmd_q); + b_info->desccnt += 3; + break; + case CCP_AUTH_ALGO_SHA1_HMAC: + result = ccp_perform_hmac(op, cmd_q); + b_info->desccnt += 6; + break; case CCP_AUTH_ALGO_AES_CMAC: result = ccp_perform_aes_cmac(op, cmd_q); b_info->desccnt += 4; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index d528ec9..42179de 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -60,9 +60,32 @@ #define CCP_DES_ENCRYPT(p) ((p)->des.encrypt) #define CCP_DES_MODE(p) ((p)->des.mode) #define CCP_DES_TYPE(p) ((p)->des.type) +#define CCP_SHA_TYPE(p) ((p)->sha.type) #define CCP_PT_BYTESWAP(p) ((p)->pt.byteswap) #define CCP_PT_BITWISE(p) ((p)->pt.bitwise) +/* HMAC */ +#define HMAC_IPAD_VALUE 0x36 +#define HMAC_OPAD_VALUE 0x5c + +#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH +#define MD5_DIGEST_SIZE 16 +#define MD5_BLOCK_SIZE 64 +#endif + +/* SHA */ +#define SHA_COMMON_DIGEST_SIZE 32 +#define SHA1_DIGEST_SIZE 20 +#define SHA1_BLOCK_SIZE 64 + +/* SHA LSB intialiazation values */ + +#define SHA1_H0 0x67452301UL +#define SHA1_H1 0xefcdab89UL +#define SHA1_H2 0x98badcfeUL +#define SHA1_H3 0x10325476UL +#define SHA1_H4 0xc3d2e1f0UL + /** * CCP supported AES modes */ diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 24f577a..6adef1c 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -39,6 +39,48 @@ #include "ccp_crypto.h" static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { + { /* SHA1 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA1 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /*AES-CMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4