From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0089.outbound.protection.outlook.com [104.47.41.89]) by dpdk.org (Postfix) with ESMTP id F0DF11B015 for ; Mon, 19 Mar 2018 13:24:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=03RmM8A88u/F1S2A5Wy0U1NDWD1v7+SZWhLQg0FtJW4=; b=N8gwn6zobKwlphKAgBmkZdBWLrAxa3eBnzMgKzKpuRchlItfiBjHnH9rGgMgyfLpojdDz39jXjQjWNZLbG7790AYAkPDAgryRxPxmj/Ob9U1AXH6KcZY6dFycFbZtxMoHJWlM2VIzzEMClN7hyociQf/Lz0gmadf7Y0dmLrt9xE= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by BN6PR12MB1505.namprd12.prod.outlook.com (10.172.24.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.588.14; Mon, 19 Mar 2018 12:24:43 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com, hemant.agrawal@nxp.com Date: Mon, 19 Mar 2018 08:23:49 -0400 Message-Id: <1521462233-13590-15-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1521462233-13590-1-git-send-email-Ravi1.kumar@amd.com> References: <1520584520-130522-1-git-send-email-Ravi1.kumar@amd.com> <1521462233-13590-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: MAXPR0101CA0025.INDPRD01.PROD.OUTLOOK.COM (10.174.62.139) To BN6PR12MB1505.namprd12.prod.outlook.com (10.172.24.146) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: bc322b24-22b3-49ff-887a-08d58d94660b X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BN6PR12MB1505; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1505; 3:lVdpwrTJxYMGONmNLk2bRY0B0giUecGHPfwHGyyAsPxHf7vW98/8AiZkhVR2S5eAUa1pr5J9dMiHKH63hexm+QjK4wC5bzd1NJh3tzBF7Xt2Jo8gsV6aOnfEtSdeCvrLfZtgT3rekmMtwaub6ic8oBeGhID6qrDR4U55oo3mRk5qgGBmCvHJmcMoQhN5ym49dOn/oq5TNeMpLWoO43Ny2ATOjJWlliWiOApWA0nQwbgN5IiITkeRuLd989WizO8C; 25:kg22Kz2Iohc52fx7Vnp1MgToKY/uGeToAvLmCtl3SpGCYc8hBT+ouBMgeOKVkzx5vAQWYz65Ju7BdYLuCIM+kMaUVrFbE1vAjF7ayXQ2aYfGDeEglTlyBG/RJTqBqJEvzGxFpcQ0abNYDH7gpDc6AqFs7Y/xfbAhXo3UdTj29ZsEN+ix9MYPXAi+nMPDWr4ADAyk0LcQ/ZH1REpjPPz7wLwcZeSueZSpUvqJWP5CmF1M/cjAzm5VzENZG9vG6KPxGTWvreGOvy2jDSB+grgxVZvB6cUoUXjG7Mg44T0IYYBj1kFe6bu4/pqhvLFKte+fgwBETccjhxX03dvw3jSvxg==; 31:LsuArNEzKq/2Fo1YvaphkKMTCh0YNTjkSiEqLkCjqs/fQkNZcpXOlYqE70EiSVTRMucoNrHSft1tnvNFLjm4B6VUNeYfxqa5P0fxMZQsqbV9tVnzkNiri+3YjjyidBliCglaFekBIg9YNCa85avmJjuXE7SqIT76llStJKbv8vENxK+fUtqw+ozuM2U7EWwWzDXAEsB5+pH25WddYtEPhuWcpfN903LmzF1UsXrp36g= X-MS-TrafficTypeDiagnostic: BN6PR12MB1505: X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1505; 20:STEzJ1ZIYpqnsnoZJA0b7lS2wifvN6J9yFxWgvhtjWIEIrsIw1QKrz3BO+2hGp53vdOIbWWMVPHnwdS7fmLY34UjO0+srIX4/FKjfYGqWtgxirMfdCzP0UcIB99XlD44QxeCPncAYL9uRhdtiXhSNOMXSsfJQvKoo8v1W+5/zgZW9Y3Nc7DvO26znwR9s1zEI49EkkSMdSRgI+IFT82+RW9Inave1HOFC8185d3UMe/4oBBtJVyDH16GcICkg/XJzp+l44pYHXtDF5xlX2Mx+3K6po5tDs1Vja2iXpUI+EIMGpqTY0vheCuwzQ6dMWrFcgh5Iwz2C57+0tZ3OIoOx636HJASFbDJtVjZGT3xMNmIE2gU+rcIx2h5v+u9ukxMO8xcEJUy3ESIQYyo3Dxk077r5jevmJber3yz07CPd5xHl2ccToo6g2hubLT73vKsBWikIgHwB3kMjZbIfHwSYWjXkubV56o/4b1auWNXusGz1MHIW6DwRK4LBgJzh4K4; 4:DmoUVQqrvz8KyWgbLrWa+3sh0vBg4ooJWEa/nZf1KhezF1NTWEfBzlf0nmtDS5RWJtf3KhjJjXgNiXUUXMhFuQsj2ORA92EX+ECEl6b1rLcTlU90L/9/u3drUL8QPaj6bcO1H+lSUYcM1vKLDrlPbjvLILDb74LxsA0Bu7DqfKx5mz20+HkiS7Nx24SaEuhid/wAjVdjWQujmkqeowDAUtXW5YQNl8OyvTNw/OTkWw2mqdLNC5d01yjqtb9zgC54nwQ6A/ahkX08TIMrHWTrouPQ0HtcjBTPSvEBcBoUYuDzdO13YqFm2iWfTkJqG6Up X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231221)(944501300)(52105095)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041310)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(6072148)(201708071742011); SRVR:BN6PR12MB1505; BCL:0; PCL:0; RULEID:; SRVR:BN6PR12MB1505; X-Forefront-PRVS: 06167FAD59 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(396003)(39380400002)(39860400002)(346002)(376002)(366004)(199004)(189003)(97736004)(105586002)(2361001)(2351001)(72206003)(48376002)(4326008)(50226002)(76176011)(59450400001)(8676002)(26005)(316002)(8936002)(53936002)(106356001)(16586007)(186003)(7696005)(51416003)(16526019)(52116002)(386003)(81166006)(81156014)(8656006)(25786009)(575784001)(66066001)(68736007)(86362001)(47776003)(6486002)(5660300001)(7736002)(53416004)(6116002)(305945005)(3846002)(478600001)(2950100002)(36756003)(6916009)(2906002)(50466002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR12MB1505; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR12MB1505; 23:0bUeRJBWypwSFxp8HjdrymMshQhmsBkOq0ArfB5aC?= =?us-ascii?Q?l3EvK7cRympO5WHwOV3iVqr8MtM3rvZNZkWPZpo7iEVHWycpq3stkKDD8SYi?= =?us-ascii?Q?CCKRRMsx10lq7mUNTbmZftbsk7cVETCvy9Jb0xFlH9hwgkzkM6IcXLdKcRd0?= =?us-ascii?Q?ZmPZg/2wigDj82V2OTn+U5RDTuRUUfiRri0Y0HwvabUsr/3EZfTcsAP+mRR2?= =?us-ascii?Q?tip879YnLtp6vR595HTZk2aFNSc4flEZ7qoifePPDkc2345pCtYGh+p5jGUC?= =?us-ascii?Q?/TX1AroM3lK13B85Jg4g/uEmlkJra0OE03fi9UB79/kgV5xpREP/bKxCCH7T?= =?us-ascii?Q?z9Cq6HiMstsTnsZNV6Huo0ssA8iCyzY0FHNITydQf0VdvsRj/ensK2YGWNK4?= =?us-ascii?Q?G9+UnOAN7wJEXRWFX63uBC6KZ3tgyFFjmPGXviUNBkxJb7IjKZmYTttwYrkT?= =?us-ascii?Q?kJHK0FI1m6xTmktBdIBk9RncPLC9zkqEOtHKmDtWLWeown195LDJojfx9FVd?= =?us-ascii?Q?2zUyaHMRPyv5IkPGy0jJqShyChmdCEjxPskM24tOlw9JUxVW8yEmrjfwoTVN?= =?us-ascii?Q?AIyx8eI3KF48dFSCxRe2u7y8tLEnSrPOdgqMQMGiKqFRU9AMQVxWUuUOgWkZ?= =?us-ascii?Q?UBuOCBnia7giN7zhsDNtNqBysgCQHKbBn759vdQ4VxvuprqZCiz5WyA0pSyL?= =?us-ascii?Q?utcafBmV5nJSdSyqX1Rb4b2sm0msO14AKBUHv8P7lMwrv9znTQFTk8MkvnCV?= =?us-ascii?Q?V9U0zKauoGprPjpLUp9v4o/+v+vOtcTakX1fNSG9RAEZylz1oqZyw8kSieer?= =?us-ascii?Q?I4HE8uTIhKU6qrf51Mo7+bBYCPy6G+lg+993JYw63dSAfHLcKZvB5wXVnF6c?= =?us-ascii?Q?1VU4UyBhpDkmdamxv9QE8mt8yD+aAtGPuX4yL71cPnXu3OpAxnQ65udxUzeS?= =?us-ascii?Q?/UQButUHicwpY1evrfPSAPMeFaPoHi2031b6J4fkMzb0PqPWk5nBWnXCB6lI?= =?us-ascii?Q?k9S1WDmpBdWk+C+cMmzVaKGPQjfph/UV2VN/aSagh8MQ65RZr0n6ucaMJM7j?= =?us-ascii?Q?WpxOxUC/4rrOP+4TwUykG3aPS4LKg7Gi3XxM5MsBdru/L0mkQThOjmz+lryp?= =?us-ascii?Q?WZH6F8OKeN+3OxJUhodMlptrvVPKz5ij0sBuO7Tk4EZhhKXUQQO7BDeNWhHT?= =?us-ascii?Q?fWvOoA/HT/rdMaibGznHU5OAnG4/cq6q8yc?= X-Microsoft-Antispam-Message-Info: zpgT7oA44eVbjxpIjbdObxkfgb2pvcvwivzyjyVcV2bvQSHwDmsTRto5yREo8EPPcj3NSdEtp1InEmDoXqlL01yU62TppqRollgAGs9H5WauBiu9NngnW1TQM6Vu6STJgsEi84wjMKl4frRS6fBXr5vCsnHwcDf/tT5NkLDTAGEdMgUpv7Uw6uov2TvyKqY9 X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1505; 6:fQoxF2h2wfKPCCmRELOAPJOtnnQXvbG3OoWJI9WpR4Fa1CCRoEJJX6gaNdE8jUxIao/v33wNhYViXGs3gn+pg4zmpz3n5pX8524smq8Jo2/RYyQEy/DeE9yj66kvs+2sHzhhq3mHERFp1yNzgWKvkVi8U1G8txeBPiQk/pKpM7BSjvq2XW+ycpfXzu2JAFK/RiCZDrEyGzQZpEeDliCx3op7zHVFWZEs6xG+CsBFf2w9oxroIT4ern2ZLdR007P9qB8jbd/4VKSp5geB5ZvA44Van/0rtYVuqfoOqUGnF4Y+4J+P2JJzpZIZ4Q7PDDOcDq3AJd4mtQSrGaZTUMee/FZn8kQdrZ7YW6UkC5/Fu78=; 5:oUoC2fkibn0g4KJuv3DeND0FAHrsc7+Gzs2E6dBjrf5Tq0aSq6pXE3JvuZ10Xqwy8p+q6as6H2t+flFqWVNGiBKcljubE/L2rCYXa91emZqOHG6wbJo/nYYvPMaYtSRpAvQVRB6LLazKzzBVySdYaEQCHjv09y87OwqbE1F7rqI=; 24:UPAKEPuVVdqW4z2MRY0I1PtfT3EtysrtNCM2uuBtTF7IHKFtNPULDbH8nMKZQfboRjIWtLl880VfMNPNs1MMvHAXQiVXFPmmH0OcVwLPkIc=; 7:xYbAUouOJHtLs04XFDk4+Ldy+0XZdA+voY1JeLQ4KXAvXedpUUkmhT1CpoKXc1zlgLkuhCiKg765sLLCQOV5qZaCJjV/D9W2IFrKSq5v7SauePDZG/dw/pMc2R0fa6iLZBCNH8cAC0XiI25Y42pj/yyum0njrD8lQktSEJOeXpTkC0WbcACNk6TAoti4IcHt754yzRYRTd2CN/ldaCssMdwtJLXRH5CW5JE0Cs9Gc03XNUD181QaC1pjlXMj68uQ SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1505; 20:9RhMXDaJjg+1eHpua21rRGeRZeqpqEzYLNejvEfTmSvQUfi02xsqSN9XThNqseYhs0MIHNnWIyJgmWtkpsKl6dXFZzi8e21BP1gPObVQGYCC77qqZb/7lttStowVx4dacMT7phdIHxq5ORiSAnCohSZweiMwOauR085/SvuwHHHFdHJsNKY99zd9jFOltyCoFf4i7ucD9JWUmAau3O4Rco938HHZrscpqoiYhrmyznbSoKpH1X5UFZqdyoOohyen X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Mar 2018 12:24:43.6660 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bc322b24-22b3-49ff-887a-08d58d94660b X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1505 Subject: [dpdk-dev] [PATCH v5 15/19] crypto/ccp: support sha2 family authentication algo X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2018 12:24:47 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 270 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 48 +++++++ drivers/crypto/ccp/ccp_pmd_ops.c | 168 ++++++++++++++++++++++++ 3 files changed, 486 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index 517c284..8b26ad3 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -35,6 +35,34 @@ static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { 0x0U, 0x0U, }; +uint32_t ccp_sha224_init[SHA256_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA224_H7, SHA224_H6, + SHA224_H5, SHA224_H4, + SHA224_H3, SHA224_H2, + SHA224_H1, SHA224_H0, +}; + +uint32_t ccp_sha256_init[SHA256_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA256_H7, SHA256_H6, + SHA256_H5, SHA256_H4, + SHA256_H3, SHA256_H2, + SHA256_H1, SHA256_H0, +}; + +uint64_t ccp_sha384_init[SHA512_DIGEST_SIZE / sizeof(uint64_t)] = { + SHA384_H7, SHA384_H6, + SHA384_H5, SHA384_H4, + SHA384_H3, SHA384_H2, + SHA384_H1, SHA384_H0, +}; + +uint64_t ccp_sha512_init[SHA512_DIGEST_SIZE / sizeof(uint64_t)] = { + SHA512_H7, SHA512_H6, + SHA512_H5, SHA512_H4, + SHA512_H3, SHA512_H2, + SHA512_H1, SHA512_H0, +}; + static enum ccp_cmd_order ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) { @@ -71,6 +99,54 @@ static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) return 0; } +static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) +{ + SHA256_CTX ctx; + + if (!SHA224_Init(&ctx)) + return -EFAULT; + SHA256_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA256_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) +{ + SHA256_CTX ctx; + + if (!SHA256_Init(&ctx)) + return -EFAULT; + SHA256_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA256_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) +{ + SHA512_CTX ctx; + + if (!SHA384_Init(&ctx)) + return -EFAULT; + SHA512_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA512_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) +{ + SHA512_CTX ctx; + + if (!SHA512_Init(&ctx)) + return -EFAULT; + SHA512_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA512_DIGEST_LENGTH); + return 0; +} + static int generate_partial_hash(struct ccp_session *sess) { @@ -78,11 +154,13 @@ static int generate_partial_hash(struct ccp_session *sess) uint8_t opad[sess->auth.block_size]; uint8_t *ipad_t, *opad_t; uint32_t *hash_value_be32, hash_temp32[8]; + uint64_t *hash_value_be64, hash_temp64[8]; int i, count; opad_t = ipad_t = (uint8_t *)sess->auth.key; hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute); + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute); /* considering key size is always equal to block size of algorithm */ for (i = 0; i < sess->auth.block_size; i++) { @@ -106,6 +184,66 @@ static int generate_partial_hash(struct ccp_session *sess) for (i = 0; i < count; i++, hash_value_be32++) *hash_value_be32 = hash_temp32[count - 1 - i]; return 0; + case CCP_AUTH_ALGO_SHA224_HMAC: + count = SHA256_DIGEST_SIZE >> 2; + + if (partial_hash_sha224(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha224(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA256_HMAC: + count = SHA256_DIGEST_SIZE >> 2; + + if (partial_hash_sha256(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha256(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA384_HMAC: + count = SHA512_DIGEST_SIZE >> 3; + + if (partial_hash_sha384(ipad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha384(opad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA512_HMAC: + count = SHA512_DIGEST_SIZE >> 3; + + if (partial_hash_sha512(ipad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha512(opad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + return 0; default: CCP_LOG_ERR("Invalid auth algo"); return -1; @@ -321,6 +459,107 @@ ccp_configure_session_auth(struct ccp_session *sess, if (generate_partial_hash(sess)) return -1; break; + case RTE_CRYPTO_AUTH_SHA224: + sess->auth.algo = CCP_AUTH_ALGO_SHA224; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_224; + sess->auth.ctx = (void *)ccp_sha224_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA224_HMAC: + if (auth_xform->key.length > SHA224_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA224_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_224; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; + sess->auth.block_size = SHA224_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA256: + sess->auth.algo = CCP_AUTH_ALGO_SHA256; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_256; + sess->auth.ctx = (void *)ccp_sha256_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA256_HMAC: + if (auth_xform->key.length > SHA256_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA256_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_256; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; + sess->auth.block_size = SHA256_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA384: + sess->auth.algo = CCP_AUTH_ALGO_SHA384; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_384; + sess->auth.ctx = (void *)ccp_sha384_init; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA384_HMAC: + if (auth_xform->key.length > SHA384_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA384_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_384; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; + sess->auth.block_size = SHA384_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA512: + sess->auth.algo = CCP_AUTH_ALGO_SHA512; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_512; + sess->auth.ctx = (void *)ccp_sha512_init; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA512_HMAC: + if (auth_xform->key.length > SHA512_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA512_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_512; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; + sess->auth.block_size = SHA512_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; sess->auth.engine = CCP_ENGINE_AES; @@ -515,12 +754,32 @@ ccp_auth_slot(struct ccp_session *session) switch (session->auth.algo) { case CCP_AUTH_ALGO_SHA1: + case CCP_AUTH_ALGO_SHA224: + case CCP_AUTH_ALGO_SHA256: + case CCP_AUTH_ALGO_SHA384: + case CCP_AUTH_ALGO_SHA512: count = 3; /**< op + lsb passthrough cpy to/from*/ break; case CCP_AUTH_ALGO_SHA1_HMAC: + case CCP_AUTH_ALGO_SHA224_HMAC: + case CCP_AUTH_ALGO_SHA256_HMAC: count = 6; break; + case CCP_AUTH_ALGO_SHA384_HMAC: + case CCP_AUTH_ALGO_SHA512_HMAC: + count = 7; + /** + * 1. Load PHash1 = H(k ^ ipad); to LSB + * 2. generate IHash = H(hash on meassage with PHash1 + * as init values); + * 3. Retrieve IHash 2 slots for 384/512 + * 4. Load Phash2 = H(k ^ opad); to LSB + * 5. generate FHash = H(hash on Ihash with Phash2 + * as init value); + * 6. Retrieve HMAC output from LSB to host memory + */ + break; case CCP_AUTH_ALGO_AES_CMAC: count = 4; /** @@ -1477,13 +1736,24 @@ ccp_crypto_auth(struct rte_crypto_op *op, switch (session->auth.algo) { case CCP_AUTH_ALGO_SHA1: + case CCP_AUTH_ALGO_SHA224: + case CCP_AUTH_ALGO_SHA256: + case CCP_AUTH_ALGO_SHA384: + case CCP_AUTH_ALGO_SHA512: result = ccp_perform_sha(op, cmd_q); b_info->desccnt += 3; break; case CCP_AUTH_ALGO_SHA1_HMAC: + case CCP_AUTH_ALGO_SHA224_HMAC: + case CCP_AUTH_ALGO_SHA256_HMAC: result = ccp_perform_hmac(op, cmd_q); b_info->desccnt += 6; break; + case CCP_AUTH_ALGO_SHA384_HMAC: + case CCP_AUTH_ALGO_SHA512_HMAC: + result = ccp_perform_hmac(op, cmd_q); + b_info->desccnt += 7; + break; case CCP_AUTH_ALGO_AES_CMAC: result = ccp_perform_aes_cmac(op, cmd_q); b_info->desccnt += 4; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index aa4787a..e4b6445 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -52,6 +52,18 @@ #define SHA1_DIGEST_SIZE 20 #define SHA1_BLOCK_SIZE 64 +#define SHA224_DIGEST_SIZE 28 +#define SHA224_BLOCK_SIZE 64 + +#define SHA256_DIGEST_SIZE 32 +#define SHA256_BLOCK_SIZE 64 + +#define SHA384_DIGEST_SIZE 48 +#define SHA384_BLOCK_SIZE 128 + +#define SHA512_DIGEST_SIZE 64 +#define SHA512_BLOCK_SIZE 128 + /* SHA LSB intialiazation values */ #define SHA1_H0 0x67452301UL @@ -60,6 +72,42 @@ #define SHA1_H3 0x10325476UL #define SHA1_H4 0xc3d2e1f0UL +#define SHA224_H0 0xc1059ed8UL +#define SHA224_H1 0x367cd507UL +#define SHA224_H2 0x3070dd17UL +#define SHA224_H3 0xf70e5939UL +#define SHA224_H4 0xffc00b31UL +#define SHA224_H5 0x68581511UL +#define SHA224_H6 0x64f98fa7UL +#define SHA224_H7 0xbefa4fa4UL + +#define SHA256_H0 0x6a09e667UL +#define SHA256_H1 0xbb67ae85UL +#define SHA256_H2 0x3c6ef372UL +#define SHA256_H3 0xa54ff53aUL +#define SHA256_H4 0x510e527fUL +#define SHA256_H5 0x9b05688cUL +#define SHA256_H6 0x1f83d9abUL +#define SHA256_H7 0x5be0cd19UL + +#define SHA384_H0 0xcbbb9d5dc1059ed8ULL +#define SHA384_H1 0x629a292a367cd507ULL +#define SHA384_H2 0x9159015a3070dd17ULL +#define SHA384_H3 0x152fecd8f70e5939ULL +#define SHA384_H4 0x67332667ffc00b31ULL +#define SHA384_H5 0x8eb44a8768581511ULL +#define SHA384_H6 0xdb0c2e0d64f98fa7ULL +#define SHA384_H7 0x47b5481dbefa4fa4ULL + +#define SHA512_H0 0x6a09e667f3bcc908ULL +#define SHA512_H1 0xbb67ae8584caa73bULL +#define SHA512_H2 0x3c6ef372fe94f82bULL +#define SHA512_H3 0xa54ff53a5f1d36f1ULL +#define SHA512_H4 0x510e527fade682d1ULL +#define SHA512_H5 0x9b05688c2b3e6c1fULL +#define SHA512_H6 0x1f83d9abfb41bd6bULL +#define SHA512_H7 0x5be0cd19137e2179ULL + /** * CCP supported AES modes */ diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 13f6820..c5fd3ed 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -55,6 +55,174 @@ static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { }, } }, } }, + { /* SHA224 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA224 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA256 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA256 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA384 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA384 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 128, + .increment = 1 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA512 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA512 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 128, + .increment = 1 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /*AES-CMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4