From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 20339A2EDB for ; Mon, 30 Sep 2019 17:00:05 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id D71C71BF41; Mon, 30 Sep 2019 16:57:49 +0200 (CEST) Received: from inva021.nxp.com (inva021.nxp.com [92.121.34.21]) by dpdk.org (Postfix) with ESMTP id 205051BEC9 for ; Mon, 30 Sep 2019 16:56:41 +0200 (CEST) Received: from inva021.nxp.com (localhost [127.0.0.1]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 01213200238; Mon, 30 Sep 2019 16:56:41 +0200 (CEST) Received: from invc005.ap-rdc01.nxp.com (invc005.ap-rdc01.nxp.com [165.114.16.14]) by inva021.eu-rdc02.nxp.com (Postfix) with ESMTP id 3D9AC200A4F; Mon, 30 Sep 2019 16:56:38 +0200 (CEST) Received: from GDB1.ap.freescale.net (GDB1.ap.freescale.net [10.232.132.179]) by invc005.ap-rdc01.nxp.com (Postfix) with ESMTP id B0F2F402C7; Mon, 30 Sep 2019 22:56:34 +0800 (SGT) From: Akhil Goyal To: dev@dpdk.org Cc: aconole@redhat.com, anoobj@marvell.com, Vakul Garg , Hemant Agrawal Date: Mon, 30 Sep 2019 20:10:59 +0530 Message-Id: <20190930144104.12742-20-akhil.goyal@nxp.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190930144104.12742-1-akhil.goyal@nxp.com> References: <20190930115237.5073-1-akhil.goyal@nxp.com> <20190930144104.12742-1-akhil.goyal@nxp.com> X-Virus-Scanned: ClamAV using ClamSMTP Subject: [dpdk-dev] [PATCH v3 19/24] crypto/dpaa2_sec/hw: support ZUCE and ZUCA X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Vakul Garg This patch add support for ZUC Encryption and ZUC Authentication. Before passing to CAAM, the 16-byte ZUCA IV is converted to 8-byte format which consists of 38-bits of count||bearer|direction. Signed-off-by: Vakul Garg Signed-off-by: Hemant Agrawal Acked-by: Akhil Goyal --- drivers/crypto/dpaa2_sec/hw/desc/algo.h | 136 +++++++++++++++++++++++- 1 file changed, 132 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/dpaa2_sec/hw/desc/algo.h b/drivers/crypto/dpaa2_sec/hw/desc/algo.h index 4316ca15e..32ce787fa 100644 --- a/drivers/crypto/dpaa2_sec/hw/desc/algo.h +++ b/drivers/crypto/dpaa2_sec/hw/desc/algo.h @@ -17,6 +17,103 @@ * Shared descriptors for algorithms (i.e. not for protocols). */ +/** + * cnstr_shdsc_zuce - ZUC Enc (EEA2) as a shared descriptor + * @descbuf: pointer to descriptor-under-construction buffer + * @ps: if 36/40bit addressing is desired, this parameter must be true + * @swap: must be true when core endianness doesn't match SEC endianness + * @cipherdata: pointer to block cipher transform definitions + * @dir: Cipher direction (DIR_ENC/DIR_DEC) + * + * Return: size of descriptor written in words or negative number on error + */ +static inline int +cnstr_shdsc_zuce(uint32_t *descbuf, bool ps, bool swap, + struct alginfo *cipherdata, uint8_t dir) +{ + struct program prg; + struct program *p = &prg; + + PROGRAM_CNTXT_INIT(p, descbuf, 0); + if (swap) + PROGRAM_SET_BSWAP(p); + + if (ps) + PROGRAM_SET_36BIT_ADDR(p); + SHR_HDR(p, SHR_ALWAYS, 1, 0); + + KEY(p, KEY1, cipherdata->key_enc_flags, cipherdata->key, + cipherdata->keylen, INLINE_KEY(cipherdata)); + + SEQLOAD(p, CONTEXT1, 0, 16, 0); + + MATHB(p, SEQINSZ, SUB, MATH2, VSEQINSZ, 4, 0); + MATHB(p, SEQINSZ, SUB, MATH2, VSEQOUTSZ, 4, 0); + ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCE, OP_ALG_AAI_F8, + OP_ALG_AS_INITFINAL, 0, dir); + SEQFIFOLOAD(p, MSG1, 0, VLF | LAST1); + SEQFIFOSTORE(p, MSG, 0, 0, VLF); + + return PROGRAM_FINALIZE(p); +} + +/** + * cnstr_shdsc_zuca - ZUC Auth (EIA2) as a shared descriptor + * @descbuf: pointer to descriptor-under-construction buffer + * @ps: if 36/40bit addressing is desired, this parameter must be true + * @swap: must be true when core endianness doesn't match SEC endianness + * @authdata: pointer to authentication transform definitions + * @chk_icv: Whether to compare and verify ICV (true/false) + * @authlen: size of digest + * + * The IV prepended before hmac payload must be 8 bytes consisting + * of COUNT||BEAERER||DIR. The COUNT is of 32-bits, bearer is of 5 bits and + * direction is of 1 bit - totalling to 38 bits. + * + * Return: size of descriptor written in words or negative number on error + */ +static inline int +cnstr_shdsc_zuca(uint32_t *descbuf, bool ps, bool swap, + struct alginfo *authdata, uint8_t chk_icv, + uint32_t authlen) +{ + struct program prg; + struct program *p = &prg; + int dir = chk_icv ? DIR_DEC : DIR_ENC; + + PROGRAM_CNTXT_INIT(p, descbuf, 0); + if (swap) + PROGRAM_SET_BSWAP(p); + + if (ps) + PROGRAM_SET_36BIT_ADDR(p); + SHR_HDR(p, SHR_ALWAYS, 1, 0); + + KEY(p, KEY2, authdata->key_enc_flags, authdata->key, + authdata->keylen, INLINE_KEY(authdata)); + + SEQLOAD(p, CONTEXT2, 0, 8, 0); + + if (chk_icv == ICV_CHECK_ENABLE) + MATHB(p, SEQINSZ, SUB, authlen, VSEQINSZ, 4, IMMED2); + else + MATHB(p, SEQINSZ, SUB, ZERO, VSEQINSZ, 4, 0); + + ALG_OPERATION(p, OP_ALG_ALGSEL_ZUCA, OP_ALG_AAI_F9, + OP_ALG_AS_INITFINAL, chk_icv, dir); + + SEQFIFOLOAD(p, MSG2, 0, VLF | CLASS2 | LAST2); + + if (chk_icv == ICV_CHECK_ENABLE) + SEQFIFOLOAD(p, ICV2, authlen, LAST2); + else + /* Save lower half of MAC out into a 32-bit sequence */ + SEQSTORE(p, CONTEXT2, 0, authlen, 0); + + return PROGRAM_FINALIZE(p); +} + + /** * cnstr_shdsc_snow_f8 - SNOW/f8 (UEA2) as a shared descriptor * @descbuf: pointer to descriptor-under-construction buffer @@ -58,11 +155,43 @@ cnstr_shdsc_snow_f8(uint32_t *descbuf, bool ps, bool swap, } /** - * conv_to_snow_f9_iv - SNOW/f9 (UIA2) IV 16bit to 12 bit convert + * conv_to_zuc_eia_iv - ZUCA IV 16-byte to 8-byte convert + * function for 3G. + * @iv: 16 bytes of original IV data. + * + * From the original IV, we extract 32-bits of COUNT, + * 5-bits of bearer and 1-bit of direction. + * Refer to CAAM refman for ZUCA IV format. Then these values are + * appended as COUNT||BEARER||DIR continuously to make a 38-bit block. + * This 38-bit block is copied left justified into 8-byte array used as + * converted IV. + * + * Return: 8-bytes of IV data as understood by SEC HW + */ + +static inline uint8_t *conv_to_zuc_eia_iv(uint8_t *iv) +{ + uint8_t dir = (iv[14] & 0x80) ? 4 : 0; + + iv[12] = iv[4] | dir; + iv[13] = 0; + iv[14] = 0; + iv[15] = 0; + + iv[8] = iv[0]; + iv[9] = iv[1]; + iv[10] = iv[2]; + iv[11] = iv[3]; + + return (iv + 8); +} + +/** + * conv_to_snow_f9_iv - SNOW/f9 (UIA2) IV 16 byte to 12 byte convert * function for 3G. - * @iv: 16 bit original IV data + * @iv: 16 byte original IV data * - * Return: 12 bit IV data as understood by SEC HW + * Return: 12 byte IV data as understood by SEC HW */ static inline uint8_t *conv_to_snow_f9_iv(uint8_t *iv) @@ -93,7 +222,6 @@ static inline uint8_t *conv_to_snow_f9_iv(uint8_t *iv) * @ps: if 36/40bit addressing is desired, this parameter must be true * @swap: must be true when core endianness doesn't match SEC endianness * @authdata: pointer to authentication transform definitions - * @dir: cipher direction (DIR_ENC/DIR_DEC) * @chk_icv: check or generate ICV value * @authlen: size of digest * -- 2.17.1