From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 52BFEA057B; Tue, 14 Apr 2020 14:26:35 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 262C21C1C4; Tue, 14 Apr 2020 14:26:34 +0200 (CEST) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 406491C1B7 for ; Tue, 14 Apr 2020 14:26:32 +0200 (CEST) IronPort-SDR: OEBlS3QuQI/PkK1VwSNzPo30TZrASK+nCRJFZ2GRJ0Fzy9AiJsvNJZjdfGTBsHsHPaYfhprXBI JRKZGHJ7hIxw== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Apr 2020 05:26:31 -0700 IronPort-SDR: 9J/vqBB14y2uum1cwb3TnTW0uk1/2jeFT7EVbmkt4IUdlN4AUgVPSHj9t1VA4SSKihRtoxepfB lr2toQUZR2hg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,382,1580803200"; d="scan'208";a="363361517" Received: from mpotrolx-mobl1.ger.corp.intel.com (HELO addy-VirtualBox.ger.corp.intel.com) ([10.104.125.48]) by fmsmga001.fm.intel.com with ESMTP; 14 Apr 2020 05:26:29 -0700 From: Adam Dybkowski To: dev@dpdk.org, fiona.trahe@intel.com, akhil.goyal@nxp.com Cc: Adam Dybkowski Date: Tue, 14 Apr 2020 14:24:26 +0200 Message-Id: <20200414122426.2511-1-adamx.dybkowski@intel.com> X-Mailer: git-send-email 2.17.1 Subject: [dpdk-dev] [PATCH] crypto/qat: support plain SHA1..SHA512 hashes X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds support for plain SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 hashes to QAT PMD. Signed-off-by: Adam Dybkowski --- app/test/test_cryptodev_hash_test_vectors.h | 10 ++ doc/guides/cryptodevs/features/qat.ini | 5 + doc/guides/cryptodevs/qat.rst | 5 + drivers/crypto/qat/qat_sym_capabilities.h | 105 ++++++++++++++++++ drivers/crypto/qat/qat_sym_session.c | 113 ++++++++++++++++++-- drivers/crypto/qat/qat_sym_session.h | 1 + 6 files changed, 232 insertions(+), 7 deletions(-) diff --git a/app/test/test_cryptodev_hash_test_vectors.h b/app/test/test_cryptodev_hash_test_vectors.h index cff283118..394bb6b60 100644 --- a/app/test/test_cryptodev_hash_test_vectors.h +++ b/app/test/test_cryptodev_hash_test_vectors.h @@ -460,6 +460,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha1_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -473,6 +474,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha1_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -540,6 +542,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha224_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -553,6 +556,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha224_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -596,6 +600,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha256_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -609,6 +614,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha256_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -654,6 +660,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha384_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -667,6 +674,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha384_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -712,6 +720,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha512_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -724,6 +733,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha512_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 6e350eb81..a72241997 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -44,10 +44,15 @@ ZUC EEA3 = Y [Auth] NULL = Y MD5 HMAC = Y +SHA1 = Y SHA1 HMAC = Y +SHA224 = Y SHA224 HMAC = Y +SHA256 = Y SHA256 HMAC = Y +SHA384 = Y SHA384 HMAC = Y +SHA512 = Y SHA512 HMAC = Y AES GMAC = Y SNOW3G UIA2 = Y diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index c79e686de..7e781b962 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -52,10 +52,15 @@ Cipher algorithms: Hash algorithms: +* ``RTE_CRYPTO_AUTH_SHA1`` * ``RTE_CRYPTO_AUTH_SHA1_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA224`` * ``RTE_CRYPTO_AUTH_SHA224_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA256`` * ``RTE_CRYPTO_AUTH_SHA256_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA384`` * ``RTE_CRYPTO_AUTH_SHA384_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA512`` * ``RTE_CRYPTO_AUTH_SHA512_HMAC`` * ``RTE_CRYPTO_AUTH_AES_XCBC_MAC`` * ``RTE_CRYPTO_AUTH_SNOW3G_UIA2`` diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h index 27e57aaaf..ff691ce35 100644 --- a/drivers/crypto/qat/qat_sym_capabilities.h +++ b/drivers/crypto/qat/qat_sym_capabilities.h @@ -6,6 +6,111 @@ #define _QAT_SYM_CAPABILITIES_H_ #define QAT_BASE_GEN1_SYM_CAPABILITIES \ + { /* SHA1 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA1, \ + .block_size = 64, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 20, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ + { /* SHA224 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA224, \ + .block_size = 64, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 28, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ + { /* SHA256 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA256, \ + .block_size = 64, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 32, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ + { /* SHA384 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA384, \ + .block_size = 128, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 48, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ + { /* SHA512 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA512, \ + .block_size = 128, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 64, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ { /* SHA1 HMAC */ \ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ {.sym = { \ diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index fd2cc382e..3727d564d 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -19,6 +19,41 @@ #include "qat_sym_session.h" #include "qat_sym_pmd.h" +/* SHA1 - 20 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha1InitialState[] = { + 0x67, 0x45, 0x23, 0x01, 0xef, 0xcd, 0xab, 0x89, 0x98, 0xba, + 0xdc, 0xfe, 0x10, 0x32, 0x54, 0x76, 0xc3, 0xd2, 0xe1, 0xf0}; + +/* SHA 224 - 32 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha224InitialState[] = { + 0xc1, 0x05, 0x9e, 0xd8, 0x36, 0x7c, 0xd5, 0x07, 0x30, 0x70, 0xdd, + 0x17, 0xf7, 0x0e, 0x59, 0x39, 0xff, 0xc0, 0x0b, 0x31, 0x68, 0x58, + 0x15, 0x11, 0x64, 0xf9, 0x8f, 0xa7, 0xbe, 0xfa, 0x4f, 0xa4}; + +/* SHA 256 - 32 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha256InitialState[] = { + 0x6a, 0x09, 0xe6, 0x67, 0xbb, 0x67, 0xae, 0x85, 0x3c, 0x6e, 0xf3, + 0x72, 0xa5, 0x4f, 0xf5, 0x3a, 0x51, 0x0e, 0x52, 0x7f, 0x9b, 0x05, + 0x68, 0x8c, 0x1f, 0x83, 0xd9, 0xab, 0x5b, 0xe0, 0xcd, 0x19}; + +/* SHA 384 - 64 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha384InitialState[] = { + 0xcb, 0xbb, 0x9d, 0x5d, 0xc1, 0x05, 0x9e, 0xd8, 0x62, 0x9a, 0x29, + 0x2a, 0x36, 0x7c, 0xd5, 0x07, 0x91, 0x59, 0x01, 0x5a, 0x30, 0x70, + 0xdd, 0x17, 0x15, 0x2f, 0xec, 0xd8, 0xf7, 0x0e, 0x59, 0x39, 0x67, + 0x33, 0x26, 0x67, 0xff, 0xc0, 0x0b, 0x31, 0x8e, 0xb4, 0x4a, 0x87, + 0x68, 0x58, 0x15, 0x11, 0xdb, 0x0c, 0x2e, 0x0d, 0x64, 0xf9, 0x8f, + 0xa7, 0x47, 0xb5, 0x48, 0x1d, 0xbe, 0xfa, 0x4f, 0xa4}; + +/* SHA 512 - 64 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha512InitialState[] = { + 0x6a, 0x09, 0xe6, 0x67, 0xf3, 0xbc, 0xc9, 0x08, 0xbb, 0x67, 0xae, + 0x85, 0x84, 0xca, 0xa7, 0x3b, 0x3c, 0x6e, 0xf3, 0x72, 0xfe, 0x94, + 0xf8, 0x2b, 0xa5, 0x4f, 0xf5, 0x3a, 0x5f, 0x1d, 0x36, 0xf1, 0x51, + 0x0e, 0x52, 0x7f, 0xad, 0xe6, 0x82, 0xd1, 0x9b, 0x05, 0x68, 0x8c, + 0x2b, 0x3e, 0x6c, 0x1f, 0x1f, 0x83, 0xd9, 0xab, 0xfb, 0x41, 0xbd, + 0x6b, 0x5b, 0xe0, 0xcd, 0x19, 0x13, 0x7e, 0x21, 0x79}; + /** Frees a context previously created * Depends on openssl libcrypto */ @@ -665,8 +700,29 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev, session->auth_iv.offset = auth_xform->iv.offset; session->auth_iv.length = auth_xform->iv.length; + session->auth_mode = ICP_QAT_HW_AUTH_MODE1; switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_SHA1: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA1; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; + case RTE_CRYPTO_AUTH_SHA224: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA224; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; + case RTE_CRYPTO_AUTH_SHA256: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA256; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; + case RTE_CRYPTO_AUTH_SHA384: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA384; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; + case RTE_CRYPTO_AUTH_SHA512: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA512; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; case RTE_CRYPTO_AUTH_SHA1_HMAC: session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA1; break; @@ -722,11 +778,6 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev, } session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3; break; - case RTE_CRYPTO_AUTH_SHA1: - case RTE_CRYPTO_AUTH_SHA256: - case RTE_CRYPTO_AUTH_SHA512: - case RTE_CRYPTO_AUTH_SHA224: - case RTE_CRYPTO_AUTH_SHA384: case RTE_CRYPTO_AUTH_MD5: case RTE_CRYPTO_AUTH_AES_CBC_MAC: QAT_LOG(ERR, "Crypto: Unsupported hash alg %u", @@ -811,6 +862,8 @@ qat_sym_session_configure_aead(struct rte_cryptodev *dev, session->cipher_iv.offset = xform->aead.iv.offset; session->cipher_iv.length = xform->aead.iv.length; + session->auth_mode = ICP_QAT_HW_AUTH_MODE1; + switch (aead_xform->algo) { case RTE_CRYPTO_AEAD_AES_GCM: if (qat_sym_validate_aes_key(aead_xform->key.length, @@ -1661,10 +1714,11 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, hash = (struct icp_qat_hw_auth_setup *)cdesc->cd_cur_ptr; hash->auth_config.reserved = 0; hash->auth_config.config = - ICP_QAT_HW_AUTH_CONFIG_BUILD(ICP_QAT_HW_AUTH_MODE1, + ICP_QAT_HW_AUTH_CONFIG_BUILD(cdesc->auth_mode, cdesc->qat_hash_alg, digestsize); - if (cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0 + || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_KASUMI_F9 || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3 || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC @@ -1687,6 +1741,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, */ switch (cdesc->qat_hash_alg) { case ICP_QAT_HW_AUTH_ALGO_SHA1: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-1 */ + rte_memcpy(cdesc->cd_cur_ptr, sha1InitialState, + sizeof(sha1InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-1 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { @@ -1696,6 +1759,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, state2_size = RTE_ALIGN_CEIL(ICP_QAT_HW_SHA1_STATE2_SZ, 8); break; case ICP_QAT_HW_AUTH_ALGO_SHA224: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-224 */ + rte_memcpy(cdesc->cd_cur_ptr, sha224InitialState, + sizeof(sha224InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-224 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { @@ -1705,6 +1777,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, state2_size = ICP_QAT_HW_SHA224_STATE2_SZ; break; case ICP_QAT_HW_AUTH_ALGO_SHA256: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-256 */ + rte_memcpy(cdesc->cd_cur_ptr, sha256InitialState, + sizeof(sha256InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-256 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { @@ -1714,6 +1795,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, state2_size = ICP_QAT_HW_SHA256_STATE2_SZ; break; case ICP_QAT_HW_AUTH_ALGO_SHA384: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-384 */ + rte_memcpy(cdesc->cd_cur_ptr, sha384InitialState, + sizeof(sha384InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-384 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { @@ -1723,6 +1813,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, state2_size = ICP_QAT_HW_SHA384_STATE2_SZ; break; case ICP_QAT_HW_AUTH_ALGO_SHA512: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-512 */ + rte_memcpy(cdesc->cd_cur_ptr, sha512InitialState, + sizeof(sha512InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-512 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { diff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h index 5a01c8179..e6538f627 100644 --- a/drivers/crypto/qat/qat_sym_session.h +++ b/drivers/crypto/qat/qat_sym_session.h @@ -67,6 +67,7 @@ struct qat_sym_session { enum icp_qat_hw_cipher_mode qat_mode; enum icp_qat_hw_auth_algo qat_hash_alg; enum icp_qat_hw_auth_op auth_op; + enum icp_qat_hw_auth_mode auth_mode; void *bpi_ctx; struct qat_sym_cd cd; uint8_t *cd_cur_ptr; -- 2.17.1