* [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3
@ 2020-09-11 11:18 Pablo de Lara
2020-09-11 11:19 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
` (2 more replies)
0 siblings, 3 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 11:18 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 36 ++---
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 4 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 127 ++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 60 ++++++++-
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 47 +++++++
6 files changed, 204 insertions(+), 72 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 15388d20a..0cb58bfe5 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -32,23 +32,25 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_DES_CBC
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
-
-Hash algorithms:
-
-* RTE_CRYPTO_HASH_MD5_HMAC
-* RTE_CRYPTO_HASH_SHA1_HMAC
-* RTE_CRYPTO_HASH_SHA224_HMAC
-* RTE_CRYPTO_HASH_SHA256_HMAC
-* RTE_CRYPTO_HASH_SHA384_HMAC
-* RTE_CRYPTO_HASH_SHA512_HMAC
-* RTE_CRYPTO_HASH_AES_XCBC_HMAC
-* RTE_CRYPTO_HASH_AES_CMAC
-* RTE_CRYPTO_HASH_AES_GMAC
-* RTE_CRYPTO_HASH_SHA1
-* RTE_CRYPTO_HASH_SHA224
-* RTE_CRYPTO_HASH_SHA256
-* RTE_CRYPTO_HASH_SHA384
-* RTE_CRYPTO_HASH_SHA512
+* RTE_CRYPTO_CIPHER_ZUC_EEA3
+
+Authentication algorithms:
+
+* RTE_CRYPTO_AUTH_MD5_HMAC
+* RTE_CRYPTO_AUTH_SHA1_HMAC
+* RTE_CRYPTO_AUTH_SHA224_HMAC
+* RTE_CRYPTO_AUTH_SHA256_HMAC
+* RTE_CRYPTO_AUTH_SHA384_HMAC
+* RTE_CRYPTO_AUTH_SHA512_HMAC
+* RTE_CRYPTO_AUTH_AES_XCBC_HMAC
+* RTE_CRYPTO_AUTH_AES_CMAC
+* RTE_CRYPTO_AUTH_AES_GMAC
+* RTE_CRYPTO_AUTH_SHA1
+* RTE_CRYPTO_AUTH_SHA224
+* RTE_CRYPTO_AUTH_SHA256
+* RTE_CRYPTO_AUTH_SHA384
+* RTE_CRYPTO_AUTH_SHA512
+* RTE_CRYPTO_AUTH_ZUC_EIA3
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 38d255aff..47210333c 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -30,6 +30,7 @@ AES DOCSIS BPI = Y
DES CBC = Y
3DES CBC = Y
DES DOCSIS BPI = Y
+ZUC EEA3 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -49,6 +50,7 @@ SHA512 HMAC = Y
AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
+ZUC EIA3 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index df227a177..1dc822cb7 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -55,6 +55,10 @@ New Features
Also, make sure to start the actual text at the margin.
=======================================================
+* **Updated the AESNI MB crypto PMD.**
+
+ * Added support for ZUC-EEA3/EIA3 algorithms.
+
Removed Items
-------------
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index e0c7b4f7c..5dd94a87a 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -39,22 +39,25 @@ extern int aesni_mb_logtype_driver;
/* Maximum length for digest */
#define DIGEST_LENGTH_MAX 64
static const unsigned auth_blocksize[] = {
- [NULL_HASH] = 0,
- [MD5] = 64,
- [SHA1] = 64,
- [SHA_224] = 64,
- [SHA_256] = 64,
- [SHA_384] = 128,
- [SHA_512] = 128,
- [AES_XCBC] = 16,
- [AES_CCM] = 16,
- [AES_CMAC] = 16,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 64,
- [PLAIN_SHA_224] = 64,
- [PLAIN_SHA_256] = 64,
- [PLAIN_SHA_384] = 128,
- [PLAIN_SHA_512] = 128
+ [NULL_HASH] = 0,
+ [MD5] = 64,
+ [SHA1] = 64,
+ [SHA_224] = 64,
+ [SHA_256] = 64,
+ [SHA_384] = 128,
+ [SHA_512] = 128,
+ [AES_XCBC] = 16,
+ [AES_CCM] = 16,
+ [AES_CMAC] = 16,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 64,
+ [PLAIN_SHA_224] = 64,
+ [PLAIN_SHA_256] = 64,
+ [PLAIN_SHA_384] = 128,
+ [PLAIN_SHA_512] = 128,
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+#endif
};
/**
@@ -70,22 +73,25 @@ get_auth_algo_blocksize(JOB_HASH_ALG algo)
}
static const unsigned auth_truncated_digest_byte_lengths[] = {
- [MD5] = 12,
- [SHA1] = 12,
- [SHA_224] = 14,
- [SHA_256] = 16,
- [SHA_384] = 24,
- [SHA_512] = 32,
- [AES_XCBC] = 12,
- [AES_CMAC] = 12,
- [AES_CCM] = 8,
- [NULL_HASH] = 0,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 12,
+ [SHA1] = 12,
+ [SHA_224] = 14,
+ [SHA_256] = 16,
+ [SHA_384] = 24,
+ [SHA_512] = 32,
+ [AES_XCBC] = 12,
+ [AES_CMAC] = 12,
+ [AES_CCM] = 8,
+ [NULL_HASH] = 0,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
};
/**
@@ -102,22 +108,25 @@ get_truncated_digest_byte_length(JOB_HASH_ALG algo)
}
static const unsigned auth_digest_byte_lengths[] = {
- [MD5] = 16,
- [SHA1] = 20,
- [SHA_224] = 28,
- [SHA_256] = 32,
- [SHA_384] = 48,
- [SHA_512] = 64,
- [AES_XCBC] = 16,
- [AES_CMAC] = 16,
- [AES_CCM] = 16,
- [AES_GMAC] = 12,
- [NULL_HASH] = 0,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 16,
+ [SHA1] = 20,
+ [SHA_224] = 28,
+ [SHA_256] = 32,
+ [SHA_384] = 48,
+ [SHA_512] = 64,
+ [AES_XCBC] = 16,
+ [AES_CMAC] = 16,
+ [AES_CCM] = 16,
+ [AES_GMAC] = 12,
+ [NULL_HASH] = 0,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
};
@@ -189,6 +198,10 @@ struct aesni_mb_session {
uint16_t length;
uint16_t offset;
} iv;
+ struct {
+ uint16_t length;
+ uint16_t offset;
+ } auth_iv;
/**< IV parameters */
/** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
@@ -209,19 +222,23 @@ struct aesni_mb_session {
uint32_t decode[60] __rte_aligned(16);
/**< decode key */
} expanded_aes_keys;
+ /**< Expanded AES keys - Allocating space to
+ * contain the maximum expanded key size which
+ * is 240 bytes for 256 bit AES, calculate by:
+ * ((key size (bytes)) *
+ * ((number of rounds) + 1))
+ */
struct {
const void *ks_ptr[3];
uint64_t key[3][16];
} exp_3des_keys;
+ /**< Expanded 3DES keys */
struct gcm_key_data gcm_key;
+ /**< Expanded GCM key */
+ uint8_t zuc_cipher_key[16];
+ /**< ZUC cipher key */
};
- /**< Expanded AES keys - Allocating space to
- * contain the maximum expanded key size which
- * is 240 bytes for 256 bit AES, calculate by:
- * ((key size (bytes)) *
- * ((number of rounds) + 1))
- */
} cipher;
/** Authentication Parameters */
@@ -260,6 +277,8 @@ struct aesni_mb_session {
/**< k3. */
} cmac;
/**< Expanded XCBC authentication keys */
+ uint8_t zuc_auth_key[16];
+ /**< ZUC authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 1bddbcf74..cdc33415a 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -146,6 +146,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return -1;
}
+ /* Set IV parameters */
+ sess->auth_iv.offset = xform->auth.iv.offset;
+ sess->auth_iv.length = xform->auth.iv.length;
+
/* Set the request digest size */
sess->auth.req_digest_len = xform->auth.digest_length;
@@ -249,6 +253,22 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return 0;
}
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ if (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {
+ sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+ uint16_t zuc_eia3_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_ZUC_EIA3_BITLEN);
+ if (sess->auth.req_digest_len != zuc_eia3_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
+ return 0;
+ }
+#endif
+
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->auth.algo = MD5;
@@ -381,6 +401,9 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_aes = 0;
uint8_t is_3DES = 0;
uint8_t is_docsis = 0;
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ uint8_t is_zuc = 0;
+#endif
if (xform == NULL) {
sess->cipher.mode = NULL_CIPHER;
@@ -429,6 +452,12 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = DES3;
is_3DES = 1;
break;
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ case RTE_CRYPTO_CIPHER_ZUC_EEA3:
+ sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
+ is_zuc = 1;
+ break;
+#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
return -ENOTSUP;
@@ -527,6 +556,16 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
}
sess->cipher.key_length_in_bytes = 24;
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ } else if (is_zuc) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
+ 16);
+#endif
} else {
if (xform->cipher.key.length != 8) {
AESNI_MB_LOG(ERR, "Invalid cipher key length");
@@ -693,6 +732,7 @@ aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
/* Default IV length = 0 */
sess->iv.length = 0;
+ sess->auth_iv.length = 0;
ret = aesni_mb_set_session_auth_parameters(mb_mgr, sess, auth_xform);
if (ret != 0) {
@@ -1168,7 +1208,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->aes_enc_key_expanded = &session->cipher.gcm_key;
job->aes_dec_key_expanded = &session->cipher.gcm_key;
break;
-
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ case IMB_AUTH_ZUC_EIA3_BITLEN:
+ job->u.ZUC_EIA3._key = session->auth.zuc_auth_key;
+ job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
+#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
job->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;
@@ -1186,6 +1232,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
+ job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
+ job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ }
+#endif
+
if (!op->sym->m_dst) {
/* in-place operation */
m_dst = m_src;
@@ -1286,6 +1339,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
session->iv.offset);
}
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
+ job->msg_len_to_cipher_in_bytes >>= 3;
+#endif
+
/* Set user data to be crypto operation data struct */
job->user_data = op;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 2362f0c3c..487db6330 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -497,6 +497,53 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ { /* ZUC (EIA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* ZUC (EEA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ }, }
+ }, }
+ },
+#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2
2020-09-11 11:18 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
@ 2020-09-11 11:19 ` Pablo de Lara
2020-09-11 11:19 ` [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-09-11 11:37 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 11:19 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 13 +++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 47 ++++++++++++++++---
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 45 ++++++++++++++++++
6 files changed, 101 insertions(+), 9 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 0cb58bfe5..12bcafcba 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -33,6 +33,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
* RTE_CRYPTO_CIPHER_ZUC_EEA3
+* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
Authentication algorithms:
@@ -51,6 +52,7 @@ Authentication algorithms:
* RTE_CRYPTO_AUTH_SHA384
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
+* RTE_CRYPTO_AUTH_SNOW3G_UIA2
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 47210333c..76a0fd149 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -31,6 +31,7 @@ DES CBC = Y
3DES CBC = Y
DES DOCSIS BPI = Y
ZUC EEA3 = Y
+SNOW3G UEA2 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -51,6 +52,7 @@ AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
+SNOW3G UIA2 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 1dc822cb7..ee8dff904 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -58,6 +58,7 @@ New Features
* **Updated the AESNI MB crypto PMD.**
* Added support for ZUC-EEA3/EIA3 algorithms.
+ * Added support for SNOW3G-UEA2/UIA2 algorithms.
Removed Items
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 5dd94a87a..7a0a27dd7 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -56,7 +56,8 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_384] = 128,
[PLAIN_SHA_512] = 128,
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
#endif
};
@@ -90,7 +91,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_384] = 48,
[PLAIN_SHA_512] = 64,
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
};
@@ -125,7 +127,8 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_384] = 48,
[PLAIN_SHA_512] = 64,
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -238,6 +241,8 @@ struct aesni_mb_session {
/**< Expanded GCM key */
uint8_t zuc_cipher_key[16];
/**< ZUC cipher key */
+ snow3g_key_schedule_t pKeySched_snow3g_cipher;
+ /**< SNOW3G scheduled cipher key */
};
} cipher;
@@ -279,6 +284,8 @@ struct aesni_mb_session {
/**< Expanded XCBC authentication keys */
uint8_t zuc_auth_key[16];
/**< ZUC authentication key */
+ snow3g_key_schedule_t pKeySched_snow3g_auth;
+ /**< SNOW3G scheduled authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index cdc33415a..fcb80f63f 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -266,6 +266,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+ sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
+ uint16_t snow3g_uia2_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN);
+ if (sess->auth.req_digest_len != snow3g_uia2_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_snow3g_auth);
+ return 0;
}
#endif
@@ -403,6 +416,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_docsis = 0;
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
uint8_t is_zuc = 0;
+ uint8_t is_snow3g = 0;
#endif
if (xform == NULL) {
@@ -457,6 +471,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
is_zuc = 1;
break;
+ case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+ sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
+ is_snow3g = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -565,6 +583,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
16);
+ } else if (is_snow3g) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_snow3g_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1214,6 +1240,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_SNOW3G_UIA2_BITLEN:
+ job->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth;
+ job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1232,10 +1263,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+ if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+ session->cipher.mode == GCM))
+ m_offset = op->sym->aead.data.offset;
+ else
+ m_offset = op->sym->cipher.data.offset;
+
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
+ m_offset = 0;
}
#endif
@@ -1253,12 +1293,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
oop = 1;
}
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
- m_offset = op->sym->aead.data.offset;
- else
- m_offset = op->sym->cipher.data.offset;
-
/* Set digest output location */
if (job->hash_alg != NULL_HASH &&
session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -1327,6 +1361,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
break;
default:
+ /* For SNOW3G, length and offsets are already in bits */
job->cipher_start_src_offset_in_bytes =
op->sym->cipher.data.offset;
job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 487db6330..87f2f0dab 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -543,6 +543,51 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SNOW 3G (UIA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* SNOW 3G (UEA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support KASUMI F8/F9
2020-09-11 11:18 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 11:19 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
@ 2020-09-11 11:19 ` Pablo de Lara
2020-09-11 11:37 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 11:19 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 13 ++++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 34 +++++++++++++++
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 41 +++++++++++++++++++
6 files changed, 90 insertions(+), 3 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 12bcafcba..85c462e62 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -34,6 +34,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
* RTE_CRYPTO_CIPHER_ZUC_EEA3
* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
+* RTE_CRYPTO_CIPHER_KASUMI_F8
Authentication algorithms:
@@ -53,6 +54,7 @@ Authentication algorithms:
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
* RTE_CRYPTO_AUTH_SNOW3G_UIA2
+* RTE_CRYPTO_AUTH_KASUMI_F9
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 76a0fd149..f70adcec9 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -32,6 +32,7 @@ DES CBC = Y
DES DOCSIS BPI = Y
ZUC EEA3 = Y
SNOW3G UEA2 = Y
+KASUMI F8 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -53,6 +54,7 @@ AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
SNOW3G UIA2 = Y
+KASUMI F9 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index ee8dff904..2b6370025 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -59,6 +59,7 @@ New Features
* Added support for ZUC-EEA3/EIA3 algorithms.
* Added support for SNOW3G-UEA2/UIA2 algorithms.
+ * Added support for KASUMI-F8/F9 algorithms.
Removed Items
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 7a0a27dd7..c8f1eff1f 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -57,7 +57,8 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_512] = 128,
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
[IMB_AUTH_ZUC_EIA3_BITLEN] = 16,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16,
+ [IMB_AUTH_KASUMI_UIA1] = 16
#endif
};
@@ -92,7 +93,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4,
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
};
@@ -128,7 +130,8 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4,
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -243,6 +246,8 @@ struct aesni_mb_session {
/**< ZUC cipher key */
snow3g_key_schedule_t pKeySched_snow3g_cipher;
/**< SNOW3G scheduled cipher key */
+ kasumi_key_sched_t pKeySched_kasumi_cipher;
+ /**< KASUMI scheduled cipher key */
};
} cipher;
@@ -286,6 +291,8 @@ struct aesni_mb_session {
/**< ZUC authentication key */
snow3g_key_schedule_t pKeySched_snow3g_auth;
/**< SNOW3G scheduled authentication key */
+ kasumi_key_sched_t pKeySched_kasumi_auth;
+ /**< KASUMI scheduled authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index fcb80f63f..0a5af31fb 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -279,6 +279,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
&sess->auth.pKeySched_snow3g_auth);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_KASUMI_F9) {
+ sess->auth.algo = IMB_AUTH_KASUMI_UIA1;
+ uint16_t kasumi_f9_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_KASUMI_UIA1);
+ if (sess->auth.req_digest_len != kasumi_f9_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_KASUMI_INIT_F9_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_kasumi_auth);
+ return 0;
}
#endif
@@ -417,6 +430,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
uint8_t is_zuc = 0;
uint8_t is_snow3g = 0;
+ uint8_t is_kasumi = 0;
#endif
if (xform == NULL) {
@@ -475,6 +489,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
is_snow3g = 1;
break;
+ case RTE_CRYPTO_CIPHER_KASUMI_F8:
+ sess->cipher.mode = IMB_CIPHER_KASUMI_UEA1_BITLEN;
+ is_kasumi = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -591,6 +609,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
&sess->cipher.pKeySched_snow3g_cipher);
+ } else if (is_kasumi) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_KASUMI_INIT_F8_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_kasumi_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1245,6 +1271,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_KASUMI_UIA1:
+ job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth;
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1276,6 +1305,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
} else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
m_offset = 0;
+ } else if (job->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_kasumi_cipher;
+ m_offset = 0;
}
#endif
@@ -1377,6 +1409,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
job->msg_len_to_cipher_in_bytes >>= 3;
+ else if (job->hash_alg == IMB_AUTH_KASUMI_UIA1)
+ job->msg_len_to_hash_in_bytes >>= 3;
#endif
/* Set user data to be crypto operation data struct */
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 87f2f0dab..1c292cf4b 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -588,6 +588,47 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* KASUMI (F9) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_KASUMI_F9,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* KASUMI (F8) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_KASUMI_F8,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3
2020-09-11 11:18 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 11:19 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-09-11 11:19 ` [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
@ 2020-09-11 11:37 ` Pablo de Lara
2020-09-11 11:38 ` [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
` (2 more replies)
2 siblings, 3 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 11:37 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Add support for ZUC-EEA3/EIA3 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v2:
- Added commit description
- Fixed checkpatch issues
---
doc/guides/cryptodevs/aesni_mb.rst | 36 ++---
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 4 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 127 ++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 62 ++++++++-
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 47 +++++++
6 files changed, 205 insertions(+), 73 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 15388d20a..0cb58bfe5 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -32,23 +32,25 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_DES_CBC
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
-
-Hash algorithms:
-
-* RTE_CRYPTO_HASH_MD5_HMAC
-* RTE_CRYPTO_HASH_SHA1_HMAC
-* RTE_CRYPTO_HASH_SHA224_HMAC
-* RTE_CRYPTO_HASH_SHA256_HMAC
-* RTE_CRYPTO_HASH_SHA384_HMAC
-* RTE_CRYPTO_HASH_SHA512_HMAC
-* RTE_CRYPTO_HASH_AES_XCBC_HMAC
-* RTE_CRYPTO_HASH_AES_CMAC
-* RTE_CRYPTO_HASH_AES_GMAC
-* RTE_CRYPTO_HASH_SHA1
-* RTE_CRYPTO_HASH_SHA224
-* RTE_CRYPTO_HASH_SHA256
-* RTE_CRYPTO_HASH_SHA384
-* RTE_CRYPTO_HASH_SHA512
+* RTE_CRYPTO_CIPHER_ZUC_EEA3
+
+Authentication algorithms:
+
+* RTE_CRYPTO_AUTH_MD5_HMAC
+* RTE_CRYPTO_AUTH_SHA1_HMAC
+* RTE_CRYPTO_AUTH_SHA224_HMAC
+* RTE_CRYPTO_AUTH_SHA256_HMAC
+* RTE_CRYPTO_AUTH_SHA384_HMAC
+* RTE_CRYPTO_AUTH_SHA512_HMAC
+* RTE_CRYPTO_AUTH_AES_XCBC_HMAC
+* RTE_CRYPTO_AUTH_AES_CMAC
+* RTE_CRYPTO_AUTH_AES_GMAC
+* RTE_CRYPTO_AUTH_SHA1
+* RTE_CRYPTO_AUTH_SHA224
+* RTE_CRYPTO_AUTH_SHA256
+* RTE_CRYPTO_AUTH_SHA384
+* RTE_CRYPTO_AUTH_SHA512
+* RTE_CRYPTO_AUTH_ZUC_EIA3
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 38d255aff..47210333c 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -30,6 +30,7 @@ AES DOCSIS BPI = Y
DES CBC = Y
3DES CBC = Y
DES DOCSIS BPI = Y
+ZUC EEA3 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -49,6 +50,7 @@ SHA512 HMAC = Y
AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
+ZUC EIA3 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index df227a177..1dc822cb7 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -55,6 +55,10 @@ New Features
Also, make sure to start the actual text at the margin.
=======================================================
+* **Updated the AESNI MB crypto PMD.**
+
+ * Added support for ZUC-EEA3/EIA3 algorithms.
+
Removed Items
-------------
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index e0c7b4f7c..601ab9a40 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -39,22 +39,25 @@ extern int aesni_mb_logtype_driver;
/* Maximum length for digest */
#define DIGEST_LENGTH_MAX 64
static const unsigned auth_blocksize[] = {
- [NULL_HASH] = 0,
- [MD5] = 64,
- [SHA1] = 64,
- [SHA_224] = 64,
- [SHA_256] = 64,
- [SHA_384] = 128,
- [SHA_512] = 128,
- [AES_XCBC] = 16,
- [AES_CCM] = 16,
- [AES_CMAC] = 16,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 64,
- [PLAIN_SHA_224] = 64,
- [PLAIN_SHA_256] = 64,
- [PLAIN_SHA_384] = 128,
- [PLAIN_SHA_512] = 128
+ [NULL_HASH] = 0,
+ [MD5] = 64,
+ [SHA1] = 64,
+ [SHA_224] = 64,
+ [SHA_256] = 64,
+ [SHA_384] = 128,
+ [SHA_512] = 128,
+ [AES_XCBC] = 16,
+ [AES_CCM] = 16,
+ [AES_CMAC] = 16,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 64,
+ [PLAIN_SHA_224] = 64,
+ [PLAIN_SHA_256] = 64,
+ [PLAIN_SHA_384] = 128,
+ [PLAIN_SHA_512] = 128,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+#endif
};
/**
@@ -70,22 +73,25 @@ get_auth_algo_blocksize(JOB_HASH_ALG algo)
}
static const unsigned auth_truncated_digest_byte_lengths[] = {
- [MD5] = 12,
- [SHA1] = 12,
- [SHA_224] = 14,
- [SHA_256] = 16,
- [SHA_384] = 24,
- [SHA_512] = 32,
- [AES_XCBC] = 12,
- [AES_CMAC] = 12,
- [AES_CCM] = 8,
- [NULL_HASH] = 0,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 12,
+ [SHA1] = 12,
+ [SHA_224] = 14,
+ [SHA_256] = 16,
+ [SHA_384] = 24,
+ [SHA_512] = 32,
+ [AES_XCBC] = 12,
+ [AES_CMAC] = 12,
+ [AES_CCM] = 8,
+ [NULL_HASH] = 0,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
};
/**
@@ -102,22 +108,25 @@ get_truncated_digest_byte_length(JOB_HASH_ALG algo)
}
static const unsigned auth_digest_byte_lengths[] = {
- [MD5] = 16,
- [SHA1] = 20,
- [SHA_224] = 28,
- [SHA_256] = 32,
- [SHA_384] = 48,
- [SHA_512] = 64,
- [AES_XCBC] = 16,
- [AES_CMAC] = 16,
- [AES_CCM] = 16,
- [AES_GMAC] = 12,
- [NULL_HASH] = 0,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 16,
+ [SHA1] = 20,
+ [SHA_224] = 28,
+ [SHA_256] = 32,
+ [SHA_384] = 48,
+ [SHA_512] = 64,
+ [AES_XCBC] = 16,
+ [AES_CMAC] = 16,
+ [AES_CCM] = 16,
+ [AES_GMAC] = 12,
+ [NULL_HASH] = 0,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
};
@@ -189,6 +198,10 @@ struct aesni_mb_session {
uint16_t length;
uint16_t offset;
} iv;
+ struct {
+ uint16_t length;
+ uint16_t offset;
+ } auth_iv;
/**< IV parameters */
/** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
@@ -209,19 +222,23 @@ struct aesni_mb_session {
uint32_t decode[60] __rte_aligned(16);
/**< decode key */
} expanded_aes_keys;
+ /**< Expanded AES keys - Allocating space to
+ * contain the maximum expanded key size which
+ * is 240 bytes for 256 bit AES, calculate by:
+ * ((key size (bytes)) *
+ * ((number of rounds) + 1))
+ */
struct {
const void *ks_ptr[3];
uint64_t key[3][16];
} exp_3des_keys;
+ /**< Expanded 3DES keys */
struct gcm_key_data gcm_key;
+ /**< Expanded GCM key */
+ uint8_t zuc_cipher_key[16];
+ /**< ZUC cipher key */
};
- /**< Expanded AES keys - Allocating space to
- * contain the maximum expanded key size which
- * is 240 bytes for 256 bit AES, calculate by:
- * ((key size (bytes)) *
- * ((number of rounds) + 1))
- */
} cipher;
/** Authentication Parameters */
@@ -260,6 +277,8 @@ struct aesni_mb_session {
/**< k3. */
} cmac;
/**< Expanded XCBC authentication keys */
+ uint8_t zuc_auth_key[16];
+ /**< ZUC authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 1bddbcf74..54023e013 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -146,6 +146,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return -1;
}
+ /* Set IV parameters */
+ sess->auth_iv.offset = xform->auth.iv.offset;
+ sess->auth_iv.length = xform->auth.iv.length;
+
/* Set the request digest size */
sess->auth.req_digest_len = xform->auth.digest_length;
@@ -249,6 +253,22 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return 0;
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {
+ sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+ uint16_t zuc_eia3_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_ZUC_EIA3_BITLEN);
+ if (sess->auth.req_digest_len != zuc_eia3_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
+ return 0;
+ }
+#endif
+
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->auth.algo = MD5;
@@ -381,6 +401,9 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_aes = 0;
uint8_t is_3DES = 0;
uint8_t is_docsis = 0;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ uint8_t is_zuc = 0;
+#endif
if (xform == NULL) {
sess->cipher.mode = NULL_CIPHER;
@@ -429,6 +452,12 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = DES3;
is_3DES = 1;
break;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ case RTE_CRYPTO_CIPHER_ZUC_EEA3:
+ sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
+ is_zuc = 1;
+ break;
+#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
return -ENOTSUP;
@@ -471,7 +500,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.expanded_aes_keys.encode,
sess->cipher.expanded_aes_keys.decode);
break;
-#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
case AES_256_BYTES:
sess->cipher.key_length_in_bytes = AES_256_BYTES;
IMB_AES_KEYEXP_256(mb_mgr, xform->cipher.key.data,
@@ -527,6 +556,16 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
}
sess->cipher.key_length_in_bytes = 24;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ } else if (is_zuc) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
+ 16);
+#endif
} else {
if (xform->cipher.key.length != 8) {
AESNI_MB_LOG(ERR, "Invalid cipher key length");
@@ -693,6 +732,7 @@ aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
/* Default IV length = 0 */
sess->iv.length = 0;
+ sess->auth_iv.length = 0;
ret = aesni_mb_set_session_auth_parameters(mb_mgr, sess, auth_xform);
if (ret != 0) {
@@ -1168,7 +1208,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->aes_enc_key_expanded = &session->cipher.gcm_key;
job->aes_dec_key_expanded = &session->cipher.gcm_key;
break;
-
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_ZUC_EIA3_BITLEN:
+ job->u.ZUC_EIA3._key = session->auth.zuc_auth_key;
+ job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
+#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
job->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;
@@ -1186,6 +1232,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
+ job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
+ job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ }
+#endif
+
if (!op->sym->m_dst) {
/* in-place operation */
m_dst = m_src;
@@ -1286,6 +1339,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
session->iv.offset);
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
+ job->msg_len_to_cipher_in_bytes >>= 3;
+#endif
+
/* Set user data to be crypto operation data struct */
job->user_data = op;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 2362f0c3c..f4c4f56fe 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -497,6 +497,53 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ { /* ZUC (EIA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* ZUC (EEA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ }, }
+ }, }
+ },
+#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2
2020-09-11 11:37 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
@ 2020-09-11 11:38 ` Pablo de Lara
2020-09-11 11:38 ` [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 11:38 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Add support for SNOW3G-UEA2/UIA2 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v2:
- Added commit description
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 7 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 47 ++++++++++++++++---
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 45 ++++++++++++++++++
6 files changed, 98 insertions(+), 6 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 0cb58bfe5..12bcafcba 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -33,6 +33,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
* RTE_CRYPTO_CIPHER_ZUC_EEA3
+* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
Authentication algorithms:
@@ -51,6 +52,7 @@ Authentication algorithms:
* RTE_CRYPTO_AUTH_SHA384
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
+* RTE_CRYPTO_AUTH_SNOW3G_UIA2
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 47210333c..76a0fd149 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -31,6 +31,7 @@ DES CBC = Y
3DES CBC = Y
DES DOCSIS BPI = Y
ZUC EEA3 = Y
+SNOW3G UEA2 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -51,6 +52,7 @@ AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
+SNOW3G UIA2 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 1dc822cb7..ee8dff904 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -58,6 +58,7 @@ New Features
* **Updated the AESNI MB crypto PMD.**
* Added support for ZUC-EEA3/EIA3 algorithms.
+ * Added support for SNOW3G-UEA2/UIA2 algorithms.
Removed Items
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 601ab9a40..75d01264e 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -57,6 +57,7 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_512] = 128,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
#endif
};
@@ -91,6 +92,7 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
};
@@ -126,6 +128,7 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -238,6 +241,8 @@ struct aesni_mb_session {
/**< Expanded GCM key */
uint8_t zuc_cipher_key[16];
/**< ZUC cipher key */
+ snow3g_key_schedule_t pKeySched_snow3g_cipher;
+ /**< SNOW3G scheduled cipher key */
};
} cipher;
@@ -279,6 +284,8 @@ struct aesni_mb_session {
/**< Expanded XCBC authentication keys */
uint8_t zuc_auth_key[16];
/**< ZUC authentication key */
+ snow3g_key_schedule_t pKeySched_snow3g_auth;
+ /**< SNOW3G scheduled authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 54023e013..42f89a955 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -266,6 +266,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+ sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
+ uint16_t snow3g_uia2_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN);
+ if (sess->auth.req_digest_len != snow3g_uia2_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_snow3g_auth);
+ return 0;
}
#endif
@@ -403,6 +416,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_docsis = 0;
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
uint8_t is_zuc = 0;
+ uint8_t is_snow3g = 0;
#endif
if (xform == NULL) {
@@ -457,6 +471,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
is_zuc = 1;
break;
+ case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+ sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
+ is_snow3g = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -565,6 +583,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
16);
+ } else if (is_snow3g) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_snow3g_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1214,6 +1240,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_SNOW3G_UIA2_BITLEN:
+ job->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth;
+ job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1232,10 +1263,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+ if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+ session->cipher.mode == GCM))
+ m_offset = op->sym->aead.data.offset;
+ else
+ m_offset = op->sym->cipher.data.offset;
+
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
+ m_offset = 0;
}
#endif
@@ -1253,12 +1293,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
oop = 1;
}
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
- m_offset = op->sym->aead.data.offset;
- else
- m_offset = op->sym->cipher.data.offset;
-
/* Set digest output location */
if (job->hash_alg != NULL_HASH &&
session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -1327,6 +1361,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
break;
default:
+ /* For SNOW3G, length and offsets are already in bits */
job->cipher_start_src_offset_in_bytes =
op->sym->cipher.data.offset;
job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index f4c4f56fe..9554ff0e7 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -543,6 +543,51 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SNOW 3G (UIA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* SNOW 3G (UEA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support KASUMI F8/F9
2020-09-11 11:37 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 11:38 ` [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
@ 2020-09-11 11:38 ` Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 11:38 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Add support for KASUMI-F8/F9 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v2:
- Added commit description
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 7 ++++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 34 +++++++++++++++
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 41 +++++++++++++++++++
6 files changed, 87 insertions(+)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 12bcafcba..85c462e62 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -34,6 +34,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
* RTE_CRYPTO_CIPHER_ZUC_EEA3
* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
+* RTE_CRYPTO_CIPHER_KASUMI_F8
Authentication algorithms:
@@ -53,6 +54,7 @@ Authentication algorithms:
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
* RTE_CRYPTO_AUTH_SNOW3G_UIA2
+* RTE_CRYPTO_AUTH_KASUMI_F9
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 76a0fd149..f70adcec9 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -32,6 +32,7 @@ DES CBC = Y
DES DOCSIS BPI = Y
ZUC EEA3 = Y
SNOW3G UEA2 = Y
+KASUMI F8 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -53,6 +54,7 @@ AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
SNOW3G UIA2 = Y
+KASUMI F9 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index ee8dff904..2b6370025 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -59,6 +59,7 @@ New Features
* Added support for ZUC-EEA3/EIA3 algorithms.
* Added support for SNOW3G-UEA2/UIA2 algorithms.
+ * Added support for KASUMI-F8/F9 algorithms.
Removed Items
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 75d01264e..0177b9180 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -58,6 +58,7 @@ static const unsigned auth_blocksize[] = {
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 16
[IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
+ [IMB_AUTH_KASUMI_UIA1] = 16
#endif
};
@@ -93,6 +94,7 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4
[IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
};
@@ -129,6 +131,7 @@ static const unsigned auth_digest_byte_lengths[] = {
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4
[IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -243,6 +246,8 @@ struct aesni_mb_session {
/**< ZUC cipher key */
snow3g_key_schedule_t pKeySched_snow3g_cipher;
/**< SNOW3G scheduled cipher key */
+ kasumi_key_sched_t pKeySched_kasumi_cipher;
+ /**< KASUMI scheduled cipher key */
};
} cipher;
@@ -286,6 +291,8 @@ struct aesni_mb_session {
/**< ZUC authentication key */
snow3g_key_schedule_t pKeySched_snow3g_auth;
/**< SNOW3G scheduled authentication key */
+ kasumi_key_sched_t pKeySched_kasumi_auth;
+ /**< KASUMI scheduled authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 42f89a955..df4d86d0f 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -279,6 +279,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
&sess->auth.pKeySched_snow3g_auth);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_KASUMI_F9) {
+ sess->auth.algo = IMB_AUTH_KASUMI_UIA1;
+ uint16_t kasumi_f9_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_KASUMI_UIA1);
+ if (sess->auth.req_digest_len != kasumi_f9_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_KASUMI_INIT_F9_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_kasumi_auth);
+ return 0;
}
#endif
@@ -417,6 +430,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
uint8_t is_zuc = 0;
uint8_t is_snow3g = 0;
+ uint8_t is_kasumi = 0;
#endif
if (xform == NULL) {
@@ -475,6 +489,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
is_snow3g = 1;
break;
+ case RTE_CRYPTO_CIPHER_KASUMI_F8:
+ sess->cipher.mode = IMB_CIPHER_KASUMI_UEA1_BITLEN;
+ is_kasumi = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -591,6 +609,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
&sess->cipher.pKeySched_snow3g_cipher);
+ } else if (is_kasumi) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_KASUMI_INIT_F8_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_kasumi_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1245,6 +1271,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_KASUMI_UIA1:
+ job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth;
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1276,6 +1305,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
} else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
m_offset = 0;
+ } else if (job->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_kasumi_cipher;
+ m_offset = 0;
}
#endif
@@ -1377,6 +1409,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
job->msg_len_to_cipher_in_bytes >>= 3;
+ else if (job->hash_alg == IMB_AUTH_KASUMI_UIA1)
+ job->msg_len_to_hash_in_bytes >>= 3;
#endif
/* Set user data to be crypto operation data struct */
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 9554ff0e7..7f5ef66c5 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -588,6 +588,47 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* KASUMI (F9) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_KASUMI_F9,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* KASUMI (F8) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_KASUMI_F8,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3
2020-09-11 11:37 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 11:38 ` [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-09-11 11:38 ` [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
@ 2020-09-11 15:54 ` Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
` (2 more replies)
2 siblings, 3 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 15:54 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Add support for ZUC-EEA3/EIA3 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v3:
- No changes
v2:
- Added commit description
- Fixed checkpatch issues
---
doc/guides/cryptodevs/aesni_mb.rst | 36 ++---
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 4 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 127 ++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 62 ++++++++-
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 47 +++++++
6 files changed, 205 insertions(+), 73 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 15388d20a..0cb58bfe5 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -32,23 +32,25 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_DES_CBC
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
-
-Hash algorithms:
-
-* RTE_CRYPTO_HASH_MD5_HMAC
-* RTE_CRYPTO_HASH_SHA1_HMAC
-* RTE_CRYPTO_HASH_SHA224_HMAC
-* RTE_CRYPTO_HASH_SHA256_HMAC
-* RTE_CRYPTO_HASH_SHA384_HMAC
-* RTE_CRYPTO_HASH_SHA512_HMAC
-* RTE_CRYPTO_HASH_AES_XCBC_HMAC
-* RTE_CRYPTO_HASH_AES_CMAC
-* RTE_CRYPTO_HASH_AES_GMAC
-* RTE_CRYPTO_HASH_SHA1
-* RTE_CRYPTO_HASH_SHA224
-* RTE_CRYPTO_HASH_SHA256
-* RTE_CRYPTO_HASH_SHA384
-* RTE_CRYPTO_HASH_SHA512
+* RTE_CRYPTO_CIPHER_ZUC_EEA3
+
+Authentication algorithms:
+
+* RTE_CRYPTO_AUTH_MD5_HMAC
+* RTE_CRYPTO_AUTH_SHA1_HMAC
+* RTE_CRYPTO_AUTH_SHA224_HMAC
+* RTE_CRYPTO_AUTH_SHA256_HMAC
+* RTE_CRYPTO_AUTH_SHA384_HMAC
+* RTE_CRYPTO_AUTH_SHA512_HMAC
+* RTE_CRYPTO_AUTH_AES_XCBC_HMAC
+* RTE_CRYPTO_AUTH_AES_CMAC
+* RTE_CRYPTO_AUTH_AES_GMAC
+* RTE_CRYPTO_AUTH_SHA1
+* RTE_CRYPTO_AUTH_SHA224
+* RTE_CRYPTO_AUTH_SHA256
+* RTE_CRYPTO_AUTH_SHA384
+* RTE_CRYPTO_AUTH_SHA512
+* RTE_CRYPTO_AUTH_ZUC_EIA3
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 38d255aff..47210333c 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -30,6 +30,7 @@ AES DOCSIS BPI = Y
DES CBC = Y
3DES CBC = Y
DES DOCSIS BPI = Y
+ZUC EEA3 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -49,6 +50,7 @@ SHA512 HMAC = Y
AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
+ZUC EIA3 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index df227a177..1dc822cb7 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -55,6 +55,10 @@ New Features
Also, make sure to start the actual text at the margin.
=======================================================
+* **Updated the AESNI MB crypto PMD.**
+
+ * Added support for ZUC-EEA3/EIA3 algorithms.
+
Removed Items
-------------
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index e0c7b4f7c..601ab9a40 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -39,22 +39,25 @@ extern int aesni_mb_logtype_driver;
/* Maximum length for digest */
#define DIGEST_LENGTH_MAX 64
static const unsigned auth_blocksize[] = {
- [NULL_HASH] = 0,
- [MD5] = 64,
- [SHA1] = 64,
- [SHA_224] = 64,
- [SHA_256] = 64,
- [SHA_384] = 128,
- [SHA_512] = 128,
- [AES_XCBC] = 16,
- [AES_CCM] = 16,
- [AES_CMAC] = 16,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 64,
- [PLAIN_SHA_224] = 64,
- [PLAIN_SHA_256] = 64,
- [PLAIN_SHA_384] = 128,
- [PLAIN_SHA_512] = 128
+ [NULL_HASH] = 0,
+ [MD5] = 64,
+ [SHA1] = 64,
+ [SHA_224] = 64,
+ [SHA_256] = 64,
+ [SHA_384] = 128,
+ [SHA_512] = 128,
+ [AES_XCBC] = 16,
+ [AES_CCM] = 16,
+ [AES_CMAC] = 16,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 64,
+ [PLAIN_SHA_224] = 64,
+ [PLAIN_SHA_256] = 64,
+ [PLAIN_SHA_384] = 128,
+ [PLAIN_SHA_512] = 128,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+#endif
};
/**
@@ -70,22 +73,25 @@ get_auth_algo_blocksize(JOB_HASH_ALG algo)
}
static const unsigned auth_truncated_digest_byte_lengths[] = {
- [MD5] = 12,
- [SHA1] = 12,
- [SHA_224] = 14,
- [SHA_256] = 16,
- [SHA_384] = 24,
- [SHA_512] = 32,
- [AES_XCBC] = 12,
- [AES_CMAC] = 12,
- [AES_CCM] = 8,
- [NULL_HASH] = 0,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 12,
+ [SHA1] = 12,
+ [SHA_224] = 14,
+ [SHA_256] = 16,
+ [SHA_384] = 24,
+ [SHA_512] = 32,
+ [AES_XCBC] = 12,
+ [AES_CMAC] = 12,
+ [AES_CCM] = 8,
+ [NULL_HASH] = 0,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
};
/**
@@ -102,22 +108,25 @@ get_truncated_digest_byte_length(JOB_HASH_ALG algo)
}
static const unsigned auth_digest_byte_lengths[] = {
- [MD5] = 16,
- [SHA1] = 20,
- [SHA_224] = 28,
- [SHA_256] = 32,
- [SHA_384] = 48,
- [SHA_512] = 64,
- [AES_XCBC] = 16,
- [AES_CMAC] = 16,
- [AES_CCM] = 16,
- [AES_GMAC] = 12,
- [NULL_HASH] = 0,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 16,
+ [SHA1] = 20,
+ [SHA_224] = 28,
+ [SHA_256] = 32,
+ [SHA_384] = 48,
+ [SHA_512] = 64,
+ [AES_XCBC] = 16,
+ [AES_CMAC] = 16,
+ [AES_CCM] = 16,
+ [AES_GMAC] = 12,
+ [NULL_HASH] = 0,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
};
@@ -189,6 +198,10 @@ struct aesni_mb_session {
uint16_t length;
uint16_t offset;
} iv;
+ struct {
+ uint16_t length;
+ uint16_t offset;
+ } auth_iv;
/**< IV parameters */
/** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
@@ -209,19 +222,23 @@ struct aesni_mb_session {
uint32_t decode[60] __rte_aligned(16);
/**< decode key */
} expanded_aes_keys;
+ /**< Expanded AES keys - Allocating space to
+ * contain the maximum expanded key size which
+ * is 240 bytes for 256 bit AES, calculate by:
+ * ((key size (bytes)) *
+ * ((number of rounds) + 1))
+ */
struct {
const void *ks_ptr[3];
uint64_t key[3][16];
} exp_3des_keys;
+ /**< Expanded 3DES keys */
struct gcm_key_data gcm_key;
+ /**< Expanded GCM key */
+ uint8_t zuc_cipher_key[16];
+ /**< ZUC cipher key */
};
- /**< Expanded AES keys - Allocating space to
- * contain the maximum expanded key size which
- * is 240 bytes for 256 bit AES, calculate by:
- * ((key size (bytes)) *
- * ((number of rounds) + 1))
- */
} cipher;
/** Authentication Parameters */
@@ -260,6 +277,8 @@ struct aesni_mb_session {
/**< k3. */
} cmac;
/**< Expanded XCBC authentication keys */
+ uint8_t zuc_auth_key[16];
+ /**< ZUC authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 1bddbcf74..54023e013 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -146,6 +146,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return -1;
}
+ /* Set IV parameters */
+ sess->auth_iv.offset = xform->auth.iv.offset;
+ sess->auth_iv.length = xform->auth.iv.length;
+
/* Set the request digest size */
sess->auth.req_digest_len = xform->auth.digest_length;
@@ -249,6 +253,22 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return 0;
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {
+ sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+ uint16_t zuc_eia3_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_ZUC_EIA3_BITLEN);
+ if (sess->auth.req_digest_len != zuc_eia3_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
+ return 0;
+ }
+#endif
+
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->auth.algo = MD5;
@@ -381,6 +401,9 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_aes = 0;
uint8_t is_3DES = 0;
uint8_t is_docsis = 0;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ uint8_t is_zuc = 0;
+#endif
if (xform == NULL) {
sess->cipher.mode = NULL_CIPHER;
@@ -429,6 +452,12 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = DES3;
is_3DES = 1;
break;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ case RTE_CRYPTO_CIPHER_ZUC_EEA3:
+ sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
+ is_zuc = 1;
+ break;
+#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
return -ENOTSUP;
@@ -471,7 +500,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.expanded_aes_keys.encode,
sess->cipher.expanded_aes_keys.decode);
break;
-#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
case AES_256_BYTES:
sess->cipher.key_length_in_bytes = AES_256_BYTES;
IMB_AES_KEYEXP_256(mb_mgr, xform->cipher.key.data,
@@ -527,6 +556,16 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
}
sess->cipher.key_length_in_bytes = 24;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ } else if (is_zuc) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
+ 16);
+#endif
} else {
if (xform->cipher.key.length != 8) {
AESNI_MB_LOG(ERR, "Invalid cipher key length");
@@ -693,6 +732,7 @@ aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
/* Default IV length = 0 */
sess->iv.length = 0;
+ sess->auth_iv.length = 0;
ret = aesni_mb_set_session_auth_parameters(mb_mgr, sess, auth_xform);
if (ret != 0) {
@@ -1168,7 +1208,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->aes_enc_key_expanded = &session->cipher.gcm_key;
job->aes_dec_key_expanded = &session->cipher.gcm_key;
break;
-
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_ZUC_EIA3_BITLEN:
+ job->u.ZUC_EIA3._key = session->auth.zuc_auth_key;
+ job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
+#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
job->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;
@@ -1186,6 +1232,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
+ job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
+ job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ }
+#endif
+
if (!op->sym->m_dst) {
/* in-place operation */
m_dst = m_src;
@@ -1286,6 +1339,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
session->iv.offset);
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
+ job->msg_len_to_cipher_in_bytes >>= 3;
+#endif
+
/* Set user data to be crypto operation data struct */
job->user_data = op;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 2362f0c3c..f4c4f56fe 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -497,6 +497,53 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ { /* ZUC (EIA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* ZUC (EEA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ }, }
+ }, }
+ },
+#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v3 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
@ 2020-09-11 15:54 ` Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 15:54 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Add support for SNOW3G-UEA2/UIA2 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v3:
- Fixed compilation
v2:
- Added commit description
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 13 +++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 47 ++++++++++++++++---
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 45 ++++++++++++++++++
6 files changed, 101 insertions(+), 9 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 0cb58bfe5..12bcafcba 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -33,6 +33,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
* RTE_CRYPTO_CIPHER_ZUC_EEA3
+* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
Authentication algorithms:
@@ -51,6 +52,7 @@ Authentication algorithms:
* RTE_CRYPTO_AUTH_SHA384
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
+* RTE_CRYPTO_AUTH_SNOW3G_UIA2
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 47210333c..76a0fd149 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -31,6 +31,7 @@ DES CBC = Y
3DES CBC = Y
DES DOCSIS BPI = Y
ZUC EEA3 = Y
+SNOW3G UEA2 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -51,6 +52,7 @@ AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
+SNOW3G UIA2 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 1dc822cb7..ee8dff904 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -58,6 +58,7 @@ New Features
* **Updated the AESNI MB crypto PMD.**
* Added support for ZUC-EEA3/EIA3 algorithms.
+ * Added support for SNOW3G-UEA2/UIA2 algorithms.
Removed Items
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 601ab9a40..96b044c92 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -56,7 +56,8 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_384] = 128,
[PLAIN_SHA_512] = 128,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
#endif
};
@@ -90,7 +91,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_384] = 48,
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
};
@@ -125,7 +127,8 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_384] = 48,
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -238,6 +241,8 @@ struct aesni_mb_session {
/**< Expanded GCM key */
uint8_t zuc_cipher_key[16];
/**< ZUC cipher key */
+ snow3g_key_schedule_t pKeySched_snow3g_cipher;
+ /**< SNOW3G scheduled cipher key */
};
} cipher;
@@ -279,6 +284,8 @@ struct aesni_mb_session {
/**< Expanded XCBC authentication keys */
uint8_t zuc_auth_key[16];
/**< ZUC authentication key */
+ snow3g_key_schedule_t pKeySched_snow3g_auth;
+ /**< SNOW3G scheduled authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 54023e013..42f89a955 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -266,6 +266,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+ sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
+ uint16_t snow3g_uia2_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN);
+ if (sess->auth.req_digest_len != snow3g_uia2_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_snow3g_auth);
+ return 0;
}
#endif
@@ -403,6 +416,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_docsis = 0;
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
uint8_t is_zuc = 0;
+ uint8_t is_snow3g = 0;
#endif
if (xform == NULL) {
@@ -457,6 +471,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
is_zuc = 1;
break;
+ case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+ sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
+ is_snow3g = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -565,6 +583,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
16);
+ } else if (is_snow3g) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_snow3g_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1214,6 +1240,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_SNOW3G_UIA2_BITLEN:
+ job->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth;
+ job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1232,10 +1263,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+ if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+ session->cipher.mode == GCM))
+ m_offset = op->sym->aead.data.offset;
+ else
+ m_offset = op->sym->cipher.data.offset;
+
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
+ m_offset = 0;
}
#endif
@@ -1253,12 +1293,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
oop = 1;
}
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
- m_offset = op->sym->aead.data.offset;
- else
- m_offset = op->sym->cipher.data.offset;
-
/* Set digest output location */
if (job->hash_alg != NULL_HASH &&
session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -1327,6 +1361,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
break;
default:
+ /* For SNOW3G, length and offsets are already in bits */
job->cipher_start_src_offset_in_bytes =
op->sym->cipher.data.offset;
job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index f4c4f56fe..9554ff0e7 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -543,6 +543,51 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SNOW 3G (UIA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* SNOW 3G (UEA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v3 3/3] crypto/aesni_mb: support KASUMI F8/F9
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
@ 2020-09-11 15:54 ` Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-11 15:54 UTC (permalink / raw)
To: dev; +Cc: Pablo de Lara
Add support for KASUMI-F8/F9 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v3:
- Fixed compilation
v2:
- Added commit description
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 13 ++++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 34 +++++++++++++++
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 41 +++++++++++++++++++
6 files changed, 90 insertions(+), 3 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 12bcafcba..85c462e62 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -34,6 +34,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
* RTE_CRYPTO_CIPHER_ZUC_EEA3
* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
+* RTE_CRYPTO_CIPHER_KASUMI_F8
Authentication algorithms:
@@ -53,6 +54,7 @@ Authentication algorithms:
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
* RTE_CRYPTO_AUTH_SNOW3G_UIA2
+* RTE_CRYPTO_AUTH_KASUMI_F9
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 76a0fd149..f70adcec9 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -32,6 +32,7 @@ DES CBC = Y
DES DOCSIS BPI = Y
ZUC EEA3 = Y
SNOW3G UEA2 = Y
+KASUMI F8 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -53,6 +54,7 @@ AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
SNOW3G UIA2 = Y
+KASUMI F9 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index ee8dff904..2b6370025 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -59,6 +59,7 @@ New Features
* Added support for ZUC-EEA3/EIA3 algorithms.
* Added support for SNOW3G-UEA2/UIA2 algorithms.
+ * Added support for KASUMI-F8/F9 algorithms.
Removed Items
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 96b044c92..e2f36f57c 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -57,7 +57,8 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_512] = 128,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 16,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16,
+ [IMB_AUTH_KASUMI_UIA1] = 16
#endif
};
@@ -92,7 +93,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4,
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
};
@@ -128,7 +130,8 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4,
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -243,6 +246,8 @@ struct aesni_mb_session {
/**< ZUC cipher key */
snow3g_key_schedule_t pKeySched_snow3g_cipher;
/**< SNOW3G scheduled cipher key */
+ kasumi_key_sched_t pKeySched_kasumi_cipher;
+ /**< KASUMI scheduled cipher key */
};
} cipher;
@@ -286,6 +291,8 @@ struct aesni_mb_session {
/**< ZUC authentication key */
snow3g_key_schedule_t pKeySched_snow3g_auth;
/**< SNOW3G scheduled authentication key */
+ kasumi_key_sched_t pKeySched_kasumi_auth;
+ /**< KASUMI scheduled authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 42f89a955..df4d86d0f 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -279,6 +279,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
&sess->auth.pKeySched_snow3g_auth);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_KASUMI_F9) {
+ sess->auth.algo = IMB_AUTH_KASUMI_UIA1;
+ uint16_t kasumi_f9_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_KASUMI_UIA1);
+ if (sess->auth.req_digest_len != kasumi_f9_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_KASUMI_INIT_F9_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_kasumi_auth);
+ return 0;
}
#endif
@@ -417,6 +430,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
uint8_t is_zuc = 0;
uint8_t is_snow3g = 0;
+ uint8_t is_kasumi = 0;
#endif
if (xform == NULL) {
@@ -475,6 +489,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
is_snow3g = 1;
break;
+ case RTE_CRYPTO_CIPHER_KASUMI_F8:
+ sess->cipher.mode = IMB_CIPHER_KASUMI_UEA1_BITLEN;
+ is_kasumi = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -591,6 +609,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
&sess->cipher.pKeySched_snow3g_cipher);
+ } else if (is_kasumi) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_KASUMI_INIT_F8_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_kasumi_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1245,6 +1271,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_KASUMI_UIA1:
+ job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth;
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1276,6 +1305,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
} else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
m_offset = 0;
+ } else if (job->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_kasumi_cipher;
+ m_offset = 0;
}
#endif
@@ -1377,6 +1409,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
job->msg_len_to_cipher_in_bytes >>= 3;
+ else if (job->hash_alg == IMB_AUTH_KASUMI_UIA1)
+ job->msg_len_to_hash_in_bytes >>= 3;
#endif
/* Set user data to be crypto operation data struct */
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 9554ff0e7..7f5ef66c5 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -588,6 +588,47 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* KASUMI (F9) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_KASUMI_F9,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* KASUMI (F8) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_KASUMI_F8,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v4 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
@ 2020-09-21 11:45 ` Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
` (2 more replies)
2 siblings, 3 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-21 11:45 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Add support for ZUC-EEA3/EIA3 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v3/v4:
- No changes
v2:
- Added commit description
- Fixed checkpatch issues
---
doc/guides/cryptodevs/aesni_mb.rst | 36 ++---
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 4 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 127 ++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 62 ++++++++-
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 47 +++++++
6 files changed, 205 insertions(+), 73 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 15388d20a..0cb58bfe5 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -32,23 +32,25 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_DES_CBC
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
-
-Hash algorithms:
-
-* RTE_CRYPTO_HASH_MD5_HMAC
-* RTE_CRYPTO_HASH_SHA1_HMAC
-* RTE_CRYPTO_HASH_SHA224_HMAC
-* RTE_CRYPTO_HASH_SHA256_HMAC
-* RTE_CRYPTO_HASH_SHA384_HMAC
-* RTE_CRYPTO_HASH_SHA512_HMAC
-* RTE_CRYPTO_HASH_AES_XCBC_HMAC
-* RTE_CRYPTO_HASH_AES_CMAC
-* RTE_CRYPTO_HASH_AES_GMAC
-* RTE_CRYPTO_HASH_SHA1
-* RTE_CRYPTO_HASH_SHA224
-* RTE_CRYPTO_HASH_SHA256
-* RTE_CRYPTO_HASH_SHA384
-* RTE_CRYPTO_HASH_SHA512
+* RTE_CRYPTO_CIPHER_ZUC_EEA3
+
+Authentication algorithms:
+
+* RTE_CRYPTO_AUTH_MD5_HMAC
+* RTE_CRYPTO_AUTH_SHA1_HMAC
+* RTE_CRYPTO_AUTH_SHA224_HMAC
+* RTE_CRYPTO_AUTH_SHA256_HMAC
+* RTE_CRYPTO_AUTH_SHA384_HMAC
+* RTE_CRYPTO_AUTH_SHA512_HMAC
+* RTE_CRYPTO_AUTH_AES_XCBC_HMAC
+* RTE_CRYPTO_AUTH_AES_CMAC
+* RTE_CRYPTO_AUTH_AES_GMAC
+* RTE_CRYPTO_AUTH_SHA1
+* RTE_CRYPTO_AUTH_SHA224
+* RTE_CRYPTO_AUTH_SHA256
+* RTE_CRYPTO_AUTH_SHA384
+* RTE_CRYPTO_AUTH_SHA512
+* RTE_CRYPTO_AUTH_ZUC_EIA3
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 38d255aff..47210333c 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -30,6 +30,7 @@ AES DOCSIS BPI = Y
DES CBC = Y
3DES CBC = Y
DES DOCSIS BPI = Y
+ZUC EEA3 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -49,6 +50,7 @@ SHA512 HMAC = Y
AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
+ZUC EIA3 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index df227a177..1dc822cb7 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -55,6 +55,10 @@ New Features
Also, make sure to start the actual text at the margin.
=======================================================
+* **Updated the AESNI MB crypto PMD.**
+
+ * Added support for ZUC-EEA3/EIA3 algorithms.
+
Removed Items
-------------
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index e0c7b4f7c..601ab9a40 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -39,22 +39,25 @@ extern int aesni_mb_logtype_driver;
/* Maximum length for digest */
#define DIGEST_LENGTH_MAX 64
static const unsigned auth_blocksize[] = {
- [NULL_HASH] = 0,
- [MD5] = 64,
- [SHA1] = 64,
- [SHA_224] = 64,
- [SHA_256] = 64,
- [SHA_384] = 128,
- [SHA_512] = 128,
- [AES_XCBC] = 16,
- [AES_CCM] = 16,
- [AES_CMAC] = 16,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 64,
- [PLAIN_SHA_224] = 64,
- [PLAIN_SHA_256] = 64,
- [PLAIN_SHA_384] = 128,
- [PLAIN_SHA_512] = 128
+ [NULL_HASH] = 0,
+ [MD5] = 64,
+ [SHA1] = 64,
+ [SHA_224] = 64,
+ [SHA_256] = 64,
+ [SHA_384] = 128,
+ [SHA_512] = 128,
+ [AES_XCBC] = 16,
+ [AES_CCM] = 16,
+ [AES_CMAC] = 16,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 64,
+ [PLAIN_SHA_224] = 64,
+ [PLAIN_SHA_256] = 64,
+ [PLAIN_SHA_384] = 128,
+ [PLAIN_SHA_512] = 128,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+#endif
};
/**
@@ -70,22 +73,25 @@ get_auth_algo_blocksize(JOB_HASH_ALG algo)
}
static const unsigned auth_truncated_digest_byte_lengths[] = {
- [MD5] = 12,
- [SHA1] = 12,
- [SHA_224] = 14,
- [SHA_256] = 16,
- [SHA_384] = 24,
- [SHA_512] = 32,
- [AES_XCBC] = 12,
- [AES_CMAC] = 12,
- [AES_CCM] = 8,
- [NULL_HASH] = 0,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 12,
+ [SHA1] = 12,
+ [SHA_224] = 14,
+ [SHA_256] = 16,
+ [SHA_384] = 24,
+ [SHA_512] = 32,
+ [AES_XCBC] = 12,
+ [AES_CMAC] = 12,
+ [AES_CCM] = 8,
+ [NULL_HASH] = 0,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
};
/**
@@ -102,22 +108,25 @@ get_truncated_digest_byte_length(JOB_HASH_ALG algo)
}
static const unsigned auth_digest_byte_lengths[] = {
- [MD5] = 16,
- [SHA1] = 20,
- [SHA_224] = 28,
- [SHA_256] = 32,
- [SHA_384] = 48,
- [SHA_512] = 64,
- [AES_XCBC] = 16,
- [AES_CMAC] = 16,
- [AES_CCM] = 16,
- [AES_GMAC] = 12,
- [NULL_HASH] = 0,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 16,
+ [SHA1] = 20,
+ [SHA_224] = 28,
+ [SHA_256] = 32,
+ [SHA_384] = 48,
+ [SHA_512] = 64,
+ [AES_XCBC] = 16,
+ [AES_CMAC] = 16,
+ [AES_CCM] = 16,
+ [AES_GMAC] = 12,
+ [NULL_HASH] = 0,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
};
@@ -189,6 +198,10 @@ struct aesni_mb_session {
uint16_t length;
uint16_t offset;
} iv;
+ struct {
+ uint16_t length;
+ uint16_t offset;
+ } auth_iv;
/**< IV parameters */
/** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
@@ -209,19 +222,23 @@ struct aesni_mb_session {
uint32_t decode[60] __rte_aligned(16);
/**< decode key */
} expanded_aes_keys;
+ /**< Expanded AES keys - Allocating space to
+ * contain the maximum expanded key size which
+ * is 240 bytes for 256 bit AES, calculate by:
+ * ((key size (bytes)) *
+ * ((number of rounds) + 1))
+ */
struct {
const void *ks_ptr[3];
uint64_t key[3][16];
} exp_3des_keys;
+ /**< Expanded 3DES keys */
struct gcm_key_data gcm_key;
+ /**< Expanded GCM key */
+ uint8_t zuc_cipher_key[16];
+ /**< ZUC cipher key */
};
- /**< Expanded AES keys - Allocating space to
- * contain the maximum expanded key size which
- * is 240 bytes for 256 bit AES, calculate by:
- * ((key size (bytes)) *
- * ((number of rounds) + 1))
- */
} cipher;
/** Authentication Parameters */
@@ -260,6 +277,8 @@ struct aesni_mb_session {
/**< k3. */
} cmac;
/**< Expanded XCBC authentication keys */
+ uint8_t zuc_auth_key[16];
+ /**< ZUC authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 1bddbcf74..54023e013 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -146,6 +146,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return -1;
}
+ /* Set IV parameters */
+ sess->auth_iv.offset = xform->auth.iv.offset;
+ sess->auth_iv.length = xform->auth.iv.length;
+
/* Set the request digest size */
sess->auth.req_digest_len = xform->auth.digest_length;
@@ -249,6 +253,22 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return 0;
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {
+ sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+ uint16_t zuc_eia3_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_ZUC_EIA3_BITLEN);
+ if (sess->auth.req_digest_len != zuc_eia3_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
+ return 0;
+ }
+#endif
+
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->auth.algo = MD5;
@@ -381,6 +401,9 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_aes = 0;
uint8_t is_3DES = 0;
uint8_t is_docsis = 0;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ uint8_t is_zuc = 0;
+#endif
if (xform == NULL) {
sess->cipher.mode = NULL_CIPHER;
@@ -429,6 +452,12 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = DES3;
is_3DES = 1;
break;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ case RTE_CRYPTO_CIPHER_ZUC_EEA3:
+ sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
+ is_zuc = 1;
+ break;
+#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
return -ENOTSUP;
@@ -471,7 +500,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.expanded_aes_keys.encode,
sess->cipher.expanded_aes_keys.decode);
break;
-#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
case AES_256_BYTES:
sess->cipher.key_length_in_bytes = AES_256_BYTES;
IMB_AES_KEYEXP_256(mb_mgr, xform->cipher.key.data,
@@ -527,6 +556,16 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
}
sess->cipher.key_length_in_bytes = 24;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ } else if (is_zuc) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
+ 16);
+#endif
} else {
if (xform->cipher.key.length != 8) {
AESNI_MB_LOG(ERR, "Invalid cipher key length");
@@ -693,6 +732,7 @@ aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
/* Default IV length = 0 */
sess->iv.length = 0;
+ sess->auth_iv.length = 0;
ret = aesni_mb_set_session_auth_parameters(mb_mgr, sess, auth_xform);
if (ret != 0) {
@@ -1168,7 +1208,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->aes_enc_key_expanded = &session->cipher.gcm_key;
job->aes_dec_key_expanded = &session->cipher.gcm_key;
break;
-
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_ZUC_EIA3_BITLEN:
+ job->u.ZUC_EIA3._key = session->auth.zuc_auth_key;
+ job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
+#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
job->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;
@@ -1186,6 +1232,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
+ job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
+ job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ }
+#endif
+
if (!op->sym->m_dst) {
/* in-place operation */
m_dst = m_src;
@@ -1286,6 +1339,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
session->iv.offset);
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
+ job->msg_len_to_cipher_in_bytes >>= 3;
+#endif
+
/* Set user data to be crypto operation data struct */
job->user_data = op;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 2362f0c3c..f4c4f56fe 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -497,6 +497,53 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ { /* ZUC (EIA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* ZUC (EEA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ }, }
+ }, }
+ },
+#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v4 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
@ 2020-09-21 11:45 ` Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-21 11:45 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Add support for SNOW3G-UEA2/UIA2 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v3/v4:
- Fixed compilation when intel-ipsec-mb version is lower than 0.54
v2:
- Added commit description
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 17 +++++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 47 ++++++++++++++++---
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 45 ++++++++++++++++++
6 files changed, 105 insertions(+), 9 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 0cb58bfe5..12bcafcba 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -33,6 +33,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_3DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
* RTE_CRYPTO_CIPHER_ZUC_EEA3
+* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
Authentication algorithms:
@@ -51,6 +52,7 @@ Authentication algorithms:
* RTE_CRYPTO_AUTH_SHA384
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
+* RTE_CRYPTO_AUTH_SNOW3G_UIA2
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 47210333c..76a0fd149 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -31,6 +31,7 @@ DES CBC = Y
3DES CBC = Y
DES DOCSIS BPI = Y
ZUC EEA3 = Y
+SNOW3G UEA2 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -51,6 +52,7 @@ AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
+SNOW3G UIA2 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 1dc822cb7..ee8dff904 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -58,6 +58,7 @@ New Features
* **Updated the AESNI MB crypto PMD.**
* Added support for ZUC-EEA3/EIA3 algorithms.
+ * Added support for SNOW3G-UEA2/UIA2 algorithms.
Removed Items
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 601ab9a40..85039dbf2 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -56,7 +56,8 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_384] = 128,
[PLAIN_SHA_512] = 128,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
#endif
};
@@ -90,7 +91,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_384] = 48,
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
};
@@ -125,7 +127,8 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_384] = 48,
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -238,6 +241,10 @@ struct aesni_mb_session {
/**< Expanded GCM key */
uint8_t zuc_cipher_key[16];
/**< ZUC cipher key */
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ snow3g_key_schedule_t pKeySched_snow3g_cipher;
+ /**< SNOW3G scheduled cipher key */
+#endif
};
} cipher;
@@ -279,6 +286,10 @@ struct aesni_mb_session {
/**< Expanded XCBC authentication keys */
uint8_t zuc_auth_key[16];
/**< ZUC authentication key */
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ snow3g_key_schedule_t pKeySched_snow3g_auth;
+ /**< SNOW3G scheduled authentication key */
+#endif
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 54023e013..42f89a955 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -266,6 +266,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+ sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
+ uint16_t snow3g_uia2_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN);
+ if (sess->auth.req_digest_len != snow3g_uia2_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_snow3g_auth);
+ return 0;
}
#endif
@@ -403,6 +416,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_docsis = 0;
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
uint8_t is_zuc = 0;
+ uint8_t is_snow3g = 0;
#endif
if (xform == NULL) {
@@ -457,6 +471,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
is_zuc = 1;
break;
+ case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+ sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
+ is_snow3g = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -565,6 +583,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
16);
+ } else if (is_snow3g) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_snow3g_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1214,6 +1240,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_SNOW3G_UIA2_BITLEN:
+ job->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth;
+ job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1232,10 +1263,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+ if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+ session->cipher.mode == GCM))
+ m_offset = op->sym->aead.data.offset;
+ else
+ m_offset = op->sym->cipher.data.offset;
+
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
+ m_offset = 0;
}
#endif
@@ -1253,12 +1293,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
oop = 1;
}
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
- m_offset = op->sym->aead.data.offset;
- else
- m_offset = op->sym->cipher.data.offset;
-
/* Set digest output location */
if (job->hash_alg != NULL_HASH &&
session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -1327,6 +1361,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
break;
default:
+ /* For SNOW3G, length and offsets are already in bits */
job->cipher_start_src_offset_in_bytes =
op->sym->cipher.data.offset;
job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index f4c4f56fe..9554ff0e7 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -543,6 +543,51 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SNOW 3G (UIA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* SNOW 3G (UEA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v4 3/3] crypto/aesni_mb: support KASUMI F8/F9
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
@ 2020-09-21 11:45 ` Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-09-21 11:45 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Add support for KASUMI-F8/F9 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v3/v4:
- Fixed compilation when intel-ipsec-mb version is lower than 0.54
v2:
- Added commit description
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 13 ++++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 34 +++++++++++++++
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 41 +++++++++++++++++++
6 files changed, 90 insertions(+), 3 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 12bcafcba..85c462e62 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -34,6 +34,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
* RTE_CRYPTO_CIPHER_ZUC_EEA3
* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
+* RTE_CRYPTO_CIPHER_KASUMI_F8
Authentication algorithms:
@@ -53,6 +54,7 @@ Authentication algorithms:
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
* RTE_CRYPTO_AUTH_SNOW3G_UIA2
+* RTE_CRYPTO_AUTH_KASUMI_F9
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 76a0fd149..f70adcec9 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -32,6 +32,7 @@ DES CBC = Y
DES DOCSIS BPI = Y
ZUC EEA3 = Y
SNOW3G UEA2 = Y
+KASUMI F8 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -53,6 +54,7 @@ AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
SNOW3G UIA2 = Y
+KASUMI F9 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index ee8dff904..2b6370025 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -59,6 +59,7 @@ New Features
* Added support for ZUC-EEA3/EIA3 algorithms.
* Added support for SNOW3G-UEA2/UIA2 algorithms.
+ * Added support for KASUMI-F8/F9 algorithms.
Removed Items
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 85039dbf2..9693bf985 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -57,7 +57,8 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_512] = 128,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 16,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16,
+ [IMB_AUTH_KASUMI_UIA1] = 16
#endif
};
@@ -92,7 +93,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4,
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
};
@@ -128,7 +130,8 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4,
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -244,6 +247,8 @@ struct aesni_mb_session {
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
snow3g_key_schedule_t pKeySched_snow3g_cipher;
/**< SNOW3G scheduled cipher key */
+ kasumi_key_sched_t pKeySched_kasumi_cipher;
+ /**< KASUMI scheduled cipher key */
#endif
};
} cipher;
@@ -289,6 +294,8 @@ struct aesni_mb_session {
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
snow3g_key_schedule_t pKeySched_snow3g_auth;
/**< SNOW3G scheduled authentication key */
+ kasumi_key_sched_t pKeySched_kasumi_auth;
+ /**< KASUMI scheduled authentication key */
#endif
};
/** Generated digest size by the Multi-buffer library */
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 42f89a955..df4d86d0f 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -279,6 +279,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
&sess->auth.pKeySched_snow3g_auth);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_KASUMI_F9) {
+ sess->auth.algo = IMB_AUTH_KASUMI_UIA1;
+ uint16_t kasumi_f9_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_KASUMI_UIA1);
+ if (sess->auth.req_digest_len != kasumi_f9_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_KASUMI_INIT_F9_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_kasumi_auth);
+ return 0;
}
#endif
@@ -417,6 +430,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
uint8_t is_zuc = 0;
uint8_t is_snow3g = 0;
+ uint8_t is_kasumi = 0;
#endif
if (xform == NULL) {
@@ -475,6 +489,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
is_snow3g = 1;
break;
+ case RTE_CRYPTO_CIPHER_KASUMI_F8:
+ sess->cipher.mode = IMB_CIPHER_KASUMI_UEA1_BITLEN;
+ is_kasumi = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -591,6 +609,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
&sess->cipher.pKeySched_snow3g_cipher);
+ } else if (is_kasumi) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_KASUMI_INIT_F8_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_kasumi_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1245,6 +1271,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_KASUMI_UIA1:
+ job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth;
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1276,6 +1305,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
} else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
m_offset = 0;
+ } else if (job->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_kasumi_cipher;
+ m_offset = 0;
}
#endif
@@ -1377,6 +1409,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
job->msg_len_to_cipher_in_bytes >>= 3;
+ else if (job->hash_alg == IMB_AUTH_KASUMI_UIA1)
+ job->msg_len_to_hash_in_bytes >>= 3;
#endif
/* Set user data to be crypto operation data struct */
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 9554ff0e7..7f5ef66c5 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -588,6 +588,47 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* KASUMI (F9) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_KASUMI_F9,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* KASUMI (F8) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_KASUMI_F8,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
@ 2020-10-09 11:29 ` Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
` (2 more replies)
2 siblings, 3 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-10-09 11:29 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Add support for ZUC-EEA3/EIA3 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v5:
- Added NON_BYTE_ALIGNED feature flag
- Rebased on top of crypto subtree
v3/v4:
- No changes
v2:
- Added commit description
- Fixed checkpatch issues
---
doc/guides/cryptodevs/aesni_mb.rst | 30 +++--
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 5 +-
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 127 ++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 63 ++++++++-
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 47 +++++++
6 files changed, 202 insertions(+), 72 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 69d69ff31..9d34803df 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -35,23 +35,25 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES128_ECB
* RTE_CRYPTO_CIPHER_AES192_ECB
* RTE_CRYPTO_CIPHER_AES256_ECB
+* RTE_CRYPTO_CIPHER_ZUC_EEA3
Hash algorithms:
-* RTE_CRYPTO_HASH_MD5_HMAC
-* RTE_CRYPTO_HASH_SHA1_HMAC
-* RTE_CRYPTO_HASH_SHA224_HMAC
-* RTE_CRYPTO_HASH_SHA256_HMAC
-* RTE_CRYPTO_HASH_SHA384_HMAC
-* RTE_CRYPTO_HASH_SHA512_HMAC
-* RTE_CRYPTO_HASH_AES_XCBC_HMAC
-* RTE_CRYPTO_HASH_AES_CMAC
-* RTE_CRYPTO_HASH_AES_GMAC
-* RTE_CRYPTO_HASH_SHA1
-* RTE_CRYPTO_HASH_SHA224
-* RTE_CRYPTO_HASH_SHA256
-* RTE_CRYPTO_HASH_SHA384
-* RTE_CRYPTO_HASH_SHA512
+* RTE_CRYPTO_AUTH_MD5_HMAC
+* RTE_CRYPTO_AUTH_SHA1_HMAC
+* RTE_CRYPTO_AUTH_SHA224_HMAC
+* RTE_CRYPTO_AUTH_SHA256_HMAC
+* RTE_CRYPTO_AUTH_SHA384_HMAC
+* RTE_CRYPTO_AUTH_SHA512_HMAC
+* RTE_CRYPTO_AUTH_AES_XCBC_HMAC
+* RTE_CRYPTO_AUTH_AES_CMAC
+* RTE_CRYPTO_AUTH_AES_GMAC
+* RTE_CRYPTO_AUTH_SHA1
+* RTE_CRYPTO_AUTH_SHA224
+* RTE_CRYPTO_AUTH_SHA256
+* RTE_CRYPTO_AUTH_SHA384
+* RTE_CRYPTO_AUTH_SHA512
+* RTE_CRYPTO_AUTH_ZUC_EIA3
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 126b3a496..1b5c2bea2 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -33,6 +33,7 @@ DES DOCSIS BPI = Y
AES ECB (128) = Y
AES ECB (192) = Y
AES ECB (256) = Y
+ZUC EEA3 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -52,6 +53,7 @@ SHA512 HMAC = Y
AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
+ZUC EIA3 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index e58d191fe..512e98993 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -74,9 +74,10 @@ New Features
* Added SR-IOV PF support
-* **Added support for AES-ECB in aesni_mb crypto PMD.**
+* **Updated the aesni_mb crypto PMD.**
- * Added support for AES-ECB 128, 192 and 256 in aesni_mb PMD.
+ * Added support for AES-ECB 128, 192 and 256.
+ * Added support for ZUC-EEA3/EIA3 algorithms.
* **Added Intel ACC100 bbdev PMD.**
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index e0c7b4f7c..601ab9a40 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -39,22 +39,25 @@ extern int aesni_mb_logtype_driver;
/* Maximum length for digest */
#define DIGEST_LENGTH_MAX 64
static const unsigned auth_blocksize[] = {
- [NULL_HASH] = 0,
- [MD5] = 64,
- [SHA1] = 64,
- [SHA_224] = 64,
- [SHA_256] = 64,
- [SHA_384] = 128,
- [SHA_512] = 128,
- [AES_XCBC] = 16,
- [AES_CCM] = 16,
- [AES_CMAC] = 16,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 64,
- [PLAIN_SHA_224] = 64,
- [PLAIN_SHA_256] = 64,
- [PLAIN_SHA_384] = 128,
- [PLAIN_SHA_512] = 128
+ [NULL_HASH] = 0,
+ [MD5] = 64,
+ [SHA1] = 64,
+ [SHA_224] = 64,
+ [SHA_256] = 64,
+ [SHA_384] = 128,
+ [SHA_512] = 128,
+ [AES_XCBC] = 16,
+ [AES_CCM] = 16,
+ [AES_CMAC] = 16,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 64,
+ [PLAIN_SHA_224] = 64,
+ [PLAIN_SHA_256] = 64,
+ [PLAIN_SHA_384] = 128,
+ [PLAIN_SHA_512] = 128,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+#endif
};
/**
@@ -70,22 +73,25 @@ get_auth_algo_blocksize(JOB_HASH_ALG algo)
}
static const unsigned auth_truncated_digest_byte_lengths[] = {
- [MD5] = 12,
- [SHA1] = 12,
- [SHA_224] = 14,
- [SHA_256] = 16,
- [SHA_384] = 24,
- [SHA_512] = 32,
- [AES_XCBC] = 12,
- [AES_CMAC] = 12,
- [AES_CCM] = 8,
- [NULL_HASH] = 0,
- [AES_GMAC] = 16,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 12,
+ [SHA1] = 12,
+ [SHA_224] = 14,
+ [SHA_256] = 16,
+ [SHA_384] = 24,
+ [SHA_512] = 32,
+ [AES_XCBC] = 12,
+ [AES_CMAC] = 12,
+ [AES_CCM] = 8,
+ [NULL_HASH] = 0,
+ [AES_GMAC] = 16,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
};
/**
@@ -102,22 +108,25 @@ get_truncated_digest_byte_length(JOB_HASH_ALG algo)
}
static const unsigned auth_digest_byte_lengths[] = {
- [MD5] = 16,
- [SHA1] = 20,
- [SHA_224] = 28,
- [SHA_256] = 32,
- [SHA_384] = 48,
- [SHA_512] = 64,
- [AES_XCBC] = 16,
- [AES_CMAC] = 16,
- [AES_CCM] = 16,
- [AES_GMAC] = 12,
- [NULL_HASH] = 0,
- [PLAIN_SHA1] = 20,
- [PLAIN_SHA_224] = 28,
- [PLAIN_SHA_256] = 32,
- [PLAIN_SHA_384] = 48,
- [PLAIN_SHA_512] = 64
+ [MD5] = 16,
+ [SHA1] = 20,
+ [SHA_224] = 28,
+ [SHA_256] = 32,
+ [SHA_384] = 48,
+ [SHA_512] = 64,
+ [AES_XCBC] = 16,
+ [AES_CMAC] = 16,
+ [AES_CCM] = 16,
+ [AES_GMAC] = 12,
+ [NULL_HASH] = 0,
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64,
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
};
@@ -189,6 +198,10 @@ struct aesni_mb_session {
uint16_t length;
uint16_t offset;
} iv;
+ struct {
+ uint16_t length;
+ uint16_t offset;
+ } auth_iv;
/**< IV parameters */
/** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
@@ -209,19 +222,23 @@ struct aesni_mb_session {
uint32_t decode[60] __rte_aligned(16);
/**< decode key */
} expanded_aes_keys;
+ /**< Expanded AES keys - Allocating space to
+ * contain the maximum expanded key size which
+ * is 240 bytes for 256 bit AES, calculate by:
+ * ((key size (bytes)) *
+ * ((number of rounds) + 1))
+ */
struct {
const void *ks_ptr[3];
uint64_t key[3][16];
} exp_3des_keys;
+ /**< Expanded 3DES keys */
struct gcm_key_data gcm_key;
+ /**< Expanded GCM key */
+ uint8_t zuc_cipher_key[16];
+ /**< ZUC cipher key */
};
- /**< Expanded AES keys - Allocating space to
- * contain the maximum expanded key size which
- * is 240 bytes for 256 bit AES, calculate by:
- * ((key size (bytes)) *
- * ((number of rounds) + 1))
- */
} cipher;
/** Authentication Parameters */
@@ -260,6 +277,8 @@ struct aesni_mb_session {
/**< k3. */
} cmac;
/**< Expanded XCBC authentication keys */
+ uint8_t zuc_auth_key[16];
+ /**< ZUC authentication key */
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index e49428358..dbd79d5dc 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -146,6 +146,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return -1;
}
+ /* Set IV parameters */
+ sess->auth_iv.offset = xform->auth.iv.offset;
+ sess->auth_iv.length = xform->auth.iv.length;
+
/* Set the request digest size */
sess->auth.req_digest_len = xform->auth.digest_length;
@@ -249,6 +253,22 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
return 0;
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {
+ sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+ uint16_t zuc_eia3_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_ZUC_EIA3_BITLEN);
+ if (sess->auth.req_digest_len != zuc_eia3_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
+ return 0;
+ }
+#endif
+
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->auth.algo = MD5;
@@ -381,6 +401,9 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_aes = 0;
uint8_t is_3DES = 0;
uint8_t is_docsis = 0;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ uint8_t is_zuc = 0;
+#endif
if (xform == NULL) {
sess->cipher.mode = NULL_CIPHER;
@@ -434,6 +457,12 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = ECB;
is_aes = 1;
break;
+#endif
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ case RTE_CRYPTO_CIPHER_ZUC_EEA3:
+ sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
+ is_zuc = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -477,7 +506,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.expanded_aes_keys.encode,
sess->cipher.expanded_aes_keys.decode);
break;
-#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
case AES_256_BYTES:
sess->cipher.key_length_in_bytes = AES_256_BYTES;
IMB_AES_KEYEXP_256(mb_mgr, xform->cipher.key.data,
@@ -533,6 +562,16 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
}
sess->cipher.key_length_in_bytes = 24;
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ } else if (is_zuc) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
+ 16);
+#endif
} else {
if (xform->cipher.key.length != 8) {
AESNI_MB_LOG(ERR, "Invalid cipher key length");
@@ -699,6 +738,7 @@ aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
/* Default IV length = 0 */
sess->iv.length = 0;
+ sess->auth_iv.length = 0;
ret = aesni_mb_set_session_auth_parameters(mb_mgr, sess, auth_xform);
if (ret != 0) {
@@ -1174,7 +1214,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->aes_enc_key_expanded = &session->cipher.gcm_key;
job->aes_dec_key_expanded = &session->cipher.gcm_key;
break;
-
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_ZUC_EIA3_BITLEN:
+ job->u.ZUC_EIA3._key = session->auth.zuc_auth_key;
+ job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
+#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
job->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;
@@ -1192,6 +1238,13 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
+ job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
+ job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ }
+#endif
+
if (!op->sym->m_dst) {
/* in-place operation */
m_dst = m_src;
@@ -1292,6 +1345,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
session->iv.offset);
}
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
+ job->msg_len_to_cipher_in_bytes >>= 3;
+#endif
+
/* Set user data to be crypto operation data struct */
job->user_data = op;
@@ -1915,6 +1973,7 @@ cryptodev_aesni_mb_create(const char *name,
RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO |
+ RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA |
RTE_CRYPTODEV_FF_SYM_SESSIONLESS;
#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index ccec4ebd0..0ada3b9e1 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -514,6 +514,53 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+#endif
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ { /* ZUC (EIA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_ZUC_EIA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* ZUC (EEA3) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v5 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
@ 2020-10-09 11:29 ` Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-10-09 14:11 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Akhil Goyal
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-10-09 11:29 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Add support for SNOW3G-UEA2/UIA2 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v5:
- Rebased on top of crypto subtree
v3/v4:
- Fixed compilation when intel-ipsec-mb version is lower than 0.54
v2:
- Added commit description
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 17 +++++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 47 ++++++++++++++++---
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 45 ++++++++++++++++++
6 files changed, 105 insertions(+), 9 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 9d34803df..18631f6db 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -36,6 +36,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES192_ECB
* RTE_CRYPTO_CIPHER_AES256_ECB
* RTE_CRYPTO_CIPHER_ZUC_EEA3
+* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
Hash algorithms:
@@ -54,6 +55,7 @@ Hash algorithms:
* RTE_CRYPTO_AUTH_SHA384
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
+* RTE_CRYPTO_AUTH_SNOW3G_UIA2
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 1b5c2bea2..ea37a6a58 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -34,6 +34,7 @@ AES ECB (128) = Y
AES ECB (192) = Y
AES ECB (256) = Y
ZUC EEA3 = Y
+SNOW3G UEA2 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -54,6 +55,7 @@ AES XCBC MAC = Y
AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
+SNOW3G UIA2 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 512e98993..da2fe9e44 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -78,6 +78,7 @@ New Features
* Added support for AES-ECB 128, 192 and 256.
* Added support for ZUC-EEA3/EIA3 algorithms.
+ * Added support for SNOW3G-UEA2/UIA2 algorithms.
* **Added Intel ACC100 bbdev PMD.**
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 601ab9a40..85039dbf2 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -56,7 +56,8 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_384] = 128,
[PLAIN_SHA_512] = 128,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 16
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 16,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
#endif
};
@@ -90,7 +91,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_384] = 48,
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
};
@@ -125,7 +127,8 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_384] = 48,
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
- [IMB_AUTH_ZUC_EIA3_BITLEN] = 4
+ [IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -238,6 +241,10 @@ struct aesni_mb_session {
/**< Expanded GCM key */
uint8_t zuc_cipher_key[16];
/**< ZUC cipher key */
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ snow3g_key_schedule_t pKeySched_snow3g_cipher;
+ /**< SNOW3G scheduled cipher key */
+#endif
};
} cipher;
@@ -279,6 +286,10 @@ struct aesni_mb_session {
/**< Expanded XCBC authentication keys */
uint8_t zuc_auth_key[16];
/**< ZUC authentication key */
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+ snow3g_key_schedule_t pKeySched_snow3g_auth;
+ /**< SNOW3G scheduled authentication key */
+#endif
};
/** Generated digest size by the Multi-buffer library */
uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index dbd79d5dc..bb917b8ff 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -266,6 +266,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+ sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
+ uint16_t snow3g_uia2_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN);
+ if (sess->auth.req_digest_len != snow3g_uia2_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_snow3g_auth);
+ return 0;
}
#endif
@@ -403,6 +416,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
uint8_t is_docsis = 0;
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
uint8_t is_zuc = 0;
+ uint8_t is_snow3g = 0;
#endif
if (xform == NULL) {
@@ -463,6 +477,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
is_zuc = 1;
break;
+ case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+ sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
+ is_snow3g = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -571,6 +589,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
16);
+ } else if (is_snow3g) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_snow3g_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1220,6 +1246,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_SNOW3G_UIA2_BITLEN:
+ job->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth;
+ job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->auth_iv.offset);
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1238,10 +1269,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
+ if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+ session->cipher.mode == GCM))
+ m_offset = op->sym->aead.data.offset;
+ else
+ m_offset = op->sym->cipher.data.offset;
+
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+ } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
+ m_offset = 0;
}
#endif
@@ -1259,12 +1299,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
oop = 1;
}
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
- m_offset = op->sym->aead.data.offset;
- else
- m_offset = op->sym->cipher.data.offset;
-
/* Set digest output location */
if (job->hash_alg != NULL_HASH &&
session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -1333,6 +1367,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
break;
default:
+ /* For SNOW3G, length and offsets are already in bits */
job->cipher_start_src_offset_in_bytes =
op->sym->cipher.data.offset;
job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 0ada3b9e1..2b236b754 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -561,6 +561,51 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SNOW 3G (UIA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* SNOW 3G (UEA2) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
+ .block_size = 16,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* [dpdk-dev] [PATCH v5 3/3] crypto/aesni_mb: support KASUMI F8/F9
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
@ 2020-10-09 11:29 ` Pablo de Lara
2020-10-09 14:11 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Akhil Goyal
2 siblings, 0 replies; 16+ messages in thread
From: Pablo de Lara @ 2020-10-09 11:29 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Add support for KASUMI-F8/F9 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
v5:
- Rebased on top of crypto subtree
v3/v4:
- Fixed compilation when intel-ipsec-mb version is lower than 0.54
v2:
- Added commit description
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 2 +
doc/guides/rel_notes/release_20_11.rst | 1 +
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 13 ++++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 34 +++++++++++++++
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 41 +++++++++++++++++++
6 files changed, 90 insertions(+), 3 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 18631f6db..abc10fbda 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -37,6 +37,7 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES256_ECB
* RTE_CRYPTO_CIPHER_ZUC_EEA3
* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
+* RTE_CRYPTO_CIPHER_KASUMI_F8
Hash algorithms:
@@ -56,6 +57,7 @@ Hash algorithms:
* RTE_CRYPTO_AUTH_SHA512
* RTE_CRYPTO_AUTH_ZUC_EIA3
* RTE_CRYPTO_AUTH_SNOW3G_UIA2
+* RTE_CRYPTO_AUTH_KASUMI_F9
AEAD algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index ea37a6a58..356139d46 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -35,6 +35,7 @@ AES ECB (192) = Y
AES ECB (256) = Y
ZUC EEA3 = Y
SNOW3G UEA2 = Y
+KASUMI F8 = Y
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -56,6 +57,7 @@ AES CMAC (128) = Y
AES GMAC = Y
ZUC EIA3 = Y
SNOW3G UIA2 = Y
+KASUMI F9 = Y
;
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index da2fe9e44..015cea576 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -79,6 +79,7 @@ New Features
* Added support for AES-ECB 128, 192 and 256.
* Added support for ZUC-EEA3/EIA3 algorithms.
* Added support for SNOW3G-UEA2/UIA2 algorithms.
+ * Added support for KASUMI-F8/F9 algorithms.
* **Added Intel ACC100 bbdev PMD.**
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 85039dbf2..9693bf985 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -57,7 +57,8 @@ static const unsigned auth_blocksize[] = {
[PLAIN_SHA_512] = 128,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 16,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16,
+ [IMB_AUTH_KASUMI_UIA1] = 16
#endif
};
@@ -92,7 +93,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4,
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
};
@@ -128,7 +130,8 @@ static const unsigned auth_digest_byte_lengths[] = {
[PLAIN_SHA_512] = 64,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
[IMB_AUTH_ZUC_EIA3_BITLEN] = 4,
- [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4
+ [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4,
+ [IMB_AUTH_KASUMI_UIA1] = 4
#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
@@ -244,6 +247,8 @@ struct aesni_mb_session {
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
snow3g_key_schedule_t pKeySched_snow3g_cipher;
/**< SNOW3G scheduled cipher key */
+ kasumi_key_sched_t pKeySched_kasumi_cipher;
+ /**< KASUMI scheduled cipher key */
#endif
};
} cipher;
@@ -289,6 +294,8 @@ struct aesni_mb_session {
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
snow3g_key_schedule_t pKeySched_snow3g_auth;
/**< SNOW3G scheduled authentication key */
+ kasumi_key_sched_t pKeySched_kasumi_auth;
+ /**< KASUMI scheduled authentication key */
#endif
};
/** Generated digest size by the Multi-buffer library */
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index bb917b8ff..34a39ca99 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -279,6 +279,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
&sess->auth.pKeySched_snow3g_auth);
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_KASUMI_F9) {
+ sess->auth.algo = IMB_AUTH_KASUMI_UIA1;
+ uint16_t kasumi_f9_digest_len =
+ get_truncated_digest_byte_length(IMB_AUTH_KASUMI_UIA1);
+ if (sess->auth.req_digest_len != kasumi_f9_digest_len) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+ IMB_KASUMI_INIT_F9_KEY_SCHED(mb_mgr, xform->auth.key.data,
+ &sess->auth.pKeySched_kasumi_auth);
+ return 0;
}
#endif
@@ -417,6 +430,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
uint8_t is_zuc = 0;
uint8_t is_snow3g = 0;
+ uint8_t is_kasumi = 0;
#endif
if (xform == NULL) {
@@ -481,6 +495,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
is_snow3g = 1;
break;
+ case RTE_CRYPTO_CIPHER_KASUMI_F8:
+ sess->cipher.mode = IMB_CIPHER_KASUMI_UEA1_BITLEN;
+ is_kasumi = 1;
+ break;
#endif
default:
AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -597,6 +615,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
sess->cipher.key_length_in_bytes = 16;
IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
&sess->cipher.pKeySched_snow3g_cipher);
+ } else if (is_kasumi) {
+ if (xform->cipher.key.length != 16) {
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 16;
+ IMB_KASUMI_INIT_F8_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+ &sess->cipher.pKeySched_kasumi_cipher);
#endif
} else {
if (xform->cipher.key.length != 8) {
@@ -1251,6 +1277,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
session->auth_iv.offset);
break;
+ case IMB_AUTH_KASUMI_UIA1:
+ job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth;
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1282,6 +1311,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
} else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
m_offset = 0;
+ } else if (job->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN) {
+ job->enc_keys = &session->cipher.pKeySched_kasumi_cipher;
+ m_offset = 0;
}
#endif
@@ -1383,6 +1415,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
job->msg_len_to_cipher_in_bytes >>= 3;
+ else if (job->hash_alg == IMB_AUTH_KASUMI_UIA1)
+ job->msg_len_to_hash_in_bytes >>= 3;
#endif
/* Set user data to be crypto operation data struct */
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 2b236b754..0f74be126 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -606,6 +606,47 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* KASUMI (F9) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_KASUMI_F9,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 4,
+ .max = 4,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* KASUMI (F8) */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_KASUMI_F8,
+ .block_size = 8,
+ .key_size = {
+ .min = 16,
+ .max = 16,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
@ 2020-10-09 14:11 ` Akhil Goyal
2 siblings, 0 replies; 16+ messages in thread
From: Akhil Goyal @ 2020-10-09 14:11 UTC (permalink / raw)
To: Pablo de Lara, declan.doherty; +Cc: dev
> Add support for ZUC-EEA3/EIA3 algorithms through the intel-ipsec-mb
> job API, allowing the mix of these algorithms with others.
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> ---
>
> v5:
> - Added NON_BYTE_ALIGNED feature flag
> - Rebased on top of crypto subtree
>
Added NON_BYTE_ALIGNED feature in aesni_mb.ini file.
Applied to dpdk-next-crypto
Thanks.
^ permalink raw reply [flat|nested] 16+ messages in thread
end of thread, other threads:[~2020-10-09 14:11 UTC | newest]
Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-11 11:18 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 11:19 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-09-11 11:19 ` [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-09-11 11:37 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 11:38 ` [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-09-11 11:38 ` [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-09-11 15:54 ` [dpdk-dev] [PATCH v3 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-09-21 11:45 ` [dpdk-dev] [PATCH v4 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 Pablo de Lara
2020-10-09 11:29 ` [dpdk-dev] [PATCH v5 3/3] crypto/aesni_mb: support KASUMI F8/F9 Pablo de Lara
2020-10-09 14:11 ` [dpdk-dev] [PATCH v5 1/3] crypto/aesni_mb: support ZUC-EEA3/EIA3 Akhil Goyal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).