From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 329EE42CA8; Tue, 13 Jun 2023 12:21:49 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 0709142D30; Tue, 13 Jun 2023 12:20:51 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id A68BE40ED6 for ; Tue, 13 Jun 2023 12:20:49 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 35D563NY013028; Tue, 13 Jun 2023 03:20:49 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=4wAwKucXXIiMH+9uVbJloxzIuXgg9/Uyjh30Pg/Se3M=; b=jUR/O3sIa2BgezL9WcwAV0DTnqzZ4uAEHZhr79enw9tcwwHxAuM8JyZI6VO4XJa2Zfvu HAwgIt9wXyqmfCSQONvi/JQiPCpng/zvmlQ2dlE9wDar4scPCxb00G+H3W/YFlZkw7aF xOzFWUFu6fy8hHbCEa2chrkarcIQW+i4n3+ihTyJoI5ZJ0ZG8e++gK7AOF12p88pHKd8 E/hIhQVpltMXmzVvF3f0D3F+WFXOdaZe1sFp9znzRKj8U/nvFg+0DLWEM1wP2dgfVDb3 yYT2rBNIEx76NiQzzON5gebgMOUw3zvxmKJxdkB4Ol9VUbq9DzB3jK0D5WBJWtZHxzCz ew== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3r4rpkfpuw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 13 Jun 2023 03:20:48 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Tue, 13 Jun 2023 03:20:46 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Tue, 13 Jun 2023 03:20:46 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 724E53F7091; Tue, 13 Jun 2023 03:20:44 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , Akhil Goyal Subject: [PATCH v4 11/15] common/cnxk: derive hash key for MACsec Date: Tue, 13 Jun 2023 15:50:05 +0530 Message-ID: <20230613102009.2390568-12-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230613102009.2390568-1-gakhil@marvell.com> References: <20230613071614.2259604-1-gakhil@marvell.com> <20230613102009.2390568-1-gakhil@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: addbZDdrXRjgTNUJKameGoBVSmxiN63a X-Proofpoint-GUID: addbZDdrXRjgTNUJKameGoBVSmxiN63a X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26 definitions=2023-06-13_04,2023-06-12_02,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org MACsec hardware configuration need hash key to be generated from the cipher key of AES-GCM-128/256. Added an ROC API to derive the hash key and extend the case for AES-256 as well. Signed-off-by: Akhil Goyal --- drivers/common/cnxk/roc_aes.c | 86 ++++++++++++++++++++++----------- drivers/common/cnxk/roc_aes.h | 4 +- drivers/common/cnxk/version.map | 1 + 3 files changed, 60 insertions(+), 31 deletions(-) diff --git a/drivers/common/cnxk/roc_aes.c b/drivers/common/cnxk/roc_aes.c index f821c8b710..d84feb546a 100644 --- a/drivers/common/cnxk/roc_aes.c +++ b/drivers/common/cnxk/roc_aes.c @@ -4,9 +4,10 @@ #include "roc_api.h" -#define KEY_WORD_LEN (ROC_CPT_AES_XCBC_KEY_LENGTH / sizeof(uint32_t)) -#define KEY_ROUNDS 10 /* (Nr+1)*Nb */ -#define KEY_SCHEDULE_LEN ((KEY_ROUNDS + 1) * 4) /* (Nr+1)*Nb words */ +#define KEY128_ROUNDS 10 /* (Nr+1)*Nb */ +#define KEY256_ROUNDS 14 /* (Nr+1)*Nb */ +#define KEY_SCHEDULE_LEN(nr) ((nr + 1) * 4) /* (Nr+1)*Nb words */ +#define AES_HASH_KEY_LEN 16 /* * AES 128 implementation based on NIST FIPS 197 suitable for LittleEndian @@ -93,22 +94,30 @@ GF8mul(uint8_t byte, uint32_t mp) } static void -aes_key_expand(const uint8_t *key, uint32_t *ks) +aes_key_expand(const uint8_t *key, uint32_t len, uint32_t *ks) { - unsigned int i = 4; + uint32_t len_words = len / sizeof(uint32_t); + unsigned int schedule_len; + unsigned int i = len_words; uint32_t temp; + schedule_len = (len == ROC_CPT_AES128_KEY_LEN) ? KEY_SCHEDULE_LEN(KEY128_ROUNDS) : + KEY_SCHEDULE_LEN(KEY256_ROUNDS); /* Skip key in ks */ - memcpy(ks, key, KEY_WORD_LEN * sizeof(uint32_t)); + memcpy(ks, key, len); - while (i < KEY_SCHEDULE_LEN) { + while (i < schedule_len) { temp = ks[i - 1]; - if ((i & 0x3) == 0) { + if ((i & (len_words - 1)) == 0) { temp = rot_word(temp); temp = sub_word(temp); - temp ^= (uint32_t)GF8mul(1, 1 << ((i >> 2) - 1)); + temp ^= (uint32_t)GF8mul(1, 1 << ((i / len_words) - 1)); } - ks[i] = ks[i - 4] ^ temp; + if (len == ROC_CPT_AES256_KEY_LEN) { + if ((i % len_words) == 4) + temp = sub_word(temp); + } + ks[i] = ks[i - len_words] ^ temp; i++; } } @@ -145,64 +154,83 @@ mix_columns(uint8_t *sRc) } static void -cipher(uint8_t *in, uint8_t *out, uint32_t *ks) +cipher(uint8_t *in, uint8_t *out, uint32_t *ks, uint32_t key_rounds, uint8_t in_len) { - uint32_t state[KEY_WORD_LEN]; + uint8_t data_word_len = in_len / sizeof(uint32_t); + uint32_t state[data_word_len]; unsigned int i, round; memcpy(state, in, sizeof(state)); /* AddRoundKey(state, w[0, Nb-1]) // See Sec. 5.1.4 */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) state[i] ^= ks[i]; - for (round = 1; round < KEY_ROUNDS; round++) { + for (round = 1; round < key_rounds; round++) { /* SubBytes(state) // See Sec. 5.1.1 */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) state[i] = sub_word(state[i]); /* ShiftRows(state) // See Sec. 5.1.2 */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) shift_word((uint8_t *)state, i, i); /* MixColumns(state) // See Sec. 5.1.3 */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) mix_columns((uint8_t *)&state[i]); /* AddRoundKey(state, w[round*Nb, (round+1)*Nb-1]) */ - for (i = 0; i < KEY_WORD_LEN; i++) - state[i] ^= ks[round * 4 + i]; + for (i = 0; i < data_word_len; i++) + state[i] ^= ks[round * data_word_len + i]; } /* SubBytes(state) */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) state[i] = sub_word(state[i]); /* ShiftRows(state) */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) shift_word((uint8_t *)state, i, i); /* AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1]) */ - for (i = 0; i < KEY_WORD_LEN; i++) - state[i] ^= ks[KEY_ROUNDS * 4 + i]; - memcpy(out, state, KEY_WORD_LEN * sizeof(uint32_t)); + for (i = 0; i < data_word_len; i++) + state[i] ^= ks[key_rounds * data_word_len + i]; + memcpy(out, state, data_word_len * sizeof(uint32_t)); } void roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key) { - uint32_t aes_ks[KEY_SCHEDULE_LEN] = {0}; + uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY128_ROUNDS)] = {0}; uint8_t k1[16] = {[0 ... 15] = 0x01}; uint8_t k2[16] = {[0 ... 15] = 0x02}; uint8_t k3[16] = {[0 ... 15] = 0x03}; - aes_key_expand(auth_key, aes_ks); + aes_key_expand(auth_key, ROC_CPT_AES_XCBC_KEY_LENGTH, aes_ks); - cipher(k1, derived_key, aes_ks); + cipher(k1, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k1)); derived_key += sizeof(k1); - cipher(k2, derived_key, aes_ks); + cipher(k2, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k2)); derived_key += sizeof(k2); - cipher(k3, derived_key, aes_ks); + cipher(k3, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k3)); +} + +void +roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t hash_key[]) +{ + uint8_t data[AES_HASH_KEY_LEN] = {0x0}; + + if (len == ROC_CPT_AES128_KEY_LEN) { + uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY128_ROUNDS)] = {0}; + + aes_key_expand(key, ROC_CPT_AES128_KEY_LEN, aes_ks); + cipher(data, hash_key, aes_ks, KEY128_ROUNDS, sizeof(data)); + } else { + uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY256_ROUNDS)] = {0}; + + aes_key_expand(key, ROC_CPT_AES256_KEY_LEN, aes_ks); + cipher(data, hash_key, aes_ks, KEY256_ROUNDS, sizeof(data)); + } } diff --git a/drivers/common/cnxk/roc_aes.h b/drivers/common/cnxk/roc_aes.h index 954039139f..3b4b921bcd 100644 --- a/drivers/common/cnxk/roc_aes.h +++ b/drivers/common/cnxk/roc_aes.h @@ -8,7 +8,7 @@ /* * Derive k1, k2, k3 from 128 bit AES key */ -void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key, - uint8_t *derived_key); +void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key); +void __roc_api roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t *hash_key); #endif /* _ROC_AES_H_ */ diff --git a/drivers/common/cnxk/version.map b/drivers/common/cnxk/version.map index 914d0d2caa..8c71497df8 100644 --- a/drivers/common/cnxk/version.map +++ b/drivers/common/cnxk/version.map @@ -30,6 +30,7 @@ INTERNAL { roc_ae_ec_grp_put; roc_ae_fpm_get; roc_ae_fpm_put; + roc_aes_hash_key_derive; roc_aes_xcbc_key_derive; roc_bphy_cgx_cpri_mode_change; roc_bphy_cgx_cpri_mode_misc; -- 2.25.1