From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id BD5684302F; Fri, 11 Aug 2023 09:17:47 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 26ECF4323A; Fri, 11 Aug 2023 09:17:42 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 1502240E03 for ; Fri, 11 Aug 2023 09:17:40 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 37AMjxvU001610; Fri, 11 Aug 2023 00:17:36 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=cfeYzbE85m6tHh44esonP8TJs1ZgyxhIITIxasLHpAY=; b=lT1gXk9xf1vg2cs5+o/xR2RwZ/g+gktGytNi1thwMS0qaOFduWBqHWWg/U9vcXK/dyjt wLADcKREhRuCZVE+qwLTNRXN2gaiu6u47V1wCBHWYiYcSncZtIuFFNytL2NRSWPG48c/ Px5QCdzbSR3PERKSlHobfvdKHG/YyY2AyU8rZ54zPbOHA2YGWxot6MK11ErfrDuDDaM2 n2KnykjuukIwyzbz45acDnHFHI0zvulOsMvwsKII4nnMeQ68FXSPRm6E+IvSL3TI0EQC ZvDfnF4P2miCLZ+Jx1nVWaMMh795rUdTV+jJdM71yrLGWGXL7i12mQDw5cCcTkCgEBgB Xg== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3sd8yp9f1c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 11 Aug 2023 00:17:36 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Fri, 11 Aug 2023 00:17:35 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Fri, 11 Aug 2023 00:17:35 -0700 Received: from BG-LT92004.corp.innovium.com (unknown [10.28.163.189]) by maili.marvell.com (Postfix) with ESMTP id 974203F706C; Fri, 11 Aug 2023 00:17:24 -0700 (PDT) From: Anoob Joseph To: Thomas Monjalon , Akhil Goyal , Jerin Jacob , Konstantin Ananyev CC: Hemant Agrawal , , Olivier Matz , Vidya Sagar Velumuri Subject: [RFC PATCH 2/3] security: add TLS record processing Date: Fri, 11 Aug 2023 12:47:11 +0530 Message-ID: <20230811071712.240-3-anoobj@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230811071712.240-1-anoobj@marvell.com> References: <20230811071712.240-1-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: iR5Cq7j5i2SaQnft5UffUR2CXLLOZgnA X-Proofpoint-GUID: iR5Cq7j5i2SaQnft5UffUR2CXLLOZgnA X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-08-10_20,2023-08-10_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Add Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). The protocols provide communications privacy for L4 protocols such as TCP & UDP. TLS (and DTLS) protocol is composed of two layers, 1. TLS Record Protocol 2. TLS Handshake Protocol While TLS Handshake Protocol helps in establishing security parameters by which client and server can communicate, TLS Record Protocol provides the connection security. TLS Record Protocol leverages symmetric cryptographic operations such as data encryption and authentication for providing security to the communications. Cryptodevs that are capable of offloading TLS Record Protocol may perform other operations like IV generation, header insertion, atomic sequence number updates and anti-replay window check in addition to cryptographic transformations. The support is added for TLS 1.2, TLS 1.3 and DTLS 1.2. Signed-off-by: Akhil Goyal Signed-off-by: Anoob Joseph Signed-off-by: Vidya Sagar Velumuri --- doc/guides/prog_guide/rte_security.rst | 58 +++++++++++++ lib/security/rte_security.c | 4 + lib/security/rte_security.h | 110 +++++++++++++++++++++++++ 3 files changed, 172 insertions(+) diff --git a/doc/guides/prog_guide/rte_security.rst b/doc/guides/prog_guide/rte_security.rst index 7418e35c1b..7716d7239f 100644 --- a/doc/guides/prog_guide/rte_security.rst +++ b/doc/guides/prog_guide/rte_security.rst @@ -399,6 +399,64 @@ The API ``rte_security_macsec_sc_create`` returns a handle for SC, and this handle is set in ``rte_security_macsec_xform`` to create a MACsec session using ``rte_security_session_create``. +TLS-Record Protocol +~~~~~~~~~~~~~~~~~~~ + +The Transport Layer Protocol provides communications security over the Internet. The protocol +allows client/server applications to communicate in a way that is designed to prevent eavesdropping, +tampering, or message forgery. + +TLS protocol is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. At +the lowest level, layered on top of some reliable transport protocol (e.g., TCP), is the TLS Record +Protocol. The TLS Record Protocol provides connection security that has two basic properties: + + - The connection is private. Symmetric cryptography is used for data + encryption (e.g., AES, DES, etc.). The keys for this symmetric encryption + are generated uniquely for each connection and are based on a secret + negotiated by another protocol (such as the TLS Handshake Protocol). The + Record Protocol can also be used without encryption. + + - The connection is reliable. Message transport includes a message + integrity check using a keyed MAC. Secure hash functions (e.g., + SHA-1, etc.) are used for MAC computations. The Record Protocol + can operate without a MAC, but is generally only used in this mode + while another protocol is using the Record Protocol as a transport + for negotiating security parameters. + +.. code-block:: c + + Record Write Record Read + ------------ ----------- + + TLSPlaintext TLSCiphertext + | | + ~ ~ + | | + V V + +---------|----------+ +----------|---------+ + | Seq. no generation | | Seq. no generation | + +---------|----------+ +----------|---------+ + | | + +---------|----------+ +----------|---------+ + | Header insertion | | Decryption & | + +---------|----------+ | MAC verification | + | +----------|---------+ + +---------|----------+ | + | MAC generation & | +----------|---------+ + | Encryption | | TLS Header removal | + +---------|----------+ +----------|---------+ + | | + ~ ~ + | | + V V + TLSCiphertext TLSPlaintext + +Supported Versions +^^^^^^^^^^^^^^^^^^ + +* TLS 1.2 +* TLS 1.3 +* DTLS 1.2 Device Features and Capabilities --------------------------------- diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c index c4d64bb8e9..bd7b026547 100644 --- a/lib/security/rte_security.c +++ b/lib/security/rte_security.c @@ -282,6 +282,10 @@ rte_security_capability_get(struct rte_security_ctx *instance, if (capability->docsis.direction == idx->docsis.direction) return capability; + } else if (idx->protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD) { + if (capability->tls_record.ver == idx->tls_record.ver && + capability->tls_record.type == idx->tls_record.type) + return capability; } } } diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h index 3b2df526ba..b9d064ed84 100644 --- a/lib/security/rte_security.h +++ b/lib/security/rte_security.h @@ -620,6 +620,99 @@ struct rte_security_docsis_xform { /**< DOCSIS direction */ }; +/** Salt len to be used with AEAD algos in TLS 1.2 */ +#define RTE_SECURITY_TLS_1_2_SALT_LEN 4 +/** Salt len to be used with AEAD algos in TLS 1.3 */ +#define RTE_SECURITY_TLS_1_3_SALT_LEN 12 +/** Salt len to be used with AEAD algos in DTLS 1.2 */ +#define RTE_SECURITY_DTLS_1_2_SALT_LEN 4 + +/** TLS version */ +enum rte_security_tls_version { + RTE_SECURITY_VERSION_TLS_1_2, /**< TLS 1.2 */ + RTE_SECURITY_VERSION_TLS_1_3, /**< TLS 1.3 */ + RTE_SECURITY_VERSION_DTLS_1_2, /**< DTLS 1.2 */ +}; + +/** TLS session type */ +enum rte_security_tls_sess_type { + /** Record read session + * - Decrypt & digest verification. + */ + RTE_SECURITY_TLS_SESS_TYPE_READ, + /** Record write session + * - Encrypt & digest generation. + */ + RTE_SECURITY_TLS_SESS_TYPE_WRITE, +}; + +/** + * Configure soft and hard lifetime of a TLS record session + * + * Lifetime of a TLS record session would specify the maximum number of packets that can be + * processed. TLS record processing operations would start failing once hard limit is reached. + * + * Soft limits can be specified to generate notification when the TLS record session is approaching + * hard limits for lifetime. This would result in a warning returned in ``rte_crypto_op.aux_flags``. + */ +struct rte_security_tls_record_lifetime { + /** Soft expiry limit in number of packets */ + uint64_t packets_soft_limit; + /** Hard expiry limit in number of packets */ + uint64_t packets_hard_limit; +}; + +/** + * TLS record protocol session configuration. + * + * This structure contains data required to create a TLS record security session. + */ +struct rte_security_tls_record_xform { + /** TLS record version. */ + enum rte_security_tls_version ver; + /** TLS record session type. */ + enum rte_security_tls_sess_type type; + /** TLS record session lifetime. */ + struct rte_security_tls_record_lifetime life; + union { + /** TLS 1.2 parameters. */ + struct { + /** Starting sequence number. */ + uint64_t seq_no; + /** Salt to be used for AEAD algos. */ + uint8_t salt[RTE_SECURITY_TLS_1_2_SALT_LEN]; + } tls_1_2; + + /** TLS 1.3 parameters. */ + struct { + /** Starting sequence number. */ + uint64_t seq_no; + /** Salt to be used for AEAD algos. */ + uint8_t salt[RTE_SECURITY_TLS_1_3_SALT_LEN]; + /** + * Minimum payload length (in case of write sessions). For shorter inputs, + * the payload would be padded appropriately before performing crypto + * transformations. + */ + uint32_t min_payload_len; + } tls_1_3; + + /** DTLS 1.2 parameters */ + struct { + /** Epoch value to be used. */ + uint16_t epoch; + /** 6B starting sequence number to be used. */ + uint64_t seq_no; + /** Salt to be used for AEAD algos. */ + uint8_t salt[RTE_SECURITY_DTLS_1_2_SALT_LEN]; + /** Anti replay window size to enable sequence replay attack handling. + * Anti replay check is disabled if the window size is 0. + */ + uint32_t ar_win_sz; + } dtls_1_2; + }; +}; + /** * Security session action type. */ @@ -654,6 +747,8 @@ enum rte_security_session_protocol { /**< PDCP Protocol */ RTE_SECURITY_PROTOCOL_DOCSIS, /**< DOCSIS Protocol */ + RTE_SECURITY_PROTOCOL_TLS_RECORD, + /**< TLS Record Protocol */ }; /** @@ -670,6 +765,7 @@ struct rte_security_session_conf { struct rte_security_macsec_xform macsec; struct rte_security_pdcp_xform pdcp; struct rte_security_docsis_xform docsis; + struct rte_security_tls_record_xform tls; }; /**< Configuration parameters for security session */ struct rte_crypto_sym_xform *crypto_xform; @@ -1190,6 +1286,16 @@ struct rte_security_capability { /**< DOCSIS direction */ } docsis; /**< DOCSIS capability */ + struct { + enum rte_security_tls_version ver; + /**< TLS record version. */ + enum rte_security_tls_sess_type type; + /**< TLS record session type. */ + uint32_t ar_win_size; + /**< Maximum anti replay window size supported for DTLS 1.2 record read + * operation. Value of 0 means anti replay check is not supported. + */ + } tls_record; }; const struct rte_cryptodev_capabilities *crypto_capabilities; @@ -1251,6 +1357,10 @@ struct rte_security_capability_idx { struct { enum rte_security_docsis_direction direction; } docsis; + struct { + enum rte_security_tls_version ver; + enum rte_security_tls_sess_type type; + } tls_record; }; }; -- 2.25.1