From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0E79A43AF0; Sun, 11 Feb 2024 20:10:47 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A83F54026B; Sun, 11 Feb 2024 20:10:46 +0100 (CET) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by mails.dpdk.org (Postfix) with ESMTP id 4B2A54025D for ; Sun, 11 Feb 2024 20:10:45 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1707678646; x=1739214646; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/YlulV5M1G8Rh7BeH/FkfMWGTlmSu4VdQw6ggM5VYEs=; b=dWO5H4ZRgbFBR7oJ7EvTjWcVHsYd2s2YOVlCpY7BjXeXtmyz9tm4jiZ0 UwBMaLNuAQg85yDONJWJBamoyVJeDL2rA4QVQjc0SVaSYu1ZgugMob09g lFoGgkUl7qnMbygAl13G/8ME1btUXdnchBhLW3iEPX19nNRDJH6T36SZb RyAd73UMCGHZQi2de9uu1BGKcAMcruCQEX9yAmEpuftGmD6gEQKvwBIpU Jq2McbYdejpa6BDDAR4Sdu/qUgy9dMUHIsWlcNyuLCOlBPxdOkeowqsqI amQVagsHKA/OvZ5glWWg82HeDhPhkMi3Os9Ss9y3ZNGRugVEDDdIczM5P Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10981"; a="1795964" X-IronPort-AV: E=Sophos;i="6.05,261,1701158400"; d="scan'208";a="1795964" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Feb 2024 11:10:44 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,261,1701158400"; d="scan'208";a="33193285" Received: from unknown (HELO silpixa00400886.ir.intel.com) ([10.243.23.150]) by orviesa002.jf.intel.com with ESMTP; 11 Feb 2024 11:10:42 -0800 From: Brian Dooley To: Kai Ji , Pablo de Lara Cc: dev@dpdk.org, gakhil@marvell.com, Brian Dooley , Ciara Power Subject: [PATCH v2] crypto/ipsec_mb: use new ipad/opad calculation API Date: Sun, 11 Feb 2024 19:10:38 +0000 Message-Id: <20240211191038.863120-1-brian.dooley@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231214164135.2193863-1-brian.dooley@intel.com> References: <20231214164135.2193863-1-brian.dooley@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org IPSec Multi-buffer library v1.4 added a new API to calculate inner/outer padding for HMAC-SHAx/MD5. Signed-off-by: Pablo de Lara Signed-off-by: Brian Dooley Acked-by: Ciara Power Depends-on: series-30989 ("crypto/ipsec_mb: bump minimum IPsec Multi-buffer version") v2: - Remove ipsec mb version checks --- drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 75 ++------------------------ 1 file changed, 5 insertions(+), 70 deletions(-) diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c index 4de4866cf3..251e18ec7a 100644 --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c @@ -13,49 +13,6 @@ struct aesni_mb_op_buf_data { uint32_t offset; }; -/** - * Calculate the authentication pre-computes - * - * @param one_block_hash Function pointer - * to calculate digest on ipad/opad - * @param ipad Inner pad output byte array - * @param opad Outer pad output byte array - * @param hkey Authentication key - * @param hkey_len Authentication key length - * @param blocksize Block size of selected hash algo - */ -static void -calculate_auth_precomputes(hash_one_block_t one_block_hash, - uint8_t *ipad, uint8_t *opad, - const uint8_t *hkey, uint16_t hkey_len, - uint16_t blocksize) -{ - uint32_t i, length; - - uint8_t ipad_buf[blocksize] __rte_aligned(16); - uint8_t opad_buf[blocksize] __rte_aligned(16); - - /* Setup inner and outer pads */ - memset(ipad_buf, HMAC_IPAD_VALUE, blocksize); - memset(opad_buf, HMAC_OPAD_VALUE, blocksize); - - /* XOR hash key with inner and outer pads */ - length = hkey_len > blocksize ? blocksize : hkey_len; - - for (i = 0; i < length; i++) { - ipad_buf[i] ^= hkey[i]; - opad_buf[i] ^= hkey[i]; - } - - /* Compute partial hashes */ - (*one_block_hash)(ipad_buf, ipad); - (*one_block_hash)(opad_buf, opad); - - /* Clean up stack */ - memset(ipad_buf, 0, blocksize); - memset(opad_buf, 0, blocksize); -} - static inline int is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode) { @@ -66,12 +23,10 @@ is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode) /** Set session authentication parameters */ static int -aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr, +aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr, struct aesni_mb_session *sess, const struct rte_crypto_sym_xform *xform) { - hash_one_block_t hash_oneblock_fn = NULL; - unsigned int key_larger_block_size = 0; uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 }; uint32_t auth_precompute = 1; @@ -267,18 +222,15 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr, switch (xform->auth.algo) { case RTE_CRYPTO_AUTH_MD5_HMAC: sess->template_job.hash_alg = IMB_AUTH_MD5; - hash_oneblock_fn = mb_mgr->md5_one_block; break; case RTE_CRYPTO_AUTH_SHA1_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1; - hash_oneblock_fn = mb_mgr->sha1_one_block; if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_1)) { IMB_SHA1(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); - key_larger_block_size = 1; } break; case RTE_CRYPTO_AUTH_SHA1: @@ -287,14 +239,12 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr, break; case RTE_CRYPTO_AUTH_SHA224_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224; - hash_oneblock_fn = mb_mgr->sha224_one_block; if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_224)) { IMB_SHA224(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); - key_larger_block_size = 1; } break; case RTE_CRYPTO_AUTH_SHA224: @@ -303,14 +253,12 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr, break; case RTE_CRYPTO_AUTH_SHA256_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256; - hash_oneblock_fn = mb_mgr->sha256_one_block; if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_256)) { IMB_SHA256(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); - key_larger_block_size = 1; } break; case RTE_CRYPTO_AUTH_SHA256: @@ -319,14 +267,12 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr, break; case RTE_CRYPTO_AUTH_SHA384_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384; - hash_oneblock_fn = mb_mgr->sha384_one_block; if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_384)) { IMB_SHA384(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); - key_larger_block_size = 1; } break; case RTE_CRYPTO_AUTH_SHA384: @@ -335,14 +281,12 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr, break; case RTE_CRYPTO_AUTH_SHA512_HMAC: sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512; - hash_oneblock_fn = mb_mgr->sha512_one_block; if (xform->auth.key.length > get_auth_algo_blocksize( IMB_AUTH_HMAC_SHA_512)) { IMB_SHA512(mb_mgr, xform->auth.key.data, xform->auth.key.length, hashed_key); - key_larger_block_size = 1; } break; case RTE_CRYPTO_AUTH_SHA512: @@ -376,19 +320,10 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr, return 0; /* Calculate Authentication precomputes */ - if (key_larger_block_size) { - calculate_auth_precomputes(hash_oneblock_fn, - sess->auth.pads.inner, sess->auth.pads.outer, - hashed_key, - xform->auth.key.length, - get_auth_algo_blocksize(sess->template_job.hash_alg)); - } else { - calculate_auth_precomputes(hash_oneblock_fn, - sess->auth.pads.inner, sess->auth.pads.outer, - xform->auth.key.data, - xform->auth.key.length, - get_auth_algo_blocksize(sess->template_job.hash_alg)); - } + imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg, + xform->auth.key.data, xform->auth.key.length, + sess->auth.pads.inner, sess->auth.pads.outer); + sess->template_job.u.HMAC._hashed_auth_key_xor_ipad = sess->auth.pads.inner; sess->template_job.u.HMAC._hashed_auth_key_xor_opad = -- 2.25.1