From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 7E4D4A0C43; Thu, 23 Sep 2021 15:07:52 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 0469941260; Thu, 23 Sep 2021 15:07:52 +0200 (CEST) Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mails.dpdk.org (Postfix) with ESMTP id B3F8F41257 for ; Thu, 23 Sep 2021 15:07:49 +0200 (CEST) X-IronPort-AV: E=McAfee;i="6200,9189,10115"; a="223868688" X-IronPort-AV: E=Sophos;i="5.85,316,1624345200"; d="scan'208";a="223868688" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Sep 2021 06:07:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,316,1624345200"; d="scan'208";a="475507473" Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by fmsmga007.fm.intel.com with ESMTP; 23 Sep 2021 06:07:47 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Thu, 23 Sep 2021 06:07:47 -0700 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Thu, 23 Sep 2021 06:07:46 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Thu, 23 Sep 2021 06:07:46 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.173) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.12; Thu, 23 Sep 2021 06:07:44 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mNl+7sIIx7lZOougREeytUG9c4cBglFe0i+Rq/mcRNDS84r2HUEHe+zHqPZYekv+aC5+NvI+uWcDpZEMoEgY5Bp0Ta/3r9omr1Y6dUeBW55yJ2QLkz0wXUVgEhSAjCLiiNOkXv814wt6BfbGwAD32Vrhk3Uqp9FGdV68N4oNi4DjxMP7O2MvPW94I4Eo7lUR8yDY/LQCvdtqjsGHUKBGuLS7bR/PK61kKcVPO8Y7H1WzhFjKBKzITWWQp2kVRkNxlJojX8wU8e/WTIiX+gDnPy3WuTkPFKvVT6MdypY3tD+2FFvn7yH7UqxSbPjInfN0l4CW2lNLnMCnG+ifIac4Pg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=4tzvzrIKf7pfAs1fr71vUNgMBskKcv8znbbWlYYg4OY=; b=D++Gbl6MOsVPwUaJk1KnIkYjc9S2wPb3U7X2rKWgZRPllO5EA804l7/CrysnsPBg4rjqnZgbxiWb649gz6e7cU75IXOQDC6tOKDv2EEPqCv2da5aUL6oTrKcY3kib/kLFdMr6yrqyzW0nYIYHXC5jl5a8LU7LWnau8jwd0lLM8WAotx2lrCd2nlU1OaVvkq7nW4EXeFROXxfd3KIH6UY7UKYleHLD4DIW99y0MLSTWN/Tgj87G9aPSc66SGXRmvs+C/MkIhYzOxtXFT3VILR1gWTWf5Kr7y+PVgoa1cKrdefXCvElQMbv9iXS0XDqXYBxorVjOq7/1AC6BQiN1VOBA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4tzvzrIKf7pfAs1fr71vUNgMBskKcv8znbbWlYYg4OY=; b=jbsQcs+8MNt5/18McRY5CFZ59Rpj5I6ap1+OJZ4J1xwjxRJ3ckMds0RgZMUiAqcJkxIcy5QYGcsvavQfDZRO/6+wAXZeDbYuNnZ/VkbTt0BHcgYwl0pW7m7EinploBB0pMpMiENg95tCgopJaBnynHueq+a/eZR0XXxomMerpNg= Received: from DM6PR11MB4491.namprd11.prod.outlook.com (2603:10b6:5:204::19) by DM6PR11MB3388.namprd11.prod.outlook.com (2603:10b6:5:5f::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4544.15; Thu, 23 Sep 2021 13:07:35 +0000 Received: from DM6PR11MB4491.namprd11.prod.outlook.com ([fe80::740e:126e:c785:c8fd]) by DM6PR11MB4491.namprd11.prod.outlook.com ([fe80::740e:126e:c785:c8fd%4]) with mapi id 15.20.4544.015; Thu, 23 Sep 2021 13:07:35 +0000 From: "Ananyev, Konstantin" To: "Nicolau, Radu" , "Iremonger, Bernard" , "Medvedkin, Vladimir" CC: "dev@dpdk.org" , "mdr@ashroe.eu" , "Richardson, Bruce" , "Zhang, Roy Fan" , "hemant.agrawal@nxp.com" , "gakhil@marvell.com" , "anoobj@marvell.com" , "Doherty, Declan" , "Sinha, Abhijit" , "Buckley, Daniel M" , "marchana@marvell.com" , "ktejasree@marvell.com" , "matan@nvidia.com" Thread-Topic: [PATCH v6 05/10] ipsec: add support for AEAD algorithms Thread-Index: AQHXq6YSu9iqvfjzJ0CYeXelZ5VJ/KuxoEpg Date: Thu, 23 Sep 2021 13:07:35 +0000 Message-ID: References: <20210713133542.3550525-1-radu.nicolau@intel.com> <20210917091747.1528262-1-radu.nicolau@intel.com> <20210917091747.1528262-6-radu.nicolau@intel.com> In-Reply-To: <20210917091747.1528262-6-radu.nicolau@intel.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.200.16 authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: cb888af3-a74d-4fc7-d985-08d97e931cd4 x-ms-traffictypediagnostic: DM6PR11MB3388: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8273; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: fnSRZKFzewCe7LMgDVbZR7LiSDeyqOc1sn6SjUE0DCdqAd2NrInH4iQLKRBECKoB1e68WwVuwoiVB9TKY1NhA1APTALrv6u6S2kTa8Yp7H3mTs2ifCyh+n4HULQHpPOXkfw3Ps81SoME9M15ciYFqoBGAHAYXJ5j+GDXb7O+HZ/Nc9+T0xzqtQwDN6+OZxmSIMZZp9Y3N2m2if/e1pX7Md7dRjekXyyZat3Jna4bq9NzVRQLJkEQ9SkCWybCo2y2tncibHkVrx7RGjF2P5nfHG/S9X8HqLrEkiXMB3vJEynyv1mc2Fu7NgNpSJoiyy4QLH1sM0/vlaL9bUutn1UEmde4TMhSbNdQiDdEOAckRTsc4cf+d4Z97Hd6S3XlbWvFOsNVUDCaikTj1s+QI5kVSNRf4cbb00lPyYoOG4GIpdOalgeCLQcRv7LxxXYiuIEtpAqBtRaj339ToZJzBfmP1vrIAn5svVDFAghV8Hv8K6eWwuuG+F1ifCp8Xr2LtXqXcjHxazABQ/HQvJ+T2G5ZZD9155dyTvZGmGVj0+9Iqf1xSEco4CdPopkyB9itJpq8UgOefEbY7UozC3jejLTykZkgsh0YM/Apn/O4h/bDkHb4DYit3Owj9fJbftdK9Mmtie93h4I23d/G1S+joCmCmfGFAT7ZRMCd463RKUkhM0xEXCE92WZSQbv0tC7BoLXlkXocT22P+rjHs6XEyL5LJQ== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR11MB4491.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(38100700002)(55236004)(86362001)(52536014)(2906002)(71200400001)(83380400001)(54906003)(110136005)(38070700005)(66946007)(508600001)(66446008)(64756008)(66556008)(66476007)(76116006)(5660300002)(26005)(8676002)(186003)(55016002)(8936002)(33656002)(122000001)(7696005)(30864003)(6506007)(9686003)(6636002)(4326008)(316002)(579004); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?pJF7SGrIUTy6Uo6NI6bGsFmoghfO6laq716DKO7UGcSBUkZVKaZoNcllT4cJ?= =?us-ascii?Q?a/dWYGaBQCe2zVP/4sLnQr93C7ajpkxBUN9Ao8w7yK58YEwkOEJBBsKVYzmr?= =?us-ascii?Q?RFDjXw/Cri8lx7xZf06x1s6dAQevacOeoIFCk5dksZ6besSyF+K5lQRZFDuw?= =?us-ascii?Q?OznF6CUZgowXFhhL83eFYxhSVBg9s6X/4Sqr+21KXWERKxOc3k36yoL/El+r?= =?us-ascii?Q?LIngJyWYiiDMqzX0xIXrGYGBtEG86zm0aAkuBO6fYIYXx93qK9Ra2fEbEXuN?= =?us-ascii?Q?lIvjJXcWBMZOtwEuqcSda8Ga479Bs0a/Yhw+W70joBs6ZevzpFpMjGVgFb/0?= =?us-ascii?Q?hWgZTFfebW8fEfTvLVazppfdJR/NNZQzVK81TuKso9dKyB/h2vGHZIaNmwTO?= =?us-ascii?Q?10IQRRsFimv2ZdPtOy5Fnqsf9py3KJGF5CBgQqFUDZReuwN/4URzQ3iBsxQL?= =?us-ascii?Q?m1T85offkSswRGyRPh4aPAmkbF8JcjF/1rOUQJBWKXstQK5HiN/eYAhPFCC9?= =?us-ascii?Q?X21RrtyclL3seiDt9EfHOtHUGl+ADkn9lOUricMj09Zd+4xLGVCasFCl3ANd?= =?us-ascii?Q?o4JGta/BcEZ/trJhmBI2DI9JrvDzthPeNG9oP6q+Se8sYTw43Yz6XSNSqBkY?= =?us-ascii?Q?ncG7KtZzSgDV1KqYeifTVGNhJKudfEEU2/Dv0BSx9qA5aGCppoCIIsRDcapg?= =?us-ascii?Q?QzbqdlhC5cN8ozbYDBymAH0Ul29z4CYrQg1lErysTfDfF3Bz6eiPbg2QghPf?= =?us-ascii?Q?mRm7dpX1EK01x14Eyhd1NTWnKo18/HkvvqmJvsnJ1qR6jBjG6OyGn0aO02Y8?= =?us-ascii?Q?W2L5TdFfvWcAqTLjdvO4Gqz9ts7cJ889SgmOJs/46dNfScgrUNhqF8iOtWUe?= =?us-ascii?Q?On0pVO81qkl7ddlm/ZjsU4Un192/pkjNtp+ShRBgX0to0Z28SlSredaQz+Uo?= =?us-ascii?Q?BxEUruAQqIfixa/697HfWhXaEsQV4hIFZXUf6X9BVUBFbGjUcYHUz5K0qPhz?= =?us-ascii?Q?rAaECY+5ILOoLBSo2YKqqrXnTXPv2RPtXl20FPrk9qVEQVTAe4r6TJtPGP9d?= =?us-ascii?Q?kTOWXEiTh344+sww0m1oY6IJF+XV/VYnHbfU6TN/ENt/xFOu2qlcfSZDBy2h?= =?us-ascii?Q?wVfv4tTH0KpF4NdnF1VgZLxr+qA1/AfHB0Bg6Bi3pFObOoe6o3rt7e/vTjSJ?= =?us-ascii?Q?uv5YLRTI56idjF4B7eXf5TMzsejEM83mGqow3/+CMlv4ax/Q0ntw88uwRNi9?= =?us-ascii?Q?qa5ni8A1cn5hhvq1+lglMaJGosZlQfJNlpbhSB/K+BRY51dwX0xdYsO7MIEj?= =?us-ascii?Q?kjYhlEvZFLD0G748hc1Py3JB?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB4491.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: cb888af3-a74d-4fc7-d985-08d97e931cd4 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Sep 2021 13:07:35.6620 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Jl6YHJnJa5USpAOa1au/AbnvghKLOUILBokzIPVoRmFI7ht7EKXqNpKbQueN6RJflT0rsY385sCocYO4dRU61Y0N/b7IlMbdMcqSk1kc3/Q= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3388 X-OriginatorOrg: intel.com Subject: Re: [dpdk-dev] [PATCH v6 05/10] ipsec: add support for AEAD algorithms X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" >=20 > Add support for AES_CCM, CHACHA20_POLY1305 and AES_GMAC. I think it would be good to add new test-cases to examples/ipsec-secgw/test= harness to cover these new algs supported. Apart from that: Acked-by: Konstantin Ananyev >=20 > Signed-off-by: Declan Doherty > Signed-off-by: Radu Nicolau > Signed-off-by: Abhijit Sinha > Signed-off-by: Daniel Martin Buckley > Acked-by: Fan Zhang > --- > lib/ipsec/crypto.h | 137 +++++++++++++++++++++++++++++++++++++++++++ > lib/ipsec/esp_inb.c | 66 ++++++++++++++++++++- > lib/ipsec/esp_outb.c | 70 +++++++++++++++++++++- > lib/ipsec/sa.c | 54 +++++++++++++++-- > lib/ipsec/sa.h | 6 ++ > 5 files changed, 322 insertions(+), 11 deletions(-) >=20 > diff --git a/lib/ipsec/crypto.h b/lib/ipsec/crypto.h > index 3d03034590..93d20aaaa0 100644 > --- a/lib/ipsec/crypto.h > +++ b/lib/ipsec/crypto.h > @@ -21,6 +21,37 @@ struct aesctr_cnt_blk { > uint32_t cnt; > } __rte_packed; >=20 > + /* > + * CHACHA20-POLY1305 devices have some specific requirements > + * for IV and AAD formats. > + * Ideally that to be done by the driver itself. > + */ > + > +struct aead_chacha20_poly1305_iv { > + uint32_t salt; > + uint64_t iv; > + uint32_t cnt; > +} __rte_packed; > + > +struct aead_chacha20_poly1305_aad { > + uint32_t spi; > + /* > + * RFC 4106, section 5: > + * Two formats of the AAD are defined: > + * one for 32-bit sequence numbers, and one for 64-bit ESN. > + */ > + union { > + uint32_t u32[2]; > + uint64_t u64; > + } sqn; > + uint32_t align0; /* align to 16B boundary */ > +} __rte_packed; > + > +struct chacha20_poly1305_esph_iv { > + struct rte_esp_hdr esph; > + uint64_t iv; > +} __rte_packed; > + > /* > * AES-GCM devices have some specific requirements for IV and AAD forma= ts. > * Ideally that to be done by the driver itself. > @@ -51,6 +82,47 @@ struct gcm_esph_iv { > uint64_t iv; > } __rte_packed; >=20 > + /* > + * AES-CCM devices have some specific requirements for IV and AAD forma= ts. > + * Ideally that to be done by the driver itself. > + */ > +union aead_ccm_salt { > + uint32_t salt; > + struct inner { > + uint8_t salt8[3]; > + uint8_t ccm_flags; > + } inner; > +} __rte_packed; > + > + > +struct aead_ccm_iv { > + uint8_t ccm_flags; > + uint8_t salt[3]; > + uint64_t iv; > + uint32_t cnt; > +} __rte_packed; > + > +struct aead_ccm_aad { > + uint8_t padding[18]; > + uint32_t spi; > + /* > + * RFC 4309, section 5: > + * Two formats of the AAD are defined: > + * one for 32-bit sequence numbers, and one for 64-bit ESN. > + */ > + union { > + uint32_t u32[2]; > + uint64_t u64; > + } sqn; > + uint32_t align0; /* align to 16B boundary */ > +} __rte_packed; > + > +struct ccm_esph_iv { > + struct rte_esp_hdr esph; > + uint64_t iv; > +} __rte_packed; > + > + > static inline void > aes_ctr_cnt_blk_fill(struct aesctr_cnt_blk *ctr, uint64_t iv, uint32_t n= once) > { > @@ -59,6 +131,16 @@ aes_ctr_cnt_blk_fill(struct aesctr_cnt_blk *ctr, uint= 64_t iv, uint32_t nonce) > ctr->cnt =3D rte_cpu_to_be_32(1); > } >=20 > +static inline void > +aead_chacha20_poly1305_iv_fill(struct aead_chacha20_poly1305_iv > + *chacha20_poly1305, > + uint64_t iv, uint32_t salt) > +{ > + chacha20_poly1305->salt =3D salt; > + chacha20_poly1305->iv =3D iv; > + chacha20_poly1305->cnt =3D rte_cpu_to_be_32(1); > +} > + > static inline void > aead_gcm_iv_fill(struct aead_gcm_iv *gcm, uint64_t iv, uint32_t salt) > { > @@ -67,6 +149,21 @@ aead_gcm_iv_fill(struct aead_gcm_iv *gcm, uint64_t iv= , uint32_t salt) > gcm->cnt =3D rte_cpu_to_be_32(1); > } >=20 > +static inline void > +aead_ccm_iv_fill(struct aead_ccm_iv *ccm, uint64_t iv, uint32_t salt) > +{ > + union aead_ccm_salt tsalt; > + > + tsalt.salt =3D salt; > + ccm->ccm_flags =3D tsalt.inner.ccm_flags; > + ccm->salt[0] =3D tsalt.inner.salt8[0]; > + ccm->salt[1] =3D tsalt.inner.salt8[1]; > + ccm->salt[2] =3D tsalt.inner.salt8[2]; > + ccm->iv =3D iv; > + ccm->cnt =3D rte_cpu_to_be_32(1); > +} > + > + > /* > * RFC 4106, 5 AAD Construction > * spi and sqn should already be converted into network byte order. > @@ -86,6 +183,25 @@ aead_gcm_aad_fill(struct aead_gcm_aad *aad, rte_be32_= t spi, rte_be64_t sqn, > aad->align0 =3D 0; > } >=20 > +/* > + * RFC 4309, 5 AAD Construction > + * spi and sqn should already be converted into network byte order. > + * Make sure that not used bytes are zeroed. > + */ > +static inline void > +aead_ccm_aad_fill(struct aead_ccm_aad *aad, rte_be32_t spi, rte_be64_t s= qn, > + int esn) > +{ > + aad->spi =3D spi; > + if (esn) > + aad->sqn.u64 =3D sqn; > + else { > + aad->sqn.u32[0] =3D sqn_low32(sqn); > + aad->sqn.u32[1] =3D 0; > + } > + aad->align0 =3D 0; > +} > + > static inline void > gen_iv(uint64_t iv[IPSEC_MAX_IV_QWORD], rte_be64_t sqn) > { > @@ -93,6 +209,27 @@ gen_iv(uint64_t iv[IPSEC_MAX_IV_QWORD], rte_be64_t sq= n) > iv[1] =3D 0; > } >=20 > + > +/* > + * RFC 7634, 2.1 AAD Construction > + * spi and sqn should already be converted into network byte order. > + * Make sure that not used bytes are zeroed. > + */ > +static inline void > +aead_chacha20_poly1305_aad_fill(struct aead_chacha20_poly1305_aad *aad, > + rte_be32_t spi, rte_be64_t sqn, > + int esn) > +{ > + aad->spi =3D spi; > + if (esn) > + aad->sqn.u64 =3D sqn; > + else { > + aad->sqn.u32[0] =3D sqn_low32(sqn); > + aad->sqn.u32[1] =3D 0; > + } > + aad->align0 =3D 0; > +} > + > /* > * Helper routine to copy IV > * Right now we support only algorithms with IV length equals 0/8/16 byt= es. > diff --git a/lib/ipsec/esp_inb.c b/lib/ipsec/esp_inb.c > index 2b1df6a032..d66c88f05d 100644 > --- a/lib/ipsec/esp_inb.c > +++ b/lib/ipsec/esp_inb.c > @@ -63,6 +63,8 @@ inb_cop_prepare(struct rte_crypto_op *cop, > { > struct rte_crypto_sym_op *sop; > struct aead_gcm_iv *gcm; > + struct aead_ccm_iv *ccm; > + struct aead_chacha20_poly1305_iv *chacha20_poly1305; > struct aesctr_cnt_blk *ctr; > uint64_t *ivc, *ivp; > uint32_t algo; > @@ -83,6 +85,24 @@ inb_cop_prepare(struct rte_crypto_op *cop, > sa->iv_ofs); > aead_gcm_iv_fill(gcm, ivp[0], sa->salt); > break; > + case ALGO_TYPE_AES_CCM: > + sop_aead_prepare(sop, sa, icv, pofs, plen); > + > + /* fill AAD IV (located inside crypto op) */ > + ccm =3D rte_crypto_op_ctod_offset(cop, struct aead_ccm_iv *, > + sa->iv_ofs); > + aead_ccm_iv_fill(ccm, ivp[0], sa->salt); > + break; > + case ALGO_TYPE_CHACHA20_POLY1305: > + sop_aead_prepare(sop, sa, icv, pofs, plen); > + > + /* fill AAD IV (located inside crypto op) */ > + chacha20_poly1305 =3D rte_crypto_op_ctod_offset(cop, > + struct aead_chacha20_poly1305_iv *, > + sa->iv_ofs); > + aead_chacha20_poly1305_iv_fill(chacha20_poly1305, > + ivp[0], sa->salt); > + break; > case ALGO_TYPE_AES_CBC: > case ALGO_TYPE_3DES_CBC: > sop_ciph_auth_prepare(sop, sa, icv, pofs, plen); > @@ -91,6 +111,14 @@ inb_cop_prepare(struct rte_crypto_op *cop, > ivc =3D rte_crypto_op_ctod_offset(cop, uint64_t *, sa->iv_ofs); > copy_iv(ivc, ivp, sa->iv_len); > break; > + case ALGO_TYPE_AES_GMAC: > + sop_ciph_auth_prepare(sop, sa, icv, pofs, plen); > + > + /* fill AAD IV (located inside crypto op) */ > + gcm =3D rte_crypto_op_ctod_offset(cop, struct aead_gcm_iv *, > + sa->iv_ofs); > + aead_gcm_iv_fill(gcm, ivp[0], sa->salt); > + break; > case ALGO_TYPE_AES_CTR: > sop_ciph_auth_prepare(sop, sa, icv, pofs, plen); >=20 > @@ -110,6 +138,8 @@ inb_cpu_crypto_prepare(const struct rte_ipsec_sa *sa,= struct rte_mbuf *mb, > uint32_t *pofs, uint32_t plen, void *iv) > { > struct aead_gcm_iv *gcm; > + struct aead_ccm_iv *ccm; > + struct aead_chacha20_poly1305_iv *chacha20_poly1305; > struct aesctr_cnt_blk *ctr; > uint64_t *ivp; > uint32_t clen; > @@ -120,9 +150,19 @@ inb_cpu_crypto_prepare(const struct rte_ipsec_sa *sa= , struct rte_mbuf *mb, >=20 > switch (sa->algo_type) { > case ALGO_TYPE_AES_GCM: > + case ALGO_TYPE_AES_GMAC: > gcm =3D (struct aead_gcm_iv *)iv; > aead_gcm_iv_fill(gcm, ivp[0], sa->salt); > break; > + case ALGO_TYPE_AES_CCM: > + ccm =3D (struct aead_ccm_iv *)iv; > + aead_ccm_iv_fill(ccm, ivp[0], sa->salt); > + break; > + case ALGO_TYPE_CHACHA20_POLY1305: > + chacha20_poly1305 =3D (struct aead_chacha20_poly1305_iv *)iv; > + aead_chacha20_poly1305_iv_fill(chacha20_poly1305, > + ivp[0], sa->salt); > + break; > case ALGO_TYPE_AES_CBC: > case ALGO_TYPE_3DES_CBC: > copy_iv(iv, ivp, sa->iv_len); > @@ -175,6 +215,8 @@ inb_pkt_xprepare(const struct rte_ipsec_sa *sa, rte_b= e64_t sqc, > const union sym_op_data *icv) > { > struct aead_gcm_aad *aad; > + struct aead_ccm_aad *caad; > + struct aead_chacha20_poly1305_aad *chacha_aad; >=20 > /* insert SQN.hi between ESP trailer and ICV */ > if (sa->sqh_len !=3D 0) > @@ -184,9 +226,27 @@ inb_pkt_xprepare(const struct rte_ipsec_sa *sa, rte_= be64_t sqc, > * fill AAD fields, if any (aad fields are placed after icv), > * right now we support only one AEAD algorithm: AES-GCM. > */ > - if (sa->aad_len !=3D 0) { > - aad =3D (struct aead_gcm_aad *)(icv->va + sa->icv_len); > - aead_gcm_aad_fill(aad, sa->spi, sqc, IS_ESN(sa)); > + switch (sa->algo_type) { > + case ALGO_TYPE_AES_GCM: > + if (sa->aad_len !=3D 0) { > + aad =3D (struct aead_gcm_aad *)(icv->va + sa->icv_len); > + aead_gcm_aad_fill(aad, sa->spi, sqc, IS_ESN(sa)); > + } > + break; > + case ALGO_TYPE_AES_CCM: > + if (sa->aad_len !=3D 0) { > + caad =3D (struct aead_ccm_aad *)(icv->va + sa->icv_len); > + aead_ccm_aad_fill(caad, sa->spi, sqc, IS_ESN(sa)); > + } > + break; > + case ALGO_TYPE_CHACHA20_POLY1305: > + if (sa->aad_len !=3D 0) { > + chacha_aad =3D (struct aead_chacha20_poly1305_aad *) > + (icv->va + sa->icv_len); > + aead_chacha20_poly1305_aad_fill(chacha_aad, > + sa->spi, sqc, IS_ESN(sa)); > + } > + break; > } > } >=20 > diff --git a/lib/ipsec/esp_outb.c b/lib/ipsec/esp_outb.c > index 1e181cf2ce..a3f77469c3 100644 > --- a/lib/ipsec/esp_outb.c > +++ b/lib/ipsec/esp_outb.c > @@ -63,6 +63,8 @@ outb_cop_prepare(struct rte_crypto_op *cop, > { > struct rte_crypto_sym_op *sop; > struct aead_gcm_iv *gcm; > + struct aead_ccm_iv *ccm; > + struct aead_chacha20_poly1305_iv *chacha20_poly1305; > struct aesctr_cnt_blk *ctr; > uint32_t algo; >=20 > @@ -80,6 +82,15 @@ outb_cop_prepare(struct rte_crypto_op *cop, > /* NULL case */ > sop_ciph_auth_prepare(sop, sa, icv, hlen, plen); > break; > + case ALGO_TYPE_AES_GMAC: > + /* GMAC case */ > + sop_ciph_auth_prepare(sop, sa, icv, hlen, plen); > + > + /* fill AAD IV (located inside crypto op) */ > + gcm =3D rte_crypto_op_ctod_offset(cop, struct aead_gcm_iv *, > + sa->iv_ofs); > + aead_gcm_iv_fill(gcm, ivp[0], sa->salt); > + break; > case ALGO_TYPE_AES_GCM: > /* AEAD (AES_GCM) case */ > sop_aead_prepare(sop, sa, icv, hlen, plen); > @@ -89,6 +100,26 @@ outb_cop_prepare(struct rte_crypto_op *cop, > sa->iv_ofs); > aead_gcm_iv_fill(gcm, ivp[0], sa->salt); > break; > + case ALGO_TYPE_AES_CCM: > + /* AEAD (AES_CCM) case */ > + sop_aead_prepare(sop, sa, icv, hlen, plen); > + > + /* fill AAD IV (located inside crypto op) */ > + ccm =3D rte_crypto_op_ctod_offset(cop, struct aead_ccm_iv *, > + sa->iv_ofs); > + aead_ccm_iv_fill(ccm, ivp[0], sa->salt); > + break; > + case ALGO_TYPE_CHACHA20_POLY1305: > + /* AEAD (CHACHA20_POLY) case */ > + sop_aead_prepare(sop, sa, icv, hlen, plen); > + > + /* fill AAD IV (located inside crypto op) */ > + chacha20_poly1305 =3D rte_crypto_op_ctod_offset(cop, > + struct aead_chacha20_poly1305_iv *, > + sa->iv_ofs); > + aead_chacha20_poly1305_iv_fill(chacha20_poly1305, > + ivp[0], sa->salt); > + break; > case ALGO_TYPE_AES_CTR: > /* Cipher-Auth (AES-CTR *) case */ > sop_ciph_auth_prepare(sop, sa, icv, hlen, plen); > @@ -196,7 +227,9 @@ outb_pkt_xprepare(const struct rte_ipsec_sa *sa, rte_= be64_t sqc, > const union sym_op_data *icv) > { > uint32_t *psqh; > - struct aead_gcm_aad *aad; > + struct aead_gcm_aad *gaad; > + struct aead_ccm_aad *caad; > + struct aead_chacha20_poly1305_aad *chacha20_poly1305_aad; >=20 > /* insert SQN.hi between ESP trailer and ICV */ > if (sa->sqh_len !=3D 0) { > @@ -208,9 +241,29 @@ outb_pkt_xprepare(const struct rte_ipsec_sa *sa, rte= _be64_t sqc, > * fill IV and AAD fields, if any (aad fields are placed after icv), > * right now we support only one AEAD algorithm: AES-GCM . > */ > + switch (sa->algo_type) { > + case ALGO_TYPE_AES_GCM: > if (sa->aad_len !=3D 0) { > - aad =3D (struct aead_gcm_aad *)(icv->va + sa->icv_len); > - aead_gcm_aad_fill(aad, sa->spi, sqc, IS_ESN(sa)); > + gaad =3D (struct aead_gcm_aad *)(icv->va + sa->icv_len); > + aead_gcm_aad_fill(gaad, sa->spi, sqc, IS_ESN(sa)); > + } > + break; > + case ALGO_TYPE_AES_CCM: > + if (sa->aad_len !=3D 0) { > + caad =3D (struct aead_ccm_aad *)(icv->va + sa->icv_len); > + aead_ccm_aad_fill(caad, sa->spi, sqc, IS_ESN(sa)); > + } > + break; > + case ALGO_TYPE_CHACHA20_POLY1305: > + if (sa->aad_len !=3D 0) { > + chacha20_poly1305_aad =3D (struct aead_chacha20_poly1305_aad *) > + (icv->va + sa->icv_len); > + aead_chacha20_poly1305_aad_fill(chacha20_poly1305_aad, > + sa->spi, sqc, IS_ESN(sa)); > + } > + break; > + default: > + break; > } > } >=20 > @@ -418,6 +471,8 @@ outb_cpu_crypto_prepare(const struct rte_ipsec_sa *sa= , uint32_t *pofs, > { > uint64_t *ivp =3D iv; > struct aead_gcm_iv *gcm; > + struct aead_ccm_iv *ccm; > + struct aead_chacha20_poly1305_iv *chacha20_poly1305; > struct aesctr_cnt_blk *ctr; > uint32_t clen; >=20 > @@ -426,6 +481,15 @@ outb_cpu_crypto_prepare(const struct rte_ipsec_sa *s= a, uint32_t *pofs, > gcm =3D iv; > aead_gcm_iv_fill(gcm, ivp[0], sa->salt); > break; > + case ALGO_TYPE_AES_CCM: > + ccm =3D iv; > + aead_ccm_iv_fill(ccm, ivp[0], sa->salt); > + break; > + case ALGO_TYPE_CHACHA20_POLY1305: > + chacha20_poly1305 =3D iv; > + aead_chacha20_poly1305_iv_fill(chacha20_poly1305, > + ivp[0], sa->salt); > + break; > case ALGO_TYPE_AES_CTR: > ctr =3D iv; > aes_ctr_cnt_blk_fill(ctr, ivp[0], sa->salt); > diff --git a/lib/ipsec/sa.c b/lib/ipsec/sa.c > index e59189d215..720e0f365b 100644 > --- a/lib/ipsec/sa.c > +++ b/lib/ipsec/sa.c > @@ -47,6 +47,15 @@ fill_crypto_xform(struct crypto_xform *xform, uint64_t= type, > if (xfn !=3D NULL) > return -EINVAL; > xform->aead =3D &xf->aead; > + > + /* GMAC has only auth */ > + } else if (xf->type =3D=3D RTE_CRYPTO_SYM_XFORM_AUTH && > + xf->auth.algo =3D=3D RTE_CRYPTO_AUTH_AES_GMAC) { > + if (xfn !=3D NULL) > + return -EINVAL; > + xform->auth =3D &xf->auth; > + xform->cipher =3D &xfn->cipher; > + > /* > * CIPHER+AUTH xforms are expected in strict order, > * depending on SA direction: > @@ -247,12 +256,13 @@ esp_inb_init(struct rte_ipsec_sa *sa) > sa->ctp.cipher.length =3D sa->icv_len + sa->ctp.cipher.offset; >=20 > /* > - * for AEAD and NULL algorithms we can assume that > + * for AEAD algorithms we can assume that > * auth and cipher offsets would be equal. > */ > switch (sa->algo_type) { > case ALGO_TYPE_AES_GCM: > - case ALGO_TYPE_NULL: > + case ALGO_TYPE_AES_CCM: > + case ALGO_TYPE_CHACHA20_POLY1305: > sa->ctp.auth.raw =3D sa->ctp.cipher.raw; > break; > default: > @@ -294,6 +304,8 @@ esp_outb_init(struct rte_ipsec_sa *sa, uint32_t hlen) >=20 > switch (algo_type) { > case ALGO_TYPE_AES_GCM: > + case ALGO_TYPE_AES_CCM: > + case ALGO_TYPE_CHACHA20_POLY1305: > case ALGO_TYPE_AES_CTR: > case ALGO_TYPE_NULL: > sa->ctp.cipher.offset =3D hlen + sizeof(struct rte_esp_hdr) + > @@ -305,15 +317,20 @@ esp_outb_init(struct rte_ipsec_sa *sa, uint32_t hle= n) > sa->ctp.cipher.offset =3D hlen + sizeof(struct rte_esp_hdr); > sa->ctp.cipher.length =3D sa->iv_len; > break; > + case ALGO_TYPE_AES_GMAC: > + sa->ctp.cipher.offset =3D 0; > + sa->ctp.cipher.length =3D 0; > + break; > } >=20 > /* > - * for AEAD and NULL algorithms we can assume that > + * for AEAD algorithms we can assume that > * auth and cipher offsets would be equal. > */ > switch (algo_type) { > case ALGO_TYPE_AES_GCM: > - case ALGO_TYPE_NULL: > + case ALGO_TYPE_AES_CCM: > + case ALGO_TYPE_CHACHA20_POLY1305: > sa->ctp.auth.raw =3D sa->ctp.cipher.raw; > break; > default: > @@ -374,13 +391,39 @@ esp_sa_init(struct rte_ipsec_sa *sa, const struct r= te_ipsec_sa_prm *prm, > sa->pad_align =3D IPSEC_PAD_AES_GCM; > sa->algo_type =3D ALGO_TYPE_AES_GCM; > break; > + case RTE_CRYPTO_AEAD_AES_CCM: > + /* RFC 4309 */ > + sa->aad_len =3D sizeof(struct aead_ccm_aad); > + sa->icv_len =3D cxf->aead->digest_length; > + sa->iv_ofs =3D cxf->aead->iv.offset; > + sa->iv_len =3D sizeof(uint64_t); > + sa->pad_align =3D IPSEC_PAD_AES_CCM; > + sa->algo_type =3D ALGO_TYPE_AES_CCM; > + break; > + case RTE_CRYPTO_AEAD_CHACHA20_POLY1305: > + /* RFC 7634 & 8439*/ > + sa->aad_len =3D sizeof(struct aead_chacha20_poly1305_aad); > + sa->icv_len =3D cxf->aead->digest_length; > + sa->iv_ofs =3D cxf->aead->iv.offset; > + sa->iv_len =3D sizeof(uint64_t); > + sa->pad_align =3D IPSEC_PAD_CHACHA20_POLY1305; > + sa->algo_type =3D ALGO_TYPE_CHACHA20_POLY1305; > + break; > default: > return -EINVAL; > } > + } else if (cxf->auth->algo =3D=3D RTE_CRYPTO_AUTH_AES_GMAC) { > + /* RFC 4543 */ > + /* AES-GMAC is a special case of auth that needs IV */ > + sa->pad_align =3D IPSEC_PAD_AES_GMAC; > + sa->iv_len =3D sizeof(uint64_t); > + sa->icv_len =3D cxf->auth->digest_length; > + sa->iv_ofs =3D cxf->auth->iv.offset; > + sa->algo_type =3D ALGO_TYPE_AES_GMAC; > + > } else { > sa->icv_len =3D cxf->auth->digest_length; > sa->iv_ofs =3D cxf->cipher->iv.offset; > - sa->sqh_len =3D IS_ESN(sa) ? sizeof(uint32_t) : 0; >=20 > switch (cxf->cipher->algo) { > case RTE_CRYPTO_CIPHER_NULL: > @@ -414,6 +457,7 @@ esp_sa_init(struct rte_ipsec_sa *sa, const struct rte= _ipsec_sa_prm *prm, > } > } >=20 > + sa->sqh_len =3D IS_ESN(sa) ? sizeof(uint32_t) : 0; > sa->udata =3D prm->userdata; > sa->spi =3D rte_cpu_to_be_32(prm->ipsec_xform.spi); > sa->salt =3D prm->ipsec_xform.salt; > diff --git a/lib/ipsec/sa.h b/lib/ipsec/sa.h > index 1bffe751f5..107ebd1519 100644 > --- a/lib/ipsec/sa.h > +++ b/lib/ipsec/sa.h > @@ -19,7 +19,10 @@ enum { > IPSEC_PAD_AES_CBC =3D IPSEC_MAX_IV_SIZE, > IPSEC_PAD_AES_CTR =3D IPSEC_PAD_DEFAULT, > IPSEC_PAD_AES_GCM =3D IPSEC_PAD_DEFAULT, > + IPSEC_PAD_AES_CCM =3D IPSEC_PAD_DEFAULT, > + IPSEC_PAD_CHACHA20_POLY1305 =3D IPSEC_PAD_DEFAULT, > IPSEC_PAD_NULL =3D IPSEC_PAD_DEFAULT, > + IPSEC_PAD_AES_GMAC =3D IPSEC_PAD_DEFAULT, > }; >=20 > /* iv sizes for different algorithms */ > @@ -67,6 +70,9 @@ enum sa_algo_type { > ALGO_TYPE_AES_CBC, > ALGO_TYPE_AES_CTR, > ALGO_TYPE_AES_GCM, > + ALGO_TYPE_AES_CCM, > + ALGO_TYPE_CHACHA20_POLY1305, > + ALGO_TYPE_AES_GMAC, > ALGO_TYPE_MAX > }; >=20 > -- > 2.25.1