From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 36571A0597 for ; Tue, 21 Apr 2020 15:11:48 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 17F491C1F2; Tue, 21 Apr 2020 15:11:48 +0200 (CEST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by dpdk.org (Postfix) with ESMTP id DC4641C1F2 for ; Tue, 21 Apr 2020 15:11:46 +0200 (CEST) IronPort-SDR: bseYSGK8E7XXvDJbzEpVPQYQKXl9WGRD9tzi3wdYhDNchDDGjEw0EwstDihQpIqfxV+XYtwFAb fpuakzb3R87Q== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Apr 2020 06:11:45 -0700 IronPort-SDR: jUMLqwVpNYr2ByGKuKiT1AJat5/4aj3+pfBJkt9652RcesuZK3zVsXoAMjRRfRdW8SnOd8DAQN seQOYA6UZV/A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,410,1580803200"; d="scan'208";a="273519267" Received: from adamdybx-mobl.ger.corp.intel.com (HELO addy-VirtualBox.ger.corp.intel.com) ([10.104.121.71]) by orsmga002.jf.intel.com with ESMTP; 21 Apr 2020 06:11:43 -0700 From: Adam Dybkowski To: stable@dpdk.org, fiona.trahe@intel.com, bluca@debian.org Cc: Adam Dybkowski Date: Tue, 21 Apr 2020 14:55:42 +0200 Message-Id: <20200421125542.5403-1-adamx.dybkowski@intel.com> X-Mailer: git-send-email 2.17.1 Subject: [dpdk-stable] [PATCH 19.11] crypto/qat: support plain SHA1..SHA512 hashes X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" This patch adds support for plain SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 hashes to QAT PMD. Signed-off-by: Adam Dybkowski --- app/test/test_cryptodev_hash_test_vectors.h | 10 ++ doc/guides/cryptodevs/features/qat.ini | 5 + doc/guides/cryptodevs/qat.rst | 5 + drivers/crypto/qat/qat_sym_capabilities.h | 105 ++++++++++++++++++ drivers/crypto/qat/qat_sym_session.c | 113 ++++++++++++++++++-- drivers/crypto/qat/qat_sym_session.h | 1 + 6 files changed, 232 insertions(+), 7 deletions(-) diff --git a/app/test/test_cryptodev_hash_test_vectors.h b/app/test/test_cryptodev_hash_test_vectors.h index cff283118..394bb6b60 100644 --- a/app/test/test_cryptodev_hash_test_vectors.h +++ b/app/test/test_cryptodev_hash_test_vectors.h @@ -460,6 +460,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha1_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -473,6 +474,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha1_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -540,6 +542,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha224_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -553,6 +556,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha224_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -596,6 +600,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha256_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -609,6 +614,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha256_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -654,6 +660,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha384_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -667,6 +674,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha384_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -712,6 +720,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha512_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) @@ -724,6 +733,7 @@ static const struct blockcipher_test_case hash_test_cases[] = { .test_data = &sha512_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | + BLOCKCIPHER_TEST_TARGET_PMD_QAT | BLOCKCIPHER_TEST_TARGET_PMD_CCP | BLOCKCIPHER_TEST_TARGET_PMD_MVSAM | #if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 6e350eb81..a72241997 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -44,10 +44,15 @@ ZUC EEA3 = Y [Auth] NULL = Y MD5 HMAC = Y +SHA1 = Y SHA1 HMAC = Y +SHA224 = Y SHA224 HMAC = Y +SHA256 = Y SHA256 HMAC = Y +SHA384 = Y SHA384 HMAC = Y +SHA512 = Y SHA512 HMAC = Y AES GMAC = Y SNOW3G UIA2 = Y diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index 6197875fe..bb0459061 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -52,10 +52,15 @@ Cipher algorithms: Hash algorithms: +* ``RTE_CRYPTO_AUTH_SHA1`` * ``RTE_CRYPTO_AUTH_SHA1_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA224`` * ``RTE_CRYPTO_AUTH_SHA224_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA256`` * ``RTE_CRYPTO_AUTH_SHA256_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA384`` * ``RTE_CRYPTO_AUTH_SHA384_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA512`` * ``RTE_CRYPTO_AUTH_SHA512_HMAC`` * ``RTE_CRYPTO_AUTH_AES_XCBC_MAC`` * ``RTE_CRYPTO_AUTH_SNOW3G_UIA2`` diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h index 028a56c56..dbeea4340 100644 --- a/drivers/crypto/qat/qat_sym_capabilities.h +++ b/drivers/crypto/qat/qat_sym_capabilities.h @@ -6,6 +6,111 @@ #define _QAT_SYM_CAPABILITIES_H_ #define QAT_BASE_GEN1_SYM_CAPABILITIES \ + { /* SHA1 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA1, \ + .block_size = 64, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 20, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ + { /* SHA224 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA224, \ + .block_size = 64, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 28, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ + { /* SHA256 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA256, \ + .block_size = 64, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 32, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ + { /* SHA384 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA384, \ + .block_size = 128, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 48, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ + { /* SHA512 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \ + {.auth = { \ + .algo = RTE_CRYPTO_AUTH_SHA512, \ + .block_size = 128, \ + .key_size = { \ + .min = 0, \ + .max = 0, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 1, \ + .max = 64, \ + .increment = 1 \ + }, \ + .iv_size = { 0 } \ + }, } \ + }, } \ + }, \ { /* SHA1 HMAC */ \ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ {.sym = { \ diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index 72290ba48..1c97ddb4e 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -19,6 +19,41 @@ #include "qat_sym_session.h" #include "qat_sym_pmd.h" +/* SHA1 - 20 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha1InitialState[] = { + 0x67, 0x45, 0x23, 0x01, 0xef, 0xcd, 0xab, 0x89, 0x98, 0xba, + 0xdc, 0xfe, 0x10, 0x32, 0x54, 0x76, 0xc3, 0xd2, 0xe1, 0xf0}; + +/* SHA 224 - 32 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha224InitialState[] = { + 0xc1, 0x05, 0x9e, 0xd8, 0x36, 0x7c, 0xd5, 0x07, 0x30, 0x70, 0xdd, + 0x17, 0xf7, 0x0e, 0x59, 0x39, 0xff, 0xc0, 0x0b, 0x31, 0x68, 0x58, + 0x15, 0x11, 0x64, 0xf9, 0x8f, 0xa7, 0xbe, 0xfa, 0x4f, 0xa4}; + +/* SHA 256 - 32 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha256InitialState[] = { + 0x6a, 0x09, 0xe6, 0x67, 0xbb, 0x67, 0xae, 0x85, 0x3c, 0x6e, 0xf3, + 0x72, 0xa5, 0x4f, 0xf5, 0x3a, 0x51, 0x0e, 0x52, 0x7f, 0x9b, 0x05, + 0x68, 0x8c, 0x1f, 0x83, 0xd9, 0xab, 0x5b, 0xe0, 0xcd, 0x19}; + +/* SHA 384 - 64 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha384InitialState[] = { + 0xcb, 0xbb, 0x9d, 0x5d, 0xc1, 0x05, 0x9e, 0xd8, 0x62, 0x9a, 0x29, + 0x2a, 0x36, 0x7c, 0xd5, 0x07, 0x91, 0x59, 0x01, 0x5a, 0x30, 0x70, + 0xdd, 0x17, 0x15, 0x2f, 0xec, 0xd8, 0xf7, 0x0e, 0x59, 0x39, 0x67, + 0x33, 0x26, 0x67, 0xff, 0xc0, 0x0b, 0x31, 0x8e, 0xb4, 0x4a, 0x87, + 0x68, 0x58, 0x15, 0x11, 0xdb, 0x0c, 0x2e, 0x0d, 0x64, 0xf9, 0x8f, + 0xa7, 0x47, 0xb5, 0x48, 0x1d, 0xbe, 0xfa, 0x4f, 0xa4}; + +/* SHA 512 - 64 bytes - Initialiser state can be found in FIPS stds 180-2 */ +static const uint8_t sha512InitialState[] = { + 0x6a, 0x09, 0xe6, 0x67, 0xf3, 0xbc, 0xc9, 0x08, 0xbb, 0x67, 0xae, + 0x85, 0x84, 0xca, 0xa7, 0x3b, 0x3c, 0x6e, 0xf3, 0x72, 0xfe, 0x94, + 0xf8, 0x2b, 0xa5, 0x4f, 0xf5, 0x3a, 0x5f, 0x1d, 0x36, 0xf1, 0x51, + 0x0e, 0x52, 0x7f, 0xad, 0xe6, 0x82, 0xd1, 0x9b, 0x05, 0x68, 0x8c, + 0x2b, 0x3e, 0x6c, 0x1f, 0x1f, 0x83, 0xd9, 0xab, 0xfb, 0x41, 0xbd, + 0x6b, 0x5b, 0xe0, 0xcd, 0x19, 0x13, 0x7e, 0x21, 0x79}; + /** Frees a context previously created * Depends on openssl libcrypto */ @@ -580,8 +615,29 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev, const uint8_t *key_data = auth_xform->key.data; uint8_t key_length = auth_xform->key.length; session->aes_cmac = 0; + session->auth_mode = ICP_QAT_HW_AUTH_MODE1; switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_SHA1: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA1; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; + case RTE_CRYPTO_AUTH_SHA224: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA224; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; + case RTE_CRYPTO_AUTH_SHA256: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA256; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; + case RTE_CRYPTO_AUTH_SHA384: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA384; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; + case RTE_CRYPTO_AUTH_SHA512: + session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA512; + session->auth_mode = ICP_QAT_HW_AUTH_MODE0; + break; case RTE_CRYPTO_AUTH_SHA1_HMAC: session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA1; break; @@ -635,11 +691,6 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev, } session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3; break; - case RTE_CRYPTO_AUTH_SHA1: - case RTE_CRYPTO_AUTH_SHA256: - case RTE_CRYPTO_AUTH_SHA512: - case RTE_CRYPTO_AUTH_SHA224: - case RTE_CRYPTO_AUTH_SHA384: case RTE_CRYPTO_AUTH_MD5: case RTE_CRYPTO_AUTH_AES_CBC_MAC: QAT_LOG(ERR, "Crypto: Unsupported hash alg %u", @@ -727,6 +778,8 @@ qat_sym_session_configure_aead(struct rte_cryptodev *dev, session->cipher_iv.offset = xform->aead.iv.offset; session->cipher_iv.length = xform->aead.iv.length; + session->auth_mode = ICP_QAT_HW_AUTH_MODE1; + switch (aead_xform->algo) { case RTE_CRYPTO_AEAD_AES_GCM: if (qat_sym_validate_aes_key(aead_xform->key.length, @@ -1574,10 +1627,11 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, hash = (struct icp_qat_hw_auth_setup *)cdesc->cd_cur_ptr; hash->auth_config.reserved = 0; hash->auth_config.config = - ICP_QAT_HW_AUTH_CONFIG_BUILD(ICP_QAT_HW_AUTH_MODE1, + ICP_QAT_HW_AUTH_CONFIG_BUILD(cdesc->auth_mode, cdesc->qat_hash_alg, digestsize); - if (cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0 + || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2 || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_KASUMI_F9 || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3 || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC @@ -1600,6 +1654,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, */ switch (cdesc->qat_hash_alg) { case ICP_QAT_HW_AUTH_ALGO_SHA1: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-1 */ + rte_memcpy(cdesc->cd_cur_ptr, sha1InitialState, + sizeof(sha1InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-1 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { @@ -1609,6 +1672,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, state2_size = RTE_ALIGN_CEIL(ICP_QAT_HW_SHA1_STATE2_SZ, 8); break; case ICP_QAT_HW_AUTH_ALGO_SHA224: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-224 */ + rte_memcpy(cdesc->cd_cur_ptr, sha224InitialState, + sizeof(sha224InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-224 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { @@ -1618,6 +1690,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, state2_size = ICP_QAT_HW_SHA224_STATE2_SZ; break; case ICP_QAT_HW_AUTH_ALGO_SHA256: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-256 */ + rte_memcpy(cdesc->cd_cur_ptr, sha256InitialState, + sizeof(sha256InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-256 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { @@ -1627,6 +1708,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, state2_size = ICP_QAT_HW_SHA256_STATE2_SZ; break; case ICP_QAT_HW_AUTH_ALGO_SHA384: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-384 */ + rte_memcpy(cdesc->cd_cur_ptr, sha384InitialState, + sizeof(sha384InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-384 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { @@ -1636,6 +1726,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc, state2_size = ICP_QAT_HW_SHA384_STATE2_SZ; break; case ICP_QAT_HW_AUTH_ALGO_SHA512: + if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) { + /* Plain SHA-512 */ + rte_memcpy(cdesc->cd_cur_ptr, sha512InitialState, + sizeof(sha512InitialState)); + state1_size = qat_hash_get_state1_size( + cdesc->qat_hash_alg); + break; + } + /* SHA-512 HMAC */ if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512, authkey, authkeylen, cdesc->cd_cur_ptr, &state1_size, cdesc->aes_cmac)) { diff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h index 98985d686..bcab5b2b6 100644 --- a/drivers/crypto/qat/qat_sym_session.h +++ b/drivers/crypto/qat/qat_sym_session.h @@ -62,6 +62,7 @@ struct qat_sym_session { enum icp_qat_hw_cipher_mode qat_mode; enum icp_qat_hw_auth_algo qat_hash_alg; enum icp_qat_hw_auth_op auth_op; + enum icp_qat_hw_auth_mode auth_mode; void *bpi_ctx; struct qat_sym_cd cd; uint8_t *cd_cur_ptr; -- 2.17.1