From: Wathsala Wathawana Vithanage <wathsala.vithanage@arm.com>
To: Brian Dooley <brian.dooley@intel.com>, Kai Ji <kai.ji@intel.com>,
Pablo de Lara <pablo.de.lara.guarch@intel.com>
Cc: "dev@dpdk.org" <dev@dpdk.org>,
"gakhil@marvell.com" <gakhil@marvell.com>,
Ciara Power <ciara.power@intel.com>, nd <nd@arm.com>,
nd <nd@arm.com>
Subject: RE: [PATCH v2] crypto/ipsec_mb: use new ipad/opad calculation API
Date: Tue, 5 Mar 2024 15:16:36 +0000 [thread overview]
Message-ID: <AM0PR08MB5073A2BAA38A9BD68E3B1BFD9F222@AM0PR08MB5073.eurprd08.prod.outlook.com> (raw)
In-Reply-To: <20240211191038.863120-1-brian.dooley@intel.com>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> Signed-off-by: Brian Dooley <brian.dooley@intel.com>
> Acked-by: Ciara Power <ciara.power@intel.com>
Acked-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
>
> Depends-on: series-30989 ("crypto/ipsec_mb: bump minimum IPsec Multi-
> buffer version")
>
> v2:
> - Remove ipsec mb version checks
> ---
> drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 75 ++------------------------
> 1 file changed, 5 insertions(+), 70 deletions(-)
>
> diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> index 4de4866cf3..251e18ec7a 100644
> --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> @@ -13,49 +13,6 @@ struct aesni_mb_op_buf_data {
> uint32_t offset;
> };
>
> -/**
> - * Calculate the authentication pre-computes
> - *
> - * @param one_block_hash Function pointer
> - * to calculate digest on ipad/opad
> - * @param ipad Inner pad output byte array
> - * @param opad Outer pad output byte array
> - * @param hkey Authentication key
> - * @param hkey_len Authentication key length
> - * @param blocksize Block size of selected hash algo
> - */
> -static void
> -calculate_auth_precomputes(hash_one_block_t one_block_hash,
> - uint8_t *ipad, uint8_t *opad,
> - const uint8_t *hkey, uint16_t hkey_len,
> - uint16_t blocksize)
> -{
> - uint32_t i, length;
> -
> - uint8_t ipad_buf[blocksize] __rte_aligned(16);
> - uint8_t opad_buf[blocksize] __rte_aligned(16);
> -
> - /* Setup inner and outer pads */
> - memset(ipad_buf, HMAC_IPAD_VALUE, blocksize);
> - memset(opad_buf, HMAC_OPAD_VALUE, blocksize);
> -
> - /* XOR hash key with inner and outer pads */
> - length = hkey_len > blocksize ? blocksize : hkey_len;
> -
> - for (i = 0; i < length; i++) {
> - ipad_buf[i] ^= hkey[i];
> - opad_buf[i] ^= hkey[i];
> - }
> -
> - /* Compute partial hashes */
> - (*one_block_hash)(ipad_buf, ipad);
> - (*one_block_hash)(opad_buf, opad);
> -
> - /* Clean up stack */
> - memset(ipad_buf, 0, blocksize);
> - memset(opad_buf, 0, blocksize);
> -}
> -
> static inline int
> is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode) {
> @@ -66,12 +23,10 @@ is_aead_algo(IMB_HASH_ALG hash_alg,
> IMB_CIPHER_MODE cipher_mode)
>
> /** Set session authentication parameters */ static int -
> aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
> +aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
> struct aesni_mb_session *sess,
> const struct rte_crypto_sym_xform *xform) {
> - hash_one_block_t hash_oneblock_fn = NULL;
> - unsigned int key_larger_block_size = 0;
> uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
> uint32_t auth_precompute = 1;
>
> @@ -267,18 +222,15 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> switch (xform->auth.algo) {
> case RTE_CRYPTO_AUTH_MD5_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_MD5;
> - hash_oneblock_fn = mb_mgr->md5_one_block;
> break;
> case RTE_CRYPTO_AUTH_SHA1_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
> - hash_oneblock_fn = mb_mgr->sha1_one_block;
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_1)) {
> IMB_SHA1(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> - key_larger_block_size = 1;
> }
> break;
> case RTE_CRYPTO_AUTH_SHA1:
> @@ -287,14 +239,12 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> break;
> case RTE_CRYPTO_AUTH_SHA224_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
> - hash_oneblock_fn = mb_mgr->sha224_one_block;
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_224)) {
> IMB_SHA224(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> - key_larger_block_size = 1;
> }
> break;
> case RTE_CRYPTO_AUTH_SHA224:
> @@ -303,14 +253,12 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> break;
> case RTE_CRYPTO_AUTH_SHA256_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
> - hash_oneblock_fn = mb_mgr->sha256_one_block;
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_256)) {
> IMB_SHA256(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> - key_larger_block_size = 1;
> }
> break;
> case RTE_CRYPTO_AUTH_SHA256:
> @@ -319,14 +267,12 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> break;
> case RTE_CRYPTO_AUTH_SHA384_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
> - hash_oneblock_fn = mb_mgr->sha384_one_block;
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_384)) {
> IMB_SHA384(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> - key_larger_block_size = 1;
> }
> break;
> case RTE_CRYPTO_AUTH_SHA384:
> @@ -335,14 +281,12 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> break;
> case RTE_CRYPTO_AUTH_SHA512_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
> - hash_oneblock_fn = mb_mgr->sha512_one_block;
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_512)) {
> IMB_SHA512(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> - key_larger_block_size = 1;
> }
> break;
> case RTE_CRYPTO_AUTH_SHA512:
> @@ -376,19 +320,10 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> return 0;
>
> /* Calculate Authentication precomputes */
> - if (key_larger_block_size) {
> - calculate_auth_precomputes(hash_oneblock_fn,
> - sess->auth.pads.inner, sess->auth.pads.outer,
> - hashed_key,
> - xform->auth.key.length,
> - get_auth_algo_blocksize(sess-
> >template_job.hash_alg));
> - } else {
> - calculate_auth_precomputes(hash_oneblock_fn,
> - sess->auth.pads.inner, sess->auth.pads.outer,
> - xform->auth.key.data,
> - xform->auth.key.length,
> - get_auth_algo_blocksize(sess-
> >template_job.hash_alg));
> - }
> + imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg,
> + xform->auth.key.data, xform->auth.key.length,
> + sess->auth.pads.inner, sess->auth.pads.outer);
> +
> sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
> sess->auth.pads.inner;
> sess->template_job.u.HMAC._hashed_auth_key_xor_opad =
> --
> 2.25.1
prev parent reply other threads:[~2024-03-05 15:16 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-14 16:41 [PATCH v1] " Brian Dooley
2024-02-08 16:15 ` Power, Ciara
2024-02-11 19:10 ` [PATCH v2] " Brian Dooley
2024-03-05 15:16 ` Wathsala Wathawana Vithanage [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AM0PR08MB5073A2BAA38A9BD68E3B1BFD9F222@AM0PR08MB5073.eurprd08.prod.outlook.com \
--to=wathsala.vithanage@arm.com \
--cc=brian.dooley@intel.com \
--cc=ciara.power@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=kai.ji@intel.com \
--cc=nd@arm.com \
--cc=pablo.de.lara.guarch@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).