From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0050.outbound.protection.outlook.com [104.47.42.50]) by dpdk.org (Postfix) with ESMTP id ED2B81B217 for ; Wed, 10 Jan 2018 10:43:42 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=MpyiMfQvuDS3C9gll3Gm/aumpXt4oAL+kVqB8EE3xCY=; b=UDdPQ06uHcmi87YU/NA9vfQCEQCUAfSe58gcF8xvdGrGUajmilPT3/RPf2aKJ9wMwQxw85DY3naeDj6RhVkmOgI+Y/Qw8JfJvGAaClzRmLdyV1QfNSTfgkF0HatUFC0jckJJj10L3xxiM9rM9Y89pYK2qPHPlhOBscgBla2kWVo= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by CY4PR12MB1509.namprd12.prod.outlook.com (10.172.68.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.386.5; Wed, 10 Jan 2018 09:43:40 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com Date: Wed, 10 Jan 2018 04:42:54 -0500 Message-Id: <1515577379-18453-14-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com> References: <1515145198-97367-1-git-send-email-Ravi1.kumar@amd.com> <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: MAXPR0101CA0024.INDPRD01.PROD.OUTLOOK.COM (10.174.62.34) To CY4PR12MB1509.namprd12.prod.outlook.com (10.172.68.22) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: efcac5d0-4fa8-47fd-11ad-08d5580ea22b X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020049)(4652020)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:CY4PR12MB1509; X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509; 3:kNJHdUSqcWFi3jNmTXy4fu5qsOHW9vlFmg4gZAJtaiw4ME1IOW4G8mtWMeH07AuQO9fcHoJy8E4VuXLdwxEZM+NFCe1lN/a59fq+b2k33i6wJC2PurbAn+gQhC2c5X4AxjXt7bVJOPkEyBYkJPIWWYKcgkOF9rqEDB9sIUMrxCazswsVdnlsqQ/RtAmPb9gKn430kJ74YkB8/Ov13SlGQxK34dJovMRlGu9Nq6x3b9k/Nj6QYeLMLg32oPL6ouQz; 25:1x7rUNT/2FD30Bpfb0KGnYDEPq8svSC4PXa1RufZstjDInIdeQbKrHuFFKAq6siCx+HHS3H9mwG7y6/xHKG5ynK74uk7zxbLOrl0Qwkvfv44RvVsCWfSMe70L5XW3cx7OBn6jceR9KCJFe/fE23d6hcFHcDLsJlIjYjRavAhH76A/2pPVMeHh0RWrlmsZD4fV8VHk2RZ0Y53M0saem6LFu93BhNpLvY+5KVYu7D7Y5FW1ykZ/HlHrLy8ZFfJZ1gPuwOACMm06qe5iYEBh1RiPR1Ds5HIlcCcALTeFBxglcrDKpoutJFHXiNBrUBsDDAmQnfZSvJwutD/hxpXoY7uLQ==; 31:8hVh434OzLeNXbHo3cDv7o1X+8HB2kDfZCr/uM/aUICycrQHyqZxm0mTGtI7V+D7cDCieiv29qRNtbPshzIUOLTsgCjcroDSqzHkE5O92aZzCizsfHhQcBaruufZvS13gVY1qbnR6cPCPfOdd0F3ytn4YDXiDx7oEWHENKp57VqNtnFgRY7dPLtOTZS469jRj2DnjUdsOP7T5117SSrGbig3JDSPGjJfWdZJ0Ws98Sc= X-MS-TrafficTypeDiagnostic: CY4PR12MB1509: X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509; 20:mbLldfiaLMQOzYgh4/lnTHOILFG8qWzlyYpOr2S/US5iUDzsArD3TylW/UcDZowN1kURrMKW2Pt+Q9ox8X2iGFbtPNtdeovOaLqOuQBJ6dL5uSSkXaUuEB2+08G8GALd4co3mtqnvcS6KkcEXYlwSatVohYb8nvcoQfcXn+p8eC7iA9TZnc0/ZJYoIkelGw94X/VZan5S0Rf3Yxagi2uHJWi0wViadLyvKFUDVdz4IvAXUtwDVCF4X8gcE9sBvLrzE5gj1X0k+djeQZoGGbAGvbkx7mbyxsewcdgdaVanAmc20gPQs7shGRBnVT/FMAf6ynljCGiJeeuX/A3Ur6kV6M12d63snNSfPiDcxUNlnuJvzdviYR7p45CjUPCGrHDXURFkksI2IvA832VVt2SyvEc8PIgHf5a6um8o5Ol3eCmzSkDnf2W7Wu6djQL4M/KhdzUK5tB6/wSCd/SCQPkjIuhD3zGT5HTkQo9jmR6Y/WWFRQFKMCwsH1qEgar6h+Y; 4:d985Me6p1NYE/heDvSR9gjkEI0JG81a/igovKlGqp6WabPBl6FKnW+0KGFnckVlDCkut797GMJR/2gJzSX3ru7Pz7SRlAAP8SsoMX0hpDpiBjmm4bEAWgNSgk70hcO2Vxwt5LFYI1KKV2PiGsRkRLigObioOKhaGMNZmzGs2aZ1ONC4afr0jsHfJ3qdkaiEjqw6OTBrZXwbCWHzPaKV91MVWO7sx9vCHK0qbWZgoIA9YXTjQydxRHBdRyVAjYvX+0rYXiKPDJORFup9fa/7phxPbAiLi7GrM3D4ZAfD+G1dF9wYREjPkwtFU3nuZ4CxJ X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(3231023)(944501119)(6055026)(6041268)(20161123562045)(20161123558120)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:CY4PR12MB1509; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:CY4PR12MB1509; X-Forefront-PRVS: 0548586081 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(366004)(39860400002)(396003)(346002)(376002)(39380400002)(189003)(199004)(25786009)(8676002)(81166006)(47776003)(48376002)(6666003)(2950100002)(81156014)(6916009)(66066001)(50226002)(68736007)(36756003)(8936002)(16586007)(72206003)(50466002)(16526018)(316002)(53936002)(478600001)(5660300001)(86362001)(575784001)(4326008)(386003)(2361001)(2351001)(6486002)(53416004)(97736004)(51416003)(76176011)(106356001)(105586002)(7736002)(6116002)(3846002)(2906002)(59450400001)(305945005)(7696005)(52116002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR12MB1509; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY4PR12MB1509; 23:GqTTqZQ39UYfG9cvZoWWPw5lHkbAmJSuEiMk2fMAC?= =?us-ascii?Q?U/5f0FN0p+1oj7t6o73se7oyjX0BUrk6Gg6ELyYX8YhTaP1wpkqf1khklqY/?= =?us-ascii?Q?WXY6mvWLi61F1bWuGLnRpvjlqJ3edlC4VnGg/TUFaKK48Y7LaaWaYaKYXl+r?= =?us-ascii?Q?W8hFbiqR58uk9IM7OsuWDI0V7p9R7jqho4HYGkK5jL0St+nRvZq8/MVjyTcV?= =?us-ascii?Q?tDvWJ0o/AWlppucKmPsR4B0z7b9WAX1w88p6B78szmwC1YwAiHRVjQwdIdvw?= =?us-ascii?Q?THJYjUIOHbcsADj6bXruRhbZryuf7kF/XLlaU+EbPhUCxEZqNr7OhkJYoheY?= =?us-ascii?Q?m10h4VZ0RdDD5+5e+Lg+aYw0YzGNZevqMC8Synt0KL7oAnBBBafUns1sk28I?= =?us-ascii?Q?FNJapreBc7d5mIzIuieWa+l0ixyd04GXu3KRVoUPWfG0Lf2Gp6b+xnREOjW1?= =?us-ascii?Q?62m06EGxjG7kAcKiIXDoT3hrIRqihsKJLROExbds3gjcL/dtaD4I12sCUF/t?= =?us-ascii?Q?Re38S74zYyVAMY7e2OE0a3ze5tQDM+Je9EMST/pG4yynkqWlvgJ+Jja8LWTE?= =?us-ascii?Q?l+TToXg2HWHwjDMIDqUQYLiJ7wyp2B2yrzi1XK4WCQ19x/6/7A1pILIaXG9p?= =?us-ascii?Q?NixHmQar99rYHqaih6M8pOueWBL7enPIl91j19iTsobYiG6CvRyR+ootb7Yw?= =?us-ascii?Q?2/H0wFqrzaTXkwgUvSA19jtbUx2jWpq7EWO2xCz5ggQyLvNYvi+6aU898QPX?= =?us-ascii?Q?4u+nvZ7C7puOj++z+EOHRtQVSuEBbyJvitIy+3LNFwG8bhkXPA673P9enlNr?= =?us-ascii?Q?28FsSNcwJnq5ybL12ucu4VQ4rTzU8mUJXz+nSr8b7wiXvCxubZxMpOqNp1Ey?= =?us-ascii?Q?Q+MNlEZ1baz2nb/Y86vQL/Jn6Pxqs1DZWGA6YTX5jQIhPBvtFqiGF+5lQJOF?= =?us-ascii?Q?186fFOkpMQfKLuH/CTc+xrnofGNIToZb4uaeWxlcHJHD9JH3bRadr9XE19lA?= =?us-ascii?Q?Qo5fuU9FFwfkWI64fOA6mrYuuzinsXCa5fl9W9NvCEJGyOZBAd4IBVDXGzn5?= =?us-ascii?Q?H+19NqBDJW/V41DL/8L6FsWv2O3bmS0fOimUzbY+v5gGzHzAL7HeWaiL82k5?= =?us-ascii?Q?BtpgSt2c/aJJO+fhSQwKu8ZiqlX7pEXBBP0bPsQOSSJonVtJ6lCFKJg+RabA?= =?us-ascii?Q?wRYW5ehsjRZlYA=3D?= X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509; 6:iQFRr4XSk2yTCrWCrneuAff1aKHl558EHpvsmkYHIg2tAx6dsyBuLBXOg/pdQtucoQPyMo90WKP6aTMH3cwQaVLdCORzetM7ZdkuL9IHJfbgXfmV6gHq/r0FrXSynBRXqr65oEh2p0fHM6UBoiFNqqCDVY8q7ROFRb6qpWlZB1SHUXNpArRL0rqkGtxrTN89qNbjO2FMAKwo3BYxLqHT/ep5e+a1LnPzUKnEfeyGXDvS2S9131ecsi4eayxkmffz8HKWFbgehd2w61iwLMRdMENymyHWxjiXC3rVEAEq6FPN6krkRbQlw57G4wNuFHfmhkcDjhfmv9bbwbkzo3oXzFAZgJGJ5/8t07tT3/Bd3HU=; 5:5alPJOc6uHLDKCU0V/w7K3U3KfiDzUFrKCt6orkAIhTpMsDR07Nr7KKJ/CgubyUGTQub7Ilk9n4fwYroQ27wg/rtbWcYNMHOBjPif6SzJkURcoH3JJq1hK9eHcw25vB/lVc3e2XZA7v6ihbEk7PAZK7JPjanJ2ZmYl6N3aDRkVI=; 24:Lhz0DIy59dFc98WHbc0YwPxqpue5NLm/WK8YR2KmmLgaH6CLyuX7pqBVG+GUlt5wZC578WeQZ4ccHvc+S/b3WeGv2udKFH19Az+ED+ttQCk=; 7:8jdNHfKhggxsbX8MqBtMPSxoIHGG1y5C1Dl5TuMRhf2rKWAFafORsDXQbIQwe04jceadfzfJ71j9TCH3ZCkxkoQ8388Ws1lmLxeJAAPkm+IO90W2OaWKKJez49CT477dMgSwNlrSchNhM3HRe2vUb48oKB5vXbC0gUDrFbMMd/tG7vMCxXwlMoACQX7WErs7mXaPa+E7QlDLWWgxsccdkwhEPdkVttX9qekZJs0FjIfzIa0Dm4yMCmnFh8GuNjaK SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509; 20:XiYjkE0elOmT/0PenBfLtGL1LFbZvCnavsPsMwygFllfKEGwuknpXh1vjg2TEsYeQWUpz0k8t+wiZssTYon02L9y2F0yYF1cKXjTzBj1ZED4lFIE3GDtSpQp1QYSBOpdfaVS1nngeCFUfGiuA9lFjrLCQ8/XmlsL01afDTG3GjW/kb2aMZd34cR18BHdFZXrq4lZBompmZjMUlb+w7gH8OzQdWN0M1mrZrUKPHNlJf0UQXXLWjGZpKow2WSZztNf X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Jan 2018 09:43:40.7092 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: efcac5d0-4fa8-47fd-11ad-08d5580ea22b X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1509 Subject: [dpdk-dev] [PATCH v3 14/19] crypto/ccp: support sha1 authentication algo X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jan 2018 09:43:43 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 367 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 23 +++ drivers/crypto/ccp/ccp_pmd_ops.c | 42 +++++ 3 files changed, 432 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index 4ced193..ace6bc2 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -36,6 +36,7 @@ #include #include #include +#include #include /*sub key apis*/ #include /*sub key apis*/ @@ -52,6 +53,14 @@ #include "ccp_pci.h" #include "ccp_pmd_private.h" +/* SHA initial context values */ +static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA1_H4, SHA1_H3, + SHA1_H2, SHA1_H1, + SHA1_H0, 0x0U, + 0x0U, 0x0U, +}; + static enum ccp_cmd_order ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) { @@ -76,6 +85,59 @@ ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) return res; } +/* partial hash using openssl */ +static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) +{ + SHA_CTX ctx; + + if (!SHA1_Init(&ctx)) + return -EFAULT; + SHA1_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); + return 0; +} + +static int generate_partial_hash(struct ccp_session *sess) +{ + + uint8_t ipad[sess->auth.block_size]; + uint8_t opad[sess->auth.block_size]; + uint8_t *ipad_t, *opad_t; + uint32_t *hash_value_be32, hash_temp32[8]; + int i, count; + + opad_t = ipad_t = (uint8_t *)sess->auth.key; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute); + + /* considering key size is always equal to block size of algorithm */ + for (i = 0; i < sess->auth.block_size; i++) { + ipad[i] = (ipad_t[i] ^ HMAC_IPAD_VALUE); + opad[i] = (opad_t[i] ^ HMAC_OPAD_VALUE); + } + + switch (sess->auth.algo) { + case CCP_AUTH_ALGO_SHA1_HMAC: + count = SHA1_DIGEST_SIZE >> 2; + + if (partial_hash_sha1(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha1(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + default: + CCP_LOG_ERR("Invalid auth algo"); + return -1; + } +} + /* prepare temporary keys K1 and K2 */ static void prepare_key(unsigned char *k, unsigned char *l, int bl) { @@ -260,6 +322,31 @@ ccp_configure_session_auth(struct ccp_session *sess, else sess->auth.op = CCP_AUTH_OP_VERIFY; switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_SHA1: + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.algo = CCP_AUTH_ALGO_SHA1; + sess->auth.ut.sha_type = CCP_SHA_TYPE_1; + sess->auth.ctx = (void *)ccp_sha1_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA1_HMAC: + if (auth_xform->key.length > SHA1_BLOCK_SIZE) + return -1; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.algo = CCP_AUTH_ALGO_SHA1_HMAC; + sess->auth.ut.sha_type = CCP_SHA_TYPE_1; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; + sess->auth.block_size = SHA1_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; case RTE_CRYPTO_AUTH_AES_CMAC: sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; sess->auth.engine = CCP_ENGINE_AES; @@ -453,6 +540,13 @@ ccp_auth_slot(struct ccp_session *session) int count = 0; switch (session->auth.algo) { + case CCP_AUTH_ALGO_SHA1: + count = 3; + /**< op + lsb passthrough cpy to/from*/ + break; + case CCP_AUTH_ALGO_SHA1_HMAC: + count = 6; + break; case CCP_AUTH_ALGO_AES_CMAC: count = 4; /** @@ -578,6 +672,271 @@ ccp_perform_passthru(struct ccp_passthru *pst, } static int +ccp_perform_hmac(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + + struct ccp_session *session; + union ccp_function function; + struct ccp_desc *desc; + uint32_t tail; + phys_addr_t src_addr, dest_addr, dest_addr_t; + struct ccp_passthru pst; + uint64_t auth_msg_bits; + void *append_ptr; + uint8_t *addr; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + addr = session->auth.pre_compute; + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr); + dest_addr_t = dest_addr; + + /** Load PHash1 to LSB*/ + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**sha engine command descriptor for IntermediateHash*/ + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + auth_msg_bits = (op->sym->auth.data.length + + session->auth.block_size) * 8; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Intermediate Hash value retrieve */ + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) { + + pst.src_addr = + (phys_addr_t)((cmd_q->sb_sha + 1) * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t; + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t + CCP_SB_BYTES; + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + } else { + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + } + + /** Load PHash2 to LSB*/ + addr += session->auth.ctx_len; + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**sha engine command descriptor for FinalHash*/ + dest_addr_t += session->auth.offset; + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = (session->auth.ctx_len - + session->auth.offset); + auth_msg_bits = (session->auth.block_size + + session->auth.ctx_len - + session->auth.offset) * 8; + + CCP_CMD_SRC_LO(desc) = (uint32_t)(dest_addr_t); + CCP_CMD_SRC_HI(desc) = high32_value(dest_addr_t); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Retrieve hmac output */ + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + else + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; + +} + +static int +ccp_perform_sha(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + struct ccp_session *session; + union ccp_function function; + struct ccp_desc *desc; + uint32_t tail; + phys_addr_t src_addr, dest_addr; + struct ccp_passthru pst; + void *append_ptr; + uint64_t auth_msg_bits; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + + append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr); + + /** Passthru sha context*/ + + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *) + session->auth.ctx); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**prepare sha command descriptor*/ + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + auth_msg_bits = op->sym->auth.data.length * 8; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Hash value retrieve */ + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + else + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; + +} + +static int ccp_perform_aes_cmac(struct rte_crypto_op *op, struct ccp_queue *cmd_q) { @@ -1148,6 +1507,14 @@ ccp_crypto_auth(struct rte_crypto_op *op, ccp_cryptodev_driver_id); switch (session->auth.algo) { + case CCP_AUTH_ALGO_SHA1: + result = ccp_perform_sha(op, cmd_q); + b_info->desccnt += 3; + break; + case CCP_AUTH_ALGO_SHA1_HMAC: + result = ccp_perform_hmac(op, cmd_q); + b_info->desccnt += 6; + break; case CCP_AUTH_ALGO_AES_CMAC: result = ccp_perform_aes_cmac(op, cmd_q); b_info->desccnt += 4; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index d528ec9..42179de 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -60,9 +60,32 @@ #define CCP_DES_ENCRYPT(p) ((p)->des.encrypt) #define CCP_DES_MODE(p) ((p)->des.mode) #define CCP_DES_TYPE(p) ((p)->des.type) +#define CCP_SHA_TYPE(p) ((p)->sha.type) #define CCP_PT_BYTESWAP(p) ((p)->pt.byteswap) #define CCP_PT_BITWISE(p) ((p)->pt.bitwise) +/* HMAC */ +#define HMAC_IPAD_VALUE 0x36 +#define HMAC_OPAD_VALUE 0x5c + +#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH +#define MD5_DIGEST_SIZE 16 +#define MD5_BLOCK_SIZE 64 +#endif + +/* SHA */ +#define SHA_COMMON_DIGEST_SIZE 32 +#define SHA1_DIGEST_SIZE 20 +#define SHA1_BLOCK_SIZE 64 + +/* SHA LSB intialiazation values */ + +#define SHA1_H0 0x67452301UL +#define SHA1_H1 0xefcdab89UL +#define SHA1_H2 0x98badcfeUL +#define SHA1_H3 0x10325476UL +#define SHA1_H4 0xc3d2e1f0UL + /** * CCP supported AES modes */ diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 24f577a..6adef1c 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -39,6 +39,48 @@ #include "ccp_crypto.h" static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { + { /* SHA1 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA1 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /*AES-CMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4