From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <Ravi1.Kumar@amd.com>
Received: from NAM03-BY2-obe.outbound.protection.outlook.com
 (mail-by2nam03on0050.outbound.protection.outlook.com [104.47.42.50])
 by dpdk.org (Postfix) with ESMTP id ED2B81B217
 for <dev@dpdk.org>; Wed, 10 Jan 2018 10:43:42 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=amdcloud.onmicrosoft.com; s=selector1-amd-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=MpyiMfQvuDS3C9gll3Gm/aumpXt4oAL+kVqB8EE3xCY=;
 b=UDdPQ06uHcmi87YU/NA9vfQCEQCUAfSe58gcF8xvdGrGUajmilPT3/RPf2aKJ9wMwQxw85DY3naeDj6RhVkmOgI+Y/Qw8JfJvGAaClzRmLdyV1QfNSTfgkF0HatUFC0jckJJj10L3xxiM9rM9Y89pYK2qPHPlhOBscgBla2kWVo=
Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=Ravi1.Kumar@amd.com; 
Received: from wallaby-smavila.amd.com (202.56.249.162) by
 CY4PR12MB1509.namprd12.prod.outlook.com (10.172.68.22) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id
 15.20.386.5; Wed, 10 Jan 2018 09:43:40 +0000
From: Ravi Kumar <Ravi1.kumar@amd.com>
To: dev@dpdk.org
Cc: pablo.de.lara.guarch@intel.com
Date: Wed, 10 Jan 2018 04:42:54 -0500
Message-Id: <1515577379-18453-14-git-send-email-Ravi1.kumar@amd.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com>
References: <1515145198-97367-1-git-send-email-Ravi1.kumar@amd.com>
 <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com>
MIME-Version: 1.0
Content-Type: text/plain
X-Originating-IP: [202.56.249.162]
X-ClientProxiedBy: MAXPR0101CA0024.INDPRD01.PROD.OUTLOOK.COM (10.174.62.34) To
 CY4PR12MB1509.namprd12.prod.outlook.com (10.172.68.22)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: efcac5d0-4fa8-47fd-11ad-08d5580ea22b
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0;
 RULEID:(7020049)(4652020)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020);
 SRVR:CY4PR12MB1509; 
X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509;
 3:kNJHdUSqcWFi3jNmTXy4fu5qsOHW9vlFmg4gZAJtaiw4ME1IOW4G8mtWMeH07AuQO9fcHoJy8E4VuXLdwxEZM+NFCe1lN/a59fq+b2k33i6wJC2PurbAn+gQhC2c5X4AxjXt7bVJOPkEyBYkJPIWWYKcgkOF9rqEDB9sIUMrxCazswsVdnlsqQ/RtAmPb9gKn430kJ74YkB8/Ov13SlGQxK34dJovMRlGu9Nq6x3b9k/Nj6QYeLMLg32oPL6ouQz;
 25:1x7rUNT/2FD30Bpfb0KGnYDEPq8svSC4PXa1RufZstjDInIdeQbKrHuFFKAq6siCx+HHS3H9mwG7y6/xHKG5ynK74uk7zxbLOrl0Qwkvfv44RvVsCWfSMe70L5XW3cx7OBn6jceR9KCJFe/fE23d6hcFHcDLsJlIjYjRavAhH76A/2pPVMeHh0RWrlmsZD4fV8VHk2RZ0Y53M0saem6LFu93BhNpLvY+5KVYu7D7Y5FW1ykZ/HlHrLy8ZFfJZ1gPuwOACMm06qe5iYEBh1RiPR1Ds5HIlcCcALTeFBxglcrDKpoutJFHXiNBrUBsDDAmQnfZSvJwutD/hxpXoY7uLQ==;
 31:8hVh434OzLeNXbHo3cDv7o1X+8HB2kDfZCr/uM/aUICycrQHyqZxm0mTGtI7V+D7cDCieiv29qRNtbPshzIUOLTsgCjcroDSqzHkE5O92aZzCizsfHhQcBaruufZvS13gVY1qbnR6cPCPfOdd0F3ytn4YDXiDx7oEWHENKp57VqNtnFgRY7dPLtOTZS469jRj2DnjUdsOP7T5117SSrGbig3JDSPGjJfWdZJ0Ws98Sc=
X-MS-TrafficTypeDiagnostic: CY4PR12MB1509:
X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509;
 20:mbLldfiaLMQOzYgh4/lnTHOILFG8qWzlyYpOr2S/US5iUDzsArD3TylW/UcDZowN1kURrMKW2Pt+Q9ox8X2iGFbtPNtdeovOaLqOuQBJ6dL5uSSkXaUuEB2+08G8GALd4co3mtqnvcS6KkcEXYlwSatVohYb8nvcoQfcXn+p8eC7iA9TZnc0/ZJYoIkelGw94X/VZan5S0Rf3Yxagi2uHJWi0wViadLyvKFUDVdz4IvAXUtwDVCF4X8gcE9sBvLrzE5gj1X0k+djeQZoGGbAGvbkx7mbyxsewcdgdaVanAmc20gPQs7shGRBnVT/FMAf6ynljCGiJeeuX/A3Ur6kV6M12d63snNSfPiDcxUNlnuJvzdviYR7p45CjUPCGrHDXURFkksI2IvA832VVt2SyvEc8PIgHf5a6um8o5Ol3eCmzSkDnf2W7Wu6djQL4M/KhdzUK5tB6/wSCd/SCQPkjIuhD3zGT5HTkQo9jmR6Y/WWFRQFKMCwsH1qEgar6h+Y;
 4:d985Me6p1NYE/heDvSR9gjkEI0JG81a/igovKlGqp6WabPBl6FKnW+0KGFnckVlDCkut797GMJR/2gJzSX3ru7Pz7SRlAAP8SsoMX0hpDpiBjmm4bEAWgNSgk70hcO2Vxwt5LFYI1KKV2PiGsRkRLigObioOKhaGMNZmzGs2aZ1ONC4afr0jsHfJ3qdkaiEjqw6OTBrZXwbCWHzPaKV91MVWO7sx9vCHK0qbWZgoIA9YXTjQydxRHBdRyVAjYvX+0rYXiKPDJORFup9fa/7phxPbAiLi7GrM3D4ZAfD+G1dF9wYREjPkwtFU3nuZ4CxJ
X-Microsoft-Antispam-PRVS: <CY4PR12MB1509628758B88EF99CFD0C74AE110@CY4PR12MB1509.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(767451399110);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0;
 RULEID:(6040470)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(3231023)(944501119)(6055026)(6041268)(20161123562045)(20161123558120)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011);
 SRVR:CY4PR12MB1509; BCL:0; PCL:0; RULEID:(100000803101)(100110400095);
 SRVR:CY4PR12MB1509; 
X-Forefront-PRVS: 0548586081
X-Forefront-Antispam-Report: SFV:NSPM;
 SFS:(10009020)(366004)(39860400002)(396003)(346002)(376002)(39380400002)(189003)(199004)(25786009)(8676002)(81166006)(47776003)(48376002)(6666003)(2950100002)(81156014)(6916009)(66066001)(50226002)(68736007)(36756003)(8936002)(16586007)(72206003)(50466002)(16526018)(316002)(53936002)(478600001)(5660300001)(86362001)(575784001)(4326008)(386003)(2361001)(2351001)(6486002)(53416004)(97736004)(51416003)(76176011)(106356001)(105586002)(7736002)(6116002)(3846002)(2906002)(59450400001)(305945005)(7696005)(52116002);
 DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR12MB1509; H:wallaby-smavila.amd.com; FPR:;
 SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; 
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY4PR12MB1509;
 23:GqTTqZQ39UYfG9cvZoWWPw5lHkbAmJSuEiMk2fMAC?=
 =?us-ascii?Q?U/5f0FN0p+1oj7t6o73se7oyjX0BUrk6Gg6ELyYX8YhTaP1wpkqf1khklqY/?=
 =?us-ascii?Q?WXY6mvWLi61F1bWuGLnRpvjlqJ3edlC4VnGg/TUFaKK48Y7LaaWaYaKYXl+r?=
 =?us-ascii?Q?W8hFbiqR58uk9IM7OsuWDI0V7p9R7jqho4HYGkK5jL0St+nRvZq8/MVjyTcV?=
 =?us-ascii?Q?tDvWJ0o/AWlppucKmPsR4B0z7b9WAX1w88p6B78szmwC1YwAiHRVjQwdIdvw?=
 =?us-ascii?Q?THJYjUIOHbcsADj6bXruRhbZryuf7kF/XLlaU+EbPhUCxEZqNr7OhkJYoheY?=
 =?us-ascii?Q?m10h4VZ0RdDD5+5e+Lg+aYw0YzGNZevqMC8Synt0KL7oAnBBBafUns1sk28I?=
 =?us-ascii?Q?FNJapreBc7d5mIzIuieWa+l0ixyd04GXu3KRVoUPWfG0Lf2Gp6b+xnREOjW1?=
 =?us-ascii?Q?62m06EGxjG7kAcKiIXDoT3hrIRqihsKJLROExbds3gjcL/dtaD4I12sCUF/t?=
 =?us-ascii?Q?Re38S74zYyVAMY7e2OE0a3ze5tQDM+Je9EMST/pG4yynkqWlvgJ+Jja8LWTE?=
 =?us-ascii?Q?l+TToXg2HWHwjDMIDqUQYLiJ7wyp2B2yrzi1XK4WCQ19x/6/7A1pILIaXG9p?=
 =?us-ascii?Q?NixHmQar99rYHqaih6M8pOueWBL7enPIl91j19iTsobYiG6CvRyR+ootb7Yw?=
 =?us-ascii?Q?2/H0wFqrzaTXkwgUvSA19jtbUx2jWpq7EWO2xCz5ggQyLvNYvi+6aU898QPX?=
 =?us-ascii?Q?4u+nvZ7C7puOj++z+EOHRtQVSuEBbyJvitIy+3LNFwG8bhkXPA673P9enlNr?=
 =?us-ascii?Q?28FsSNcwJnq5ybL12ucu4VQ4rTzU8mUJXz+nSr8b7wiXvCxubZxMpOqNp1Ey?=
 =?us-ascii?Q?Q+MNlEZ1baz2nb/Y86vQL/Jn6Pxqs1DZWGA6YTX5jQIhPBvtFqiGF+5lQJOF?=
 =?us-ascii?Q?186fFOkpMQfKLuH/CTc+xrnofGNIToZb4uaeWxlcHJHD9JH3bRadr9XE19lA?=
 =?us-ascii?Q?Qo5fuU9FFwfkWI64fOA6mrYuuzinsXCa5fl9W9NvCEJGyOZBAd4IBVDXGzn5?=
 =?us-ascii?Q?H+19NqBDJW/V41DL/8L6FsWv2O3bmS0fOimUzbY+v5gGzHzAL7HeWaiL82k5?=
 =?us-ascii?Q?BtpgSt2c/aJJO+fhSQwKu8ZiqlX7pEXBBP0bPsQOSSJonVtJ6lCFKJg+RabA?=
 =?us-ascii?Q?wRYW5ehsjRZlYA=3D?=
X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509;
 6:iQFRr4XSk2yTCrWCrneuAff1aKHl558EHpvsmkYHIg2tAx6dsyBuLBXOg/pdQtucoQPyMo90WKP6aTMH3cwQaVLdCORzetM7ZdkuL9IHJfbgXfmV6gHq/r0FrXSynBRXqr65oEh2p0fHM6UBoiFNqqCDVY8q7ROFRb6qpWlZB1SHUXNpArRL0rqkGtxrTN89qNbjO2FMAKwo3BYxLqHT/ep5e+a1LnPzUKnEfeyGXDvS2S9131ecsi4eayxkmffz8HKWFbgehd2w61iwLMRdMENymyHWxjiXC3rVEAEq6FPN6krkRbQlw57G4wNuFHfmhkcDjhfmv9bbwbkzo3oXzFAZgJGJ5/8t07tT3/Bd3HU=;
 5:5alPJOc6uHLDKCU0V/w7K3U3KfiDzUFrKCt6orkAIhTpMsDR07Nr7KKJ/CgubyUGTQub7Ilk9n4fwYroQ27wg/rtbWcYNMHOBjPif6SzJkURcoH3JJq1hK9eHcw25vB/lVc3e2XZA7v6ihbEk7PAZK7JPjanJ2ZmYl6N3aDRkVI=;
 24:Lhz0DIy59dFc98WHbc0YwPxqpue5NLm/WK8YR2KmmLgaH6CLyuX7pqBVG+GUlt5wZC578WeQZ4ccHvc+S/b3WeGv2udKFH19Az+ED+ttQCk=;
 7:8jdNHfKhggxsbX8MqBtMPSxoIHGG1y5C1Dl5TuMRhf2rKWAFafORsDXQbIQwe04jceadfzfJ71j9TCH3ZCkxkoQ8388Ws1lmLxeJAAPkm+IO90W2OaWKKJez49CT477dMgSwNlrSchNhM3HRe2vUb48oKB5vXbC0gUDrFbMMd/tG7vMCxXwlMoACQX7WErs7mXaPa+E7QlDLWWgxsccdkwhEPdkVttX9qekZJs0FjIfzIa0Dm4yMCmnFh8GuNjaK
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509;
 20:XiYjkE0elOmT/0PenBfLtGL1LFbZvCnavsPsMwygFllfKEGwuknpXh1vjg2TEsYeQWUpz0k8t+wiZssTYon02L9y2F0yYF1cKXjTzBj1ZED4lFIE3GDtSpQp1QYSBOpdfaVS1nngeCFUfGiuA9lFjrLCQ8/XmlsL01afDTG3GjW/kb2aMZd34cR18BHdFZXrq4lZBompmZjMUlb+w7gH8OzQdWN0M1mrZrUKPHNlJf0UQXXLWjGZpKow2WSZztNf
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Jan 2018 09:43:40.7092 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: efcac5d0-4fa8-47fd-11ad-08d5580ea22b
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1509
Subject: [dpdk-dev] [PATCH v3 14/19] crypto/ccp: support sha1 authentication
	algo
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jan 2018 09:43:43 -0000

Signed-off-by: Ravi Kumar <Ravi1.kumar@amd.com>
---
 drivers/crypto/ccp/ccp_crypto.c  | 367 +++++++++++++++++++++++++++++++++++++++
 drivers/crypto/ccp/ccp_crypto.h  |  23 +++
 drivers/crypto/ccp/ccp_pmd_ops.c |  42 +++++
 3 files changed, 432 insertions(+)

diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c
index 4ced193..ace6bc2 100644
--- a/drivers/crypto/ccp/ccp_crypto.c
+++ b/drivers/crypto/ccp/ccp_crypto.c
@@ -36,6 +36,7 @@
 #include <sys/queue.h>
 #include <sys/types.h>
 #include <unistd.h>
+#include <openssl/sha.h>
 #include <openssl/cmac.h> /*sub key apis*/
 #include <openssl/evp.h> /*sub key apis*/
 
@@ -52,6 +53,14 @@
 #include "ccp_pci.h"
 #include "ccp_pmd_private.h"
 
+/* SHA initial context values */
+static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = {
+	SHA1_H4, SHA1_H3,
+	SHA1_H2, SHA1_H1,
+	SHA1_H0, 0x0U,
+	0x0U, 0x0U,
+};
+
 static enum ccp_cmd_order
 ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform)
 {
@@ -76,6 +85,59 @@ ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform)
 	return res;
 }
 
+/* partial hash using openssl */
+static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out)
+{
+	SHA_CTX ctx;
+
+	if (!SHA1_Init(&ctx))
+		return -EFAULT;
+	SHA1_Transform(&ctx, data_in);
+	rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH);
+	return 0;
+}
+
+static int generate_partial_hash(struct ccp_session *sess)
+{
+
+	uint8_t ipad[sess->auth.block_size];
+	uint8_t	opad[sess->auth.block_size];
+	uint8_t *ipad_t, *opad_t;
+	uint32_t *hash_value_be32, hash_temp32[8];
+	int i, count;
+
+	opad_t = ipad_t = (uint8_t *)sess->auth.key;
+
+	hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute);
+
+	/* considering key size is always equal to block size of algorithm */
+	for (i = 0; i < sess->auth.block_size; i++) {
+		ipad[i] = (ipad_t[i] ^ HMAC_IPAD_VALUE);
+		opad[i] = (opad_t[i] ^ HMAC_OPAD_VALUE);
+	}
+
+	switch (sess->auth.algo) {
+	case CCP_AUTH_ALGO_SHA1_HMAC:
+		count = SHA1_DIGEST_SIZE >> 2;
+
+		if (partial_hash_sha1(ipad, (uint8_t *)hash_temp32))
+			return -1;
+		for (i = 0; i < count; i++, hash_value_be32++)
+			*hash_value_be32 = hash_temp32[count - 1 - i];
+
+		hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute
+					       + sess->auth.ctx_len);
+		if (partial_hash_sha1(opad, (uint8_t *)hash_temp32))
+			return -1;
+		for (i = 0; i < count; i++, hash_value_be32++)
+			*hash_value_be32 = hash_temp32[count - 1 - i];
+		return 0;
+	default:
+		CCP_LOG_ERR("Invalid auth algo");
+		return -1;
+	}
+}
+
 /* prepare temporary keys K1 and K2 */
 static void prepare_key(unsigned char *k, unsigned char *l, int bl)
 {
@@ -260,6 +322,31 @@ ccp_configure_session_auth(struct ccp_session *sess,
 	else
 		sess->auth.op = CCP_AUTH_OP_VERIFY;
 	switch (auth_xform->algo) {
+	case RTE_CRYPTO_AUTH_SHA1:
+		sess->auth.engine = CCP_ENGINE_SHA;
+		sess->auth.algo = CCP_AUTH_ALGO_SHA1;
+		sess->auth.ut.sha_type = CCP_SHA_TYPE_1;
+		sess->auth.ctx = (void *)ccp_sha1_init;
+		sess->auth.ctx_len = CCP_SB_BYTES;
+		sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE;
+		break;
+	case RTE_CRYPTO_AUTH_SHA1_HMAC:
+		if (auth_xform->key.length > SHA1_BLOCK_SIZE)
+			return -1;
+		sess->auth.engine = CCP_ENGINE_SHA;
+		sess->auth.algo = CCP_AUTH_ALGO_SHA1_HMAC;
+		sess->auth.ut.sha_type = CCP_SHA_TYPE_1;
+		sess->auth.ctx_len = CCP_SB_BYTES;
+		sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE;
+		sess->auth.block_size = SHA1_BLOCK_SIZE;
+		sess->auth.key_length = auth_xform->key.length;
+		memset(sess->auth.key, 0, sess->auth.block_size);
+		memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1);
+		rte_memcpy(sess->auth.key, auth_xform->key.data,
+			   auth_xform->key.length);
+		if (generate_partial_hash(sess))
+			return -1;
+		break;
 	case RTE_CRYPTO_AUTH_AES_CMAC:
 		sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC;
 		sess->auth.engine = CCP_ENGINE_AES;
@@ -453,6 +540,13 @@ ccp_auth_slot(struct ccp_session *session)
 	int count = 0;
 
 	switch (session->auth.algo) {
+	case CCP_AUTH_ALGO_SHA1:
+		count = 3;
+		/**< op + lsb passthrough cpy to/from*/
+		break;
+	case CCP_AUTH_ALGO_SHA1_HMAC:
+		count = 6;
+		break;
 	case CCP_AUTH_ALGO_AES_CMAC:
 		count = 4;
 		/**
@@ -578,6 +672,271 @@ ccp_perform_passthru(struct ccp_passthru *pst,
 }
 
 static int
+ccp_perform_hmac(struct rte_crypto_op *op,
+		 struct ccp_queue *cmd_q)
+{
+
+	struct ccp_session *session;
+	union ccp_function function;
+	struct ccp_desc *desc;
+	uint32_t tail;
+	phys_addr_t src_addr, dest_addr, dest_addr_t;
+	struct ccp_passthru pst;
+	uint64_t auth_msg_bits;
+	void *append_ptr;
+	uint8_t *addr;
+
+	session = (struct ccp_session *)get_session_private_data(
+					 op->sym->session,
+					 ccp_cryptodev_driver_id);
+	addr = session->auth.pre_compute;
+
+	src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src,
+					      op->sym->auth.data.offset);
+	append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src,
+						session->auth.ctx_len);
+	dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr);
+	dest_addr_t = dest_addr;
+
+	/** Load PHash1 to LSB*/
+	pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr);
+	pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES);
+	pst.len = session->auth.ctx_len;
+	pst.dir = 1;
+	pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
+	pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP;
+	ccp_perform_passthru(&pst, cmd_q);
+
+	/**sha engine command descriptor for IntermediateHash*/
+
+	desc = &cmd_q->qbase_desc[cmd_q->qidx];
+	memset(desc, 0, Q_DESC_SIZE);
+
+	CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA;
+
+	CCP_CMD_SOC(desc) = 0;
+	CCP_CMD_IOC(desc) = 0;
+	CCP_CMD_INIT(desc) = 1;
+	CCP_CMD_EOM(desc) = 1;
+	CCP_CMD_PROT(desc) = 0;
+
+	function.raw = 0;
+	CCP_SHA_TYPE(&function) = session->auth.ut.sha_type;
+	CCP_CMD_FUNCTION(desc) = function.raw;
+
+	CCP_CMD_LEN(desc) = op->sym->auth.data.length;
+	auth_msg_bits = (op->sym->auth.data.length +
+			 session->auth.block_size)  * 8;
+
+	CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr);
+	CCP_CMD_SRC_HI(desc) = high32_value(src_addr);
+	CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM;
+
+	CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha;
+	CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits);
+	CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits);
+
+	cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE;
+
+	rte_wmb();
+
+	tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE);
+	CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail);
+	CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE,
+		      cmd_q->qcontrol | CMD_Q_RUN);
+
+	/* Intermediate Hash value retrieve */
+	if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) ||
+	    (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) {
+
+		pst.src_addr =
+			(phys_addr_t)((cmd_q->sb_sha + 1) * CCP_SB_BYTES);
+		pst.dest_addr = dest_addr_t;
+		pst.len = CCP_SB_BYTES;
+		pst.dir = 0;
+		pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
+		pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT;
+		ccp_perform_passthru(&pst, cmd_q);
+
+		pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES);
+		pst.dest_addr = dest_addr_t + CCP_SB_BYTES;
+		pst.len = CCP_SB_BYTES;
+		pst.dir = 0;
+		pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
+		pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT;
+		ccp_perform_passthru(&pst, cmd_q);
+
+	} else {
+		pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES);
+		pst.dest_addr = dest_addr_t;
+		pst.len = session->auth.ctx_len;
+		pst.dir = 0;
+		pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
+		pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT;
+		ccp_perform_passthru(&pst, cmd_q);
+
+	}
+
+	/** Load PHash2 to LSB*/
+	addr += session->auth.ctx_len;
+	pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr);
+	pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES);
+	pst.len = session->auth.ctx_len;
+	pst.dir = 1;
+	pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
+	pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP;
+	ccp_perform_passthru(&pst, cmd_q);
+
+	/**sha engine command descriptor for FinalHash*/
+	dest_addr_t += session->auth.offset;
+
+	desc = &cmd_q->qbase_desc[cmd_q->qidx];
+	memset(desc, 0, Q_DESC_SIZE);
+
+	CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA;
+
+	CCP_CMD_SOC(desc) = 0;
+	CCP_CMD_IOC(desc) = 0;
+	CCP_CMD_INIT(desc) = 1;
+	CCP_CMD_EOM(desc) = 1;
+	CCP_CMD_PROT(desc) = 0;
+
+	function.raw = 0;
+	CCP_SHA_TYPE(&function) = session->auth.ut.sha_type;
+	CCP_CMD_FUNCTION(desc) = function.raw;
+
+	CCP_CMD_LEN(desc) = (session->auth.ctx_len -
+			     session->auth.offset);
+	auth_msg_bits = (session->auth.block_size +
+			 session->auth.ctx_len -
+			 session->auth.offset) * 8;
+
+	CCP_CMD_SRC_LO(desc) = (uint32_t)(dest_addr_t);
+	CCP_CMD_SRC_HI(desc) = high32_value(dest_addr_t);
+	CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM;
+
+	CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha;
+	CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits);
+	CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits);
+
+	cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE;
+
+	rte_wmb();
+
+	tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE);
+	CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail);
+	CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE,
+		      cmd_q->qcontrol | CMD_Q_RUN);
+
+	/* Retrieve hmac output */
+	pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES);
+	pst.dest_addr = dest_addr;
+	pst.len = session->auth.ctx_len;
+	pst.dir = 0;
+	pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
+	if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) ||
+	    (session->auth.ut.sha_type == CCP_SHA_TYPE_512))
+		pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP;
+	else
+		pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT;
+	ccp_perform_passthru(&pst, cmd_q);
+
+	op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
+	return 0;
+
+}
+
+static int
+ccp_perform_sha(struct rte_crypto_op *op,
+		struct ccp_queue *cmd_q)
+{
+	struct ccp_session *session;
+	union ccp_function function;
+	struct ccp_desc *desc;
+	uint32_t tail;
+	phys_addr_t src_addr, dest_addr;
+	struct ccp_passthru pst;
+	void *append_ptr;
+	uint64_t auth_msg_bits;
+
+	session = (struct ccp_session *)get_session_private_data(
+					 op->sym->session,
+					ccp_cryptodev_driver_id);
+
+	src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src,
+					      op->sym->auth.data.offset);
+
+	append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src,
+						session->auth.ctx_len);
+	dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr);
+
+	/** Passthru sha context*/
+
+	pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)
+						     session->auth.ctx);
+	pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES);
+	pst.len = session->auth.ctx_len;
+	pst.dir = 1;
+	pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
+	pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP;
+	ccp_perform_passthru(&pst, cmd_q);
+
+	/**prepare sha command descriptor*/
+
+	desc = &cmd_q->qbase_desc[cmd_q->qidx];
+	memset(desc, 0, Q_DESC_SIZE);
+
+	CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA;
+
+	CCP_CMD_SOC(desc) = 0;
+	CCP_CMD_IOC(desc) = 0;
+	CCP_CMD_INIT(desc) = 1;
+	CCP_CMD_EOM(desc) = 1;
+	CCP_CMD_PROT(desc) = 0;
+
+	function.raw = 0;
+	CCP_SHA_TYPE(&function) = session->auth.ut.sha_type;
+	CCP_CMD_FUNCTION(desc) = function.raw;
+
+	CCP_CMD_LEN(desc) = op->sym->auth.data.length;
+	auth_msg_bits = op->sym->auth.data.length * 8;
+
+	CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr);
+	CCP_CMD_SRC_HI(desc) = high32_value(src_addr);
+	CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM;
+
+	CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha;
+	CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits);
+	CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits);
+
+	cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE;
+
+	rte_wmb();
+
+	tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE);
+	CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail);
+	CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE,
+		      cmd_q->qcontrol | CMD_Q_RUN);
+
+	/* Hash value retrieve */
+	pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES);
+	pst.dest_addr = dest_addr;
+	pst.len = session->auth.ctx_len;
+	pst.dir = 0;
+	pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP;
+	if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) ||
+	    (session->auth.ut.sha_type == CCP_SHA_TYPE_512))
+		pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP;
+	else
+		pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT;
+	ccp_perform_passthru(&pst, cmd_q);
+
+	op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
+	return 0;
+
+}
+
+static int
 ccp_perform_aes_cmac(struct rte_crypto_op *op,
 		     struct ccp_queue *cmd_q)
 {
@@ -1148,6 +1507,14 @@ ccp_crypto_auth(struct rte_crypto_op *op,
 					ccp_cryptodev_driver_id);
 
 	switch (session->auth.algo) {
+	case CCP_AUTH_ALGO_SHA1:
+		result = ccp_perform_sha(op, cmd_q);
+		b_info->desccnt += 3;
+		break;
+	case CCP_AUTH_ALGO_SHA1_HMAC:
+		result = ccp_perform_hmac(op, cmd_q);
+		b_info->desccnt += 6;
+		break;
 	case CCP_AUTH_ALGO_AES_CMAC:
 		result = ccp_perform_aes_cmac(op, cmd_q);
 		b_info->desccnt += 4;
diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h
index d528ec9..42179de 100644
--- a/drivers/crypto/ccp/ccp_crypto.h
+++ b/drivers/crypto/ccp/ccp_crypto.h
@@ -60,9 +60,32 @@
 #define	CCP_DES_ENCRYPT(p)	((p)->des.encrypt)
 #define	CCP_DES_MODE(p)		((p)->des.mode)
 #define	CCP_DES_TYPE(p)		((p)->des.type)
+#define	CCP_SHA_TYPE(p)		((p)->sha.type)
 #define	CCP_PT_BYTESWAP(p)	((p)->pt.byteswap)
 #define	CCP_PT_BITWISE(p)	((p)->pt.bitwise)
 
+/* HMAC */
+#define HMAC_IPAD_VALUE 0x36
+#define HMAC_OPAD_VALUE 0x5c
+
+#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH
+#define MD5_DIGEST_SIZE         16
+#define MD5_BLOCK_SIZE          64
+#endif
+
+/* SHA */
+#define SHA_COMMON_DIGEST_SIZE	32
+#define SHA1_DIGEST_SIZE        20
+#define SHA1_BLOCK_SIZE         64
+
+/* SHA LSB intialiazation values */
+
+#define SHA1_H0		0x67452301UL
+#define SHA1_H1		0xefcdab89UL
+#define SHA1_H2		0x98badcfeUL
+#define SHA1_H3		0x10325476UL
+#define SHA1_H4		0xc3d2e1f0UL
+
 /**
  * CCP supported AES modes
  */
diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c
index 24f577a..6adef1c 100644
--- a/drivers/crypto/ccp/ccp_pmd_ops.c
+++ b/drivers/crypto/ccp/ccp_pmd_ops.c
@@ -39,6 +39,48 @@
 #include "ccp_crypto.h"
 
 static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = {
+	{	/* SHA1 */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				 .algo = RTE_CRYPTO_AUTH_SHA1,
+				 .block_size = 64,
+				 .key_size = {
+					 .min = 0,
+					 .max = 0,
+					 .increment = 0
+				 },
+				 .digest_size = {
+					 .min = 20,
+					 .max = 20,
+					 .increment = 0
+				 },
+				 .aad_size = { 0 }
+			 }, }
+		}, }
+	},
+	{	/* SHA1 HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+				 .block_size = 64,
+				 .key_size = {
+					 .min = 1,
+					 .max = 64,
+					 .increment = 1
+				 },
+				 .digest_size = {
+					 .min = 20,
+					 .max = 20,
+					 .increment = 0
+				 },
+				 .aad_size = { 0 }
+			 }, }
+		}, }
+	},
 	{	/*AES-CMAC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
-- 
2.7.4