From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0077.outbound.protection.outlook.com [104.47.42.77]) by dpdk.org (Postfix) with ESMTP id DC8C11B22D for ; Wed, 10 Jan 2018 10:43:44 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=LkTRW+zPKLszUQXan5HYtWdakjD5DU0wlg1NvfYagmA=; b=SA8wDW+2aMOFuT3wYxIX89qPuji5C9IqDY0DT2wbByVAoUiScF3fRbWnGp4Bju+WbORY8sKBA/dkSGgKV6tgZmLh/PZDnuQcbhiqoE+uDQgrYWnheUmBjxuJkVtK4CSvFi6iZfN/yzkHwTVDvAfbMSLV0+ngxgf9WTut8bgD58E= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by CY4PR12MB1509.namprd12.prod.outlook.com (10.172.68.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.386.5; Wed, 10 Jan 2018 09:43:42 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com Date: Wed, 10 Jan 2018 04:42:55 -0500 Message-Id: <1515577379-18453-15-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com> References: <1515145198-97367-1-git-send-email-Ravi1.kumar@amd.com> <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: MAXPR0101CA0024.INDPRD01.PROD.OUTLOOK.COM (10.174.62.34) To CY4PR12MB1509.namprd12.prod.outlook.com (10.172.68.22) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: ef449007-410d-4a03-a558-08d5580ea301 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020049)(4652020)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:CY4PR12MB1509; X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509; 3:ToyLJQfJqO+cMWnq9ZoBsspHDHEDXM/vOTI7XVrdPV15W+zRiAknbr6d3TO0a3RIKSgKNKDuSaOY193/Jab+LDHAeZTi0b8Q7DBFDHRmVysJczdxa58BJ7iYhtSVOZTlZ58M2HRXEFRxwr9UuP1MOIpY2j/1/LM09vqT5imGZRoq8jH8H0l7Ci8sf2YrgRifF7VpuVnLt5Qd7ZNS0XSRiNsA+z4B0+k4jsslENggHhCVLejHPUlMDo+bVHWMRgZE; 25:t1QAvR25x7NLuN7zQpn657Jd6FQpXQArLckF3iE+UI9NoSiMB9kuhFo2vVuBGY6Iw0BgUTCM/VlYdFYWxn/W1cx7d4vEIhmysTHpZ8OJJ5hpw+hH40PdkPnOGSXbK7uVu0EHPB1hnw1GecOpLcVMDvwMu2dAwPDQKnxSRdrSd1aJ0mJHNyLUQCMkyaKfAh96yUwIejUMfj33duo+OX9Pc6auTNSFKD2U6QHqmxGRO/vfxGRGqMd311/rbq38abMOjG5AOcV1Vz5SEq+Xyib88fc6j4G/JuLG4jWZqHpduRx3Ji6wvPPamxlesp2WySwehsPdBipv6x2zva/2W0RNJQ==; 31:32wzUCUwQcYZ0OVWlGTufJExR+NCJz7zTzQBs64gokCsVbhKQ+VM4oHohAkSZ+P/TOIANxPIusVCmqWMSpWfnL5P2CQmck0vJR0/okoO2/Nlx7hroTb/+DHjF5GR4K03Z44qzRk7GIi1aih3S45Y6dNPsxmpL74BIyh5OgI049GiIZcPg/uMGkrWkJhRkoQ20NAcqKoJpxfbGB+S2wDAHmlLbM7Z6IRNLOZeOqZoJpM= X-MS-TrafficTypeDiagnostic: CY4PR12MB1509: X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509; 20:QKURG9nM2GizKs8GHsmLyMG1q0LmRFeKWxUCKQdXe31dLKyMCQIpZSSMm9ADsa68xlhoYnpzkumEjWfyA04deudtDcR9fvV+ZfJvFx6NxODKSJZaC04UQ2hHs+MIc9t53Ws9H+Q/gibxpYEcLDoSnzE0IzlY72pPaYbVGe0cTLS6AWNlpHJnLco96k364sYnWtZTcAKTYmM3WjNOKgf5IY/zwF+AR1SbG0CvRA9juLJ6hjNusC98P2Vn+kwMZlhL2TnAHwTAGoR1c3K3s4zvLYNbogbXqDKF+jizA8ylZiHgQfrduqbA8+1O1luqFIq6tkMGxd8ZYFC/SvUxFt1RvqnHFM2VXCfhawmUQpd3Rqv8SqL6IL3m1a+vVjlQOX4x/ob8wC+c8VPVRjmD5L11gtzOWQ6zloXukRxA2hAXup/virZlSV3Z+8iFRYiVkeaUKOHZQjZU4UdTBYJeQmgm3kNc+LalESDyEzaAO+CiFq0APHbAWnJPpnDo/2Cmr07f; 4:Gxr/f+qI4rA7zffhUBAA3rTI2sDpzq754uFb345mpudbnAfoRO90NL8uxFbtWn1+kBQ7PTgC3c+ek7qVwjo1M1WXVsPbFsllPbv2Y3+9jq3x29qTRurPqzYpFxIGf5WjGOmzx+YfECzGtH5TaaV0TBoBM2k3CyRI6alWNYRDGRW2EvKproQKmOUbSAmCfUWpye06KMNigL+aMqe9X1yHUnTYUvtnpiJvj620AdUqyISYXh7Y3rumLCuBZkwKp3KksslYYBb4kBpxO6c0Kpfhl1vuG+KK1F3rCCulbN9cP5GhYkGoX0C/OTrlU3tp7SId X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(3231023)(944501119)(6055026)(6041268)(20161123562045)(20161123558120)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:CY4PR12MB1509; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:CY4PR12MB1509; X-Forefront-PRVS: 0548586081 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(366004)(39860400002)(396003)(346002)(376002)(39380400002)(189003)(199004)(25786009)(8676002)(81166006)(47776003)(48376002)(6666003)(2950100002)(81156014)(6916009)(66066001)(50226002)(68736007)(36756003)(8936002)(16586007)(72206003)(50466002)(16526018)(316002)(53936002)(478600001)(5660300001)(86362001)(575784001)(4326008)(386003)(2361001)(2351001)(6486002)(53416004)(97736004)(51416003)(76176011)(106356001)(105586002)(7736002)(6116002)(3846002)(2906002)(59450400001)(305945005)(7696005)(52116002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR12MB1509; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY4PR12MB1509; 23:yIFeul/O8S9+hT4MLUhrgcxXZn7XWv8XME4mBSvPy?= =?us-ascii?Q?0F4EM5JBNdvQ9Hc7nJ8QBUhZZdYRoJlXx0BBn7HhOzNYHEaTQ5HYzJNK5gHX?= =?us-ascii?Q?JBgG2me5d/3BCscTcZBSYYH3ZXAX2zj/GmZGolQcM9I4v8v2iKwLwANTW4+W?= =?us-ascii?Q?XhXRwyS0fd4V8+XA+X3mIw6sxdnKomfpP88cDGi4zr5zizuDoYq4HjyLmoX8?= =?us-ascii?Q?muYkENhe6/WMlDKigrgkS41yeaV20mKqz/LKeWv0/yeKaTej+X/VIfbpC+4N?= =?us-ascii?Q?KTPlfzpx9wq62A6b0xamEivhV4uKobl3leIDGi5+13d74R0su2hB8WCFDQz+?= =?us-ascii?Q?MZ7zSdQEz8dIf17vRq24FZavonHvT8D8kfz+o5LYX8E0pfhoa6nZlgPvyOyV?= =?us-ascii?Q?U2MqNTV5rHWfwgCdvkYva94v9brhB84wbCnXiKbIoJmnIeVZg/vK0/ab0P+I?= =?us-ascii?Q?nGKIztqxZE6plvoTmNxHEmhWOhebt6S1biF4SOB2GfpJ6aa830H+vd0XYF+J?= =?us-ascii?Q?qHwsGzjqoeUjBzj2gw4vtC38OfXEHPrhoMX2ecLwyx/qpQCpuCajgBS6bWNS?= =?us-ascii?Q?PttiEqsotBR0sCeYrmkNg2mbzt0cQBeOGD8ie0TJngxS8MS8MmTKCKWQryMO?= =?us-ascii?Q?b04USYV1b2frgA/F9iYuiAw0J2iCRx516bI+DSodm1se5o2b9BLzHAAewG0w?= =?us-ascii?Q?I+mJFGE1OfIDg1RGa91wwIN5luHxVQYVSf0PO/1btu7MEV1Ug6bvUqjVxDmX?= =?us-ascii?Q?cUH326YfsD5PB5BDS+9L9QAeaRhWFiwBCcn4//mqGBopOFWgQ6svdhm4msqG?= =?us-ascii?Q?5njQ6iPzqbKEzYHGVr6pkywqZr0dulA5IatpzinDaVnF0IGwQKi70W2sR7sB?= =?us-ascii?Q?XwCwXwG3dUQwiYoUSpchiPjih9pDTzZheJ3EGiBByxqMq/aG1i0LTzPzjVYg?= =?us-ascii?Q?iLfX68swJnfIwehEhvdALzRNoQm9hlY3BYtW7+GRZoonVsMwUI4q8NWX8/Jh?= =?us-ascii?Q?hEEXm+QeY5FfM58ivlEs8T5k5q8CKXL6iikdYip6SfTduD4dxUstfgG88aoT?= =?us-ascii?Q?1QOvWTI/ULQsNLQyHehwYKebbmPHGczwFzr4cjFC1AsjsEvRzzb/NA6lGWhU?= =?us-ascii?Q?K4ESjtSzk0fN5a+i5ZSmAN8ciovvLlgpqHRInhuc5HAhp4Q1aGA8MitQZ2BH?= =?us-ascii?Q?yTsswkXr3mQMqY=3D?= X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509; 6:RkgdgSGJrjNUALFkadUHh2YEOPO9kAcDp8ihvTw03zmLfU2A8K0Pr4t17/WJTCdUhhOrkq2YKGdoScKcC2CVL0DfHWYKNKsD2gl8hWZ9ilTt19/JzL8Br9/jlmWH2w5+nve4cCCf8ZW4lE565FiMWzLyajJt418MTRJvKvkuWIcJKyzGJKQl2S+wIrGpaqAV2oqT+B1VfzxsusJvAJHPjeo60ab1lifh5LuI9HccFtCYN56Z82yaBjY4p7Q1vCcL4zhszASoDNzi/aMW5/Iint9d6vcAxDpRLdNiBS24qRO/SSaC/FTAXSIrfi0THHnZqq5vg6YQCm9UKuhbuHONYl7UQ5ypWwK6L3ZvzhjAtBU=; 5:QfL4Lh24maAI6S4xDaYiJBOCCE9qutoeGrDdiRH/iUHLqdYJAuCZZrndiv1BohF5EaUxyN5y7t/ZIplwW/nIfjxMe/LWW2LLM9td7tTbi4vXUnhs4M0+5LjAGDR1Qt/ID+dTkI3wjqnTcsUybkvIMgveiVZ2b+qraQqvpLT6bDE=; 24:VxAw+43E4pZoRoj3ld1FxWUc+OjjVqEwGx4dQBP+JUReE0Dp0IS6TdC68v7DhCN6ULPwVPJewfq9cyZScrdv7xZjeTT/qXXkc1l4N84dXx4=; 7:fc8EX+xuaOa/WWXKz87F8bIY7H43atIM7rNlwv142tv45P84e23ow8YmLKNXABe0QP6MIa3fxHq6RFESgW0698+GMcBY8s3xdriHb9AWpAfHlzhWmPo0USe7lN+AqtSMPQ3Nh9voBKp0VuOedE8U2ZNFI8JhWfHI9SmmmGlFZ6ZEAS8vp5KwHloYomldsTwdAP4hHBSvYMLPoZ0FIOQW24y2qnXVYlxv4fmS2Ewy9hEAWjgkcxSIbTdqyFAKs6Xp SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY4PR12MB1509; 20:YuzLVWABwiAVgfq3h05YDc7wGnr+OKvpfd18buY6HZhp049AMRTgOKLSDgOgjRHeUTvYr6nRa1yHi091zwDWIbIRTnnpxlOR2Qq0f1GIybx36HiaYhsXDwqZ+dk6A6zuMro0e829DHnLtAUShMmTXbjmVzkBk/vYNVJRCac7Z5B/8Qfc+jbyODuVVWp/068y+7HDSUbPv3P63NL13szIHPmlaNawuPNlG6IOsiCBGMiZm8/uWIhgcVhdwscQOZIf X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Jan 2018 09:43:42.1154 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ef449007-410d-4a03-a558-08d5580ea301 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1509 Subject: [dpdk-dev] [PATCH v3 15/19] crypto/ccp: support sha2 family authentication algo X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jan 2018 09:43:45 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 270 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 48 +++++++ drivers/crypto/ccp/ccp_pmd_ops.c | 168 ++++++++++++++++++++++++ 3 files changed, 486 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index ace6bc2..31353ed 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -61,6 +61,34 @@ static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { 0x0U, 0x0U, }; +uint32_t ccp_sha224_init[SHA256_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA224_H7, SHA224_H6, + SHA224_H5, SHA224_H4, + SHA224_H3, SHA224_H2, + SHA224_H1, SHA224_H0, +}; + +uint32_t ccp_sha256_init[SHA256_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA256_H7, SHA256_H6, + SHA256_H5, SHA256_H4, + SHA256_H3, SHA256_H2, + SHA256_H1, SHA256_H0, +}; + +uint64_t ccp_sha384_init[SHA512_DIGEST_SIZE / sizeof(uint64_t)] = { + SHA384_H7, SHA384_H6, + SHA384_H5, SHA384_H4, + SHA384_H3, SHA384_H2, + SHA384_H1, SHA384_H0, +}; + +uint64_t ccp_sha512_init[SHA512_DIGEST_SIZE / sizeof(uint64_t)] = { + SHA512_H7, SHA512_H6, + SHA512_H5, SHA512_H4, + SHA512_H3, SHA512_H2, + SHA512_H1, SHA512_H0, +}; + static enum ccp_cmd_order ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) { @@ -97,6 +125,54 @@ static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) return 0; } +static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) +{ + SHA256_CTX ctx; + + if (!SHA224_Init(&ctx)) + return -EFAULT; + SHA256_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA256_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) +{ + SHA256_CTX ctx; + + if (!SHA256_Init(&ctx)) + return -EFAULT; + SHA256_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA256_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) +{ + SHA512_CTX ctx; + + if (!SHA384_Init(&ctx)) + return -EFAULT; + SHA512_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA512_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) +{ + SHA512_CTX ctx; + + if (!SHA512_Init(&ctx)) + return -EFAULT; + SHA512_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA512_DIGEST_LENGTH); + return 0; +} + static int generate_partial_hash(struct ccp_session *sess) { @@ -104,11 +180,13 @@ static int generate_partial_hash(struct ccp_session *sess) uint8_t opad[sess->auth.block_size]; uint8_t *ipad_t, *opad_t; uint32_t *hash_value_be32, hash_temp32[8]; + uint64_t *hash_value_be64, hash_temp64[8]; int i, count; opad_t = ipad_t = (uint8_t *)sess->auth.key; hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute); + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute); /* considering key size is always equal to block size of algorithm */ for (i = 0; i < sess->auth.block_size; i++) { @@ -132,6 +210,66 @@ static int generate_partial_hash(struct ccp_session *sess) for (i = 0; i < count; i++, hash_value_be32++) *hash_value_be32 = hash_temp32[count - 1 - i]; return 0; + case CCP_AUTH_ALGO_SHA224_HMAC: + count = SHA256_DIGEST_SIZE >> 2; + + if (partial_hash_sha224(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha224(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA256_HMAC: + count = SHA256_DIGEST_SIZE >> 2; + + if (partial_hash_sha256(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha256(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA384_HMAC: + count = SHA512_DIGEST_SIZE >> 3; + + if (partial_hash_sha384(ipad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha384(opad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA512_HMAC: + count = SHA512_DIGEST_SIZE >> 3; + + if (partial_hash_sha512(ipad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha512(opad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + return 0; default: CCP_LOG_ERR("Invalid auth algo"); return -1; @@ -347,6 +485,107 @@ ccp_configure_session_auth(struct ccp_session *sess, if (generate_partial_hash(sess)) return -1; break; + case RTE_CRYPTO_AUTH_SHA224: + sess->auth.algo = CCP_AUTH_ALGO_SHA224; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_224; + sess->auth.ctx = (void *)ccp_sha224_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA224_HMAC: + if (auth_xform->key.length > SHA224_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA224_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_224; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; + sess->auth.block_size = SHA224_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA256: + sess->auth.algo = CCP_AUTH_ALGO_SHA256; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_256; + sess->auth.ctx = (void *)ccp_sha256_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA256_HMAC: + if (auth_xform->key.length > SHA256_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA256_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_256; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; + sess->auth.block_size = SHA256_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA384: + sess->auth.algo = CCP_AUTH_ALGO_SHA384; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_384; + sess->auth.ctx = (void *)ccp_sha384_init; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA384_HMAC: + if (auth_xform->key.length > SHA384_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA384_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_384; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; + sess->auth.block_size = SHA384_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA512: + sess->auth.algo = CCP_AUTH_ALGO_SHA512; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_512; + sess->auth.ctx = (void *)ccp_sha512_init; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA512_HMAC: + if (auth_xform->key.length > SHA512_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA512_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_512; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; + sess->auth.block_size = SHA512_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; sess->auth.engine = CCP_ENGINE_AES; @@ -541,12 +780,32 @@ ccp_auth_slot(struct ccp_session *session) switch (session->auth.algo) { case CCP_AUTH_ALGO_SHA1: + case CCP_AUTH_ALGO_SHA224: + case CCP_AUTH_ALGO_SHA256: + case CCP_AUTH_ALGO_SHA384: + case CCP_AUTH_ALGO_SHA512: count = 3; /**< op + lsb passthrough cpy to/from*/ break; case CCP_AUTH_ALGO_SHA1_HMAC: + case CCP_AUTH_ALGO_SHA224_HMAC: + case CCP_AUTH_ALGO_SHA256_HMAC: count = 6; break; + case CCP_AUTH_ALGO_SHA384_HMAC: + case CCP_AUTH_ALGO_SHA512_HMAC: + count = 7; + /** + * 1. Load PHash1 = H(k ^ ipad); to LSB + * 2. generate IHash = H(hash on meassage with PHash1 + * as init values); + * 3. Retrieve IHash 2 slots for 384/512 + * 4. Load Phash2 = H(k ^ opad); to LSB + * 5. generate FHash = H(hash on Ihash with Phash2 + * as init value); + * 6. Retrieve HMAC output from LSB to host memory + */ + break; case CCP_AUTH_ALGO_AES_CMAC: count = 4; /** @@ -1508,13 +1767,24 @@ ccp_crypto_auth(struct rte_crypto_op *op, switch (session->auth.algo) { case CCP_AUTH_ALGO_SHA1: + case CCP_AUTH_ALGO_SHA224: + case CCP_AUTH_ALGO_SHA256: + case CCP_AUTH_ALGO_SHA384: + case CCP_AUTH_ALGO_SHA512: result = ccp_perform_sha(op, cmd_q); b_info->desccnt += 3; break; case CCP_AUTH_ALGO_SHA1_HMAC: + case CCP_AUTH_ALGO_SHA224_HMAC: + case CCP_AUTH_ALGO_SHA256_HMAC: result = ccp_perform_hmac(op, cmd_q); b_info->desccnt += 6; break; + case CCP_AUTH_ALGO_SHA384_HMAC: + case CCP_AUTH_ALGO_SHA512_HMAC: + result = ccp_perform_hmac(op, cmd_q); + b_info->desccnt += 7; + break; case CCP_AUTH_ALGO_AES_CMAC: result = ccp_perform_aes_cmac(op, cmd_q); b_info->desccnt += 4; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index 42179de..ca1c1a8 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -78,6 +78,18 @@ #define SHA1_DIGEST_SIZE 20 #define SHA1_BLOCK_SIZE 64 +#define SHA224_DIGEST_SIZE 28 +#define SHA224_BLOCK_SIZE 64 + +#define SHA256_DIGEST_SIZE 32 +#define SHA256_BLOCK_SIZE 64 + +#define SHA384_DIGEST_SIZE 48 +#define SHA384_BLOCK_SIZE 128 + +#define SHA512_DIGEST_SIZE 64 +#define SHA512_BLOCK_SIZE 128 + /* SHA LSB intialiazation values */ #define SHA1_H0 0x67452301UL @@ -86,6 +98,42 @@ #define SHA1_H3 0x10325476UL #define SHA1_H4 0xc3d2e1f0UL +#define SHA224_H0 0xc1059ed8UL +#define SHA224_H1 0x367cd507UL +#define SHA224_H2 0x3070dd17UL +#define SHA224_H3 0xf70e5939UL +#define SHA224_H4 0xffc00b31UL +#define SHA224_H5 0x68581511UL +#define SHA224_H6 0x64f98fa7UL +#define SHA224_H7 0xbefa4fa4UL + +#define SHA256_H0 0x6a09e667UL +#define SHA256_H1 0xbb67ae85UL +#define SHA256_H2 0x3c6ef372UL +#define SHA256_H3 0xa54ff53aUL +#define SHA256_H4 0x510e527fUL +#define SHA256_H5 0x9b05688cUL +#define SHA256_H6 0x1f83d9abUL +#define SHA256_H7 0x5be0cd19UL + +#define SHA384_H0 0xcbbb9d5dc1059ed8ULL +#define SHA384_H1 0x629a292a367cd507ULL +#define SHA384_H2 0x9159015a3070dd17ULL +#define SHA384_H3 0x152fecd8f70e5939ULL +#define SHA384_H4 0x67332667ffc00b31ULL +#define SHA384_H5 0x8eb44a8768581511ULL +#define SHA384_H6 0xdb0c2e0d64f98fa7ULL +#define SHA384_H7 0x47b5481dbefa4fa4ULL + +#define SHA512_H0 0x6a09e667f3bcc908ULL +#define SHA512_H1 0xbb67ae8584caa73bULL +#define SHA512_H2 0x3c6ef372fe94f82bULL +#define SHA512_H3 0xa54ff53a5f1d36f1ULL +#define SHA512_H4 0x510e527fade682d1ULL +#define SHA512_H5 0x9b05688c2b3e6c1fULL +#define SHA512_H6 0x1f83d9abfb41bd6bULL +#define SHA512_H7 0x5be0cd19137e2179ULL + /** * CCP supported AES modes */ diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 6adef1c..ab6199f 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -81,6 +81,174 @@ static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { }, } }, } }, + { /* SHA224 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA224 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA256 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA256 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA384 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA384 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 128, + .increment = 1 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA512 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA512 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 128, + .increment = 1 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /*AES-CMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4