From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0083.outbound.protection.outlook.com [104.47.34.83]) by dpdk.org (Postfix) with ESMTP id AAF93AAEE for ; Fri, 9 Mar 2018 09:36:03 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=zSlfW0q2eoSQEsS+MeZYJvRruaOLiZTI/tvYrC5jDBo=; b=RL3szyB2vtsKGipF6VioqwtV5ay8YtBE0v+vi8aFHrs/YOb+i+dzGaLOKGm8lxKGLBqtpWcpcaASXZ6PP+YdGxb5aOLy/mL6fyiCUkeq+FtZO2l1EISQfce7m570XyChH2wSm0g63+YWRpSuWN/r6YQj5rg18lEnHqiGEi3R5/4= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by MWHPR12MB1518.namprd12.prod.outlook.com (2603:10b6:301:b::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.14; Fri, 9 Mar 2018 08:36:01 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com Date: Fri, 9 Mar 2018 03:35:15 -0500 Message-Id: <1520584520-130522-15-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1520584520-130522-1-git-send-email-Ravi1.kumar@amd.com> References: <1515577379-18453-1-git-send-email-Ravi1.kumar@amd.com> <1520584520-130522-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: MA1PR0101CA0050.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a00:20::12) To MWHPR12MB1518.namprd12.prod.outlook.com (2603:10b6:301:b::22) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 4abd21c6-239d-420d-4f83-08d58598cad2 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:MWHPR12MB1518; X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 3:Sd81iE/aaZBCpBr5eTp9ArqGw7/VbshCfRAyOCMvA2fp5zPfF0IUMhzpOeG1jRqm07fBs8DSCehnemYUp9M+ZrXHHu3TSXv+Q2O9eC7fuq2JX/kf29ni39Ve4K7DR9pybxM3AFmK9Op+6hLw+IRyLzW6H5YFfCkdJqqOXqkeTy7J87hSUY9FV3A9Ug+vZfoWN6BN9ySl7lH71t8FKf7GwbiVC6yhfjkxOBaEhnMORkIH11gBvtpJJmE5doDztxVt; 25:ed45xiaPRF7Nmmmq/f8rqmaCna01gZdy7eLyd3q6YQsBlQ6cjcGL9kfKhZmF33HM6k9GamGMe5DACTPvWhNkSWQB3+wcZvSTgjqR8ElRhfJHZG+yMRmFRRdIFgilvzPn2XKback9nbsPtw6qaqN+BPreRCZTezrq5BtLIS5UFKs3hpL+nB4s7q6jelZvAyGBAuaJukTF2SlMlaviWkcdci5gWlgPGD8Pix8M3cFY4Wmx+yKmQZsFjDV89UqV2jTaELQ8VQhiN2TsQqEzBE1gBIEM2BVsDI0n40lEyuGN8depAfFA/ZR14QPUBnh7fhQ0L70gNF/g0vq0fbwzXzH3xw==; 31:uBovQAky03IA9eRWdhJ/kvTqL/Bg4QZ5fpsehzg0FrdH2V/cq2+JpdfRMwdntbHeWRES3OmKQxttLbTemlDl7ZgW92ZmYkKYgkV6EIYtYG54xO2d1ZNg4hcK+jsjjLDzK1ZHvCk4SnPZYoddM9GvsMlmuZDAMe0H8N5kk/hUfFXhly7UFfAiH9GSHDmuhZNHm6mew7MDD8Dpo+EP7Kxo1qKZz6oBycOiCkUmbDpRII0= X-MS-TrafficTypeDiagnostic: MWHPR12MB1518: X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 20:A/5LKuOexO/1CZ3UaurBg5U+C/m8Qi13TndJWIXFFzSLvVDCIRvUosx1ZuUaVoNe2Kl4yTDOKe7MKtiMhDLwlaB087zONHnMmIICNQI+fcYpDWu7S729bwLAr9SVxdbwfFdlDJ064AQ5g3qAVbxTTMt1I6bHWK2AZ3VKHUZA6ryWvApL/IIX/LKAQ3n4fTvlRwBCmqMEeuGaTwm5oV53+8y0F0u1NoTvLFpZjXDgDioj7/5vky4KAK1KhbHk3CYElII7a8tVJCcugx7icDZObUcTsE/YqwviWWv71j3RrQraKLnCJsM5Qy0UZHdqOYuCTj9nnHE3QFl4QqcdFEJ/l+ndiCXzTFoMiIf5aMt7VRZrrXZSKdILEexobVWQ8TjZlJDbCVs+aDIKHfcq5N/4gVoQkHbiAvTHX3d4PFqeqJW5C9EmPUmAGH3J8xd4TWX6pjLzfktnmT4hhaOkq+YcqAMyCPlOqARtsPhtHI21ajoHaMVzVSHqv2xHkEGA5D+c; 4:SsMRFjq9r9pK/rMgtxDuEdFLuR8jwxtQiQuqnFVPB2a+RxRrm49j/B3hIeZe2ISYEBglJaqg4QMFdnHhc3WxY+V2nbauhq/llndOi928ty6zD1MFJpM91NPxWFNErd2G0+P9CAqP1H7H7jS00E0ZRvDPaWpMikf36iPwfUCJ1t9T7CNWzuk/kNMP4wEOyXVtSdt60Dxc86s6PwaONaTv8zuGATsojcUiCYTY9dKkWecuBXkxkwIGNQdYBw8A0Dl5pCnCE47/wcWp2a8eaVqO0DjHRV5tjfvUYXtYy6wkGtm8+BQmm6au4vO4WaJbwRMg X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(3231220)(944501244)(52105095)(10201501046)(93006095)(93001095)(6055026)(6041310)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:MWHPR12MB1518; BCL:0; PCL:0; RULEID:; SRVR:MWHPR12MB1518; X-Forefront-PRVS: 0606BBEB39 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39860400002)(39380400002)(396003)(366004)(376002)(346002)(199004)(189003)(16586007)(26005)(81156014)(16526019)(8676002)(186003)(81166006)(25786009)(7736002)(3846002)(386003)(305945005)(4326008)(6116002)(6666003)(316002)(86362001)(76176011)(52116002)(8936002)(51416003)(575784001)(50226002)(5660300001)(2906002)(2950100002)(6916009)(59450400001)(7696005)(36756003)(106356001)(105586002)(6486002)(68736007)(48376002)(97736004)(53416004)(2361001)(2351001)(53936002)(50466002)(478600001)(47776003)(66066001)(72206003); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR12MB1518; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; MWHPR12MB1518; 23:ewpQCctAZ4LKhZJHyO02ocE+/Z0kHu+zN1oyUKVzr?= =?us-ascii?Q?rB7gHQFTj66SSIvbt+7Qg5J5ebl1QrRusEaXv3N2761cTQsP/ognp+3Pu/J7?= =?us-ascii?Q?QfwVbn664rTqwgnSkSFMTX8NdRXk+6YQlBipFeXVHrOhGIGg/sZ0i7VeFO9X?= =?us-ascii?Q?zbR4LHudPuY9CBDJGnvv/2Axdyw4hQQ4Hydr3jWILmcSnwnyD47W3Urpe3yG?= =?us-ascii?Q?e0y9Yj47G4uYfV0Q4mr1ECE/f+lcmG+bpI6CC/6+qcyL+xUauyhbFpThWRr4?= =?us-ascii?Q?gR0Ex5cv1yUVnwGLSg+vQSfUqe5bl0293yI80rzwa1pxOiK4WMlVbPo+IV4M?= =?us-ascii?Q?U2PvEvBAkN6F3DYMrcmUyILNqYx8IAjf6a6mUinYzl8nPSMdh64ak6X+wLWX?= =?us-ascii?Q?whAwsU8T7/bgTxCzpoyi/Q2n2Rdmii8HRxqtlHbl+OmMmPtc8a8JvQSnG9Nm?= =?us-ascii?Q?5ZFUCpASbHr4jHIDwHBydSEcX9a4kn7+AJERYvmUhhOkAof4dSDb/Dk+M4ZT?= =?us-ascii?Q?517fvDN60SzrRzjfRjh+vrpX1et43qSh0Oo4ix0p48rDDGm28SLANY/OFPRu?= =?us-ascii?Q?fjDv9Wt2yaThSrCu0tT/o4fhYGAvk7Kuio3rimIIzWXw0WDcWOnn6maLr9WY?= =?us-ascii?Q?ph3DWIxCAdOBFWxG5tYEoTC1teVi6i+bKHEbLugYwTXj+3PJNpGcV7+5KGWF?= =?us-ascii?Q?wfEzmpotwO3oEnyrSExNg4p8ZHmIyNeN2ky1lxXS0PXpP3ZlAIkJlqtLCsn8?= =?us-ascii?Q?AiJ0CYxMzosqx+vU613BU6j2lP1il8mXe4GW/bspy+NUvBZ/pmltrXVhbMt8?= =?us-ascii?Q?y2Vth0FukWV3eB6k8NDE6eE6Gqt+n6PAkLNG72nBIXoHy0nuWCIbK4bKNE4U?= =?us-ascii?Q?fWlb/df1MLOORf3Mf27kD1p6GP4eKQH2S9uFYu7q1IuoCCLLhsT/f45vToSA?= =?us-ascii?Q?gxwOt0L3RpUJH0yFg/rhvkFEw2O8JQ2yqmGi6bSJjauv3M+GvWL77GdPtD9t?= =?us-ascii?Q?j9AKcdQ5Yr1RKyh0g9VeuM69yy0DAqQyminefwZIl+8xOX7L8ngBrHzdxI9Y?= =?us-ascii?Q?gUlZakW6DyplG65tlQQaARwmG0BbJylBkxeHvWRJtsUpEa0k/U1DtudcCqU0?= =?us-ascii?Q?ex/DVwHuSeA2eAXHPA0VrCvmTIxQn2vIrt1YrNyga9R5U3PIjiC3hQdYnQsB?= =?us-ascii?Q?iafzm5xHlkfkO6ebkK3LyeG660Ph0MXInfB?= X-Microsoft-Antispam-Message-Info: agDPKfrieTH4nLovbLspEx+6dX8fwQmiSmObfaYjyMVV78nzgvhOd7orx7eA/sgG7ClDZqBLojka3k0rDdMXckBeyr+0Wd4/kXiNKYG//Y2dm8gdCuC45O8cD78Jw4f89ZVOVZ225BOqYiyzB+2aFpxQZyYkmXRXB6dvAqxbPxn5Wznd1RQoe87aFwdGsqnM X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 6:1MRSHhjEcMMemkShN8Q7dNA1IoVW+rH4fZBjvy9v3ruUe9PGyUVPk7IB+KGM4OzQfcpgRCfpO8GEhHGCtZYWU9poRbH8IKe5tTCDwqUIrM5WvODT8gF4++XKa6hRgYXG/XX1J+z2wLnoONf6CLH+KeOX57gy6Cuxzn7FBvUDwtvaAvhXe3H1Zo4kEvB1j8VYVDdb5L3UIzSM1cDkEjmIT+0cGNH0Zk4hQJW7/brgAyy64aHKlNJTTJD/4rMrGZcnmqPDck6HrHBm0N2M7sJvTlQGjEBuMwhalF73QbhnJ8/UckL8FZcPLR2mjU0dxr3dX60Bjr7m8ZBomPSjcqSd0p6tFp6ATyaKv3qj6Oyu9yI=; 5:K6ruMzyi7eIZpQTluz+ex9esLaxMfpSFVXsYEuGtCnyzGeACp59Z/xoRkERGzUpbfffKXNk3MCyY15z5nKxD5bPOR7ANi7L3LCnKwLCyz/NXrhmtUgmgiUBobNEoU6kUFHonihGHbQ8Ikejsxcgfg1td2S7UFO0rsC90txuPV14=; 24:DjphFcVtHFbj6xMSEdzqeF8AYJatULOFvzimHi2bHhVviLMdF3x81TT8ZOawsCCSQGUTyumRWOKP7lb3YIW5bgaDsa3eukW3q2HPrJgsaSk=; 7:csgUwhXYVP2u8FUwRntfFgLqxV+mIW8GJDtOO7ErK5DQyCW/deOe/sR+fVW10AQAnXSFcLihmWnkpSzVYmoEvOos/tsgMIvEtJ4B+uRL/hO3bKjIwzZLiXgwe+YdfT+cLg+ykl8f/VR/0MPK98hC5LOnv4D0r901LhVg0Ya4QTZG3+Wrah1TkoGY5dZ9+7DgTbN6CqY4KjsHFSw3cwzwcQpI+XfDbtdv96ImtzNYcU5obqbSTzUeq7tD8Oapgafx SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1518; 20:aZquRfZr3iGRJcXLA9glSXMGgJ/zcJjIFwerDbYM14Col1HZdX9kEk5UqJo0L1d50GfXZqxA/hXWtl0F2Dot32jLCtocaY590PrN5PXFd4BjYUnJCHqc9GeLDGjR1gN97AMCcIDskVkUBcf6AQzA4nD3xbMp4YcCBOJ5LHi9/bWznoQm8/6zCNw1rUBWhOGXjzMlVGuB3tpTq8mAMTo/nzmXz2CLCCIeuztZEs9zhdOUWKHu79yFqXLz0etsMdr8 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Mar 2018 08:36:01.8659 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4abd21c6-239d-420d-4f83-08d58598cad2 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1518 Subject: [dpdk-dev] [PATCH v4 15/20] crypto/ccp: support sha2 family authentication algo X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Mar 2018 08:36:04 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 270 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 48 +++++++ drivers/crypto/ccp/ccp_pmd_ops.c | 168 ++++++++++++++++++++++++ 3 files changed, 486 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index c575dc1..410e8bf 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -61,6 +61,34 @@ static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { 0x0U, 0x0U, }; +uint32_t ccp_sha224_init[SHA256_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA224_H7, SHA224_H6, + SHA224_H5, SHA224_H4, + SHA224_H3, SHA224_H2, + SHA224_H1, SHA224_H0, +}; + +uint32_t ccp_sha256_init[SHA256_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA256_H7, SHA256_H6, + SHA256_H5, SHA256_H4, + SHA256_H3, SHA256_H2, + SHA256_H1, SHA256_H0, +}; + +uint64_t ccp_sha384_init[SHA512_DIGEST_SIZE / sizeof(uint64_t)] = { + SHA384_H7, SHA384_H6, + SHA384_H5, SHA384_H4, + SHA384_H3, SHA384_H2, + SHA384_H1, SHA384_H0, +}; + +uint64_t ccp_sha512_init[SHA512_DIGEST_SIZE / sizeof(uint64_t)] = { + SHA512_H7, SHA512_H6, + SHA512_H5, SHA512_H4, + SHA512_H3, SHA512_H2, + SHA512_H1, SHA512_H0, +}; + static enum ccp_cmd_order ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) { @@ -97,6 +125,54 @@ static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) return 0; } +static int partial_hash_sha224(uint8_t *data_in, uint8_t *data_out) +{ + SHA256_CTX ctx; + + if (!SHA224_Init(&ctx)) + return -EFAULT; + SHA256_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA256_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha256(uint8_t *data_in, uint8_t *data_out) +{ + SHA256_CTX ctx; + + if (!SHA256_Init(&ctx)) + return -EFAULT; + SHA256_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA256_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha384(uint8_t *data_in, uint8_t *data_out) +{ + SHA512_CTX ctx; + + if (!SHA384_Init(&ctx)) + return -EFAULT; + SHA512_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA512_DIGEST_LENGTH); + return 0; +} + +static int partial_hash_sha512(uint8_t *data_in, uint8_t *data_out) +{ + SHA512_CTX ctx; + + if (!SHA512_Init(&ctx)) + return -EFAULT; + SHA512_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, + SHA512_DIGEST_LENGTH); + return 0; +} + static int generate_partial_hash(struct ccp_session *sess) { @@ -104,11 +180,13 @@ static int generate_partial_hash(struct ccp_session *sess) uint8_t opad[sess->auth.block_size]; uint8_t *ipad_t, *opad_t; uint32_t *hash_value_be32, hash_temp32[8]; + uint64_t *hash_value_be64, hash_temp64[8]; int i, count; opad_t = ipad_t = (uint8_t *)sess->auth.key; hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute); + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute); /* considering key size is always equal to block size of algorithm */ for (i = 0; i < sess->auth.block_size; i++) { @@ -132,6 +210,66 @@ static int generate_partial_hash(struct ccp_session *sess) for (i = 0; i < count; i++, hash_value_be32++) *hash_value_be32 = hash_temp32[count - 1 - i]; return 0; + case CCP_AUTH_ALGO_SHA224_HMAC: + count = SHA256_DIGEST_SIZE >> 2; + + if (partial_hash_sha224(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha224(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA256_HMAC: + count = SHA256_DIGEST_SIZE >> 2; + + if (partial_hash_sha256(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha256(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA384_HMAC: + count = SHA512_DIGEST_SIZE >> 3; + + if (partial_hash_sha384(ipad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha384(opad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + return 0; + case CCP_AUTH_ALGO_SHA512_HMAC: + count = SHA512_DIGEST_SIZE >> 3; + + if (partial_hash_sha512(ipad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + + hash_value_be64 = (uint64_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha512(opad, (uint8_t *)hash_temp64)) + return -1; + for (i = 0; i < count; i++, hash_value_be64++) + *hash_value_be64 = hash_temp64[count - 1 - i]; + return 0; default: CCP_LOG_ERR("Invalid auth algo"); return -1; @@ -347,6 +485,107 @@ ccp_configure_session_auth(struct ccp_session *sess, if (generate_partial_hash(sess)) return -1; break; + case RTE_CRYPTO_AUTH_SHA224: + sess->auth.algo = CCP_AUTH_ALGO_SHA224; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_224; + sess->auth.ctx = (void *)ccp_sha224_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA224_HMAC: + if (auth_xform->key.length > SHA224_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA224_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_224; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA224_DIGEST_SIZE; + sess->auth.block_size = SHA224_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA256: + sess->auth.algo = CCP_AUTH_ALGO_SHA256; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_256; + sess->auth.ctx = (void *)ccp_sha256_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA256_HMAC: + if (auth_xform->key.length > SHA256_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA256_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_256; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA256_DIGEST_SIZE; + sess->auth.block_size = SHA256_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA384: + sess->auth.algo = CCP_AUTH_ALGO_SHA384; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_384; + sess->auth.ctx = (void *)ccp_sha384_init; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA384_HMAC: + if (auth_xform->key.length > SHA384_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA384_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_384; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA384_DIGEST_SIZE; + sess->auth.block_size = SHA384_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_SHA512: + sess->auth.algo = CCP_AUTH_ALGO_SHA512; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_512; + sess->auth.ctx = (void *)ccp_sha512_init; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA512_HMAC: + if (auth_xform->key.length > SHA512_BLOCK_SIZE) + return -1; + sess->auth.algo = CCP_AUTH_ALGO_SHA512_HMAC; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.ut.sha_type = CCP_SHA_TYPE_512; + sess->auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = (CCP_SB_BYTES << 1) - SHA512_DIGEST_SIZE; + sess->auth.block_size = SHA512_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; + case RTE_CRYPTO_AUTH_AES_CMAC: sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; sess->auth.engine = CCP_ENGINE_AES; @@ -541,12 +780,32 @@ ccp_auth_slot(struct ccp_session *session) switch (session->auth.algo) { case CCP_AUTH_ALGO_SHA1: + case CCP_AUTH_ALGO_SHA224: + case CCP_AUTH_ALGO_SHA256: + case CCP_AUTH_ALGO_SHA384: + case CCP_AUTH_ALGO_SHA512: count = 3; /**< op + lsb passthrough cpy to/from*/ break; case CCP_AUTH_ALGO_SHA1_HMAC: + case CCP_AUTH_ALGO_SHA224_HMAC: + case CCP_AUTH_ALGO_SHA256_HMAC: count = 6; break; + case CCP_AUTH_ALGO_SHA384_HMAC: + case CCP_AUTH_ALGO_SHA512_HMAC: + count = 7; + /** + * 1. Load PHash1 = H(k ^ ipad); to LSB + * 2. generate IHash = H(hash on meassage with PHash1 + * as init values); + * 3. Retrieve IHash 2 slots for 384/512 + * 4. Load Phash2 = H(k ^ opad); to LSB + * 5. generate FHash = H(hash on Ihash with Phash2 + * as init value); + * 6. Retrieve HMAC output from LSB to host memory + */ + break; case CCP_AUTH_ALGO_AES_CMAC: count = 4; /** @@ -1503,13 +1762,24 @@ ccp_crypto_auth(struct rte_crypto_op *op, switch (session->auth.algo) { case CCP_AUTH_ALGO_SHA1: + case CCP_AUTH_ALGO_SHA224: + case CCP_AUTH_ALGO_SHA256: + case CCP_AUTH_ALGO_SHA384: + case CCP_AUTH_ALGO_SHA512: result = ccp_perform_sha(op, cmd_q); b_info->desccnt += 3; break; case CCP_AUTH_ALGO_SHA1_HMAC: + case CCP_AUTH_ALGO_SHA224_HMAC: + case CCP_AUTH_ALGO_SHA256_HMAC: result = ccp_perform_hmac(op, cmd_q); b_info->desccnt += 6; break; + case CCP_AUTH_ALGO_SHA384_HMAC: + case CCP_AUTH_ALGO_SHA512_HMAC: + result = ccp_perform_hmac(op, cmd_q); + b_info->desccnt += 7; + break; case CCP_AUTH_ALGO_AES_CMAC: result = ccp_perform_aes_cmac(op, cmd_q); b_info->desccnt += 4; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index 42179de..ca1c1a8 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -78,6 +78,18 @@ #define SHA1_DIGEST_SIZE 20 #define SHA1_BLOCK_SIZE 64 +#define SHA224_DIGEST_SIZE 28 +#define SHA224_BLOCK_SIZE 64 + +#define SHA256_DIGEST_SIZE 32 +#define SHA256_BLOCK_SIZE 64 + +#define SHA384_DIGEST_SIZE 48 +#define SHA384_BLOCK_SIZE 128 + +#define SHA512_DIGEST_SIZE 64 +#define SHA512_BLOCK_SIZE 128 + /* SHA LSB intialiazation values */ #define SHA1_H0 0x67452301UL @@ -86,6 +98,42 @@ #define SHA1_H3 0x10325476UL #define SHA1_H4 0xc3d2e1f0UL +#define SHA224_H0 0xc1059ed8UL +#define SHA224_H1 0x367cd507UL +#define SHA224_H2 0x3070dd17UL +#define SHA224_H3 0xf70e5939UL +#define SHA224_H4 0xffc00b31UL +#define SHA224_H5 0x68581511UL +#define SHA224_H6 0x64f98fa7UL +#define SHA224_H7 0xbefa4fa4UL + +#define SHA256_H0 0x6a09e667UL +#define SHA256_H1 0xbb67ae85UL +#define SHA256_H2 0x3c6ef372UL +#define SHA256_H3 0xa54ff53aUL +#define SHA256_H4 0x510e527fUL +#define SHA256_H5 0x9b05688cUL +#define SHA256_H6 0x1f83d9abUL +#define SHA256_H7 0x5be0cd19UL + +#define SHA384_H0 0xcbbb9d5dc1059ed8ULL +#define SHA384_H1 0x629a292a367cd507ULL +#define SHA384_H2 0x9159015a3070dd17ULL +#define SHA384_H3 0x152fecd8f70e5939ULL +#define SHA384_H4 0x67332667ffc00b31ULL +#define SHA384_H5 0x8eb44a8768581511ULL +#define SHA384_H6 0xdb0c2e0d64f98fa7ULL +#define SHA384_H7 0x47b5481dbefa4fa4ULL + +#define SHA512_H0 0x6a09e667f3bcc908ULL +#define SHA512_H1 0xbb67ae8584caa73bULL +#define SHA512_H2 0x3c6ef372fe94f82bULL +#define SHA512_H3 0xa54ff53a5f1d36f1ULL +#define SHA512_H4 0x510e527fade682d1ULL +#define SHA512_H5 0x9b05688c2b3e6c1fULL +#define SHA512_H6 0x1f83d9abfb41bd6bULL +#define SHA512_H7 0x5be0cd19137e2179ULL + /** * CCP supported AES modes */ diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 6adef1c..ab6199f 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -81,6 +81,174 @@ static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { }, } }, } }, + { /* SHA224 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA224 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA256 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA256 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA384 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA384 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 128, + .increment = 1 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA512 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA512 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 1, + .max = 128, + .increment = 1 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /*AES-CMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4