From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0071.outbound.protection.outlook.com [104.47.41.71]) by dpdk.org (Postfix) with ESMTP id 048B77D19 for ; Mon, 19 Mar 2018 13:24:44 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ICAzeIhGz+xJ76vVo+xoaS2DyNGoLS8TdOKSYd+JQgc=; b=3kFkiNy0R1hmiYfEdc6HXaL82B1LNUyBDlUV4bWZEfQjlnjTerD+NxyJyF1z69EEfuJGhjKvjRij5TVrBBUI14ueW+VMZ88lYNqBpy89avi//3TGUpOBAS5Q440GnlUN25Qsqs2zIW00NGJoo3jbxvZ/6e6UhBDB1ZbPr3fR00o= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by BN6PR12MB1505.namprd12.prod.outlook.com (10.172.24.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.588.14; Mon, 19 Mar 2018 12:24:41 +0000 From: Ravi Kumar To: dev@dpdk.org Cc: pablo.de.lara.guarch@intel.com, hemant.agrawal@nxp.com Date: Mon, 19 Mar 2018 08:23:48 -0400 Message-Id: <1521462233-13590-14-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1521462233-13590-1-git-send-email-Ravi1.kumar@amd.com> References: <1520584520-130522-1-git-send-email-Ravi1.kumar@amd.com> <1521462233-13590-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: MAXPR0101CA0025.INDPRD01.PROD.OUTLOOK.COM (10.174.62.139) To BN6PR12MB1505.namprd12.prod.outlook.com (10.172.24.146) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 6157993f-b72a-45b9-85b3-08d58d9464e9 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BN6PR12MB1505; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1505; 3:u/TkHwHvSe+vQZoJoCEyMlnhMx9pxHGszCCPLALBSg2ejtymnN8Z27WH0uXld5juzO8QBtDXPN+qIrR8jJPcmh2Gq0GsQxYk7DUwv6NNkWgjmpr1LF+NJrjoWdM73ZSkcDNjzFm1rE0iYsOc4BS6eRbOC56DT2y9vYlF/TXG4Q2DOcVXTjP7/X95iQQPH/xngsCpjB1lVDzkgO+L6ilRqPpHiWkv4POcFU+awlTdtvzVqJhz2O6NaOnWQyzVdTUC; 25:NCF3eAK71HQd4MVm3XSvTAbpBfRzNW/KQQcs1q7G0N4Jlca8oLFFo0MMVt+SdTji3WMOp6OULFXv4eTZmrDEpQex29H3MmGbWdAohG7VIgpL77FCz4ryDrwU3cIdft/WvV9o7LSJLtvI50J1o0fWBW0Xi6efXCdIi2Y9gMHUE3GiH4gMwxFCRi9p0Amss6uKJMaLkVZWcPskD26H0YddlaGw9ZNyQh6DhS3w3EWUacm45P0KZHmxFgUCw3GxHW7gmbu9KYNmYs7eoB0mH9vZDYy06IyoA92nwbBajHdntvuy48YEBUUH7R3zv/XS2gPDCMCFxSq/iFsOAEc/fewiRg==; 31:SCzons7ZsuDohjsY22dMjN93rexLWthhEeee0r6wMX5bNB0NYzcaQmL0ZzCtVcWVZkKtVrkQOdDolNMUoRT7xb5kXePVGrx5vKBFCviXZcHHP7tHu5+D9Nz5xJQRlqxIkPGEGe2mUfDp5xn9taV5VddNxpgGJ/qpaQEYJWzRZE5pnqErbhupBtrswi3KSUurFkknjFgeBImNioGonw2mIZkjZgFcoyQ+pbB5e1Z3m+A= X-MS-TrafficTypeDiagnostic: BN6PR12MB1505: X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1505; 20:QfSCJplHhzCqa41z41jKo1k51Zc2e/TH/hlsUcT/6BpeYXYSOHhTRFpE2btnSwEOmE9ZaSm4DC+xPIMCTxmE3JdjDwdWYRMepc0cz4sfm7K1wtbIn8mRE63jEx5gJuPb6meaLcRmQi34U9oX2x3dBQrmq6vlbLRxuharvP8oC7OJsDDD5jUv7h7DPZ9RXnP17pqGbbwowmdpQllvRblQpHPr+6OOGMIbqxtmyy2Nz4BmLOj2fDwEKxGE/6awEbsMzXjJFWxIEO2iZxVPUJj3B2oNF2gXqp1XQ7zan2SpqmJDgL+oC9An3SDGZYQn0ybDxGsl6PEFnacDST9Xmuk0UhtYtgm3uaBMXZ/Hm4IfWMrq1ngo6vNC4ZvXWYSfd0zDacHB5ttw27E8yJnGWwbBZDd1fPB2ALySkMr4farEhg6Jlb1Q4X0FloVI9Qvolbs9coJ69rDOjDcnW910shALawuYUa2BY3Ardb6+UJBuTq4FC0OGGPFr5dTNzdNwKbJ+; 4:ggIHnSHeKYoHK/zvnA1WuaTThXx3pYjgSGyWGce0An4TdowENNQFRv8qVvmM4v4zOSdDggNKVnfMphNDWWUj3tXFVfx28SClwafWP8F9JBhsqnHwL0QbAy85DpJbpYPL9NAPwAnGow37wXGdop5GnUx9+N8Y+swmBxWZTSQn+Aj39r/35odUOccbBxww1J3VOcJiMojlHtNhki3nkisZH7jZUFdetAy5Rm6RLjuuSc4QpVYSYyW33WzTRobxapMhDnr0OXDK0wVPbub2qQqw4l8tFHIgM32r432bToqV3ruIzE86EUqjJIM2UcYuYuDl X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231221)(944501300)(52105095)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041310)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(6072148)(201708071742011); SRVR:BN6PR12MB1505; BCL:0; PCL:0; RULEID:; SRVR:BN6PR12MB1505; X-Forefront-PRVS: 06167FAD59 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(396003)(39380400002)(39860400002)(346002)(376002)(366004)(199004)(189003)(97736004)(105586002)(2361001)(2351001)(72206003)(48376002)(4326008)(50226002)(76176011)(59450400001)(8676002)(26005)(316002)(8936002)(53936002)(106356001)(16586007)(186003)(7696005)(51416003)(16526019)(52116002)(386003)(81166006)(81156014)(8656006)(25786009)(575784001)(66066001)(68736007)(86362001)(47776003)(6486002)(5660300001)(7736002)(53416004)(6116002)(305945005)(3846002)(478600001)(2950100002)(36756003)(6916009)(2906002)(50466002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR12MB1505; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR12MB1505; 23:Srf+l1E/tO8SXZO5P4AtATAFghLRA5VEx4CGKw//9?= =?us-ascii?Q?ePIM/2D1rsGLVVB1FDY/DcYt+mSPkUDtptx9pVe97D2mDXWDD2i2PORt+Tgu?= =?us-ascii?Q?pJZ6X3wHtwkjvoxMh0HEoB3HgezPVO64SxsjJV2cl8t3GheFZ66+0/fuDpNN?= =?us-ascii?Q?ylZhLEsvduzCwtRBWfMTyG392M3F+uKXBuysJgmk0ObeHobkiQZGwz+J1SrE?= =?us-ascii?Q?k2cW3uh+0Ly0eNheQK6Di9i7GwufrVyEhhO0PjJ7TBDLLeZeNXT4Q5Yo8yZs?= =?us-ascii?Q?eex1eK9Z6CVrlv730BKfdN9QvOdIuOqW+plZ0H7yPX3LrF9lJ3bj3MEbT3Lu?= =?us-ascii?Q?RSQiAUOHgDKs8aYJ5B/YPoG27Ns6h4ANCTP/1JV4CtWVGtSlv9yYLqMNIiwL?= =?us-ascii?Q?9nARtgyTn8MhYZhC5WUzVjwb0mUmNwM1F3eqksMAG/BF1Va5UqKi8UumpKfn?= =?us-ascii?Q?Se//jaJGDNf+VqcfUtTYwxQ3uJ6sFNm5MeUou4FnuvAQisu/Y7C0J/PY5gPz?= =?us-ascii?Q?rSqA72ol3Q1f8liJ9V6cDYAnE6E+oyBZu7ZvSjDK1EDixeSxT5Fkgzz9C/Uj?= =?us-ascii?Q?9f2FNJiwQQPIoXKFT36K5Xx7JSWga2MHkRbiduRuPk1VAln/WkNVpkMU3rhm?= =?us-ascii?Q?P9LJdw+zoZUWskhJkUQXwR3NcgBkPC1AgSUrD2FdlKjx/TKlUrLRqhr9uLcr?= =?us-ascii?Q?a0i7VXKAnfbTNNWFyONa4eA2g+x3RgaTTiUVEJAbNAEHxQX+Ea119IFBvM5i?= =?us-ascii?Q?aSAbngB4WKJq6A+fQ/bhtjcwaZ+CrErFLDoXCCyGc/yY+bUj+G/r2V+cdsM4?= =?us-ascii?Q?mosUHHbiKVj2SJexXUlh6mXakvMgXMqUYUjR4APvnhXxvFEQ1jHwFlA8v9jA?= =?us-ascii?Q?kOF4zt5jLK6ad35hKHr4LmV4BMuDriQIR99Fg0UBnZ9efzL6dtg3XrIQg1gE?= =?us-ascii?Q?n2J0R4HaoT+dkIb19AG6dGyAgMmqdYGfbYtk/vNKDaFdMqyTmPGEf3LZUsAv?= =?us-ascii?Q?drDzjqrSwQ91cPjvDXOVFia2I1iue7UY9jfQTS+pt32825fnIlK8P4GkV3/M?= =?us-ascii?Q?bP+eb009hMdjOKoOWZK1fxQ3o6WwbmNSWpZnk1iYM1lLXRf9f5IIrWMNYUd2?= =?us-ascii?Q?XdK9xqavjm2iMGAtJDN9X7u5+7NYdFJL53kdVAyT9N6Ph5EbRlJOc1FfypKN?= =?us-ascii?Q?TxCYbRH/nlw8lUgt8LVS9YrUJSs0ZAB8sq7?= X-Microsoft-Antispam-Message-Info: LdnayinshYOKfhd+e/KtgAXuoqIiEaU+jMXd5QaIj4jh6mwZ4QY3BgzLU3o64mujzHXMdDZcTgiDc4gS8F4MIE+6qntIS3e1A+zsfHn9tQ1RlveN1T7d0eOxrjG0bfTJWpf5cdXzQHfXD0Y0x2KDMmw2exyUxsNUGc0C7oBs7RD8VOjP3yTmx3ZPV1KxOa6d X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1505; 6:JhcU10FyYj8JcBlOrg7+y344UVBncWMNZKGpzEpC/A2DYocCIHI6VM94cIhUwHSEasbqFGyLoDJ99f/PJnGggpEgSPhocYh9lScP/Owb4T4Z7Nhzap+t65XuYzkZL/5OaWqaMUXKhwAjs03Nt8wlRc6+6mWNAIdpm1bIPQP0TPdkTiOQL2G27qxiCj6WEOXtDam8ipQUs9NFp3Zl4ZbyUNcQE1EldnBJxyL12CbvvX1RONPC//wcYMVydULaGG75terimGnGMO+tDR2ZnIcelfeEyBmnle5syO/Y6EmVkSta/sdFCJkAkC3waKs4clFbrxSSp1oMauKXEmFc1Hri4K8gmvV9r07v8UjT7ajWt3s=; 5:4/zVKnfSLeAs24Ya5mVbk+lFFqJlu0TuaqrNIg5A0Zv00h1BT0/szhizoc+SGGWCW4JnC2RmYucTdMEQMxEm7d4A+OYU9QHBS4gV9Emn6bx904c5Hl4+4cgM9w0N2gN70Ak13nVFDb2HCBfjES6PQ15aC8oe3FebGwRWGuVDBRM=; 24:0VLjLrJHGYfGEGAv3fnjVGq0N6TBsAxKJYxtQzoVX8cqEYVDsJvE+55FyOSXD2dKhGJh/FKpQhxYfUkq9s2SsO8qW3nWKu7JtvO2d6ea5Ic=; 7:EiZi3SNsB8rmgZSOnaIknwQbrV0Ju8ZwqpZOwsQS+xgSQS9d3gru6e1QfguRykQvGu8ftprhmxIM960mq91MttMvwKw0TQZjMt7lsxxtCLBeJMhXUjWxSuHq6dm/dPg5mtmBvgHaeePLfm66fygNUZJxhEMdC4yE7CCMhNuledXSoUNOZooBRsW9t+hmTR9qqcNZiJTCymujEYawU8GjW3gPpS+BC1WVMDSgIFmshCh0QMT2zAtwdB203vWJwYY7 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1505; 20:4FiX1KpB7g6CHM6y7ubTMrXKE5lLhcSq4xgCgGf6p+gpeZYa8A/exsUZXrPi1ZoGUDJAilqvYH2IzxDywY19/BRYAanGEVPcrtIwFzhq9+eborgDAbG68IuYE795N3PLrPc23ecDVodGnYfRkBFY2N3FUbJtmbzV9+9e7PoHLPyV3a5KZmEaVV895VZeLLMvt4Mc+4g8VYl0LTp4LgWRA9LOkc2bzal/EiP3N9oGSYpFFWPXZbk9Qa/1ymjGciTp X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Mar 2018 12:24:41.7484 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6157993f-b72a-45b9-85b3-08d58d9464e9 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1505 Subject: [dpdk-dev] [PATCH v5 14/19] crypto/ccp: support sha1 authentication algo X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2018 12:24:45 -0000 Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 367 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 23 +++ drivers/crypto/ccp/ccp_pmd_ops.c | 42 +++++ 3 files changed, 432 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index 3a14b77..517c284 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -10,6 +10,7 @@ #include #include #include +#include #include /*sub key apis*/ #include /*sub key apis*/ @@ -26,6 +27,14 @@ #include "ccp_pci.h" #include "ccp_pmd_private.h" +/* SHA initial context values */ +static uint32_t ccp_sha1_init[SHA_COMMON_DIGEST_SIZE / sizeof(uint32_t)] = { + SHA1_H4, SHA1_H3, + SHA1_H2, SHA1_H1, + SHA1_H0, 0x0U, + 0x0U, 0x0U, +}; + static enum ccp_cmd_order ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) { @@ -50,6 +59,59 @@ ccp_get_cmd_id(const struct rte_crypto_sym_xform *xform) return res; } +/* partial hash using openssl */ +static int partial_hash_sha1(uint8_t *data_in, uint8_t *data_out) +{ + SHA_CTX ctx; + + if (!SHA1_Init(&ctx)) + return -EFAULT; + SHA1_Transform(&ctx, data_in); + rte_memcpy(data_out, &ctx, SHA_DIGEST_LENGTH); + return 0; +} + +static int generate_partial_hash(struct ccp_session *sess) +{ + + uint8_t ipad[sess->auth.block_size]; + uint8_t opad[sess->auth.block_size]; + uint8_t *ipad_t, *opad_t; + uint32_t *hash_value_be32, hash_temp32[8]; + int i, count; + + opad_t = ipad_t = (uint8_t *)sess->auth.key; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute); + + /* considering key size is always equal to block size of algorithm */ + for (i = 0; i < sess->auth.block_size; i++) { + ipad[i] = (ipad_t[i] ^ HMAC_IPAD_VALUE); + opad[i] = (opad_t[i] ^ HMAC_OPAD_VALUE); + } + + switch (sess->auth.algo) { + case CCP_AUTH_ALGO_SHA1_HMAC: + count = SHA1_DIGEST_SIZE >> 2; + + if (partial_hash_sha1(ipad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + + hash_value_be32 = (uint32_t *)((uint8_t *)sess->auth.pre_compute + + sess->auth.ctx_len); + if (partial_hash_sha1(opad, (uint8_t *)hash_temp32)) + return -1; + for (i = 0; i < count; i++, hash_value_be32++) + *hash_value_be32 = hash_temp32[count - 1 - i]; + return 0; + default: + CCP_LOG_ERR("Invalid auth algo"); + return -1; + } +} + /* prepare temporary keys K1 and K2 */ static void prepare_key(unsigned char *k, unsigned char *l, int bl) { @@ -234,6 +296,31 @@ ccp_configure_session_auth(struct ccp_session *sess, else sess->auth.op = CCP_AUTH_OP_VERIFY; switch (auth_xform->algo) { + case RTE_CRYPTO_AUTH_SHA1: + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.algo = CCP_AUTH_ALGO_SHA1; + sess->auth.ut.sha_type = CCP_SHA_TYPE_1; + sess->auth.ctx = (void *)ccp_sha1_init; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; + break; + case RTE_CRYPTO_AUTH_SHA1_HMAC: + if (auth_xform->key.length > SHA1_BLOCK_SIZE) + return -1; + sess->auth.engine = CCP_ENGINE_SHA; + sess->auth.algo = CCP_AUTH_ALGO_SHA1_HMAC; + sess->auth.ut.sha_type = CCP_SHA_TYPE_1; + sess->auth.ctx_len = CCP_SB_BYTES; + sess->auth.offset = CCP_SB_BYTES - SHA1_DIGEST_SIZE; + sess->auth.block_size = SHA1_BLOCK_SIZE; + sess->auth.key_length = auth_xform->key.length; + memset(sess->auth.key, 0, sess->auth.block_size); + memset(sess->auth.pre_compute, 0, sess->auth.ctx_len << 1); + rte_memcpy(sess->auth.key, auth_xform->key.data, + auth_xform->key.length); + if (generate_partial_hash(sess)) + return -1; + break; case RTE_CRYPTO_AUTH_AES_CMAC: sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; sess->auth.engine = CCP_ENGINE_AES; @@ -427,6 +514,13 @@ ccp_auth_slot(struct ccp_session *session) int count = 0; switch (session->auth.algo) { + case CCP_AUTH_ALGO_SHA1: + count = 3; + /**< op + lsb passthrough cpy to/from*/ + break; + case CCP_AUTH_ALGO_SHA1_HMAC: + count = 6; + break; case CCP_AUTH_ALGO_AES_CMAC: count = 4; /** @@ -552,6 +646,271 @@ ccp_perform_passthru(struct ccp_passthru *pst, } static int +ccp_perform_hmac(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + + struct ccp_session *session; + union ccp_function function; + struct ccp_desc *desc; + uint32_t tail; + phys_addr_t src_addr, dest_addr, dest_addr_t; + struct ccp_passthru pst; + uint64_t auth_msg_bits; + void *append_ptr; + uint8_t *addr; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + addr = session->auth.pre_compute; + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr); + dest_addr_t = dest_addr; + + /** Load PHash1 to LSB*/ + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**sha engine command descriptor for IntermediateHash*/ + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + auth_msg_bits = (op->sym->auth.data.length + + session->auth.block_size) * 8; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Intermediate Hash value retrieve */ + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) { + + pst.src_addr = + (phys_addr_t)((cmd_q->sb_sha + 1) * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t; + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t + CCP_SB_BYTES; + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + } else { + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr_t; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + } + + /** Load PHash2 to LSB*/ + addr += session->auth.ctx_len; + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**sha engine command descriptor for FinalHash*/ + dest_addr_t += session->auth.offset; + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = (session->auth.ctx_len - + session->auth.offset); + auth_msg_bits = (session->auth.block_size + + session->auth.ctx_len - + session->auth.offset) * 8; + + CCP_CMD_SRC_LO(desc) = (uint32_t)(dest_addr_t); + CCP_CMD_SRC_HI(desc) = high32_value(dest_addr_t); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Retrieve hmac output */ + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + else + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; + +} + +static int +ccp_perform_sha(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + struct ccp_session *session; + union ccp_function function; + struct ccp_desc *desc; + uint32_t tail; + phys_addr_t src_addr, dest_addr; + struct ccp_passthru pst; + void *append_ptr; + uint64_t auth_msg_bits; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + ccp_cryptodev_driver_id); + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + + append_ptr = (void *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy(append_ptr); + + /** Passthru sha context*/ + + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *) + session->auth.ctx); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.len = session->auth.ctx_len; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + /**prepare sha command descriptor*/ + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_SHA; + + CCP_CMD_SOC(desc) = 0; + CCP_CMD_IOC(desc) = 0; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_PROT(desc) = 0; + + function.raw = 0; + CCP_SHA_TYPE(&function) = session->auth.ut.sha_type; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + auth_msg_bits = op->sym->auth.data.length * 8; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_LSB_ID(desc) = cmd_q->sb_sha; + CCP_CMD_SHA_LO(desc) = ((uint32_t)auth_msg_bits); + CCP_CMD_SHA_HI(desc) = high32_value(auth_msg_bits); + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + + /* Hash value retrieve */ + pst.src_addr = (phys_addr_t)(cmd_q->sb_sha * CCP_SB_BYTES); + pst.dest_addr = dest_addr; + pst.len = session->auth.ctx_len; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + if ((session->auth.ut.sha_type == CCP_SHA_TYPE_384) || + (session->auth.ut.sha_type == CCP_SHA_TYPE_512)) + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + else + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; + +} + +static int ccp_perform_aes_cmac(struct rte_crypto_op *op, struct ccp_queue *cmd_q) { @@ -1117,6 +1476,14 @@ ccp_crypto_auth(struct rte_crypto_op *op, ccp_cryptodev_driver_id); switch (session->auth.algo) { + case CCP_AUTH_ALGO_SHA1: + result = ccp_perform_sha(op, cmd_q); + b_info->desccnt += 3; + break; + case CCP_AUTH_ALGO_SHA1_HMAC: + result = ccp_perform_hmac(op, cmd_q); + b_info->desccnt += 6; + break; case CCP_AUTH_ALGO_AES_CMAC: result = ccp_perform_aes_cmac(op, cmd_q); b_info->desccnt += 4; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index 3585c36..aa4787a 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -34,9 +34,32 @@ #define CCP_DES_ENCRYPT(p) ((p)->des.encrypt) #define CCP_DES_MODE(p) ((p)->des.mode) #define CCP_DES_TYPE(p) ((p)->des.type) +#define CCP_SHA_TYPE(p) ((p)->sha.type) #define CCP_PT_BYTESWAP(p) ((p)->pt.byteswap) #define CCP_PT_BITWISE(p) ((p)->pt.bitwise) +/* HMAC */ +#define HMAC_IPAD_VALUE 0x36 +#define HMAC_OPAD_VALUE 0x5c + +#ifdef RTE_LIBRTE_PMD_CCP_CPU_AUTH +#define MD5_DIGEST_SIZE 16 +#define MD5_BLOCK_SIZE 64 +#endif + +/* SHA */ +#define SHA_COMMON_DIGEST_SIZE 32 +#define SHA1_DIGEST_SIZE 20 +#define SHA1_BLOCK_SIZE 64 + +/* SHA LSB intialiazation values */ + +#define SHA1_H0 0x67452301UL +#define SHA1_H1 0xefcdab89UL +#define SHA1_H2 0x98badcfeUL +#define SHA1_H3 0x10325476UL +#define SHA1_H4 0xc3d2e1f0UL + /** * CCP supported AES modes */ diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 1314c17..13f6820 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -13,6 +13,48 @@ #include "ccp_crypto.h" static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { + { /* SHA1 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, + { /* SHA1 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 1, + .max = 64, + .increment = 1 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /*AES-CMAC */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { -- 2.7.4