* [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: fix CCM digest size check
@ 2020-10-06 10:59 Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
` (2 more replies)
0 siblings, 3 replies; 10+ messages in thread
From: Pablo de Lara @ 2020-10-06 10:59 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara, stable
Digest size for CCM was being checked for other algorithms
apart from CCM.
Fixes: c4c0c312a823 ("crypto/aesni_mb: check for invalid digest size")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 29 +++++++++++-----------
1 file changed, 15 insertions(+), 14 deletions(-)
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 1bddbcf74..784278719 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -564,6 +564,14 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -EINVAL;
}
+ /* Set IV parameters */
+ sess->iv.offset = xform->aead.iv.offset;
+ sess->iv.length = xform->aead.iv.length;
+
+ /* Set digest sizes */
+ sess->auth.req_digest_len = xform->aead.digest_length;
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
switch (xform->aead.algo) {
case RTE_CRYPTO_AEAD_AES_CCM:
sess->cipher.mode = CCM;
@@ -582,6 +590,13 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -EINVAL;
}
+ /* CCM digests must be between 4 and 16 and an even number */
+ if (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN ||
+ sess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN ||
+ (sess->auth.req_digest_len & 1) == 1) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
break;
case RTE_CRYPTO_AEAD_AES_GCM:
@@ -616,20 +631,6 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -ENOTSUP;
}
- /* Set IV parameters */
- sess->iv.offset = xform->aead.iv.offset;
- sess->iv.length = xform->aead.iv.length;
-
- sess->auth.req_digest_len = xform->aead.digest_length;
- /* CCM digests must be between 4 and 16 and an even number */
- if (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN ||
- sess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN ||
- (sess->auth.req_digest_len & 1) == 1) {
- AESNI_MB_LOG(ERR, "Invalid digest size\n");
- return -EINVAL;
- }
- sess->auth.gen_digest_len = sess->auth.req_digest_len;
-
return 0;
}
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: fix GCM digest size check
2020-10-06 10:59 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
@ 2020-10-06 10:59 ` Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2 siblings, 0 replies; 10+ messages in thread
From: Pablo de Lara @ 2020-10-06 10:59 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara, stable
GCM digest sizes should be between 1 and 16 bytes.
Fixes: 7b2d4706c90e ("crypto/aesni_mb: support newer library version only")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 4 ++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 22 +++++++++----------
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 8 +++----
3 files changed, 16 insertions(+), 18 deletions(-)
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index e0c7b4f7c..8c5acfc51 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -80,7 +80,7 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[AES_CMAC] = 12,
[AES_CCM] = 8,
[NULL_HASH] = 0,
- [AES_GMAC] = 16,
+ [AES_GMAC] = 12,
[PLAIN_SHA1] = 20,
[PLAIN_SHA_224] = 28,
[PLAIN_SHA_256] = 32,
@@ -111,7 +111,7 @@ static const unsigned auth_digest_byte_lengths[] = {
[AES_XCBC] = 16,
[AES_CMAC] = 16,
[AES_CCM] = 16,
- [AES_GMAC] = 12,
+ [AES_GMAC] = 16,
[NULL_HASH] = 0,
[PLAIN_SHA1] = 20,
[PLAIN_SHA_224] = 28,
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 784278719..fa364530e 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -209,19 +209,11 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
sess->cipher.direction = DECRYPT;
sess->auth.algo = AES_GMAC;
- /*
- * Multi-buffer lib supports 8, 12 and 16 bytes of digest.
- * If size requested is different, generate the full digest
- * (16 bytes) in a temporary location and then memcpy
- * the requested number of bytes.
- */
- if (sess->auth.req_digest_len != 16 &&
- sess->auth.req_digest_len != 12 &&
- sess->auth.req_digest_len != 8) {
- sess->auth.gen_digest_len = 16;
- } else {
- sess->auth.gen_digest_len = sess->auth.req_digest_len;
+ if (sess->auth.req_digest_len > get_digest_byte_length(AES_GMAC)) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
}
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
sess->iv.length = xform->auth.iv.length;
sess->iv.offset = xform->auth.iv.offset;
@@ -624,6 +616,12 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -EINVAL;
}
+ /* GCM digest size must be between 1 and 16 */
+ if (sess->auth.req_digest_len == 0 ||
+ sess->auth.req_digest_len > 16) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
break;
default:
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 2362f0c3c..3e4282954 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -455,9 +455,9 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
.increment = 8
},
.digest_size = {
- .min = 8,
+ .min = 1,
.max = 16,
- .increment = 4
+ .increment = 1
},
.aad_size = {
.min = 0,
@@ -485,9 +485,9 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
.increment = 8
},
.digest_size = {
- .min = 8,
+ .min = 1,
.max = 16,
- .increment = 4
+ .increment = 1
},
.iv_size = {
.min = 12,
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support Chacha20-Poly1305
2020-10-06 10:59 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
@ 2020-10-06 10:59 ` Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2 siblings, 0 replies; 10+ messages in thread
From: Pablo de Lara @ 2020-10-06 10:59 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Add support for Chacha20-Poly1305 AEAD algorithm.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 1 +
doc/guides/cryptodevs/features/aesni_mb.ini | 10 +--
doc/guides/rel_notes/release_20_11.rst | 3 +
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 63 ++++++++++++++++---
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 32 ++++++++++
5 files changed, 97 insertions(+), 12 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 15388d20a..cf7ad5d57 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -54,6 +54,7 @@ AEAD algorithms:
* RTE_CRYPTO_AEAD_AES_CCM
* RTE_CRYPTO_AEAD_AES_GCM
+* RTE_CRYPTO_AEAD_CHACHA20_POLY1305
Protocol offloads:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 38d255aff..2e8305709 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -54,11 +54,11 @@ AES GMAC = Y
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
;
[AEAD]
-AES CCM (128) = Y
-AES GCM (128) = Y
-AES GCM (192) = Y
-AES GCM (256) = Y
-
+AES CCM (128) = Y
+AES GCM (128) = Y
+AES GCM (192) = Y
+AES GCM (256) = Y
+CHACHA20-POLY1305 = Y
;
; Supported Asymmetric algorithms of the 'aesni_mb' crypto driver.
;
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 6d8c24413..f606c9a74 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -210,6 +210,9 @@ API Changes
* bpf: ``RTE_BPF_XTYPE_NUM`` has been dropped from ``rte_bpf_xtype``.
+* **Updated the AESNI MB crypto PMD.**
+
+ * Added support for Chacha20-Poly1305.
ABI Changes
-----------
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index fa364530e..7b4d5f148 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -125,6 +125,18 @@ aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform)
return AESNI_MB_OP_NOT_SUPPORTED;
}
+static inline int
+is_aead_algo(JOB_HASH_ALG hash_alg, JOB_CIPHER_MODE cipher_mode)
+{
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ return (hash_alg == IMB_AUTH_CHACHA20_POLY1305 || hash_alg == AES_CCM ||
+ (hash_alg == AES_GMAC && cipher_mode == GCM));
+#else
+ return ((hash_alg == AES_GMAC && cipher_mode == GCM) ||
+ hash_alg == AES_CCM);
+#endif
+}
+
/** Set session authentication parameters */
static int
aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
@@ -624,6 +636,24 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
}
break;
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case RTE_CRYPTO_AEAD_CHACHA20_POLY1305:
+ sess->cipher.mode = IMB_CIPHER_CHACHA20_POLY1305;
+ sess->auth.algo = IMB_AUTH_CHACHA20_POLY1305;
+
+ if (xform->aead.key.length != 32) {
+ AESNI_MB_LOG(ERR, "Invalid key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 32;
+ memcpy(sess->cipher.expanded_aes_keys.encode,
+ xform->aead.key.data, 32);
+ if (sess->auth.req_digest_len != 16) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ break;
+#endif
default:
AESNI_MB_LOG(ERR, "Unsupported aead mode parameter");
return -ENOTSUP;
@@ -1122,6 +1152,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
/* Set authentication parameters */
job->hash_alg = session->auth.algo;
+ const int aead = is_aead_algo(job->hash_alg, job->cipher_mode);
+
switch (job->hash_alg) {
case AES_XCBC:
job->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded;
@@ -1168,6 +1200,14 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->aes_dec_key_expanded = &session->cipher.gcm_key;
break;
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_CHACHA20_POLY1305:
+ job->u.CHACHA20_POLY1305.aad = op->sym->aead.aad.data;
+ job->u.CHACHA20_POLY1305.aad_len_in_bytes = session->aead.aad_len;
+ job->aes_enc_key_expanded = session->cipher.expanded_aes_keys.encode;
+ job->aes_dec_key_expanded = session->cipher.expanded_aes_keys.encode;
+ break;
+#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
job->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;
@@ -1199,8 +1239,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
oop = 1;
}
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
+ if (aead)
m_offset = op->sym->aead.data.offset;
else
m_offset = op->sym->cipher.data.offset;
@@ -1211,8 +1250,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->auth_tag_output = qp->temp_digests[*digest_idx];
*digest_idx = (*digest_idx + 1) % MAX_JOBS;
} else {
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
+ if (aead)
job->auth_tag_output = op->sym->aead.digest.data;
else
job->auth_tag_output = op->sym->auth.digest.data;
@@ -1272,6 +1310,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
session->iv.offset);
break;
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_CHACHA20_POLY1305:
+ job->cipher_start_src_offset_in_bytes = op->sym->aead.data.offset;
+ job->hash_start_src_offset_in_bytes = op->sym->aead.data.offset;
+ job->msg_len_to_cipher_in_bytes =
+ op->sym->aead.data.length;
+ job->msg_len_to_hash_in_bytes =
+ op->sym->aead.data.length;
+
+ job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->iv.offset);
+ break;
+#endif
default:
job->cipher_start_src_offset_in_bytes =
op->sym->cipher.data.offset;
@@ -1462,9 +1513,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)
break;
if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
- if (job->hash_alg == AES_CCM ||
- (job->hash_alg == AES_GMAC &&
- sess->cipher.mode == GCM))
+ if (is_aead_algo(job->hash_alg, sess->cipher.mode))
verify_digest(job,
op->sym->aead.digest.data,
sess->auth.req_digest_len,
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 3e4282954..3089b0ca4 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -497,6 +497,38 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ { /* CHACHA20-POLY1305 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, \
+ {.aead = { \
+ .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, \
+ .block_size = 64, \
+ .key_size = { \
+ .min = 32, \
+ .max = 32, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 16, \
+ .max = 16, \
+ .increment = 0 \
+ }, \
+ .aad_size = { \
+ .min = 0, \
+ .max = 240, \
+ .increment = 1 \
+ }, \
+ .iv_size = { \
+ .min = 12, \
+ .max = 12, \
+ .increment = 0 \
+ }, \
+ }, } \
+ }, } \
+ },
+#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: fix CCM digest size check
2020-10-06 10:59 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Pablo de Lara
@ 2020-10-09 12:05 ` Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Pablo de Lara
2 siblings, 2 replies; 10+ messages in thread
From: Pablo de Lara @ 2020-10-09 12:05 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara, stable
Digest size for CCM was being checked for other algorithms
apart from CCM.
Fixes: c4c0c312a823 ("crypto/aesni_mb: check for invalid digest size")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
Changes:
This patchset depends on series http://patches.dpdk.org/project/dpdk/list/?series=12820.
-v2 : rebased on top of crypto subtree
---
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 29 +++++++++++-----------
1 file changed, 15 insertions(+), 14 deletions(-)
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 34a39ca99..ba2882d27 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -661,6 +661,14 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -EINVAL;
}
+ /* Set IV parameters */
+ sess->iv.offset = xform->aead.iv.offset;
+ sess->iv.length = xform->aead.iv.length;
+
+ /* Set digest sizes */
+ sess->auth.req_digest_len = xform->aead.digest_length;
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
switch (xform->aead.algo) {
case RTE_CRYPTO_AEAD_AES_CCM:
sess->cipher.mode = CCM;
@@ -679,6 +687,13 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -EINVAL;
}
+ /* CCM digests must be between 4 and 16 and an even number */
+ if (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN ||
+ sess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN ||
+ (sess->auth.req_digest_len & 1) == 1) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
break;
case RTE_CRYPTO_AEAD_AES_GCM:
@@ -713,20 +728,6 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -ENOTSUP;
}
- /* Set IV parameters */
- sess->iv.offset = xform->aead.iv.offset;
- sess->iv.length = xform->aead.iv.length;
-
- sess->auth.req_digest_len = xform->aead.digest_length;
- /* CCM digests must be between 4 and 16 and an even number */
- if (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN ||
- sess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN ||
- (sess->auth.req_digest_len & 1) == 1) {
- AESNI_MB_LOG(ERR, "Invalid digest size\n");
- return -EINVAL;
- }
- sess->auth.gen_digest_len = sess->auth.req_digest_len;
-
return 0;
}
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: fix GCM digest size check
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
@ 2020-10-09 12:05 ` Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Pablo de Lara
1 sibling, 0 replies; 10+ messages in thread
From: Pablo de Lara @ 2020-10-09 12:05 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara, stable
GCM digest sizes should be between 1 and 16 bytes.
Fixes: 7b2d4706c90e ("crypto/aesni_mb: support newer library version only")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
Changes:
This patchset depends on series http://patches.dpdk.org/project/dpdk/list/?series=12820.
-v2 : rebased on top of crypto subtree
---
.../crypto/aesni_mb/aesni_mb_pmd_private.h | 4 ++--
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 22 +++++++++----------
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 8 +++----
3 files changed, 16 insertions(+), 18 deletions(-)
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 9693bf985..7481e1d5e 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -85,7 +85,7 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[AES_CMAC] = 12,
[AES_CCM] = 8,
[NULL_HASH] = 0,
- [AES_GMAC] = 16,
+ [AES_GMAC] = 12,
[PLAIN_SHA1] = 20,
[PLAIN_SHA_224] = 28,
[PLAIN_SHA_256] = 32,
@@ -121,7 +121,7 @@ static const unsigned auth_digest_byte_lengths[] = {
[AES_XCBC] = 16,
[AES_CMAC] = 16,
[AES_CCM] = 16,
- [AES_GMAC] = 12,
+ [AES_GMAC] = 16,
[NULL_HASH] = 0,
[PLAIN_SHA1] = 20,
[PLAIN_SHA_224] = 28,
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index ba2882d27..7dbe40e02 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -213,19 +213,11 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
sess->cipher.direction = DECRYPT;
sess->auth.algo = AES_GMAC;
- /*
- * Multi-buffer lib supports 8, 12 and 16 bytes of digest.
- * If size requested is different, generate the full digest
- * (16 bytes) in a temporary location and then memcpy
- * the requested number of bytes.
- */
- if (sess->auth.req_digest_len != 16 &&
- sess->auth.req_digest_len != 12 &&
- sess->auth.req_digest_len != 8) {
- sess->auth.gen_digest_len = 16;
- } else {
- sess->auth.gen_digest_len = sess->auth.req_digest_len;
+ if (sess->auth.req_digest_len > get_digest_byte_length(AES_GMAC)) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
}
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
sess->iv.length = xform->auth.iv.length;
sess->iv.offset = xform->auth.iv.offset;
@@ -721,6 +713,12 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -EINVAL;
}
+ /* GCM digest size must be between 1 and 16 */
+ if (sess->auth.req_digest_len == 0 ||
+ sess->auth.req_digest_len > 16) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
break;
default:
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 0f74be126..dc2238191 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -455,9 +455,9 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
.increment = 8
},
.digest_size = {
- .min = 8,
+ .min = 1,
.max = 16,
- .increment = 4
+ .increment = 1
},
.aad_size = {
.min = 0,
@@ -485,9 +485,9 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
.increment = 8
},
.digest_size = {
- .min = 8,
+ .min = 1,
.max = 16,
- .increment = 4
+ .increment = 1
},
.iv_size = {
.min = 12,
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
@ 2020-10-09 12:05 ` Pablo de Lara
2020-10-09 13:32 ` Akhil Goyal
1 sibling, 1 reply; 10+ messages in thread
From: Pablo de Lara @ 2020-10-09 12:05 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Add support for Chacha20-Poly1305 AEAD algorithm.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
Changes:
This patchset depends on series http://patches.dpdk.org/project/dpdk/list/?series=12820.
-v2 : rebased on top of crypto subtree
---
doc/guides/cryptodevs/aesni_mb.rst | 1 +
doc/guides/cryptodevs/features/aesni_mb.ini | 10 +--
doc/guides/rel_notes/release_20_11.rst | 1 +
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 63 ++++++++++++++++---
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 32 ++++++++++
5 files changed, 95 insertions(+), 12 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index abc10fbda..2ff264937 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -63,6 +63,7 @@ AEAD algorithms:
* RTE_CRYPTO_AEAD_AES_CCM
* RTE_CRYPTO_AEAD_AES_GCM
+* RTE_CRYPTO_AEAD_CHACHA20_POLY1305
Protocol offloads:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 356139d46..f391c3f38 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -63,11 +63,11 @@ KASUMI F9 = Y
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
;
[AEAD]
-AES CCM (128) = Y
-AES GCM (128) = Y
-AES GCM (192) = Y
-AES GCM (256) = Y
-
+AES CCM (128) = Y
+AES GCM (128) = Y
+AES GCM (192) = Y
+AES GCM (256) = Y
+CHACHA20-POLY1305 = Y
;
; Supported Asymmetric algorithms of the 'aesni_mb' crypto driver.
;
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 55f60ecfd..0e0b741b3 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -80,6 +80,7 @@ New Features
* Added support for ZUC-EEA3/EIA3 algorithms.
* Added support for SNOW3G-UEA2/UIA2 algorithms.
* Added support for KASUMI-F8/F9 algorithms.
+ * Added support for Chacha20-Poly1305.
* **Updated the aesni_gcm crypto PMD.**
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 7dbe40e02..42c23201a 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -125,6 +125,18 @@ aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform)
return AESNI_MB_OP_NOT_SUPPORTED;
}
+static inline int
+is_aead_algo(JOB_HASH_ALG hash_alg, JOB_CIPHER_MODE cipher_mode)
+{
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ return (hash_alg == IMB_AUTH_CHACHA20_POLY1305 || hash_alg == AES_CCM ||
+ (hash_alg == AES_GMAC && cipher_mode == GCM));
+#else
+ return ((hash_alg == AES_GMAC && cipher_mode == GCM) ||
+ hash_alg == AES_CCM);
+#endif
+}
+
/** Set session authentication parameters */
static int
aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
@@ -721,6 +733,24 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
}
break;
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case RTE_CRYPTO_AEAD_CHACHA20_POLY1305:
+ sess->cipher.mode = IMB_CIPHER_CHACHA20_POLY1305;
+ sess->auth.algo = IMB_AUTH_CHACHA20_POLY1305;
+
+ if (xform->aead.key.length != 32) {
+ AESNI_MB_LOG(ERR, "Invalid key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 32;
+ memcpy(sess->cipher.expanded_aes_keys.encode,
+ xform->aead.key.data, 32);
+ if (sess->auth.req_digest_len != 16) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ break;
+#endif
default:
AESNI_MB_LOG(ERR, "Unsupported aead mode parameter");
return -ENOTSUP;
@@ -1220,6 +1250,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
/* Set authentication parameters */
job->hash_alg = session->auth.algo;
+ const int aead = is_aead_algo(job->hash_alg, job->cipher_mode);
+
switch (job->hash_alg) {
case AES_XCBC:
job->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded;
@@ -1279,6 +1311,14 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
case IMB_AUTH_KASUMI_UIA1:
job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth;
break;
+#endif
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_CHACHA20_POLY1305:
+ job->u.CHACHA20_POLY1305.aad = op->sym->aead.aad.data;
+ job->u.CHACHA20_POLY1305.aad_len_in_bytes = session->aead.aad_len;
+ job->aes_enc_key_expanded = session->cipher.expanded_aes_keys.encode;
+ job->aes_dec_key_expanded = session->cipher.expanded_aes_keys.encode;
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1297,8 +1337,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
+ if (aead)
m_offset = op->sym->aead.data.offset;
else
m_offset = op->sym->cipher.data.offset;
@@ -1336,8 +1375,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->auth_tag_output = qp->temp_digests[*digest_idx];
*digest_idx = (*digest_idx + 1) % MAX_JOBS;
} else {
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
+ if (aead)
job->auth_tag_output = op->sym->aead.digest.data;
else
job->auth_tag_output = op->sym->auth.digest.data;
@@ -1397,6 +1435,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
session->iv.offset);
break;
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_CHACHA20_POLY1305:
+ job->cipher_start_src_offset_in_bytes = op->sym->aead.data.offset;
+ job->hash_start_src_offset_in_bytes = op->sym->aead.data.offset;
+ job->msg_len_to_cipher_in_bytes =
+ op->sym->aead.data.length;
+ job->msg_len_to_hash_in_bytes =
+ op->sym->aead.data.length;
+
+ job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->iv.offset);
+ break;
+#endif
default:
/* For SNOW3G, length and offsets are already in bits */
job->cipher_start_src_offset_in_bytes =
@@ -1595,9 +1646,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)
break;
if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
- if (job->hash_alg == AES_CCM ||
- (job->hash_alg == AES_GMAC &&
- sess->cipher.mode == GCM))
+ if (is_aead_algo(job->hash_alg, sess->cipher.mode))
verify_digest(job,
op->sym->aead.digest.data,
sess->auth.req_digest_len,
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index dc2238191..e8cb57ea9 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -647,6 +647,38 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+#endif
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ { /* CHACHA20-POLY1305 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, \
+ {.aead = { \
+ .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, \
+ .block_size = 64, \
+ .key_size = { \
+ .min = 32, \
+ .max = 32, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 16, \
+ .max = 16, \
+ .increment = 0 \
+ }, \
+ .aad_size = { \
+ .min = 0, \
+ .max = 240, \
+ .increment = 1 \
+ }, \
+ .iv_size = { \
+ .min = 12, \
+ .max = 12, \
+ .increment = 0 \
+ }, \
+ }, } \
+ }, } \
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Pablo de Lara
@ 2020-10-09 13:32 ` Akhil Goyal
2020-10-09 18:33 ` De Lara Guarch, Pablo
0 siblings, 1 reply; 10+ messages in thread
From: Akhil Goyal @ 2020-10-09 13:32 UTC (permalink / raw)
To: Pablo de Lara, declan.doherty; +Cc: dev
> +#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
> + { /* CHACHA20-POLY1305 */
> \
> + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> \
> + {.sym = { \
> + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
> \
> + {.aead = { \
> + .algo =
> RTE_CRYPTO_AEAD_CHACHA20_POLY1305, \
> + .block_size = 64, \
> + .key_size = { \
> + .min = 32, \
> + .max = 32, \
> + .increment = 0 \
> + }, \
> + .digest_size = { \
> + .min = 16, \
> + .max = 16, \
> + .increment = 0 \
> + }, \
> + .aad_size = { \
> + .min = 0, \
> + .max = 240, \
> + .increment = 1 \
> + }, \
> + .iv_size = { \
> + .min = 12, \
> + .max = 12, \
> + .increment = 0 \
> + }, \
> + }, } \
> + }, } \
> + },
> #endif
> RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
> };
These line breaks are not needed. Rest of the caps are also not having it.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305
2020-10-09 13:32 ` Akhil Goyal
@ 2020-10-09 18:33 ` De Lara Guarch, Pablo
2020-10-09 18:51 ` Akhil Goyal
0 siblings, 1 reply; 10+ messages in thread
From: De Lara Guarch, Pablo @ 2020-10-09 18:33 UTC (permalink / raw)
To: Akhil Goyal, Doherty, Declan; +Cc: dev
Hi Akhil,
> -----Original Message-----
> From: Akhil Goyal <akhil.goyal@nxp.com>
> Sent: Friday, October 9, 2020 2:33 PM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Doherty, Declan
> <declan.doherty@intel.com>
> Cc: dev@dpdk.org
> Subject: RE: [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-
> Poly1305
>
> > +#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
> > + { /* CHACHA20-POLY1305 */
> > \
> > + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> > \
> > + {.sym = { \
> > + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
> > \
> > + {.aead = { \
> > + .algo =
> > RTE_CRYPTO_AEAD_CHACHA20_POLY1305, \
> > + .block_size = 64, \
> > + .key_size = { \
> > + .min = 32, \
> > + .max = 32, \
> > + .increment = 0 \
> > + }, \
> > + .digest_size = { \
> > + .min = 16, \
> > + .max = 16, \
> > + .increment = 0 \
> > + }, \
> > + .aad_size = { \
> > + .min = 0, \
> > + .max = 240, \
> > + .increment = 1 \
> > + }, \
> > + .iv_size = { \
> > + .min = 12, \
> > + .max = 12, \
> > + .increment = 0 \
> > + }, \
> > + }, } \
> > + }, } \
> > + },
> > #endif
> > RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
> > };
>
> These line breaks are not needed. Rest of the caps are also not having it.
You are right, sorry. I got this from QAT PMD and I forgot to remove these line breaks.
Can you remove them when applying it?
Thanks!
Pablo
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305
2020-10-09 18:33 ` De Lara Guarch, Pablo
@ 2020-10-09 18:51 ` Akhil Goyal
2020-10-12 14:59 ` Akhil Goyal
0 siblings, 1 reply; 10+ messages in thread
From: Akhil Goyal @ 2020-10-09 18:51 UTC (permalink / raw)
To: De Lara Guarch, Pablo, Doherty, Declan; +Cc: dev
>
> You are right, sorry. I got this from QAT PMD and I forgot to remove these line
> breaks.
> Can you remove them when applying it?
>
Ok will do that.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305
2020-10-09 18:51 ` Akhil Goyal
@ 2020-10-12 14:59 ` Akhil Goyal
0 siblings, 0 replies; 10+ messages in thread
From: Akhil Goyal @ 2020-10-12 14:59 UTC (permalink / raw)
To: Akhil Goyal, De Lara Guarch, Pablo, Doherty, Declan; +Cc: dev
> >
> > You are right, sorry. I got this from QAT PMD and I forgot to remove these line
> > breaks.
> > Can you remove them when applying it?
> >
> Ok will do that.
Fixed and series applied to dpdk-next-crypto
Thanks.
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2020-10-12 14:59 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-06 10:59 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Pablo de Lara
2020-10-09 13:32 ` Akhil Goyal
2020-10-09 18:33 ` De Lara Guarch, Pablo
2020-10-09 18:51 ` Akhil Goyal
2020-10-12 14:59 ` Akhil Goyal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).