From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id ABDE2A04BC;
	Fri,  9 Oct 2020 13:30:23 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id B72971D52C;
	Fri,  9 Oct 2020 13:30:02 +0200 (CEST)
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 by dpdk.org (Postfix) with ESMTP id 2539C1D528
 for <dev@dpdk.org>; Fri,  9 Oct 2020 13:30:01 +0200 (CEST)
IronPort-SDR: nAm/xdZvJt3fjqBeO26wfo2X8ODXvW66cEW/UIAabfcpg5LZJfEbXJkUXBCiejhSlk+JZG1cJt
 ya+TEXpZo5hg==
X-IronPort-AV: E=McAfee;i="6000,8403,9768"; a="229657311"
X-IronPort-AV: E=Sophos;i="5.77,354,1596524400"; d="scan'208";a="229657311"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga001.jf.intel.com ([10.7.209.18])
 by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Oct 2020 04:30:00 -0700
IronPort-SDR: dlDJuUsFzElcA8A5lFDI+ZRsQFTRJugIrtdqFfkGkwdld2jLYQPCE0+H/8o7mhvWKdHCKkLTq4
 ZTGJa4lWQ4RQ==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.77,354,1596524400"; d="scan'208";a="389099639"
Received: from silpixa00399593.ir.intel.com (HELO
 silpixa00399593.ger.corp.intel.com) ([10.237.223.27])
 by orsmga001.jf.intel.com with ESMTP; 09 Oct 2020 04:29:59 -0700
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: declan.doherty@intel.com
Cc: dev@dpdk.org,
	Pablo de Lara <pablo.de.lara.guarch@intel.com>
Date: Fri,  9 Oct 2020 11:29:53 +0000
Message-Id: <20201009112954.189064-2-pablo.de.lara.guarch@intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20201009112954.189064-1-pablo.de.lara.guarch@intel.com>
References: <20200921114508.275079-1-pablo.de.lara.guarch@intel.com>
 <20201009112954.189064-1-pablo.de.lara.guarch@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: [dpdk-dev] [PATCH v5 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Add support for SNOW3G-UEA2/UIA2 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---

v5:
- Rebased on top of crypto subtree

v3/v4:
- Fixed compilation when intel-ipsec-mb version is lower than 0.54

v2:
- Added commit description

---

 doc/guides/cryptodevs/aesni_mb.rst            |  2 +
 doc/guides/cryptodevs/features/aesni_mb.ini   |  2 +
 doc/guides/rel_notes/release_20_11.rst        |  1 +
 .../crypto/aesni_mb/aesni_mb_pmd_private.h    | 17 +++++--
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c    | 47 ++++++++++++++++---
 .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c    | 45 ++++++++++++++++++
 6 files changed, 105 insertions(+), 9 deletions(-)

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 9d34803df..18631f6db 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -36,6 +36,7 @@ Cipher algorithms:
 * RTE_CRYPTO_CIPHER_AES192_ECB
 * RTE_CRYPTO_CIPHER_AES256_ECB
 * RTE_CRYPTO_CIPHER_ZUC_EEA3
+* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
 
 Hash algorithms:
 
@@ -54,6 +55,7 @@ Hash algorithms:
 * RTE_CRYPTO_AUTH_SHA384
 * RTE_CRYPTO_AUTH_SHA512
 * RTE_CRYPTO_AUTH_ZUC_EIA3
+* RTE_CRYPTO_AUTH_SNOW3G_UIA2
 
 AEAD algorithms:
 
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 1b5c2bea2..ea37a6a58 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -34,6 +34,7 @@ AES ECB (128)  = Y
 AES ECB (192)  = Y
 AES ECB (256)  = Y
 ZUC EEA3       = Y
+SNOW3G UEA2    = Y
 
 ;
 ; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -54,6 +55,7 @@ AES XCBC MAC = Y
 AES CMAC (128)  = Y
 AES GMAC     = Y
 ZUC EIA3     = Y
+SNOW3G UIA2  = Y
 
 ;
 ; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 512e98993..da2fe9e44 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -78,6 +78,7 @@ New Features
 
   * Added support for AES-ECB 128, 192 and 256.
   * Added support for ZUC-EEA3/EIA3 algorithms.
+  * Added support for SNOW3G-UEA2/UIA2 algorithms.
 
 * **Added Intel ACC100 bbdev PMD.**
 
diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 601ab9a40..85039dbf2 100644
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -56,7 +56,8 @@ static const unsigned auth_blocksize[] = {
 		[PLAIN_SHA_384]			= 128,
 		[PLAIN_SHA_512]			= 128,
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
-		[IMB_AUTH_ZUC_EIA3_BITLEN]	= 16
+		[IMB_AUTH_ZUC_EIA3_BITLEN]	= 16,
+		[IMB_AUTH_SNOW3G_UIA2_BITLEN]	= 16
 #endif
 };
 
@@ -90,7 +91,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
 		[PLAIN_SHA_384]			= 48,
 		[PLAIN_SHA_512]			= 64,
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
-		[IMB_AUTH_ZUC_EIA3_BITLEN]	= 4
+		[IMB_AUTH_ZUC_EIA3_BITLEN]	= 4,
+		[IMB_AUTH_SNOW3G_UIA2_BITLEN]	= 4
 #endif
 };
 
@@ -125,7 +127,8 @@ static const unsigned auth_digest_byte_lengths[] = {
 		[PLAIN_SHA_384]			= 48,
 		[PLAIN_SHA_512]			= 64,
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
-		[IMB_AUTH_ZUC_EIA3_BITLEN]	= 4
+		[IMB_AUTH_ZUC_EIA3_BITLEN]	= 4,
+		[IMB_AUTH_SNOW3G_UIA2_BITLEN]	= 4
 #endif
 	/**< Vector mode dependent pointer table of the multi-buffer APIs */
 
@@ -238,6 +241,10 @@ struct aesni_mb_session {
 			/**< Expanded GCM key */
 			uint8_t zuc_cipher_key[16];
 			/**< ZUC cipher key */
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+			snow3g_key_schedule_t pKeySched_snow3g_cipher;
+			/**< SNOW3G scheduled cipher key */
+#endif
 		};
 	} cipher;
 
@@ -279,6 +286,10 @@ struct aesni_mb_session {
 			/**< Expanded XCBC authentication keys */
 			uint8_t zuc_auth_key[16];
 			/**< ZUC authentication key */
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+			snow3g_key_schedule_t pKeySched_snow3g_auth;
+			/**< SNOW3G scheduled authentication key */
+#endif
 		};
 	/** Generated digest size by the Multi-buffer library */
 	uint16_t gen_digest_len;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index dbd79d5dc..bb917b8ff 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -266,6 +266,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 
 		memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
 		return 0;
+	} else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+		sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
+		uint16_t snow3g_uia2_digest_len =
+			get_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN);
+		if (sess->auth.req_digest_len != snow3g_uia2_digest_len) {
+			AESNI_MB_LOG(ERR, "Invalid digest size\n");
+			return -EINVAL;
+		}
+		sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+		IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
+					&sess->auth.pKeySched_snow3g_auth);
+		return 0;
 	}
 #endif
 
@@ -403,6 +416,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
 	uint8_t is_docsis = 0;
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
 	uint8_t is_zuc = 0;
+	uint8_t is_snow3g = 0;
 #endif
 
 	if (xform == NULL) {
@@ -463,6 +477,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
 		sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
 		is_zuc = 1;
 		break;
+	case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+		sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
+		is_snow3g = 1;
+		break;
 #endif
 	default:
 		AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -571,6 +589,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
 		sess->cipher.key_length_in_bytes = 16;
 		memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
 			16);
+	} else if (is_snow3g) {
+		if (xform->cipher.key.length != 16) {
+			AESNI_MB_LOG(ERR, "Invalid cipher key length");
+			return -EINVAL;
+		}
+		sess->cipher.key_length_in_bytes = 16;
+		IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+					&sess->cipher.pKeySched_snow3g_cipher);
 #endif
 	} else {
 		if (xform->cipher.key.length != 8) {
@@ -1220,6 +1246,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 		job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
 						session->auth_iv.offset);
 		break;
+	case IMB_AUTH_SNOW3G_UIA2_BITLEN:
+		job->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth;
+		job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+						session->auth_iv.offset);
+		break;
 #endif
 	default:
 		job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1238,10 +1269,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 		}
 	}
 
+	if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+			session->cipher.mode == GCM))
+		m_offset = op->sym->aead.data.offset;
+	else
+		m_offset = op->sym->cipher.data.offset;
+
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
 	if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
 		job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
 		job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+	} else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
+		job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
+		m_offset = 0;
 	}
 #endif
 
@@ -1259,12 +1299,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 		oop = 1;
 	}
 
-	if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
-			session->cipher.mode == GCM))
-		m_offset = op->sym->aead.data.offset;
-	else
-		m_offset = op->sym->cipher.data.offset;
-
 	/* Set digest output location */
 	if (job->hash_alg != NULL_HASH &&
 			session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -1333,6 +1367,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
 		break;
 
 	default:
+		/* For SNOW3G, length and offsets are already in bits */
 		job->cipher_start_src_offset_in_bytes =
 				op->sym->cipher.data.offset;
 		job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 0ada3b9e1..2b236b754 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -561,6 +561,51 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* SNOW 3G (UIA2) */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 4,
+					.max = 4,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
+	{	/* SNOW 3G (UEA2) */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
 #endif
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };
-- 
2.25.1