From: Tejasree Kondoj <ktejasree@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>
Cc: Volodymyr Fialko <vfialko@marvell.com>,
Anoob Joseph <anoobj@marvell.com>,
Vidya Sagar Velumuri <vvelumuri@marvell.com>,
Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>,
Aakash Sasidharan <asasidharan@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 10/17] crypto/cnxk: add support for SHA3 hash
Date: Tue, 20 Dec 2022 20:02:25 +0530 [thread overview]
Message-ID: <20221220143232.2519650-11-ktejasree@marvell.com> (raw)
In-Reply-To: <20221220143232.2519650-1-ktejasree@marvell.com>
From: Volodymyr Fialko <vfialko@marvell.com>
Add support for SHA3 family hash and hmac operations.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
---
doc/guides/cryptodevs/cnxk.rst | 8 +
doc/guides/cryptodevs/features/cn10k.ini | 8 +
doc/guides/cryptodevs/features/cn9k.ini | 8 +
drivers/crypto/cnxk/cnxk_cryptodev.h | 2 +-
.../crypto/cnxk/cnxk_cryptodev_capabilities.c | 164 ++++++++++++++++++
drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 2 +-
drivers/crypto/cnxk/cnxk_se.h | 33 +++-
7 files changed, 222 insertions(+), 3 deletions(-)
diff --git a/doc/guides/cryptodevs/cnxk.rst b/doc/guides/cryptodevs/cnxk.rst
index baf0e3c4fd..9b01e04e5f 100644
--- a/doc/guides/cryptodevs/cnxk.rst
+++ b/doc/guides/cryptodevs/cnxk.rst
@@ -59,6 +59,14 @@ Hash algorithms:
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_224``
+* ``RTE_CRYPTO_AUTH_SHA3_224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_256``
+* ``RTE_CRYPTO_AUTH_SHA3_256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_384``
+* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_512``
+* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
* ``RTE_CRYPTO_AUTH_SNOW3G_UIA2``
* ``RTE_CRYPTO_AUTH_ZUC_EIA3``
* ``RTE_CRYPTO_AUTH_AES_CMAC``
diff --git a/doc/guides/cryptodevs/features/cn10k.ini b/doc/guides/cryptodevs/features/cn10k.ini
index 6e4e0e0095..44b61663fc 100644
--- a/doc/guides/cryptodevs/features/cn10k.ini
+++ b/doc/guides/cryptodevs/features/cn10k.ini
@@ -63,6 +63,14 @@ ZUC EIA3 = Y
AES CMAC (128) = Y
AES CMAC (192) = Y
AES CMAC (256) = Y
+SHA3_224 = Y
+SHA3_224 HMAC = Y
+SHA3_256 = Y
+SHA3_256 HMAC = Y
+SHA3_384 = Y
+SHA3_384 HMAC = Y
+SHA3_512 = Y
+SHA3_512 HMAC = Y
;
; Supported AEAD algorithms of 'cn10k' crypto driver.
diff --git a/doc/guides/cryptodevs/features/cn9k.ini b/doc/guides/cryptodevs/features/cn9k.ini
index f9c896f6bd..e7b287db26 100644
--- a/doc/guides/cryptodevs/features/cn9k.ini
+++ b/doc/guides/cryptodevs/features/cn9k.ini
@@ -64,6 +64,14 @@ ZUC EIA3 = Y
AES CMAC (128) = Y
AES CMAC (192) = Y
AES CMAC (256) = Y
+SHA3_224 = Y
+SHA3_224 HMAC = Y
+SHA3_256 = Y
+SHA3_256 HMAC = Y
+SHA3_384 = Y
+SHA3_384 HMAC = Y
+SHA3_512 = Y
+SHA3_512 HMAC = Y
;
; Supported AEAD algorithms of 'cn9k' crypto driver.
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h b/drivers/crypto/cnxk/cnxk_cryptodev.h
index 48bd6e144c..8241ee67d0 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev.h
+++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
@@ -10,7 +10,7 @@
#include "roc_cpt.h"
-#define CNXK_CPT_MAX_CAPS 37
+#define CNXK_CPT_MAX_CAPS 45
#define CNXK_SEC_CRYPTO_MAX_CAPS 16
#define CNXK_SEC_MAX_CAPS 9
#define CNXK_AE_EC_ID_MAX 8
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
index 9dfbf875ec..b2197a12be 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
@@ -337,6 +337,169 @@ static const struct rte_cryptodev_capabilities caps_sha1_sha2[] = {
},
};
+static const struct rte_cryptodev_capabilities caps_sha3[] = {
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 1024,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 1024,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 0
+ },
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 1024,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 1024,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
+};
+
static const struct rte_cryptodev_capabilities caps_chacha20[] = {
{ /* Chacha20-Poly1305 */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
@@ -1265,6 +1428,7 @@ crypto_caps_populate(struct rte_cryptodev_capabilities cnxk_caps[],
CPT_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, mul);
CPT_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, sha1_sha2);
+ CPT_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, sha3);
CPT_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, chacha20);
CPT_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, zuc_snow3g);
CPT_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, aes);
diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
index eb2ed0d103..92e8755671 100644
--- a/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
+++ b/drivers/crypto/cnxk/cnxk_cryptodev_ops.c
@@ -627,7 +627,7 @@ cnxk_cpt_inst_w7_get(struct cnxk_se_sess *sess, struct roc_cpt *roc_cpt)
inst_w7.s.cptr = (uint64_t)&sess->roc_se_ctx.se_ctx;
/* Set the engine group */
- if (sess->zsk_flag || sess->aes_ctr_eea2)
+ if (sess->zsk_flag || sess->aes_ctr_eea2 || sess->is_sha3)
inst_w7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_SE];
else
inst_w7.s.egrp = roc_cpt->eng_grp[CPT_ENG_TYPE_IE];
diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index 88049ac431..092cdd88e7 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -39,6 +39,8 @@ struct cnxk_se_sess {
uint16_t zs_auth : 4;
uint16_t dp_thr_type : 8;
uint16_t aad_length;
+ uint8_t is_sha3 : 1;
+ uint8_t rsvd : 7;
uint8_t mac_len;
uint8_t iv_length;
uint8_t auth_iv_length;
@@ -163,18 +165,26 @@ cpt_mac_len_verify(struct rte_crypto_auth_xform *auth)
break;
case RTE_CRYPTO_AUTH_SHA224:
case RTE_CRYPTO_AUTH_SHA224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
ret = (mac_len <= 28) ? 0 : -1;
break;
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
ret = (mac_len <= 32) ? 0 : -1;
break;
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
ret = (mac_len <= 48) ? 0 : -1;
break;
case RTE_CRYPTO_AUTH_SHA512:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
ret = (mac_len <= 64) ? 0 : -1;
break;
case RTE_CRYPTO_AUTH_NULL:
@@ -1848,7 +1858,7 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
static __rte_always_inline int
fill_sess_auth(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
{
- uint8_t zsk_flag = 0, zs_auth = 0, aes_gcm = 0, is_null = 0;
+ uint8_t zsk_flag = 0, zs_auth = 0, aes_gcm = 0, is_null = 0, is_sha3 = 0;
struct rte_crypto_auth_xform *a_form;
roc_se_auth_type auth_type = 0; /* NULL Auth type */
@@ -1900,6 +1910,26 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
case RTE_CRYPTO_AUTH_SHA384:
auth_type = ROC_SE_SHA2_SHA384;
break;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ is_sha3 = 1;
+ auth_type = ROC_SE_SHA3_SHA224;
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ is_sha3 = 1;
+ auth_type = ROC_SE_SHA3_SHA256;
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ is_sha3 = 1;
+ auth_type = ROC_SE_SHA3_SHA384;
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ is_sha3 = 1;
+ auth_type = ROC_SE_SHA3_SHA512;
+ break;
case RTE_CRYPTO_AUTH_MD5_HMAC:
case RTE_CRYPTO_AUTH_MD5:
auth_type = ROC_SE_MD5_TYPE;
@@ -1959,6 +1989,7 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
sess->aes_gcm = aes_gcm;
sess->mac_len = a_form->digest_length;
sess->is_null = is_null;
+ sess->is_sha3 = is_sha3;
if (zsk_flag) {
sess->auth_iv_offset = a_form->iv.offset;
sess->auth_iv_length = a_form->iv.length;
--
2.25.1
next prev parent reply other threads:[~2022-12-20 14:33 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-20 14:32 [PATCH 00/17] fixes and improvements to cnxk crytpo PMD Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 01/17] common/cnxk: perform LF fini ops only when allocated Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 02/17] common/cnxk: generate opad and ipad in driver Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 03/17] crypto/cnxk: update resp len calculation for IPv6 Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 04/17] crypto/cnxk: add context to passthrough instruction Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 05/17] crypto/cnxk: support truncated digest length Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 06/17] crypto/cnxk: add queue pair check to meta set Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 07/17] crypto/cnxk: update crypto completion code handling Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 08/17] crypto/cnxk: fix incorrect digest for an empty input data Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 09/17] crypto/cnxk: add CN9K IPsec SG support Tejasree Kondoj
2022-12-20 14:32 ` Tejasree Kondoj [this message]
2022-12-20 14:32 ` [PATCH 11/17] common/cnxk: skip hmac hash precomputation Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 12/17] crypto/octeontx: support truncated digest size Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 13/17] crypto/cnxk: set device ops to null in PCI remove Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 14/17] crypto/cnxk: add CTX for non IPsec operations Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 15/17] crypto/cnxk: set salt in dptr as part of IV Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 16/17] crypto/cnxk: remove null check of session priv Tejasree Kondoj
2022-12-20 14:32 ` [PATCH 17/17] common/cnxk: remove salt from session Tejasree Kondoj
2023-01-04 10:11 ` [PATCH 00/17] fixes and improvements to cnxk crytpo PMD Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221220143232.2519650-11-ktejasree@marvell.com \
--to=ktejasree@marvell.com \
--cc=anoobj@marvell.com \
--cc=asasidharan@marvell.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=gmuthukrishn@marvell.com \
--cc=vfialko@marvell.com \
--cc=vvelumuri@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).