From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9551E42C4E; Wed, 7 Jun 2023 17:29:44 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A39EF410F6; Wed, 7 Jun 2023 17:29:00 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 2EF9E42DAE for ; Wed, 7 Jun 2023 17:28:59 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 357Dvl02028208; Wed, 7 Jun 2023 08:28:58 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=4wAwKucXXIiMH+9uVbJloxzIuXgg9/Uyjh30Pg/Se3M=; b=AcrHRFdszsL87ZYIqCNaA3oJOpquOMYLGElDromFT4B+kS/rVS/wlcFV9giuEYKThyiN Ti3cFIUU9AcsNT5OIQHpMm7xWe4OZRq9dj/n+xUIGmJT6PpzmSrqmwMYYZ9ulxAmkRQA CLhT1BfQOClDav/AVaV8KGqJvTFWAIKq6DOMD6i7wW9rLVRGvJ5K7RDWM8XPCoBJqYoY ro5y6M9Ja/RBqz62jca8C7fkGkLmZvH+5Vx2UfJseMU7OWrOmFYo42SC0lKqbU2IXhQx 2w5+8Hj3s9pZZ15y92xWy00CxS587Ks4O81ZOQPWAhczoLMCi04nicRhukMQQLpp0qPg Gg== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3r2a7bv7xj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 07 Jun 2023 08:28:58 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 7 Jun 2023 08:28:56 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Wed, 7 Jun 2023 08:28:56 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 43C3A3F708C; Wed, 7 Jun 2023 08:28:54 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , Akhil Goyal Subject: [PATCH v2 11/15] common/cnxk: derive hash key for MACsec Date: Wed, 7 Jun 2023 20:58:15 +0530 Message-ID: <20230607152819.226838-12-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230607152819.226838-1-gakhil@marvell.com> References: <20230523200401.1945974-1-gakhil@marvell.com> <20230607152819.226838-1-gakhil@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: a5MU9FJoIC5QAwZwiyKEB_672Dqf3jZZ X-Proofpoint-GUID: a5MU9FJoIC5QAwZwiyKEB_672Dqf3jZZ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26 definitions=2023-06-07_07,2023-06-07_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org MACsec hardware configuration need hash key to be generated from the cipher key of AES-GCM-128/256. Added an ROC API to derive the hash key and extend the case for AES-256 as well. Signed-off-by: Akhil Goyal --- drivers/common/cnxk/roc_aes.c | 86 ++++++++++++++++++++++----------- drivers/common/cnxk/roc_aes.h | 4 +- drivers/common/cnxk/version.map | 1 + 3 files changed, 60 insertions(+), 31 deletions(-) diff --git a/drivers/common/cnxk/roc_aes.c b/drivers/common/cnxk/roc_aes.c index f821c8b710..d84feb546a 100644 --- a/drivers/common/cnxk/roc_aes.c +++ b/drivers/common/cnxk/roc_aes.c @@ -4,9 +4,10 @@ #include "roc_api.h" -#define KEY_WORD_LEN (ROC_CPT_AES_XCBC_KEY_LENGTH / sizeof(uint32_t)) -#define KEY_ROUNDS 10 /* (Nr+1)*Nb */ -#define KEY_SCHEDULE_LEN ((KEY_ROUNDS + 1) * 4) /* (Nr+1)*Nb words */ +#define KEY128_ROUNDS 10 /* (Nr+1)*Nb */ +#define KEY256_ROUNDS 14 /* (Nr+1)*Nb */ +#define KEY_SCHEDULE_LEN(nr) ((nr + 1) * 4) /* (Nr+1)*Nb words */ +#define AES_HASH_KEY_LEN 16 /* * AES 128 implementation based on NIST FIPS 197 suitable for LittleEndian @@ -93,22 +94,30 @@ GF8mul(uint8_t byte, uint32_t mp) } static void -aes_key_expand(const uint8_t *key, uint32_t *ks) +aes_key_expand(const uint8_t *key, uint32_t len, uint32_t *ks) { - unsigned int i = 4; + uint32_t len_words = len / sizeof(uint32_t); + unsigned int schedule_len; + unsigned int i = len_words; uint32_t temp; + schedule_len = (len == ROC_CPT_AES128_KEY_LEN) ? KEY_SCHEDULE_LEN(KEY128_ROUNDS) : + KEY_SCHEDULE_LEN(KEY256_ROUNDS); /* Skip key in ks */ - memcpy(ks, key, KEY_WORD_LEN * sizeof(uint32_t)); + memcpy(ks, key, len); - while (i < KEY_SCHEDULE_LEN) { + while (i < schedule_len) { temp = ks[i - 1]; - if ((i & 0x3) == 0) { + if ((i & (len_words - 1)) == 0) { temp = rot_word(temp); temp = sub_word(temp); - temp ^= (uint32_t)GF8mul(1, 1 << ((i >> 2) - 1)); + temp ^= (uint32_t)GF8mul(1, 1 << ((i / len_words) - 1)); } - ks[i] = ks[i - 4] ^ temp; + if (len == ROC_CPT_AES256_KEY_LEN) { + if ((i % len_words) == 4) + temp = sub_word(temp); + } + ks[i] = ks[i - len_words] ^ temp; i++; } } @@ -145,64 +154,83 @@ mix_columns(uint8_t *sRc) } static void -cipher(uint8_t *in, uint8_t *out, uint32_t *ks) +cipher(uint8_t *in, uint8_t *out, uint32_t *ks, uint32_t key_rounds, uint8_t in_len) { - uint32_t state[KEY_WORD_LEN]; + uint8_t data_word_len = in_len / sizeof(uint32_t); + uint32_t state[data_word_len]; unsigned int i, round; memcpy(state, in, sizeof(state)); /* AddRoundKey(state, w[0, Nb-1]) // See Sec. 5.1.4 */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) state[i] ^= ks[i]; - for (round = 1; round < KEY_ROUNDS; round++) { + for (round = 1; round < key_rounds; round++) { /* SubBytes(state) // See Sec. 5.1.1 */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) state[i] = sub_word(state[i]); /* ShiftRows(state) // See Sec. 5.1.2 */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) shift_word((uint8_t *)state, i, i); /* MixColumns(state) // See Sec. 5.1.3 */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) mix_columns((uint8_t *)&state[i]); /* AddRoundKey(state, w[round*Nb, (round+1)*Nb-1]) */ - for (i = 0; i < KEY_WORD_LEN; i++) - state[i] ^= ks[round * 4 + i]; + for (i = 0; i < data_word_len; i++) + state[i] ^= ks[round * data_word_len + i]; } /* SubBytes(state) */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) state[i] = sub_word(state[i]); /* ShiftRows(state) */ - for (i = 0; i < KEY_WORD_LEN; i++) + for (i = 0; i < data_word_len; i++) shift_word((uint8_t *)state, i, i); /* AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1]) */ - for (i = 0; i < KEY_WORD_LEN; i++) - state[i] ^= ks[KEY_ROUNDS * 4 + i]; - memcpy(out, state, KEY_WORD_LEN * sizeof(uint32_t)); + for (i = 0; i < data_word_len; i++) + state[i] ^= ks[key_rounds * data_word_len + i]; + memcpy(out, state, data_word_len * sizeof(uint32_t)); } void roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key) { - uint32_t aes_ks[KEY_SCHEDULE_LEN] = {0}; + uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY128_ROUNDS)] = {0}; uint8_t k1[16] = {[0 ... 15] = 0x01}; uint8_t k2[16] = {[0 ... 15] = 0x02}; uint8_t k3[16] = {[0 ... 15] = 0x03}; - aes_key_expand(auth_key, aes_ks); + aes_key_expand(auth_key, ROC_CPT_AES_XCBC_KEY_LENGTH, aes_ks); - cipher(k1, derived_key, aes_ks); + cipher(k1, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k1)); derived_key += sizeof(k1); - cipher(k2, derived_key, aes_ks); + cipher(k2, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k2)); derived_key += sizeof(k2); - cipher(k3, derived_key, aes_ks); + cipher(k3, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k3)); +} + +void +roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t hash_key[]) +{ + uint8_t data[AES_HASH_KEY_LEN] = {0x0}; + + if (len == ROC_CPT_AES128_KEY_LEN) { + uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY128_ROUNDS)] = {0}; + + aes_key_expand(key, ROC_CPT_AES128_KEY_LEN, aes_ks); + cipher(data, hash_key, aes_ks, KEY128_ROUNDS, sizeof(data)); + } else { + uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY256_ROUNDS)] = {0}; + + aes_key_expand(key, ROC_CPT_AES256_KEY_LEN, aes_ks); + cipher(data, hash_key, aes_ks, KEY256_ROUNDS, sizeof(data)); + } } diff --git a/drivers/common/cnxk/roc_aes.h b/drivers/common/cnxk/roc_aes.h index 954039139f..3b4b921bcd 100644 --- a/drivers/common/cnxk/roc_aes.h +++ b/drivers/common/cnxk/roc_aes.h @@ -8,7 +8,7 @@ /* * Derive k1, k2, k3 from 128 bit AES key */ -void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key, - uint8_t *derived_key); +void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key); +void __roc_api roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t *hash_key); #endif /* _ROC_AES_H_ */ diff --git a/drivers/common/cnxk/version.map b/drivers/common/cnxk/version.map index 914d0d2caa..8c71497df8 100644 --- a/drivers/common/cnxk/version.map +++ b/drivers/common/cnxk/version.map @@ -30,6 +30,7 @@ INTERNAL { roc_ae_ec_grp_put; roc_ae_fpm_get; roc_ae_fpm_put; + roc_aes_hash_key_derive; roc_aes_xcbc_key_derive; roc_bphy_cgx_cpri_mode_change; roc_bphy_cgx_cpri_mode_misc; -- 2.25.1