From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 329EE42CA8;
	Tue, 13 Jun 2023 12:21:49 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 0709142D30;
	Tue, 13 Jun 2023 12:20:51 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id A68BE40ED6
 for <dev@dpdk.org>; Tue, 13 Jun 2023 12:20:49 +0200 (CEST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 35D563NY013028; Tue, 13 Jun 2023 03:20:49 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=4wAwKucXXIiMH+9uVbJloxzIuXgg9/Uyjh30Pg/Se3M=;
 b=jUR/O3sIa2BgezL9WcwAV0DTnqzZ4uAEHZhr79enw9tcwwHxAuM8JyZI6VO4XJa2Zfvu
 HAwgIt9wXyqmfCSQONvi/JQiPCpng/zvmlQ2dlE9wDar4scPCxb00G+H3W/YFlZkw7aF
 xOzFWUFu6fy8hHbCEa2chrkarcIQW+i4n3+ihTyJoI5ZJ0ZG8e++gK7AOF12p88pHKd8
 E/hIhQVpltMXmzVvF3f0D3F+WFXOdaZe1sFp9znzRKj8U/nvFg+0DLWEM1wP2dgfVDb3
 yYT2rBNIEx76NiQzzON5gebgMOUw3zvxmKJxdkB4Ol9VUbq9DzB3jK0D5WBJWtZHxzCz ew== 
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3r4rpkfpuw-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
 Tue, 13 Jun 2023 03:20:48 -0700
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48;
 Tue, 13 Jun 2023 03:20:46 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend
 Transport; Tue, 13 Jun 2023 03:20:46 -0700
Received: from localhost.localdomain (unknown [10.28.36.102])
 by maili.marvell.com (Postfix) with ESMTP id 724E53F7091;
 Tue, 13 Jun 2023 03:20:44 -0700 (PDT)
From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
CC: <thomas@monjalon.net>, <david.marchand@redhat.com>,
 <vattunuru@marvell.com>, <jerinj@marvell.com>, <adwivedi@marvell.com>,
 <ndabilpuram@marvell.com>, Akhil Goyal <gakhil@marvell.com>
Subject: [PATCH v4 11/15] common/cnxk: derive hash key for MACsec
Date: Tue, 13 Jun 2023 15:50:05 +0530
Message-ID: <20230613102009.2390568-12-gakhil@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20230613102009.2390568-1-gakhil@marvell.com>
References: <20230613071614.2259604-1-gakhil@marvell.com>
 <20230613102009.2390568-1-gakhil@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-ORIG-GUID: addbZDdrXRjgTNUJKameGoBVSmxiN63a
X-Proofpoint-GUID: addbZDdrXRjgTNUJKameGoBVSmxiN63a
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26
 definitions=2023-06-13_04,2023-06-12_02,2023-05-22_02
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

MACsec hardware configuration need hash key to be generated
from the cipher key of AES-GCM-128/256.
Added an ROC API to derive the hash key and extend the case
for AES-256 as well.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 drivers/common/cnxk/roc_aes.c   | 86 ++++++++++++++++++++++-----------
 drivers/common/cnxk/roc_aes.h   |  4 +-
 drivers/common/cnxk/version.map |  1 +
 3 files changed, 60 insertions(+), 31 deletions(-)

diff --git a/drivers/common/cnxk/roc_aes.c b/drivers/common/cnxk/roc_aes.c
index f821c8b710..d84feb546a 100644
--- a/drivers/common/cnxk/roc_aes.c
+++ b/drivers/common/cnxk/roc_aes.c
@@ -4,9 +4,10 @@
 
 #include "roc_api.h"
 
-#define KEY_WORD_LEN	 (ROC_CPT_AES_XCBC_KEY_LENGTH / sizeof(uint32_t))
-#define KEY_ROUNDS	 10			/* (Nr+1)*Nb */
-#define KEY_SCHEDULE_LEN ((KEY_ROUNDS + 1) * 4) /* (Nr+1)*Nb words */
+#define KEY128_ROUNDS		10		/* (Nr+1)*Nb */
+#define KEY256_ROUNDS		14		/* (Nr+1)*Nb */
+#define KEY_SCHEDULE_LEN(nr)	((nr + 1) * 4)	/* (Nr+1)*Nb words */
+#define AES_HASH_KEY_LEN	16
 
 /*
  * AES 128 implementation based on NIST FIPS 197 suitable for LittleEndian
@@ -93,22 +94,30 @@ GF8mul(uint8_t byte, uint32_t mp)
 }
 
 static void
-aes_key_expand(const uint8_t *key, uint32_t *ks)
+aes_key_expand(const uint8_t *key, uint32_t len, uint32_t *ks)
 {
-	unsigned int i = 4;
+	uint32_t len_words = len / sizeof(uint32_t);
+	unsigned int schedule_len;
+	unsigned int i = len_words;
 	uint32_t temp;
 
+	schedule_len = (len == ROC_CPT_AES128_KEY_LEN) ? KEY_SCHEDULE_LEN(KEY128_ROUNDS) :
+							 KEY_SCHEDULE_LEN(KEY256_ROUNDS);
 	/* Skip key in ks */
-	memcpy(ks, key, KEY_WORD_LEN * sizeof(uint32_t));
+	memcpy(ks, key, len);
 
-	while (i < KEY_SCHEDULE_LEN) {
+	while (i < schedule_len) {
 		temp = ks[i - 1];
-		if ((i & 0x3) == 0) {
+		if ((i & (len_words - 1)) == 0) {
 			temp = rot_word(temp);
 			temp = sub_word(temp);
-			temp ^= (uint32_t)GF8mul(1, 1 << ((i >> 2) - 1));
+			temp ^= (uint32_t)GF8mul(1, 1 << ((i / len_words) - 1));
 		}
-		ks[i] = ks[i - 4] ^ temp;
+		if (len == ROC_CPT_AES256_KEY_LEN) {
+			if ((i % len_words) == 4)
+				temp = sub_word(temp);
+		}
+		ks[i] = ks[i - len_words] ^ temp;
 		i++;
 	}
 }
@@ -145,64 +154,83 @@ mix_columns(uint8_t *sRc)
 }
 
 static void
-cipher(uint8_t *in, uint8_t *out, uint32_t *ks)
+cipher(uint8_t *in, uint8_t *out, uint32_t *ks, uint32_t key_rounds, uint8_t in_len)
 {
-	uint32_t state[KEY_WORD_LEN];
+	uint8_t data_word_len = in_len / sizeof(uint32_t);
+	uint32_t state[data_word_len];
 	unsigned int i, round;
 
 	memcpy(state, in, sizeof(state));
 
 	/* AddRoundKey(state, w[0, Nb-1]) // See Sec. 5.1.4 */
-	for (i = 0; i < KEY_WORD_LEN; i++)
+	for (i = 0; i < data_word_len; i++)
 		state[i] ^= ks[i];
 
-	for (round = 1; round < KEY_ROUNDS; round++) {
+	for (round = 1; round < key_rounds; round++) {
 		/* SubBytes(state) // See Sec. 5.1.1 */
-		for (i = 0; i < KEY_WORD_LEN; i++)
+		for (i = 0; i < data_word_len; i++)
 			state[i] = sub_word(state[i]);
 
 		/* ShiftRows(state) // See Sec. 5.1.2 */
-		for (i = 0; i < KEY_WORD_LEN; i++)
+		for (i = 0; i < data_word_len; i++)
 			shift_word((uint8_t *)state, i, i);
 
 		/* MixColumns(state) // See Sec. 5.1.3 */
-		for (i = 0; i < KEY_WORD_LEN; i++)
+		for (i = 0; i < data_word_len; i++)
 			mix_columns((uint8_t *)&state[i]);
 
 		/* AddRoundKey(state, w[round*Nb, (round+1)*Nb-1]) */
-		for (i = 0; i < KEY_WORD_LEN; i++)
-			state[i] ^= ks[round * 4 + i];
+		for (i = 0; i < data_word_len; i++)
+			state[i] ^= ks[round * data_word_len + i];
 	}
 
 	/* SubBytes(state) */
-	for (i = 0; i < KEY_WORD_LEN; i++)
+	for (i = 0; i < data_word_len; i++)
 		state[i] = sub_word(state[i]);
 
 	/* ShiftRows(state) */
-	for (i = 0; i < KEY_WORD_LEN; i++)
+	for (i = 0; i < data_word_len; i++)
 		shift_word((uint8_t *)state, i, i);
 
 	/* AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1]) */
-	for (i = 0; i < KEY_WORD_LEN; i++)
-		state[i] ^= ks[KEY_ROUNDS * 4 + i];
-	memcpy(out, state, KEY_WORD_LEN * sizeof(uint32_t));
+	for (i = 0; i < data_word_len; i++)
+		state[i] ^= ks[key_rounds * data_word_len + i];
+	memcpy(out, state, data_word_len * sizeof(uint32_t));
 }
 
 void
 roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key)
 {
-	uint32_t aes_ks[KEY_SCHEDULE_LEN] = {0};
+	uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY128_ROUNDS)] = {0};
 	uint8_t k1[16] = {[0 ... 15] = 0x01};
 	uint8_t k2[16] = {[0 ... 15] = 0x02};
 	uint8_t k3[16] = {[0 ... 15] = 0x03};
 
-	aes_key_expand(auth_key, aes_ks);
+	aes_key_expand(auth_key, ROC_CPT_AES_XCBC_KEY_LENGTH, aes_ks);
 
-	cipher(k1, derived_key, aes_ks);
+	cipher(k1, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k1));
 	derived_key += sizeof(k1);
 
-	cipher(k2, derived_key, aes_ks);
+	cipher(k2, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k2));
 	derived_key += sizeof(k2);
 
-	cipher(k3, derived_key, aes_ks);
+	cipher(k3, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k3));
+}
+
+void
+roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t hash_key[])
+{
+	uint8_t data[AES_HASH_KEY_LEN] = {0x0};
+
+	if (len == ROC_CPT_AES128_KEY_LEN) {
+		uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY128_ROUNDS)] = {0};
+
+		aes_key_expand(key, ROC_CPT_AES128_KEY_LEN, aes_ks);
+		cipher(data, hash_key, aes_ks, KEY128_ROUNDS, sizeof(data));
+	} else {
+		uint32_t aes_ks[KEY_SCHEDULE_LEN(KEY256_ROUNDS)] = {0};
+
+		aes_key_expand(key, ROC_CPT_AES256_KEY_LEN, aes_ks);
+		cipher(data, hash_key, aes_ks, KEY256_ROUNDS, sizeof(data));
+	}
 }
diff --git a/drivers/common/cnxk/roc_aes.h b/drivers/common/cnxk/roc_aes.h
index 954039139f..3b4b921bcd 100644
--- a/drivers/common/cnxk/roc_aes.h
+++ b/drivers/common/cnxk/roc_aes.h
@@ -8,7 +8,7 @@
 /*
  * Derive k1, k2, k3 from 128 bit AES key
  */
-void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key,
-				       uint8_t *derived_key);
+void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key);
+void __roc_api roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t *hash_key);
 
 #endif /* _ROC_AES_H_ */
diff --git a/drivers/common/cnxk/version.map b/drivers/common/cnxk/version.map
index 914d0d2caa..8c71497df8 100644
--- a/drivers/common/cnxk/version.map
+++ b/drivers/common/cnxk/version.map
@@ -30,6 +30,7 @@ INTERNAL {
 	roc_ae_ec_grp_put;
 	roc_ae_fpm_get;
 	roc_ae_fpm_put;
+	roc_aes_hash_key_derive;
 	roc_aes_xcbc_key_derive;
 	roc_bphy_cgx_cpri_mode_change;
 	roc_bphy_cgx_cpri_mode_misc;
-- 
2.25.1