* [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
@ 2024-06-05 8:48 Brian Dooley
2024-06-10 8:19 ` Dooley, Brian
` (3 more replies)
0 siblings, 4 replies; 9+ messages in thread
From: Brian Dooley @ 2024-06-05 8:48 UTC (permalink / raw)
To: Kai Ji, Pablo de Lara; +Cc: dev, gakhil, Brian Dooley
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
IPSec Multi-buffer library v1.4 added a new API to
calculate inner/outer padding for HMAC-SHAx/MD5.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
---
drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34 +++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 69a546697b..b3fdea02ff 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -13,6 +13,7 @@ struct aesni_mb_op_buf_data {
uint32_t offset;
};
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
/**
* Calculate the authentication pre-computes
*
@@ -55,6 +56,7 @@ calculate_auth_precomputes(hash_one_block_t one_block_hash,
memset(ipad_buf, 0, blocksize);
memset(opad_buf, 0, blocksize);
}
+#endif
static inline int
is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
@@ -66,12 +68,14 @@ is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
/** Set session authentication parameters */
static int
-aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
+aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_one_block_t hash_oneblock_fn = NULL;
unsigned int key_larger_block_size = 0;
+#endif
uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
uint32_t auth_precompute = 1;
@@ -267,18 +271,24 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->template_job.hash_alg = IMB_AUTH_MD5;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->md5_one_block;
+#endif
break;
case RTE_CRYPTO_AUTH_SHA1_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha1_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_1)) {
IMB_SHA1(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA1:
@@ -287,14 +297,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA224_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha224_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_224)) {
IMB_SHA224(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA224:
@@ -303,14 +317,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA256_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha256_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_256)) {
IMB_SHA256(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA256:
@@ -319,14 +337,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA384_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha384_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_384)) {
IMB_SHA384(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA384:
@@ -335,14 +357,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha512_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_512)) {
IMB_SHA512(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA512:
@@ -376,6 +402,11 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
return 0;
/* Calculate Authentication precomputes */
+#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
+ imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg,
+ xform->auth.key.data, xform->auth.key.length,
+ sess->auth.pads.inner, sess->auth.pads.outer);
+#else
if (key_larger_block_size) {
calculate_auth_precomputes(hash_oneblock_fn,
sess->auth.pads.inner, sess->auth.pads.outer,
@@ -389,6 +420,7 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
xform->auth.key.length,
get_auth_algo_blocksize(sess->template_job.hash_alg));
}
+#endif
sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
sess->auth.pads.inner;
sess->template_job.u.HMAC._hashed_auth_key_xor_opad =
--
2.25.1
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
2024-06-05 8:48 [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API Brian Dooley
@ 2024-06-10 8:19 ` Dooley, Brian
2024-06-20 9:00 ` Dooley, Brian
2024-06-24 14:33 ` Ji, Kai
` (2 subsequent siblings)
3 siblings, 1 reply; 9+ messages in thread
From: Dooley, Brian @ 2024-06-10 8:19 UTC (permalink / raw)
To: Ji, Kai, De Lara Guarch, Pablo; +Cc: dev, gakhil
[-- Attachment #1: Type: text/plain, Size: 7812 bytes --]
Recheck-request: iol-unit-amd64-testing
________________________________
From: Dooley, Brian <brian.dooley@intel.com>
Sent: Wednesday, June 5, 2024 9:48 AM
To: Ji, Kai <kai.ji@intel.com>; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
Cc: dev@dpdk.org <dev@dpdk.org>; gakhil@marvell.com <gakhil@marvell.com>; Dooley, Brian <brian.dooley@intel.com>
Subject: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
IPSec Multi-buffer library v1.4 added a new API to
calculate inner/outer padding for HMAC-SHAx/MD5.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
---
drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34 +++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 69a546697b..b3fdea02ff 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -13,6 +13,7 @@ struct aesni_mb_op_buf_data {
uint32_t offset;
};
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
/**
* Calculate the authentication pre-computes
*
@@ -55,6 +56,7 @@ calculate_auth_precomputes(hash_one_block_t one_block_hash,
memset(ipad_buf, 0, blocksize);
memset(opad_buf, 0, blocksize);
}
+#endif
static inline int
is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
@@ -66,12 +68,14 @@ is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
/** Set session authentication parameters */
static int
-aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
+aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_one_block_t hash_oneblock_fn = NULL;
unsigned int key_larger_block_size = 0;
+#endif
uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
uint32_t auth_precompute = 1;
@@ -267,18 +271,24 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->template_job.hash_alg = IMB_AUTH_MD5;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->md5_one_block;
+#endif
break;
case RTE_CRYPTO_AUTH_SHA1_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha1_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_1)) {
IMB_SHA1(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA1:
@@ -287,14 +297,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA224_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha224_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_224)) {
IMB_SHA224(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA224:
@@ -303,14 +317,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA256_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha256_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_256)) {
IMB_SHA256(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA256:
@@ -319,14 +337,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA384_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha384_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_384)) {
IMB_SHA384(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA384:
@@ -335,14 +357,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha512_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_512)) {
IMB_SHA512(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA512:
@@ -376,6 +402,11 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
return 0;
/* Calculate Authentication precomputes */
+#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
+ imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg,
+ xform->auth.key.data, xform->auth.key.length,
+ sess->auth.pads.inner, sess->auth.pads.outer);
+#else
if (key_larger_block_size) {
calculate_auth_precomputes(hash_oneblock_fn,
sess->auth.pads.inner, sess->auth.pads.outer,
@@ -389,6 +420,7 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
xform->auth.key.length,
get_auth_algo_blocksize(sess->template_job.hash_alg));
}
+#endif
sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
sess->auth.pads.inner;
sess->template_job.u.HMAC._hashed_auth_key_xor_opad =
--
2.25.1
[-- Attachment #2: Type: text/html, Size: 18817 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
2024-06-10 8:19 ` Dooley, Brian
@ 2024-06-20 9:00 ` Dooley, Brian
0 siblings, 0 replies; 9+ messages in thread
From: Dooley, Brian @ 2024-06-20 9:00 UTC (permalink / raw)
To: Ji, Kai, De Lara Guarch, Pablo; +Cc: dev, gakhil
[-- Attachment #1: Type: text/plain, Size: 8212 bytes --]
Recheck-request: iol-unit-arm64-testing
________________________________
From: Dooley, Brian <brian.dooley@intel.com>
Sent: Monday, June 10, 2024 9:19 AM
To: Ji, Kai <kai.ji@intel.com>; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
Cc: dev@dpdk.org <dev@dpdk.org>; gakhil@marvell.com <gakhil@marvell.com>
Subject: Re: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
Recheck-request: iol-unit-amd64-testing
________________________________
From: Dooley, Brian <brian.dooley@intel.com>
Sent: Wednesday, June 5, 2024 9:48 AM
To: Ji, Kai <kai.ji@intel.com>; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
Cc: dev@dpdk.org <dev@dpdk.org>; gakhil@marvell.com <gakhil@marvell.com>; Dooley, Brian <brian.dooley@intel.com>
Subject: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
IPSec Multi-buffer library v1.4 added a new API to
calculate inner/outer padding for HMAC-SHAx/MD5.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
---
drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34 +++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 69a546697b..b3fdea02ff 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -13,6 +13,7 @@ struct aesni_mb_op_buf_data {
uint32_t offset;
};
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
/**
* Calculate the authentication pre-computes
*
@@ -55,6 +56,7 @@ calculate_auth_precomputes(hash_one_block_t one_block_hash,
memset(ipad_buf, 0, blocksize);
memset(opad_buf, 0, blocksize);
}
+#endif
static inline int
is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
@@ -66,12 +68,14 @@ is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
/** Set session authentication parameters */
static int
-aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
+aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_one_block_t hash_oneblock_fn = NULL;
unsigned int key_larger_block_size = 0;
+#endif
uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
uint32_t auth_precompute = 1;
@@ -267,18 +271,24 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->template_job.hash_alg = IMB_AUTH_MD5;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->md5_one_block;
+#endif
break;
case RTE_CRYPTO_AUTH_SHA1_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha1_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_1)) {
IMB_SHA1(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA1:
@@ -287,14 +297,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA224_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha224_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_224)) {
IMB_SHA224(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA224:
@@ -303,14 +317,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA256_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha256_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_256)) {
IMB_SHA256(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA256:
@@ -319,14 +337,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA384_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha384_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_384)) {
IMB_SHA384(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA384:
@@ -335,14 +357,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha512_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_512)) {
IMB_SHA512(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA512:
@@ -376,6 +402,11 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
return 0;
/* Calculate Authentication precomputes */
+#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
+ imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg,
+ xform->auth.key.data, xform->auth.key.length,
+ sess->auth.pads.inner, sess->auth.pads.outer);
+#else
if (key_larger_block_size) {
calculate_auth_precomputes(hash_oneblock_fn,
sess->auth.pads.inner, sess->auth.pads.outer,
@@ -389,6 +420,7 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
xform->auth.key.length,
get_auth_algo_blocksize(sess->template_job.hash_alg));
}
+#endif
sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
sess->auth.pads.inner;
sess->template_job.u.HMAC._hashed_auth_key_xor_opad =
--
2.25.1
[-- Attachment #2: Type: text/html, Size: 19904 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
2024-06-05 8:48 [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API Brian Dooley
2024-06-10 8:19 ` Dooley, Brian
@ 2024-06-24 14:33 ` Ji, Kai
2024-06-27 14:35 ` Wathsala Wathawana Vithanage
2024-07-02 13:32 ` Patrick Robb
3 siblings, 0 replies; 9+ messages in thread
From: Ji, Kai @ 2024-06-24 14:33 UTC (permalink / raw)
To: Dooley, Brian, De Lara Guarch, Pablo; +Cc: dev, gakhil
[-- Attachment #1: Type: text/plain, Size: 7793 bytes --]
Acked-by: Kai Ji <kai.ji@intel.com>
________________________________
From: Dooley, Brian <brian.dooley@intel.com>
Sent: 05 June 2024 09:48
To: Ji, Kai <kai.ji@intel.com>; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
Cc: dev@dpdk.org <dev@dpdk.org>; gakhil@marvell.com <gakhil@marvell.com>; Dooley, Brian <brian.dooley@intel.com>
Subject: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
IPSec Multi-buffer library v1.4 added a new API to
calculate inner/outer padding for HMAC-SHAx/MD5.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
---
drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34 +++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 69a546697b..b3fdea02ff 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -13,6 +13,7 @@ struct aesni_mb_op_buf_data {
uint32_t offset;
};
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
/**
* Calculate the authentication pre-computes
*
@@ -55,6 +56,7 @@ calculate_auth_precomputes(hash_one_block_t one_block_hash,
memset(ipad_buf, 0, blocksize);
memset(opad_buf, 0, blocksize);
}
+#endif
static inline int
is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
@@ -66,12 +68,14 @@ is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
/** Set session authentication parameters */
static int
-aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
+aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_one_block_t hash_oneblock_fn = NULL;
unsigned int key_larger_block_size = 0;
+#endif
uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
uint32_t auth_precompute = 1;
@@ -267,18 +271,24 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->template_job.hash_alg = IMB_AUTH_MD5;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->md5_one_block;
+#endif
break;
case RTE_CRYPTO_AUTH_SHA1_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha1_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_1)) {
IMB_SHA1(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA1:
@@ -287,14 +297,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA224_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha224_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_224)) {
IMB_SHA224(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA224:
@@ -303,14 +317,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA256_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha256_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_256)) {
IMB_SHA256(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA256:
@@ -319,14 +337,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA384_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha384_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_384)) {
IMB_SHA384(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA384:
@@ -335,14 +357,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha512_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_512)) {
IMB_SHA512(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA512:
@@ -376,6 +402,11 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
return 0;
/* Calculate Authentication precomputes */
+#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
+ imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg,
+ xform->auth.key.data, xform->auth.key.length,
+ sess->auth.pads.inner, sess->auth.pads.outer);
+#else
if (key_larger_block_size) {
calculate_auth_precomputes(hash_oneblock_fn,
sess->auth.pads.inner, sess->auth.pads.outer,
@@ -389,6 +420,7 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
xform->auth.key.length,
get_auth_algo_blocksize(sess->template_job.hash_alg));
}
+#endif
sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
sess->auth.pads.inner;
sess->template_job.u.HMAC._hashed_auth_key_xor_opad =
--
2.25.1
[-- Attachment #2: Type: text/html, Size: 18651 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
2024-06-05 8:48 [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API Brian Dooley
2024-06-10 8:19 ` Dooley, Brian
2024-06-24 14:33 ` Ji, Kai
@ 2024-06-27 14:35 ` Wathsala Wathawana Vithanage
2024-07-03 17:26 ` Akhil Goyal
2024-07-02 13:32 ` Patrick Robb
3 siblings, 1 reply; 9+ messages in thread
From: Wathsala Wathawana Vithanage @ 2024-06-27 14:35 UTC (permalink / raw)
To: Brian Dooley, Kai Ji, Pablo de Lara; +Cc: dev, gakhil, nd, nd
Acked-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
> Subject: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
>
> From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
>
> IPSec Multi-buffer library v1.4 added a new API to calculate inner/outer
> padding for HMAC-SHAx/MD5.
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> Signed-off-by: Brian Dooley <brian.dooley@intel.com>
> ---
> drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34
> +++++++++++++++++++++++++-
> 1 file changed, 33 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> index 69a546697b..b3fdea02ff 100644
> --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> @@ -13,6 +13,7 @@ struct aesni_mb_op_buf_data {
> uint32_t offset;
> };
>
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> /**
> * Calculate the authentication pre-computes
> *
> @@ -55,6 +56,7 @@ calculate_auth_precomputes(hash_one_block_t
> one_block_hash,
> memset(ipad_buf, 0, blocksize);
> memset(opad_buf, 0, blocksize);
> }
> +#endif
>
> static inline int
> is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
> @@ -66,12 +68,14 @@ is_aead_algo(IMB_HASH_ALG hash_alg,
> IMB_CIPHER_MODE cipher_mode)
>
> /** Set session authentication parameters */ static int -
> aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
> +aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
> struct aesni_mb_session *sess,
> const struct rte_crypto_sym_xform *xform) {
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> hash_one_block_t hash_oneblock_fn = NULL;
> unsigned int key_larger_block_size = 0;
> +#endif
> uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
> uint32_t auth_precompute = 1;
>
> @@ -267,18 +271,24 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> switch (xform->auth.algo) {
> case RTE_CRYPTO_AUTH_MD5_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_MD5;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> hash_oneblock_fn = mb_mgr->md5_one_block;
> +#endif
> break;
> case RTE_CRYPTO_AUTH_SHA1_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> hash_oneblock_fn = mb_mgr->sha1_one_block;
> +#endif
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_1)) {
> IMB_SHA1(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> key_larger_block_size = 1;
> +#endif
> }
> break;
> case RTE_CRYPTO_AUTH_SHA1:
> @@ -287,14 +297,18 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> break;
> case RTE_CRYPTO_AUTH_SHA224_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> hash_oneblock_fn = mb_mgr->sha224_one_block;
> +#endif
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_224)) {
> IMB_SHA224(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> key_larger_block_size = 1;
> +#endif
> }
> break;
> case RTE_CRYPTO_AUTH_SHA224:
> @@ -303,14 +317,18 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> break;
> case RTE_CRYPTO_AUTH_SHA256_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> hash_oneblock_fn = mb_mgr->sha256_one_block;
> +#endif
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_256)) {
> IMB_SHA256(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> key_larger_block_size = 1;
> +#endif
> }
> break;
> case RTE_CRYPTO_AUTH_SHA256:
> @@ -319,14 +337,18 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> break;
> case RTE_CRYPTO_AUTH_SHA384_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> hash_oneblock_fn = mb_mgr->sha384_one_block;
> +#endif
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_384)) {
> IMB_SHA384(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> key_larger_block_size = 1;
> +#endif
> }
> break;
> case RTE_CRYPTO_AUTH_SHA384:
> @@ -335,14 +357,18 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> break;
> case RTE_CRYPTO_AUTH_SHA512_HMAC:
> sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> hash_oneblock_fn = mb_mgr->sha512_one_block;
> +#endif
> if (xform->auth.key.length > get_auth_algo_blocksize(
> IMB_AUTH_HMAC_SHA_512)) {
> IMB_SHA512(mb_mgr,
> xform->auth.key.data,
> xform->auth.key.length,
> hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
> key_larger_block_size = 1;
> +#endif
> }
> break;
> case RTE_CRYPTO_AUTH_SHA512:
> @@ -376,6 +402,11 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
> return 0;
>
> /* Calculate Authentication precomputes */
> +#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
> + imb_hmac_ipad_opad(mb_mgr, sess-
> >template_job.hash_alg,
> + xform->auth.key.data, xform-
> >auth.key.length,
> + sess->auth.pads.inner, sess-
> >auth.pads.outer); #else
> if (key_larger_block_size) {
> calculate_auth_precomputes(hash_oneblock_fn,
> sess->auth.pads.inner, sess->auth.pads.outer, @@ -
> 389,6 +420,7 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR
> *mb_mgr,
> xform->auth.key.length,
> get_auth_algo_blocksize(sess-
> >template_job.hash_alg));
> }
> +#endif
> sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
> sess->auth.pads.inner;
> sess->template_job.u.HMAC._hashed_auth_key_xor_opad =
> --
> 2.25.1
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
2024-06-05 8:48 [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API Brian Dooley
` (2 preceding siblings ...)
2024-06-27 14:35 ` Wathsala Wathawana Vithanage
@ 2024-07-02 13:32 ` Patrick Robb
3 siblings, 0 replies; 9+ messages in thread
From: Patrick Robb @ 2024-07-02 13:32 UTC (permalink / raw)
To: Brian Dooley; +Cc: Kai Ji, Pablo de Lara, dev, gakhil
Recheck-request: iol-unit-arm64-testing
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
2024-06-27 14:35 ` Wathsala Wathawana Vithanage
@ 2024-07-03 17:26 ` Akhil Goyal
0 siblings, 0 replies; 9+ messages in thread
From: Akhil Goyal @ 2024-07-03 17:26 UTC (permalink / raw)
To: Wathsala Wathawana Vithanage, Brian Dooley, Kai Ji, Pablo de Lara
Cc: dev, nd, nd
> Acked-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
>
> > Subject: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
> >
> > From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> >
> > IPSec Multi-buffer library v1.4 added a new API to calculate inner/outer
> > padding for HMAC-SHAx/MD5.
> >
> > Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> > Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Applied to dpdk-next-crypto
Thanks.
^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
2023-12-14 16:41 Brian Dooley
@ 2024-02-08 16:15 ` Power, Ciara
0 siblings, 0 replies; 9+ messages in thread
From: Power, Ciara @ 2024-02-08 16:15 UTC (permalink / raw)
To: Dooley, Brian, Ji, Kai, De Lara Guarch, Pablo; +Cc: dev, gakhil, Dooley, Brian
> -----Original Message-----
> From: Brian Dooley <brian.dooley@intel.com>
> Sent: Thursday, December 14, 2023 4:42 PM
> To: Ji, Kai <kai.ji@intel.com>; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>
> Cc: dev@dpdk.org; gakhil@marvell.com; Dooley, Brian
> <brian.dooley@intel.com>
> Subject: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
>
> From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
>
> IPSec Multi-buffer library v1.4 added a new API to calculate inner/outer
> padding for HMAC-SHAx/MD5.
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> Signed-off-by: Brian Dooley <brian.dooley@intel.com>
> ---
> drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34
> +++++++++++++++++++++++++-
> 1 file changed, 33 insertions(+), 1 deletion(-)
>
Acked-by: Ciara Power <ciara.power@intel.com>
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
@ 2023-12-14 16:41 Brian Dooley
2024-02-08 16:15 ` Power, Ciara
0 siblings, 1 reply; 9+ messages in thread
From: Brian Dooley @ 2023-12-14 16:41 UTC (permalink / raw)
To: Kai Ji, Pablo de Lara; +Cc: dev, gakhil, Brian Dooley
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
IPSec Multi-buffer library v1.4 added a new API to
calculate inner/outer padding for HMAC-SHAx/MD5.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
---
drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34 +++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 4de4866cf3..0410d2785b 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -13,6 +13,7 @@ struct aesni_mb_op_buf_data {
uint32_t offset;
};
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
/**
* Calculate the authentication pre-computes
*
@@ -55,6 +56,7 @@ calculate_auth_precomputes(hash_one_block_t one_block_hash,
memset(ipad_buf, 0, blocksize);
memset(opad_buf, 0, blocksize);
}
+#endif
static inline int
is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
@@ -66,12 +68,14 @@ is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
/** Set session authentication parameters */
static int
-aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
+aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_one_block_t hash_oneblock_fn = NULL;
unsigned int key_larger_block_size = 0;
+#endif
uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
uint32_t auth_precompute = 1;
@@ -267,18 +271,24 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_MD5_HMAC:
sess->template_job.hash_alg = IMB_AUTH_MD5;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->md5_one_block;
+#endif
break;
case RTE_CRYPTO_AUTH_SHA1_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha1_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_1)) {
IMB_SHA1(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA1:
@@ -287,14 +297,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA224_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha224_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_224)) {
IMB_SHA224(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA224:
@@ -303,14 +317,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA256_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha256_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_256)) {
IMB_SHA256(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA256:
@@ -319,14 +337,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA384_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha384_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_384)) {
IMB_SHA384(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA384:
@@ -335,14 +357,18 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
break;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
hash_oneblock_fn = mb_mgr->sha512_one_block;
+#endif
if (xform->auth.key.length > get_auth_algo_blocksize(
IMB_AUTH_HMAC_SHA_512)) {
IMB_SHA512(mb_mgr,
xform->auth.key.data,
xform->auth.key.length,
hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
key_larger_block_size = 1;
+#endif
}
break;
case RTE_CRYPTO_AUTH_SHA512:
@@ -376,6 +402,11 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
return 0;
/* Calculate Authentication precomputes */
+#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
+ imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg,
+ xform->auth.key.data, xform->auth.key.length,
+ sess->auth.pads.inner, sess->auth.pads.outer);
+#else
if (key_larger_block_size) {
calculate_auth_precomputes(hash_oneblock_fn,
sess->auth.pads.inner, sess->auth.pads.outer,
@@ -389,6 +420,7 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
xform->auth.key.length,
get_auth_algo_blocksize(sess->template_job.hash_alg));
}
+#endif
sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
sess->auth.pads.inner;
sess->template_job.u.HMAC._hashed_auth_key_xor_opad =
--
2.25.1
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2024-07-03 17:26 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-06-05 8:48 [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API Brian Dooley
2024-06-10 8:19 ` Dooley, Brian
2024-06-20 9:00 ` Dooley, Brian
2024-06-24 14:33 ` Ji, Kai
2024-06-27 14:35 ` Wathsala Wathawana Vithanage
2024-07-03 17:26 ` Akhil Goyal
2024-07-02 13:32 ` Patrick Robb
-- strict thread matches above, loose matches on Subject: below --
2023-12-14 16:41 Brian Dooley
2024-02-08 16:15 ` Power, Ciara
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).