Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/128545/?format=api
{ "id": 128545, "url": "http://patches.dpdk.org/api/patches/128545/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20230613071614.2259604-12-gakhil@marvell.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20230613071614.2259604-12-gakhil@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20230613071614.2259604-12-gakhil@marvell.com", "date": "2023-06-13T07:16:10", "name": "[v3,11/15] common/cnxk: derive hash key for MACsec", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": true, "hash": "336af809d4d23c04f58ccfee72a91360b8cfcfac", "submitter": { "id": 2094, "url": "http://patches.dpdk.org/api/people/2094/?format=api", "name": "Akhil Goyal", "email": "gakhil@marvell.com" }, "delegate": { "id": 310, "url": "http://patches.dpdk.org/api/users/310/?format=api", "username": "jerin", "first_name": "Jerin", "last_name": "Jacob", "email": "jerinj@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20230613071614.2259604-12-gakhil@marvell.com/mbox/", "series": [ { "id": 28472, "url": "http://patches.dpdk.org/api/series/28472/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=28472", "date": "2023-06-13T07:15:59", "name": "net/cnxk: add MACsec support", "version": 3, "mbox": "http://patches.dpdk.org/series/28472/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/128545/comments/", "check": "success", "checks": "http://patches.dpdk.org/api/patches/128545/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id A129F42CA0;\n\tTue, 13 Jun 2023 09:18:02 +0200 (CEST)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 04F6442D59;\n\tTue, 13 Jun 2023 09:17:09 +0200 (CEST)", "from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com\n [67.231.156.173])\n by mails.dpdk.org (Postfix) with ESMTP id 6FC0242D56\n for <dev@dpdk.org>; Tue, 13 Jun 2023 09:17:07 +0200 (CEST)", "from pps.filterd (m0045851.ppops.net [127.0.0.1])\n by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id\n 35D562d8012976; Tue, 13 Jun 2023 00:17:06 -0700", "from dc5-exch01.marvell.com ([199.233.59.181])\n by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3r4rpkf75j-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Tue, 13 Jun 2023 00:17:06 -0700", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48;\n Tue, 13 Jun 2023 00:17:04 -0700", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend\n Transport; Tue, 13 Jun 2023 00:17:04 -0700", "from localhost.localdomain (unknown [10.28.36.102])\n by maili.marvell.com (Postfix) with ESMTP id 356F53F7065;\n Tue, 13 Jun 2023 00:17:01 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=4wAwKucXXIiMH+9uVbJloxzIuXgg9/Uyjh30Pg/Se3M=;\n b=K3V4z5ufuwHuh3bGMjXOq7LtTQNKWFTvH78SZd70kZvxYL1rR00sjE1ZE8AOLlISZ5vm\n qBYIJUht/buwsrbJsOe2Lh9fFwWoP846GDqaan1Jg1Rqa82P4mwMYSi2SQGuSUW5KCry\n GuytiimG9DkWaLpl6NbV7eeZnWh9g5Qr9ARiooxYERzSAT7I5mNJ+JbMYMPvfj+NhtBc\n FBlzxUhq3zF6rNkplpO9vK8CwbiO3zue/TAhQFjJDxMcMSAiyUvSxVvLhxsFXKsIbnkk\n g0dsCphTgVQcUYjjGvJbIU9tH6aRKH0v2g0ZanScEOwrZvT33z2L4BDpCJdKqQPiBAHG DA==", "From": "Akhil Goyal <gakhil@marvell.com>", "To": "<dev@dpdk.org>", "CC": "<thomas@monjalon.net>, <david.marchand@redhat.com>,\n <vattunuru@marvell.com>, <jerinj@marvell.com>, <adwivedi@marvell.com>,\n <ndabilpuram@marvell.com>, Akhil Goyal <gakhil@marvell.com>", "Subject": "[PATCH v3 11/15] common/cnxk: derive hash key for MACsec", "Date": "Tue, 13 Jun 2023 12:46:10 +0530", "Message-ID": "<20230613071614.2259604-12-gakhil@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20230613071614.2259604-1-gakhil@marvell.com>", "References": "<20230607152819.226838-1-gakhil@marvell.com>\n <20230613071614.2259604-1-gakhil@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-ORIG-GUID": "cZ3Jtq9I8UxKOhMLV4tPEKUUnhSxuvh2", "X-Proofpoint-GUID": "cZ3Jtq9I8UxKOhMLV4tPEKUUnhSxuvh2", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26\n definitions=2023-06-13_04,2023-06-12_02,2023-05-22_02", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "MACsec hardware configuration need hash key to be generated\nfrom the cipher key of AES-GCM-128/256.\nAdded an ROC API to derive the hash key and extend the case\nfor AES-256 as well.\n\nSigned-off-by: Akhil Goyal <gakhil@marvell.com>\n---\n drivers/common/cnxk/roc_aes.c | 86 ++++++++++++++++++++++-----------\n drivers/common/cnxk/roc_aes.h | 4 +-\n drivers/common/cnxk/version.map | 1 +\n 3 files changed, 60 insertions(+), 31 deletions(-)", "diff": "diff --git a/drivers/common/cnxk/roc_aes.c b/drivers/common/cnxk/roc_aes.c\nindex f821c8b710..d84feb546a 100644\n--- a/drivers/common/cnxk/roc_aes.c\n+++ b/drivers/common/cnxk/roc_aes.c\n@@ -4,9 +4,10 @@\n \n #include \"roc_api.h\"\n \n-#define KEY_WORD_LEN\t (ROC_CPT_AES_XCBC_KEY_LENGTH / sizeof(uint32_t))\n-#define KEY_ROUNDS\t 10\t\t\t/* (Nr+1)*Nb */\n-#define KEY_SCHEDULE_LEN ((KEY_ROUNDS + 1) * 4) /* (Nr+1)*Nb words */\n+#define KEY128_ROUNDS\t\t10\t\t/* (Nr+1)*Nb */\n+#define KEY256_ROUNDS\t\t14\t\t/* (Nr+1)*Nb */\n+#define KEY_SCHEDULE_LEN(nr)\t((nr + 1) * 4)\t/* (Nr+1)*Nb words */\n+#define AES_HASH_KEY_LEN\t16\n \n /*\n * AES 128 implementation based on NIST FIPS 197 suitable for LittleEndian\n@@ -93,22 +94,30 @@ GF8mul(uint8_t byte, uint32_t mp)\n }\n \n static void\n-aes_key_expand(const uint8_t *key, uint32_t *ks)\n+aes_key_expand(const uint8_t *key, uint32_t len, uint32_t *ks)\n {\n-\tunsigned int i = 4;\n+\tuint32_t len_words = len / sizeof(uint32_t);\n+\tunsigned int schedule_len;\n+\tunsigned int i = len_words;\n \tuint32_t temp;\n \n+\tschedule_len = (len == ROC_CPT_AES128_KEY_LEN) ? KEY_SCHEDULE_LEN(KEY128_ROUNDS) :\n+\t\t\t\t\t\t\t KEY_SCHEDULE_LEN(KEY256_ROUNDS);\n \t/* Skip key in ks */\n-\tmemcpy(ks, key, KEY_WORD_LEN * sizeof(uint32_t));\n+\tmemcpy(ks, key, len);\n \n-\twhile (i < KEY_SCHEDULE_LEN) {\n+\twhile (i < schedule_len) {\n \t\ttemp = ks[i - 1];\n-\t\tif ((i & 0x3) == 0) {\n+\t\tif ((i & (len_words - 1)) == 0) {\n \t\t\ttemp = rot_word(temp);\n \t\t\ttemp = sub_word(temp);\n-\t\t\ttemp ^= (uint32_t)GF8mul(1, 1 << ((i >> 2) - 1));\n+\t\t\ttemp ^= (uint32_t)GF8mul(1, 1 << ((i / len_words) - 1));\n \t\t}\n-\t\tks[i] = ks[i - 4] ^ temp;\n+\t\tif (len == ROC_CPT_AES256_KEY_LEN) {\n+\t\t\tif ((i % len_words) == 4)\n+\t\t\t\ttemp = sub_word(temp);\n+\t\t}\n+\t\tks[i] = ks[i - len_words] ^ temp;\n \t\ti++;\n \t}\n }\n@@ -145,64 +154,83 @@ mix_columns(uint8_t *sRc)\n }\n \n static void\n-cipher(uint8_t *in, uint8_t *out, uint32_t *ks)\n+cipher(uint8_t *in, uint8_t *out, uint32_t *ks, uint32_t key_rounds, uint8_t in_len)\n {\n-\tuint32_t state[KEY_WORD_LEN];\n+\tuint8_t data_word_len = in_len / sizeof(uint32_t);\n+\tuint32_t state[data_word_len];\n \tunsigned int i, round;\n \n \tmemcpy(state, in, sizeof(state));\n \n \t/* AddRoundKey(state, w[0, Nb-1]) // See Sec. 5.1.4 */\n-\tfor (i = 0; i < KEY_WORD_LEN; i++)\n+\tfor (i = 0; i < data_word_len; i++)\n \t\tstate[i] ^= ks[i];\n \n-\tfor (round = 1; round < KEY_ROUNDS; round++) {\n+\tfor (round = 1; round < key_rounds; round++) {\n \t\t/* SubBytes(state) // See Sec. 5.1.1 */\n-\t\tfor (i = 0; i < KEY_WORD_LEN; i++)\n+\t\tfor (i = 0; i < data_word_len; i++)\n \t\t\tstate[i] = sub_word(state[i]);\n \n \t\t/* ShiftRows(state) // See Sec. 5.1.2 */\n-\t\tfor (i = 0; i < KEY_WORD_LEN; i++)\n+\t\tfor (i = 0; i < data_word_len; i++)\n \t\t\tshift_word((uint8_t *)state, i, i);\n \n \t\t/* MixColumns(state) // See Sec. 5.1.3 */\n-\t\tfor (i = 0; i < KEY_WORD_LEN; i++)\n+\t\tfor (i = 0; i < data_word_len; i++)\n \t\t\tmix_columns((uint8_t *)&state[i]);\n \n \t\t/* AddRoundKey(state, w[round*Nb, (round+1)*Nb-1]) */\n-\t\tfor (i = 0; i < KEY_WORD_LEN; i++)\n-\t\t\tstate[i] ^= ks[round * 4 + i];\n+\t\tfor (i = 0; i < data_word_len; i++)\n+\t\t\tstate[i] ^= ks[round * data_word_len + i];\n \t}\n \n \t/* SubBytes(state) */\n-\tfor (i = 0; i < KEY_WORD_LEN; i++)\n+\tfor (i = 0; i < data_word_len; i++)\n \t\tstate[i] = sub_word(state[i]);\n \n \t/* ShiftRows(state) */\n-\tfor (i = 0; i < KEY_WORD_LEN; i++)\n+\tfor (i = 0; i < data_word_len; i++)\n \t\tshift_word((uint8_t *)state, i, i);\n \n \t/* AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1]) */\n-\tfor (i = 0; i < KEY_WORD_LEN; i++)\n-\t\tstate[i] ^= ks[KEY_ROUNDS * 4 + i];\n-\tmemcpy(out, state, KEY_WORD_LEN * sizeof(uint32_t));\n+\tfor (i = 0; i < data_word_len; i++)\n+\t\tstate[i] ^= ks[key_rounds * data_word_len + i];\n+\tmemcpy(out, state, data_word_len * sizeof(uint32_t));\n }\n \n void\n roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key)\n {\n-\tuint32_t aes_ks[KEY_SCHEDULE_LEN] = {0};\n+\tuint32_t aes_ks[KEY_SCHEDULE_LEN(KEY128_ROUNDS)] = {0};\n \tuint8_t k1[16] = {[0 ... 15] = 0x01};\n \tuint8_t k2[16] = {[0 ... 15] = 0x02};\n \tuint8_t k3[16] = {[0 ... 15] = 0x03};\n \n-\taes_key_expand(auth_key, aes_ks);\n+\taes_key_expand(auth_key, ROC_CPT_AES_XCBC_KEY_LENGTH, aes_ks);\n \n-\tcipher(k1, derived_key, aes_ks);\n+\tcipher(k1, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k1));\n \tderived_key += sizeof(k1);\n \n-\tcipher(k2, derived_key, aes_ks);\n+\tcipher(k2, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k2));\n \tderived_key += sizeof(k2);\n \n-\tcipher(k3, derived_key, aes_ks);\n+\tcipher(k3, derived_key, aes_ks, KEY128_ROUNDS, sizeof(k3));\n+}\n+\n+void\n+roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t hash_key[])\n+{\n+\tuint8_t data[AES_HASH_KEY_LEN] = {0x0};\n+\n+\tif (len == ROC_CPT_AES128_KEY_LEN) {\n+\t\tuint32_t aes_ks[KEY_SCHEDULE_LEN(KEY128_ROUNDS)] = {0};\n+\n+\t\taes_key_expand(key, ROC_CPT_AES128_KEY_LEN, aes_ks);\n+\t\tcipher(data, hash_key, aes_ks, KEY128_ROUNDS, sizeof(data));\n+\t} else {\n+\t\tuint32_t aes_ks[KEY_SCHEDULE_LEN(KEY256_ROUNDS)] = {0};\n+\n+\t\taes_key_expand(key, ROC_CPT_AES256_KEY_LEN, aes_ks);\n+\t\tcipher(data, hash_key, aes_ks, KEY256_ROUNDS, sizeof(data));\n+\t}\n }\ndiff --git a/drivers/common/cnxk/roc_aes.h b/drivers/common/cnxk/roc_aes.h\nindex 954039139f..3b4b921bcd 100644\n--- a/drivers/common/cnxk/roc_aes.h\n+++ b/drivers/common/cnxk/roc_aes.h\n@@ -8,7 +8,7 @@\n /*\n * Derive k1, k2, k3 from 128 bit AES key\n */\n-void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key,\n-\t\t\t\t uint8_t *derived_key);\n+void __roc_api roc_aes_xcbc_key_derive(const uint8_t *auth_key, uint8_t *derived_key);\n+void __roc_api roc_aes_hash_key_derive(const uint8_t *key, uint16_t len, uint8_t *hash_key);\n \n #endif /* _ROC_AES_H_ */\ndiff --git a/drivers/common/cnxk/version.map b/drivers/common/cnxk/version.map\nindex 914d0d2caa..8c71497df8 100644\n--- a/drivers/common/cnxk/version.map\n+++ b/drivers/common/cnxk/version.map\n@@ -30,6 +30,7 @@ INTERNAL {\n \troc_ae_ec_grp_put;\n \troc_ae_fpm_get;\n \troc_ae_fpm_put;\n+\troc_aes_hash_key_derive;\n \troc_aes_xcbc_key_derive;\n \troc_bphy_cgx_cpri_mode_change;\n \troc_bphy_cgx_cpri_mode_misc;\n", "prefixes": [ "v3", "11/15" ] }