From patchwork Mon Sep 21 11:45:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "De Lara Guarch, Pablo" X-Patchwork-Id: 78159 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id BE1B9A04CC; Mon, 21 Sep 2020 13:45:35 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id CAE501D942; Mon, 21 Sep 2020 13:45:24 +0200 (CEST) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by dpdk.org (Postfix) with ESMTP id 2BB041D927 for ; Mon, 21 Sep 2020 13:45:20 +0200 (CEST) IronPort-SDR: dXOh/KQn3znbxlMr6WTMGPahfA0OH9zgwQhjGQqoN8G9TApftZJCeCzf9KbIJV252B5jIaglHy ZFUoBJPOz1sQ== X-IronPort-AV: E=McAfee;i="6000,8403,9750"; a="159655597" X-IronPort-AV: E=Sophos;i="5.77,286,1596524400"; d="scan'208";a="159655597" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Sep 2020 04:45:17 -0700 IronPort-SDR: V6xAANQwvXcxY4DFncgmALC9Qn19SpulONdZeJ7/2mpTfp2cS5L289qNJclukVoDQwVm1aHrh5 YcikYbhfMHSw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,286,1596524400"; d="scan'208";a="485408802" Received: from silpixa00400657.ir.intel.com (HELO silpixa00400657.ger.corp.intel.com) ([10.237.222.227]) by orsmga005.jf.intel.com with ESMTP; 21 Sep 2020 04:45:16 -0700 From: Pablo de Lara To: declan.doherty@intel.com Cc: dev@dpdk.org, Pablo de Lara Date: Mon, 21 Sep 2020 11:45:07 +0000 Message-Id: <20200921114508.275079-2-pablo.de.lara.guarch@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200921114508.275079-1-pablo.de.lara.guarch@intel.com> References: <20200911155428.2840626-1-pablo.de.lara.guarch@intel.com> <20200921114508.275079-1-pablo.de.lara.guarch@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v4 2/3] crypto/aesni_mb: support SNOW3G-UEA2/UIA2 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add support for SNOW3G-UEA2/UIA2 algorithms through the intel-ipsec-mb job API, allowing the mix of these algorithms with others. Signed-off-by: Pablo de Lara --- v3/v4: - Fixed compilation when intel-ipsec-mb version is lower than 0.54 v2: - Added commit description --- doc/guides/cryptodevs/aesni_mb.rst | 2 + doc/guides/cryptodevs/features/aesni_mb.ini | 2 + doc/guides/rel_notes/release_20_11.rst | 1 + .../crypto/aesni_mb/aesni_mb_pmd_private.h | 17 +++++-- drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 47 ++++++++++++++++--- .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 45 ++++++++++++++++++ 6 files changed, 105 insertions(+), 9 deletions(-) diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst index 0cb58bfe5..12bcafcba 100644 --- a/doc/guides/cryptodevs/aesni_mb.rst +++ b/doc/guides/cryptodevs/aesni_mb.rst @@ -33,6 +33,7 @@ Cipher algorithms: * RTE_CRYPTO_CIPHER_3DES_CBC * RTE_CRYPTO_CIPHER_DES_DOCSISBPI * RTE_CRYPTO_CIPHER_ZUC_EEA3 +* RTE_CRYPTO_CIPHER_SNOW3G_UEA2 Authentication algorithms: @@ -51,6 +52,7 @@ Authentication algorithms: * RTE_CRYPTO_AUTH_SHA384 * RTE_CRYPTO_AUTH_SHA512 * RTE_CRYPTO_AUTH_ZUC_EIA3 +* RTE_CRYPTO_AUTH_SNOW3G_UIA2 AEAD algorithms: diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini index 47210333c..76a0fd149 100644 --- a/doc/guides/cryptodevs/features/aesni_mb.ini +++ b/doc/guides/cryptodevs/features/aesni_mb.ini @@ -31,6 +31,7 @@ DES CBC = Y 3DES CBC = Y DES DOCSIS BPI = Y ZUC EEA3 = Y +SNOW3G UEA2 = Y ; ; Supported authentication algorithms of the 'aesni_mb' crypto driver. @@ -51,6 +52,7 @@ AES XCBC MAC = Y AES CMAC (128) = Y AES GMAC = Y ZUC EIA3 = Y +SNOW3G UIA2 = Y ; ; Supported AEAD algorithms of the 'aesni_mb' crypto driver. diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst index 1dc822cb7..ee8dff904 100644 --- a/doc/guides/rel_notes/release_20_11.rst +++ b/doc/guides/rel_notes/release_20_11.rst @@ -58,6 +58,7 @@ New Features * **Updated the AESNI MB crypto PMD.** * Added support for ZUC-EEA3/EIA3 algorithms. + * Added support for SNOW3G-UEA2/UIA2 algorithms. Removed Items diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h index 601ab9a40..85039dbf2 100644 --- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h +++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h @@ -56,7 +56,8 @@ static const unsigned auth_blocksize[] = { [PLAIN_SHA_384] = 128, [PLAIN_SHA_512] = 128, #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM - [IMB_AUTH_ZUC_EIA3_BITLEN] = 16 + [IMB_AUTH_ZUC_EIA3_BITLEN] = 16, + [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16 #endif }; @@ -90,7 +91,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = { [PLAIN_SHA_384] = 48, [PLAIN_SHA_512] = 64, #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM - [IMB_AUTH_ZUC_EIA3_BITLEN] = 4 + [IMB_AUTH_ZUC_EIA3_BITLEN] = 4, + [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4 #endif }; @@ -125,7 +127,8 @@ static const unsigned auth_digest_byte_lengths[] = { [PLAIN_SHA_384] = 48, [PLAIN_SHA_512] = 64, #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM - [IMB_AUTH_ZUC_EIA3_BITLEN] = 4 + [IMB_AUTH_ZUC_EIA3_BITLEN] = 4, + [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4 #endif /**< Vector mode dependent pointer table of the multi-buffer APIs */ @@ -238,6 +241,10 @@ struct aesni_mb_session { /**< Expanded GCM key */ uint8_t zuc_cipher_key[16]; /**< ZUC cipher key */ +#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM + snow3g_key_schedule_t pKeySched_snow3g_cipher; + /**< SNOW3G scheduled cipher key */ +#endif }; } cipher; @@ -279,6 +286,10 @@ struct aesni_mb_session { /**< Expanded XCBC authentication keys */ uint8_t zuc_auth_key[16]; /**< ZUC authentication key */ +#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM + snow3g_key_schedule_t pKeySched_snow3g_auth; + /**< SNOW3G scheduled authentication key */ +#endif }; /** Generated digest size by the Multi-buffer library */ uint16_t gen_digest_len; diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c index 54023e013..42f89a955 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c @@ -266,6 +266,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr, memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16); return 0; + } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) { + sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN; + uint16_t snow3g_uia2_digest_len = + get_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN); + if (sess->auth.req_digest_len != snow3g_uia2_digest_len) { + AESNI_MB_LOG(ERR, "Invalid digest size\n"); + return -EINVAL; + } + sess->auth.gen_digest_len = sess->auth.req_digest_len; + + IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data, + &sess->auth.pKeySched_snow3g_auth); + return 0; } #endif @@ -403,6 +416,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr, uint8_t is_docsis = 0; #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM uint8_t is_zuc = 0; + uint8_t is_snow3g = 0; #endif if (xform == NULL) { @@ -457,6 +471,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr, sess->cipher.mode = IMB_CIPHER_ZUC_EEA3; is_zuc = 1; break; + case RTE_CRYPTO_CIPHER_SNOW3G_UEA2: + sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN; + is_snow3g = 1; + break; #endif default: AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter"); @@ -565,6 +583,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr, sess->cipher.key_length_in_bytes = 16; memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data, 16); + } else if (is_snow3g) { + if (xform->cipher.key.length != 16) { + AESNI_MB_LOG(ERR, "Invalid cipher key length"); + return -EINVAL; + } + sess->cipher.key_length_in_bytes = 16; + IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data, + &sess->cipher.pKeySched_snow3g_cipher); #endif } else { if (xform->cipher.key.length != 8) { @@ -1214,6 +1240,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *, session->auth_iv.offset); break; + case IMB_AUTH_SNOW3G_UIA2_BITLEN: + job->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth; + job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *, + session->auth_iv.offset); + break; #endif default: job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner; @@ -1232,10 +1263,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, } } + if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC && + session->cipher.mode == GCM)) + m_offset = op->sym->aead.data.offset; + else + m_offset = op->sym->cipher.data.offset; + #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) { job->aes_enc_key_expanded = session->cipher.zuc_cipher_key; job->aes_dec_key_expanded = session->cipher.zuc_cipher_key; + } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) { + job->enc_keys = &session->cipher.pKeySched_snow3g_cipher; + m_offset = 0; } #endif @@ -1253,12 +1293,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, oop = 1; } - if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC && - session->cipher.mode == GCM)) - m_offset = op->sym->aead.data.offset; - else - m_offset = op->sym->cipher.data.offset; - /* Set digest output location */ if (job->hash_alg != NULL_HASH && session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) { @@ -1327,6 +1361,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, break; default: + /* For SNOW3G, length and offsets are already in bits */ job->cipher_start_src_offset_in_bytes = op->sym->cipher.data.offset; job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length; diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c index f4c4f56fe..9554ff0e7 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c @@ -543,6 +543,51 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = { }, } }, } }, + { /* SNOW 3G (UIA2) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 4, + .max = 4, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, + { /* SNOW 3G (UEA2) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + .block_size = 16, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .iv_size = { + .min = 16, + .max = 16, + .increment = 0 + } + }, } + }, } + }, #endif RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() };