From patchwork Thu Nov 30 13:12:26 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kumar, Ravi1" X-Patchwork-Id: 31819 X-Patchwork-Delegate: pablo.de.lara.guarch@intel.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id E66387D4A; Thu, 30 Nov 2017 14:13:07 +0100 (CET) Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0075.outbound.protection.outlook.com [104.47.38.75]) by dpdk.org (Postfix) with ESMTP id 3E8FC374C for ; Thu, 30 Nov 2017 14:13:04 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=RQRbxotFOSP1XoI02ABke8t6VBCxHLoojspJxWRqhTc=; b=SeshubD3JVM9BazOckUksbB7z4emI5WwumNmJ78Zq5XHpQD+xo4fbq3//JUuLbkW+onDBxNEbMirFZZ8jY2QPWeGKdxQy+dED00b6wgzeasSryytDUsLnfDxJjNApUyiGY6KTzGphZBXmiI1rlmjbRbCw3rne8BM1uuW87Nvx+k= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ravi1.Kumar@amd.com; Received: from wallaby-smavila.amd.com (202.56.249.162) by BN6PR12MB1508.namprd12.prod.outlook.com (10.172.24.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.5; Thu, 30 Nov 2017 13:13:02 +0000 From: Ravi Kumar To: dev@dpdk.org Date: Thu, 30 Nov 2017 08:12:26 -0500 Message-Id: <1512047553-118101-4-git-send-email-Ravi1.kumar@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1512047553-118101-1-git-send-email-Ravi1.kumar@amd.com> References: <1512047553-118101-1-git-send-email-Ravi1.kumar@amd.com> MIME-Version: 1.0 X-Originating-IP: [202.56.249.162] X-ClientProxiedBy: MA1PR0101CA0047.INDPRD01.PROD.OUTLOOK.COM (52.134.137.33) To BN6PR12MB1508.namprd12.prod.outlook.com (10.172.24.149) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 58646320-fb94-4d18-728d-08d537f41683 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603286); SRVR:BN6PR12MB1508; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 3:KWI/5BxK8bMs/jxci3jLXlrc3VnLzA7XwuUdI5ppy0VhbYM+0goKaSkYunoeL7uMddsRBLo4ia8H3xFqNdbO0bREfPZA2nWGxPEJyg/d8WotNHnDWrK3763bXxvcGpRlMg42dczXZUVqxfRALigK8jiRBemjY4IH7TTRN/2oJ1WYcT6tUpLzAk+Or+JgelY3dsJ0N2QAARrm+mnQT59CLHLiKWufvZxUmoFJXtS+qJPQV1hAR2NK7nrMWaB7icGZ; 25:O1FnAQJnTQQu4cQhAOcYmKCTn0hMNnTwTy2fI37b+7Z7khAdD5MoynfmUxWG4aODDAtfIWbR7Xf7ynGRYYI3Q+4FdjWHvR+cPW6aAQjWIABA4j+Mp3dlVg1HxaFG8ve21thfr3jA2+yeHLa8We7FwexPXroolSIFdCTxzImIBu5sukr7xwnJYi/dxHWxZ3szAJKceMumFHXMYRbMde4MI2IZvhPomJVWpL2OjYuwhjRmr/ndwbG+la8dhjM+xt0Eq6pT2BQNZTr0oaF/r04wdHCnh6FvJe1BShmGXvu0e6uH+KB6/yLCl8rWKvWMPDd7mdSIAtMvQQw7r63QwWtfBA==; 31:7yIHP4rcBRsEOOjeDKskW4TWfQxfJTYjrSBhiN7mrNzIVN1Ed+ugdTaWHggq+NTKhAoXaL1K/cRTV8klpD5M6UujuKBxIETJ9+dwKAGCNH8h6l4kE0DEfGWEWVQDoaoaQJlS30inqNbX+HVPnXppvmdWn7YuLFG9kNKwgnvAL+Inbdx8Na7eYjt7jiIimacKpQGIiBWGnFNyxgs8u69gCvedXK1chxYO5NILkj4FNMQ= X-MS-TrafficTypeDiagnostic: BN6PR12MB1508: X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 20:XDW+zdQZ1ZJcri9AKx7ZcdYZTR8RSjguO4Y0VipzE2ozrFfNOAhHRnp3QAwQT1dYdtcixKjqEQVXiIFJknvVm6o+/AS6YYu5JFzC1lEey+IqldUrlW1ZeIRSQ/DZtuXdKWY9ebISyFjBztSDF/1039L+eIQzJpJn2LRT9lXMt/i9hPvoSN+A2AzapFagfbyj16i1eBtjigqvOrUILAHNiT1c/52Er6g/GKJ3ig4qBgx/CZFeMbL+v2sWhiOhgYv4zTvM9MKUnZIWm3PkPdNp5GF5g1vIUOHtCanzRC2XrY82Z9Adxo1qXEpnaM8CdLymfrRPGk4QgfepsD3Sh5GtU21gvq3P0VsOtW0Wt8LQG2TWsU0hendO/ipeJsSTKCXUPpM32d/a235lfp62BFSoqQ7B6roPirhAqyVl/T/vg57NC/rriptar2A3xnWDPEzRkfq5v/ipKrWAULOdTuSrPfoU7QLHQfN2nEcJYZLrWnWxl1mFbJg98fG1k6uNh8md; 4:OfK9klRmdAOcdc6fL9n8BLid6U5tnVe0uubWOUVVVltunyom6qvxFplpWqfu472sHtJa9VSl/rbASE+jsL9ij0yLFOVejvVhuUzSTwdTnBb+6iBwtYvRdApGR2cy6XZYIIMjU8tnXFxvI/Yef5rqqciNusJyi6BZ5F7kcKOMvO7CRl/qIY3YbU1xQ5l8LmM5an0X+8vekdN8OS7lRN7cq7OYO1SoaCJh+AsfyVuAdIyh3ceLp7rZ4tCWIy9NI9+pZHafT+ogarTtwJx0kE8vyvjXULos6+ddrmzJVPRqgH6KjGNRKiZ9qjKfJLOCVVS8 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(3231022)(10201501046)(6055026)(6041248)(20161123558100)(20161123555025)(20161123562025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(6072148)(201708071742011); SRVR:BN6PR12MB1508; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:BN6PR12MB1508; X-Forefront-PRVS: 05079D8470 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(346002)(376002)(366004)(39860400002)(189002)(199003)(36756003)(72206003)(6486002)(16526018)(5660300001)(101416001)(50226002)(97736004)(8936002)(50986010)(76176010)(8676002)(81156014)(105586002)(81166006)(53936002)(53416004)(16586007)(6666003)(478600001)(106356001)(7736002)(6916009)(2906002)(50466002)(2950100002)(48376002)(52116002)(51416003)(2361001)(305945005)(2351001)(86362001)(68736007)(7696005)(47776003)(25786009)(316002)(3846002)(6116002)(189998001)(66066001); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR12MB1508; H:wallaby-smavila.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR12MB1508; 23:ySlbPO2Pj+V1SbDCypYx3enOrzvUZdTMYaV05KmN6?= eaOI8duqIwOtecdGmnQtK87XFTFZwMzlvB+duelXFBLw5Too3gO/Mj8JtRG2Hv+vm0COmSfpGxb/z4DLjrsv6Yq5Qmp2JUOtLWdW6flIa/eHCuRsZctUowHS2oaMZLB3GP9gALO5aUd+IyTwA8NQPMmXcDjMNh46r6TsRz0SN5meGGiuMwFId1U0L6Fw6X+VnoT+2IET6gXLtHS7ynJvY29OhX+JQNlz/jP/OhFPexHZkQ+Zf2Iq4AcLRotmToACp/A67lTp9mor13mWcys1Y8JL5ewWW+974qfV//pS71IUc+3Q5O9PYjIrMkmQ2N8Ic6ARLzHJztH9ffnmwrQBcb5fPbxlGVUkGMDmbWv4bUTk3AH1h1OQgow3wrKaHQ+KXYe75j5QXxj4notobNpyM5oeLTPnuY0iBp755JtaLrZf0qQgBXKmRWNmMFKC1L1PpMLvQTs7Zy+4Ewzb7VqPWyCiKeDX3PpO4Xqb45p6m8bKLQNUemjfu/qE1rmmjnA/ps5RtkHhVHXBBXHmCJ8JkQDgxmjZbJjmHYsePrrCOpv8dZFImme8BsKWm4RXxQG6cWsvDwWWgaHeS8kvFYgCvfLKr0ZDexup48ronM+DnrcfVYtb3qk+HbcvalmaSMx4SUYJd/fj7x2LzrTemGAQibp7griP9oV3yWmPhTNwmdG1FRsCeKIgfCUDnh3E7ViG/1eFESuTWVzvYh/xvUSjJ8PeEhwbEvL04DhwThR9Zk0Z36N9KYuQOSdH9SAeQ8gQ+iASEVxl7ZF3CDrKAjVULqYXHucMg2YMbDIzpl7URXWzcRyEkBEQhlBJ+HQRO6OLZuss3y6bW5har18LWCvzTTw8562/gITd61SNcmH7FFO8wPZxxtF6YoyvXi7h0O2xWOVJU9Nzbj33Rezv2Rh00OUnRXNLrGXVGjNtc9YEBFiGBI2I+NjcvPh7meTdaHeIVhjQSYysYcpndw8Y9J2KrPDkURw1933q3vRDHdg6xayoHfvk/4SrJOXb/+8pHkGPUH0oeouuVOjCrOkH+ApZTaK3OJ3CDsJHRPS0EcTqAf759i/zahyZBht4TS+6BsCJQzoRnMx4cgmhYZDDxoODkd9 X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 6:rs8iw/RQXt8SHcOdl/xZ/aul2I9JIhtR2WZ4N8V2RoFSANqJFnC0CwYIwiHEo6HC7FECULDGAsa7eRLhhplkVzw/0g+o+EYi5DUzGe4Zh1N+v2gGdH8g/ymDA/592Cv2n5zzu2sJ9I/8Hx7J6Yxy9mFZiXv4hk/qBeqpIgAbV6stznvF+v0kDp08RygvSJYYD4LK0MiR8EQjvPffZhlNacAS0L284BbiUFn5MSomU67Z7szAks7epH2vD+uKGLTWTXWXZUEldxmu6X3pvYwhbpi5ucfN4dzFqZM+dDLWk7dgMVK2XwYjV1VtMiIGoxx0Kg1q50J5Fwwl9//unbKQFIvjMeD1LYazwOMbgoCQmbw=; 5:P5I2em2p4/17qNcYolPNITB+D7Dg3EyP2nJhobh6bUmMFm8KSeanKCuVbGesZTM4veipyaPW/q6yqHolmHiH5rj6VMEHV8Iy+DbkrZBvT9fCbPtXl/c2KBFkBFK4Foto1VCoTyMCtKLhde5wL0Mof3ZBktfUfjofgclnHqk7EWM=; 24:tMxUbM4x6Uw0kt5lAUlyApgdPr439SVwyif4CG9CdcXoWsirQ+n8JcGg5dPisau313U5lZZbxAAxhgWZeot52+Ba99bNSuxOMGPFpBD+tWM=; 7:1VXeNw4tP7oguQ/C8I2EMilV5iSOUMi/p8g/viS4ls9BhMUQkq/DiNSNM0ZVtlXTds/DDXP9PzpO4pEPwKdaIgEK6Fip3I/Q5Svw7pz8vvfzWCE16/qhY6Bxc7TpkZBMHNuv4+2obgrzXUSdIpS3/ViRxBTQ8cpdV/uzLep1GstOaiLCMJpQfReo2Pv+z7yihVFD34u9ejZqrUzu9UcPeQRypLHYt8bB7dBTPPvQcQKy2eJ2TaoCwHpwo6hp15Bv SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1508; 20:hBDFPyEJUYRx/03qb6WlgHc17kQ1lLRWUxKcnj3BTWpyyvYpd++loJutuODaZ4rlHHLCk/BMPzV2YALI+6GAz9IQ21ZntnFzWmBwM+SRgOjMroyKQO3qxt9mZrxpi9XadtqTBAS79MHUtSiWdra7Qa3cn/pyhPJYj0p/mBMUryXwxuG9eLjMVepTbRxL+5zlTHr4s32h/4fFwJOecYx1tcBJ99ETm2S+Z5Ayiieiu21H1FvB12euLtroLF1ekmco X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Nov 2017 13:13:02.2991 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 58646320-fb94-4d18-728d-08d537f41683 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1508 Subject: [dpdk-dev] [PATCH 04/11] crypto/ccp: add support for AES-CMAC X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Signed-off-by: Ravi Kumar --- drivers/crypto/ccp/ccp_crypto.c | 272 +++++++++++++++++++++++++++++++++++++++ drivers/crypto/ccp/ccp_crypto.h | 3 + drivers/crypto/ccp/ccp_dev.c | 1 + drivers/crypto/ccp/ccp_pmd_ops.c | 21 +++ 4 files changed, 297 insertions(+) diff --git a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index 68e1169..4d71ec1 100644 --- a/drivers/crypto/ccp/ccp_crypto.c +++ b/drivers/crypto/ccp/ccp_crypto.c @@ -51,6 +51,7 @@ #include #include /*partial hash apis*/ +#include /*sub key apis*/ #include /*sub key apis*/ /* SHA initial context values */ @@ -276,6 +277,84 @@ static int generate_partial_hash(struct ccp_session *sess) } } +/* prepare temporary keys K1 and K2 */ +static void prepare_key(unsigned char *k, unsigned char *l, int bl) +{ + int i; + /* Shift block to left, including carry */ + for (i = 0; i < bl; i++) { + k[i] = l[i] << 1; + if (i < bl - 1 && l[i + 1] & 0x80) + k[i] |= 1; + } + /* If MSB set fixup with R */ + if (l[0] & 0x80) + k[bl - 1] ^= bl == 16 ? 0x87 : 0x1b; +} + +/**subkeys K1 and K2 generation for CMAC*/ +static int +generate_cmac_subkeys(struct ccp_session *sess) +{ + const EVP_CIPHER *algo; + EVP_CIPHER_CTX *ctx; + unsigned char *ccp_ctx; + size_t i; + int dstlen, totlen; + unsigned char zero_iv[AES_BLOCK_SIZE] = {0}; + unsigned char dst[2 * AES_BLOCK_SIZE] = {0}; + unsigned char k1[AES_BLOCK_SIZE] = {0}; + unsigned char k2[AES_BLOCK_SIZE] = {0}; + + if (sess->auth.ut.aes_type == CCP_AES_TYPE_128) + algo = EVP_aes_128_cbc(); + else if (sess->auth.ut.aes_type == CCP_AES_TYPE_192) + algo = EVP_aes_192_cbc(); + else if (sess->auth.ut.aes_type == CCP_AES_TYPE_256) + algo = EVP_aes_256_cbc(); + else { + CCP_LOG_ERR("Invalid CMAC type length"); + return -1; + } + + ctx = EVP_CIPHER_CTX_new(); + if (!ctx) { + CCP_LOG_ERR("ctx creation failed"); + return -1; + } + if (EVP_EncryptInit(ctx, algo, (unsigned char *)sess->auth.key, + (unsigned char *)zero_iv) <= 0) + goto key_generate_err; + if (EVP_CIPHER_CTX_set_padding(ctx, 0) <= 0) + goto key_generate_err; + if (EVP_EncryptUpdate(ctx, dst, &dstlen, zero_iv, + AES_BLOCK_SIZE) <= 0) + goto key_generate_err; + if (EVP_EncryptFinal_ex(ctx, dst + dstlen, &totlen) <= 0) + goto key_generate_err; + + memset(sess->auth.pre_compute, 0, CCP_SB_BYTES * 2); + + ccp_ctx = (unsigned char *)(sess->auth.pre_compute + CCP_SB_BYTES - 1); + prepare_key(k1, dst, AES_BLOCK_SIZE); + for (i = 0; i < AES_BLOCK_SIZE; i++, ccp_ctx--) + *ccp_ctx = k1[i]; + + ccp_ctx = (unsigned char *)(sess->auth.pre_compute + + (2 * CCP_SB_BYTES) - 1); + prepare_key(k2, k1, AES_BLOCK_SIZE); + for (i = 0; i < AES_BLOCK_SIZE; i++, ccp_ctx--) + *ccp_ctx = k2[i]; + + EVP_CIPHER_CTX_free(ctx); + + return 0; + +key_generate_err: + CCP_LOG_ERR("CMAC Init failed"); + return -1; +} + /**configure session*/ static int ccp_configure_session_cipher(struct ccp_session *sess, @@ -373,6 +452,7 @@ ccp_configure_session_auth(struct ccp_session *sess, const struct rte_crypto_sym_xform *xform) { const struct rte_crypto_auth_xform *auth_xform = NULL; + size_t i; auth_xform = &xform->auth; @@ -507,6 +587,33 @@ ccp_configure_session_auth(struct ccp_session *sess, if (generate_partial_hash(sess)) return -1; break; + case RTE_CRYPTO_AUTH_AES_CMAC: + sess->auth.algo = CCP_AUTH_ALGO_AES_CMAC; + sess->auth.engine = CCP_ENGINE_AES; + sess->auth.um.aes_mode = CCP_AES_MODE_CMAC; + sess->auth.key_length = auth_xform->key.length; + /**auth.ctx_len = CCP_SB_BYTES << 1; + sess->auth.offset = AES_BLOCK_SIZE; + sess->auth.block_size = AES_BLOCK_SIZE; + if (sess->auth.key_length == 16) + sess->auth.ut.aes_type = CCP_AES_TYPE_128; + else if (sess->auth.key_length == 24) + sess->auth.ut.aes_type = CCP_AES_TYPE_192; + else if (sess->auth.key_length == 32) + sess->auth.ut.aes_type = CCP_AES_TYPE_256; + else { + CCP_LOG_ERR("Invalid CMAC key length"); + return -1; + } + rte_memcpy(sess->auth.key, auth_xform->key.data, + sess->auth.key_length); + for (i = 0; i < sess->auth.key_length; i++) + sess->auth.key_ccp[sess->auth.key_length - i - 1] = + sess->auth.key[i]; + if (generate_cmac_subkeys(sess)) + return -1; + break; default: CCP_LOG_ERR("Unsupported hash algo"); return -1; @@ -697,6 +804,15 @@ ccp_auth_slot(struct ccp_session *session) * 6. Retrieve HMAC output from LSB to host memory */ break; + case CCP_AUTH_ALGO_AES_CMAC: + count = 4; + /** + * op + * extra descriptor in padding case + * (k1/k2(255:128) with iv(127:0)) + * Retrieve result + */ + break; default: CCP_LOG_ERR("Unsupported ALGO %d", session->cipher.algo); } @@ -1077,6 +1193,158 @@ ccp_perform_sha(struct rte_crypto_op *op, } static int +ccp_perform_aes_cmac(struct rte_crypto_op *op, + struct ccp_queue *cmd_q) +{ + struct ccp_session *session; + union ccp_function function; + struct ccp_passthru pst; + struct ccp_desc *desc; + uint32_t tail; + uint8_t *src_tb, *append_ptr, *ctx_addr; + phys_addr_t src_addr, dest_addr, key_addr; + int length, non_align_len; + + session = (struct ccp_session *)get_session_private_data( + op->sym->session, + cryptodev_driver_id); + key_addr = rte_mem_virt2phy(session->auth.key_ccp); + + src_addr = rte_pktmbuf_mtophys_offset(op->sym->m_src, + op->sym->auth.data.offset); + append_ptr = (uint8_t *)rte_pktmbuf_append(op->sym->m_src, + session->auth.ctx_len); + dest_addr = (phys_addr_t)rte_mem_virt2phy((void *)append_ptr); + + function.raw = 0; + CCP_AES_ENCRYPT(&function) = CCP_CIPHER_DIR_ENCRYPT; + CCP_AES_MODE(&function) = session->auth.um.aes_mode; + CCP_AES_TYPE(&function) = session->auth.ut.aes_type; + + if (op->sym->auth.data.length % session->auth.block_size == 0) { + + ctx_addr = session->auth.pre_compute; + memset(ctx_addr, 0, AES_BLOCK_SIZE); + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)ctx_addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES); + pst.len = CCP_SB_BYTES; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + /* prepare desc for aes-cmac command */ + CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = op->sym->auth.data.length; + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr); + CCP_CMD_KEY_HI(desc) = high32_value(key_addr); + CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM; + CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv; + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + + tail = + (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + } else { + ctx_addr = session->auth.pre_compute + CCP_SB_BYTES; + memset(ctx_addr, 0, AES_BLOCK_SIZE); + pst.src_addr = (phys_addr_t)rte_mem_virt2phy((void *)ctx_addr); + pst.dest_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES); + pst.len = CCP_SB_BYTES; + pst.dir = 1; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_NOOP; + ccp_perform_passthru(&pst, cmd_q); + + length = (op->sym->auth.data.length / AES_BLOCK_SIZE); + length *= AES_BLOCK_SIZE; + non_align_len = op->sym->auth.data.length - length; + /* prepare desc for aes-cmac command */ + /*Command 1*/ + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES; + CCP_CMD_INIT(desc) = 1; + CCP_CMD_FUNCTION(desc) = function.raw; + + CCP_CMD_LEN(desc) = length; + CCP_CMD_SRC_LO(desc) = ((uint32_t)src_addr); + CCP_CMD_SRC_HI(desc) = high32_value(src_addr); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr); + CCP_CMD_KEY_HI(desc) = high32_value(key_addr); + CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM; + CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv; + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + /*Command 2*/ + append_ptr = append_ptr + CCP_SB_BYTES; + memset(append_ptr, 0, AES_BLOCK_SIZE); + src_tb = rte_pktmbuf_mtod_offset(op->sym->m_src, + uint8_t *, + op->sym->auth.data.offset + + length); + rte_memcpy(append_ptr, src_tb, non_align_len); + append_ptr[non_align_len] = CMAC_PAD_VALUE; + + desc = &cmd_q->qbase_desc[cmd_q->qidx]; + memset(desc, 0, Q_DESC_SIZE); + + CCP_CMD_ENGINE(desc) = CCP_ENGINE_AES; + CCP_CMD_EOM(desc) = 1; + CCP_CMD_FUNCTION(desc) = function.raw; + CCP_CMD_LEN(desc) = AES_BLOCK_SIZE; + + CCP_CMD_SRC_LO(desc) = ((uint32_t)(dest_addr + CCP_SB_BYTES)); + CCP_CMD_SRC_HI(desc) = high32_value(dest_addr + CCP_SB_BYTES); + CCP_CMD_SRC_MEM(desc) = CCP_MEMTYPE_SYSTEM; + + CCP_CMD_KEY_LO(desc) = ((uint32_t)key_addr); + CCP_CMD_KEY_HI(desc) = high32_value(key_addr); + CCP_CMD_KEY_MEM(desc) = CCP_MEMTYPE_SYSTEM; + CCP_CMD_LSB_ID(desc) = cmd_q->sb_iv; + + cmd_q->qidx = (cmd_q->qidx + 1) % COMMANDS_PER_QUEUE; + + rte_wmb(); + tail = + (uint32_t)(cmd_q->qbase_phys_addr + cmd_q->qidx * Q_DESC_SIZE); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_TAIL_LO_BASE, tail); + CCP_WRITE_REG(cmd_q->reg_base, CMD_Q_CONTROL_BASE, + cmd_q->qcontrol | CMD_Q_RUN); + } + /* Retrieve result */ + pst.dest_addr = dest_addr; + pst.src_addr = (phys_addr_t)(cmd_q->sb_iv * CCP_SB_BYTES); + pst.len = CCP_SB_BYTES; + pst.dir = 0; + pst.bit_mod = CCP_PASSTHRU_BITWISE_NOOP; + pst.byte_swap = CCP_PASSTHRU_BYTESWAP_256BIT; + ccp_perform_passthru(&pst, cmd_q); + + op->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED; + return 0; +} + +static int ccp_perform_aes(struct rte_crypto_op *op, struct ccp_queue *cmd_q, struct ccp_batch_info *b_info) @@ -1513,6 +1781,10 @@ ccp_crypto_auth(struct rte_crypto_op *op, result = ccp_perform_hmac(op, cmd_q); b_info->desccnt += 7; break; + case CCP_AUTH_ALGO_AES_CMAC: + result = ccp_perform_aes_cmac(op, cmd_q); + b_info->desccnt += 4; + break; default: CCP_LOG_ERR("Unsupported Cipher algo"); result = -1; diff --git a/drivers/crypto/ccp/ccp_crypto.h b/drivers/crypto/ccp/ccp_crypto.h index 675b5ae..21cc99f 100644 --- a/drivers/crypto/ccp/ccp_crypto.h +++ b/drivers/crypto/ccp/ccp_crypto.h @@ -47,6 +47,7 @@ #include #define AES_BLOCK_SIZE 16 +#define CMAC_PAD_VALUE 0x80 #define CTR_NONCE_SIZE 4 #define CTR_IV_SIZE 8 #define CCP_SHA_CTX_SIZE 200 @@ -233,6 +234,7 @@ enum ccp_hash_algo { CCP_AUTH_ALGO_SHA384_HMAC, CCP_AUTH_ALGO_SHA512, CCP_AUTH_ALGO_SHA512_HMAC, + CCP_AUTH_ALGO_AES_CMAC, CCP_AUTH_ALGO_AES_GCM, }; @@ -301,6 +303,7 @@ struct ccp_session { int block_size; /** #include /*partial hash apis*/ +#include /*sub key apis*/ #include /*sub key apis*/ struct ccp_list ccp_list = TAILQ_HEAD_INITIALIZER(ccp_list); diff --git a/drivers/crypto/ccp/ccp_pmd_ops.c b/drivers/crypto/ccp/ccp_pmd_ops.c index 02080a5..3a5e03c 100644 --- a/drivers/crypto/ccp/ccp_pmd_ops.c +++ b/drivers/crypto/ccp/ccp_pmd_ops.c @@ -249,6 +249,27 @@ static const struct rte_cryptodev_capabilities ccp_pmd_capabilities[] = { }, } }, } }, + { /*AES-CMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_AES_CMAC, + .block_size = 16, + .key_size = { + .min = 16, + .max = 32, + .increment = 8 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .aad_size = { 0 } + }, } + }, } + }, { /* AES ECB */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = {