From patchwork Tue Oct  3 10:48:51 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anoob Joseph <anoobj@marvell.com>
X-Patchwork-Id: 132277
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 8D236426AE;
	Tue,  3 Oct 2023 12:49:10 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 6DA6D40685;
	Tue,  3 Oct 2023 12:49:07 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 9CC074067D
 for <dev@dpdk.org>; Tue,  3 Oct 2023 12:49:05 +0200 (CEST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 3933ikxS022252; Tue, 3 Oct 2023 03:49:01 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=l/GP9WBFnpCPgEi4TGcbx/osCbyYrXMBJXM7DuAxsVo=;
 b=lPyQ00N7tvaO17xeezgzGiw8akoniMK/aBolNkccik3pqf0nXG/NIW/Ti3Up81EyoXbc
 9l0zfZiGHYLS7NSCKGz2F3WS4zUtpjwEhgcIAoy2U0plCxg/SCdxgKR/YOcN1ITsyDzs
 cPGckHSYxT8z0zHxr1OcBz1MCmahyYDOJ27QgqnRIamhTEqlRyGpCyFYeooMOnYu3eQM
 losrWGN76EHmUF4WhKYJ6BmFAqb90CFGah5FrG7qNgrE7Hv8D/rFOEPpqrxUHSRSg4nU
 w2kek09/Alv7Pgk1wStpe+TtdL6Qz4iRbWTM2Q6E0hiVzrt2SMal9tucVekte95uxUFg Gg==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3tgbas98vr-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
 Tue, 03 Oct 2023 03:49:01 -0700
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48;
 Tue, 3 Oct 2023 03:48:59 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.48 via Frontend
 Transport; Tue, 3 Oct 2023 03:48:59 -0700
Received: from BG-LT92004.corp.innovium.com (unknown [10.28.163.189])
 by maili.marvell.com (Postfix) with ESMTP id 2CAE33F7082;
 Tue,  3 Oct 2023 03:48:53 -0700 (PDT)
From: Anoob Joseph <anoobj@marvell.com>
To: Thomas Monjalon <thomas@monjalon.net>, Akhil Goyal <gakhil@marvell.com>,
 Jerin Jacob <jerinj@marvell.com>, Harry van Haaren
 <harry.van.haaren@intel.com>
CC: Konstantin Ananyev <konstantin.v.ananyev@yandex.ru>, Hemant Agrawal
 <hemant.agrawal@nxp.com>, <dev@dpdk.org>, Olivier Matz
 <olivier.matz@6wind.com>, Vidya Sagar Velumuri <vvelumuri@marvell.com>
Subject: [PATCH v2 2/5] security: add TLS record processing
Date: Tue, 3 Oct 2023 16:18:51 +0530
Message-ID: <20231003104854.1381-3-anoobj@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20231003104854.1381-1-anoobj@marvell.com>
References: <20230811071712.240-1-anoobj@marvell.com>
 <20231003104854.1381-1-anoobj@marvell.com>
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: fy3gdiF6CrLA2ETBY_YP3bfWce_OctSC
X-Proofpoint-GUID: fy3gdiF6CrLA2ETBY_YP3bfWce_OctSC
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26
 definitions=2023-10-03_07,2023-10-02_01,2023-05-22_02
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Add Transport Layer Security (TLS) and Datagram Transport Layer Security
(DTLS). The protocols provide communications privacy for L4 protocols
such as TCP & UDP.

TLS (and DTLS) protocol is composed of two layers,
1. TLS Record Protocol
2. TLS Handshake Protocol

While TLS Handshake Protocol helps in establishing security parameters
by which client and server can communicate, TLS Record Protocol provides
the connection security. TLS Record Protocol leverages symmetric
cryptographic operations such as data encryption and authentication for
providing security to the communications.

Cryptodevs that are capable of offloading TLS Record Protocol may
perform other operations like IV generation, header insertion, atomic
sequence number updates and anti-replay window check in addition to
cryptographic transformations.

Support for TLS record protocol is added for TLS 1.2, TLS 1.3 and
DTLS 1.2.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 doc/guides/prog_guide/rte_security.rst |  62 ++++++++++++++
 lib/security/rte_security.c            |   4 +
 lib/security/rte_security.h            | 110 +++++++++++++++++++++++++
 3 files changed, 176 insertions(+)

diff --git a/doc/guides/prog_guide/rte_security.rst b/doc/guides/prog_guide/rte_security.rst
index ad8c6374bd..f90dee5df0 100644
--- a/doc/guides/prog_guide/rte_security.rst
+++ b/doc/guides/prog_guide/rte_security.rst
@@ -399,6 +399,66 @@ The API ``rte_security_macsec_sc_create`` returns a handle for SC,
 and this handle is set in ``rte_security_macsec_xform``
 to create a MACsec session using ``rte_security_session_create``.
 
+TLS-Record Protocol
+~~~~~~~~~~~~~~~~~~~
+
+The Transport Layer Protocol provides communications security over the Internet. The protocol
+allows client/server applications to communicate in a way that is designed to prevent eavesdropping,
+tampering, or message forgery.
+
+TLS protocol is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. At
+the lowest level, layered on top of some reliable transport protocol (e.g., TCP), is the TLS Record
+Protocol. The TLS Record Protocol provides connection security that has two basic properties:
+
+   -  The connection is private.  Symmetric cryptography is used for data
+      encryption (e.g., AES, DES, etc.).  The keys for this symmetric encryption
+      are generated uniquely for each connection and are based on a secret
+      negotiated during TLS Handshake Protocol. The Record Protocol can also be
+      used without encryption.
+
+   -  The connection is reliable.  Message transport includes a message
+      integrity check using a keyed MAC.  Secure hash functions (e.g.,
+      SHA-1, etc.) are used for MAC computations. The Record Protocol can
+      operate without a MAC when it is being used as a transport for negotiating
+      security parameters by another protocol.
+
+.. code-block:: c
+
+             Record Write                   Record Read
+             ------------                   -----------
+
+             TLSPlaintext                  TLSCiphertext
+                  |                              |
+                  ~                              ~
+                  |                              |
+                  V                              V
+       +----------|-----------+       +----------|-----------+
+       | Generate sequence no.|       | Generate sequence no.|
+       +----------|-----------+       +----------------------+
+                  |                   |    AR check (DTLS)   |
+       +----------|-----------+       +----------|-----------+
+       |  Insert TLS header   |                  |
+       |     & trailer.       |       +----------|-----------+
+       | (including padding)  |       | Decrypt & MAC verify |
+       +----------|-----------+       +----------|-----------+
+                  |                              |
+        +---------|-----------+       +----------|-----------+
+        |    MAC generate &   |       |  Remove TLS header   |
+        |      Encrypt        |       |      & trailer.      |
+        +---------|-----------+       | (including padding)  |
+                  |                   +----------|-----------+
+                  |                              |
+                  ~                              ~
+                  |                              |
+                  V                              V
+            TLSCiphertext                  TLSPlaintext
+
+Supported Versions
+^^^^^^^^^^^^^^^^^^
+
+* TLS 1.2
+* TLS 1.3
+* DTLS 1.2
 
 Device Features and Capabilities
 ---------------------------------
@@ -701,6 +761,8 @@ PDCP related configuration parameters are defined in ``rte_security_pdcp_xform``
 
 DOCSIS related configuration parameters are defined in ``rte_security_docsis_xform``
 
+TLS record related configuration parameters are defined in ``rte_security_tls_record_xform``
+
 
 Security API
 ~~~~~~~~~~~~
diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c
index ab44bbe0f0..04872ec1a0 100644
--- a/lib/security/rte_security.c
+++ b/lib/security/rte_security.c
@@ -314,6 +314,10 @@ rte_security_capability_get(void *ctx, struct rte_security_capability_idx *idx)
 						RTE_SECURITY_PROTOCOL_MACSEC) {
 				if (idx->macsec.alg == capability->macsec.alg)
 					return capability;
+			} else if (idx->protocol == RTE_SECURITY_PROTOCOL_TLS_RECORD) {
+				if (capability->tls_record.ver == idx->tls_record.ver &&
+				    capability->tls_record.type == idx->tls_record.type)
+					return capability;
 			}
 		}
 	}
diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h
index c9cc7a45a6..54c32c1147 100644
--- a/lib/security/rte_security.h
+++ b/lib/security/rte_security.h
@@ -597,6 +597,98 @@ struct rte_security_docsis_xform {
 	/**< DOCSIS direction */
 };
 
+/** Implicit nonce length to be used with AEAD algos in TLS 1.2 */
+#define RTE_SECURITY_TLS_1_2_IMP_NONCE_LEN 4
+/** Implicit nonce length to be used with AEAD algos in TLS 1.3 */
+#define RTE_SECURITY_TLS_1_3_IMP_NONCE_LEN 12
+/** Implicit nonce length to be used with AEAD algos in DTLS 1.2 */
+#define RTE_SECURITY_DTLS_1_2_IMP_NONCE_LEN 4
+
+/** TLS version */
+enum rte_security_tls_version {
+	RTE_SECURITY_VERSION_TLS_1_2,	/**< TLS 1.2 */
+	RTE_SECURITY_VERSION_TLS_1_3,	/**< TLS 1.3 */
+	RTE_SECURITY_VERSION_DTLS_1_2,	/**< DTLS 1.2 */
+};
+
+/** TLS session type */
+enum rte_security_tls_sess_type {
+	/** Record read session
+	 * - Decrypt & digest verification.
+	 */
+	RTE_SECURITY_TLS_SESS_TYPE_READ,
+	/** Record write session
+	 * - Encrypt & digest generation.
+	 */
+	RTE_SECURITY_TLS_SESS_TYPE_WRITE,
+};
+
+/**
+ * TLS record session options
+ */
+struct rte_security_tls_record_sess_options {
+	/** Disable IV generation in PMD
+	 *
+	 * * 1: Disable IV generation in PMD. When disabled, IV provided in rte_crypto_op will be
+	 *      used by the PMD.
+	 *
+	 * * 0: Enable IV generation in PMD. When enabled, PMD generated random value would be used
+	 *      and application is not required to provide IV.
+	 */
+	uint32_t iv_gen_disable : 1;
+};
+
+/**
+ * TLS record protocol session configuration.
+ *
+ * This structure contains data required to create a TLS record security session.
+ */
+struct rte_security_tls_record_xform {
+	/** TLS record version. */
+	enum rte_security_tls_version ver;
+	/** TLS record session type. */
+	enum rte_security_tls_sess_type type;
+	/** TLS record session options. */
+	struct rte_security_tls_record_sess_options options;
+	union {
+		/** TLS 1.2 parameters. */
+		struct {
+			/** Starting sequence number. */
+			uint64_t seq_no;
+			/** Implicit nonce to be used for AEAD algos. */
+			uint8_t imp_nonce[RTE_SECURITY_TLS_1_2_IMP_NONCE_LEN];
+		} tls_1_2;
+
+		/** TLS 1.3 parameters. */
+		struct {
+			/** Starting sequence number. */
+			uint64_t seq_no;
+			/** Implicit nonce to be used for AEAD algos. */
+			uint8_t imp_nonce[RTE_SECURITY_TLS_1_3_IMP_NONCE_LEN];
+			/**
+			 * Minimum payload length (in case of write sessions). For shorter inputs,
+			 * the payload would be padded appropriately before performing crypto
+			 * transformations.
+			 */
+			uint32_t min_payload_len;
+		} tls_1_3;
+
+		/** DTLS 1.2 parameters */
+		struct {
+			/** Epoch value to be used. */
+			uint16_t epoch;
+			/** 6B starting sequence number to be used. */
+			uint64_t seq_no;
+			/** Implicit nonce to be used for AEAD algos. */
+			uint8_t imp_nonce[RTE_SECURITY_DTLS_1_2_IMP_NONCE_LEN];
+			/** Anti replay window size to enable sequence replay attack handling.
+			 * Anti replay check is disabled if the window size is 0.
+			 */
+			uint32_t ar_win_sz;
+		} dtls_1_2;
+	};
+};
+
 /**
  * Security session action type.
  */
@@ -634,6 +726,8 @@ enum rte_security_session_protocol {
 	/**< PDCP Protocol */
 	RTE_SECURITY_PROTOCOL_DOCSIS,
 	/**< DOCSIS Protocol */
+	RTE_SECURITY_PROTOCOL_TLS_RECORD,
+	/**< TLS Record Protocol */
 };
 /* >8 End enumeration of rte_security_session_protocol. */
 
@@ -651,6 +745,7 @@ struct rte_security_session_conf {
 		struct rte_security_macsec_xform macsec;
 		struct rte_security_pdcp_xform pdcp;
 		struct rte_security_docsis_xform docsis;
+		struct rte_security_tls_record_xform tls_record;
 	};
 	/**< Configuration parameters for security session */
 	struct rte_crypto_sym_xform *crypto_xform;
@@ -1217,6 +1312,17 @@ struct rte_security_capability {
 			/**< DOCSIS direction */
 		} docsis;
 		/**< DOCSIS capability */
+		struct {
+			enum rte_security_tls_version ver;
+			/**< TLS record version. */
+			enum rte_security_tls_sess_type type;
+			/**< TLS record session type. */
+			uint32_t ar_win_size;
+			/**< Maximum anti replay window size supported for DTLS 1.2 record read
+			 * operation. Value of 0 means anti replay check is not supported.
+			 */
+		} tls_record;
+		/**< TLS record capability */
 	};
 
 	const struct rte_cryptodev_capabilities *crypto_capabilities;
@@ -1280,6 +1386,10 @@ struct rte_security_capability_idx {
 		struct {
 			enum rte_security_macsec_alg alg;
 		} macsec;
+		struct {
+			enum rte_security_tls_version ver;
+			enum rte_security_tls_sess_type type;
+		} tls_record;
 	};
 };