[v1] crypto/ipsec_mb: use new ipad/opad calculation API

Message ID 20240605084844.270122-1-brian.dooley@intel.com (mailing list archive)
State Accepted
Delegated to: akhil goyal
Headers
Series [v1] crypto/ipsec_mb: use new ipad/opad calculation API |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/loongarch-compilation success Compilation OK
ci/loongarch-unit-testing success Unit Testing PASS
ci/Intel-compilation success Compilation OK
ci/intel-Testing success Testing PASS
ci/github-robot: build success github build: passed
ci/intel-Functional success Functional PASS
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-abi-testing success Testing PASS
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-compile-arm64-testing success Testing PASS
ci/iol-compile-amd64-testing success Testing PASS
ci/iol-broadcom-Performance success Performance Testing PASS
ci/iol-broadcom-Functional success Functional Testing PASS
ci/iol-unit-amd64-testing success Testing PASS RETEST #2
ci/iol-unit-arm64-testing success Testing PASS RETEST #2
ci/iol-sample-apps-testing success Testing PASS RETEST #2

Commit Message

Brian Dooley June 5, 2024, 8:48 a.m. UTC
  From: Pablo de Lara <pablo.de.lara.guarch@intel.com>

IPSec Multi-buffer library v1.4 added a new API to
calculate inner/outer padding for HMAC-SHAx/MD5.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
---
 drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34 +++++++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)
  

Comments

Brian Dooley June 10, 2024, 8:19 a.m. UTC | #1
Recheck-request: iol-unit-amd64-testing
  
Brian Dooley June 20, 2024, 9 a.m. UTC | #2
Recheck-request: iol-unit-arm64-testing
  
Ji, Kai June 24, 2024, 2:33 p.m. UTC | #3
Acked-by: Kai Ji <kai.ji@intel.com>
  
Wathsala Wathawana Vithanage June 27, 2024, 2:35 p.m. UTC | #4
Acked-by: Wathsala Vithanage <wathsala.vithanage@arm.com>

> Subject: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
> 
> From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> 
> IPSec Multi-buffer library v1.4 added a new API to calculate inner/outer
> padding for HMAC-SHAx/MD5.
> 
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> Signed-off-by: Brian Dooley <brian.dooley@intel.com>
> ---
>  drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 34
> +++++++++++++++++++++++++-
>  1 file changed, 33 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> index 69a546697b..b3fdea02ff 100644
> --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> @@ -13,6 +13,7 @@ struct aesni_mb_op_buf_data {
>  	uint32_t offset;
>  };
> 
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  /**
>   * Calculate the authentication pre-computes
>   *
> @@ -55,6 +56,7 @@ calculate_auth_precomputes(hash_one_block_t
> one_block_hash,
>  	memset(ipad_buf, 0, blocksize);
>  	memset(opad_buf, 0, blocksize);
>  }
> +#endif
> 
>  static inline int
>  is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
> @@ -66,12 +68,14 @@ is_aead_algo(IMB_HASH_ALG hash_alg,
> IMB_CIPHER_MODE cipher_mode)
> 
>  /** Set session authentication parameters */  static int -
> aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
> +aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
>  		struct aesni_mb_session *sess,
>  		const struct rte_crypto_sym_xform *xform)  {
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  	hash_one_block_t hash_oneblock_fn = NULL;
>  	unsigned int key_larger_block_size = 0;
> +#endif
>  	uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
>  	uint32_t auth_precompute = 1;
> 
> @@ -267,18 +271,24 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
>  	switch (xform->auth.algo) {
>  	case RTE_CRYPTO_AUTH_MD5_HMAC:
>  		sess->template_job.hash_alg = IMB_AUTH_MD5;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  		hash_oneblock_fn = mb_mgr->md5_one_block;
> +#endif
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA1_HMAC:
>  		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  		hash_oneblock_fn = mb_mgr->sha1_one_block;
> +#endif
>  		if (xform->auth.key.length > get_auth_algo_blocksize(
>  				IMB_AUTH_HMAC_SHA_1)) {
>  			IMB_SHA1(mb_mgr,
>  				xform->auth.key.data,
>  				xform->auth.key.length,
>  				hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  			key_larger_block_size = 1;
> +#endif
>  		}
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA1:
> @@ -287,14 +297,18 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA224_HMAC:
>  		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  		hash_oneblock_fn = mb_mgr->sha224_one_block;
> +#endif
>  		if (xform->auth.key.length > get_auth_algo_blocksize(
>  				IMB_AUTH_HMAC_SHA_224)) {
>  			IMB_SHA224(mb_mgr,
>  				xform->auth.key.data,
>  				xform->auth.key.length,
>  				hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  			key_larger_block_size = 1;
> +#endif
>  		}
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA224:
> @@ -303,14 +317,18 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA256_HMAC:
>  		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  		hash_oneblock_fn = mb_mgr->sha256_one_block;
> +#endif
>  		if (xform->auth.key.length > get_auth_algo_blocksize(
>  				IMB_AUTH_HMAC_SHA_256)) {
>  			IMB_SHA256(mb_mgr,
>  				xform->auth.key.data,
>  				xform->auth.key.length,
>  				hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  			key_larger_block_size = 1;
> +#endif
>  		}
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA256:
> @@ -319,14 +337,18 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA384_HMAC:
>  		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  		hash_oneblock_fn = mb_mgr->sha384_one_block;
> +#endif
>  		if (xform->auth.key.length > get_auth_algo_blocksize(
>  				IMB_AUTH_HMAC_SHA_384)) {
>  			IMB_SHA384(mb_mgr,
>  				xform->auth.key.data,
>  				xform->auth.key.length,
>  				hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  			key_larger_block_size = 1;
> +#endif
>  		}
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA384:
> @@ -335,14 +357,18 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA512_HMAC:
>  		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  		hash_oneblock_fn = mb_mgr->sha512_one_block;
> +#endif
>  		if (xform->auth.key.length > get_auth_algo_blocksize(
>  				IMB_AUTH_HMAC_SHA_512)) {
>  			IMB_SHA512(mb_mgr,
>  				xform->auth.key.data,
>  				xform->auth.key.length,
>  				hashed_key);
> +#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
>  			key_larger_block_size = 1;
> +#endif
>  		}
>  		break;
>  	case RTE_CRYPTO_AUTH_SHA512:
> @@ -376,6 +402,11 @@ aesni_mb_set_session_auth_parameters(const
> IMB_MGR *mb_mgr,
>  		return 0;
> 
>  	/* Calculate Authentication precomputes */
> +#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
> +		imb_hmac_ipad_opad(mb_mgr, sess-
> >template_job.hash_alg,
> +					xform->auth.key.data, xform-
> >auth.key.length,
> +					sess->auth.pads.inner, sess-
> >auth.pads.outer); #else
>  	if (key_larger_block_size) {
>  		calculate_auth_precomputes(hash_oneblock_fn,
>  			sess->auth.pads.inner, sess->auth.pads.outer, @@ -
> 389,6 +420,7 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR
> *mb_mgr,
>  			xform->auth.key.length,
>  			get_auth_algo_blocksize(sess-
> >template_job.hash_alg));
>  	}
> +#endif
>  	sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
>  		sess->auth.pads.inner;
>  	sess->template_job.u.HMAC._hashed_auth_key_xor_opad =
> --
> 2.25.1
  
Patrick Robb July 2, 2024, 1:32 p.m. UTC | #5
Recheck-request: iol-unit-arm64-testing
  
Akhil Goyal July 3, 2024, 5:26 p.m. UTC | #6
> Acked-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
> 
> > Subject: [PATCH v1] crypto/ipsec_mb: use new ipad/opad calculation API
> >
> > From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> >
> > IPSec Multi-buffer library v1.4 added a new API to calculate inner/outer
> > padding for HMAC-SHAx/MD5.
> >
> > Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> > Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Applied to dpdk-next-crypto
Thanks.
  

Patch

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 69a546697b..b3fdea02ff 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -13,6 +13,7 @@  struct aesni_mb_op_buf_data {
 	uint32_t offset;
 };
 
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 /**
  * Calculate the authentication pre-computes
  *
@@ -55,6 +56,7 @@  calculate_auth_precomputes(hash_one_block_t one_block_hash,
 	memset(ipad_buf, 0, blocksize);
 	memset(opad_buf, 0, blocksize);
 }
+#endif
 
 static inline int
 is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
@@ -66,12 +68,14 @@  is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
 
 /** Set session authentication parameters */
 static int
-aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
+aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
 		struct aesni_mb_session *sess,
 		const struct rte_crypto_sym_xform *xform)
 {
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 	hash_one_block_t hash_oneblock_fn = NULL;
 	unsigned int key_larger_block_size = 0;
+#endif
 	uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
 	uint32_t auth_precompute = 1;
 
@@ -267,18 +271,24 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 	switch (xform->auth.algo) {
 	case RTE_CRYPTO_AUTH_MD5_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_MD5;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 		hash_oneblock_fn = mb_mgr->md5_one_block;
+#endif
 		break;
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 		hash_oneblock_fn = mb_mgr->sha1_one_block;
+#endif
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_1)) {
 			IMB_SHA1(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 			key_larger_block_size = 1;
+#endif
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA1:
@@ -287,14 +297,18 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 		hash_oneblock_fn = mb_mgr->sha224_one_block;
+#endif
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_224)) {
 			IMB_SHA224(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 			key_larger_block_size = 1;
+#endif
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA224:
@@ -303,14 +317,18 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 		hash_oneblock_fn = mb_mgr->sha256_one_block;
+#endif
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_256)) {
 			IMB_SHA256(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 			key_larger_block_size = 1;
+#endif
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA256:
@@ -319,14 +337,18 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 		hash_oneblock_fn = mb_mgr->sha384_one_block;
+#endif
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_384)) {
 			IMB_SHA384(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 			key_larger_block_size = 1;
+#endif
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA384:
@@ -335,14 +357,18 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 		hash_oneblock_fn = mb_mgr->sha512_one_block;
+#endif
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_512)) {
 			IMB_SHA512(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
+#if IMB_VERSION(1, 3, 0) >= IMB_VERSION_NUM
 			key_larger_block_size = 1;
+#endif
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA512:
@@ -376,6 +402,11 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		return 0;
 
 	/* Calculate Authentication precomputes */
+#if IMB_VERSION(1, 3, 0) < IMB_VERSION_NUM
+		imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg,
+					xform->auth.key.data, xform->auth.key.length,
+					sess->auth.pads.inner, sess->auth.pads.outer);
+#else
 	if (key_larger_block_size) {
 		calculate_auth_precomputes(hash_oneblock_fn,
 			sess->auth.pads.inner, sess->auth.pads.outer,
@@ -389,6 +420,7 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 			xform->auth.key.length,
 			get_auth_algo_blocksize(sess->template_job.hash_alg));
 	}
+#endif
 	sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
 		sess->auth.pads.inner;
 	sess->template_job.u.HMAC._hashed_auth_key_xor_opad =