From patchwork Fri Dec 6 18:13:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 63612 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 833F1A04F2; Fri, 6 Dec 2019 19:13:55 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id D1F941BF81; Fri, 6 Dec 2019 19:13:49 +0100 (CET) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by dpdk.org (Postfix) with ESMTP id 93DFC5B3A for ; Fri, 6 Dec 2019 19:13:47 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Dec 2019 10:13:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,285,1571727600"; d="scan'208";a="224088064" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.116.190]) by orsmga002.jf.intel.com with ESMTP; 06 Dec 2019 10:13:45 -0800 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 6 Dec 2019 19:13:35 +0100 Message-Id: <20191206181336.6180-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191206181336.6180-1-arkadiuszx.kusztal@intel.com> References: <20191206181336.6180-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH 1/2] crypto/qat: add chacha poly implementation X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patchset adds Chacha20-Poly1305 implementation to Intel QuickAssist Technology pmd. Signed-off-by: Arek Kusztal --- doc/guides/cryptodevs/qat.rst | 1 + doc/guides/rel_notes/release_20_02.rst | 4 ++++ drivers/common/qat/qat_adf/icp_qat_hw.h | 17 ++++++++++++++-- drivers/crypto/qat/qat_sym_capabilities.h | 32 +++++++++++++++++++++++++++++++ drivers/crypto/qat/qat_sym_pmd.c | 11 ++++++++++- drivers/crypto/qat/qat_sym_session.c | 20 +++++++++++++++---- 6 files changed, 78 insertions(+), 7 deletions(-) diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index 6197875..479f5cc 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -70,6 +70,7 @@ Supported AEAD algorithms: * ``RTE_CRYPTO_AEAD_AES_GCM`` * ``RTE_CRYPTO_AEAD_AES_CCM`` +* ``RTE_CRYPTO_AEAD_CHACHA20_POLY1305`` Limitations diff --git a/doc/guides/rel_notes/release_20_02.rst b/doc/guides/rel_notes/release_20_02.rst index 6b60f47..72504ab 100644 --- a/doc/guides/rel_notes/release_20_02.rst +++ b/doc/guides/rel_notes/release_20_02.rst @@ -60,6 +60,10 @@ New Features Chacha20-Poly1305 AEAD algorithm can now be supported in Cryptodev. +* **Updated the Intel QuickAssist Technology (QAT) symmetric crypto PMD.** + + Added Chacha20-Poly1305 AEAD algorithm. + Removed Items ------------- diff --git a/drivers/common/qat/qat_adf/icp_qat_hw.h b/drivers/common/qat/qat_adf/icp_qat_hw.h index cef6486..ed04178 100644 --- a/drivers/common/qat/qat_adf/icp_qat_hw.h +++ b/drivers/common/qat/qat_adf/icp_qat_hw.h @@ -51,7 +51,10 @@ enum icp_qat_hw_auth_algo { ICP_QAT_HW_AUTH_ALGO_SHA3_256 = 17, ICP_QAT_HW_AUTH_RESERVED_3 = 18, ICP_QAT_HW_AUTH_ALGO_SHA3_512 = 19, - ICP_QAT_HW_AUTH_ALGO_DELIMITER = 20 + ICP_QAT_HW_AUTH_ALGO_SHAKE_128 = 20, + ICP_QAT_HW_AUTH_ALGO_SHAKE_256 = 21, + ICP_QAT_HW_AUTH_ALGO_POLY = 22, + ICP_QAT_HW_AUTH_ALGO_DELIMITER = 23 }; enum icp_qat_hw_auth_mode { @@ -204,7 +207,9 @@ enum icp_qat_hw_cipher_algo { ICP_QAT_HW_CIPHER_ALGO_KASUMI = 7, ICP_QAT_HW_CIPHER_ALGO_SNOW_3G_UEA2 = 8, ICP_QAT_HW_CIPHER_ALGO_ZUC_3G_128_EEA3 = 9, - ICP_QAT_HW_CIPHER_DELIMITER = 10 + ICP_QAT_HW_CIPHER_ALGO_SM4 = 10, + ICP_QAT_HW_CIPHER_ALGO_CHACHA20_POLY1305 = 11, + ICP_QAT_HW_CIPHER_DELIMITER = 12 }; enum icp_qat_hw_cipher_mode { @@ -306,6 +311,14 @@ enum icp_qat_hw_cipher_convert { #define ICP_QAT_HW_ZUC_3G_EEA3_KEY_SZ 16 #define ICP_QAT_HW_ZUC_3G_EEA3_IV_SZ 16 #define ICP_QAT_HW_MODE_F8_NUM_REG_TO_CLEAR 2 +#define ICP_QAT_HW_SM4_KEY_SZ 16 +#define ICP_QAT_HW_SM4_IV_SZ 16 +#define ICP_QAT_HW_CHACHAPOLY_KEY_SZ 32 +#define ICP_QAT_HW_CHACHAPOLY_IV_SZ 12 +#define ICP_QAT_HW_CHACHAPOLY_BLK_SZ 64 +#define ICP_QAT_HW_SPC_CTR_SZ 16 +#define ICP_QAT_HW_CHACHAPOLY_ICV__SZ 16 +#define ICP_QAT_HW_CHACHAPOLY_AAD_MAX_LOG 14 #define ICP_QAT_HW_CIPHER_MAX_KEY_SZ ICP_QAT_HW_AES_256_F8_KEY_SZ diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h index 028a56c..acc5045 100644 --- a/drivers/crypto/qat/qat_sym_capabilities.h +++ b/drivers/crypto/qat/qat_sym_capabilities.h @@ -594,4 +594,36 @@ }, } \ } +#define QAT_EXTRA_GEN3_SYM_CAPABILITIES \ + { /* Chacha20-Poly1305 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, \ + {.aead = { \ + .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, \ + .block_size = 64, \ + .key_size = { \ + .min = 32, \ + .max = 32, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 16, \ + .max = 16, \ + .increment = 0 \ + }, \ + .aad_size = { \ + .min = 0, \ + .max = 240, \ + .increment = 1 \ + }, \ + .iv_size = { \ + .min = 12, \ + .max = 12, \ + .increment = 0 \ + }, \ + }, } \ + }, } \ + } + #endif /* _QAT_SYM_CAPABILITIES_H_ */ diff --git a/drivers/crypto/qat/qat_sym_pmd.c b/drivers/crypto/qat/qat_sym_pmd.c index 71f21ce..a6e2d24 100644 --- a/drivers/crypto/qat/qat_sym_pmd.c +++ b/drivers/crypto/qat/qat_sym_pmd.c @@ -27,6 +27,13 @@ static const struct rte_cryptodev_capabilities qat_gen2_sym_capabilities[] = { RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() }; +static const struct rte_cryptodev_capabilities qat_gen3_sym_capabilities[] = { + QAT_BASE_GEN1_SYM_CAPABILITIES, + QAT_EXTRA_GEN2_SYM_CAPABILITIES, + QAT_EXTRA_GEN3_SYM_CAPABILITIES, + RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() +}; + static int qat_sym_qp_release(struct rte_cryptodev *dev, uint16_t queue_pair_id); @@ -291,9 +298,11 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev) internals->qat_dev_capabilities = qat_gen1_sym_capabilities; break; case QAT_GEN2: - case QAT_GEN3: internals->qat_dev_capabilities = qat_gen2_sym_capabilities; break; + case QAT_GEN3: + internals->qat_dev_capabilities = qat_gen3_sym_capabilities; + break; default: internals->qat_dev_capabilities = qat_gen2_sym_capabilities; QAT_LOG(DEBUG, diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index 72290ba..c6ca42c 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -519,7 +519,8 @@ qat_sym_session_handle_single_pass(struct qat_sym_dev_private *internals, session->is_single_pass = 1; session->min_qat_dev_gen = QAT_GEN3; session->qat_cmd = ICP_QAT_FW_LA_CMD_CIPHER; - session->qat_mode = ICP_QAT_HW_CIPHER_AEAD_MODE; + if (aead_xform->algo == RTE_CRYPTO_AEAD_AES_GCM) + session->qat_mode = ICP_QAT_HW_CIPHER_AEAD_MODE; session->cipher_iv.offset = aead_xform->iv.offset; session->cipher_iv.length = aead_xform->iv.length; if (qat_sym_session_aead_create_cd_cipher(session, @@ -566,6 +567,7 @@ qat_sym_session_handle_single_pass(struct qat_sym_dev_private *internals, aead_xform->aad_length); cipher_param->spc_aad_sz = aead_xform->aad_length; cipher_param->spc_auth_res_sz = aead_xform->digest_length; + } return 0; } @@ -727,6 +729,7 @@ qat_sym_session_configure_aead(struct rte_cryptodev *dev, session->cipher_iv.offset = xform->aead.iv.offset; session->cipher_iv.length = xform->aead.iv.length; + session->is_single_pass = 0; switch (aead_xform->algo) { case RTE_CRYPTO_AEAD_AES_GCM: if (qat_sym_validate_aes_key(aead_xform->key.length, @@ -746,15 +749,24 @@ qat_sym_session_configure_aead(struct rte_cryptodev *dev, session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE; session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_CBC_MAC; break; + case RTE_CRYPTO_AEAD_CHACHA20_POLY1305: + if (aead_xform->key.length != ICP_QAT_HW_CHACHAPOLY_KEY_SZ) + return -EINVAL; + session->qat_cipher_alg = ICP_QAT_HW_CIPHER_ALGO_CHACHA20_POLY1305; + session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE; + session->min_qat_dev_gen = QAT_GEN3; + session->is_single_pass = 1; + break; default: QAT_LOG(ERR, "Crypto: Undefined AEAD specified %u\n", aead_xform->algo); return -EINVAL; } - session->is_single_pass = 0; - if (aead_xform->algo == RTE_CRYPTO_AEAD_AES_GCM) { - /* Use faster Single-Pass GCM if possible */ + if (aead_xform->algo == RTE_CRYPTO_AEAD_AES_GCM || + aead_xform->algo == RTE_CRYPTO_AEAD_CHACHA20_POLY1305) { + /* Use faster Single-Pass GCM if possible, for ChachaPoly + it always is single pass */ int res = qat_sym_session_handle_single_pass( dev->data->dev_private, session, aead_xform); if (res < 0) From patchwork Fri Dec 6 18:13:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 63613 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id CA549A04F2; Fri, 6 Dec 2019 19:14:02 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9E1F61BF92; Fri, 6 Dec 2019 19:13:51 +0100 (CET) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by dpdk.org (Postfix) with ESMTP id 3E7FD1BF8B for ; Fri, 6 Dec 2019 19:13:50 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Dec 2019 10:13:49 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,285,1571727600"; d="scan'208";a="224088072" Received: from akusztax-mobl.ger.corp.intel.com ([10.104.116.190]) by orsmga002.jf.intel.com with ESMTP; 06 Dec 2019 10:13:47 -0800 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, Arek Kusztal Date: Fri, 6 Dec 2019 19:13:36 +0100 Message-Id: <20191206181336.6180-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20191206181336.6180-1-arkadiuszx.kusztal@intel.com> References: <20191206181336.6180-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH 2/2] test/cryptodev: add chacha poly test cases to cryptodev X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds Chacha20-Poly1305 implementation to cryptodev tests. Signed-off-by: Arek Kusztal --- app/test/test_cryptodev.c | 35 +++++++++++++ app/test/test_cryptodev_aead_test_vectors.h | 77 +++++++++++++++++++++++++++++ 2 files changed, 112 insertions(+) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 1b56145..222e768 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -7541,6 +7541,7 @@ test_authenticated_encryption(const struct aead_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; + struct rte_cryptodev_sym_capability_idx cap_idx; int retval; uint8_t *ciphertext, *auth_tag; @@ -7554,6 +7555,15 @@ test_authenticated_encryption(const struct aead_test_data *tdata) tdata->key.data, tdata->key.len, tdata->aad.len, tdata->auth_tag.len, tdata->iv.len); + + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD; + cap_idx.algo.aead = tdata->algo; + + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) { + return -ENOTSUP; + } + if (retval < 0) return retval; @@ -8431,6 +8441,7 @@ test_authenticated_decryption(const struct aead_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; + struct rte_cryptodev_sym_capability_idx cap_idx; int retval; uint8_t *plaintext; @@ -8446,6 +8457,14 @@ test_authenticated_decryption(const struct aead_test_data *tdata) if (retval < 0) return retval; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD; + cap_idx.algo.aead = tdata->algo; + + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) { + return -ENOTSUP; + } + /* alloc mbuf and set payload */ if (tdata->aad.len > MBUF_SIZE) { ut_params->ibuf = rte_pktmbuf_alloc(ts_params->large_mbuf_pool); @@ -8499,6 +8518,18 @@ test_authenticated_decryption(const struct aead_test_data *tdata) } static int +test_chacha20_poly1305_encrypt_test_case_rfc8439(void) +{ + return test_authenticated_encryption(&chacha20_poly1305_case_rfc8439); +} + +static int +test_chacha20_poly1305_decrypt_test_case_rfc8439(void) +{ + return test_authenticated_decryption(&chacha20_poly1305_case_rfc8439); +} + +static int test_AES_GCM_authenticated_decryption_test_case_1(void) { return test_authenticated_decryption(&gcm_test_case_1); @@ -11908,6 +11939,10 @@ static struct unit_test_suite cryptodev_qat_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_AES_CCM_authenticated_decryption_test_case_128_3), + TEST_CASE_ST(ut_setup, ut_teardown, + test_chacha20_poly1305_encrypt_test_case_rfc8439), + TEST_CASE_ST(ut_setup, ut_teardown, + test_chacha20_poly1305_decrypt_test_case_rfc8439), /** AES GCM Authenticated Encryption */ TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GCM_auth_encrypt_SGL_in_place_1500B), diff --git a/app/test/test_cryptodev_aead_test_vectors.h b/app/test/test_cryptodev_aead_test_vectors.h index a4a3a25..b107510 100644 --- a/app/test/test_cryptodev_aead_test_vectors.h +++ b/app/test/test_cryptodev_aead_test_vectors.h @@ -84,6 +84,83 @@ struct gmac_test_data { }; +static uint8_t chacha_aad_rfc8439[] = { + 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, + 0xc4, 0xc5, 0xc6, 0xc7 +}; + +static const struct aead_test_data chacha20_poly1305_case_rfc8439 = { + .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, + .key = { + .data = { + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f + }, + .len = 32 + }, + .iv = { + .data = { + 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, 0x44, + 0x45, 0x46, 0x47 + }, + .len = 12 + }, + .aad = { + .data = chacha_aad_rfc8439, + .len = 12 + }, + .plaintext = { + .data = { + 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, + 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, + 0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73, + 0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39, + 0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63, + 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66, + 0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f, + 0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20, + 0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75, + 0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73, + 0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, + 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, + 0x74, 0x2e + + }, + .len = 114 + }, + .ciphertext = { + .data = { + 0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb, + 0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2, + 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe, + 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6, + 0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12, + 0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b, + 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29, + 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36, + 0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c, + 0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58, + 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94, + 0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc, + 0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d, + 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b, + 0x61, 0x16 + }, + .len = 114 + }, + .auth_tag = { + .data = { + 0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a, + 0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91 + }, + .len = 16 + } +}; + /** AES-GCM-128 Test Vectors */ static const struct aead_test_data gcm_test_case_1 = { .algo = RTE_CRYPTO_AEAD_AES_GCM,