[v2,3/4] common/qat: add new gen3 CMAC macros
Checks
Commit Message
The new QAT GEN3 device uses new macros for CMAC values, rather than
using XCBC_MAC ones.
The wireless slice handles CMAC in the new gen3 device, and no key
precomputes are required by SW.
Signed-off-by: Ciara Power <ciara.power@intel.com>
---
drivers/common/qat/qat_adf/icp_qat_hw.h | 4 +++-
drivers/crypto/qat/qat_sym_session.c | 28 +++++++++++++++++++++----
2 files changed, 27 insertions(+), 5 deletions(-)
@@ -75,7 +75,7 @@ enum icp_qat_hw_auth_algo {
ICP_QAT_HW_AUTH_ALGO_RESERVED = 20,
ICP_QAT_HW_AUTH_ALGO_RESERVED1 = 21,
ICP_QAT_HW_AUTH_ALGO_RESERVED2 = 22,
- ICP_QAT_HW_AUTH_ALGO_RESERVED3 = 22,
+ ICP_QAT_HW_AUTH_ALGO_AES_128_CMAC = 22,
ICP_QAT_HW_AUTH_ALGO_RESERVED4 = 23,
ICP_QAT_HW_AUTH_ALGO_RESERVED5 = 24,
ICP_QAT_HW_AUTH_ALGO_ZUC_256_MAC_32 = 25,
@@ -180,6 +180,7 @@ struct icp_qat_hw_auth_setup {
#define ICP_QAT_HW_ZUC_256_MAC_32_STATE1_SZ 8
#define ICP_QAT_HW_ZUC_256_MAC_64_STATE1_SZ 8
#define ICP_QAT_HW_ZUC_256_MAC_128_STATE1_SZ 16
+#define ICP_QAT_HW_AES_CMAC_STATE1_SZ 16
#define ICP_QAT_HW_NULL_STATE2_SZ 32
#define ICP_QAT_HW_MD5_STATE2_SZ 16
@@ -208,6 +209,7 @@ struct icp_qat_hw_auth_setup {
#define ICP_QAT_HW_GALOIS_H_SZ 16
#define ICP_QAT_HW_GALOIS_LEN_A_SZ 8
#define ICP_QAT_HW_GALOIS_E_CTR0_SZ 16
+#define ICP_QAT_HW_AES_128_CMAC_STATE2_SZ 16
struct icp_qat_hw_auth_sha512 {
struct icp_qat_hw_auth_setup inner_setup;
@@ -922,11 +922,20 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev,
session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC;
break;
case RTE_CRYPTO_AUTH_AES_CMAC:
- session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC;
session->aes_cmac = 1;
- if (internals->qat_dev->has_wireless_slice) {
- is_wireless = 1;
- session->is_wireless = 1;
+ if (!internals->qat_dev->has_wireless_slice) {
+ session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC;
+ break;
+ }
+ is_wireless = 1;
+ session->is_wireless = 1;
+ switch (key_length) {
+ case ICP_QAT_HW_AES_128_KEY_SZ:
+ session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_AES_128_CMAC;
+ break;
+ default:
+ QAT_LOG(ERR, "Invalid key length: %d", key_length);
+ return -ENOTSUP;
}
break;
case RTE_CRYPTO_AUTH_AES_GMAC:
@@ -1309,6 +1318,9 @@ static int qat_hash_get_state1_size(enum icp_qat_hw_auth_algo qat_hash_alg)
case ICP_QAT_HW_AUTH_ALGO_NULL:
return QAT_HW_ROUND_UP(ICP_QAT_HW_NULL_STATE1_SZ,
QAT_HW_DEFAULT_ALIGNMENT);
+ case ICP_QAT_HW_AUTH_ALGO_AES_128_CMAC:
+ return QAT_HW_ROUND_UP(ICP_QAT_HW_AES_CMAC_STATE1_SZ,
+ QAT_HW_DEFAULT_ALIGNMENT);
case ICP_QAT_HW_AUTH_ALGO_DELIMITER:
/* return maximum state1 size in this case */
return QAT_HW_ROUND_UP(ICP_QAT_HW_SHA512_STATE1_SZ,
@@ -1345,6 +1357,7 @@ static int qat_hash_get_digest_size(enum icp_qat_hw_auth_algo qat_hash_alg)
case ICP_QAT_HW_AUTH_ALGO_MD5:
return ICP_QAT_HW_MD5_STATE1_SZ;
case ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC:
+ case ICP_QAT_HW_AUTH_ALGO_AES_128_CMAC:
return ICP_QAT_HW_AES_XCBC_MAC_STATE1_SZ;
case ICP_QAT_HW_AUTH_ALGO_DELIMITER:
/* return maximum digest size in this case */
@@ -2353,6 +2366,7 @@ int qat_sym_cd_auth_set(struct qat_sym_session *cdesc,
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_256_MAC_64
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_256_MAC_128
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC
+ || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_AES_128_CMAC
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_AES_CBC_MAC
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_NULL
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SM3
@@ -2593,6 +2607,12 @@ int qat_sym_cd_auth_set(struct qat_sym_session *cdesc,
return -EFAULT;
}
break;
+ case ICP_QAT_HW_AUTH_ALGO_AES_128_CMAC:
+ state1_size = ICP_QAT_HW_AES_CMAC_STATE1_SZ;
+ memset(cdesc->cd_cur_ptr, 0, state1_size);
+ memcpy(cdesc->cd_cur_ptr + state1_size, authkey, authkeylen);
+ state2_size = ICP_QAT_HW_AES_128_CMAC_STATE2_SZ;
+ break;
case ICP_QAT_HW_AUTH_ALGO_GALOIS_128:
case ICP_QAT_HW_AUTH_ALGO_GALOIS_64:
cdesc->qat_proto_flag = QAT_CRYPTO_PROTO_FLAG_GCM;