From patchwork Tue Mar 12 13:50:18 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Dooley, Brian" <brian.dooley@intel.com>
X-Patchwork-Id: 138215
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id E238143C92;
	Tue, 12 Mar 2024 14:50:53 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 2DFC641151;
	Tue, 12 Mar 2024 14:50:37 +0100 (CET)
Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16])
 by mails.dpdk.org (Postfix) with ESMTP id 4D978410F9
 for <dev@dpdk.org>; Tue, 12 Mar 2024 14:50:34 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1710251434; x=1741787434;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=9AstMcFi1xZdeP7zFepg0LBeduBOp/sZ5kx+CUGD8Zo=;
 b=dHImzfnGp8OzyKbja0aT6oyrYaQrun/qf9K1h3T5yZcOp3QRUiDlTGlW
 K2kpa33bjxRBj/SheErS9PLcJY9j+a2NaV+Pi7i7MJsBf5hzCokyuWR5R
 WyjQU3sJ9VcxHsTA7/VTNs/OWN4u9fTC/YMzs2/sxAhnFcSyLQeAAF500
 wJ+5RUnNUhoILMB82nkbUs25kyA1RFrvUzq3M7XvirKkcLCOrgE4oQmSx
 Hp6Rj5uBD7r/deIfF+TGhL8jMsBMwdQOe2rHeoSAuXB8G1CxPrdbQ0g4Z
 WV6dBDMsPyPIrld673lt6y1E8v5lo5SZ62U75mAsX2AoSTPxThZOdBV20 A==;
X-IronPort-AV: E=McAfee;i="6600,9927,11010"; a="5081162"
X-IronPort-AV: E=Sophos;i="6.07,119,1708416000";
   d="scan'208";a="5081162"
Received: from fmviesa009.fm.intel.com ([10.60.135.149])
 by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 12 Mar 2024 06:50:33 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.07,119,1708416000"; d="scan'208";a="11466556"
Received: from unknown (HELO silpixa00400886.ir.intel.com) ([10.243.23.150])
 by fmviesa009.fm.intel.com with ESMTP; 12 Mar 2024 06:50:31 -0700
From: Brian Dooley <brian.dooley@intel.com>
To: Kai Ji <kai.ji@intel.com>, Pablo de Lara <pablo.de.lara.guarch@intel.com>
Cc: dev@dpdk.org, gakhil@marvell.com, aconole@redhat.com, probb@iol.unh.edu,
 wathsala.vithanage@arm.com, Brian Dooley <brian.dooley@intel.com>,
 Ciara Power <ciara.power@intel.com>
Subject: [PATCH v6 4/5] crypto/ipsec_mb: use new ipad/opad calculation API
Date: Tue, 12 Mar 2024 13:50:18 +0000
Message-Id: <20240312135020.2969533-4-brian.dooley@intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20240312135020.2969533-1-brian.dooley@intel.com>
References: <20231212153640.1561504-1-brian.dooley@intel.com>
 <20240312135020.2969533-1-brian.dooley@intel.com>
MIME-Version: 1.0
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

IPSec Multi-buffer library v1.4 added a new API to
calculate inner/outer padding for HMAC-SHAx/MD5.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>
Acked-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
---
v5:
- Rebased and added to patchset
v2:
- Remove ipsec mb version checks
---
 drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 75 ++------------------------
 1 file changed, 5 insertions(+), 70 deletions(-)

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index b93267f1c3..80ced1e4fe 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -13,49 +13,6 @@ struct aesni_mb_op_buf_data {
 	uint32_t offset;
 };
 
-/**
- * Calculate the authentication pre-computes
- *
- * @param one_block_hash	Function pointer
- *				to calculate digest on ipad/opad
- * @param ipad			Inner pad output byte array
- * @param opad			Outer pad output byte array
- * @param hkey			Authentication key
- * @param hkey_len		Authentication key length
- * @param blocksize		Block size of selected hash algo
- */
-static void
-calculate_auth_precomputes(hash_one_block_t one_block_hash,
-		uint8_t *ipad, uint8_t *opad,
-		const uint8_t *hkey, uint16_t hkey_len,
-		uint16_t blocksize)
-{
-	uint32_t i, length;
-
-	uint8_t ipad_buf[blocksize] __rte_aligned(16);
-	uint8_t opad_buf[blocksize] __rte_aligned(16);
-
-	/* Setup inner and outer pads */
-	memset(ipad_buf, HMAC_IPAD_VALUE, blocksize);
-	memset(opad_buf, HMAC_OPAD_VALUE, blocksize);
-
-	/* XOR hash key with inner and outer pads */
-	length = hkey_len > blocksize ? blocksize : hkey_len;
-
-	for (i = 0; i < length; i++) {
-		ipad_buf[i] ^= hkey[i];
-		opad_buf[i] ^= hkey[i];
-	}
-
-	/* Compute partial hashes */
-	(*one_block_hash)(ipad_buf, ipad);
-	(*one_block_hash)(opad_buf, opad);
-
-	/* Clean up stack */
-	memset(ipad_buf, 0, blocksize);
-	memset(opad_buf, 0, blocksize);
-}
-
 static inline int
 is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
 {
@@ -66,12 +23,10 @@ is_aead_algo(IMB_HASH_ALG hash_alg, IMB_CIPHER_MODE cipher_mode)
 
 /** Set session authentication parameters */
 static int
-aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
+aesni_mb_set_session_auth_parameters(IMB_MGR *mb_mgr,
 		struct aesni_mb_session *sess,
 		const struct rte_crypto_sym_xform *xform)
 {
-	hash_one_block_t hash_oneblock_fn = NULL;
-	unsigned int key_larger_block_size = 0;
 	uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
 	uint32_t auth_precompute = 1;
 
@@ -263,18 +218,15 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 	switch (xform->auth.algo) {
 	case RTE_CRYPTO_AUTH_MD5_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_MD5;
-		hash_oneblock_fn = mb_mgr->md5_one_block;
 		break;
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_1;
-		hash_oneblock_fn = mb_mgr->sha1_one_block;
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_1)) {
 			IMB_SHA1(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
-			key_larger_block_size = 1;
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA1:
@@ -283,14 +235,12 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_224;
-		hash_oneblock_fn = mb_mgr->sha224_one_block;
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_224)) {
 			IMB_SHA224(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
-			key_larger_block_size = 1;
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA224:
@@ -299,14 +249,12 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_256;
-		hash_oneblock_fn = mb_mgr->sha256_one_block;
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_256)) {
 			IMB_SHA256(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
-			key_larger_block_size = 1;
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA256:
@@ -315,14 +263,12 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_384;
-		hash_oneblock_fn = mb_mgr->sha384_one_block;
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_384)) {
 			IMB_SHA384(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
-			key_larger_block_size = 1;
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA384:
@@ -331,14 +277,12 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
 		sess->template_job.hash_alg = IMB_AUTH_HMAC_SHA_512;
-		hash_oneblock_fn = mb_mgr->sha512_one_block;
 		if (xform->auth.key.length > get_auth_algo_blocksize(
 				IMB_AUTH_HMAC_SHA_512)) {
 			IMB_SHA512(mb_mgr,
 				xform->auth.key.data,
 				xform->auth.key.length,
 				hashed_key);
-			key_larger_block_size = 1;
 		}
 		break;
 	case RTE_CRYPTO_AUTH_SHA512:
@@ -372,19 +316,10 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		return 0;
 
 	/* Calculate Authentication precomputes */
-	if (key_larger_block_size) {
-		calculate_auth_precomputes(hash_oneblock_fn,
-			sess->auth.pads.inner, sess->auth.pads.outer,
-			hashed_key,
-			xform->auth.key.length,
-			get_auth_algo_blocksize(sess->template_job.hash_alg));
-	} else {
-		calculate_auth_precomputes(hash_oneblock_fn,
-			sess->auth.pads.inner, sess->auth.pads.outer,
-			xform->auth.key.data,
-			xform->auth.key.length,
-			get_auth_algo_blocksize(sess->template_job.hash_alg));
-	}
+	imb_hmac_ipad_opad(mb_mgr, sess->template_job.hash_alg,
+		xform->auth.key.data, xform->auth.key.length,
+		sess->auth.pads.inner, sess->auth.pads.outer);
+
 	sess->template_job.u.HMAC._hashed_auth_key_xor_ipad =
 		sess->auth.pads.inner;
 	sess->template_job.u.HMAC._hashed_auth_key_xor_opad =