From patchwork Fri Oct 9 12:05:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "De Lara Guarch, Pablo" X-Patchwork-Id: 80152 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 25F24A04BC; Fri, 9 Oct 2020 14:05:31 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id F00C61D595; Fri, 9 Oct 2020 14:05:29 +0200 (CEST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by dpdk.org (Postfix) with ESMTP id 6C97F1D563; Fri, 9 Oct 2020 14:05:27 +0200 (CEST) IronPort-SDR: IcNX7ePOZOIFWhcu3ypmXfdKIKpnHhbRy/Ck8mwpoZ/fPozHHW033MP8HcjZ73CpfyIcyQdzWo SfS6CjsivsCw== X-IronPort-AV: E=McAfee;i="6000,8403,9768"; a="144796179" X-IronPort-AV: E=Sophos;i="5.77,355,1596524400"; d="scan'208";a="144796179" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Oct 2020 05:05:25 -0700 IronPort-SDR: hVDJnkMy+WsZvw+EcaqpwgJ6pZNE7O2Kr4jdH409y/q5MyuBpKz532ONOWeJn/wiN7jLHVIuoF fA47QlTU5gag== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,355,1596524400"; d="scan'208";a="518643228" Received: from silpixa00399593.ir.intel.com (HELO silpixa00399593.ger.corp.intel.com) ([10.237.223.27]) by fmsmga006.fm.intel.com with ESMTP; 09 Oct 2020 05:05:24 -0700 From: Pablo de Lara To: declan.doherty@intel.com Cc: dev@dpdk.org, Pablo de Lara , stable@dpdk.org Date: Fri, 9 Oct 2020 12:05:19 +0000 Message-Id: <20201009120521.194542-1-pablo.de.lara.guarch@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201006105913.3801726-1-pablo.de.lara.guarch@intel.com> References: <20201006105913.3801726-1-pablo.de.lara.guarch@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: fix CCM digest size check X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Digest size for CCM was being checked for other algorithms apart from CCM. Fixes: c4c0c312a823 ("crypto/aesni_mb: check for invalid digest size") Cc: stable@dpdk.org Signed-off-by: Pablo de Lara --- Changes: This patchset depends on series http://patches.dpdk.org/project/dpdk/list/?series=12820. -v2 : rebased on top of crypto subtree --- drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 29 +++++++++++----------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c index 34a39ca99..ba2882d27 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c @@ -661,6 +661,14 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr, return -EINVAL; } + /* Set IV parameters */ + sess->iv.offset = xform->aead.iv.offset; + sess->iv.length = xform->aead.iv.length; + + /* Set digest sizes */ + sess->auth.req_digest_len = xform->aead.digest_length; + sess->auth.gen_digest_len = sess->auth.req_digest_len; + switch (xform->aead.algo) { case RTE_CRYPTO_AEAD_AES_CCM: sess->cipher.mode = CCM; @@ -679,6 +687,13 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr, return -EINVAL; } + /* CCM digests must be between 4 and 16 and an even number */ + if (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN || + sess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN || + (sess->auth.req_digest_len & 1) == 1) { + AESNI_MB_LOG(ERR, "Invalid digest size\n"); + return -EINVAL; + } break; case RTE_CRYPTO_AEAD_AES_GCM: @@ -713,20 +728,6 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr, return -ENOTSUP; } - /* Set IV parameters */ - sess->iv.offset = xform->aead.iv.offset; - sess->iv.length = xform->aead.iv.length; - - sess->auth.req_digest_len = xform->aead.digest_length; - /* CCM digests must be between 4 and 16 and an even number */ - if (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN || - sess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN || - (sess->auth.req_digest_len & 1) == 1) { - AESNI_MB_LOG(ERR, "Invalid digest size\n"); - return -EINVAL; - } - sess->auth.gen_digest_len = sess->auth.req_digest_len; - return 0; } From patchwork Fri Oct 9 12:05:20 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "De Lara Guarch, Pablo" X-Patchwork-Id: 80153 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 4D09BA04BC; Fri, 9 Oct 2020 14:05:54 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 09E931D59F; Fri, 9 Oct 2020 14:05:34 +0200 (CEST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by dpdk.org (Postfix) with ESMTP id 6A61D1D563; Fri, 9 Oct 2020 14:05:29 +0200 (CEST) IronPort-SDR: HnzEwj+OFJVeVPMkJ4ZWfoVn82QwpJ09iHHGJ08+QdwpFT/pBdJ/V5ErV6/5kEis/HgyBdFaPq UBA1/3ce8jKQ== X-IronPort-AV: E=McAfee;i="6000,8403,9768"; a="144796183" X-IronPort-AV: E=Sophos;i="5.77,355,1596524400"; d="scan'208";a="144796183" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Oct 2020 05:05:28 -0700 IronPort-SDR: 8z8Sx60CE61oW7aNWy9XrIX/hOH9Cf7eOMSjMY4d9DbiR5okBRfIlDAg8j5juQi0T2oVjua4wq JFSo3K2M4UBA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,355,1596524400"; d="scan'208";a="518643243" Received: from silpixa00399593.ir.intel.com (HELO silpixa00399593.ger.corp.intel.com) ([10.237.223.27]) by fmsmga006.fm.intel.com with ESMTP; 09 Oct 2020 05:05:26 -0700 From: Pablo de Lara To: declan.doherty@intel.com Cc: dev@dpdk.org, Pablo de Lara , stable@dpdk.org Date: Fri, 9 Oct 2020 12:05:20 +0000 Message-Id: <20201009120521.194542-2-pablo.de.lara.guarch@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201009120521.194542-1-pablo.de.lara.guarch@intel.com> References: <20201006105913.3801726-1-pablo.de.lara.guarch@intel.com> <20201009120521.194542-1-pablo.de.lara.guarch@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: fix GCM digest size check X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" GCM digest sizes should be between 1 and 16 bytes. Fixes: 7b2d4706c90e ("crypto/aesni_mb: support newer library version only") Cc: stable@dpdk.org Signed-off-by: Pablo de Lara --- Changes: This patchset depends on series http://patches.dpdk.org/project/dpdk/list/?series=12820. -v2 : rebased on top of crypto subtree --- .../crypto/aesni_mb/aesni_mb_pmd_private.h | 4 ++-- drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 22 +++++++++---------- .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 8 +++---- 3 files changed, 16 insertions(+), 18 deletions(-) diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h index 9693bf985..7481e1d5e 100644 --- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h +++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h @@ -85,7 +85,7 @@ static const unsigned auth_truncated_digest_byte_lengths[] = { [AES_CMAC] = 12, [AES_CCM] = 8, [NULL_HASH] = 0, - [AES_GMAC] = 16, + [AES_GMAC] = 12, [PLAIN_SHA1] = 20, [PLAIN_SHA_224] = 28, [PLAIN_SHA_256] = 32, @@ -121,7 +121,7 @@ static const unsigned auth_digest_byte_lengths[] = { [AES_XCBC] = 16, [AES_CMAC] = 16, [AES_CCM] = 16, - [AES_GMAC] = 12, + [AES_GMAC] = 16, [NULL_HASH] = 0, [PLAIN_SHA1] = 20, [PLAIN_SHA_224] = 28, diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c index ba2882d27..7dbe40e02 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c @@ -213,19 +213,11 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr, sess->cipher.direction = DECRYPT; sess->auth.algo = AES_GMAC; - /* - * Multi-buffer lib supports 8, 12 and 16 bytes of digest. - * If size requested is different, generate the full digest - * (16 bytes) in a temporary location and then memcpy - * the requested number of bytes. - */ - if (sess->auth.req_digest_len != 16 && - sess->auth.req_digest_len != 12 && - sess->auth.req_digest_len != 8) { - sess->auth.gen_digest_len = 16; - } else { - sess->auth.gen_digest_len = sess->auth.req_digest_len; + if (sess->auth.req_digest_len > get_digest_byte_length(AES_GMAC)) { + AESNI_MB_LOG(ERR, "Invalid digest size\n"); + return -EINVAL; } + sess->auth.gen_digest_len = sess->auth.req_digest_len; sess->iv.length = xform->auth.iv.length; sess->iv.offset = xform->auth.iv.offset; @@ -721,6 +713,12 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr, return -EINVAL; } + /* GCM digest size must be between 1 and 16 */ + if (sess->auth.req_digest_len == 0 || + sess->auth.req_digest_len > 16) { + AESNI_MB_LOG(ERR, "Invalid digest size\n"); + return -EINVAL; + } break; default: diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c index 0f74be126..dc2238191 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c @@ -455,9 +455,9 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = { .increment = 8 }, .digest_size = { - .min = 8, + .min = 1, .max = 16, - .increment = 4 + .increment = 1 }, .aad_size = { .min = 0, @@ -485,9 +485,9 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = { .increment = 8 }, .digest_size = { - .min = 8, + .min = 1, .max = 16, - .increment = 4 + .increment = 1 }, .iv_size = { .min = 12, From patchwork Fri Oct 9 12:05:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "De Lara Guarch, Pablo" X-Patchwork-Id: 80154 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id D3E9CA04BC; Fri, 9 Oct 2020 14:06:15 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 2E6FB1D5A6; Fri, 9 Oct 2020 14:05:35 +0200 (CEST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by dpdk.org (Postfix) with ESMTP id 1890E1D59E for ; Fri, 9 Oct 2020 14:05:30 +0200 (CEST) IronPort-SDR: aO+aammgNE4u3+F7RtI5HXzVeBJmyFTJUXUVbx050bysUXKMwKTx1p7/cdlquIvallcild4hCQ 0TEBdu8NdMkA== X-IronPort-AV: E=McAfee;i="6000,8403,9768"; a="144796191" X-IronPort-AV: E=Sophos;i="5.77,355,1596524400"; d="scan'208";a="144796191" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Oct 2020 05:05:30 -0700 IronPort-SDR: JvB1u8Yz9xYTLSSui+gPbjl2Wt4Du+Fi1svqDDsT3fm6t/SM39Vv+/2DHwTrqtDjhGTAjSGn+S sVQBqTPH5esQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,355,1596524400"; d="scan'208";a="518643260" Received: from silpixa00399593.ir.intel.com (HELO silpixa00399593.ger.corp.intel.com) ([10.237.223.27]) by fmsmga006.fm.intel.com with ESMTP; 09 Oct 2020 05:05:29 -0700 From: Pablo de Lara To: declan.doherty@intel.com Cc: dev@dpdk.org, Pablo de Lara Date: Fri, 9 Oct 2020 12:05:21 +0000 Message-Id: <20201009120521.194542-3-pablo.de.lara.guarch@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201009120521.194542-1-pablo.de.lara.guarch@intel.com> References: <20201006105913.3801726-1-pablo.de.lara.guarch@intel.com> <20201009120521.194542-1-pablo.de.lara.guarch@intel.com> MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add support for Chacha20-Poly1305 AEAD algorithm. Signed-off-by: Pablo de Lara --- Changes: This patchset depends on series http://patches.dpdk.org/project/dpdk/list/?series=12820. -v2 : rebased on top of crypto subtree --- doc/guides/cryptodevs/aesni_mb.rst | 1 + doc/guides/cryptodevs/features/aesni_mb.ini | 10 +-- doc/guides/rel_notes/release_20_11.rst | 1 + drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 63 ++++++++++++++++--- .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 32 ++++++++++ 5 files changed, 95 insertions(+), 12 deletions(-) diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst index abc10fbda..2ff264937 100644 --- a/doc/guides/cryptodevs/aesni_mb.rst +++ b/doc/guides/cryptodevs/aesni_mb.rst @@ -63,6 +63,7 @@ AEAD algorithms: * RTE_CRYPTO_AEAD_AES_CCM * RTE_CRYPTO_AEAD_AES_GCM +* RTE_CRYPTO_AEAD_CHACHA20_POLY1305 Protocol offloads: diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini index 356139d46..f391c3f38 100644 --- a/doc/guides/cryptodevs/features/aesni_mb.ini +++ b/doc/guides/cryptodevs/features/aesni_mb.ini @@ -63,11 +63,11 @@ KASUMI F9 = Y ; Supported AEAD algorithms of the 'aesni_mb' crypto driver. ; [AEAD] -AES CCM (128) = Y -AES GCM (128) = Y -AES GCM (192) = Y -AES GCM (256) = Y - +AES CCM (128) = Y +AES GCM (128) = Y +AES GCM (192) = Y +AES GCM (256) = Y +CHACHA20-POLY1305 = Y ; ; Supported Asymmetric algorithms of the 'aesni_mb' crypto driver. ; diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst index 55f60ecfd..0e0b741b3 100644 --- a/doc/guides/rel_notes/release_20_11.rst +++ b/doc/guides/rel_notes/release_20_11.rst @@ -80,6 +80,7 @@ New Features * Added support for ZUC-EEA3/EIA3 algorithms. * Added support for SNOW3G-UEA2/UIA2 algorithms. * Added support for KASUMI-F8/F9 algorithms. + * Added support for Chacha20-Poly1305. * **Updated the aesni_gcm crypto PMD.** diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c index 7dbe40e02..42c23201a 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c @@ -125,6 +125,18 @@ aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform) return AESNI_MB_OP_NOT_SUPPORTED; } +static inline int +is_aead_algo(JOB_HASH_ALG hash_alg, JOB_CIPHER_MODE cipher_mode) +{ +#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM + return (hash_alg == IMB_AUTH_CHACHA20_POLY1305 || hash_alg == AES_CCM || + (hash_alg == AES_GMAC && cipher_mode == GCM)); +#else + return ((hash_alg == AES_GMAC && cipher_mode == GCM) || + hash_alg == AES_CCM); +#endif +} + /** Set session authentication parameters */ static int aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr, @@ -721,6 +733,24 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr, } break; +#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM + case RTE_CRYPTO_AEAD_CHACHA20_POLY1305: + sess->cipher.mode = IMB_CIPHER_CHACHA20_POLY1305; + sess->auth.algo = IMB_AUTH_CHACHA20_POLY1305; + + if (xform->aead.key.length != 32) { + AESNI_MB_LOG(ERR, "Invalid key length"); + return -EINVAL; + } + sess->cipher.key_length_in_bytes = 32; + memcpy(sess->cipher.expanded_aes_keys.encode, + xform->aead.key.data, 32); + if (sess->auth.req_digest_len != 16) { + AESNI_MB_LOG(ERR, "Invalid digest size\n"); + return -EINVAL; + } + break; +#endif default: AESNI_MB_LOG(ERR, "Unsupported aead mode parameter"); return -ENOTSUP; @@ -1220,6 +1250,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, /* Set authentication parameters */ job->hash_alg = session->auth.algo; + const int aead = is_aead_algo(job->hash_alg, job->cipher_mode); + switch (job->hash_alg) { case AES_XCBC: job->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded; @@ -1279,6 +1311,14 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, case IMB_AUTH_KASUMI_UIA1: job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth; break; +#endif +#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM + case IMB_AUTH_CHACHA20_POLY1305: + job->u.CHACHA20_POLY1305.aad = op->sym->aead.aad.data; + job->u.CHACHA20_POLY1305.aad_len_in_bytes = session->aead.aad_len; + job->aes_enc_key_expanded = session->cipher.expanded_aes_keys.encode; + job->aes_dec_key_expanded = session->cipher.expanded_aes_keys.encode; + break; #endif default: job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner; @@ -1297,8 +1337,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, } } - if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC && - session->cipher.mode == GCM)) + if (aead) m_offset = op->sym->aead.data.offset; else m_offset = op->sym->cipher.data.offset; @@ -1336,8 +1375,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, job->auth_tag_output = qp->temp_digests[*digest_idx]; *digest_idx = (*digest_idx + 1) % MAX_JOBS; } else { - if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC && - session->cipher.mode == GCM)) + if (aead) job->auth_tag_output = op->sym->aead.digest.data; else job->auth_tag_output = op->sym->auth.digest.data; @@ -1397,6 +1435,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, session->iv.offset); break; +#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM + case IMB_AUTH_CHACHA20_POLY1305: + job->cipher_start_src_offset_in_bytes = op->sym->aead.data.offset; + job->hash_start_src_offset_in_bytes = op->sym->aead.data.offset; + job->msg_len_to_cipher_in_bytes = + op->sym->aead.data.length; + job->msg_len_to_hash_in_bytes = + op->sym->aead.data.length; + + job->iv = rte_crypto_op_ctod_offset(op, uint8_t *, + session->iv.offset); + break; +#endif default: /* For SNOW3G, length and offsets are already in bits */ job->cipher_start_src_offset_in_bytes = @@ -1595,9 +1646,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job) break; if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) { - if (job->hash_alg == AES_CCM || - (job->hash_alg == AES_GMAC && - sess->cipher.mode == GCM)) + if (is_aead_algo(job->hash_alg, sess->cipher.mode)) verify_digest(job, op->sym->aead.digest.data, sess->auth.req_digest_len, diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c index dc2238191..e8cb57ea9 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c @@ -647,6 +647,38 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = { }, } }, } }, +#endif +#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM + { /* CHACHA20-POLY1305 */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, \ + {.aead = { \ + .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, \ + .block_size = 64, \ + .key_size = { \ + .min = 32, \ + .max = 32, \ + .increment = 0 \ + }, \ + .digest_size = { \ + .min = 16, \ + .max = 16, \ + .increment = 0 \ + }, \ + .aad_size = { \ + .min = 0, \ + .max = 240, \ + .increment = 1 \ + }, \ + .iv_size = { \ + .min = 12, \ + .max = 12, \ + .increment = 0 \ + }, \ + }, } \ + }, } \ + }, #endif RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() };