From patchwork Thu Sep 29 03:27:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhangfei Gao X-Patchwork-Id: 610569 Delivered-To: patch@linaro.org Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp647735pvb; Wed, 28 Sep 2022 20:28:32 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5byeaz9zIXmLh/8uIFUfBqt0kiC9E7YJMeAKM8eKfYMFF63ZTQ6oczbSky9/Prk1H1xKH0 X-Received: by 2002:a05:6000:184e:b0:228:bb9d:f98a with SMTP id c14-20020a056000184e00b00228bb9df98amr516932wri.479.1664422112118; Wed, 28 Sep 2022 20:28:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664422112; cv=none; d=google.com; s=arc-20160816; b=wSJhYd3gds1WKkcAuWIZ0F96xkDgw+NgxozSng9/LLifB5veWzF5+vud2P7et9352J 6k0bfcDLN0NhzLDSOTYfKR3O0Ic4CeJGoW4oAms6hzsst4unay13l8R3oUP+Zm38jmJ7 7RccmtRTzbbYvPSNjKjNRGmh0O+QYOBYYDhwi5bongw1TX3GfI82wX48GGg3uzFncb9x 9RYKmCe3hHSaQ7bmVoxNaMq1mnUvYsa9pWjc3k9QN6zTNEhjoqo//LRt5HcXHRYdyB91 d0gEfhkvFqSamAfzQnQn36i4MmAnZN44Va4eiAWvl9KlYiTjn44LakeHJhGPl93KsDPn GTTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=of8QdAbjwt9BayPnhY7WQ4Sa04BAIoWu5ynepg1zpBM=; b=Ql4iOUEEDSJUHSjRkvK4bd/QiuXDbBhimQNCTAlWU8GQ3Dbl0Ug69svIYKw1Ny0g1l YbiS5j7+DPxoKe5iSwMJo85lloRXEs58mMN5sP8LRqHRsBRCMWKKqIRrvLCHCsR0CoSU +lXbl/EKEkAF2wx5vg/kRU/oGsGTJJCnQBmopw2QPH767MkkGTwcl5b4032/dvCnsRHk r9abS++kSNxzrmnvBw9ozKQIiylMc1AQdtUJ0HqNnCln7vP13EqC29Cvkc25wqgIK45s xalwZ2k9PzlKfj1Z2Phd8Ta7xcsf1Ib4XJ62+DCjj8Z1SQAnwIRKldCIz8zfrzRWNvQg Cqgg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hcwXxbuE; spf=pass (google.com: domain of dev-bounces@dpdk.org designates 217.70.189.124 as permitted sender) smtp.mailfrom=dev-bounces@dpdk.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from mails.dpdk.org (mails.dpdk.org. [217.70.189.124]) by mx.google.com with ESMTP id n6-20020a5d5986000000b0022b07745308si3507154wri.42.2022.09.28.20.28.31; Wed, 28 Sep 2022 20:28:32 -0700 (PDT) Received-SPF: pass (google.com: domain of dev-bounces@dpdk.org designates 217.70.189.124 as permitted sender) client-ip=217.70.189.124; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hcwXxbuE; spf=pass (google.com: domain of dev-bounces@dpdk.org designates 217.70.189.124 as permitted sender) smtp.mailfrom=dev-bounces@dpdk.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 5E2474113D; Thu, 29 Sep 2022 05:28:27 +0200 (CEST) Received: from mail-pj1-f48.google.com (mail-pj1-f48.google.com [209.85.216.48]) by mails.dpdk.org (Postfix) with ESMTP id 376B8427EE for ; Thu, 29 Sep 2022 05:28:26 +0200 (CEST) Received: by mail-pj1-f48.google.com with SMTP id h8-20020a17090a054800b00205ccbae31eso4679636pjf.5 for ; Wed, 28 Sep 2022 20:28:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date; bh=of8QdAbjwt9BayPnhY7WQ4Sa04BAIoWu5ynepg1zpBM=; b=hcwXxbuE263/EqXSJZMsbbnBPhNDEyoBrmG7ctx+eGoRJSu2EnQdLALUi6lHUSbT94 IUYL2xMuIPzAWlrCH0u5894hfmnw1JH5UkYRQxiUIvtRio6ZFdeHJzImzIRcy3ZHO6f2 YLOzRsZUveGbD5pQrf8sfz9IRPpsvjIvCz91/DX+4aGU4WMhlV0j7BqIcUs4X0+ahjwd 5UGM6CLZWzGMzzy4t6XIWQa3Exq5jl9zRoZ9xv/S2O19w2Phvme1JV0KYJLQBiwG4qQO 3QtBnubPT39KMxl9PSYf9GwPYpsC3qLcPaxjp5yqOess09e8kRQfAKhcVkfA/Xvwh5v+ Vi9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date; bh=of8QdAbjwt9BayPnhY7WQ4Sa04BAIoWu5ynepg1zpBM=; b=HEWYcwxIW3D7pMLMvTdMDFOKO93zzV/mmz36EU7bCchGOnECjHkPob+DU0O/itVs1T YWw8AKkWZcM9ZsCnCHTvsmk9lkJWUps9oWyCowQlq2fxljBymLSREbo8taR86eL16/0D L56p3KxPMT6tSxv9vK9uEP8io6WgBbe+JIjSVAfGRyYnBl+23zJPpKWGcoWzQLU2c58A Zn3NcLobNE1ioWkC23LilW4Tsnmrs4KJjnjujB/BaCYOVdkHybUNmnz1+9QEyUl6qaAg 9/Hz0QlZJJSZ+stQscI4ePTOt9Nx3k0z/ChYP/jU7inP0lO/5eavYoWBgfBMObjSzydw KOlQ== X-Gm-Message-State: ACrzQf3g1ZNdHj5ehSlDll4BlhJzL/0X0V14wEnUyyY9o/fq6ffmPgUy VeVMWYQMCIMIBCd8VQvNIFE3hg== X-Received: by 2002:a17:902:8bc3:b0:178:8563:8e42 with SMTP id r3-20020a1709028bc300b0017885638e42mr1270899plo.0.1664422105382; Wed, 28 Sep 2022 20:28:25 -0700 (PDT) Received: from localhost.localdomain ([45.128.198.71]) by smtp.gmail.com with ESMTPSA id gn4-20020a17090ac78400b001fd66d5c42csm2304271pjb.49.2022.09.28.20.28.20 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 28 Sep 2022 20:28:25 -0700 (PDT) From: Zhangfei Gao To: Akhil Goyal , Declan Doherty , Fan Zhang , Ashish Gupta , Ray Kinsella Cc: dev@dpdk.org, acc@openeuler.org, Zhangfei Gao Subject: [PATCH v3 5/6] crypto/uadk: support auth algorithms Date: Thu, 29 Sep 2022 11:27:45 +0800 Message-Id: <20220929032746.10659-6-zhangfei.gao@linaro.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220929032746.10659-1-zhangfei.gao@linaro.org> References: <20220929032746.10659-1-zhangfei.gao@linaro.org> MIME-Version: 1.0 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Hash algorithms: * ``RTE_CRYPTO_AUTH_MD5`` * ``RTE_CRYPTO_AUTH_MD5_HMAC`` * ``RTE_CRYPTO_AUTH_SHA1`` * ``RTE_CRYPTO_AUTH_SHA1_HMAC`` * ``RTE_CRYPTO_AUTH_SHA224`` * ``RTE_CRYPTO_AUTH_SHA224_HMAC`` * ``RTE_CRYPTO_AUTH_SHA256`` * ``RTE_CRYPTO_AUTH_SHA256_HMAC`` * ``RTE_CRYPTO_AUTH_SHA384`` * ``RTE_CRYPTO_AUTH_SHA384_HMAC`` * ``RTE_CRYPTO_AUTH_SHA512`` * ``RTE_CRYPTO_AUTH_SHA512_HMAC`` Signed-off-by: Zhangfei Gao --- doc/guides/cryptodevs/features/uadk.ini | 12 + doc/guides/cryptodevs/uadk.rst | 15 + drivers/crypto/uadk/uadk_crypto_pmd.c | 459 ++++++++++++++++++++++++ 3 files changed, 486 insertions(+) diff --git a/doc/guides/cryptodevs/features/uadk.ini b/doc/guides/cryptodevs/features/uadk.ini index 005e08ac8d..2e8a37a2b3 100644 --- a/doc/guides/cryptodevs/features/uadk.ini +++ b/doc/guides/cryptodevs/features/uadk.ini @@ -25,6 +25,18 @@ DES CBC = Y ; Supported authentication algorithms of the 'uadk' crypto driver. ; [Auth] +MD5 = Y +MD5 HMAC = Y +SHA1 = Y +SHA1 HMAC = Y +SHA224 = Y +SHA224 HMAC = Y +SHA256 = Y +SHA256 HMAC = Y +SHA384 = Y +SHA384 HMAC = Y +SHA512 = Y +SHA512 HMAC = Y ; ; Supported AEAD algorithms of the 'uadk' crypto driver. diff --git a/doc/guides/cryptodevs/uadk.rst b/doc/guides/cryptodevs/uadk.rst index 054f5103cc..23ed70e82b 100644 --- a/doc/guides/cryptodevs/uadk.rst +++ b/doc/guides/cryptodevs/uadk.rst @@ -22,6 +22,21 @@ Cipher algorithms: * ``RTE_CRYPTO_CIPHER_AES_XTS`` * ``RTE_CRYPTO_CIPHER_DES_CBC`` +Hash algorithms: + +* ``RTE_CRYPTO_AUTH_MD5`` +* ``RTE_CRYPTO_AUTH_MD5_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA1`` +* ``RTE_CRYPTO_AUTH_SHA1_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA224`` +* ``RTE_CRYPTO_AUTH_SHA224_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA256`` +* ``RTE_CRYPTO_AUTH_SHA256_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA384`` +* ``RTE_CRYPTO_AUTH_SHA384_HMAC`` +* ``RTE_CRYPTO_AUTH_SHA512`` +* ``RTE_CRYPTO_AUTH_SHA512_HMAC`` + Test steps ----------- diff --git a/drivers/crypto/uadk/uadk_crypto_pmd.c b/drivers/crypto/uadk/uadk_crypto_pmd.c index bf9fb1f6ce..2dc5af10ff 100644 --- a/drivers/crypto/uadk/uadk_crypto_pmd.c +++ b/drivers/crypto/uadk/uadk_crypto_pmd.c @@ -31,11 +31,15 @@ struct uadk_qp { enum uadk_chain_order { UADK_CHAIN_ONLY_CIPHER, + UADK_CHAIN_ONLY_AUTH, + UADK_CHAIN_CIPHER_AUTH, + UADK_CHAIN_AUTH_CIPHER, UADK_CHAIN_NOT_SUPPORTED }; struct uadk_crypto_session { handle_t handle_cipher; + handle_t handle_digest; enum uadk_chain_order chain_order; /* IV parameters */ @@ -49,6 +53,13 @@ struct uadk_crypto_session { enum rte_crypto_cipher_operation direction; struct wd_cipher_req req; } cipher; + + /* Authentication Parameters */ + struct { + struct wd_digest_req req; + enum rte_crypto_auth_operation operation; + uint16_t digest_length; + } auth; } __rte_cache_aligned; enum uadk_crypto_version { @@ -58,6 +69,7 @@ enum uadk_crypto_version { struct uadk_crypto_priv { bool env_cipher_init; + bool env_auth_init; enum uadk_crypto_version version; } __rte_cache_aligned; @@ -71,6 +83,252 @@ RTE_LOG_REGISTER_DEFAULT(uadk_crypto_logtype, INFO); ## __VA_ARGS__) static const struct rte_cryptodev_capabilities uadk_crypto_v2_capabilities[] = { + { /* MD5 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_MD5_HMAC, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* MD5 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_MD5, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + }, } + }, } + }, + { /* SHA1 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* SHA1 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA1, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 20, + .max = 20, + .increment = 0 + }, + }, } + }, } + }, + { /* SHA224 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* SHA224 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA224, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 28, + .max = 28, + .increment = 0 + }, + }, } + }, } + }, + { /* SHA256 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* SHA256 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA256, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 32, + .max = 32, + .increment = 0 + }, + }, } + }, } + }, + { /* SHA384 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* SHA384 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA384, + .block_size = 64, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 48, + .max = 48, + .increment = 0 + }, + }, } + }, } + }, + { /* SHA512 HMAC */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* SHA512 */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_SHA512, + .block_size = 128, + .key_size = { + .min = 0, + .max = 0, + .increment = 0 + }, + .digest_size = { + .min = 64, + .max = 64, + .increment = 0 + }, + }, } + }, } + }, { /* AES ECB */ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, {.sym = { @@ -187,6 +445,11 @@ uadk_crypto_pmd_close(struct rte_cryptodev *dev) priv->env_cipher_init = false; } + if (priv->env_auth_init) { + wd_digest_env_uninit(); + priv->env_auth_init = false; + } + return 0; } @@ -345,9 +608,19 @@ uadk_get_chain_order(const struct rte_crypto_sym_xform *xform) enum uadk_chain_order res = UADK_CHAIN_NOT_SUPPORTED; if (xform != NULL) { + if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) { + if (xform->next == NULL) + res = UADK_CHAIN_ONLY_AUTH; + else if (xform->next->type == + RTE_CRYPTO_SYM_XFORM_CIPHER) + res = UADK_CHAIN_AUTH_CIPHER; + } + if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) { if (xform->next == NULL) res = UADK_CHAIN_ONLY_CIPHER; + else if (xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) + res = UADK_CHAIN_CIPHER_AUTH; } } @@ -434,6 +707,112 @@ uadk_set_session_cipher_parameters(struct rte_cryptodev *dev, return ret; } +/* Set session auth parameters */ +static int +uadk_set_session_auth_parameters(struct rte_cryptodev *dev, + struct uadk_crypto_session *sess, + struct rte_crypto_sym_xform *xform) +{ + struct uadk_crypto_priv *priv = dev->data->dev_private; + struct wd_digest_sess_setup setup = {0}; + struct sched_params params = {0}; + int ret; + + if (!priv->env_auth_init) { + ret = wd_digest_env_init(NULL); + if (ret < 0) + return -EINVAL; + priv->env_auth_init = true; + } + + sess->auth.operation = xform->auth.op; + sess->auth.digest_length = xform->auth.digest_length; + + switch (xform->auth.algo) { + case RTE_CRYPTO_AUTH_MD5: + case RTE_CRYPTO_AUTH_MD5_HMAC: + setup.mode = (xform->auth.algo == RTE_CRYPTO_AUTH_MD5) ? + WD_DIGEST_NORMAL : WD_DIGEST_HMAC; + setup.alg = WD_DIGEST_MD5; + sess->auth.req.out_buf_bytes = 16; + sess->auth.req.out_bytes = 16; + break; + case RTE_CRYPTO_AUTH_SHA1: + case RTE_CRYPTO_AUTH_SHA1_HMAC: + setup.mode = (xform->auth.algo == RTE_CRYPTO_AUTH_SHA1) ? + WD_DIGEST_NORMAL : WD_DIGEST_HMAC; + setup.alg = WD_DIGEST_SHA1; + sess->auth.req.out_buf_bytes = 20; + sess->auth.req.out_bytes = 20; + break; + case RTE_CRYPTO_AUTH_SHA224: + case RTE_CRYPTO_AUTH_SHA224_HMAC: + setup.mode = (xform->auth.algo == RTE_CRYPTO_AUTH_SHA224) ? + WD_DIGEST_NORMAL : WD_DIGEST_HMAC; + setup.alg = WD_DIGEST_SHA224; + sess->auth.req.out_buf_bytes = 28; + sess->auth.req.out_bytes = 28; + break; + case RTE_CRYPTO_AUTH_SHA256: + case RTE_CRYPTO_AUTH_SHA256_HMAC: + setup.mode = (xform->auth.algo == RTE_CRYPTO_AUTH_SHA256) ? + WD_DIGEST_NORMAL : WD_DIGEST_HMAC; + setup.alg = WD_DIGEST_SHA256; + sess->auth.req.out_buf_bytes = 32; + sess->auth.req.out_bytes = 32; + break; + case RTE_CRYPTO_AUTH_SHA384: + case RTE_CRYPTO_AUTH_SHA384_HMAC: + setup.mode = (xform->auth.algo == RTE_CRYPTO_AUTH_SHA384) ? + WD_DIGEST_NORMAL : WD_DIGEST_HMAC; + setup.alg = WD_DIGEST_SHA384; + sess->auth.req.out_buf_bytes = 48; + sess->auth.req.out_bytes = 48; + break; + case RTE_CRYPTO_AUTH_SHA512: + case RTE_CRYPTO_AUTH_SHA512_HMAC: + setup.mode = (xform->auth.algo == RTE_CRYPTO_AUTH_SHA512) ? + WD_DIGEST_NORMAL : WD_DIGEST_HMAC; + setup.alg = WD_DIGEST_SHA512; + sess->auth.req.out_buf_bytes = 64; + sess->auth.req.out_bytes = 64; + break; + default: + ret = -ENOTSUP; + goto env_uninit; + } + + params.numa_id = -1; /* choose nearby numa node */ + setup.sched_param = ¶ms; + sess->handle_digest = wd_digest_alloc_sess(&setup); + if (!sess->handle_digest) { + UADK_LOG(ERR, "uadk failed to alloc session!\n"); + ret = -EINVAL; + goto env_uninit; + } + + /* if mode is HMAC, should set key */ + if (setup.mode == WD_DIGEST_HMAC) { + ret = wd_digest_set_key(sess->handle_digest, + xform->auth.key.data, + xform->auth.key.length); + if (ret) { + UADK_LOG(ERR, "uadk failed to alloc session!\n"); + wd_digest_free_sess(sess->handle_digest); + sess->handle_digest = 0; + ret = -EINVAL; + goto env_uninit; + } + } + + return 0; + +env_uninit: + wd_digest_env_uninit(); + priv->env_auth_init = false; + return ret; +} + static int uadk_crypto_sym_session_configure(struct rte_cryptodev *dev, struct rte_crypto_sym_xform *xform, @@ -441,6 +820,7 @@ uadk_crypto_sym_session_configure(struct rte_cryptodev *dev, struct rte_mempool *mp) { struct rte_crypto_sym_xform *cipher_xform = NULL; + struct rte_crypto_sym_xform *auth_xform = NULL; struct uadk_crypto_session *sess; int ret; @@ -456,6 +836,17 @@ uadk_crypto_sym_session_configure(struct rte_cryptodev *dev, case UADK_CHAIN_ONLY_CIPHER: cipher_xform = xform; break; + case UADK_CHAIN_ONLY_AUTH: + auth_xform = xform; + break; + case UADK_CHAIN_CIPHER_AUTH: + cipher_xform = xform; + auth_xform = xform->next; + break; + case UADK_CHAIN_AUTH_CIPHER: + auth_xform = xform; + cipher_xform = xform->next; + break; default: ret = -ENOTSUP; goto err; @@ -470,6 +861,15 @@ uadk_crypto_sym_session_configure(struct rte_cryptodev *dev, } } + if (auth_xform) { + ret = uadk_set_session_auth_parameters(dev, sess, auth_xform); + if (ret != 0) { + UADK_LOG(ERR, + "Invalid/unsupported auth parameters"); + goto err; + } + } + set_sym_session_private_data(session, dev->driver_id, sess); return 0; @@ -495,6 +895,11 @@ uadk_crypto_sym_session_clear(struct rte_cryptodev *dev, priv_sess->handle_cipher = 0; } + if (priv_sess->handle_digest) { + wd_digest_free_sess(priv_sess->handle_digest); + priv_sess->handle_digest = 0; + } + set_sym_session_private_data(sess, dev->driver_id, NULL); rte_mempool_put(rte_mempool_from_obj(priv_sess), priv_sess); } @@ -550,6 +955,49 @@ uadk_process_cipher_op(struct rte_crypto_op *op, op->status = RTE_COMP_OP_STATUS_ERROR; } +static void +uadk_process_auth_op(struct uadk_qp *qp, struct rte_crypto_op *op, + struct uadk_crypto_session *sess, + struct rte_mbuf *msrc, struct rte_mbuf *mdst) +{ + uint32_t srclen = op->sym->auth.data.length; + uint32_t off = op->sym->auth.data.offset; + uint8_t *dst = qp->temp_digest; + int ret; + + if (!sess) { + op->status = RTE_COMP_OP_STATUS_INVALID_ARGS; + return; + } + + sess->auth.req.in = rte_pktmbuf_mtod_offset(msrc, uint8_t *, off); + sess->auth.req.in_bytes = srclen; + sess->auth.req.out = dst; + + do { + ret = wd_do_digest_sync(sess->handle_digest, &sess->auth.req); + } while (ret == -WD_EBUSY); + + if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) { + if (memcmp(dst, op->sym->auth.digest.data, + sess->auth.digest_length) != 0) { + op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED; + } + } else { + uint8_t *auth_dst; + + auth_dst = op->sym->auth.digest.data; + if (auth_dst == NULL) + auth_dst = rte_pktmbuf_mtod_offset(mdst, uint8_t *, + op->sym->auth.data.offset + + op->sym->auth.data.length); + memcpy(auth_dst, dst, sess->auth.digest_length); + } + + if (ret) + op->status = RTE_COMP_OP_STATUS_ERROR; +} + static uint16_t uadk_crypto_enqueue_burst(void *queue_pair, struct rte_crypto_op **ops, uint16_t nb_ops) @@ -579,6 +1027,17 @@ uadk_crypto_enqueue_burst(void *queue_pair, struct rte_crypto_op **ops, case UADK_CHAIN_ONLY_CIPHER: uadk_process_cipher_op(op, sess, msrc, mdst); break; + case UADK_CHAIN_ONLY_AUTH: + uadk_process_auth_op(qp, op, sess, msrc, mdst); + break; + case UADK_CHAIN_CIPHER_AUTH: + uadk_process_cipher_op(op, sess, msrc, mdst); + uadk_process_auth_op(qp, op, sess, mdst, mdst); + break; + case UADK_CHAIN_AUTH_CIPHER: + uadk_process_auth_op(qp, op, sess, msrc, mdst); + uadk_process_cipher_op(op, sess, msrc, mdst); + break; default: op->status = RTE_CRYPTO_OP_STATUS_ERROR; break;