From mboxrd@z Thu Jan 1 00:00:00 1970 From: Pablo de Lara Subject: [PATCH] crypto/aesni_mb: add DES support Date: Fri, 18 Aug 2017 07:17:53 +0100 Message-ID: <20170818061753.55840-1-pablo.de.lara.guarch@intel.com> Cc: dev@dpdk.org, Pablo de Lara To: declan.doherty@intel.com Return-path: Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by dpdk.org (Postfix) with ESMTP id DDE70559A for ; Fri, 18 Aug 2017 16:17:38 +0200 (CEST) List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" The Multi-buffer library now supports DES-CBC and DES-DOCSISBPI algorithms, so this commit extends adds support for them in the PMD. Signed-off-by: Pablo de Lara --- doc/guides/cryptodevs/aesni_mb.rst | 2 + doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++ doc/guides/rel_notes/release_17_11.rst | 7 +++ drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 74 ++++++++++++++++++++--------- test/test/test_cryptodev.c | 42 ++++++++++++++++ test/test/test_cryptodev_des_test_vectors.h | 42 ++++++++++------ 6 files changed, 133 insertions(+), 37 deletions(-) diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst index b3b937f..2e07e1e 100644 --- a/doc/guides/cryptodevs/aesni_mb.rst +++ b/doc/guides/cryptodevs/aesni_mb.rst @@ -52,6 +52,8 @@ Cipher algorithms: * RTE_CRYPTO_CIPHER_AES192_CTR * RTE_CRYPTO_CIPHER_AES256_CTR * RTE_CRYPTO_CIPHER_AES_DOCSISBPI +* RTE_CRYPTO_CIPHER_DES_CBC +* RTE_CRYPTO_CIPHER_DES_DOCSISBPI Hash algorithms: diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini index 03d8485..fab07cb 100644 --- a/doc/guides/cryptodevs/features/aesni_mb.ini +++ b/doc/guides/cryptodevs/features/aesni_mb.ini @@ -23,6 +23,9 @@ AES CTR (128) = Y AES CTR (192) = Y AES CTR (256) = Y AES DOCSIS BPI = Y +DES CBC = Y +DES DOCSIS BPI = Y + ; ; Supported authentication algorithms of the 'aesni_mb' crypto driver. ; diff --git a/doc/guides/rel_notes/release_17_11.rst b/doc/guides/rel_notes/release_17_11.rst index 170f4f9..134477f 100644 --- a/doc/guides/rel_notes/release_17_11.rst +++ b/doc/guides/rel_notes/release_17_11.rst @@ -41,6 +41,13 @@ New Features Also, make sure to start the actual text at the margin. ========================================================= +* **Updated the AESNI MB PMD.** + + The AESNI MB PMD has been updated with additional support for: + + * DES CBC algorithm. + * DES DOCSIS BPI algorithm. + Resolved Issues --------------- diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c index 16e1451..ca25e28 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c @@ -30,6 +30,8 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include + #include #include #include @@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops, struct aesni_mb_session *sess, const struct rte_crypto_sym_xform *xform) { + uint8_t is_aes; aes_keyexp_t aes_keyexp_fn; if (xform == NULL) { @@ -217,45 +220,70 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops, switch (xform->cipher.algo) { case RTE_CRYPTO_CIPHER_AES_CBC: sess->cipher.mode = CBC; + is_aes = 1; break; case RTE_CRYPTO_CIPHER_AES_CTR: sess->cipher.mode = CNTR; + is_aes = 1; break; case RTE_CRYPTO_CIPHER_AES_DOCSISBPI: sess->cipher.mode = DOCSIS_SEC_BPI; + is_aes = 1; break; - default: - MB_LOG_ERR("Unsupported cipher mode parameter"); - return -ENOTSUP; - } - - /* Check key length and choose key expansion function */ - switch (xform->cipher.key.length) { - case AES_128_BYTES: - sess->cipher.key_length_in_bytes = AES_128_BYTES; - aes_keyexp_fn = mb_ops->aux.keyexp.aes128; + case RTE_CRYPTO_CIPHER_DES_CBC: + sess->cipher.mode = DES; + is_aes = 0; break; - case AES_192_BYTES: - sess->cipher.key_length_in_bytes = AES_192_BYTES; - aes_keyexp_fn = mb_ops->aux.keyexp.aes192; - break; - case AES_256_BYTES: - sess->cipher.key_length_in_bytes = AES_256_BYTES; - aes_keyexp_fn = mb_ops->aux.keyexp.aes256; + case RTE_CRYPTO_CIPHER_DES_DOCSISBPI: + sess->cipher.mode = DOCSIS_DES; + is_aes = 0; break; default: - MB_LOG_ERR("Invalid cipher key length"); - return -EINVAL; + MB_LOG_ERR("Unsupported cipher mode parameter"); + return -ENOTSUP; } /* Set IV parameters */ sess->iv.offset = xform->cipher.iv.offset; sess->iv.length = xform->cipher.iv.length; - /* Expanded cipher keys */ - (*aes_keyexp_fn)(xform->cipher.key.data, - sess->cipher.expanded_aes_keys.encode, - sess->cipher.expanded_aes_keys.decode); + /* Check key length and choose key expansion function for AES */ + if (is_aes) { + switch (xform->cipher.key.length) { + case AES_128_BYTES: + sess->cipher.key_length_in_bytes = AES_128_BYTES; + aes_keyexp_fn = mb_ops->aux.keyexp.aes128; + break; + case AES_192_BYTES: + sess->cipher.key_length_in_bytes = AES_192_BYTES; + aes_keyexp_fn = mb_ops->aux.keyexp.aes192; + break; + case AES_256_BYTES: + sess->cipher.key_length_in_bytes = AES_256_BYTES; + aes_keyexp_fn = mb_ops->aux.keyexp.aes256; + break; + default: + MB_LOG_ERR("Invalid cipher key length"); + return -EINVAL; + } + + /* Expanded cipher keys */ + (*aes_keyexp_fn)(xform->cipher.key.data, + sess->cipher.expanded_aes_keys.encode, + sess->cipher.expanded_aes_keys.decode); + + } else { + if (xform->cipher.key.length != 8) { + MB_LOG_ERR("Invalid cipher key length"); + return -EINVAL; + } + sess->cipher.key_length_in_bytes = 8; + + des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.encode, + xform->cipher.key.data); + des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.decode, + xform->cipher.key.data); + } return 0; } diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c index a4116c6..c282f4d 100644 --- a/test/test/test_cryptodev.c +++ b/test/test/test_cryptodev.c @@ -4691,6 +4691,44 @@ test_DES_docsis_openssl_all(void) } static int +test_DES_cipheronly_mb_all(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + int status; + + status = test_blockcipher_all_tests(ts_params->mbuf_pool, + ts_params->op_mpool, + ts_params->session_mpool, + ts_params->valid_devs[0], + rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)), + BLKCIPHER_DES_CIPHERONLY_TYPE); + + TEST_ASSERT_EQUAL(status, 0, "Test failed"); + + return TEST_SUCCESS; +} + +static int +test_DES_docsis_mb_all(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + int status; + + status = test_blockcipher_all_tests(ts_params->mbuf_pool, + ts_params->op_mpool, + ts_params->session_mpool, + ts_params->valid_devs[0], + rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)), + BLKCIPHER_DES_DOCSIS_TYPE); + + TEST_ASSERT_EQUAL(status, 0, "Test failed"); + + return TEST_SUCCESS; +} + +static int test_3DES_chain_dpaa2_sec_all(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; @@ -8289,6 +8327,10 @@ static struct unit_test_suite cryptodev_aesni_mb_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_mb_all), TEST_CASE_ST(ut_setup, ut_teardown, test_AES_docsis_mb_all), TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_mb_all), + TEST_CASE_ST(ut_setup, ut_teardown, + test_DES_cipheronly_mb_all), + TEST_CASE_ST(ut_setup, ut_teardown, + test_DES_docsis_mb_all), TEST_CASES_END() /**< NULL terminate unit test array */ } diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h index 0b6e0b8..14123d7 100644 --- a/test/test/test_cryptodev_des_test_vectors.h +++ b/test/test/test_cryptodev_des_test_vectors.h @@ -851,13 +851,15 @@ static const struct blockcipher_test_case des_cipheronly_test_cases[] = { .test_descr = "DES-CBC Encryption", .test_data = &des_cbc_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, - .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-CBC Decryption", .test_data = &des_cbc_test_vector, .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, - .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, }; @@ -965,42 +967,48 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = { .test_data = &des_test_data_1, .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI Runt Block Encryption", .test_data = &des_test_data_2, .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI Uneven Encryption", .test_data = &des_test_data_3, .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI Full Block Decryption", .test_data = &des_test_data_1, .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI Runt Block Decryption", .test_data = &des_test_data_2, .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI Uneven Decryption", .test_data = &des_test_data_3, .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI OOP Full Block Encryption", @@ -1008,7 +1016,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = { .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, .feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI OOP Runt Block Encryption", @@ -1016,7 +1025,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = { .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, .feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI OOP Uneven Encryption", @@ -1024,7 +1034,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = { .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, .feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI OOP Full Block Decryption", @@ -1032,7 +1043,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = { .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, .feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI OOP Runt Block Decryption", @@ -1040,7 +1052,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = { .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, .feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB }, { .test_descr = "DES-DOCSIS-BPI OOP Uneven Decryption", @@ -1048,7 +1061,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = { .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, .feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL | - BLOCKCIPHER_TEST_TARGET_PMD_QAT + BLOCKCIPHER_TEST_TARGET_PMD_QAT | + BLOCKCIPHER_TEST_TARGET_PMD_MB } }; -- 2.9.4