From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: declan.doherty@intel.com
Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>
Subject: [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305
Date: Fri, 9 Oct 2020 12:05:21 +0000 [thread overview]
Message-ID: <20201009120521.194542-3-pablo.de.lara.guarch@intel.com> (raw)
In-Reply-To: <20201009120521.194542-1-pablo.de.lara.guarch@intel.com>
Add support for Chacha20-Poly1305 AEAD algorithm.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
Changes:
This patchset depends on series http://patches.dpdk.org/project/dpdk/list/?series=12820.
-v2 : rebased on top of crypto subtree
---
doc/guides/cryptodevs/aesni_mb.rst | 1 +
doc/guides/cryptodevs/features/aesni_mb.ini | 10 +--
doc/guides/rel_notes/release_20_11.rst | 1 +
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 63 ++++++++++++++++---
.../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 32 ++++++++++
5 files changed, 95 insertions(+), 12 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index abc10fbda..2ff264937 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -63,6 +63,7 @@ AEAD algorithms:
* RTE_CRYPTO_AEAD_AES_CCM
* RTE_CRYPTO_AEAD_AES_GCM
+* RTE_CRYPTO_AEAD_CHACHA20_POLY1305
Protocol offloads:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 356139d46..f391c3f38 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -63,11 +63,11 @@ KASUMI F9 = Y
; Supported AEAD algorithms of the 'aesni_mb' crypto driver.
;
[AEAD]
-AES CCM (128) = Y
-AES GCM (128) = Y
-AES GCM (192) = Y
-AES GCM (256) = Y
-
+AES CCM (128) = Y
+AES GCM (128) = Y
+AES GCM (192) = Y
+AES GCM (256) = Y
+CHACHA20-POLY1305 = Y
;
; Supported Asymmetric algorithms of the 'aesni_mb' crypto driver.
;
diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index 55f60ecfd..0e0b741b3 100644
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -80,6 +80,7 @@ New Features
* Added support for ZUC-EEA3/EIA3 algorithms.
* Added support for SNOW3G-UEA2/UIA2 algorithms.
* Added support for KASUMI-F8/F9 algorithms.
+ * Added support for Chacha20-Poly1305.
* **Updated the aesni_gcm crypto PMD.**
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 7dbe40e02..42c23201a 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -125,6 +125,18 @@ aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform)
return AESNI_MB_OP_NOT_SUPPORTED;
}
+static inline int
+is_aead_algo(JOB_HASH_ALG hash_alg, JOB_CIPHER_MODE cipher_mode)
+{
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ return (hash_alg == IMB_AUTH_CHACHA20_POLY1305 || hash_alg == AES_CCM ||
+ (hash_alg == AES_GMAC && cipher_mode == GCM));
+#else
+ return ((hash_alg == AES_GMAC && cipher_mode == GCM) ||
+ hash_alg == AES_CCM);
+#endif
+}
+
/** Set session authentication parameters */
static int
aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
@@ -721,6 +733,24 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
}
break;
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case RTE_CRYPTO_AEAD_CHACHA20_POLY1305:
+ sess->cipher.mode = IMB_CIPHER_CHACHA20_POLY1305;
+ sess->auth.algo = IMB_AUTH_CHACHA20_POLY1305;
+
+ if (xform->aead.key.length != 32) {
+ AESNI_MB_LOG(ERR, "Invalid key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 32;
+ memcpy(sess->cipher.expanded_aes_keys.encode,
+ xform->aead.key.data, 32);
+ if (sess->auth.req_digest_len != 16) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
+ break;
+#endif
default:
AESNI_MB_LOG(ERR, "Unsupported aead mode parameter");
return -ENOTSUP;
@@ -1220,6 +1250,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
/* Set authentication parameters */
job->hash_alg = session->auth.algo;
+ const int aead = is_aead_algo(job->hash_alg, job->cipher_mode);
+
switch (job->hash_alg) {
case AES_XCBC:
job->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded;
@@ -1279,6 +1311,14 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
case IMB_AUTH_KASUMI_UIA1:
job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth;
break;
+#endif
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_CHACHA20_POLY1305:
+ job->u.CHACHA20_POLY1305.aad = op->sym->aead.aad.data;
+ job->u.CHACHA20_POLY1305.aad_len_in_bytes = session->aead.aad_len;
+ job->aes_enc_key_expanded = session->cipher.expanded_aes_keys.encode;
+ job->aes_dec_key_expanded = session->cipher.expanded_aes_keys.encode;
+ break;
#endif
default:
job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1297,8 +1337,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
}
}
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
+ if (aead)
m_offset = op->sym->aead.data.offset;
else
m_offset = op->sym->cipher.data.offset;
@@ -1336,8 +1375,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
job->auth_tag_output = qp->temp_digests[*digest_idx];
*digest_idx = (*digest_idx + 1) % MAX_JOBS;
} else {
- if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
- session->cipher.mode == GCM))
+ if (aead)
job->auth_tag_output = op->sym->aead.digest.data;
else
job->auth_tag_output = op->sym->auth.digest.data;
@@ -1397,6 +1435,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
session->iv.offset);
break;
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ case IMB_AUTH_CHACHA20_POLY1305:
+ job->cipher_start_src_offset_in_bytes = op->sym->aead.data.offset;
+ job->hash_start_src_offset_in_bytes = op->sym->aead.data.offset;
+ job->msg_len_to_cipher_in_bytes =
+ op->sym->aead.data.length;
+ job->msg_len_to_hash_in_bytes =
+ op->sym->aead.data.length;
+
+ job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+ session->iv.offset);
+ break;
+#endif
default:
/* For SNOW3G, length and offsets are already in bits */
job->cipher_start_src_offset_in_bytes =
@@ -1595,9 +1646,7 @@ post_process_mb_job(struct aesni_mb_qp *qp, JOB_AES_HMAC *job)
break;
if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
- if (job->hash_alg == AES_CCM ||
- (job->hash_alg == AES_GMAC &&
- sess->cipher.mode == GCM))
+ if (is_aead_algo(job->hash_alg, sess->cipher.mode))
verify_digest(job,
op->sym->aead.digest.data,
sess->auth.req_digest_len,
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index dc2238191..e8cb57ea9 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -647,6 +647,38 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+#endif
+#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
+ { /* CHACHA20-POLY1305 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, \
+ {.aead = { \
+ .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, \
+ .block_size = 64, \
+ .key_size = { \
+ .min = 32, \
+ .max = 32, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 16, \
+ .max = 16, \
+ .increment = 0 \
+ }, \
+ .aad_size = { \
+ .min = 0, \
+ .max = 240, \
+ .increment = 1 \
+ }, \
+ .iv_size = { \
+ .min = 12, \
+ .max = 12, \
+ .increment = 0 \
+ }, \
+ }, } \
+ }, } \
+ },
#endif
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.25.1
next prev parent reply other threads:[~2020-10-09 12:06 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-06 10:59 [dpdk-dev] [PATCH 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
2020-10-06 10:59 ` [dpdk-dev] [PATCH 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: fix CCM digest size check Pablo de Lara
2020-10-09 12:05 ` [dpdk-dev] [PATCH v2 2/3] crypto/aesni_mb: fix GCM " Pablo de Lara
2020-10-09 12:05 ` Pablo de Lara [this message]
2020-10-09 13:32 ` [dpdk-dev] [PATCH v2 3/3] crypto/aesni_mb: support Chacha20-Poly1305 Akhil Goyal
2020-10-09 18:33 ` De Lara Guarch, Pablo
2020-10-09 18:51 ` Akhil Goyal
2020-10-12 14:59 ` Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201009120521.194542-3-pablo.de.lara.guarch@intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.