summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFan Zhang <roy.fan.zhang@intel.com>2018-12-20 12:22:15 +0000
committerPablo de Lara <pablo.de.lara.guarch@intel.com>2019-01-10 16:57:22 +0100
commit11fdbf1b78660e058a059b02504065935b9ff730 (patch)
tree4b65f14fdd0d02ae34ea28f21157b2310e9d1b4c
parent1113ba1dcb7e78a8a839c294523e1939d14aae98 (diff)
downloaddpdk-draft-windows-11fdbf1b7866.zip
dpdk-draft-windows-11fdbf1b7866.tar.gz
dpdk-draft-windows-11fdbf1b7866.tar.xz
crypto/aesni_mb: support plain SHA
This patch adds the plain SHA1, SHA224, SHA256, SHA384, and SHA512 algorithms support to AESNI-MB PMD. The cryptodev unit test and documentation are updated accordingly. Signed-off-by: Damian Nowak <damianx.nowak@intel.com> Signed-off-by: Lukasz Krakowiak <lukaszx.krakowiak@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Fiona Trahe <fiona.trahe@intel.com>
-rw-r--r--doc/guides/cryptodevs/aesni_mb.rst6
-rw-r--r--doc/guides/rel_notes/release_19_02.rst1
-rw-r--r--drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c25
-rw-r--r--drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c105
-rw-r--r--drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h7
-rw-r--r--test/test/test_cryptodev_hash_test_vectors.h45
6 files changed, 184 insertions, 5 deletions
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 1d6ebba..47f2ecc 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -41,6 +41,11 @@ Hash algorithms:
* RTE_CRYPTO_HASH_AES_XCBC_HMAC
* RTE_CRYPTO_HASH_AES_CMAC
* RTE_CRYPTO_HASH_AES_GMAC
+* RTE_CRYPTO_HASH_SHA1
+* RTE_CRYPTO_HASH_SHA224
+* RTE_CRYPTO_HASH_SHA256
+* RTE_CRYPTO_HASH_SHA384
+* RTE_CRYPTO_HASH_SHA512
AEAD algorithms:
@@ -55,6 +60,7 @@ Limitations
* RTE_CRYPTO_AEAD_AES_GCM only works properly when the multi-buffer library is
0.51.0 or newer.
* RTE_CRYPTO_HASH_AES_GMAC is supported by library version v0.51 or later.
+* RTE_CRYPTO_HASH_SHA* is supported by library version v0.52 or later.
Installation
diff --git a/doc/guides/rel_notes/release_19_02.rst b/doc/guides/rel_notes/release_19_02.rst
index 4b24411..662fdd0 100644
--- a/doc/guides/rel_notes/release_19_02.rst
+++ b/doc/guides/rel_notes/release_19_02.rst
@@ -104,6 +104,7 @@ New Features
* Add support for intel-ipsec-mb version 0.52.
* Add AES-GMAC algorithm support.
+ * Add Plain SHA1, SHA224, SHA256, SHA384, and SHA512 algorithms support.
* **Enabled checksum support in the ISA-L compressdev driver.**
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index d34cbc3..4e31735 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -107,6 +107,7 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
hash_one_block_t hash_oneblock_fn;
unsigned int key_larger_block_size = 0;
uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
+ uint32_t auth_precompute = 1;
if (xform == NULL) {
sess->auth.algo = NULL_HASH;
@@ -237,6 +238,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
key_larger_block_size = 1;
}
break;
+ case RTE_CRYPTO_AUTH_SHA1:
+ sess->auth.algo = PLAIN_SHA1;
+ auth_precompute = 0;
+ break;
case RTE_CRYPTO_AUTH_SHA224_HMAC:
sess->auth.algo = SHA_224;
hash_oneblock_fn = mb_mgr->sha224_one_block;
@@ -248,6 +253,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
key_larger_block_size = 1;
}
break;
+ case RTE_CRYPTO_AUTH_SHA224:
+ sess->auth.algo = PLAIN_SHA_224;
+ auth_precompute = 0;
+ break;
case RTE_CRYPTO_AUTH_SHA256_HMAC:
sess->auth.algo = SHA_256;
hash_oneblock_fn = mb_mgr->sha256_one_block;
@@ -259,6 +268,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
key_larger_block_size = 1;
}
break;
+ case RTE_CRYPTO_AUTH_SHA256:
+ sess->auth.algo = PLAIN_SHA_256;
+ auth_precompute = 0;
+ break;
case RTE_CRYPTO_AUTH_SHA384_HMAC:
sess->auth.algo = SHA_384;
hash_oneblock_fn = mb_mgr->sha384_one_block;
@@ -270,6 +283,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
key_larger_block_size = 1;
}
break;
+ case RTE_CRYPTO_AUTH_SHA384:
+ sess->auth.algo = PLAIN_SHA_384;
+ auth_precompute = 0;
+ break;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
sess->auth.algo = SHA_512;
hash_oneblock_fn = mb_mgr->sha512_one_block;
@@ -281,6 +298,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
key_larger_block_size = 1;
}
break;
+ case RTE_CRYPTO_AUTH_SHA512:
+ sess->auth.algo = PLAIN_SHA_512;
+ auth_precompute = 0;
+ break;
default:
AESNI_MB_LOG(ERR, "Unsupported authentication algorithm selection");
return -ENOTSUP;
@@ -302,6 +323,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
else
sess->auth.gen_digest_len = sess->auth.req_digest_len;
+ /* Plain SHA does not require precompute key */
+ if (auth_precompute == 0)
+ return 0;
+
/* Calculate Authentication precomputes */
if (key_larger_block_size) {
calculate_auth_precomputes(hash_oneblock_fn,
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 56d409b..c90f6ba 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -54,6 +54,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA1 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA1,
+ .block_size = 64,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 20,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* SHA224 HMAC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
@@ -75,6 +96,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA224,
+ .block_size = 64,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* SHA256 HMAC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
@@ -96,6 +138,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA256,
+ .block_size = 64,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* SHA384 HMAC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
@@ -117,6 +180,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA384,
+ .block_size = 128,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* SHA512 HMAC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
@@ -138,6 +222,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA512,
+ .block_size = 128,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES XCBC HMAC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
index d61abfe..cdbe7f5 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
@@ -109,6 +109,13 @@ static const unsigned auth_digest_byte_lengths[] = {
[AES_CMAC] = 16,
[AES_GMAC] = 12,
[NULL_HASH] = 0,
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ [PLAIN_SHA1] = 20,
+ [PLAIN_SHA_224] = 28,
+ [PLAIN_SHA_256] = 32,
+ [PLAIN_SHA_384] = 48,
+ [PLAIN_SHA_512] = 64
+#endif
/**< Vector mode dependent pointer table of the multi-buffer APIs */
};
diff --git a/test/test/test_cryptodev_hash_test_vectors.h b/test/test/test_cryptodev_hash_test_vectors.h
index 8964a3b..d3a2660 100644
--- a/test/test/test_cryptodev_hash_test_vectors.h
+++ b/test/test/test_cryptodev_hash_test_vectors.h
@@ -96,7 +96,8 @@ sha1_test_vector = {
0x35, 0x62, 0xFB, 0xFA, 0x93, 0xFD, 0x7D, 0x70,
0xA6, 0x7D, 0x45, 0xCA
},
- .len = 20
+ .len = 20,
+ .truncated_len = 20
}
};
@@ -140,7 +141,8 @@ sha224_test_vector = {
0x39, 0x26, 0xDF, 0xB5, 0x78, 0x62, 0xB2, 0x6E,
0x5E, 0x8F, 0x25, 0x84
},
- .len = 28
+ .len = 28,
+ .truncated_len = 28
}
};
@@ -186,7 +188,8 @@ sha256_test_vector = {
0x1F, 0xC7, 0x84, 0xEE, 0x76, 0xA6, 0x39, 0x15,
0x76, 0x2F, 0x87, 0xF9, 0x01, 0x06, 0xF3, 0xB7
},
- .len = 32
+ .len = 32,
+ .truncated_len = 32
}
};
@@ -234,7 +237,8 @@ sha384_test_vector = {
0xAD, 0x41, 0xAB, 0x15, 0xB0, 0x03, 0x15, 0xEC,
0x9E, 0x3D, 0xED, 0xCB, 0x80, 0x7B, 0xF4, 0xB6
},
- .len = 48
+ .len = 48,
+ .truncated_len = 48
}
};
@@ -288,7 +292,8 @@ sha512_test_vector = {
0x64, 0x4E, 0x15, 0x68, 0x12, 0x67, 0x26, 0x0F,
0x2C, 0x3C, 0x83, 0x25, 0x27, 0x86, 0xF0, 0xDB
},
- .len = 64
+ .len = 64,
+ .truncated_len = 64
}
};
@@ -428,6 +433,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -437,6 +445,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -496,6 +507,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -505,6 +519,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -542,6 +559,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -551,6 +571,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -590,6 +613,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -599,6 +625,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -638,6 +667,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{
@@ -647,6 +679,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
},
{