1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(c) 2015-2021 Intel Corporation 3 */ 4 5 #ifndef _PMD_AESNI_MB_PRIV_H_ 6 #define _PMD_AESNI_MB_PRIV_H_ 7 8 #include <rte_security.h> 9 #include <rte_security_driver.h> 10 #include <rte_ether.h> 11 12 #include "ipsec_mb_private.h" 13 14 #define AES_CCM_DIGEST_MIN_LEN 4 15 #define AES_CCM_DIGEST_MAX_LEN 16 16 #define HMAC_MAX_BLOCK_SIZE 128 17 #define HMAC_IPAD_VALUE (0x36) 18 #define HMAC_OPAD_VALUE (0x5C) 19 20 #define MAX_NUM_SEGS 16 21 22 int 23 aesni_mb_session_configure(IMB_MGR * m __rte_unused, void *priv_sess, 24 const struct rte_crypto_sym_xform *xform); 25 26 uint16_t 27 aesni_mb_dequeue_burst(void *queue_pair, struct rte_crypto_op **ops, 28 uint16_t nb_ops); 29 30 uint32_t 31 aesni_mb_process_bulk(struct rte_cryptodev *dev __rte_unused, 32 struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs sofs, 33 struct rte_crypto_sym_vec *vec); 34 35 static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = { 36 { /* MD5 HMAC */ 37 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 38 {.sym = { 39 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 40 {.auth = { 41 .algo = RTE_CRYPTO_AUTH_MD5_HMAC, 42 .block_size = 64, 43 .key_size = { 44 .min = 1, 45 .max = 64, 46 .increment = 1 47 }, 48 .digest_size = { 49 .min = 1, 50 .max = 16, 51 .increment = 1 52 }, 53 .iv_size = { 0 } 54 }, } 55 }, } 56 }, 57 { /* SHA1 HMAC */ 58 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 59 {.sym = { 60 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 61 {.auth = { 62 .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, 63 .block_size = 64, 64 .key_size = { 65 .min = 1, 66 .max = 65535, 67 .increment = 1 68 }, 69 .digest_size = { 70 .min = 1, 71 .max = 20, 72 .increment = 1 73 }, 74 .iv_size = { 0 } 75 }, } 76 }, } 77 }, 78 { /* SHA1 */ 79 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 80 {.sym = { 81 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 82 {.auth = { 83 .algo = RTE_CRYPTO_AUTH_SHA1, 84 .block_size = 64, 85 .key_size = { 86 .min = 0, 87 .max = 0, 88 .increment = 0 89 }, 90 .digest_size = { 91 .min = 1, 92 .max = 20, 93 .increment = 1 94 }, 95 .iv_size = { 0 } 96 }, } 97 }, } 98 }, 99 { /* SHA224 HMAC */ 100 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 101 {.sym = { 102 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 103 {.auth = { 104 .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, 105 .block_size = 64, 106 .key_size = { 107 .min = 1, 108 .max = 65535, 109 .increment = 1 110 }, 111 .digest_size = { 112 .min = 1, 113 .max = 28, 114 .increment = 1 115 }, 116 .iv_size = { 0 } 117 }, } 118 }, } 119 }, 120 { /* SHA224 */ 121 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 122 {.sym = { 123 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 124 {.auth = { 125 .algo = RTE_CRYPTO_AUTH_SHA224, 126 .block_size = 64, 127 .key_size = { 128 .min = 0, 129 .max = 0, 130 .increment = 0 131 }, 132 .digest_size = { 133 .min = 1, 134 .max = 28, 135 .increment = 1 136 }, 137 .iv_size = { 0 } 138 }, } 139 }, } 140 }, 141 { /* SHA256 HMAC */ 142 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 143 {.sym = { 144 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 145 {.auth = { 146 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, 147 .block_size = 64, 148 .key_size = { 149 .min = 1, 150 .max = 65535, 151 .increment = 1 152 }, 153 .digest_size = { 154 .min = 1, 155 .max = 32, 156 .increment = 1 157 }, 158 .iv_size = { 0 } 159 }, } 160 }, } 161 }, 162 { /* SHA256 */ 163 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 164 {.sym = { 165 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 166 {.auth = { 167 .algo = RTE_CRYPTO_AUTH_SHA256, 168 .block_size = 64, 169 .key_size = { 170 .min = 0, 171 .max = 0, 172 .increment = 0 173 }, 174 .digest_size = { 175 .min = 1, 176 .max = 32, 177 .increment = 1 178 }, 179 .iv_size = { 0 } 180 }, } 181 }, } 182 }, 183 { /* SHA384 HMAC */ 184 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 185 {.sym = { 186 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 187 {.auth = { 188 .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, 189 .block_size = 128, 190 .key_size = { 191 .min = 1, 192 .max = 65535, 193 .increment = 1 194 }, 195 .digest_size = { 196 .min = 1, 197 .max = 48, 198 .increment = 1 199 }, 200 .iv_size = { 0 } 201 }, } 202 }, } 203 }, 204 { /* SHA384 */ 205 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 206 {.sym = { 207 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 208 {.auth = { 209 .algo = RTE_CRYPTO_AUTH_SHA384, 210 .block_size = 128, 211 .key_size = { 212 .min = 0, 213 .max = 0, 214 .increment = 0 215 }, 216 .digest_size = { 217 .min = 1, 218 .max = 48, 219 .increment = 1 220 }, 221 .iv_size = { 0 } 222 }, } 223 }, } 224 }, 225 { /* SHA512 HMAC */ 226 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 227 {.sym = { 228 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 229 {.auth = { 230 .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, 231 .block_size = 128, 232 .key_size = { 233 .min = 1, 234 .max = 65535, 235 .increment = 1 236 }, 237 .digest_size = { 238 .min = 1, 239 .max = 64, 240 .increment = 1 241 }, 242 .iv_size = { 0 } 243 }, } 244 }, } 245 }, 246 { /* SHA512 */ 247 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 248 {.sym = { 249 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 250 {.auth = { 251 .algo = RTE_CRYPTO_AUTH_SHA512, 252 .block_size = 128, 253 .key_size = { 254 .min = 0, 255 .max = 0, 256 .increment = 0 257 }, 258 .digest_size = { 259 .min = 1, 260 .max = 64, 261 .increment = 1 262 }, 263 .iv_size = { 0 } 264 }, } 265 }, } 266 }, 267 { /* AES XCBC HMAC */ 268 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 269 {.sym = { 270 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 271 {.auth = { 272 .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC, 273 .block_size = 16, 274 .key_size = { 275 .min = 16, 276 .max = 16, 277 .increment = 0 278 }, 279 .digest_size = { 280 .min = 12, 281 .max = 12, 282 .increment = 0 283 }, 284 .iv_size = { 0 } 285 }, } 286 }, } 287 }, 288 { /* NULL (AUTH) */ 289 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 290 {.sym = { 291 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 292 {.auth = { 293 .algo = RTE_CRYPTO_AUTH_NULL, 294 .block_size = 1, 295 .key_size = { 296 .min = 0, 297 .max = 0, 298 .increment = 0 299 }, 300 .digest_size = { 301 .min = 0, 302 .max = 0, 303 .increment = 0 304 }, 305 .iv_size = { 0 } 306 }, }, 307 }, }, 308 }, 309 { /* NULL (CIPHER) */ 310 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 311 {.sym = { 312 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 313 {.cipher = { 314 .algo = RTE_CRYPTO_CIPHER_NULL, 315 .block_size = 1, 316 .key_size = { 317 .min = 0, 318 .max = 0, 319 .increment = 0 320 }, 321 .iv_size = { 0 } 322 }, }, 323 }, } 324 }, 325 { /* AES CBC */ 326 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 327 {.sym = { 328 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 329 {.cipher = { 330 .algo = RTE_CRYPTO_CIPHER_AES_CBC, 331 .block_size = 16, 332 .key_size = { 333 .min = 16, 334 .max = 32, 335 .increment = 8 336 }, 337 .iv_size = { 338 .min = 16, 339 .max = 16, 340 .increment = 0 341 } 342 }, } 343 }, } 344 }, 345 { /* AES CTR */ 346 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 347 {.sym = { 348 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 349 {.cipher = { 350 .algo = RTE_CRYPTO_CIPHER_AES_CTR, 351 .block_size = 16, 352 .key_size = { 353 .min = 16, 354 .max = 32, 355 .increment = 8 356 }, 357 .iv_size = { 358 .min = 12, 359 .max = 16, 360 .increment = 4 361 } 362 }, } 363 }, } 364 }, 365 { /* AES DOCSIS BPI */ 366 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 367 {.sym = { 368 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 369 {.cipher = { 370 .algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI, 371 .block_size = 16, 372 .key_size = { 373 .min = 16, 374 .max = 32, 375 .increment = 16 376 }, 377 .iv_size = { 378 .min = 16, 379 .max = 16, 380 .increment = 0 381 } 382 }, } 383 }, } 384 }, 385 { /* DES CBC */ 386 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 387 {.sym = { 388 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 389 {.cipher = { 390 .algo = RTE_CRYPTO_CIPHER_DES_CBC, 391 .block_size = 8, 392 .key_size = { 393 .min = 8, 394 .max = 8, 395 .increment = 0 396 }, 397 .iv_size = { 398 .min = 8, 399 .max = 8, 400 .increment = 0 401 } 402 }, } 403 }, } 404 }, 405 { /* 3DES CBC */ 406 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 407 {.sym = { 408 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 409 {.cipher = { 410 .algo = RTE_CRYPTO_CIPHER_3DES_CBC, 411 .block_size = 8, 412 .key_size = { 413 .min = 8, 414 .max = 24, 415 .increment = 8 416 }, 417 .iv_size = { 418 .min = 8, 419 .max = 8, 420 .increment = 0 421 } 422 }, } 423 }, } 424 }, 425 { /* DES DOCSIS BPI */ 426 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 427 {.sym = { 428 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 429 {.cipher = { 430 .algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI, 431 .block_size = 8, 432 .key_size = { 433 .min = 8, 434 .max = 8, 435 .increment = 0 436 }, 437 .iv_size = { 438 .min = 8, 439 .max = 8, 440 .increment = 0 441 } 442 }, } 443 }, } 444 }, 445 { /* AES CCM */ 446 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 447 {.sym = { 448 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, 449 {.aead = { 450 .algo = RTE_CRYPTO_AEAD_AES_CCM, 451 .block_size = 16, 452 .key_size = { 453 .min = 16, 454 .max = 32, 455 .increment = 16 456 }, 457 .digest_size = { 458 .min = 4, 459 .max = 16, 460 .increment = 2 461 }, 462 .aad_size = { 463 .min = 0, 464 .max = 46, 465 .increment = 1 466 }, 467 .iv_size = { 468 .min = 7, 469 .max = 13, 470 .increment = 1 471 }, 472 }, } 473 }, } 474 }, 475 { /* AES CMAC */ 476 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 477 {.sym = { 478 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 479 {.auth = { 480 .algo = RTE_CRYPTO_AUTH_AES_CMAC, 481 .block_size = 16, 482 .key_size = { 483 .min = 16, 484 .max = 16, 485 .increment = 0 486 }, 487 .digest_size = { 488 .min = 1, 489 .max = 16, 490 .increment = 1 491 }, 492 .iv_size = { 0 } 493 }, } 494 }, } 495 }, 496 { /* AES GCM */ 497 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 498 {.sym = { 499 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, 500 {.aead = { 501 .algo = RTE_CRYPTO_AEAD_AES_GCM, 502 .block_size = 16, 503 .key_size = { 504 .min = 16, 505 .max = 32, 506 .increment = 8 507 }, 508 .digest_size = { 509 .min = 1, 510 .max = 16, 511 .increment = 1 512 }, 513 .aad_size = { 514 .min = 0, 515 .max = 65535, 516 .increment = 1 517 }, 518 .iv_size = { 519 .min = 12, 520 .max = 12, 521 .increment = 0 522 } 523 }, } 524 }, } 525 }, 526 { /* AES GMAC (AUTH) */ 527 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 528 {.sym = { 529 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 530 {.auth = { 531 .algo = RTE_CRYPTO_AUTH_AES_GMAC, 532 .block_size = 16, 533 .key_size = { 534 .min = 16, 535 .max = 32, 536 .increment = 8 537 }, 538 .digest_size = { 539 .min = 1, 540 .max = 16, 541 .increment = 1 542 }, 543 .iv_size = { 544 .min = 12, 545 .max = 12, 546 .increment = 0 547 } 548 }, } 549 }, } 550 }, 551 { /* AES ECB */ 552 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 553 {.sym = { 554 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 555 {.cipher = { 556 .algo = RTE_CRYPTO_CIPHER_AES_ECB, 557 .block_size = 16, 558 .key_size = { 559 .min = 16, 560 .max = 32, 561 .increment = 8 562 }, 563 .iv_size = { 0 } 564 }, } 565 }, } 566 }, 567 { /* ZUC (EIA3) */ 568 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 569 {.sym = { 570 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 571 {.auth = { 572 .algo = RTE_CRYPTO_AUTH_ZUC_EIA3, 573 .block_size = 16, 574 .key_size = { 575 .min = 16, 576 .max = 32, 577 .increment = 16 578 }, 579 .digest_size = { 580 .min = 4, 581 .max = 16, 582 .increment = 4 583 }, 584 .iv_size = { 585 .min = 16, 586 .max = 25, 587 .increment = 9 588 } 589 }, } 590 }, } 591 }, 592 { /* ZUC (EEA3) */ 593 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 594 {.sym = { 595 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 596 {.cipher = { 597 .algo = RTE_CRYPTO_CIPHER_ZUC_EEA3, 598 .block_size = 16, 599 .key_size = { 600 .min = 16, 601 .max = 32, 602 .increment = 16 603 }, 604 .iv_size = { 605 .min = 16, 606 .max = 25, 607 .increment = 9 608 }, 609 }, } 610 }, } 611 }, 612 { /* SNOW 3G (UIA2) */ 613 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 614 {.sym = { 615 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 616 {.auth = { 617 .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2, 618 .block_size = 16, 619 .key_size = { 620 .min = 16, 621 .max = 16, 622 .increment = 0 623 }, 624 .digest_size = { 625 .min = 4, 626 .max = 4, 627 .increment = 0 628 }, 629 .iv_size = { 630 .min = 16, 631 .max = 16, 632 .increment = 0 633 } 634 }, } 635 }, } 636 }, 637 { /* SNOW 3G (UEA2) */ 638 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 639 {.sym = { 640 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 641 {.cipher = { 642 .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2, 643 .block_size = 16, 644 .key_size = { 645 .min = 16, 646 .max = 16, 647 .increment = 0 648 }, 649 .iv_size = { 650 .min = 16, 651 .max = 16, 652 .increment = 0 653 } 654 }, } 655 }, } 656 }, 657 { /* KASUMI (F9) */ 658 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 659 {.sym = { 660 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 661 {.auth = { 662 .algo = RTE_CRYPTO_AUTH_KASUMI_F9, 663 .block_size = 8, 664 .key_size = { 665 .min = 16, 666 .max = 16, 667 .increment = 0 668 }, 669 .digest_size = { 670 .min = 4, 671 .max = 4, 672 .increment = 0 673 }, 674 .iv_size = { 0 } 675 }, } 676 }, } 677 }, 678 { /* KASUMI (F8) */ 679 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 680 {.sym = { 681 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 682 {.cipher = { 683 .algo = RTE_CRYPTO_CIPHER_KASUMI_F8, 684 .block_size = 8, 685 .key_size = { 686 .min = 16, 687 .max = 16, 688 .increment = 0 689 }, 690 .iv_size = { 691 .min = 8, 692 .max = 8, 693 .increment = 0 694 } 695 }, } 696 }, } 697 }, 698 { /* CHACHA20-POLY1305 */ 699 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 700 {.sym = { 701 .xform_type = RTE_CRYPTO_SYM_XFORM_AEAD, 702 {.aead = { 703 .algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305, 704 .block_size = 64, 705 .key_size = { 706 .min = 32, 707 .max = 32, 708 .increment = 0 709 }, 710 .digest_size = { 711 .min = 16, 712 .max = 16, 713 .increment = 0 714 }, 715 .aad_size = { 716 .min = 0, 717 .max = 1024, 718 .increment = 1 719 }, 720 .iv_size = { 721 .min = 12, 722 .max = 12, 723 .increment = 0 724 }, 725 }, } 726 }, } 727 }, 728 #if IMB_VERSION(1, 5, 0) <= IMB_VERSION_NUM 729 { /* SM3 */ 730 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 731 {.sym = { 732 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 733 {.auth = { 734 .algo = RTE_CRYPTO_AUTH_SM3, 735 .block_size = 64, 736 .key_size = { 737 .min = 0, 738 .max = 0, 739 .increment = 0 740 }, 741 .digest_size = { 742 .min = 32, 743 .max = 32, 744 .increment = 1 745 }, 746 .iv_size = { 0 } 747 }, } 748 }, } 749 }, 750 { /* HMAC SM3 */ 751 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 752 {.sym = { 753 .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, 754 {.auth = { 755 .algo = RTE_CRYPTO_AUTH_SM3_HMAC, 756 .block_size = 64, 757 .key_size = { 758 .min = 1, 759 .max = 65535, 760 .increment = 1 761 }, 762 .digest_size = { 763 .min = 32, 764 .max = 32, 765 .increment = 1 766 }, 767 .iv_size = { 0 } 768 }, } 769 }, } 770 }, 771 { /* SM4 CBC */ 772 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 773 {.sym = { 774 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 775 {.cipher = { 776 .algo = RTE_CRYPTO_CIPHER_SM4_CBC, 777 .block_size = 16, 778 .key_size = { 779 .min = 16, 780 .max = 16, 781 .increment = 0 782 }, 783 .iv_size = { 784 .min = 16, 785 .max = 16, 786 .increment = 0 787 } 788 }, } 789 }, } 790 }, 791 { /* SM4 ECB */ 792 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 793 {.sym = { 794 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 795 {.cipher = { 796 .algo = RTE_CRYPTO_CIPHER_SM4_ECB, 797 .block_size = 16, 798 .key_size = { 799 .min = 16, 800 .max = 16, 801 .increment = 0 802 }, 803 .iv_size = { 0 } 804 }, } 805 }, } 806 }, 807 #endif 808 #if IMB_VERSION(1, 5, 0) < IMB_VERSION_NUM 809 { /* SM4 CTR */ 810 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 811 {.sym = { 812 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 813 {.cipher = { 814 .algo = RTE_CRYPTO_CIPHER_SM4_CTR, 815 .block_size = 16, 816 .key_size = { 817 .min = 16, 818 .max = 16, 819 .increment = 0 820 }, 821 .iv_size = { 822 .min = 16, 823 .max = 16, 824 .increment = 0 825 } 826 }, } 827 }, } 828 }, 829 #endif 830 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() 831 }; 832 833 struct aesni_mb_qp_data { 834 uint8_t temp_digests[IMB_MAX_JOBS][DIGEST_LENGTH_MAX]; 835 /* *< Buffers used to store the digest generated 836 * by the driver when verifying a digest provided 837 * by the user (using authentication verify operation) 838 */ 839 struct IMB_SGL_IOV sgl_segs[MAX_NUM_SEGS]; 840 union { 841 struct gcm_context_data gcm_sgl_ctx; 842 struct chacha20_poly1305_context_data chacha_sgl_ctx; 843 }; 844 }; 845 846 /* Maximum length for digest */ 847 #define DIGEST_LENGTH_MAX 64 848 static const unsigned int auth_blocksize[] = { 849 [IMB_AUTH_NULL] = 0, 850 [IMB_AUTH_MD5] = 64, 851 [IMB_AUTH_HMAC_SHA_1] = 64, 852 [IMB_AUTH_HMAC_SHA_224] = 64, 853 [IMB_AUTH_HMAC_SHA_256] = 64, 854 [IMB_AUTH_HMAC_SHA_384] = 128, 855 [IMB_AUTH_HMAC_SHA_512] = 128, 856 [IMB_AUTH_AES_XCBC] = 16, 857 [IMB_AUTH_AES_CCM] = 16, 858 [IMB_AUTH_AES_CMAC] = 16, 859 [IMB_AUTH_AES_GMAC] = 16, 860 [IMB_AUTH_SHA_1] = 64, 861 [IMB_AUTH_SHA_224] = 64, 862 [IMB_AUTH_SHA_256] = 64, 863 [IMB_AUTH_SHA_384] = 128, 864 [IMB_AUTH_SHA_512] = 128, 865 [IMB_AUTH_ZUC_EIA3_BITLEN] = 16, 866 [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16, 867 [IMB_AUTH_KASUMI_UIA1] = 16 868 }; 869 870 /** 871 * Get the blocksize in bytes for a specified authentication algorithm 872 * 873 * @Note: this function will not return a valid value for a non-valid 874 * authentication algorithm 875 */ 876 static inline unsigned int 877 get_auth_algo_blocksize(IMB_HASH_ALG algo) 878 { 879 return auth_blocksize[algo]; 880 } 881 882 static const unsigned int auth_truncated_digest_byte_lengths[] = { 883 [IMB_AUTH_MD5] = 12, 884 [IMB_AUTH_HMAC_SHA_1] = 12, 885 [IMB_AUTH_HMAC_SHA_224] = 14, 886 [IMB_AUTH_HMAC_SHA_256] = 16, 887 [IMB_AUTH_HMAC_SHA_384] = 24, 888 [IMB_AUTH_HMAC_SHA_512] = 32, 889 [IMB_AUTH_AES_XCBC] = 12, 890 [IMB_AUTH_AES_CMAC] = 12, 891 [IMB_AUTH_AES_CCM] = 8, 892 [IMB_AUTH_NULL] = 0, 893 [IMB_AUTH_AES_GMAC] = 12, 894 [IMB_AUTH_SHA_1] = 20, 895 [IMB_AUTH_SHA_224] = 28, 896 [IMB_AUTH_SHA_256] = 32, 897 [IMB_AUTH_SHA_384] = 48, 898 [IMB_AUTH_SHA_512] = 64, 899 [IMB_AUTH_ZUC_EIA3_BITLEN] = 4, 900 [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4, 901 [IMB_AUTH_KASUMI_UIA1] = 4 902 }; 903 904 /** 905 * Get the IPsec specified truncated length in bytes of the HMAC digest for a 906 * specified authentication algorithm 907 * 908 * @Note: this function will not return a valid value for a non-valid 909 * authentication algorithm 910 */ 911 static inline unsigned int 912 get_truncated_digest_byte_length(IMB_HASH_ALG algo) 913 { 914 return auth_truncated_digest_byte_lengths[algo]; 915 } 916 917 static const unsigned int auth_digest_byte_lengths[] = { 918 [IMB_AUTH_MD5] = 16, 919 [IMB_AUTH_HMAC_SHA_1] = 20, 920 [IMB_AUTH_HMAC_SHA_224] = 28, 921 [IMB_AUTH_HMAC_SHA_256] = 32, 922 [IMB_AUTH_HMAC_SHA_384] = 48, 923 [IMB_AUTH_HMAC_SHA_512] = 64, 924 [IMB_AUTH_AES_XCBC] = 16, 925 [IMB_AUTH_AES_CMAC] = 16, 926 [IMB_AUTH_AES_CCM] = 16, 927 [IMB_AUTH_AES_GMAC] = 16, 928 [IMB_AUTH_NULL] = 0, 929 [IMB_AUTH_SHA_1] = 20, 930 [IMB_AUTH_SHA_224] = 28, 931 [IMB_AUTH_SHA_256] = 32, 932 [IMB_AUTH_SHA_384] = 48, 933 [IMB_AUTH_SHA_512] = 64, 934 [IMB_AUTH_ZUC_EIA3_BITLEN] = 4, 935 [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4, 936 [IMB_AUTH_KASUMI_UIA1] = 4, 937 #if IMB_VERSION(1, 5, 0) <= IMB_VERSION_NUM 938 [IMB_AUTH_SM3] = 32, 939 [IMB_AUTH_HMAC_SM3] = 32, 940 #endif 941 /**< Vector mode dependent pointer table of the multi-buffer APIs */ 942 943 }; 944 945 /** 946 * Get the full digest size in bytes for a specified authentication algorithm 947 * (if available in the Multi-buffer library) 948 * 949 * @Note: this function will not return a valid value for a non-valid 950 * authentication algorithm 951 */ 952 static inline unsigned int 953 get_digest_byte_length(IMB_HASH_ALG algo) 954 { 955 return auth_digest_byte_lengths[algo]; 956 } 957 958 /** AES-NI multi-buffer private session structure */ 959 struct __rte_cache_aligned aesni_mb_session { 960 IMB_JOB template_job; 961 /*< Template job structure */ 962 uint32_t session_id; 963 /*< IPSec MB session ID */ 964 pid_t pid; 965 /*< Process ID that created session */ 966 struct { 967 uint16_t offset; 968 } iv; 969 struct { 970 uint16_t offset; 971 } auth_iv; 972 /* *< IV parameters 973 */ 974 975 /* * Cipher Parameters 976 */ 977 struct { 978 union { 979 struct { 980 alignas(16) uint32_t encode[60]; 981 /* *< encode key */ 982 alignas(16) uint32_t decode[60]; 983 /* *< decode key */ 984 } expanded_aes_keys; 985 /* *< Expanded AES keys - Allocating space to 986 * contain the maximum expanded key size which 987 * is 240 bytes for 256 bit AES, calculate by: 988 * ((key size (bytes)) * 989 * ((number of rounds) + 1)) 990 */ 991 struct { 992 const void *ks_ptr[3]; 993 uint64_t key[3][16]; 994 } exp_3des_keys; 995 /* *< Expanded 3DES keys */ 996 997 struct gcm_key_data gcm_key; 998 /* *< Expanded GCM key */ 999 uint8_t zuc_cipher_key[32]; 1000 /* *< ZUC cipher key */ 1001 snow3g_key_schedule_t pKeySched_snow3g_cipher; 1002 /* *< SNOW3G scheduled cipher key */ 1003 kasumi_key_sched_t pKeySched_kasumi_cipher; 1004 /* *< KASUMI scheduled cipher key */ 1005 #if IMB_VERSION(1, 5, 0) <= IMB_VERSION_NUM 1006 struct { 1007 alignas(16) uint32_t encode[IMB_SM4_KEY_SCHEDULE_ROUNDS]; 1008 /* *< encode key */ 1009 alignas(16) uint32_t decode[IMB_SM4_KEY_SCHEDULE_ROUNDS]; 1010 /* *< decode key */ 1011 } expanded_sm4_keys; 1012 /* *< Expanded SM4 keys - Original 128 bit key is 1013 * expanded into 32 round keys, each 32 bits. 1014 */ 1015 #endif 1016 }; 1017 } cipher; 1018 1019 /* *< Authentication Parameters */ 1020 struct { 1021 enum rte_crypto_auth_operation operation; 1022 /* *< auth operation generate or verify */ 1023 union { 1024 struct { 1025 alignas(16) uint8_t inner[128]; 1026 /* *< inner pad */ 1027 alignas(16) uint8_t outer[128]; 1028 /* *< outer pad */ 1029 } pads; 1030 /* *< HMAC Authentication pads - 1031 * allocating space for the maximum pad 1032 * size supported which is 128 bytes for 1033 * SHA512 1034 */ 1035 1036 struct { 1037 alignas(16) uint32_t k1_expanded[44]; 1038 /* *< k1 (expanded key). */ 1039 alignas(16) uint8_t k2[16]; 1040 /* *< k2. */ 1041 alignas(16) uint8_t k3[16]; 1042 /* *< k3. */ 1043 } xcbc; 1044 1045 struct { 1046 alignas(16) uint32_t expkey[60]; 1047 /* *< k1 (expanded key). */ 1048 alignas(16) uint32_t skey1[4]; 1049 /* *< k2. */ 1050 alignas(16) uint32_t skey2[4]; 1051 /* *< k3. */ 1052 } cmac; 1053 /* *< Expanded XCBC authentication keys */ 1054 uint8_t zuc_auth_key[32]; 1055 /* *< ZUC authentication key */ 1056 snow3g_key_schedule_t pKeySched_snow3g_auth; 1057 /* *< SNOW3G scheduled authentication key */ 1058 kasumi_key_sched_t pKeySched_kasumi_auth; 1059 /* *< KASUMI scheduled authentication key */ 1060 }; 1061 /* * Requested digest size from Cryptodev */ 1062 uint16_t req_digest_len; 1063 1064 } auth; 1065 }; 1066 1067 typedef void (*hash_one_block_t)(const void *data, void *digest); 1068 typedef void (*aes_keyexp_t)(const void *key, void *enc_exp_keys, 1069 void *dec_exp_keys); 1070 1071 static const struct rte_cryptodev_capabilities 1072 aesni_mb_pmd_security_crypto_cap[] = { 1073 { /* AES DOCSIS BPI */ 1074 .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, 1075 {.sym = { 1076 .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, 1077 {.cipher = { 1078 .algo = RTE_CRYPTO_CIPHER_AES_DOCSISBPI, 1079 .block_size = 16, 1080 .key_size = { 1081 .min = 16, 1082 .max = 32, 1083 .increment = 16 1084 }, 1085 .iv_size = { 1086 .min = 16, 1087 .max = 16, 1088 .increment = 0 1089 } 1090 }, } 1091 }, } 1092 }, 1093 1094 RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() 1095 }; 1096 1097 static const struct rte_security_capability aesni_mb_pmd_security_cap[] = { 1098 { /* DOCSIS Uplink */ 1099 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, 1100 .protocol = RTE_SECURITY_PROTOCOL_DOCSIS, 1101 .docsis = { 1102 .direction = RTE_SECURITY_DOCSIS_UPLINK 1103 }, 1104 .crypto_capabilities = aesni_mb_pmd_security_crypto_cap 1105 }, 1106 { /* DOCSIS Downlink */ 1107 .action = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, 1108 .protocol = RTE_SECURITY_PROTOCOL_DOCSIS, 1109 .docsis = { 1110 .direction = RTE_SECURITY_DOCSIS_DOWNLINK 1111 }, 1112 .crypto_capabilities = aesni_mb_pmd_security_crypto_cap 1113 }, 1114 { 1115 .action = RTE_SECURITY_ACTION_TYPE_NONE 1116 } 1117 }; 1118 1119 #endif /* _PMD_AESNI_MB_PRIV_H_ */ 1120