1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(C) 2021 Marvell.
7 static uint8_t zuc_d[32] = {0x44, 0xD7, 0x26, 0xBC, 0x62, 0x6B, 0x13, 0x5E,
8 0x57, 0x89, 0x35, 0xE2, 0x71, 0x35, 0x09, 0xAF,
9 0x4D, 0x78, 0x2F, 0x13, 0x6B, 0xC4, 0x1A, 0xF1,
10 0x5E, 0x26, 0x3C, 0x4D, 0x78, 0x9A, 0x47, 0xAC};
13 cpt_snow3g_key_gen(const uint8_t *ck, uint32_t *keyx)
17 for (i = 0; i < 4; i++) {
19 keyx[3 - i] = (ck[base] << 24) | (ck[base + 1] << 16) |
20 (ck[base + 2] << 8) | (ck[base + 3]);
21 keyx[3 - i] = plt_cpu_to_be_32(keyx[3 - i]);
26 cpt_ciph_aes_key_validate(uint16_t key_len)
39 cpt_ciph_type_set(roc_se_cipher_type type, struct roc_se_ctx *ctx,
45 case ROC_SE_PASSTHROUGH:
46 fc_type = ROC_SE_FC_GEN;
50 fc_type = ROC_SE_FC_GEN;
57 if (unlikely(cpt_ciph_aes_key_validate(key_len) != 0))
59 fc_type = ROC_SE_FC_GEN;
62 fc_type = ROC_SE_FC_GEN;
65 key_len = key_len / 2;
66 if (unlikely(key_len == 24)) {
67 plt_err("Invalid AES key len for XTS");
70 if (unlikely(cpt_ciph_aes_key_validate(key_len) != 0))
72 fc_type = ROC_SE_FC_GEN;
75 /* No support for chained operations */
76 if (unlikely(ctx->hash_type))
78 fc_type = ROC_SE_PDCP;
80 case ROC_SE_SNOW3G_UEA2:
81 if (unlikely(key_len != 16))
83 /* No support for AEAD yet */
84 if (unlikely(ctx->hash_type))
86 fc_type = ROC_SE_PDCP;
88 case ROC_SE_AES_CTR_EEA2:
89 fc_type = ROC_SE_PDCP;
91 case ROC_SE_KASUMI_F8_CBC:
92 case ROC_SE_KASUMI_F8_ECB:
93 if (unlikely(key_len != 16))
95 /* No support for AEAD yet */
96 if (unlikely(ctx->hash_type))
98 fc_type = ROC_SE_KASUMI;
104 ctx->fc_type = fc_type;
109 cpt_ciph_aes_key_type_set(struct roc_se_context *fctx, uint16_t key_len)
111 roc_se_aes_type aes_key_type = 0;
115 aes_key_type = ROC_SE_AES_128_BIT;
118 aes_key_type = ROC_SE_AES_192_BIT;
121 aes_key_type = ROC_SE_AES_256_BIT;
124 /* This should not happen */
125 plt_err("Invalid AES key len");
128 fctx->enc.aes_key = aes_key_type;
132 cpt_pdcp_key_type_set(struct roc_se_zuc_snow3g_ctx *zs_ctx, uint16_t key_len)
134 roc_se_aes_type key_type = 0;
136 if (roc_model_is_cn9k()) {
138 plt_err("Only key len 16 is supported on cn9k");
145 key_type = ROC_SE_AES_128_BIT;
148 key_type = ROC_SE_AES_256_BIT;
151 plt_err("Invalid AES key len");
154 zs_ctx->zuc.otk_ctx.w0.s.key_len = key_type;
159 cpt_pdcp_mac_len_set(struct roc_se_zuc_snow3g_ctx *zs_ctx, uint16_t mac_len)
161 roc_se_pdcp_mac_len_type mac_type = 0;
163 if (roc_model_is_cn9k()) {
165 plt_err("Only mac len 4 is supported on cn9k");
172 mac_type = ROC_SE_PDCP_MAC_LEN_32_BIT;
175 mac_type = ROC_SE_PDCP_MAC_LEN_64_BIT;
178 mac_type = ROC_SE_PDCP_MAC_LEN_128_BIT;
181 plt_err("Invalid ZUC MAC len");
184 zs_ctx->zuc.otk_ctx.w0.s.mac_len = mac_type;
189 roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
190 const uint8_t *key, uint16_t key_len, uint16_t mac_len)
192 struct roc_se_zuc_snow3g_ctx *zs_ctx;
193 struct roc_se_kasumi_ctx *k_ctx;
194 struct roc_se_context *fctx;
200 zs_ctx = &se_ctx->se_ctx.zs_ctx;
201 k_ctx = &se_ctx->se_ctx.k_ctx;
202 fctx = &se_ctx->se_ctx.fctx;
204 if ((type >= ROC_SE_ZUC_EIA3) && (type <= ROC_SE_KASUMI_F9_ECB)) {
212 /* No support for chained operations yet */
213 if (se_ctx->enc_cipher)
216 if (roc_model_is_cn9k()) {
217 ci_key = zs_ctx->zuc.onk_ctx.ci_key;
218 zuc_const = zs_ctx->zuc.onk_ctx.zuc_const;
220 ci_key = zs_ctx->zuc.otk_ctx.ci_key;
221 zuc_const = zs_ctx->zuc.otk_ctx.zuc_const;
224 /* For ZUC/SNOW3G/Kasumi */
226 case ROC_SE_SNOW3G_UIA2:
227 zs_ctx->zuc.otk_ctx.w0.s.alg_type =
228 ROC_SE_PDCP_ALG_TYPE_SNOW3G;
229 zs_ctx->zuc.otk_ctx.w0.s.mac_len =
230 ROC_SE_PDCP_MAC_LEN_32_BIT;
231 se_ctx->pdcp_alg_type = ROC_SE_PDCP_ALG_TYPE_SNOW3G;
232 cpt_snow3g_key_gen(key, keyx);
233 memcpy(ci_key, keyx, key_len);
234 se_ctx->fc_type = ROC_SE_PDCP;
235 se_ctx->zsk_flags = 0x1;
237 case ROC_SE_ZUC_EIA3:
238 zs_ctx->zuc.otk_ctx.w0.s.alg_type =
239 ROC_SE_PDCP_ALG_TYPE_ZUC;
240 ret = cpt_pdcp_key_type_set(zs_ctx, key_len);
243 ret = cpt_pdcp_mac_len_set(zs_ctx, mac_len);
246 se_ctx->pdcp_alg_type = ROC_SE_PDCP_ALG_TYPE_ZUC;
247 memcpy(ci_key, key, key_len);
248 memcpy(zuc_const, zuc_d, 32);
249 se_ctx->fc_type = ROC_SE_PDCP;
250 se_ctx->zsk_flags = 0x1;
252 case ROC_SE_AES_CMAC_EIA2:
253 zs_ctx->zuc.otk_ctx.w0.s.alg_type =
254 ROC_SE_PDCP_ALG_TYPE_AES_CTR;
255 zs_ctx->zuc.otk_ctx.w0.s.mac_len =
256 ROC_SE_PDCP_MAC_LEN_32_BIT;
257 se_ctx->pdcp_alg_type = ROC_SE_PDCP_ALG_TYPE_AES_CTR;
258 memcpy(ci_key, key, key_len);
259 se_ctx->fc_type = ROC_SE_PDCP;
260 se_ctx->zsk_flags = 0x1;
262 case ROC_SE_KASUMI_F9_ECB:
263 /* Kasumi ECB mode */
265 memcpy(k_ctx->ci_key, key, key_len);
266 se_ctx->fc_type = ROC_SE_KASUMI;
267 se_ctx->zsk_flags = 0x1;
269 case ROC_SE_KASUMI_F9_CBC:
270 memcpy(k_ctx->ci_key, key, key_len);
271 se_ctx->fc_type = ROC_SE_KASUMI;
272 se_ctx->zsk_flags = 0x1;
277 se_ctx->mac_len = mac_len;
278 se_ctx->hash_type = type;
279 if (roc_model_is_cn9k())
280 se_ctx->template_w4.s.opcode_minor =
281 ((1 << 7) | (se_ctx->pdcp_alg_type << 5) | 1);
283 se_ctx->template_w4.s.opcode_minor = ((1 << 4) | 1);
287 if (!se_ctx->fc_type ||
288 (type && type != ROC_SE_GMAC_TYPE && !se_ctx->enc_cipher))
289 se_ctx->fc_type = ROC_SE_HASH_HMAC;
291 if (se_ctx->fc_type == ROC_SE_FC_GEN && key_len > 64)
294 /* For GMAC auth, cipher must be NULL */
295 if (type == ROC_SE_GMAC_TYPE)
296 fctx->enc.enc_cipher = 0;
298 fctx->enc.hash_type = type;
299 se_ctx->hash_type = type;
300 fctx->enc.mac_len = mac_len;
301 se_ctx->mac_len = mac_len;
306 se_ctx->auth_key = plt_zmalloc(key_len, 8);
307 if (se_ctx->auth_key == NULL)
310 memcpy(se_ctx->auth_key, key, key_len);
311 se_ctx->auth_key_len = key_len;
312 memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad));
313 memset(fctx->hmac.opad, 0, sizeof(fctx->hmac.opad));
316 memcpy(fctx->hmac.opad, key, key_len);
317 fctx->enc.auth_input_type = 1;
323 roc_se_ciph_key_set(struct roc_se_ctx *se_ctx, roc_se_cipher_type type,
324 const uint8_t *key, uint16_t key_len, uint8_t *salt)
326 struct roc_se_zuc_snow3g_ctx *zs_ctx = &se_ctx->se_ctx.zs_ctx;
327 struct roc_se_context *fctx = &se_ctx->se_ctx.fctx;
333 if (roc_model_is_cn9k()) {
334 ci_key = zs_ctx->zuc.onk_ctx.ci_key;
335 zuc_const = zs_ctx->zuc.onk_ctx.zuc_const;
337 ci_key = zs_ctx->zuc.otk_ctx.ci_key;
338 zuc_const = zs_ctx->zuc.otk_ctx.zuc_const;
341 /* For AES-GCM, salt is taken from ctx even if IV source
344 if ((salt != NULL) && (type == ROC_SE_AES_GCM)) {
345 memcpy(fctx->enc.encr_iv, salt, 4);
346 /* Assuming it was just salt update
353 ret = cpt_ciph_type_set(type, se_ctx, key_len);
357 if (se_ctx->fc_type == ROC_SE_FC_GEN) {
359 * We need to always say IV is from DPTR as user can
360 * sometimes override IV per operation.
362 fctx->enc.iv_source = ROC_SE_FROM_DPTR;
364 if (se_ctx->auth_key_len > 64)
369 case ROC_SE_PASSTHROUGH:
370 se_ctx->enc_cipher = 0;
371 fctx->enc.enc_cipher = 0;
373 case ROC_SE_DES3_CBC:
374 /* CPT performs DES using 3DES with the 8B DES-key
375 * replicated 2 more times to match the 24B 3DES-key.
376 * Eg. If org. key is "0x0a 0x0b", then new key is
377 * "0x0a 0x0b 0x0a 0x0b 0x0a 0x0b"
380 /* Skipping the first 8B as it will be copied
381 * in the regular code flow
383 memcpy(fctx->enc.encr_key + key_len, key, key_len);
384 memcpy(fctx->enc.encr_key + 2 * key_len, key, key_len);
387 case ROC_SE_DES3_ECB:
388 /* For DES3_ECB IV need to be from CTX. */
389 fctx->enc.iv_source = ROC_SE_FROM_CTX;
395 case ROC_SE_CHACHA20:
396 cpt_ciph_aes_key_type_set(fctx, key_len);
399 cpt_ciph_aes_key_type_set(fctx, key_len);
402 key_len = key_len / 2;
403 cpt_ciph_aes_key_type_set(fctx, key_len);
405 /* Copy key2 for XTS into ipad */
406 memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad));
407 memcpy(fctx->hmac.ipad, &key[key_len], key_len);
409 case ROC_SE_SNOW3G_UEA2:
410 zs_ctx->zuc.otk_ctx.w0.s.key_len = ROC_SE_AES_128_BIT;
411 zs_ctx->zuc.otk_ctx.w0.s.alg_type = ROC_SE_PDCP_ALG_TYPE_SNOW3G;
412 se_ctx->pdcp_alg_type = ROC_SE_PDCP_ALG_TYPE_SNOW3G;
413 cpt_snow3g_key_gen(key, keyx);
414 memcpy(ci_key, keyx, key_len);
415 se_ctx->zsk_flags = 0;
417 case ROC_SE_ZUC_EEA3:
418 ret = cpt_pdcp_key_type_set(zs_ctx, key_len);
421 zs_ctx->zuc.otk_ctx.w0.s.alg_type = ROC_SE_PDCP_ALG_TYPE_ZUC;
422 se_ctx->pdcp_alg_type = ROC_SE_PDCP_ALG_TYPE_ZUC;
423 memcpy(ci_key, key, key_len);
424 memcpy(zuc_const, zuc_d, 32);
425 se_ctx->zsk_flags = 0;
427 case ROC_SE_AES_CTR_EEA2:
428 zs_ctx->zuc.otk_ctx.w0.s.key_len = ROC_SE_AES_128_BIT;
429 zs_ctx->zuc.otk_ctx.w0.s.alg_type =
430 ROC_SE_PDCP_ALG_TYPE_AES_CTR;
431 se_ctx->pdcp_alg_type = ROC_SE_PDCP_ALG_TYPE_AES_CTR;
432 memcpy(ci_key, key, key_len);
433 se_ctx->zsk_flags = 0;
435 case ROC_SE_KASUMI_F8_ECB:
437 memcpy(se_ctx->se_ctx.k_ctx.ci_key, key, key_len);
438 se_ctx->zsk_flags = 0;
440 case ROC_SE_KASUMI_F8_CBC:
441 memcpy(se_ctx->se_ctx.k_ctx.ci_key, key, key_len);
442 se_ctx->zsk_flags = 0;
448 /* Only for ROC_SE_FC_GEN case */
450 /* For GMAC auth, cipher must be NULL */
451 if (se_ctx->hash_type != ROC_SE_GMAC_TYPE)
452 fctx->enc.enc_cipher = type;
454 memcpy(fctx->enc.encr_key, key, key_len);
457 se_ctx->enc_cipher = type;
458 if (se_ctx->fc_type == ROC_SE_PDCP) {
459 if (roc_model_is_cn9k())
460 se_ctx->template_w4.s.opcode_minor =
461 ((1 << 7) | (se_ctx->pdcp_alg_type << 5) |
462 (se_ctx->zsk_flags & 0x7));
464 se_ctx->template_w4.s.opcode_minor = ((1 << 4));
470 roc_se_ctx_swap(struct roc_se_ctx *se_ctx)
472 struct roc_se_zuc_snow3g_ctx *zs_ctx = &se_ctx->se_ctx.zs_ctx;
474 if (roc_model_is_cn9k())
477 zs_ctx->zuc.otk_ctx.w0.u64 = htobe64(zs_ctx->zuc.otk_ctx.w0.u64);