1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(c) 2015-2016 Intel Corporation
5 #ifndef _AESNI_MB_PMD_PRIVATE_H_
6 #define _AESNI_MB_PMD_PRIVATE_H_
8 #include <intel-ipsec-mb.h>
10 enum aesni_mb_vector_mode {
11 RTE_AESNI_MB_NOT_SUPPORTED = 0,
18 #define CRYPTODEV_NAME_AESNI_MB_PMD crypto_aesni_mb
19 /**< AES-NI Multi buffer PMD device name */
21 /** AESNI_MB PMD LOGTYPE DRIVER */
22 extern int aesni_mb_logtype_driver;
24 #define AESNI_MB_LOG(level, fmt, ...) \
25 rte_log(RTE_LOG_ ## level, aesni_mb_logtype_driver, \
26 "%s() line %u: " fmt "\n", __func__, __LINE__, \
30 #define HMAC_IPAD_VALUE (0x36)
31 #define HMAC_OPAD_VALUE (0x5C)
33 /* Maximum length for digest */
34 #define DIGEST_LENGTH_MAX 64
35 static const unsigned auth_blocksize[] = {
50 [PLAIN_SHA_384] = 128,
55 * Get the blocksize in bytes for a specified authentication algorithm
57 * @Note: this function will not return a valid value for a non-valid
58 * authentication algorithm
60 static inline unsigned
61 get_auth_algo_blocksize(JOB_HASH_ALG algo)
63 return auth_blocksize[algo];
66 static const unsigned auth_truncated_digest_byte_lengths[] = {
86 * Get the IPsec specified truncated length in bytes of the HMAC digest for a
87 * specified authentication algorithm
89 * @Note: this function will not return a valid value for a non-valid
90 * authentication algorithm
92 static inline unsigned
93 get_truncated_digest_byte_length(JOB_HASH_ALG algo)
95 return auth_truncated_digest_byte_lengths[algo];
98 static const unsigned auth_digest_byte_lengths[] = {
111 [PLAIN_SHA_224] = 28,
112 [PLAIN_SHA_256] = 32,
113 [PLAIN_SHA_384] = 48,
115 /**< Vector mode dependent pointer table of the multi-buffer APIs */
120 * Get the full digest size in bytes for a specified authentication algorithm
121 * (if available in the Multi-buffer library)
123 * @Note: this function will not return a valid value for a non-valid
124 * authentication algorithm
126 static inline unsigned
127 get_digest_byte_length(JOB_HASH_ALG algo)
129 return auth_digest_byte_lengths[algo];
132 enum aesni_mb_operation {
133 AESNI_MB_OP_HASH_CIPHER,
134 AESNI_MB_OP_CIPHER_HASH,
135 AESNI_MB_OP_HASH_ONLY,
136 AESNI_MB_OP_CIPHER_ONLY,
137 AESNI_MB_OP_AEAD_HASH_CIPHER,
138 AESNI_MB_OP_AEAD_CIPHER_HASH,
139 AESNI_MB_OP_NOT_SUPPORTED
142 /** private data structure for each virtual AESNI device */
143 struct aesni_mb_private {
144 enum aesni_mb_vector_mode vector_mode;
145 /**< CPU vector instruction set mode */
146 unsigned max_nb_queue_pairs;
147 /**< Max number of queue pairs supported by device */
149 /**< Multi-buffer instance */
152 /** AESNI Multi buffer queue pair */
155 /**< Queue Pair Identifier */
156 char name[RTE_CRYPTODEV_NAME_MAX_LEN];
157 /**< Unique Queue Pair Name */
159 /**< Multi-buffer instance */
160 struct rte_ring *ingress_queue;
161 /**< Ring for placing operations ready for processing */
162 struct rte_mempool *sess_mp;
163 /**< Session Mempool */
164 struct rte_mempool *sess_mp_priv;
165 /**< Session Private Data Mempool */
166 struct rte_cryptodev_stats stats;
167 /**< Queue pair statistics */
169 /**< Index of the next slot to be used in temp_digests,
170 * to store the digest for a given operation
172 uint8_t temp_digests[MAX_JOBS][DIGEST_LENGTH_MAX];
173 /**< Buffers used to store the digest generated
174 * by the driver when verifying a digest provided
175 * by the user (using authentication verify operation)
177 } __rte_cache_aligned;
179 /** AES-NI multi-buffer private session structure */
180 struct aesni_mb_session {
181 JOB_CHAIN_ORDER chain_order;
186 /**< IV parameters */
188 /** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
189 /**< Vector mode dependent pointer table of the multi-buffer APIs */
192 /** Cipher direction - encrypt / decrypt */
193 JOB_CIPHER_DIRECTION direction;
194 /** Cipher mode - CBC / Counter */
195 JOB_CIPHER_MODE mode;
197 uint64_t key_length_in_bytes;
201 uint32_t encode[60] __rte_aligned(16);
203 uint32_t decode[60] __rte_aligned(16);
207 const void *ks_ptr[3];
211 struct gcm_key_data gcm_key;
213 /**< Expanded AES keys - Allocating space to
214 * contain the maximum expanded key size which
215 * is 240 bytes for 256 bit AES, calculate by:
216 * ((key size (bytes)) *
217 * ((number of rounds) + 1))
221 /** Authentication Parameters */
223 JOB_HASH_ALG algo; /**< Authentication Algorithm */
224 enum rte_crypto_auth_operation operation;
225 /**< auth operation generate or verify */
228 uint8_t inner[128] __rte_aligned(16);
230 uint8_t outer[128] __rte_aligned(16);
233 /**< HMAC Authentication pads -
234 * allocating space for the maximum pad
235 * size supported which is 128 bytes for
240 uint32_t k1_expanded[44] __rte_aligned(16);
241 /**< k1 (expanded key). */
242 uint8_t k2[16] __rte_aligned(16);
244 uint8_t k3[16] __rte_aligned(16);
249 uint32_t expkey[60] __rte_aligned(16);
250 /**< k1 (expanded key). */
251 uint32_t skey1[4] __rte_aligned(16);
253 uint32_t skey2[4] __rte_aligned(16);
256 /**< Expanded XCBC authentication keys */
258 /** Generated digest size by the Multi-buffer library */
259 uint16_t gen_digest_len;
260 /** Requested digest size from Cryptodev */
261 uint16_t req_digest_len;
265 /** AAD data length */
268 } __rte_cache_aligned;
271 aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
272 struct aesni_mb_session *sess,
273 const struct rte_crypto_sym_xform *xform);
275 /** device specific operations function pointer structure */
276 extern struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops;
279 aesni_mb_cpu_crypto_process_bulk(struct rte_cryptodev *dev,
280 struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs sofs,
281 struct rte_crypto_sym_vec *vec);
283 #endif /* _AESNI_MB_PMD_PRIVATE_H_ */