1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(c) 2015-2016 Intel Corporation
5 #ifndef _AESNI_MB_PMD_PRIVATE_H_
6 #define _AESNI_MB_PMD_PRIVATE_H_
8 #include <intel-ipsec-mb.h>
10 #if defined(RTE_LIBRTE_SECURITY) && (IMB_VERSION_NUM) >= IMB_VERSION(0, 54, 0)
11 #define AESNI_MB_DOCSIS_SEC_ENABLED 1
12 #include <rte_security.h>
13 #include <rte_security_driver.h>
16 enum aesni_mb_vector_mode {
17 RTE_AESNI_MB_NOT_SUPPORTED = 0,
24 #define CRYPTODEV_NAME_AESNI_MB_PMD crypto_aesni_mb
25 /**< AES-NI Multi buffer PMD device name */
27 /** AESNI_MB PMD LOGTYPE DRIVER */
28 extern int aesni_mb_logtype_driver;
30 #define AESNI_MB_LOG(level, fmt, ...) \
31 rte_log(RTE_LOG_ ## level, aesni_mb_logtype_driver, \
32 "%s() line %u: " fmt "\n", __func__, __LINE__, \
36 #define HMAC_IPAD_VALUE (0x36)
37 #define HMAC_OPAD_VALUE (0x5C)
39 /* Maximum length for digest */
40 #define DIGEST_LENGTH_MAX 64
41 static const unsigned auth_blocksize[] = {
56 [PLAIN_SHA_384] = 128,
61 * Get the blocksize in bytes for a specified authentication algorithm
63 * @Note: this function will not return a valid value for a non-valid
64 * authentication algorithm
66 static inline unsigned
67 get_auth_algo_blocksize(JOB_HASH_ALG algo)
69 return auth_blocksize[algo];
72 static const unsigned auth_truncated_digest_byte_lengths[] = {
92 * Get the IPsec specified truncated length in bytes of the HMAC digest for a
93 * specified authentication algorithm
95 * @Note: this function will not return a valid value for a non-valid
96 * authentication algorithm
98 static inline unsigned
99 get_truncated_digest_byte_length(JOB_HASH_ALG algo)
101 return auth_truncated_digest_byte_lengths[algo];
104 static const unsigned auth_digest_byte_lengths[] = {
117 [PLAIN_SHA_224] = 28,
118 [PLAIN_SHA_256] = 32,
119 [PLAIN_SHA_384] = 48,
121 /**< Vector mode dependent pointer table of the multi-buffer APIs */
126 * Get the full digest size in bytes for a specified authentication algorithm
127 * (if available in the Multi-buffer library)
129 * @Note: this function will not return a valid value for a non-valid
130 * authentication algorithm
132 static inline unsigned
133 get_digest_byte_length(JOB_HASH_ALG algo)
135 return auth_digest_byte_lengths[algo];
138 enum aesni_mb_operation {
139 AESNI_MB_OP_HASH_CIPHER,
140 AESNI_MB_OP_CIPHER_HASH,
141 AESNI_MB_OP_HASH_ONLY,
142 AESNI_MB_OP_CIPHER_ONLY,
143 AESNI_MB_OP_AEAD_HASH_CIPHER,
144 AESNI_MB_OP_AEAD_CIPHER_HASH,
145 AESNI_MB_OP_NOT_SUPPORTED
148 /** private data structure for each virtual AESNI device */
149 struct aesni_mb_private {
150 enum aesni_mb_vector_mode vector_mode;
151 /**< CPU vector instruction set mode */
152 unsigned max_nb_queue_pairs;
153 /**< Max number of queue pairs supported by device */
155 /**< Multi-buffer instance */
158 /** AESNI Multi buffer queue pair */
161 /**< Queue Pair Identifier */
162 char name[RTE_CRYPTODEV_NAME_MAX_LEN];
163 /**< Unique Queue Pair Name */
165 /**< Multi-buffer instance */
166 struct rte_ring *ingress_queue;
167 /**< Ring for placing operations ready for processing */
168 struct rte_mempool *sess_mp;
169 /**< Session Mempool */
170 struct rte_mempool *sess_mp_priv;
171 /**< Session Private Data Mempool */
172 struct rte_cryptodev_stats stats;
173 /**< Queue pair statistics */
175 /**< Index of the next slot to be used in temp_digests,
176 * to store the digest for a given operation
178 uint8_t temp_digests[MAX_JOBS][DIGEST_LENGTH_MAX];
179 /**< Buffers used to store the digest generated
180 * by the driver when verifying a digest provided
181 * by the user (using authentication verify operation)
183 } __rte_cache_aligned;
185 /** AES-NI multi-buffer private session structure */
186 struct aesni_mb_session {
187 JOB_CHAIN_ORDER chain_order;
192 /**< IV parameters */
194 /** Cipher Parameters */const struct aesni_mb_op_fns *op_fns;
195 /**< Vector mode dependent pointer table of the multi-buffer APIs */
198 /** Cipher direction - encrypt / decrypt */
199 JOB_CIPHER_DIRECTION direction;
200 /** Cipher mode - CBC / Counter */
201 JOB_CIPHER_MODE mode;
203 uint64_t key_length_in_bytes;
207 uint32_t encode[60] __rte_aligned(16);
209 uint32_t decode[60] __rte_aligned(16);
213 const void *ks_ptr[3];
217 struct gcm_key_data gcm_key;
219 /**< Expanded AES keys - Allocating space to
220 * contain the maximum expanded key size which
221 * is 240 bytes for 256 bit AES, calculate by:
222 * ((key size (bytes)) *
223 * ((number of rounds) + 1))
227 /** Authentication Parameters */
229 JOB_HASH_ALG algo; /**< Authentication Algorithm */
230 enum rte_crypto_auth_operation operation;
231 /**< auth operation generate or verify */
234 uint8_t inner[128] __rte_aligned(16);
236 uint8_t outer[128] __rte_aligned(16);
239 /**< HMAC Authentication pads -
240 * allocating space for the maximum pad
241 * size supported which is 128 bytes for
246 uint32_t k1_expanded[44] __rte_aligned(16);
247 /**< k1 (expanded key). */
248 uint8_t k2[16] __rte_aligned(16);
250 uint8_t k3[16] __rte_aligned(16);
255 uint32_t expkey[60] __rte_aligned(16);
256 /**< k1 (expanded key). */
257 uint32_t skey1[4] __rte_aligned(16);
259 uint32_t skey2[4] __rte_aligned(16);
262 /**< Expanded XCBC authentication keys */
264 /** Generated digest size by the Multi-buffer library */
265 uint16_t gen_digest_len;
266 /** Requested digest size from Cryptodev */
267 uint16_t req_digest_len;
271 /** AAD data length */
274 } __rte_cache_aligned;
277 aesni_mb_set_session_parameters(const MB_MGR *mb_mgr,
278 struct aesni_mb_session *sess,
279 const struct rte_crypto_sym_xform *xform);
281 #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
283 aesni_mb_set_docsis_sec_session_parameters(
284 __rte_unused struct rte_cryptodev *dev,
285 struct rte_security_session_conf *conf,
289 /** device specific operations function pointer structures */
290 extern struct rte_cryptodev_ops *rte_aesni_mb_pmd_ops;
291 #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
292 extern struct rte_security_ops *rte_aesni_mb_pmd_sec_ops;
296 aesni_mb_cpu_crypto_process_bulk(struct rte_cryptodev *dev,
297 struct rte_cryptodev_sym_session *sess, union rte_crypto_sym_ofs sofs,
298 struct rte_crypto_sym_vec *vec);
300 #endif /* _AESNI_MB_PMD_PRIVATE_H_ */