/*-
* BSD LICENSE
*
- * Copyright(c) 2015 Intel Corporation. All rights reserved.
+ * Copyright(c) 2016 Intel Corporation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
/**
* @file rte_crypto.h
*
- * RTE Cryptographic Definitions
+ * RTE Cryptography Common Definitions
*
- * Defines symmetric cipher and authentication algorithms and modes, as well
- * as supported symmetric crypto operation combinations.
*/
#ifdef __cplusplus
extern "C" {
#endif
-#include <rte_mbuf.h>
-#include <rte_memory.h>
-#include <rte_mempool.h>
-
-/** Symmetric Cipher Algorithms */
-enum rte_crypto_cipher_algorithm {
- RTE_CRYPTO_CIPHER_NULL = 1,
- /**< NULL cipher algorithm. No mode applies to the NULL algorithm. */
-
- RTE_CRYPTO_CIPHER_3DES_CBC,
- /**< Triple DES algorithm in CBC mode */
- RTE_CRYPTO_CIPHER_3DES_CTR,
- /**< Triple DES algorithm in CTR mode */
- RTE_CRYPTO_CIPHER_3DES_ECB,
- /**< Triple DES algorithm in ECB mode */
-
- RTE_CRYPTO_CIPHER_AES_CBC,
- /**< AES algorithm in CBC mode */
- RTE_CRYPTO_CIPHER_AES_CCM,
- /**< AES algorithm in CCM mode. When this cipher algorithm is used the
- * *RTE_CRYPTO_AUTH_AES_CCM* element of the
- * *rte_crypto_hash_algorithm* enum MUST be used to set up the related
- * *rte_crypto_auth_xform* structure in the session context or in
- * the op_params of the crypto operation structure in the case of a
- * session-less crypto operation
- */
- RTE_CRYPTO_CIPHER_AES_CTR,
- /**< AES algorithm in Counter mode */
- RTE_CRYPTO_CIPHER_AES_ECB,
- /**< AES algorithm in ECB mode */
- RTE_CRYPTO_CIPHER_AES_F8,
- /**< AES algorithm in F8 mode */
- RTE_CRYPTO_CIPHER_AES_GCM,
- /**< AES algorithm in GCM mode. When this cipher algorithm is used the
- * *RTE_CRYPTO_AUTH_AES_GCM* element of the
- * *rte_crypto_auth_algorithm* enum MUST be used to set up the related
- * *rte_crypto_auth_setup_data* structure in the session context or in
- * the op_params of the crypto operation structure in the case of a
- * session-less crypto operation.
- */
- RTE_CRYPTO_CIPHER_AES_XTS,
- /**< AES algorithm in XTS mode */
-
- RTE_CRYPTO_CIPHER_ARC4,
- /**< (A)RC4 cipher algorithm */
-
- RTE_CRYPTO_CIPHER_KASUMI_F8,
- /**< Kasumi algorithm in F8 mode */
-
- RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
- /**< SNOW3G algorithm in UEA2 mode */
-
- RTE_CRYPTO_CIPHER_ZUC_EEA3
- /**< ZUC algorithm in EEA3 mode */
-};
-
-/** Symmetric Cipher Direction */
-enum rte_crypto_cipher_operation {
- RTE_CRYPTO_CIPHER_OP_ENCRYPT,
- /**< Encrypt cipher operation */
- RTE_CRYPTO_CIPHER_OP_DECRYPT
- /**< Decrypt cipher operation */
-};
-
-/** Crypto key structure */
-struct rte_crypto_key {
- uint8_t *data; /**< pointer to key data */
- phys_addr_t phys_addr;
- size_t length; /**< key length in bytes */
-};
-
-/**
- * Symmetric Cipher Setup Data.
- *
- * This structure contains data relating to Cipher (Encryption and Decryption)
- * use to create a session.
- */
-struct rte_crypto_cipher_xform {
- enum rte_crypto_cipher_operation op;
- /**< This parameter determines if the cipher operation is an encrypt or
- * a decrypt operation. For the RC4 algorithm and the F8/CTR modes,
- * only encrypt operations are valid.
- */
- enum rte_crypto_cipher_algorithm algo;
- /**< Cipher algorithm */
-
- struct rte_crypto_key key;
- /**< Cipher key
- *
- * For the RTE_CRYPTO_CIPHER_AES_F8 mode of operation, key.data will
- * point to a concatenation of the AES encryption key followed by a
- * keymask. As per RFC3711, the keymask should be padded with trailing
- * bytes to match the length of the encryption key used.
- *
- * For AES-XTS mode of operation, two keys must be provided and
- * key.data must point to the two keys concatenated together (Key1 ||
- * Key2). The cipher key length will contain the total size of both
- * keys.
- *
- * Cipher key length is in bytes. For AES it can be 128 bits (16 bytes),
- * 192 bits (24 bytes) or 256 bits (32 bytes).
- *
- * For the CCM mode of operation, the only supported key length is 128
- * bits (16 bytes).
- *
- * For the RTE_CRYPTO_CIPHER_AES_F8 mode of operation, key.length
- * should be set to the combined length of the encryption key and the
- * keymask. Since the keymask and the encryption key are the same size,
- * key.length should be set to 2 x the AES encryption key length.
- *
- * For the AES-XTS mode of operation:
- * - Two keys must be provided and key.length refers to total length of
- * the two keys.
- * - Each key can be either 128 bits (16 bytes) or 256 bits (32 bytes).
- * - Both keys must have the same size.
- **/
-};
-
-/** Symmetric Authentication / Hash Algorithms */
-enum rte_crypto_auth_algorithm {
- RTE_CRYPTO_AUTH_NULL = 1,
- /**< NULL hash algorithm. */
-
- RTE_CRYPTO_AUTH_AES_CBC_MAC,
- /**< AES-CBC-MAC algorithm. Only 128-bit keys are supported. */
- RTE_CRYPTO_AUTH_AES_CCM,
- /**< AES algorithm in CCM mode. This is an authenticated cipher. When
- * this hash algorithm is used, the *RTE_CRYPTO_CIPHER_AES_CCM*
- * element of the *rte_crypto_cipher_algorithm* enum MUST be used to
- * set up the related rte_crypto_cipher_setup_data structure in the
- * session context or the corresponding parameter in the crypto
- * operation data structures op_params parameter MUST be set for a
- * session-less crypto operation.
- */
- RTE_CRYPTO_AUTH_AES_CMAC,
- /**< AES CMAC algorithm. */
- RTE_CRYPTO_AUTH_AES_GCM,
- /**< AES algorithm in GCM mode. When this hash algorithm
- * is used, the RTE_CRYPTO_CIPHER_AES_GCM element of the
- * rte_crypto_cipher_algorithm enum MUST be used to set up the related
- * rte_crypto_cipher_setup_data structure in the session context, or
- * the corresponding parameter in the crypto operation data structures
- * op_params parameter MUST be set for a session-less crypto operation.
- */
- RTE_CRYPTO_AUTH_AES_GMAC,
- /**< AES GMAC algorithm. When this hash algorithm
- * is used, the RTE_CRYPTO_CIPHER_AES_GCM element of the
- * rte_crypto_cipher_algorithm enum MUST be used to set up the related
- * rte_crypto_cipher_setup_data structure in the session context, or
- * the corresponding parameter in the crypto operation data structures
- * op_params parameter MUST be set for a session-less crypto operation.
- */
- RTE_CRYPTO_AUTH_AES_XCBC_MAC,
- /**< AES XCBC algorithm. */
-
- RTE_CRYPTO_AUTH_KASUMI_F9,
- /**< Kasumi algorithm in F9 mode. */
-
- RTE_CRYPTO_AUTH_MD5,
- /**< MD5 algorithm */
- RTE_CRYPTO_AUTH_MD5_HMAC,
- /**< HMAC using MD5 algorithm */
-
- RTE_CRYPTO_AUTH_SHA1,
- /**< 128 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA1_HMAC,
- /**< HMAC using 128 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA224,
- /**< 224 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA224_HMAC,
- /**< HMAC using 224 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA256,
- /**< 256 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA256_HMAC,
- /**< HMAC using 256 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA384,
- /**< 384 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA384_HMAC,
- /**< HMAC using 384 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA512,
- /**< 512 bit SHA algorithm. */
- RTE_CRYPTO_AUTH_SHA512_HMAC,
- /**< HMAC using 512 bit SHA algorithm. */
-
- RTE_CRYPTO_AUTH_SNOW3G_UIA2,
- /**< SNOW3G algorithm in UIA2 mode. */
-
- RTE_CRYPTO_AUTH_ZUC_EIA3,
- /**< ZUC algorithm in EIA3 mode */
-};
-
-/** Symmetric Authentication / Hash Operations */
-enum rte_crypto_auth_operation {
- RTE_CRYPTO_AUTH_OP_VERIFY, /**< Verify authentication digest */
- RTE_CRYPTO_AUTH_OP_GENERATE /**< Generate authentication digest */
-};
-
-/**
- * Authentication / Hash transform data.
- *
- * This structure contains data relating to an authentication/hash crypto
- * transforms. The fields op, algo and digest_length are common to all
- * authentication transforms and MUST be set.
- */
-struct rte_crypto_auth_xform {
- enum rte_crypto_auth_operation op;
- /**< Authentication operation type */
- enum rte_crypto_auth_algorithm algo;
- /**< Authentication algorithm selection */
-
- struct rte_crypto_key key; /**< Authentication key data.
- * The authentication key length MUST be less than or equal to the
- * block size of the algorithm. It is the callers responsibility to
- * ensure that the key length is compliant with the standard being used
- * (for example RFC 2104, FIPS 198a).
- */
-
- uint32_t digest_length;
- /**< Length of the digest to be returned. If the verify option is set,
- * this specifies the length of the digest to be compared for the
- * session.
- *
- * If the value is less than the maximum length allowed by the hash,
- * the result shall be truncated. If the value is greater than the
- * maximum length allowed by the hash then an error will be generated
- * by *rte_cryptodev_session_create* or by the
- * *rte_cryptodev_enqueue_burst* if using session-less APIs.
- */
-
- uint32_t add_auth_data_length;
- /**< The length of the additional authenticated data (AAD) in bytes.
- * The maximum permitted value is 240 bytes, unless otherwise specified
- * below.
- *
- * This field must be specified when the hash algorithm is one of the
- * following:
- *
- * - For SNOW3G (@ref RTE_CRYPTO_AUTH_SNOW3G_UIA2), this is the
- * length of the IV (which should be 16).
- *
- * - For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM). In this case, this is
- * the length of the Additional Authenticated Data (called A, in NIST
- * SP800-38D).
- *
- * - For CCM (@ref RTE_CRYPTO_AUTH_AES_CCM). In this case, this is
- * the length of the associated data (called A, in NIST SP800-38C).
- * Note that this does NOT include the length of any padding, or the
- * 18 bytes reserved at the start of the above field to store the
- * block B0 and the encoded length. The maximum permitted value in
- * this case is 222 bytes.
- *
- * @note
- * For AES-GMAC (@ref RTE_CRYPTO_AUTH_AES_GMAC) mode of operation
- * this field is not used and should be set to 0. Instead the length
- * of the AAD data is specified in the message length to hash field of
- * the rte_crypto_op_data structure.
- */
-};
-
-/** Crypto transformation types */
-enum rte_crypto_xform_type {
- RTE_CRYPTO_XFORM_NOT_SPECIFIED = 0, /**< No xform specified */
- RTE_CRYPTO_XFORM_AUTH, /**< Authentication xform */
- RTE_CRYPTO_XFORM_CIPHER /**< Cipher xform */
-};
-
-/**
- * Crypto transform structure.
- *
- * This is used to specify the crypto transforms required, multiple transforms
- * can be chained together to specify a chain transforms such as authentication
- * then cipher, or cipher then authentication. Each transform structure can
- * hold a single transform, the type field is used to specify which transform
- * is contained within the union
- */
-struct rte_crypto_xform {
- struct rte_crypto_xform *next; /**< next xform in chain */
-
- enum rte_crypto_xform_type type; /**< xform type */
- union {
- struct rte_crypto_auth_xform auth;
- /**< Authentication / hash xform */
- struct rte_crypto_cipher_xform cipher;
- /**< Cipher xform */
- };
-};
-
-/**
- * Crypto operation session type. This is used to specify whether a crypto
- * operation has session structure attached for immutable parameters or if all
- * operation information is included in the operation data structure.
- */
-enum rte_crypto_op_sess_type {
- RTE_CRYPTO_OP_WITH_SESSION, /**< Session based crypto operation */
- RTE_CRYPTO_OP_SESSIONLESS /**< Session-less crypto operation */
-};
-
/** Status of crypto operation */
enum rte_crypto_op_status {
RTE_CRYPTO_OP_STATUS_SUCCESS,
/**< Error handling operation */
};
-/**
- * Cryptographic Operation Data.
- *
- * This structure contains data relating to performing cryptographic processing
- * on a data buffer. This request is used with rte_crypto_enqueue_burst() call
- * for performing cipher, hash, or a combined hash and cipher operations.
- */
-struct rte_crypto_op {
- enum rte_crypto_op_sess_type type;
- enum rte_crypto_op_status status;
-
- struct {
- struct rte_mbuf *m; /**< Destination mbuf */
- uint8_t offset; /**< Data offset */
- } dst;
-
- union {
- struct rte_cryptodev_session *session;
- /**< Handle for the initialised session context */
- struct rte_crypto_xform *xform;
- /**< Session-less API crypto operation parameters */
- };
-
- struct {
- struct {
- uint32_t offset;
- /**< Starting point for cipher processing, specified
- * as number of bytes from start of data in the source
- * buffer. The result of the cipher operation will be
- * written back into the output buffer starting at
- * this location.
- */
-
- uint32_t length;
- /**< The message length, in bytes, of the source buffer
- * on which the cryptographic operation will be
- * computed. This must be a multiple of the block size
- * if a block cipher is being used. This is also the
- * same as the result length.
- *
- * @note
- * In the case of CCM @ref RTE_CRYPTO_AUTH_AES_CCM,
- * this value should not include the length of the
- * padding or the length of the MAC; the driver will
- * compute the actual number of bytes over which the
- * encryption will occur, which will include these
- * values.
- *
- * @note
- * For AES-GMAC @ref RTE_CRYPTO_AUTH_AES_GMAC, this
- * field should be set to 0.
- */
- } to_cipher; /**< Data offsets and length for ciphering */
-
- struct {
- uint32_t offset;
- /**< Starting point for hash processing, specified as
- * number of bytes from start of packet in source
- * buffer.
- *
- * @note
- * For CCM and GCM modes of operation, this field is
- * ignored. The field @ref additional_auth field
- * should be set instead.
- *
- * @note For AES-GMAC (@ref RTE_CRYPTO_AUTH_AES_GMAC)
- * mode of operation, this field specifies the start
- * of the AAD data in the source buffer.
- */
-
- uint32_t length;
- /**< The message length, in bytes, of the source
- * buffer that the hash will be computed on.
- *
- * @note
- * For CCM and GCM modes of operation, this field is
- * ignored. The field @ref additional_auth field
- * should be set instead.
- *
- * @note
- * For AES-GMAC @ref RTE_CRYPTO_AUTH_AES_GMAC mode
- * of operation, this field specifies the length of
- * the AAD data in the source buffer.
- */
- } to_hash; /**< Data offsets and length for authentication */
- } data; /**< Details of data to be operated on */
-
- struct {
- uint8_t *data;
- /**< Initialisation Vector or Counter.
- *
- * - For block ciphers in CBC or F8 mode, or for Kasumi in F8
- * mode, or for SNOW3G in UEA2 mode, this is the Initialisation
- * Vector (IV) value.
- *
- * - For block ciphers in CTR mode, this is the counter.
- *
- * - For GCM mode, this is either the IV (if the length is 96
- * bits) or J0 (for other sizes), where J0 is as defined by
- * NIST SP800-38D. Regardless of the IV length, a full 16 bytes
- * needs to be allocated.
- *
- * - For CCM mode, the first byte is reserved, and the nonce
- * should be written starting at &iv[1] (to allow space for the
- * implementation to write in the flags in the first byte).
- * Note that a full 16 bytes should be allocated, even though
- * the length field will have a value less than this.
- *
- * - For AES-XTS, this is the 128bit tweak, i, from IEEE Std
- * 1619-2007.
- *
- * For optimum performance, the data pointed to SHOULD be
- * 8-byte aligned.
- */
- phys_addr_t phys_addr;
- size_t length;
- /**< Length of valid IV data.
- *
- * - For block ciphers in CBC or F8 mode, or for Kasumi in F8
- * mode, or for SNOW3G in UEA2 mode, this is the length of the
- * IV (which must be the same as the block length of the
- * cipher).
- *
- * - For block ciphers in CTR mode, this is the length of the
- * counter (which must be the same as the block length of the
- * cipher).
- *
- * - For GCM mode, this is either 12 (for 96-bit IVs) or 16, in
- * which case data points to J0.
- *
- * - For CCM mode, this is the length of the nonce, which can
- * be in the range 7 to 13 inclusive.
- */
- } iv; /**< Initialisation vector parameters */
-
- struct {
- uint8_t *data;
- /**< If this member of this structure is set this is a
- * pointer to the location where the digest result should be
- * inserted (in the case of digest generation) or where the
- * purported digest exists (in the case of digest
- * verification).
- *
- * At session creation time, the client specified the digest
- * result length with the digest_length member of the @ref
- * rte_crypto_auth_xform structure. For physical crypto
- * devices the caller must allocate at least digest_length of
- * physically contiguous memory at this location.
- *
- * For digest generation, the digest result will overwrite
- * any data at this location.
- *
- * @note
- * For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM), for
- * "digest result" read "authentication tag T".
- *
- * If this member is not set the digest result is understood
- * to be in the destination buffer for digest generation, and
- * in the source buffer for digest verification. The location
- * of the digest result in this case is immediately following
- * the region over which the digest is computed.
- */
- phys_addr_t phys_addr; /**< Physical address of digest */
- uint32_t length; /**< Length of digest */
- } digest; /**< Digest parameters */
-
- struct {
- uint8_t *data;
- /**< Pointer to Additional Authenticated Data (AAD) needed for
- * authenticated cipher mechanisms (CCM and GCM), and to the IV
- * for SNOW3G authentication
- * (@ref RTE_CRYPTO_AUTH_SNOW3G_UIA2). For other
- * authentication mechanisms this pointer is ignored.
- *
- * The length of the data pointed to by this field is set up
- * for the session in the @ref rte_crypto_auth_xform structure
- * as part of the @ref rte_cryptodev_session_create function
- * call. This length must not exceed 240 bytes.
- *
- * Specifically for CCM (@ref RTE_CRYPTO_AUTH_AES_CCM), the
- * caller should setup this field as follows:
- *
- * - the nonce should be written starting at an offset of one
- * byte into the array, leaving room for the implementation
- * to write in the flags to the first byte.
- *
- * - the additional authentication data itself should be
- * written starting at an offset of 18 bytes into the array,
- * leaving room for the length encoding in the first two
- * bytes of the second block.
- *
- * - the array should be big enough to hold the above fields,
- * plus any padding to round this up to the nearest multiple
- * of the block size (16 bytes). Padding will be added by
- * the implementation.
- *
- * Finally, for GCM (@ref RTE_CRYPTO_AUTH_AES_GCM), the
- * caller should setup this field as follows:
- *
- * - the AAD is written in starting at byte 0
- * - the array must be big enough to hold the AAD, plus any
- * space to round this up to the nearest multiple of the
- * block size (16 bytes).
- *
- * @note
- * For AES-GMAC (@ref RTE_CRYPTO_AUTH_AES_GMAC) mode of
- * operation, this field is not used and should be set to 0.
- * Instead the AAD data should be placed in the source buffer.
- */
- phys_addr_t phys_addr; /**< physical address */
- uint32_t length; /**< Length of digest */
- } additional_auth;
- /**< Additional authentication parameters */
-
- struct rte_mempool *pool;
- /**< mempool used to allocate crypto op */
-
- void *user_data;
- /**< opaque pointer for user data */
-};
-
-
-/**
- * Reset the fields of a crypto operation to their default values.
- *
- * @param op The crypto operation to be reset.
- */
-static inline void
-__rte_crypto_op_reset(struct rte_crypto_op *op)
-{
- op->type = RTE_CRYPTO_OP_SESSIONLESS;
- op->dst.m = NULL;
- op->dst.offset = 0;
-}
-
-/** Attach a session to a crypto operation */
-static inline void
-rte_crypto_op_attach_session(struct rte_crypto_op *op,
- struct rte_cryptodev_session *sess)
-{
- op->session = sess;
- op->type = RTE_CRYPTO_OP_WITH_SESSION;
-}
+#include <rte_crypto_sym.h>
#ifdef __cplusplus
}