-/*-
- * BSD LICENSE
- *
- * Copyright(c) 2016-2017 Intel Corporation. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- * * Neither the name of Intel Corporation nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+/* SPDX-License-Identifier: BSD-3-Clause
+ * Copyright(c) 2016-2017 Intel Corporation
*/
#ifndef _RTE_CRYPTO_SYM_H_
RTE_CRYPTO_CIPHER_AES_CBC,
/**< AES algorithm in CBC mode */
- RTE_CRYPTO_CIPHER_AES_CCM,
- /**< AES algorithm in CCM mode. When this cipher algorithm is used the
- * *RTE_CRYPTO_AUTH_AES_CCM* element of the
- * *rte_crypto_hash_algorithm* enum MUST be used to set up the related
- * *rte_crypto_auth_xform* structure in the session context or in
- * the op_params of the crypto operation structure in the case of a
- * session-less crypto operation
- */
RTE_CRYPTO_CIPHER_AES_CTR,
/**< AES algorithm in Counter mode */
RTE_CRYPTO_CIPHER_AES_ECB,
/**< AES algorithm in ECB mode */
RTE_CRYPTO_CIPHER_AES_F8,
/**< AES algorithm in F8 mode */
- RTE_CRYPTO_CIPHER_AES_GCM,
- /**< AES algorithm in GCM mode. When this cipher algorithm is used the
- * *RTE_CRYPTO_AUTH_AES_GCM* element of the *rte_crypto_auth_algorithm*
- * enum MUST be used to set up the related *rte_crypto_auth_setup_data*
- * structure in the session context or in the op_params of the crypto
- * operation structure in the case of a session-less crypto operation.
- */
RTE_CRYPTO_CIPHER_AES_XTS,
/**< AES algorithm in XTS mode */
struct {
uint8_t *data; /**< pointer to key data */
- size_t length; /**< key length in bytes */
+ uint16_t length;/**< key length in bytes */
} key;
/**< Cipher key
*
* Cipher key length is in bytes. For AES it can be 128 bits (16 bytes),
* 192 bits (24 bytes) or 256 bits (32 bytes).
*
- * For the CCM mode of operation, the only supported key length is 128
- * bits (16 bytes).
- *
* For the RTE_CRYPTO_CIPHER_AES_F8 mode of operation, key.length
* should be set to the combined length of the encryption key and the
* keymask. Since the keymask and the encryption key are the same size,
* space for the implementation to write in the flags
* in the first byte). Note that a full 16 bytes should
* be allocated, even though the length field will
- * have a value less than this.
+ * have a value less than this. Note that the PMDs may
+ * modify the memory reserved (the first byte and the
+ * final padding)
*
* - For AES-XTS, this is the 128bit tweak, i, from
* IEEE Std 1619-2007.
RTE_CRYPTO_AUTH_AES_CBC_MAC,
/**< AES-CBC-MAC algorithm. Only 128-bit keys are supported. */
- RTE_CRYPTO_AUTH_AES_CCM,
- /**< AES algorithm in CCM mode. This is an authenticated cipher. When
- * this hash algorithm is used, the *RTE_CRYPTO_CIPHER_AES_CCM*
- * element of the *rte_crypto_cipher_algorithm* enum MUST be used to
- * set up the related rte_crypto_cipher_setup_data structure in the
- * session context or the corresponding parameter in the crypto
- * operation data structures op_params parameter MUST be set for a
- * session-less crypto operation.
- */
RTE_CRYPTO_AUTH_AES_CMAC,
/**< AES CMAC algorithm. */
- RTE_CRYPTO_AUTH_AES_GCM,
- /**< AES algorithm in GCM mode. When this hash algorithm
- * is used, the RTE_CRYPTO_CIPHER_AES_GCM element of the
- * rte_crypto_cipher_algorithm enum MUST be used to set up the related
- * rte_crypto_cipher_setup_data structure in the session context, or
- * the corresponding parameter in the crypto operation data structures
- * op_params parameter MUST be set for a session-less crypto operation.
- */
RTE_CRYPTO_AUTH_AES_GMAC,
/**< AES GMAC algorithm. */
RTE_CRYPTO_AUTH_AES_XCBC_MAC,
RTE_CRYPTO_AUTH_ZUC_EIA3,
/**< ZUC algorithm in EIA3 mode */
+ RTE_CRYPTO_AUTH_SHA3_224,
+ /**< 224 bit SHA3 algorithm. */
+ RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ /**< HMAC using 224 bit SHA3 algorithm. */
+ RTE_CRYPTO_AUTH_SHA3_256,
+ /**< 256 bit SHA3 algorithm. */
+ RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ /**< HMAC using 256 bit SHA3 algorithm. */
+ RTE_CRYPTO_AUTH_SHA3_384,
+ /**< 384 bit SHA3 algorithm. */
+ RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ /**< HMAC using 384 bit SHA3 algorithm. */
+ RTE_CRYPTO_AUTH_SHA3_512,
+ /**< 512 bit SHA3 algorithm. */
+ RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ /**< HMAC using 512 bit SHA3 algorithm. */
+
RTE_CRYPTO_AUTH_LIST_END
};
struct {
uint8_t *data; /**< pointer to key data */
- size_t length; /**< key length in bytes */
+ uint16_t length;/**< key length in bytes */
} key;
/**< Authentication key data.
* The authentication key length MUST be less than or equal to the
* (for example RFC 2104, FIPS 198a).
*/
- uint16_t digest_length;
- /**< Length of the digest to be returned. If the verify option is set,
- * this specifies the length of the digest to be compared for the
- * session.
- *
- * It is the caller's responsibility to ensure that the
- * digest length is compliant with the hash algorithm being used.
- * If the value is less than the maximum length allowed by the hash,
- * the result shall be truncated.
- */
-
- uint16_t add_auth_data_length;
- /**< The length of the additional authenticated data (AAD) in bytes.
- * The maximum permitted value is 65535 (2^16 - 1) bytes, unless
- * otherwise specified below.
- *
- * This field must be specified when the hash algorithm is one of the
- * following:
- *
- * - For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM). In this case, this is
- * the length of the Additional Authenticated Data (called A, in NIST
- * SP800-38D).
- *
- * - For CCM (@ref RTE_CRYPTO_AUTH_AES_CCM). In this case, this is
- * the length of the associated data (called A, in NIST SP800-38C).
- * Note that this does NOT include the length of any padding, or the
- * 18 bytes reserved at the start of the above field to store the
- * block B0 and the encoded length. The maximum permitted value in
- * this case is 222 bytes.
- *
- */
-
struct {
uint16_t offset;
/**< Starting point for Initialisation Vector or Counter,
* specified as number of bytes from start of crypto
* operation (rte_crypto_op).
*
- * - For KASUMI in F9 mode, SNOW 3G in UIA2 mode,
- * for ZUC in EIA3 mode and for AES-GMAC, this is the
- * authentication Initialisation Vector (IV) value.
+ * - For SNOW 3G in UIA2 mode, for ZUC in EIA3 mode and
+ * for AES-GMAC, this is the authentication
+ * Initialisation Vector (IV) value.
*
+ * - For KASUMI in F9 mode and other authentication
+ * algorithms, this field is not used.
*
* For optimum performance, the data pointed to SHOULD
* be 8-byte aligned.
uint16_t length;
/**< Length of valid IV data.
*
- * - For KASUMI in F9 mode, SNOW3G in UIA2 mode, for
- * ZUC in EIA3 mode and for AES-GMAC, this is the length
- * of the IV.
+ * - For SNOW3G in UIA2 mode, for ZUC in EIA3 mode and
+ * for AES-GMAC, this is the length of the IV.
+ *
+ * - For KASUMI in F9 mode and other authentication
+ * algorithms, this field is not used.
*
*/
} iv; /**< Initialisation vector parameters */
+
+ uint16_t digest_length;
+ /**< Length of the digest to be returned. If the verify option is set,
+ * this specifies the length of the digest to be compared for the
+ * session.
+ *
+ * It is the caller's responsibility to ensure that the
+ * digest length is compliant with the hash algorithm being used.
+ * If the value is less than the maximum length allowed by the hash,
+ * the result shall be truncated.
+ */
};
struct {
uint8_t *data; /**< pointer to key data */
- size_t length; /**< key length in bytes */
+ uint16_t length;/**< key length in bytes */
} key;
struct {
*/
} iv; /**< Initialisation vector parameters */
- uint32_t digest_length;
+ uint16_t digest_length;
- uint16_t add_auth_data_length;
- /**< The length of the additional authenticated data (AAD) in bytes. */
+ uint16_t aad_length;
+ /**< The length of the additional authenticated data (AAD) in bytes.
+ * For CCM mode, this is the length of the actual AAD, even though
+ * it is required to reserve 18 bytes before the AAD and padding
+ * at the end of it, so a multiple of 16 bytes is allocated.
+ */
};
/** Crypto transformation types */
/**< Handle for the initialised session context */
struct rte_crypto_sym_xform *xform;
/**< Session-less API crypto operation parameters */
+ struct rte_security_session *sec_session;
+ /**< Handle for the initialised security session context */
};
+ RTE_STD_C11
union {
struct {
struct {
* For GCM (@ref RTE_CRYPTO_AEAD_AES_GCM), for
* "digest result" read "authentication tag T".
*/
- phys_addr_t phys_addr;
+ rte_iova_t phys_addr;
/**< Physical address of digest */
} digest; /**< Digest parameters */
struct {
* Specifically for CCM (@ref RTE_CRYPTO_AEAD_AES_CCM),
* the caller should setup this field as follows:
*
- * - the nonce should be written starting at an offset
- * of one byte into the array, leaving room for the
- * implementation to write in the flags to the first
- * byte.
- *
- * - the additional authentication data itself should
+ * - the additional authentication data itself should
* be written starting at an offset of 18 bytes into
- * the array, leaving room for the length encoding in
- * the first two bytes of the second block.
+ * the array, leaving room for the first block (16 bytes)
+ * and the length encoding in the first two bytes of the
+ * second block.
*
* - the array should be big enough to hold the above
- * fields, plus any padding to round this up to the
- * nearest multiple of the block size (16 bytes).
- * Padding will be added by the implementation.
+ * fields, plus any padding to round this up to the
+ * nearest multiple of the block size (16 bytes).
+ * Padding will be added by the implementation.
+ *
+ * - Note that PMDs may modify the memory reserved
+ * (first 18 bytes and the final padding).
*
* Finally, for GCM (@ref RTE_CRYPTO_AEAD_AES_GCM), the
* caller should setup this field as follows:
* of the block size (16 bytes).
*
*/
- phys_addr_t phys_addr; /**< physical address */
+ rte_iova_t phys_addr; /**< physical address */
} aad;
/**< Additional authentication parameters */
} aead;
* also the same as the result length.
*
* @note
- * In the case of CCM
- * @ref RTE_CRYPTO_AUTH_AES_CCM, this value
- * should not include the length of the padding
- * or the length of the MAC; the driver will
- * compute the actual number of bytes over
- * which the encryption will occur, which will
- * include these values.
- *
- * @note
* For SNOW 3G @ RTE_CRYPTO_AUTH_SNOW3G_UEA2,
* KASUMI @ RTE_CRYPTO_CIPHER_KASUMI_F8
* and ZUC @ RTE_CRYPTO_CIPHER_ZUC_EEA3,
* packet in source buffer.
*
* @note
- * For CCM and GCM modes of operation,
- * this field is ignored.
- * The field @ref aad field should be set
- * instead.
- *
- * @note
* For SNOW 3G @ RTE_CRYPTO_AUTH_SNOW3G_UIA2,
* KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9
* and ZUC @ RTE_CRYPTO_AUTH_ZUC_EIA3,
* this field should be in bits.
+ *
+ * @note
+ * For KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9,
+ * this offset should be such that
+ * data to authenticate starts at COUNT.
*/
uint32_t length;
/**< The message length, in bytes, of the source
* buffer that the hash will be computed on.
*
* @note
- * For CCM and GCM modes of operation,
- * this field is ignored. The field @ref aad
- * field should be set instead.
- *
- * @note
* For SNOW 3G @ RTE_CRYPTO_AUTH_SNOW3G_UIA2,
* KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9
* and ZUC @ RTE_CRYPTO_AUTH_ZUC_EIA3,
* this field should be in bits.
+ *
+ * @note
+ * For KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9,
+ * the length should include the COUNT,
+ * FRESH, message, direction bit and padding
+ * (to be multiple of 8 bits).
*/
} data;
/**< Data offsets and length for authentication */
* For digest generation, the digest result
* will overwrite any data at this location.
*
- * @note
- * For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM), for
- * "digest result" read "authentication tag T".
*/
- phys_addr_t phys_addr;
+ rte_iova_t phys_addr;
/**< Physical address of digest */
} digest; /**< Digest parameters */
-
- struct {
- uint8_t *data;
- /**< Pointer to Additional Authenticated
- * Data (AAD) needed for authenticated cipher
- * mechanisms (CCM and GCM).
- *
- * The length of the data pointed to by this
- * field is set up for the session in the @ref
- * rte_crypto_auth_xform structure as part of
- * the @ref rte_cryptodev_sym_session_create
- * function call.
- * This length must not exceed 65535 (2^16-1)
- * bytes.
- *
- * Specifically for CCM
- * (@ref RTE_CRYPTO_AUTH_AES_CCM),
- * the caller should setup this field as follows:
- *
- * - the nonce should be written starting at
- * an offset of one byte into the array,
- * leaving room for the implementation to
- * write in the flags to the first byte.
- *
- * - the additional authentication data
- * itself should be written starting at
- * an offset of 18 bytes into the array,
- * leaving room for the length encoding in
- * the first two bytes of the second block.
- *
- * - the array should be big enough to hold
- * the above fields, plus any padding to
- * round this up to the nearest multiple of
- * the block size (16 bytes).
- * Padding will be added by the implementation.
- *
- * Finally, for GCM
- * (@ref RTE_CRYPTO_AUTH_AES_GCM), the
- * caller should setup this field as follows:
- *
- * - the AAD is written in starting at byte 0
- * - the array must be big enough to hold
- * the AAD, plus any space to round this up to
- * the nearest multiple of the block size
- * (16 bytes).
- *
- */
- phys_addr_t phys_addr; /**< physical address */
- } aad;
- /**< Additional authentication parameters */
} auth;
};
};