crypto/aesni_mb: support SNOW3G-UEA2/UIA2

Add support for SNOW3G-UEA2/UIA2 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 9d34803dfbd28e059dfee0434af105d3bc384ebd..18631f6db23a422aefcd01e7d77468f83be618e1 100644 (file)
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -36,6 +36,7 @@ Cipher algorithms:
 * RTE_CRYPTO_CIPHER_AES192_ECB
 * RTE_CRYPTO_CIPHER_AES256_ECB
 * RTE_CRYPTO_CIPHER_ZUC_EEA3
+* RTE_CRYPTO_CIPHER_SNOW3G_UEA2
 
 Hash algorithms:
 
@@ -54,6 +55,7 @@ Hash algorithms:
 * RTE_CRYPTO_AUTH_SHA384
 * RTE_CRYPTO_AUTH_SHA512
 * RTE_CRYPTO_AUTH_ZUC_EIA3
+* RTE_CRYPTO_AUTH_SNOW3G_UIA2
 
 AEAD algorithms:
 

diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 3873a8d63dd10ecdce55e900ca45569d7475930a..5a862336b7f1079c49ce6b918f01c68d80f1fb1c 100644 (file)
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -35,6 +35,7 @@ AES ECB (128)  = Y
 AES ECB (192)  = Y
 AES ECB (256)  = Y
 ZUC EEA3       = Y
+SNOW3G UEA2    = Y
 
 ;
 ; Supported authentication algorithms of the 'aesni_mb' crypto driver.
@@ -55,6 +56,7 @@ AES XCBC MAC = Y
 AES CMAC (128)  = Y
 AES GMAC     = Y
 ZUC EIA3     = Y
+SNOW3G UIA2  = Y
 
 ;
 ; Supported AEAD algorithms of the 'aesni_mb' crypto driver.

diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst
index c227c0816368370f348a317a9490c08b35ce1319..40f8a1e2c87557d74e145f564c913c24d74575ce 100644 (file)
--- a/doc/guides/rel_notes/release_20_11.rst
+++ b/doc/guides/rel_notes/release_20_11.rst
@@ -156,6 +156,7 @@ New Features
 
   * Added support for AES-ECB 128, 192 and 256.
   * Added support for ZUC-EEA3/EIA3 algorithms.
+  * Added support for SNOW3G-UEA2/UIA2 algorithms.
 
 * **Updated Marvell NITROX symmetric crypto PMD.**
 

diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
index 601ab9a40020d4a22ad71e8bd90504ebd0509469..85039dbf2c3fc25f068a0b0274aa501cafe9429b 100644 (file)
--- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h
@@ -56,7 +56,8 @@ static const unsigned auth_blocksize[] = {
                [PLAIN_SHA_384]                 = 128,
                [PLAIN_SHA_512]                 = 128,
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
-               [IMB_AUTH_ZUC_EIA3_BITLEN]      = 16
+               [IMB_AUTH_ZUC_EIA3_BITLEN]      = 16,
+               [IMB_AUTH_SNOW3G_UIA2_BITLEN]   = 16
 #endif
 };
 
@@ -90,7 +91,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
                [PLAIN_SHA_384]                 = 48,
                [PLAIN_SHA_512]                 = 64,
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
-               [IMB_AUTH_ZUC_EIA3_BITLEN]      = 4
+               [IMB_AUTH_ZUC_EIA3_BITLEN]      = 4,
+               [IMB_AUTH_SNOW3G_UIA2_BITLEN]   = 4
 #endif
 };
 
@@ -125,7 +127,8 @@ static const unsigned auth_digest_byte_lengths[] = {
                [PLAIN_SHA_384]                 = 48,
                [PLAIN_SHA_512]                 = 64,
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
-               [IMB_AUTH_ZUC_EIA3_BITLEN]      = 4
+               [IMB_AUTH_ZUC_EIA3_BITLEN]      = 4,
+               [IMB_AUTH_SNOW3G_UIA2_BITLEN]   = 4
 #endif
        /**< Vector mode dependent pointer table of the multi-buffer APIs */
 
@@ -238,6 +241,10 @@ struct aesni_mb_session {
                        /**< Expanded GCM key */
                        uint8_t zuc_cipher_key[16];
                        /**< ZUC cipher key */
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+                       snow3g_key_schedule_t pKeySched_snow3g_cipher;
+                       /**< SNOW3G scheduled cipher key */
+#endif
                };
        } cipher;
 
@@ -279,6 +286,10 @@ struct aesni_mb_session {
                        /**< Expanded XCBC authentication keys */
                        uint8_t zuc_auth_key[16];
                        /**< ZUC authentication key */
+#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
+                       snow3g_key_schedule_t pKeySched_snow3g_auth;
+                       /**< SNOW3G scheduled authentication key */
+#endif
                };
        /** Generated digest size by the Multi-buffer library */
        uint16_t gen_digest_len;

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index dbd79d5dcc2e015c93bcd3ebf868ca463ee8177b..bb917b8ff6b49b4ea6329110643d2f4591a885ab 100644 (file)
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -266,6 +266,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 
                memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
                return 0;
+       } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+               sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
+               uint16_t snow3g_uia2_digest_len =
+                       get_truncated_digest_byte_length(IMB_AUTH_SNOW3G_UIA2_BITLEN);
+               if (sess->auth.req_digest_len != snow3g_uia2_digest_len) {
+                       AESNI_MB_LOG(ERR, "Invalid digest size\n");
+                       return -EINVAL;
+               }
+               sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
+               IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data,
+                                       &sess->auth.pKeySched_snow3g_auth);
+               return 0;
        }
 #endif
 
@@ -403,6 +416,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
        uint8_t is_docsis = 0;
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
        uint8_t is_zuc = 0;
+       uint8_t is_snow3g = 0;
 #endif
 
        if (xform == NULL) {
@@ -463,6 +477,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
                sess->cipher.mode = IMB_CIPHER_ZUC_EEA3;
                is_zuc = 1;
                break;
+       case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
+               sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN;
+               is_snow3g = 1;
+               break;
 #endif
        default:
                AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter");
@@ -571,6 +589,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
                sess->cipher.key_length_in_bytes = 16;
                memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
                        16);
+       } else if (is_snow3g) {
+               if (xform->cipher.key.length != 16) {
+                       AESNI_MB_LOG(ERR, "Invalid cipher key length");
+                       return -EINVAL;
+               }
+               sess->cipher.key_length_in_bytes = 16;
+               IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data,
+                                       &sess->cipher.pKeySched_snow3g_cipher);
 #endif
        } else {
                if (xform->cipher.key.length != 8) {
@@ -1220,6 +1246,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
                job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
                                                session->auth_iv.offset);
                break;
+       case IMB_AUTH_SNOW3G_UIA2_BITLEN:
+               job->u.SNOW3G_UIA2._key = (void *) &session->auth.pKeySched_snow3g_auth;
+               job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
+                                               session->auth_iv.offset);
+               break;
 #endif
        default:
                job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
@@ -1238,10 +1269,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
                }
        }
 
+       if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
+                       session->cipher.mode == GCM))
+               m_offset = op->sym->aead.data.offset;
+       else
+               m_offset = op->sym->cipher.data.offset;
+
 #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
        if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
                job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
                job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
+       } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
+               job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
+               m_offset = 0;
        }
 #endif
 
@@ -1259,12 +1299,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
                oop = 1;
        }
 
-       if (job->hash_alg == AES_CCM || (job->hash_alg == AES_GMAC &&
-                       session->cipher.mode == GCM))
-               m_offset = op->sym->aead.data.offset;
-       else
-               m_offset = op->sym->cipher.data.offset;
-
        /* Set digest output location */
        if (job->hash_alg != NULL_HASH &&
                        session->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
@@ -1333,6 +1367,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
                break;
 
        default:
+               /* For SNOW3G, length and offsets are already in bits */
                job->cipher_start_src_offset_in_bytes =
                                op->sym->cipher.data.offset;
                job->msg_len_to_cipher_in_bytes = op->sym->cipher.data.length;

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 0ada3b9e1986e81c105e2c6230088c9e6617e445..2b236b75496a264834593e0b808844e3160923c7 100644 (file)
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -561,6 +561,51 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
                        }, }
                }, }
        },
+       {       /* SNOW 3G (UIA2) */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+                       {.auth = {
+                               .algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2,
+                               .block_size = 16,
+                               .key_size = {
+                                       .min = 16,
+                                       .max = 16,
+                                       .increment = 0
+                               },
+                               .digest_size = {
+                                       .min = 4,
+                                       .max = 4,
+                                       .increment = 0
+                               },
+                               .iv_size = {
+                                       .min = 16,
+                                       .max = 16,
+                                       .increment = 0
+                               }
+                       }, }
+               }, }
+       },
+       {       /* SNOW 3G (UEA2) */
+               .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+               {.sym = {
+                       .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+                       {.cipher = {
+                               .algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
+                               .block_size = 16,
+                               .key_size = {
+                                       .min = 16,
+                                       .max = 16,
+                                       .increment = 0
+                               },
+                               .iv_size = {
+                                       .min = 16,
+                                       .max = 16,
+                                       .increment = 0
+                               }
+                       }, }
+               }, }
+       },
 #endif
        RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };