[dpdk-stable] patch 'crypto/qat: support plain SHA1..SHA512 hashes' has been queued to stable release 19.11.3
luca.boccassi at gmail.com
luca.boccassi at gmail.com
Tue May 19 15:05:49 CEST 2020
Hi,
FYI, your patch has been queued to stable release 19.11.3
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 05/21/20. So please
shout if anyone has objections.
Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.
Thanks.
Luca Boccassi
---
>From 32b5e80df1cfb5c7a8151e789981c7bf73e5a0a8 Mon Sep 17 00:00:00 2001
From: Adam Dybkowski <adamx.dybkowski at intel.com>
Date: Tue, 21 Apr 2020 14:55:42 +0200
Subject: [PATCH] crypto/qat: support plain SHA1..SHA512 hashes
This patch adds support for plain SHA-1, SHA-224, SHA-256,
SHA-384 and SHA-512 hashes to QAT PMD.
Signed-off-by: Adam Dybkowski <adamx.dybkowski at intel.com>
Acked-by: Luca Boccassi <bluca at debian.org>
---
app/test/test_cryptodev_hash_test_vectors.h | 10 ++
doc/guides/cryptodevs/features/qat.ini | 5 +
doc/guides/cryptodevs/qat.rst | 5 +
drivers/crypto/qat/qat_sym_capabilities.h | 105 ++++++++++++++++++
drivers/crypto/qat/qat_sym_session.c | 113 ++++++++++++++++++--
drivers/crypto/qat/qat_sym_session.h | 1 +
6 files changed, 232 insertions(+), 7 deletions(-)
diff --git a/app/test/test_cryptodev_hash_test_vectors.h b/app/test/test_cryptodev_hash_test_vectors.h
index cff2831185..394bb6b60b 100644
--- a/app/test/test_cryptodev_hash_test_vectors.h
+++ b/app/test/test_cryptodev_hash_test_vectors.h
@@ -460,6 +460,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha1_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -473,6 +474,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha1_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -540,6 +542,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha224_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -553,6 +556,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha224_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -596,6 +600,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha256_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -609,6 +614,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha256_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -654,6 +660,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha384_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -667,6 +674,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha384_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -712,6 +720,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha512_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_GEN,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
@@ -724,6 +733,7 @@ static const struct blockcipher_test_case hash_test_cases[] = {
.test_data = &sha512_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_AUTH_VERIFY,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
BLOCKCIPHER_TEST_TARGET_PMD_CCP |
BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini
index 6e350eb81f..a722419979 100644
--- a/doc/guides/cryptodevs/features/qat.ini
+++ b/doc/guides/cryptodevs/features/qat.ini
@@ -44,10 +44,15 @@ ZUC EEA3 = Y
[Auth]
NULL = Y
MD5 HMAC = Y
+SHA1 = Y
SHA1 HMAC = Y
+SHA224 = Y
SHA224 HMAC = Y
+SHA256 = Y
SHA256 HMAC = Y
+SHA384 = Y
SHA384 HMAC = Y
+SHA512 = Y
SHA512 HMAC = Y
AES GMAC = Y
SNOW3G UIA2 = Y
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 5ab80b1c0f..cc35a64137 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -52,10 +52,15 @@ Cipher algorithms:
Hash algorithms:
+* ``RTE_CRYPTO_AUTH_SHA1``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA224``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA512``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
* ``RTE_CRYPTO_AUTH_AES_XCBC_MAC``
* ``RTE_CRYPTO_AUTH_SNOW3G_UIA2``
diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h
index 028a56c568..dbeea43408 100644
--- a/drivers/crypto/qat/qat_sym_capabilities.h
+++ b/drivers/crypto/qat/qat_sym_capabilities.h
@@ -6,6 +6,111 @@
#define _QAT_SYM_CAPABILITIES_H_
#define QAT_BASE_GEN1_SYM_CAPABILITIES \
+ { /* SHA1 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \
+ {.auth = { \
+ .algo = RTE_CRYPTO_AUTH_SHA1, \
+ .block_size = 64, \
+ .key_size = { \
+ .min = 0, \
+ .max = 0, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 1, \
+ .max = 20, \
+ .increment = 1 \
+ }, \
+ .iv_size = { 0 } \
+ }, } \
+ }, } \
+ }, \
+ { /* SHA224 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \
+ {.auth = { \
+ .algo = RTE_CRYPTO_AUTH_SHA224, \
+ .block_size = 64, \
+ .key_size = { \
+ .min = 0, \
+ .max = 0, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 1, \
+ .max = 28, \
+ .increment = 1 \
+ }, \
+ .iv_size = { 0 } \
+ }, } \
+ }, } \
+ }, \
+ { /* SHA256 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \
+ {.auth = { \
+ .algo = RTE_CRYPTO_AUTH_SHA256, \
+ .block_size = 64, \
+ .key_size = { \
+ .min = 0, \
+ .max = 0, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 1, \
+ .max = 32, \
+ .increment = 1 \
+ }, \
+ .iv_size = { 0 } \
+ }, } \
+ }, } \
+ }, \
+ { /* SHA384 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \
+ {.auth = { \
+ .algo = RTE_CRYPTO_AUTH_SHA384, \
+ .block_size = 128, \
+ .key_size = { \
+ .min = 0, \
+ .max = 0, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 1, \
+ .max = 48, \
+ .increment = 1 \
+ }, \
+ .iv_size = { 0 } \
+ }, } \
+ }, } \
+ }, \
+ { /* SHA512 */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, \
+ {.auth = { \
+ .algo = RTE_CRYPTO_AUTH_SHA512, \
+ .block_size = 128, \
+ .key_size = { \
+ .min = 0, \
+ .max = 0, \
+ .increment = 0 \
+ }, \
+ .digest_size = { \
+ .min = 1, \
+ .max = 64, \
+ .increment = 1 \
+ }, \
+ .iv_size = { 0 } \
+ }, } \
+ }, } \
+ }, \
{ /* SHA1 HMAC */ \
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
{.sym = { \
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index f69c2e2fd7..695ba7e178 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -19,6 +19,41 @@
#include "qat_sym_session.h"
#include "qat_sym_pmd.h"
+/* SHA1 - 20 bytes - Initialiser state can be found in FIPS stds 180-2 */
+static const uint8_t sha1InitialState[] = {
+ 0x67, 0x45, 0x23, 0x01, 0xef, 0xcd, 0xab, 0x89, 0x98, 0xba,
+ 0xdc, 0xfe, 0x10, 0x32, 0x54, 0x76, 0xc3, 0xd2, 0xe1, 0xf0};
+
+/* SHA 224 - 32 bytes - Initialiser state can be found in FIPS stds 180-2 */
+static const uint8_t sha224InitialState[] = {
+ 0xc1, 0x05, 0x9e, 0xd8, 0x36, 0x7c, 0xd5, 0x07, 0x30, 0x70, 0xdd,
+ 0x17, 0xf7, 0x0e, 0x59, 0x39, 0xff, 0xc0, 0x0b, 0x31, 0x68, 0x58,
+ 0x15, 0x11, 0x64, 0xf9, 0x8f, 0xa7, 0xbe, 0xfa, 0x4f, 0xa4};
+
+/* SHA 256 - 32 bytes - Initialiser state can be found in FIPS stds 180-2 */
+static const uint8_t sha256InitialState[] = {
+ 0x6a, 0x09, 0xe6, 0x67, 0xbb, 0x67, 0xae, 0x85, 0x3c, 0x6e, 0xf3,
+ 0x72, 0xa5, 0x4f, 0xf5, 0x3a, 0x51, 0x0e, 0x52, 0x7f, 0x9b, 0x05,
+ 0x68, 0x8c, 0x1f, 0x83, 0xd9, 0xab, 0x5b, 0xe0, 0xcd, 0x19};
+
+/* SHA 384 - 64 bytes - Initialiser state can be found in FIPS stds 180-2 */
+static const uint8_t sha384InitialState[] = {
+ 0xcb, 0xbb, 0x9d, 0x5d, 0xc1, 0x05, 0x9e, 0xd8, 0x62, 0x9a, 0x29,
+ 0x2a, 0x36, 0x7c, 0xd5, 0x07, 0x91, 0x59, 0x01, 0x5a, 0x30, 0x70,
+ 0xdd, 0x17, 0x15, 0x2f, 0xec, 0xd8, 0xf7, 0x0e, 0x59, 0x39, 0x67,
+ 0x33, 0x26, 0x67, 0xff, 0xc0, 0x0b, 0x31, 0x8e, 0xb4, 0x4a, 0x87,
+ 0x68, 0x58, 0x15, 0x11, 0xdb, 0x0c, 0x2e, 0x0d, 0x64, 0xf9, 0x8f,
+ 0xa7, 0x47, 0xb5, 0x48, 0x1d, 0xbe, 0xfa, 0x4f, 0xa4};
+
+/* SHA 512 - 64 bytes - Initialiser state can be found in FIPS stds 180-2 */
+static const uint8_t sha512InitialState[] = {
+ 0x6a, 0x09, 0xe6, 0x67, 0xf3, 0xbc, 0xc9, 0x08, 0xbb, 0x67, 0xae,
+ 0x85, 0x84, 0xca, 0xa7, 0x3b, 0x3c, 0x6e, 0xf3, 0x72, 0xfe, 0x94,
+ 0xf8, 0x2b, 0xa5, 0x4f, 0xf5, 0x3a, 0x5f, 0x1d, 0x36, 0xf1, 0x51,
+ 0x0e, 0x52, 0x7f, 0xad, 0xe6, 0x82, 0xd1, 0x9b, 0x05, 0x68, 0x8c,
+ 0x2b, 0x3e, 0x6c, 0x1f, 0x1f, 0x83, 0xd9, 0xab, 0xfb, 0x41, 0xbd,
+ 0x6b, 0x5b, 0xe0, 0xcd, 0x19, 0x13, 0x7e, 0x21, 0x79};
+
/** Frees a context previously created
* Depends on openssl libcrypto
*/
@@ -580,8 +615,29 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev,
const uint8_t *key_data = auth_xform->key.data;
uint8_t key_length = auth_xform->key.length;
session->aes_cmac = 0;
+ session->auth_mode = ICP_QAT_HW_AUTH_MODE1;
switch (auth_xform->algo) {
+ case RTE_CRYPTO_AUTH_SHA1:
+ session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA1;
+ session->auth_mode = ICP_QAT_HW_AUTH_MODE0;
+ break;
+ case RTE_CRYPTO_AUTH_SHA224:
+ session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA224;
+ session->auth_mode = ICP_QAT_HW_AUTH_MODE0;
+ break;
+ case RTE_CRYPTO_AUTH_SHA256:
+ session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA256;
+ session->auth_mode = ICP_QAT_HW_AUTH_MODE0;
+ break;
+ case RTE_CRYPTO_AUTH_SHA384:
+ session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA384;
+ session->auth_mode = ICP_QAT_HW_AUTH_MODE0;
+ break;
+ case RTE_CRYPTO_AUTH_SHA512:
+ session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA512;
+ session->auth_mode = ICP_QAT_HW_AUTH_MODE0;
+ break;
case RTE_CRYPTO_AUTH_SHA1_HMAC:
session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SHA1;
break;
@@ -635,11 +691,6 @@ qat_sym_session_configure_auth(struct rte_cryptodev *dev,
}
session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3;
break;
- case RTE_CRYPTO_AUTH_SHA1:
- case RTE_CRYPTO_AUTH_SHA256:
- case RTE_CRYPTO_AUTH_SHA512:
- case RTE_CRYPTO_AUTH_SHA224:
- case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_MD5:
case RTE_CRYPTO_AUTH_AES_CBC_MAC:
QAT_LOG(ERR, "Crypto: Unsupported hash alg %u",
@@ -727,6 +778,8 @@ qat_sym_session_configure_aead(struct rte_cryptodev *dev,
session->cipher_iv.offset = xform->aead.iv.offset;
session->cipher_iv.length = xform->aead.iv.length;
+ session->auth_mode = ICP_QAT_HW_AUTH_MODE1;
+
switch (aead_xform->algo) {
case RTE_CRYPTO_AEAD_AES_GCM:
if (qat_sym_validate_aes_key(aead_xform->key.length,
@@ -1574,10 +1627,11 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,
hash = (struct icp_qat_hw_auth_setup *)cdesc->cd_cur_ptr;
hash->auth_config.reserved = 0;
hash->auth_config.config =
- ICP_QAT_HW_AUTH_CONFIG_BUILD(ICP_QAT_HW_AUTH_MODE1,
+ ICP_QAT_HW_AUTH_CONFIG_BUILD(cdesc->auth_mode,
cdesc->qat_hash_alg, digestsize);
- if (cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2
+ if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0
+ || cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_KASUMI_F9
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3
|| cdesc->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_AES_XCBC_MAC
@@ -1600,6 +1654,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,
*/
switch (cdesc->qat_hash_alg) {
case ICP_QAT_HW_AUTH_ALGO_SHA1:
+ if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) {
+ /* Plain SHA-1 */
+ rte_memcpy(cdesc->cd_cur_ptr, sha1InitialState,
+ sizeof(sha1InitialState));
+ state1_size = qat_hash_get_state1_size(
+ cdesc->qat_hash_alg);
+ break;
+ }
+ /* SHA-1 HMAC */
if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA1, authkey,
authkeylen, cdesc->cd_cur_ptr, &state1_size,
cdesc->aes_cmac)) {
@@ -1609,6 +1672,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,
state2_size = RTE_ALIGN_CEIL(ICP_QAT_HW_SHA1_STATE2_SZ, 8);
break;
case ICP_QAT_HW_AUTH_ALGO_SHA224:
+ if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) {
+ /* Plain SHA-224 */
+ rte_memcpy(cdesc->cd_cur_ptr, sha224InitialState,
+ sizeof(sha224InitialState));
+ state1_size = qat_hash_get_state1_size(
+ cdesc->qat_hash_alg);
+ break;
+ }
+ /* SHA-224 HMAC */
if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA224, authkey,
authkeylen, cdesc->cd_cur_ptr, &state1_size,
cdesc->aes_cmac)) {
@@ -1618,6 +1690,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,
state2_size = ICP_QAT_HW_SHA224_STATE2_SZ;
break;
case ICP_QAT_HW_AUTH_ALGO_SHA256:
+ if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) {
+ /* Plain SHA-256 */
+ rte_memcpy(cdesc->cd_cur_ptr, sha256InitialState,
+ sizeof(sha256InitialState));
+ state1_size = qat_hash_get_state1_size(
+ cdesc->qat_hash_alg);
+ break;
+ }
+ /* SHA-256 HMAC */
if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA256, authkey,
authkeylen, cdesc->cd_cur_ptr, &state1_size,
cdesc->aes_cmac)) {
@@ -1627,6 +1708,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,
state2_size = ICP_QAT_HW_SHA256_STATE2_SZ;
break;
case ICP_QAT_HW_AUTH_ALGO_SHA384:
+ if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) {
+ /* Plain SHA-384 */
+ rte_memcpy(cdesc->cd_cur_ptr, sha384InitialState,
+ sizeof(sha384InitialState));
+ state1_size = qat_hash_get_state1_size(
+ cdesc->qat_hash_alg);
+ break;
+ }
+ /* SHA-384 HMAC */
if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA384, authkey,
authkeylen, cdesc->cd_cur_ptr, &state1_size,
cdesc->aes_cmac)) {
@@ -1636,6 +1726,15 @@ int qat_sym_session_aead_create_cd_auth(struct qat_sym_session *cdesc,
state2_size = ICP_QAT_HW_SHA384_STATE2_SZ;
break;
case ICP_QAT_HW_AUTH_ALGO_SHA512:
+ if (cdesc->auth_mode == ICP_QAT_HW_AUTH_MODE0) {
+ /* Plain SHA-512 */
+ rte_memcpy(cdesc->cd_cur_ptr, sha512InitialState,
+ sizeof(sha512InitialState));
+ state1_size = qat_hash_get_state1_size(
+ cdesc->qat_hash_alg);
+ break;
+ }
+ /* SHA-512 HMAC */
if (qat_sym_do_precomputes(ICP_QAT_HW_AUTH_ALGO_SHA512, authkey,
authkeylen, cdesc->cd_cur_ptr, &state1_size,
cdesc->aes_cmac)) {
diff --git a/drivers/crypto/qat/qat_sym_session.h b/drivers/crypto/qat/qat_sym_session.h
index 98985d6867..bcab5b2b60 100644
--- a/drivers/crypto/qat/qat_sym_session.h
+++ b/drivers/crypto/qat/qat_sym_session.h
@@ -62,6 +62,7 @@ struct qat_sym_session {
enum icp_qat_hw_cipher_mode qat_mode;
enum icp_qat_hw_auth_algo qat_hash_alg;
enum icp_qat_hw_auth_op auth_op;
+ enum icp_qat_hw_auth_mode auth_mode;
void *bpi_ctx;
struct qat_sym_cd cd;
uint8_t *cd_cur_ptr;
--
2.20.1
More information about the stable
mailing list