1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(c) 2015-2022 Intel Corporation 3 */ 4 #ifndef _QAT_SYM_SESSION_H_ 5 #define _QAT_SYM_SESSION_H_ 6 7 #include <rte_crypto.h> 8 #include <cryptodev_pmd.h> 9 #ifdef RTE_LIB_SECURITY 10 #include <rte_security.h> 11 #endif 12 13 #include "qat_common.h" 14 #include "icp_qat_hw.h" 15 #include "icp_qat_fw.h" 16 #include "icp_qat_fw_la.h" 17 18 /* 19 * Key Modifier (KM) value used in KASUMI algorithm in F9 mode to XOR 20 * Integrity Key (IK) 21 */ 22 #define KASUMI_F9_KEY_MODIFIER_4_BYTES 0xAAAAAAAA 23 24 #define KASUMI_F8_KEY_MODIFIER_4_BYTES 0x55555555 25 26 /* 27 * AES-GCM J0 length 28 */ 29 #define AES_GCM_J0_LEN 16 30 31 /* 3DES key sizes */ 32 #define QAT_3DES_KEY_SZ_OPT1 24 /* Keys are independent */ 33 #define QAT_3DES_KEY_SZ_OPT2 16 /* K3=K1 */ 34 #define QAT_3DES_KEY_SZ_OPT3 8 /* K1=K2=K3 */ 35 36 /* 96-bit case of IV for CCP/GCM single pass algorithm */ 37 #define QAT_AES_GCM_SPC_IV_SIZE 12 38 39 #define QAT_AES_HW_CONFIG_CBC_ENC(alg) \ 40 ICP_QAT_HW_CIPHER_CONFIG_BUILD(ICP_QAT_HW_CIPHER_CBC_MODE, alg, \ 41 ICP_QAT_HW_CIPHER_NO_CONVERT, \ 42 ICP_QAT_HW_CIPHER_ENCRYPT) 43 44 #define QAT_AES_HW_CONFIG_CBC_DEC(alg) \ 45 ICP_QAT_HW_CIPHER_CONFIG_BUILD(ICP_QAT_HW_CIPHER_CBC_MODE, alg, \ 46 ICP_QAT_HW_CIPHER_KEY_CONVERT, \ 47 ICP_QAT_HW_CIPHER_DECRYPT) 48 49 #define QAT_AES_CMAC_CONST_RB 0x87 50 51 #define QAT_CRYPTO_SLICE_SPC 1 52 #define QAT_CRYPTO_SLICE_UCS 2 53 #define QAT_CRYPTO_SLICE_WCP 4 54 55 #define QAT_SESSION_IS_SLICE_SET(flags, flag) \ 56 (!!((flags) & (flag))) 57 58 enum qat_sym_proto_flag { 59 QAT_CRYPTO_PROTO_FLAG_NONE = 0, 60 QAT_CRYPTO_PROTO_FLAG_CCM = 1, 61 QAT_CRYPTO_PROTO_FLAG_GCM = 2, 62 QAT_CRYPTO_PROTO_FLAG_SNOW3G = 3, 63 QAT_CRYPTO_PROTO_FLAG_ZUC = 4 64 }; 65 66 struct qat_sym_session; 67 68 /* 69 * typedef qat_op_build_request_t function pointer, passed in as argument 70 * in enqueue op burst, where a build request assigned base on the type of 71 * crypto op. 72 */ 73 typedef int (*qat_sym_build_request_t)(void *in_op, struct qat_sym_session *ctx, 74 uint8_t *out_msg, void *op_cookie); 75 76 /* Common content descriptor */ 77 struct qat_sym_cd { 78 struct icp_qat_hw_cipher_algo_blk cipher; 79 struct icp_qat_hw_auth_algo_blk hash; 80 } __rte_packed __rte_cache_aligned; 81 82 struct qat_sym_session { 83 enum icp_qat_fw_la_cmd_id qat_cmd; 84 enum icp_qat_hw_cipher_algo qat_cipher_alg; 85 enum icp_qat_hw_cipher_dir qat_dir; 86 enum icp_qat_hw_cipher_mode qat_mode; 87 enum icp_qat_hw_auth_algo qat_hash_alg; 88 enum icp_qat_hw_auth_op auth_op; 89 enum icp_qat_hw_auth_mode auth_mode; 90 void *bpi_ctx; 91 struct qat_sym_cd cd; 92 uint8_t *cd_cur_ptr; 93 phys_addr_t cd_paddr; 94 struct icp_qat_fw_la_bulk_req fw_req; 95 uint8_t aad_len; 96 struct qat_crypto_instance *inst; 97 struct { 98 uint16_t offset; 99 uint16_t length; 100 } cipher_iv; 101 struct { 102 uint16_t offset; 103 uint16_t length; 104 } auth_iv; 105 uint16_t auth_key_length; 106 uint16_t digest_length; 107 rte_spinlock_t lock; /* protects this struct */ 108 uint16_t dev_id; 109 uint8_t aes_cmac; 110 uint8_t is_single_pass; 111 uint8_t is_single_pass_gmac; 112 uint8_t is_ucs; 113 uint8_t is_iv12B; 114 uint8_t is_gmac; 115 uint8_t is_auth; 116 uint8_t is_cnt_zero; 117 /* Some generations need different setup of counter */ 118 uint32_t slice_types; 119 enum qat_sym_proto_flag qat_proto_flag; 120 qat_sym_build_request_t build_request[2]; 121 }; 122 123 int 124 qat_sym_session_configure(struct rte_cryptodev *dev, 125 struct rte_crypto_sym_xform *xform, 126 struct rte_cryptodev_sym_session *sess, 127 struct rte_mempool *mempool); 128 129 int 130 qat_sym_session_set_parameters(struct rte_cryptodev *dev, 131 struct rte_crypto_sym_xform *xform, void *session_private); 132 133 int 134 qat_sym_session_configure_aead(struct rte_cryptodev *dev, 135 struct rte_crypto_sym_xform *xform, 136 struct qat_sym_session *session); 137 138 int 139 qat_sym_session_configure_cipher(struct rte_cryptodev *dev, 140 struct rte_crypto_sym_xform *xform, 141 struct qat_sym_session *session); 142 143 int 144 qat_sym_session_configure_auth(struct rte_cryptodev *dev, 145 struct rte_crypto_sym_xform *xform, 146 struct qat_sym_session *session); 147 148 void 149 qat_sym_session_clear(struct rte_cryptodev *dev, 150 struct rte_cryptodev_sym_session *session); 151 152 unsigned int 153 qat_sym_session_get_private_size(struct rte_cryptodev *dev); 154 155 void 156 qat_sym_sesssion_init_common_hdr(struct qat_sym_session *session, 157 struct icp_qat_fw_comn_req_hdr *header, 158 enum qat_sym_proto_flag proto_flags); 159 int 160 qat_sym_validate_aes_key(int key_len, enum icp_qat_hw_cipher_algo *alg); 161 int 162 qat_sym_validate_aes_docsisbpi_key(int key_len, 163 enum icp_qat_hw_cipher_algo *alg); 164 int 165 qat_sym_validate_snow3g_key(int key_len, enum icp_qat_hw_cipher_algo *alg); 166 int 167 qat_sym_validate_kasumi_key(int key_len, enum icp_qat_hw_cipher_algo *alg); 168 int 169 qat_sym_validate_3des_key(int key_len, enum icp_qat_hw_cipher_algo *alg); 170 int 171 qat_sym_validate_des_key(int key_len, enum icp_qat_hw_cipher_algo *alg); 172 int 173 qat_cipher_get_block_size(enum icp_qat_hw_cipher_algo qat_cipher_alg); 174 int 175 qat_sym_validate_zuc_key(int key_len, enum icp_qat_hw_cipher_algo *alg); 176 177 #ifdef RTE_LIB_SECURITY 178 int 179 qat_security_session_create(void *dev, struct rte_security_session_conf *conf, 180 struct rte_security_session *sess, struct rte_mempool *mempool); 181 int 182 qat_security_session_destroy(void *dev, struct rte_security_session *sess); 183 #endif 184 185 #endif /* _QAT_SYM_SESSION_H_ */ 186