crypto/aesni_mb: support plain SHA

This patch adds the plain SHA1, SHA224, SHA256, SHA384, and SHA512
algorithms support to AESNI-MB PMD. The cryptodev unit test and
documentation are updated accordingly.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Signed-off-by: Lukasz Krakowiak <lukaszx.krakowiak@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

doc/guides/cryptodevs/aesni_mb.rst

@@ -41,6 +41,11 @@ Hash algorithms:
 * RTE_CRYPTO_HASH_AES_XCBC_HMAC
 * RTE_CRYPTO_HASH_AES_CMAC
 * RTE_CRYPTO_HASH_AES_GMAC
+* RTE_CRYPTO_HASH_SHA1
+* RTE_CRYPTO_HASH_SHA224
+* RTE_CRYPTO_HASH_SHA256
+* RTE_CRYPTO_HASH_SHA384
+* RTE_CRYPTO_HASH_SHA512
 
 AEAD algorithms:
 
@@ -55,6 +60,7 @@ Limitations
 * RTE_CRYPTO_AEAD_AES_GCM only works properly when the multi-buffer library is
   0.51.0 or newer.
 * RTE_CRYPTO_HASH_AES_GMAC is supported by library version v0.51 or later.
+* RTE_CRYPTO_HASH_SHA* is supported by library version v0.52 or later.
 
 
 Installation

doc/guides/rel_notes/release_19_02.rst

@@ -104,6 +104,7 @@ New Features
 
   * Add support for intel-ipsec-mb version 0.52.
   * Add AES-GMAC algorithm support.
+  * Add Plain SHA1, SHA224, SHA256, SHA384, and SHA512 algorithms support.
 
 * **Enabled checksum support in the ISA-L compressdev driver.**
 

drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c

@@ -107,6 +107,7 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 	hash_one_block_t hash_oneblock_fn;
 	unsigned int key_larger_block_size = 0;
 	uint8_t hashed_key[HMAC_MAX_BLOCK_SIZE] = { 0 };
+	uint32_t auth_precompute = 1;
 
 	if (xform == NULL) {
 		sess->auth.algo = NULL_HASH;
@@ -237,6 +238,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 			key_larger_block_size = 1;
 		}
 		break;
+	case RTE_CRYPTO_AUTH_SHA1:
+		sess->auth.algo = PLAIN_SHA1;
+		auth_precompute = 0;
+		break;
 	case RTE_CRYPTO_AUTH_SHA224_HMAC:
 		sess->auth.algo = SHA_224;
 		hash_oneblock_fn = mb_mgr->sha224_one_block;
@@ -248,6 +253,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 			key_larger_block_size = 1;
 		}
 		break;
+	case RTE_CRYPTO_AUTH_SHA224:
+		sess->auth.algo = PLAIN_SHA_224;
+		auth_precompute = 0;
+		break;
 	case RTE_CRYPTO_AUTH_SHA256_HMAC:
 		sess->auth.algo = SHA_256;
 		hash_oneblock_fn = mb_mgr->sha256_one_block;
@@ -259,6 +268,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 			key_larger_block_size = 1;
 		}
 		break;
+	case RTE_CRYPTO_AUTH_SHA256:
+		sess->auth.algo = PLAIN_SHA_256;
+		auth_precompute = 0;
+		break;
 	case RTE_CRYPTO_AUTH_SHA384_HMAC:
 		sess->auth.algo = SHA_384;
 		hash_oneblock_fn = mb_mgr->sha384_one_block;
@@ -270,6 +283,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 			key_larger_block_size = 1;
 		}
 		break;
+	case RTE_CRYPTO_AUTH_SHA384:
+		sess->auth.algo = PLAIN_SHA_384;
+		auth_precompute = 0;
+		break;
 	case RTE_CRYPTO_AUTH_SHA512_HMAC:
 		sess->auth.algo = SHA_512;
 		hash_oneblock_fn = mb_mgr->sha512_one_block;
@@ -281,6 +298,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 			key_larger_block_size = 1;
 		}
 		break;
+	case RTE_CRYPTO_AUTH_SHA512:
+		sess->auth.algo = PLAIN_SHA_512;
+		auth_precompute = 0;
+		break;
 	default:
 		AESNI_MB_LOG(ERR, "Unsupported authentication algorithm selection");
 		return -ENOTSUP;
@@ -302,6 +323,10 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 	else
 		sess->auth.gen_digest_len = sess->auth.req_digest_len;
 
+	/* Plain SHA does not require precompute key */
+	if (auth_precompute == 0)
+		return 0;
+
 	/* Calculate Authentication precomputes */
 	if (key_larger_block_size) {
 		calculate_auth_precomputes(hash_oneblock_fn,

drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c

@@ -54,6 +54,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA1 */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA1,
+				.block_size = 64,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 20,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
 	{	/* SHA224 HMAC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
@@ -75,6 +96,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA224 */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA224,
+				.block_size = 64,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 28,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
 	{	/* SHA256 HMAC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
@@ -96,6 +138,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA256 */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA256,
+				.block_size = 64,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 32,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
 	{	/* SHA384 HMAC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
@@ -117,6 +180,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA384 */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA384,
+				.block_size = 128,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 48,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
 	{	/* SHA512 HMAC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
@@ -138,6 +222,27 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* SHA512  */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_SHA512,
+				.block_size = 128,
+				.key_size = {
+					.min = 0,
+					.max = 0,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 1,
+					.max = 64,
+					.increment = 1
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
 	{	/* AES XCBC HMAC */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {

drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h

@@ -109,6 +109,13 @@ static const unsigned auth_digest_byte_lengths[] = {
 		[AES_CMAC]	= 16,
 		[AES_GMAC]	= 12,
 		[NULL_HASH]	= 0,
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+		[PLAIN_SHA1]	= 20,
+		[PLAIN_SHA_224]	= 28,
+		[PLAIN_SHA_256]	= 32,
+		[PLAIN_SHA_384]	= 48,
+		[PLAIN_SHA_512]	= 64
+#endif
 	/**< Vector mode dependent pointer table of the multi-buffer APIs */
 
 };

test/test/test_cryptodev_hash_test_vectors.h

@@ -96,7 +96,8 @@ sha1_test_vector = {
 			0x35, 0x62, 0xFB, 0xFA, 0x93, 0xFD, 0x7D, 0x70,
 			0xA6, 0x7D, 0x45, 0xCA
 		},
-		.len = 20
+		.len = 20,
+		.truncated_len = 20
 	}
 };
 
@@ -140,7 +141,8 @@ sha224_test_vector = {
 			0x39, 0x26, 0xDF, 0xB5, 0x78, 0x62, 0xB2, 0x6E,
 			0x5E, 0x8F, 0x25, 0x84
 		},
-		.len = 28
+		.len = 28,
+		.truncated_len = 28
 	}
 };
 
@@ -186,7 +188,8 @@ sha256_test_vector = {
 			0x1F, 0xC7, 0x84, 0xEE, 0x76, 0xA6, 0x39, 0x15,
 			0x76, 0x2F, 0x87, 0xF9, 0x01, 0x06, 0xF3, 0xB7
 		},
-		.len = 32
+		.len = 32,
+		.truncated_len = 32
 	}
 };
 
@@ -234,7 +237,8 @@ sha384_test_vector = {
 			0xAD, 0x41, 0xAB, 0x15, 0xB0, 0x03, 0x15, 0xEC,
 			0x9E, 0x3D, 0xED, 0xCB, 0x80, 0x7B, 0xF4, 0xB6
 		},
-		.len = 48
+		.len = 48,
+		.truncated_len = 48
 	}
 };
 
@@ -288,7 +292,8 @@ sha512_test_vector = {
 			0x64, 0x4E, 0x15, 0x68, 0x12, 0x67, 0x26, 0x0F,
 			0x2C, 0x3C, 0x83, 0x25, 0x27, 0x86, 0xF0, 0xDB
 		},
-		.len = 64
+		.len = 64,
+		.truncated_len = 64
 	}
 };
 
@@ -428,6 +433,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -437,6 +445,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -496,6 +507,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -505,6 +519,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -542,6 +559,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -551,6 +571,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -590,6 +613,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -599,6 +625,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -638,6 +667,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{
@@ -647,6 +679,9 @@ static const struct blockcipher_test_case hash_test_cases[] = {
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
 			    BLOCKCIPHER_TEST_TARGET_PMD_CCP |
 			    BLOCKCIPHER_TEST_TARGET_PMD_MVSAM |
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 52, 0)
+			    BLOCKCIPHER_TEST_TARGET_PMD_MB |
+#endif
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
 	},
 	{