crypto/octeontx2: support ChaCha20-Poly1305

Add ChaCha20-Poly1305 AEAD algorithm support in crypto_octeontx2 PMD

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>

doc/guides/cryptodevs/features/octeontx2.ini

@@ -60,9 +60,10 @@ ZUC EIA3     = Y
 ; Supported AEAD algorithms of 'octeontx2' crypto driver.
 ;
 [AEAD]
-AES GCM (128) = Y
-AES GCM (192) = Y
-AES GCM (256) = Y
+AES GCM (128)     = Y
+AES GCM (192)     = Y
+AES GCM (256)     = Y
+CHACHA20-POLY1305 = Y
 
 ;
 ; Supported Asymmetric algorithms of the 'octeontx2' crypto driver.

doc/guides/cryptodevs/octeontx2.rst

@@ -55,6 +55,7 @@ Hash algorithms:
 AEAD algorithms:
 
 * ``RTE_CRYPTO_AEAD_AES_GCM``
+* ``RTE_CRYPTO_AEAD_CHACHA20_POLY1305``
 
 Asymmetric Crypto Algorithms
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

doc/guides/rel_notes/release_20_08.rst

@@ -131,6 +131,10 @@ New Features
   * Added support for lookaside protocol offload for DOCSIS through the
     ``rte_security`` API.
 
+* **Updated the OCTEON TX2 crypto PMD.**
+
+  Added Chacha20-Poly1305 AEAD algorithm support in OCTEON TX2 crypto PMD.
+
 * **Added support for BPF_ABS/BPF_IND load instructions.**
 
   Added support for two BPF non-generic instructions:

drivers/common/cpt/cpt_mcode_defines.h

@@ -106,7 +106,7 @@ typedef enum {
 	SHA2_SHA384     = 5,
 	SHA2_SHA512     = 6,
 	GMAC_TYPE       = 7,
-	XCBC_TYPE       = 8,
+	POLY1305        = 8,
 	SHA3_SHA224     = 10,
 	SHA3_SHA256     = 11,
 	SHA3_SHA384     = 12,
@@ -136,6 +136,7 @@ typedef enum {
 	AES_CTR     = 0x6,
 	AES_GCM     = 0x7,
 	AES_XTS     = 0x8,
+	CHACHA20    = 0x9,
 
 	/* These are only for software use */
 	ZUC_EEA3        = 0x90,
@@ -241,6 +242,8 @@ struct cpt_sess_misc {
 	uint16_t aes_gcm:1;
 	/** Flag for AES CTR */
 	uint16_t aes_ctr:1;
+	/** Flag for CHACHA POLY */
+	uint16_t chacha_poly:1;
 	/** Flag for NULL cipher/auth */
 	uint16_t is_null:1;
 	/** Flag for GMAC */

drivers/common/cpt/cpt_ucode.h

@@ -77,6 +77,9 @@ cpt_fc_ciph_set_type(cipher_type_t type, struct cpt_ctx *ctx, uint16_t key_len)
 			return -1;
 		fc_type = FC_GEN;
 		break;
+	case CHACHA20:
+		fc_type = FC_GEN;
+		break;
 	case AES_XTS:
 		key_len = key_len / 2;
 		if (unlikely(key_len == CPT_BYTE_24)) {
@@ -229,6 +232,7 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key,
 	case AES_ECB:
 	case AES_CFB:
 	case AES_CTR:
+	case CHACHA20:
 		cpt_fc_ciph_set_key_set_aes_key_type(fctx, key_len);
 		break;
 	case AES_GCM:
@@ -2539,16 +2543,14 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform,
 	aead_form = &xform->aead;
 	void *ctx = SESS_PRIV(sess);
 
-	if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT &&
-	   aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) {
+	if (aead_form->op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {
 		sess->cpt_op |= CPT_OP_CIPHER_ENCRYPT;
 		sess->cpt_op |= CPT_OP_AUTH_GENERATE;
-	} else if (aead_form->op == RTE_CRYPTO_AEAD_OP_DECRYPT &&
-		aead_form->algo == RTE_CRYPTO_AEAD_AES_GCM) {
+	} else if (aead_form->op == RTE_CRYPTO_AEAD_OP_DECRYPT) {
 		sess->cpt_op |= CPT_OP_CIPHER_DECRYPT;
 		sess->cpt_op |= CPT_OP_AUTH_VERIFY;
 	} else {
-		CPT_LOG_DP_ERR("Unknown cipher operation\n");
+		CPT_LOG_DP_ERR("Unknown aead operation\n");
 		return -1;
 	}
 	switch (aead_form->algo) {
@@ -2561,6 +2563,12 @@ fill_sess_aead(struct rte_crypto_sym_xform *xform,
 		CPT_LOG_DP_ERR("Crypto: Unsupported cipher algo %u",
 			       aead_form->algo);
 		return -1;
+	case RTE_CRYPTO_AEAD_CHACHA20_POLY1305:
+		enc_type = CHACHA20;
+		auth_type = POLY1305;
+		cipher_key_len = 32;
+		sess->chacha_poly = 1;
+		break;
 	default:
 		CPT_LOG_DP_ERR("Crypto: Undefined cipher algo %u specified",
 			       aead_form->algo);
@@ -3063,7 +3071,7 @@ fill_fc_params(struct rte_crypto_op *cop,
 	m_src = sym_op->m_src;
 	m_dst = sym_op->m_dst;
 
-	if (sess_misc->aes_gcm) {
+	if (sess_misc->aes_gcm || sess_misc->chacha_poly) {
 		uint8_t *salt;
 		uint8_t *aad_data;
 		uint16_t aad_len;

drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c

@@ -328,6 +328,39 @@ static const struct rte_cryptodev_capabilities caps_sha1_sha2[] = {
 	},
 };
 
+static const struct rte_cryptodev_capabilities caps_chacha20[] = {
+	{	/* Chacha20-Poly1305 */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AEAD,
+			{.aead = {
+				.algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
+				.block_size = 64,
+				.key_size = {
+					.min = 32,
+					.max = 32,
+					.increment = 0
+				},
+				.digest_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				},
+				.aad_size = {
+					.min = 0,
+					.max = 1024,
+					.increment = 1
+				},
+				.iv_size = {
+					.min = 12,
+					.max = 12,
+					.increment = 0
+				},
+			}, }
+		}, }
+	}
+};
+
 static const struct rte_cryptodev_capabilities caps_zuc_snow3g[] = {
 	{	/* SNOW 3G (UEA2) */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
@@ -710,6 +743,7 @@ otx2_cpt_capabilities_get(union cpt_eng_caps *hw_caps)
 
 	CPT_CAPS_ADD(hw_caps, mul);
 	CPT_CAPS_ADD(hw_caps, sha1_sha2);
+	CPT_CAPS_ADD(hw_caps, chacha20);
 	CPT_CAPS_ADD(hw_caps, zuc_snow3g);
 	CPT_CAPS_ADD(hw_caps, aes);
 	CPT_CAPS_ADD(hw_caps, kasumi);

drivers/crypto/octeontx2/otx2_cryptodev_ops.c

@@ -398,9 +398,10 @@ sym_session_configure(int driver_id, struct rte_crypto_sym_xform *xform,
 
 	/*
 	 * IE engines support IPsec operations
-	 * SE engines support IPsec operations and Air-Crypto operations
+	 * SE engines support IPsec operations, Chacha-Poly and
+	 * Air-Crypto operations
 	 */
-	if (misc->zsk_flag)
+	if (misc->zsk_flag || misc->chacha_poly)
 		misc->egrp = OTX2_CPT_EGRP_SE;
 	else
 		misc->egrp = OTX2_CPT_EGRP_SE_IE;