summaryrefslogtreecommitdiffstats
path: root/src/plugins/crypto_native
AgeCommit message (Collapse)AuthorFilesLines
2023-03-23vppinfra: AES-CBC and AES-GCM refactor and optimizationsDamjan Marion4-2450/+72
- crypto code moved to vppinfra for better testing and reuse - added 256-bit VAES support (Intel Client CPUs) - added AES_GMAC functions Change-Id: I960c8e14ca0a0126703e8f1589d86f32e2a98361 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-03-15crypto-native: 256-bit AES CBC supportDamjan Marion7-86/+353
Used on intel client CPUs which suppport VAES instruction set without AVX512 Type: improvement Change-Id: I5f816a1ea9f89a8d298d2c0f38d8d7c06f414ba0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-03-14crypto-native: avoid crash on 12th and 13th gen Intel client CPUsDamjan Marion1-2/+4
Those CPUs are announcing VAES capability but they don't support AVX512. Type: fix Fixes: 73a60b2 Change-Id: I7b4be95e91bb6f367cd71461f1126690f3ecd988 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-03-06crypto: remove VNET_CRYPTO_OP_FLAG_INIT_IV flagBenoît Ganne3-56/+6
IV requirements vary wildly with the selected mode of operation. For example, for AES-CBC the IV must be unpredictable whereas for AES counter mode (CTR or GCM), it can be predictable but reusing an IV with the same key material is catastrophic. Because of that, it is hard to generate IV in a generic way, and it is better left to the crypto user (eg. IPsec). Type: improvement Change-Id: I32689c591d8c6572b8d37c4d24f175ea6132d3ec Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-03-28crypto-native: avoid overflow load on dataDamjan Marion1-1/+4
Type: improvement Change-Id: I5317afa02fa1525a7d8df595b56eb6546ccded57 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-25crypto-native: avoid mem overflow when loading IVDamjan Marion1-11/+13
Type: improvement Change-Id: I946d91e67c332ecac0b09d50980529b9d4e74f9c Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-24crypto-native: fix index in VAES aes-cbc encryptBenoît Ganne1-3/+3
Type: fix Change-Id: Id7ae0d4c53cbca3785964f0bef92e9cd589d4ce9 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-03-23crypto-native: fix dst index typo in VAESBenoît Ganne1-1/+1
Type: fix Change-Id: Ib025d8c1bc9bd651b6448d6a41fd1efa6f0b7362 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-02-10vppinfra:remove uXxY_is_greaterDamjan Marion1-2/+2
not needed, '>' works... Type: improvement Change-Id: I9bfbac787e8dca24e9b1bceda0922740eed26346 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-12-14crypto-native: fix build error on Arm using clang-13Jieqiang Wang1-2/+2
Building VPP on Arm using clang-13 as compiler will fail with following error message. The root cause is the unmatched alignment of parameter key for functions aes128_key_expand/aes256_key_expand on aarch64. Fix this error by explicitly declaring parameter key as type u8x16u. [285/2593] ccache /home/snowball/tasks/benchmark_compilers/clang_13/bin/clang-13 --target=aarch64-linux-gnu -D_FORTIFY_SOURCE=2 -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src -ICMakeFiles -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins -ICMakeFiles/plugins -fPIC -g -fPIC -Werror -Wall -Wno-address-of-packed-member -O3 -fstack-protector -fno-common -march=armv8.1-a+crc+crypto -MD -MT CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -MF CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o.d -o CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -c /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c FAILED: CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o ccache /home/snowball/tasks/benchmark_compilers/clang_13/bin/clang-13 --target=aarch64-linux-gnu -D_FORTIFY_SOURCE=2 -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src -ICMakeFiles -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins -ICMakeFiles/plugins -fPIC -g -fPIC -Werror -Wall -Wno-address-of-packed-member -O3 -fstack-protector -fno-common -march=armv8.1-a+crc+crypto -MD -MT CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -MF CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o.d -o CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -c /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c In file included from /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c:22: /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes.h:415:40: error: passing 1-byte aligned argument to 16-byte aligned parameter 2 of 'aes128_key_expand' may result in an unaligned pointer access [-Werror,-Walign-mismatch] aes128_key_expand (key_schedule, (u8x16u const *) key); ^ /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes.h:421:40: error: passing 1-byte aligned argument to 16-byte aligned parameter 2 of 'aes256_key_expand' may result in an unaligned pointer access [-Werror,-Walign-mismatch] aes256_key_expand (key_schedule, (u8x16u const *) key); ^ 2 errors generated. Type: fix Fixes: 415b4b0bb ("crypto-native: refactor GCM code to use generic types") Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Reviewed-by: Tianyu Li <tianyu.li@arm.com> Change-Id: Ic99a63526031e60760929238922a6e4547388368
2021-11-07crypto-native: fix uninitialized variableGabriel Oginski1-1/+1
Type: fix Fixed coverity-issue CID 208547. Originally using uninitialized value when calling one function. This patch fixes the problem by initializing value for one variable. Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Iccfae1e825b4ca4d95a6f724d9b5c51c5addd1b2
2021-11-02build: clang-13 supportDamjan Marion2-2/+2
Type: make Change-Id: I20770650d7e0475ee7791da4d5df941792bf7741 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-11docs: nitfixes in FEATURE.yamlNathan Skrzypczak1-1/+1
Type: improvement Change-Id: Iec585880085b12b08594a0640822cd831455d594 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-07vppinfra: asan: improve overflow semanticBenoît Ganne1-1/+1
Type: improvement Change-Id: Ia63899b82e34f179f9efa921e4630b598f2a86cb Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-05-19build: fix crypto_native compile flags checkDamjan Marion1-2/+2
Type: fix Change-Id: I338036a3cac74fd5f9772bcf7685ee6970653ddb Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-11-13crypto-native: fix multi-arch variant initializationRay Kinsella1-4/+0
crypto_native/main.h is being built as default, and crypto_native_main is initialized with a size of 64 bytes. crypto_native/aes_gcm.c and crypto_native/aes_cbc.c are march variants, their ICL variants are expecting crypto_native_main to be 256 bytes. Type: fix Signed-off-by: Georgii Tkachuk <georgii.tkachuk@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I4cddb75b712ea83c9cfca621887605d7bae104ec
2020-09-15crypto-native: fix issues detected by coiverityDamjan Marion2-3/+11
Type: fix Change-Id: Id61aa407eeeb4d44cf47ed39283a0c79ed3abbee Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-08-06misc: harmonize namesDave Barach1-8/+8
Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ibad744788e200ce012ad88ff59c2c34920742454
2020-07-21crypto: bails out early for unsupported key typeBenoît Ganne1-4/+4
Do not access data structures based on uninitialized key->alg. Type: fix Fixes: f539578bac8b64886b57c460c9d74273e6613f8b Change-Id: I6bfb7e7a51af2c131b8bdf3bca6a38fcf1094760 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-05-11crypto-native: properly deal with broken or outdated toolchainsDamjan Marion5-42/+54
Avoids crash due to missing symbol, when build system detects toolchain which is not able to produce binaries for all targets we need.... Type: fix Change-Id: I77ee63cb8dca3c9e4e83a6235c60f1439a472444 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-04-30crypto: introduce async crypto infraFan Zhang1-0/+4
Type: feature Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Signed-off-by: Dariusz Kazimierski <dariuszx.kazimierski@intel.com> Signed-off-by: Piotr Kleski <piotrx.kleski@intel.com> Change-Id: I4c3fcccf55c36842b7b48aed260fef2802b5c54b
2020-04-29misc: switch to clang-9Damjan Marion1-3/+3
Type: improvement Change-Id: Iebf77a63c0c19b130a3fbd26b5293304a9fed4c1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-03-06crypto: align per thread data to cache lineFilip Tehlar1-0/+1
Type: improvement Change-Id: I6bad46403c07b211dfda7229aed1b5e19342865f Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-25crypto-native: GCM implementation with vector AESNI instructionsDamjan Marion1-4/+479
Introduced on intel IceLake uarch. Type: feature Change-Id: I1514c76c34e53ce0577666caf32a50f95eb6548f Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24crypto-native: introduce aes_gcm_flags_tDamjan Marion1-84/+107
Type: refactor Change-Id: I53b4a9c0b63e6e6c6a13c33c5baa4c3de562584b Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24crypto-native: introduce counter structDamjan Marion1-44/+51
Type: refactor Change-Id: I9ecc18ba3ec5f11622ea225690fb1dc262ea6fc1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24crypto-native: inverse Hi so it naturally fits into 512-bit registerDamjan Marion2-30/+34
Type: refactor Change-Id: I0c6ca9356af179abd0a414b356dea7e3a3eb0dd6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24crypto-native: replace aesni with aesDamjan Marion1-137/+134
This code also works on ARM so let's not use intel term.... Type: refactor Change-Id: Ie51d4359a83f2bf7a61c4861d486b7d009fc8057 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24crypto-native: do not overwrite data after partial tagDamjan Marion1-1/+1
Type: fix Change-Id: I01de5f8813faff5406ccf67c21c42393c8648af6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-17crypto-native: calculate ghash using vpclmulqdq instructionsDamjan Marion1-0/+126
vpclmulqdq is introduced on intel icelake architecture and allows computing 4 carry-less multiplications in paralled by using 512-bit SIMD registers Type: feature Change-Id: Idb09d6f51ba6f116bba11649b2d99f649356d449 Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
2020-02-14crypto-native: refactor CBC codeDamjan Marion4-606/+440
Type: refactor Change-Id: I61e25942de318d03fb3d75689259709d687479bc Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-13vppinfra: add 128-bit and 512-bit a ^ b ^ c shortcutDamjan Marion1-18/+6
This allows us to combine 2 XOR operations into signle instruction which makes difference in crypto op: - in x86, by using ternary logic instruction - on ARM, by using EOR3 instruction (available with sha3 feature) Type: refactor Change-Id: Ibdf9001840399d2f838d491ca81b57cbd8430433 Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
2020-02-13crypto-native: add AArch64 AES-GCM native implementationDamjan Marion5-55/+60
Type: feature Change-Id: I4f96b0af13b875d491704b010328a1814e1dbda1 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-13crypto-native: add AArch64 ghash supportDamjan Marion1-1/+23
Type: improvement Change-Id: I1f204685ea9374389fc24fc53184ce06806beed3 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12crypto-native: fix ghash function namingDamjan Marion1-6/+6
Type: refactor Change-Id: I1d594af6d7c0d065d5c2decc5b22d549189b1882 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12crypto-native: use and instead of blendDamjan Marion1-4/+1
Faster and more portable... Type: improvement Change-Id: I915f8d3c45d1ba76ddfdbfac98482b04c98d148b Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12crypto-native: add missing static_always_inlineDamjan Marion1-6/+6
Type: improvement Change-Id: Ibfa756f5f489882bc2ac658ae4d238e98da73875 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12crypto-native: refactor GCM code to use generic typesDamjan Marion3-291/+325
Type: refactor Change-Id: I76733a9ed362ec60badd22c0fbc2a9c5749da88d Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-11crypto-native: fix ARM compilatiion flagsDamjan Marion1-1/+1
Type: fix Change-Id: I3b39c17d9cfadc1d383d9c4dba9029ea279d09d7 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-01-31crypto-native: add ARMv8 AES-CBC implementationDamjan Marion7-367/+756
Type: feature Change-Id: I32256061b9509880eec843db2f918879cdafbe47 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-01-30crypto-native: refactor AES codeDamjan Marion4-166/+169
- use neutral types in preparation for ARMv8 support - simplify x86 key extraction support Type: refactor Change-Id: I947eb37b8c9d9ee6909bb32ef14c4de192d40a46 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-01-30crypto-native: don't expand aes-cbc keys twiceDamjan Marion2-11/+7
Type: refactor Change-Id: If0d9ec70f9e8c228c39505864a4a73bf94b67479 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-01-28crypto-native: rename crypto_ia32 to crypto_nativeDamjan Marion8-0/+1993
Type: refactor Change-Id: I9f21b3bf669ff913ff50afe5459cf52ff987e701 Signed-off-by: Damjan Marion <damarion@cisco.com>