From 4634d02501235d3803a17839eeaf076110abcb18 Mon Sep 17 00:00:00 2001 From: Gabriel Oginski Date: Thu, 25 Nov 2021 08:21:41 +0000 Subject: dpdk-cryptodev: add support chacha20-poly1305 Originally cryptodev doesn't support chacha20-poly1305 with aad length 0. This patch add support in cryptodev for chacha20-poly1305 with aad length 0. This length is using in Wireguard. Type: improvement Signed-off-by: Gabriel Oginski Change-Id: I0608920bb557d7d071e7f9f37c80cf50bad81dcc --- src/plugins/dpdk/cryptodev/cryptodev.c | 15 +++++++++++---- src/plugins/dpdk/cryptodev/cryptodev.h | 5 ++++- src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c | 14 ++++++++++++++ src/plugins/dpdk/cryptodev/cryptodev_raw_data_path.c | 16 +++++++++++++++- 4 files changed, 44 insertions(+), 6 deletions(-) diff --git a/src/plugins/dpdk/cryptodev/cryptodev.c b/src/plugins/dpdk/cryptodev/cryptodev.c index f9e986f9867..c2b8a080599 100644 --- a/src/plugins/dpdk/cryptodev/cryptodev.c +++ b/src/plugins/dpdk/cryptodev/cryptodev.c @@ -51,12 +51,19 @@ prepare_aead_xform (struct rte_crypto_sym_xform *xform, xform->type = RTE_CRYPTO_SYM_XFORM_AEAD; xform->next = 0; - if (key->alg != VNET_CRYPTO_ALG_AES_128_GCM && - key->alg != VNET_CRYPTO_ALG_AES_192_GCM && - key->alg != VNET_CRYPTO_ALG_AES_256_GCM) + if (key->alg == VNET_CRYPTO_ALG_AES_128_GCM || + key->alg == VNET_CRYPTO_ALG_AES_192_GCM || + key->alg == VNET_CRYPTO_ALG_AES_256_GCM) + { + aead_xform->algo = RTE_CRYPTO_AEAD_AES_GCM; + } + else if (key->alg == VNET_CRYPTO_ALG_CHACHA20_POLY1305) + { + aead_xform->algo = RTE_CRYPTO_AEAD_CHACHA20_POLY1305; + } + else return -1; - aead_xform->algo = RTE_CRYPTO_AEAD_AES_GCM; aead_xform->op = (op_type == CRYPTODEV_OP_TYPE_ENCRYPT) ? RTE_CRYPTO_AEAD_OP_ENCRYPT : RTE_CRYPTO_AEAD_OP_DECRYPT; aead_xform->aad_length = aad_len; diff --git a/src/plugins/dpdk/cryptodev/cryptodev.h b/src/plugins/dpdk/cryptodev/cryptodev.h index af1ccf5b017..53a0462ea43 100644 --- a/src/plugins/dpdk/cryptodev/cryptodev.h +++ b/src/plugins/dpdk/cryptodev/cryptodev.h @@ -43,7 +43,10 @@ _ (AES_192_GCM, AEAD, AES_GCM, 12, 16, 8, 24) \ _ (AES_192_GCM, AEAD, AES_GCM, 12, 16, 12, 24) \ _ (AES_256_GCM, AEAD, AES_GCM, 12, 16, 8, 32) \ - _ (AES_256_GCM, AEAD, AES_GCM, 12, 16, 12, 32) + _ (AES_256_GCM, AEAD, AES_GCM, 12, 16, 12, 32) \ + _ (CHACHA20_POLY1305, AEAD, CHACHA20_POLY1305, 12, 16, 0, 32) \ + _ (CHACHA20_POLY1305, AEAD, CHACHA20_POLY1305, 12, 16, 8, 32) \ + _ (CHACHA20_POLY1305, AEAD, CHACHA20_POLY1305, 12, 16, 12, 32) /** * crypto (alg, cryptodev_alg, key_size), hash (alg, digest-size) diff --git a/src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c b/src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c index 47cc15aaaff..55be79c5dc5 100644 --- a/src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c +++ b/src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c @@ -458,6 +458,13 @@ cryptodev_frame_dequeue (vlib_main_t *vm, u32 *nb_elts_processed, return frame; } +static_always_inline int +cryptodev_enqueue_aead_aad_0_enc (vlib_main_t *vm, + vnet_crypto_async_frame_t *frame) +{ + return cryptodev_frame_aead_enqueue (vm, frame, CRYPTODEV_OP_TYPE_ENCRYPT, + 0); +} static_always_inline int cryptodev_enqueue_aead_aad_8_enc (vlib_main_t *vm, vnet_crypto_async_frame_t *frame) @@ -473,6 +480,13 @@ cryptodev_enqueue_aead_aad_12_enc (vlib_main_t *vm, 12); } +static_always_inline int +cryptodev_enqueue_aead_aad_0_dec (vlib_main_t *vm, + vnet_crypto_async_frame_t *frame) +{ + return cryptodev_frame_aead_enqueue (vm, frame, CRYPTODEV_OP_TYPE_DECRYPT, + 0); +} static_always_inline int cryptodev_enqueue_aead_aad_8_dec (vlib_main_t *vm, vnet_crypto_async_frame_t *frame) diff --git a/src/plugins/dpdk/cryptodev/cryptodev_raw_data_path.c b/src/plugins/dpdk/cryptodev/cryptodev_raw_data_path.c index a7743133247..c096e34fba4 100644 --- a/src/plugins/dpdk/cryptodev/cryptodev_raw_data_path.c +++ b/src/plugins/dpdk/cryptodev/cryptodev_raw_data_path.c @@ -349,7 +349,7 @@ cryptodev_raw_aead_enqueue (vlib_main_t *vm, vnet_crypto_async_frame_t *frame, if (aad_len == 8) *(u64 *) (cet->aad_buf + aad_offset) = *(u64 *) fe->aad; - else + else if (aad_len != 0) { /* aad_len == 12 */ *(u64 *) (cet->aad_buf + aad_offset) = *(u64 *) fe->aad; @@ -591,6 +591,13 @@ end_deq: return frame_ret; } +static_always_inline int +cryptodev_raw_enq_aead_aad_0_enc (vlib_main_t *vm, + vnet_crypto_async_frame_t *frame) +{ + return cryptodev_raw_aead_enqueue (vm, frame, CRYPTODEV_OP_TYPE_ENCRYPT, 0); +} + static_always_inline int cryptodev_raw_enq_aead_aad_8_enc (vlib_main_t *vm, vnet_crypto_async_frame_t *frame) @@ -604,6 +611,13 @@ cryptodev_raw_enq_aead_aad_12_enc (vlib_main_t *vm, return cryptodev_raw_aead_enqueue (vm, frame, CRYPTODEV_OP_TYPE_ENCRYPT, 12); } +static_always_inline int +cryptodev_raw_enq_aead_aad_0_dec (vlib_main_t *vm, + vnet_crypto_async_frame_t *frame) +{ + return cryptodev_raw_aead_enqueue (vm, frame, CRYPTODEV_OP_TYPE_DECRYPT, 0); +} + static_always_inline int cryptodev_raw_enq_aead_aad_8_dec (vlib_main_t *vm, vnet_crypto_async_frame_t *frame) -- cgit 1.2.3-korg