diff options
author | xiaomuwuye <renrongwei@chinamobile.com> | 2018-10-26 15:04:09 +0800 |
---|---|---|
committer | xiaomuwuye <renrongwei@chinamobile.com> | 2018-10-26 15:04:09 +0800 |
commit | fc1b7908a77b5cce763f92b3d314057345f3ab7a (patch) | |
tree | 3154efdad680464e683d770b0c2fc17dc70834b0 /AAL/qat/libcrypto.h | |
parent | 30fdbc9150d5f3ffdc633ae581baeb44acaea256 (diff) |
upload AAL seed code
Change-Id: I96142622365ad964607b75c974011b85513e7d0f
Signed-off-by: xiaomuwuye <renrongwei@chinamobile.com>
Diffstat (limited to 'AAL/qat/libcrypto.h')
-rw-r--r-- | AAL/qat/libcrypto.h | 288 |
1 files changed, 288 insertions, 0 deletions
diff --git a/AAL/qat/libcrypto.h b/AAL/qat/libcrypto.h new file mode 100644 index 0000000..624e8c4 --- /dev/null +++ b/AAL/qat/libcrypto.h @@ -0,0 +1,288 @@ +#ifndef _LIBCRYPTO_H_ +#define _LIBCRYPTO_H_ + +/** NT libcrypto API version 0.7 + +version 0.7 +- Performance in 13Gbit/s range - potential limited by virtual channels. +- Multiple security contexts are now supported. +- Heavy memory usage, due to worst case return address storrage. + +version 0.6 +- ??? + +The library will encapsulate the Cipher Offload Engine running on the NT SmartNic. + +The accelerated functionality can be utilized via the following types and calls: +*/ + +#include <stdint.h> + + + + + +#define CRYPTODEV_NAME_QAT_SYM_PMD crypto_qat +#define RTE_LOGTYPE_L2FWD RTE_LOGTYPE_USER1 +#define DEFAULT_NUM_OPS_INFLIGHT (128) + + + +#define TEST_SUCCESS (0) +#define TEST_FAILED (-1) + +#ifndef TEST_TRACE_FAILURE +# define TEST_TRACE_FAILURE(_file, _line, _func) +#endif + + + +#define TEST_ASSERT(cond, msg, ...) do { \ + if (!(cond)) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ +} while (0) + +#define TEST_ASSERT_EQUAL(a, b, msg, ...) do { \ + if (!(a == b)) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ +} while (0) + +/* Compare two buffers (length in bytes) */ +#define TEST_ASSERT_BUFFERS_ARE_EQUAL(a, b, len, msg, ...) do { \ + if (memcmp(a, b, len)) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ +} while (0) + +/* Compare two buffers with offset (length and offset in bytes) */ +#define TEST_ASSERT_BUFFERS_ARE_EQUAL_OFFSET(a, b, len, off, msg, ...) do { \ + const uint8_t *_a_with_off = (const uint8_t *)a + off; \ + const uint8_t *_b_with_off = (const uint8_t *)b + off; \ + TEST_ASSERT_BUFFERS_ARE_EQUAL(_a_with_off, _b_with_off, len, msg); \ +} while (0) + +/* Compare two buffers (length in bits) */ +#define TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(a, b, len, msg, ...) do { \ + uint8_t _last_byte_a, _last_byte_b; \ + uint8_t _last_byte_mask, _last_byte_bits; \ + TEST_ASSERT_BUFFERS_ARE_EQUAL(a, b, (len >> 3), msg); \ + if (len % 8) { \ + _last_byte_bits = len % 8; \ + _last_byte_mask = ~((1 << (8 - _last_byte_bits)) - 1); \ + _last_byte_a = ((const uint8_t *)a)[len >> 3]; \ + _last_byte_b = ((const uint8_t *)b)[len >> 3]; \ + _last_byte_a &= _last_byte_mask; \ + _last_byte_b &= _last_byte_mask; \ + if (_last_byte_a != _last_byte_b) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__);\ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ + } \ +} while (0) + +/* Compare two buffers with offset (length and offset in bits) */ +#define TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT_OFFSET(a, b, len, off, msg, ...) do { \ + uint8_t _first_byte_a, _first_byte_b; \ + uint8_t _first_byte_mask, _first_byte_bits; \ + uint32_t _len_without_first_byte = (off % 8) ? \ + len - (8 - (off % 8)) : \ + len; \ + uint32_t _off_in_bytes = (off % 8) ? (off >> 3) + 1 : (off >> 3); \ + const uint8_t *_a_with_off = (const uint8_t *)a + _off_in_bytes; \ + const uint8_t *_b_with_off = (const uint8_t *)b + _off_in_bytes; \ + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(_a_with_off, _b_with_off, \ + _len_without_first_byte, msg); \ + if (off % 8) { \ + _first_byte_bits = 8 - (off % 8); \ + _first_byte_mask = (1 << _first_byte_bits) - 1; \ + _first_byte_a = *(_a_with_off - 1); \ + _first_byte_b = *(_b_with_off - 1); \ + _first_byte_a &= _first_byte_mask; \ + _first_byte_b &= _first_byte_mask; \ + if (_first_byte_a != _first_byte_b) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ + } \ +} while (0) + +#define TEST_ASSERT_NOT_EQUAL(a, b, msg, ...) do { \ + if (!(a != b)) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ +} while (0) + +#define TEST_ASSERT_SUCCESS(val, msg, ...) do { \ + typeof(val) _val = (val); \ + if (!(_val == 0)) { \ + printf("TestCase %s() line %d failed (err %d): " \ + msg "\n", __func__, __LINE__, _val, \ + ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ +} while (0) + +#define TEST_ASSERT_FAIL(val, msg, ...) do { \ + if (!(val != 0)) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ +} while (0) + +#define TEST_ASSERT_NULL(val, msg, ...) do { \ + if (!(val == NULL)) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ +} while (0) + +#define TEST_ASSERT_NOT_NULL(val, msg, ...) do { \ + if (!(val != NULL)) { \ + printf("TestCase %s() line %d failed: " \ + msg "\n", __func__, __LINE__, ##__VA_ARGS__); \ + TEST_TRACE_FAILURE(__FILE__, __LINE__, __func__); \ + return TEST_FAILED; \ + } \ +} while (0) + +typedef uint8_t *data_t; + +typedef struct { + data_t data_in; + data_t data_out; + uint16_t length; + uint8_t pad[2]; +}cipher_input; + +#define KEY_SIZE (16) +#define MAX_BURST_SIZE (32) + +#define MAX_SEC_CTX (8) /* The number of concurrently running security contexts. */ + +#define MAXIMUM_IV_LENGTH (16) + +/* The plain- and cipher-text type. */ + + +typedef struct { + data_t data; + uint16_t length; +} data_out_t; + +/* The reference to a security context, which hold the internal state of an encryption tunnel. */ +typedef void *sec_ctx_t; + +/* The reference to the data context - will be given with each ciphering and returned with the callback. */ +typedef void *data_ctx_t; + +/* The symmetric encryption key. */ +typedef uint8_t symmetric_key_t[KEY_SIZE]; + +/* The initialization vector. */ +typedef struct __attribute__((packed)) { + uint32_t counter; + unsigned bearer : 5; + unsigned direction : 1; + uint8_t padding[3]; +} iv_t; + +/* Crypto algorithm selection. */ +typedef enum { LOOPBACK = 0x0, ZUC = 0x3 } algo_type_t; + +/* +The callback for data return. + +When the callback returns, the data_out array will be destroyed. + +Input: +- data_ctx : The reference to the data context in which the packet exist. +- data_out : An array of pointers to data that has been returned. +- count : The number of array elements in data_out. +Return: +- 0 : Operation successful +- non-zero : Operation failed +*/ +typedef int (*callback_t)(data_ctx_t data_ctx, data_out_t data_out[MAX_BURST_SIZE], uint16_t count); + +/* +Crypto library initializer + +Input: +- callback : The callback for burst data return. +- core : The DPDK core used to run the library. +Return: +- 0 : Operation successful +- non-zero : Operation failed +*/ +int nt_crypto_init(callback_t callback, uint8_t core); + +/* +Setup and return a new security context. + +Input: +- algo_type : Algorithm selection. +- key : The encryption key. +- data_ctx : A data context for each PDU encrypted within the security context. +Return: +- ptr : A void pointer to the security context. +- NULL : Operation failed. +*/ +sec_ctx_t nt_crypto_new_security_context(algo_type_t algo_type, symmetric_key_t key, data_ctx_t data_ctx); + +/* +Encryption and decryption of data: + +Input: +- sec_ctx : The security context, thus key, used to cipher the data. +- iv : The initialization vector used to cipher the data. +- cipher_input : The pointer to the input buffer. +- nb_cipher The number of operations to process. + - Return : The number of packets which are ciphered/deciphered successfully. +*/ +int nt_crypto_cipher(sec_ctx_t sec_ctx, iv_t *iv, cipher_input *crypto_input, uint16_t nb_cipher); + +/* +End a given security context, all in-flight data is lost. + +Will return when security context and all related resources has be closed and freed. + +Input: +- sec_ctx : The security context to be closed. +Return: +- 0 : Operation successful +- non-zero : Operation failed +*/ +int nt_crypto_end_security_context(sec_ctx_t); + +/* +End all security context and stop the crypto library, all in-flight data is lost. + +The function will return when all crypto resources has been closed and freed. +*/ +int nt_crypto_end(void); + + +#endif /* _LIBCRYPTO_H_ */ |