From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mellanox.co.il (mail-il-dmz.mellanox.com [193.47.165.129]) by dpdk.org (Postfix) with ESMTP id C04737CB1 for ; Mon, 10 Jul 2017 09:35:23 +0200 (CEST) Received: from Internal Mail-Server by MTLPINE1 (envelope-from borisp@mellanox.com) with ESMTPS (AES256-SHA encrypted); 10 Jul 2017 10:35:19 +0300 Received: from gen-l-vrt-098.mtl.labs.mlnx (gen-l-vrt-098.mtl.labs.mlnx [10.137.170.1]) by labmailer.mlnx (8.13.8/8.13.8) with ESMTP id v6A7ZJVY030940; Mon, 10 Jul 2017 10:35:19 +0300 From: Boris Pismenny To: dev@dpdk.org Cc: aviadye@mellanox.com, borisp@mellanox.com Date: Mon, 10 Jul 2017 10:35:14 +0300 Message-Id: <1499672117-56728-5-git-send-email-borisp@mellanox.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1499672117-56728-1-git-send-email-borisp@mellanox.com> References: <1499672117-56728-1-git-send-email-borisp@mellanox.com> Subject: [dpdk-dev] [RFC 4/7] cryptodev: add ipsec xform X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jul 2017 07:35:24 -0000 This patch add a xform that is used with the crypto flow steering action to offload ipsec crypto inline. Signed-off-by: Boris Pismenny Signed-off-by: Aviad Yehezkel --- lib/librte_cryptodev/rte_crypto_sym.h | 42 ++++++++++++++++++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h index 3a40844..139443e 100644 --- a/lib/librte_cryptodev/rte_crypto_sym.h +++ b/lib/librte_cryptodev/rte_crypto_sym.h @@ -346,11 +346,49 @@ struct rte_crypto_auth_xform { */ }; +/** + * IPsec transformation data + * + * This structure contains data relating to an IPsec crypto + * transforms. The fields op, algo and key are common to all + * IPsec encryptions and MUST be set. The salt is useful for AEAD ciphers + * which must provide an out-of-band nonce for each SA. + */ +struct rte_crypto_ipsec_xform { + enum rte_crypto_cipher_operation op; + /**< IPsec operation type */ + enum rte_crypto_cipher_algorithm algo; + /**< Encryption algorithm selection */ + + struct { + uint8_t *data; /**< pointer to key data */ + size_t length; /**< key length in bytes */ + } key; + /**< Cipher key + * + * Cipher key length is in bytes. For AES it can be 128 bits (16 bytes), + * 192 bits (24 bytes) or 256 bits (32 bytes). + * + * For the CCM mode of operation, the only supported key length is 128 + * bits (16 bytes). + * + **/ + + uint32_t salt; /* salt for this security association */ + /**