From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by dpdk.org (Postfix) with ESMTP id EB1A38E76 for ; Tue, 19 Feb 2019 16:33:28 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Feb 2019 07:33:28 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,388,1544515200"; d="scan'208";a="123603968" Received: from silpixa00398673.ir.intel.com (HELO silpixa00398673.ger.corp.intel.com) ([10.237.223.136]) by fmsmga007.fm.intel.com with ESMTP; 19 Feb 2019 07:33:27 -0800 From: Fan Zhang To: dev@dpdk.org Cc: akhil.goyal@nxp.com, konstantin.ananyev@intel.com, roy.fan.zhang@intel.com Date: Tue, 19 Feb 2019 15:32:35 +0000 Message-Id: <20190219153236.84537-4-roy.fan.zhang@intel.com> X-Mailer: git-send-email 2.14.5 In-Reply-To: <20190219153236.84537-1-roy.fan.zhang@intel.com> References: <20190218163254.56905-1-roy.fan.zhang@intel.com> <20190219153236.84537-1-roy.fan.zhang@intel.com> Subject: [dpdk-dev] [PATCH v2 3/4] ipsec: add 3DES-CBC algorithm support X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Feb 2019 15:33:29 -0000 This patch adds triple-des CBC mode cipher algorithm to ipsec library. Signed-off-by: Fan Zhang --- lib/librte_ipsec/sa.c | 10 ++++++++++ lib/librte_ipsec/sa.h | 6 ++++++ 2 files changed, 16 insertions(+) diff --git a/lib/librte_ipsec/sa.c b/lib/librte_ipsec/sa.c index e34dd320a..5c59c4b67 100644 --- a/lib/librte_ipsec/sa.c +++ b/lib/librte_ipsec/sa.c @@ -307,6 +307,13 @@ esp_sa_init(struct rte_ipsec_sa *sa, const struct rte_ipsec_sa_prm *prm, sa->algo_type = ALGO_TYPE_AES_CTR; break; + case RTE_CRYPTO_CIPHER_3DES_CBC: + /* RFC 1851 */ + sa->pad_align = IPSEC_PAD_3DES_CBC; + sa->iv_len = IPSEC_3DES_IV_SIZE; + sa->algo_type = ALGO_TYPE_3DES; + break; + default: return -EINVAL; } @@ -512,6 +519,8 @@ esp_outb_cop_prepare(struct rte_crypto_op *cop, sa->iv_ofs); aes_ctr_cnt_blk_fill(ctr, ivp[0], sa->salt); break; + case ALGO_TYPE_3DES: + /* Cipher-Auth (3DES-CBC *) case */ case ALGO_TYPE_NULL: /* NULL case */ sop->cipher.data.offset = sa->ctp.cipher.offset + hlen; @@ -873,6 +882,7 @@ esp_inb_tun_cop_prepare(struct rte_crypto_op *cop, aead_gcm_iv_fill(gcm, ivp[0], sa->salt); break; case ALGO_TYPE_AES_CBC: + case ALGO_TYPE_3DES: sop->cipher.data.offset = pofs + sa->ctp.cipher.offset; sop->cipher.data.length = clen; sop->auth.data.offset = pofs + sa->ctp.auth.offset; diff --git a/lib/librte_ipsec/sa.h b/lib/librte_ipsec/sa.h index 12c061ee6..8398748d1 100644 --- a/lib/librte_ipsec/sa.h +++ b/lib/librte_ipsec/sa.h @@ -14,6 +14,7 @@ /* padding alignment for different algorithms */ enum { IPSEC_PAD_DEFAULT = 4, + IPSEC_PAD_3DES_CBC = IPSEC_PAD_DEFAULT, IPSEC_PAD_AES_CBC = IPSEC_MAX_IV_SIZE, IPSEC_PAD_AES_CTR = IPSEC_PAD_DEFAULT, IPSEC_PAD_AES_GCM = IPSEC_PAD_DEFAULT, @@ -24,6 +25,10 @@ enum { enum { IPSEC_IV_SIZE_DEFAULT = IPSEC_MAX_IV_SIZE, IPSEC_AES_CTR_IV_SIZE = sizeof(uint64_t), + /* TripleDES supports IV size of 32bits or 64bits but he library + * only supports 64bits. + */ + IPSEC_3DES_IV_SIZE = sizeof(uint64_t), }; /* these definitions probably has to be in rte_crypto_sym.h */ @@ -57,6 +62,7 @@ struct replay_sqn { /*IPSEC SA supported algorithms */ enum sa_algo_type { ALGO_TYPE_NULL = 0, + ALGO_TYPE_3DES, ALGO_TYPE_AES_CBC, ALGO_TYPE_AES_CTR, ALGO_TYPE_AES_GCM, -- 2.14.5