From: Hemant Agrawal <hemant.agrawal@nxp.com>
To: dev@dpdk.org, gakhil@marvell.com
Cc: Gagandeep Singh <g.singh@nxp.com>
Subject: [dpdk-dev] [PATCH v3 04/10] crypto/dpaa_sec: add support for AES CMAC integrity check
Date: Tue, 7 Sep 2021 14:09:47 +0530 [thread overview]
Message-ID: <20210907083953.8948-4-hemant.agrawal@nxp.com> (raw)
In-Reply-To: <20210907083953.8948-1-hemant.agrawal@nxp.com>
From: Gagandeep Singh <g.singh@nxp.com>
This patch adds support for AES_CMAC integrity in non-security mode.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
doc/guides/cryptodevs/features/dpaa_sec.ini | 1 +
drivers/crypto/dpaa_sec/dpaa_sec.c | 10 +++++
drivers/crypto/dpaa_sec/dpaa_sec.h | 43 +++++++++++++++++++++
3 files changed, 54 insertions(+)
diff --git a/doc/guides/cryptodevs/features/dpaa_sec.ini b/doc/guides/cryptodevs/features/dpaa_sec.ini
index d7bc319373..6a8f77fb1d 100644
--- a/doc/guides/cryptodevs/features/dpaa_sec.ini
+++ b/doc/guides/cryptodevs/features/dpaa_sec.ini
@@ -48,6 +48,7 @@ SHA512 HMAC = Y
SNOW3G UIA2 = Y
ZUC EIA3 = Y
AES XCBC MAC = Y
+AES CMAC (128) = Y
;
; Supported AEAD algorithms of the 'dpaa_sec' crypto driver.
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index dab0ad28c0..7d3f971f3c 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -525,6 +525,7 @@ dpaa_sec_prep_cdb(dpaa_sec_session *ses)
ses->digest_length);
break;
case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+ case RTE_CRYPTO_AUTH_AES_CMAC:
shared_desc_len = cnstr_shdsc_aes_mac(
cdb->sh_desc,
true, swap, SHR_NEVER,
@@ -2177,6 +2178,10 @@ dpaa_sec_auth_init(struct rte_cryptodev *dev __rte_unused,
session->auth_key.alg = OP_ALG_ALGSEL_AES;
session->auth_key.algmode = OP_ALG_AAI_XCBC_MAC;
break;
+ case RTE_CRYPTO_AUTH_AES_CMAC:
+ session->auth_key.alg = OP_ALG_ALGSEL_AES;
+ session->auth_key.algmode = OP_ALG_AAI_CMAC;
+ break;
default:
DPAA_SEC_ERR("Crypto: Unsupported Auth specified %u",
xform->auth.algo);
@@ -2262,6 +2267,10 @@ dpaa_sec_chain_init(struct rte_cryptodev *dev __rte_unused,
session->auth_key.alg = OP_ALG_ALGSEL_AES;
session->auth_key.algmode = OP_ALG_AAI_XCBC_MAC;
break;
+ case RTE_CRYPTO_AUTH_AES_CMAC:
+ session->auth_key.alg = OP_ALG_ALGSEL_AES;
+ session->auth_key.algmode = OP_ALG_AAI_CMAC;
+ break;
default:
DPAA_SEC_ERR("Crypto: Unsupported Auth specified %u",
auth_xform->algo);
@@ -2697,6 +2706,7 @@ dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
break;
case RTE_CRYPTO_AUTH_AES_CMAC:
session->auth_key.alg = OP_PCL_IPSEC_AES_CMAC_96;
+ session->auth_key.algmode = OP_ALG_AAI_CMAC;
break;
case RTE_CRYPTO_AUTH_NULL:
session->auth_key.alg = OP_PCL_IPSEC_HMAC_NULL;
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h
index 153747c87c..faa740618f 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.h
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.h
@@ -738,6 +738,49 @@ static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = {
}, }
}, }
},
+ { /* AES CMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_AES_CMAC,
+ .block_size = 16,
+ .key_size = {
+ .min = 1,
+ .max = 16,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 12,
+ .max = 16,
+ .increment = 4
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* AES XCBC HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+ .block_size = 16,
+ .key_size = {
+ .min = 1,
+ .max = 16,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 12,
+ .max = 16,
+ .increment = 4
+ },
+ .aad_size = { 0 },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
--
2.17.1
next prev parent reply other threads:[~2021-09-07 8:44 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-21 7:39 [dpdk-dev] [PATCH 1/5] crypto/dpaa2_sec: fix to check next null for auth only case Hemant Agrawal
2021-07-21 7:39 ` [dpdk-dev] [PATCH 2/5] crypto/dpaa_sec: support DES-CBC Hemant Agrawal
2021-07-21 7:39 ` [dpdk-dev] [PATCH 3/5] crypto/dpaa_sec: support non-HMAC auth algos Hemant Agrawal
2021-07-21 7:39 ` [dpdk-dev] [PATCH 4/5] crypto/dpaa_sec: support AES-XCBC-MAC Hemant Agrawal
2021-07-21 7:39 ` [dpdk-dev] [PATCH 5/5] crypto/dpaa_sec: add support for AES CMAC integrity check Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 02/11] crypto/dpaa_sec: support DES-CBC Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 03/11] crypto/dpaa_sec: support non-HMAC auth algos Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 04/11] crypto/dpaa_sec: support AES-XCBC-MAC Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 05/11] crypto/dpaa_sec: add support for AES CMAC integrity check Hemant Agrawal
2021-09-02 13:46 ` [dpdk-dev] [EXT] " Akhil Goyal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 06/11] common/dpaax: caamflib load correct HFN from DESCBUF Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 07/11] common/dpaax: caamflib do not clear DPOVRD Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 08/11] common/dpaax: enhance caamflib with inline keys Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 09/11] common/dpaax: fix IV value for shortMAC-I for SNOW algo Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 10/11] crypto/dpaa_sec: force inline of the keys to save space Hemant Agrawal
2021-08-25 8:18 ` [dpdk-dev] [PATCH v2 11/11] crypto/dpaa2_sec: add error packet counters Hemant Agrawal
2021-09-02 12:46 ` [dpdk-dev] [EXT] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case Akhil Goyal
2021-09-02 13:48 ` Hemant Agrawal
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 01/10] crypto/dpaa_sec: support DES-CBC Hemant Agrawal
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 02/10] crypto/dpaa_sec: support non-HMAC auth algos Hemant Agrawal
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 03/10] crypto/dpaa_sec: support AES-XCBC-MAC Hemant Agrawal
2021-09-07 8:39 ` Hemant Agrawal [this message]
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 05/10] common/dpaax: caamflib load correct HFN from DESCBUF Hemant Agrawal
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 06/10] common/dpaax: caamflib do not clear DPOVRD Hemant Agrawal
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 07/10] common/dpaax: enhance caamflib with inline keys Hemant Agrawal
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 08/10] common/dpaax: fix IV value for shortMAC-I for SNOW algo Hemant Agrawal
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 09/10] crypto/dpaa_sec: force inline of the keys to save space Hemant Agrawal
2021-09-07 8:39 ` [dpdk-dev] [PATCH v3 10/10] crypto/dpaa2_sec: add error packet counters Hemant Agrawal
2021-09-07 11:47 ` [dpdk-dev] [EXT] [PATCH v3 01/10] crypto/dpaa_sec: support DES-CBC Akhil Goyal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 " Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 02/10] crypto/dpaa_sec: support non-HMAC auth algos Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 03/10] crypto/dpaa_sec: support AES-XCBC-MAC Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 04/10] crypto/dpaa_sec: add support for AES CMAC integrity check Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 05/10] common/dpaax: caamflib load correct HFN from DESCBUF Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 06/10] common/dpaax: caamflib do not clear DPOVRD Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 07/10] common/dpaax: enhance caamflib with inline keys Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 08/10] common/dpaax: fix IV value for shortMAC-I for SNOW algo Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 09/10] crypto/dpaa_sec: force inline of the keys to save space Hemant Agrawal
2021-09-08 6:59 ` [dpdk-dev] [PATCH v4 10/10] crypto/dpaa2_sec: add error packet counters Hemant Agrawal
2021-09-08 10:13 ` [dpdk-dev] [EXT] [PATCH v4 01/10] crypto/dpaa_sec: support DES-CBC Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210907083953.8948-4-hemant.agrawal@nxp.com \
--to=hemant.agrawal@nxp.com \
--cc=dev@dpdk.org \
--cc=g.singh@nxp.com \
--cc=gakhil@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).