From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id E7003A0547; Fri, 10 Sep 2021 18:45:28 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 887BE4068C; Fri, 10 Sep 2021 18:45:28 +0200 (CEST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mails.dpdk.org (Postfix) with ESMTP id 5E47A4067E for ; Fri, 10 Sep 2021 18:45:27 +0200 (CEST) X-IronPort-AV: E=McAfee;i="6200,9189,10103"; a="200643285" X-IronPort-AV: E=Sophos;i="5.85,283,1624345200"; d="scan'208";a="200643285" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Sep 2021 09:45:19 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,283,1624345200"; d="scan'208";a="505161913" Received: from silpixa00401162.ir.intel.com ([10.55.128.50]) by fmsmga008.fm.intel.com with ESMTP; 10 Sep 2021 09:45:18 -0700 From: Pablo de Lara To: declan.doherty@intel.com, ciara.power@intel.com Cc: dev@dpdk.org, Pablo de Lara Date: Fri, 10 Sep 2021 16:45:16 +0000 Message-Id: <20210910164516.807659-1-pablo.de.lara.guarch@intel.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH] crypto/ipsec_mb: support ZUC-256 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Add support for ZUC-EEA3-256 and ZUC-EIA3-256 (only 4-byte tags supported for now). Signed-off-by: Pablo de Lara --- This patch depends on patchset https://patches.dpdk.org/project/dpdk/list/?series=18470 --- doc/guides/cryptodevs/aesni_mb.rst | 1 + doc/guides/rel_notes/release_21_11.rst | 4 ++++ drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 18 ++++++++++-------- 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst index 3551a0dbd7..948128ae9b 100644 --- a/doc/guides/cryptodevs/aesni_mb.rst +++ b/doc/guides/cryptodevs/aesni_mb.rst @@ -77,6 +77,7 @@ Limitations protocol. * RTE_CRYPTO_CIPHER_DES_DOCSISBPI is not supported for combined Crypto-CRC DOCSIS security protocol. +* The only tag size supported for ZUC-EIA3-256 is 4 bytes. Installation diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst index 3fa8018695..71380d4986 100644 --- a/doc/guides/rel_notes/release_21_11.rst +++ b/doc/guides/rel_notes/release_21_11.rst @@ -82,6 +82,10 @@ New Features * Added PDCP short MAC-I support. +* **Updated the aesni_mb crypto PMD.** + + * Added support for ZUC-EEA3-256 and ZUC-EIA3-256. + Removed Items ------------- diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c index e05865798b..31c25e2bc7 100644 --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c @@ -526,8 +526,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = { .block_size = 16, .key_size = { .min = 16, - .max = 16, - .increment = 0 + .max = 32, + .increment = 16 }, .digest_size = { .min = 4, @@ -551,8 +551,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = { .block_size = 16, .key_size = { .min = 16, - .max = 16, - .increment = 0 + .max = 32, + .increment = 16 }, .iv_size = { .min = 16, @@ -1099,7 +1099,8 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr, } sess->auth.gen_digest_len = sess->auth.req_digest_len; - memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16); + memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, + xform->auth.key.length); return 0; } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) { sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN; @@ -1427,13 +1428,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr, sess->cipher.key_length_in_bytes = 24; } else if (is_zuc) { - if (xform->cipher.key.length != 16) { + if (xform->cipher.key.length != 16 && + xform->cipher.key.length != 32) { IPSEC_MB_LOG(ERR, "Invalid cipher key length"); return -EINVAL; } - sess->cipher.key_length_in_bytes = 16; + sess->cipher.key_length_in_bytes = xform->cipher.key.length; memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data, - 16); + xform->cipher.key.length); } else if (is_snow3g) { if (xform->cipher.key.length != 16) { IPSEC_MB_LOG(ERR, "Invalid cipher key length"); -- 2.25.1