RE: [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability

DPDK patches and discussions
 help / color / mirror / Atom feed

From: Anoob Joseph <anoobj@marvell.com>
To: Vamsi Krishna Attunuru <vattunuru@marvell.com>,
	"dev@dpdk.org" <dev@dpdk.org>
Cc: Akhil Goyal <gakhil@marvell.com>,
	Vamsi Krishna Attunuru <vattunuru@marvell.com>
Subject: RE: [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability
Date: Mon, 2 May 2022 07:42:33 +0000	[thread overview]
Message-ID: <PH0PR18MB467248B33283B6ADF7AEC6A2DFC19@PH0PR18MB4672.namprd18.prod.outlook.com> (raw)
In-Reply-To: <20220430053637.2065578-1-vattunuru@marvell.com>

Hi Vamsi,

Please see inline.

Thanks,
Anoob

> -----Original Message-----
> From: Vamsi Attunuru <vattunuru@marvell.com>
> Sent: Saturday, April 30, 2022 11:07 AM
> To: dev@dpdk.org
> Cc: Anoob Joseph <anoobj@marvell.com>; Akhil Goyal
> <gakhil@marvell.com>; Vamsi Krishna Attunuru <vattunuru@marvell.com>
> Subject: [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability
> 
> Patch enables 3DES-CBC secure capability of crypto device.
> 
> Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
> ---
>  drivers/crypto/cnxk/cnxk_cryptodev.h          |  2 +-
>  .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 24 +++++++++++++++++++
>  drivers/crypto/cnxk/cnxk_ipsec.h              |  3 ++-
>  3 files changed, 27 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h
> b/drivers/crypto/cnxk/cnxk_cryptodev.h
> index b75d681185..8870021725 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev.h
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
> @@ -11,7 +11,7 @@
>  #include "roc_cpt.h"
> 
>  #define CNXK_CPT_MAX_CAPS	 35
> -#define CNXK_SEC_CRYPTO_MAX_CAPS 12
> +#define CNXK_SEC_CRYPTO_MAX_CAPS 13
>  #define CNXK_SEC_MAX_CAPS	 9
>  #define CNXK_AE_EC_ID_MAX	 8
>  /**
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> index 98b002d93a..ba9eaf2325 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> @@ -862,6 +862,29 @@ static const struct rte_cryptodev_capabilities
> sec_caps_aes[] = {
>  	},
>  };
> 
> +static const struct rte_cryptodev_capabilities sec_caps_des[] = {
> +	{	/* 3DES CBC */
> +		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> +		{.sym = {
> +			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> +			{.cipher = {
> +				.algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> +				.block_size = 8,
> +				.key_size = {
> +					.min = 24,
> +					.max = 24,
> +					.increment = 0
> +				},
> +				.iv_size = {
> +					.min = 8,
> +					.max = 16,
> +					.increment = 8
> +				}
> +			}, }
> +		}, }
> +	}
> +};
> +
>  static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
>  	{	/* SHA1 HMAC */
>  		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> @@ -1195,6 +1218,7 @@ sec_crypto_caps_populate(struct
> rte_cryptodev_capabilities cnxk_caps[],
>  	int cur_pos = 0;
> 
>  	SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, aes);
> +	SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, des);
>  	SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, sha1_sha2);
> 
>  	if (roc_model_is_cn10k())
> diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h
> b/drivers/crypto/cnxk/cnxk_ipsec.h
> index 171ea2774e..7c7833ac1b 100644
> --- a/drivers/crypto/cnxk/cnxk_ipsec.h
> +++ b/drivers/crypto/cnxk/cnxk_ipsec.h
> @@ -24,7 +24,8 @@ ipsec_xform_cipher_verify(struct
> rte_crypto_sym_xform *crypto_xform)
>  		return 0;
> 
>  	if (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC ||
> -	    crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR) {
> +	    crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR ||
> +	    crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC) {

[Anoob] We can support only key.length as 24 with 3DES. Rest of the checks are for AES. Please introduce a separate check for 3DES.

Rest of the patch looks good.
 
>  		switch (crypto_xform->cipher.key.length) {
>  		case 16:
>  		case 24:
> --
> 2.25.1

next prev parent reply	other threads:[~2022-05-02  7:42 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-30  5:36 Vamsi Attunuru
2022-05-02  7:16 ` Akhil Goyal
2022-05-02  7:42 ` Anoob Joseph [this message]
2022-05-02  8:20 ` [PATCH v2 " Vamsi Attunuru
2022-05-02  8:56   ` Anoob Joseph
2022-05-11 19:56   ` Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=PH0PR18MB467248B33283B6ADF7AEC6A2DFC19@PH0PR18MB4672.namprd18.prod.outlook.com \
    --to=anoobj@marvell.com \
    --cc=dev@dpdk.org \
    --cc=gakhil@marvell.com \
    --cc=vattunuru@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).