From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: dev@dpdk.org
Subject: [dpdk-dev] [PATCH 5/6] l2fwd-crypto: add missing cipher/hash only cases
Date: Fri, 11 Mar 2016 00:02:50 +0000 [thread overview]
Message-ID: <1457654571-17432-6-git-send-email-pablo.de.lara.guarch@intel.com> (raw)
In-Reply-To: <1457654571-17432-1-git-send-email-pablo.de.lara.guarch@intel.com>
Added cipher-only, hash-only operation cases,
which will be supported in the future.
Also, only sets authentication and ciphering parameters
when needed.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
examples/l2fwd-crypto/main.c | 112 +++++++++++++++++++++++++++++--------------
1 file changed, 76 insertions(+), 36 deletions(-)
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index d7e3499..c8e4c6e 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -115,7 +115,9 @@ struct op_buffer {
enum l2fwd_crypto_xform_chain {
L2FWD_CRYPTO_CIPHER_HASH,
- L2FWD_CRYPTO_HASH_CIPHER
+ L2FWD_CRYPTO_HASH_CIPHER,
+ L2FWD_CRYPTO_CIPHER_ONLY,
+ L2FWD_CRYPTO_HASH_ONLY
};
struct l2fwd_key {
@@ -159,6 +161,9 @@ struct l2fwd_crypto_params {
struct l2fwd_key iv;
struct l2fwd_key aad;
struct rte_cryptodev_sym_session *session;
+
+ uint8_t do_cipher;
+ uint8_t do_hash;
};
/** lcore configuration */
@@ -393,30 +398,33 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m,
/* Set crypto operation data parameters */
rte_crypto_op_attach_sym_session(op, cparams->session);
- /* Append space for digest to end of packet */
- op->sym->auth.digest.data = (uint8_t *)rte_pktmbuf_append(m,
- cparams->digest_length);
- op->sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(m,
- rte_pktmbuf_pkt_len(m) - cparams->digest_length);
- op->sym->auth.digest.length = cparams->digest_length;
-
- op->sym->auth.data.offset = ipdata_offset;
- op->sym->auth.data.length = data_len;
-
+ if (cparams->do_hash) {
+ /* Append space for digest to end of packet */
+ op->sym->auth.digest.data = (uint8_t *)rte_pktmbuf_append(m,
+ cparams->digest_length);
+ op->sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(m,
+ rte_pktmbuf_pkt_len(m) - cparams->digest_length);
+ op->sym->auth.digest.length = cparams->digest_length;
+
+ op->sym->auth.data.offset = ipdata_offset;
+ op->sym->auth.data.length = data_len;
+
+ if (cparams->aad.length) {
+ op->sym->auth.aad.data = cparams->aad.data;
+ op->sym->auth.aad.phys_addr = cparams->aad.phys_addr;
+ op->sym->auth.aad.length = cparams->aad.length;
+ }
+ }
- op->sym->cipher.iv.data = cparams->iv.data;
- op->sym->cipher.iv.phys_addr = cparams->iv.phys_addr;
- op->sym->cipher.iv.length = cparams->iv.length;
+ if (cparams->do_cipher) {
+ op->sym->cipher.iv.data = cparams->iv.data;
+ op->sym->cipher.iv.phys_addr = cparams->iv.phys_addr;
+ op->sym->cipher.iv.length = cparams->iv.length;
- if (cparams->aad.length) {
- op->sym->auth.aad.data = cparams->aad.data;
- op->sym->auth.aad.phys_addr = cparams->aad.phys_addr;
- op->sym->auth.aad.length = cparams->aad.length;
+ op->sym->cipher.data.offset = ipdata_offset;
+ op->sym->cipher.data.length = data_len;
}
- op->sym->cipher.data.offset = ipdata_offset;
- op->sym->cipher.data.length = data_len;
-
op->sym->m_src = m;
return l2fwd_crypto_enqueue(op, cparams);
@@ -508,9 +516,13 @@ initialize_crypto_session(struct l2fwd_crypto_options *options,
if (options->xform_chain == L2FWD_CRYPTO_CIPHER_HASH) {
first_xform = &options->cipher_xform;
first_xform->next = &options->auth_xform;
- } else {
+ } else if (options->xform_chain == L2FWD_CRYPTO_HASH_CIPHER) {
first_xform = &options->auth_xform;
first_xform->next = &options->cipher_xform;
+ } else if (options->xform_chain == L2FWD_CRYPTO_CIPHER_ONLY) {
+ first_xform = &options->cipher_xform;
+ } else {
+ first_xform = &options->auth_xform;
}
/* Setup Cipher Parameters */
@@ -553,26 +565,48 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
}
for (i = 0; i < qconf->nb_crypto_devs; i++) {
+ port_cparams[i].do_cipher = 0;
+ port_cparams[i].do_hash = 0;
+
+ switch (options->xform_chain) {
+ case L2FWD_CRYPTO_CIPHER_HASH:
+ case L2FWD_CRYPTO_HASH_CIPHER:
+ port_cparams[i].do_cipher = 1;
+ port_cparams[i].do_hash = 1;
+ break;
+ case L2FWD_CRYPTO_HASH_ONLY:
+ port_cparams[i].do_hash = 1;
+ break;
+ case L2FWD_CRYPTO_CIPHER_ONLY:
+ port_cparams[i].do_cipher = 1;
+ break;
+ }
+
port_cparams[i].dev_id = qconf->cryptodev_list[i];
port_cparams[i].qp_id = 0;
port_cparams[i].block_size = 64;
- port_cparams[i].digest_length = 20;
- port_cparams[i].iv.length = 16;
- port_cparams[i].iv.data = options->iv.data;
- port_cparams[i].iv.phys_addr = options->iv.phys_addr;
- if (!options->iv_param)
- generate_random_key(options->iv.data,
- port_cparams[i].iv.length);
+ if (port_cparams[i].do_hash) {
+ port_cparams[i].digest_length = 20;
- port_cparams[i].aad.length =
- options->auth_xform.auth.add_auth_data_length;
- port_cparams[i].aad.phys_addr = options->aad.phys_addr;
- port_cparams[i].aad.data = options->aad.data;
- if (!options->aad_param)
- generate_random_key(options->aad.data,
- port_cparams[i].aad.length);
+ port_cparams[i].aad.length =
+ options->auth_xform.auth.add_auth_data_length;
+ port_cparams[i].aad.phys_addr = options->aad.phys_addr;
+ port_cparams[i].aad.data = options->aad.data;
+ if (!options->aad_param)
+ generate_random_key(options->aad.data,
+ port_cparams[i].aad.length);
+ }
+
+ if (port_cparams[i].do_cipher) {
+ port_cparams[i].iv.length = 16;
+ port_cparams[i].iv.data = options->iv.data;
+ port_cparams[i].iv.phys_addr = options->iv.phys_addr;
+ if (!options->iv_param)
+ generate_random_key(options->iv.data,
+ port_cparams[i].iv.length);
+ }
port_cparams[i].session = initialize_crypto_session(options,
@@ -745,6 +779,12 @@ parse_crypto_opt_chain(struct l2fwd_crypto_options *options, char *optarg)
} else if (strcmp("HASH_CIPHER", optarg) == 0) {
options->xform_chain = L2FWD_CRYPTO_HASH_CIPHER;
return 0;
+ } else if (strcmp("CIPHER_ONLY", optarg) == 0) {
+ options->xform_chain = L2FWD_CRYPTO_CIPHER_ONLY;
+ return 0;
+ } else if (strcmp("HASH_ONLY", optarg) == 0) {
+ options->xform_chain = L2FWD_CRYPTO_HASH_ONLY;
+ return 0;
}
return -1;
--
2.5.0
next prev parent reply other threads:[~2016-03-11 0:00 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-11 0:02 [dpdk-dev] [PATCH 0/6] L2fwd-crypto enhancements Pablo de Lara
2016-03-11 0:02 ` [dpdk-dev] [PATCH 1/6] l2fwd-crypto: code cleanup Pablo de Lara
2016-03-11 0:02 ` [dpdk-dev] [PATCH 2/6] l2fwd-crypto: update auth algo list Pablo de Lara
2016-03-11 0:02 ` [dpdk-dev] [PATCH 3/6] l2fwd-crypto: implement parse_key function Pablo de Lara
2016-03-11 0:02 ` [dpdk-dev] [PATCH 4/6] l2fwd_crypto: add AAD parsing Pablo de Lara
2016-03-11 0:02 ` Pablo de Lara [this message]
2016-03-11 0:02 ` [dpdk-dev] [PATCH 6/6] l2fwd-crypto: use cryptodev capability discovery Pablo de Lara
2016-03-11 6:57 ` [dpdk-dev] [PATCH 0/6] L2fwd-crypto enhancements Cao, Min
2016-03-11 10:02 ` Sergio Gonzalez Monroy
2016-03-11 10:50 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1457654571-17432-6-git-send-email-pablo.de.lara.guarch@intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).