From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: dev@dpdk.org
Cc: declan.doherty@intel.com, Pablo de Lara <pablo.de.lara.guarch@intel.com>
Subject: [dpdk-dev] [PATCH v2 1/3] l2fwd-crypto: add SNOW3G algorithms
Date: Tue, 22 Mar 2016 21:23:59 +0000 [thread overview]
Message-ID: <1458681841-245648-2-git-send-email-pablo.de.lara.guarch@intel.com> (raw)
In-Reply-To: <1458681841-245648-1-git-send-email-pablo.de.lara.guarch@intel.com>
Since SNOW3G UEA2/UIA2 are supported now by both HW and SW,
l2fwd-crypto may use them, extending the list of algorithms
parsed from command line.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
examples/l2fwd-crypto/main.c | 48 +++++++++++++++++++++++++++++++++++---------
1 file changed, 39 insertions(+), 9 deletions(-)
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index 762d22a..2fd0778 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -178,6 +178,9 @@ struct l2fwd_crypto_params {
uint8_t do_cipher;
uint8_t do_hash;
uint8_t hash_verify;
+
+ enum rte_crypto_cipher_algorithm cipher_algo;
+ enum rte_crypto_auth_algorithm auth_algo;
};
/** lcore configuration */
@@ -426,8 +429,14 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m,
rte_pktmbuf_pkt_len(m) - cparams->digest_length);
op->sym->auth.digest.length = cparams->digest_length;
- op->sym->auth.data.offset = ipdata_offset;
- op->sym->auth.data.length = data_len;
+ /* For SNOW3G algorithms, offset/length must be in bits */
+ if (cparams->auth_algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+ op->sym->auth.data.offset = ipdata_offset << 3;
+ op->sym->auth.data.length = data_len << 3;
+ } else {
+ op->sym->auth.data.offset = ipdata_offset;
+ op->sym->auth.data.length = data_len;
+ }
if (cparams->aad.length) {
op->sym->auth.aad.data = cparams->aad.data;
@@ -441,13 +450,25 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m,
op->sym->cipher.iv.phys_addr = cparams->iv.phys_addr;
op->sym->cipher.iv.length = cparams->iv.length;
- op->sym->cipher.data.offset = ipdata_offset;
- if (cparams->do_hash && cparams->hash_verify)
- /* Do not cipher the hash tag */
- op->sym->cipher.data.length = data_len -
- cparams->digest_length;
- else
- op->sym->cipher.data.length = data_len;
+ /* For SNOW3G algorithms, offset/length must be in bits */
+ if (cparams->cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2) {
+ op->sym->cipher.data.offset = ipdata_offset << 3;
+ if (cparams->do_hash && cparams->hash_verify)
+ /* Do not cipher the hash tag */
+ op->sym->cipher.data.length = (data_len -
+ cparams->digest_length) << 3;
+ else
+ op->sym->cipher.data.length = data_len << 3;
+
+ } else {
+ op->sym->cipher.data.offset = ipdata_offset;
+ if (cparams->do_hash && cparams->hash_verify)
+ /* Do not cipher the hash tag */
+ op->sym->cipher.data.length = data_len -
+ cparams->digest_length;
+ else
+ op->sym->cipher.data.length = data_len;
+ }
}
op->sym->m_src = m;
@@ -630,6 +651,8 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
port_cparams[i].hash_verify = 1;
else
port_cparams[i].hash_verify = 0;
+
+ port_cparams[i].auth_algo = options->auth_xform.auth.algo;
}
if (port_cparams[i].do_cipher) {
@@ -640,6 +663,7 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
generate_random_key(port_cparams[i].iv.data,
sizeof(port_cparams[i].iv.length));
+ port_cparams[i].cipher_algo = options->cipher_xform.cipher.algo;
}
port_cparams[i].session = initialize_crypto_session(options,
@@ -835,6 +859,9 @@ parse_cipher_algo(enum rte_crypto_cipher_algorithm *algo, char *optarg)
} else if (strcmp("AES_GCM", optarg) == 0) {
*algo = RTE_CRYPTO_CIPHER_AES_GCM;
return 0;
+ } else if (strcmp("SNOW3G_UEA2", optarg) == 0) {
+ *algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+ return 0;
}
printf("Cipher algorithm not supported!\n");
@@ -901,6 +928,9 @@ parse_auth_algo(enum rte_crypto_auth_algorithm *algo, char *optarg)
} else if (strcmp("SHA512_HMAC", optarg) == 0) {
*algo = RTE_CRYPTO_AUTH_SHA512_HMAC;
return 0;
+ } else if (strcmp("SNOW3G_UIA2", optarg) == 0) {
+ *algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2;
+ return 0;
}
printf("Authentication algorithm specified not supported!\n");
--
2.5.0
next prev parent reply other threads:[~2016-03-22 21:24 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-22 13:17 [dpdk-dev] [PATCH] " Pablo de Lara
2016-03-22 15:09 ` Trahe, Fiona
2016-03-22 17:41 ` De Lara Guarch, Pablo
2016-03-22 21:23 ` [dpdk-dev] [PATCH v2 0/3] Extend list of supported algorithms in L2fwd-crypto Pablo de Lara
2016-03-22 21:23 ` Pablo de Lara [this message]
2016-03-22 21:24 ` [dpdk-dev] [PATCH v2 2/3] l2fwd-crypto: add AES GCM in auth algo list Pablo de Lara
2016-03-22 21:24 ` [dpdk-dev] [PATCH v2 3/3] l2fwd-crypto: add NULL in cipher/auth " Pablo de Lara
2016-03-24 19:53 ` [dpdk-dev] [PATCH v2 0/3] Extend list of supported algorithms in L2fwd-crypto Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1458681841-245648-2-git-send-email-pablo.de.lara.guarch@intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).