* [dpdk-dev] [PATCH] crypto/aesni_mb: add DES support
@ 2017-08-18 6:17 Pablo de Lara
2017-09-04 9:07 ` Zhang, Roy Fan
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 0/3] Extend " Pablo de Lara
0 siblings, 2 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-08-18 6:17 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
The Multi-buffer library now supports DES-CBC
and DES-DOCSISBPI algorithms, so this commit
extends adds support for them in the PMD.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
doc/guides/rel_notes/release_17_11.rst | 7 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 74 ++++++++++++++++++++---------
test/test/test_cryptodev.c | 42 ++++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 42 ++++++++++------
6 files changed, 133 insertions(+), 37 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index b3b937f..2e07e1e 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -52,6 +52,8 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES192_CTR
* RTE_CRYPTO_CIPHER_AES256_CTR
* RTE_CRYPTO_CIPHER_AES_DOCSISBPI
+* RTE_CRYPTO_CIPHER_DES_CBC
+* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
Hash algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 03d8485..fab07cb 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -23,6 +23,9 @@ AES CTR (128) = Y
AES CTR (192) = Y
AES CTR (256) = Y
AES DOCSIS BPI = Y
+DES CBC = Y
+DES DOCSIS BPI = Y
+
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
;
diff --git a/doc/guides/rel_notes/release_17_11.rst b/doc/guides/rel_notes/release_17_11.rst
index 170f4f9..134477f 100644
--- a/doc/guides/rel_notes/release_17_11.rst
+++ b/doc/guides/rel_notes/release_17_11.rst
@@ -41,6 +41,13 @@ New Features
Also, make sure to start the actual text at the margin.
=========================================================
+* **Updated the AESNI MB PMD.**
+
+ The AESNI MB PMD has been updated with additional support for:
+
+ * DES CBC algorithm.
+ * DES DOCSIS BPI algorithm.
+
Resolved Issues
---------------
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 16e1451..ca25e28 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -30,6 +30,8 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include <des.h>
+
#include <rte_common.h>
#include <rte_hexdump.h>
#include <rte_cryptodev.h>
@@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+ uint8_t is_aes;
aes_keyexp_t aes_keyexp_fn;
if (xform == NULL) {
@@ -217,45 +220,70 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
switch (xform->cipher.algo) {
case RTE_CRYPTO_CIPHER_AES_CBC:
sess->cipher.mode = CBC;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_CTR:
sess->cipher.mode = CNTR;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
sess->cipher.mode = DOCSIS_SEC_BPI;
+ is_aes = 1;
break;
- default:
- MB_LOG_ERR("Unsupported cipher mode parameter");
- return -ENOTSUP;
- }
-
- /* Check key length and choose key expansion function */
- switch (xform->cipher.key.length) {
- case AES_128_BYTES:
- sess->cipher.key_length_in_bytes = AES_128_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ case RTE_CRYPTO_CIPHER_DES_CBC:
+ sess->cipher.mode = DES;
+ is_aes = 0;
break;
- case AES_192_BYTES:
- sess->cipher.key_length_in_bytes = AES_192_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
- break;
- case AES_256_BYTES:
- sess->cipher.key_length_in_bytes = AES_256_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
+ sess->cipher.mode = DOCSIS_DES;
+ is_aes = 0;
break;
default:
- MB_LOG_ERR("Invalid cipher key length");
- return -EINVAL;
+ MB_LOG_ERR("Unsupported cipher mode parameter");
+ return -ENOTSUP;
}
/* Set IV parameters */
sess->iv.offset = xform->cipher.iv.offset;
sess->iv.length = xform->cipher.iv.length;
- /* Expanded cipher keys */
- (*aes_keyexp_fn)(xform->cipher.key.data,
- sess->cipher.expanded_aes_keys.encode,
- sess->cipher.expanded_aes_keys.decode);
+ /* Check key length and choose key expansion function for AES */
+ if (is_aes) {
+ switch (xform->cipher.key.length) {
+ case AES_128_BYTES:
+ sess->cipher.key_length_in_bytes = AES_128_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ break;
+ case AES_192_BYTES:
+ sess->cipher.key_length_in_bytes = AES_192_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
+ break;
+ case AES_256_BYTES:
+ sess->cipher.key_length_in_bytes = AES_256_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ break;
+ default:
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+
+ /* Expanded cipher keys */
+ (*aes_keyexp_fn)(xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+
+ } else {
+ if (xform->cipher.key.length != 8) {
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 8;
+
+ des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.encode,
+ xform->cipher.key.data);
+ des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.decode,
+ xform->cipher.key.data);
+ }
return 0;
}
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index a4116c6..c282f4d 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -4691,6 +4691,44 @@ test_DES_docsis_openssl_all(void)
}
static int
+test_DES_cipheronly_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_CIPHERONLY_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
+test_DES_docsis_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_DOCSIS_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
test_3DES_chain_dpaa2_sec_all(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -8289,6 +8327,10 @@ static struct unit_test_suite cryptodev_aesni_mb_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_docsis_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_cipheronly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_docsis_mb_all),
TEST_CASES_END() /**< NULL terminate unit test array */
}
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 0b6e0b8..14123d7 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -851,13 +851,15 @@ static const struct blockcipher_test_case des_cipheronly_test_cases[] = {
.test_descr = "DES-CBC Encryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-CBC Decryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
};
@@ -965,42 +967,48 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Encryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Encryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Full Block Decryption",
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Decryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Decryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Full Block Encryption",
@@ -1008,7 +1016,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Runt Block Encryption",
@@ -1016,7 +1025,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Uneven Encryption",
@@ -1024,7 +1034,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Full Block Decryption",
@@ -1032,7 +1043,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Runt Block Decryption",
@@ -1040,7 +1052,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Uneven Decryption",
@@ -1048,7 +1061,8 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
}
};
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: [dpdk-dev] [PATCH] crypto/aesni_mb: add DES support
2017-08-18 6:17 [dpdk-dev] [PATCH] crypto/aesni_mb: add DES support Pablo de Lara
@ 2017-09-04 9:07 ` Zhang, Roy Fan
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 0/3] Extend " Pablo de Lara
1 sibling, 0 replies; 21+ messages in thread
From: Zhang, Roy Fan @ 2017-09-04 9:07 UTC (permalink / raw)
To: De Lara Guarch, Pablo, Doherty, Declan; +Cc: dev, Zhang, Roy Fan
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Pablo de Lara
> Sent: Friday, August 18, 2017 7:18 AM
> To: Doherty, Declan <declan.doherty@intel.com>
> Cc: dev@dpdk.org; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Subject: [dpdk-dev] [PATCH] crypto/aesni_mb: add DES support
>
> The Multi-buffer library now supports DES-CBC and DES-DOCSISBPI
> algorithms, so this commit extends adds support for them in the PMD.
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v2 0/3] Extend DES support
2017-08-18 6:17 [dpdk-dev] [PATCH] crypto/aesni_mb: add DES support Pablo de Lara
2017-09-04 9:07 ` Zhang, Roy Fan
@ 2017-09-15 2:09 ` Pablo de Lara
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add " Pablo de Lara
` (3 more replies)
1 sibling, 4 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-09-15 2:09 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
This patchset extends the support of DES algorithms
to the AESNI MB and OpenSSL PMDs.
For AESNI MB PMD, the following algorithms are added:
- DES-CBC
- DES-DOCSISBPI
For OpenSSL PMD, DES-CBC is added, as DES-DOCSISBPI
was already supported.
Changes in v2:
- Added support for DES-CBC in OpenSSL PMD
- Added missing capabilities for AESNI MB PMD
- Fixed issue in crypto-perf app
Pablo de Lara (3):
crypto/aesni_mb: add DES support
crypto/openssl: add support for DES-CBC
app/crypto-perf: fix packet length check
app/test-crypto-perf/cperf_options_parsing.c | 18 +++++--
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
doc/guides/rel_notes/release_17_11.rst | 7 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 74 ++++++++++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42 +++++++++++++++
drivers/crypto/openssl/rte_openssl_pmd.c | 27 ++++++++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 20 +++++++
test/test/test_cryptodev.c | 63 ++++++++++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 26 ++++++---
10 files changed, 248 insertions(+), 34 deletions(-)
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add DES support
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 0/3] Extend " Pablo de Lara
@ 2017-09-15 2:09 ` Pablo de Lara
2017-09-18 10:56 ` Radu Nicolau
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 2/3] crypto/openssl: add support for DES-CBC Pablo de Lara
` (2 subsequent siblings)
3 siblings, 1 reply; 21+ messages in thread
From: Pablo de Lara @ 2017-09-15 2:09 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
The Multi-buffer library now supports DES-CBC
and DES-DOCSISBPI algorithms, so this commit
extends adds support for them in the PMD.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
doc/guides/rel_notes/release_17_11.rst | 7 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 74 ++++++++++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42 +++++++++++++++
test/test/test_cryptodev.c | 42 +++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 24 ++++++---
7 files changed, 163 insertions(+), 31 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index b3b937f..2e07e1e 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -52,6 +52,8 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES192_CTR
* RTE_CRYPTO_CIPHER_AES256_CTR
* RTE_CRYPTO_CIPHER_AES_DOCSISBPI
+* RTE_CRYPTO_CIPHER_DES_CBC
+* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
Hash algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 03d8485..fab07cb 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -23,6 +23,9 @@ AES CTR (128) = Y
AES CTR (192) = Y
AES CTR (256) = Y
AES DOCSIS BPI = Y
+DES CBC = Y
+DES DOCSIS BPI = Y
+
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
;
diff --git a/doc/guides/rel_notes/release_17_11.rst b/doc/guides/rel_notes/release_17_11.rst
index cdb99f4..800f07e 100644
--- a/doc/guides/rel_notes/release_17_11.rst
+++ b/doc/guides/rel_notes/release_17_11.rst
@@ -41,6 +41,13 @@ New Features
Also, make sure to start the actual text at the margin.
=========================================================
+* **Updated the AESNI MB PMD.**
+
+ The AESNI MB PMD has been updated with additional support for:
+
+ * DES CBC algorithm.
+ * DES DOCSIS BPI algorithm.
+
Resolved Issues
---------------
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index f91504d..1e93038 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -30,6 +30,8 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include <des.h>
+
#include <rte_common.h>
#include <rte_hexdump.h>
#include <rte_cryptodev.h>
@@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+ uint8_t is_aes;
aes_keyexp_t aes_keyexp_fn;
if (xform == NULL) {
@@ -217,45 +220,70 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
switch (xform->cipher.algo) {
case RTE_CRYPTO_CIPHER_AES_CBC:
sess->cipher.mode = CBC;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_CTR:
sess->cipher.mode = CNTR;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
sess->cipher.mode = DOCSIS_SEC_BPI;
+ is_aes = 1;
break;
- default:
- MB_LOG_ERR("Unsupported cipher mode parameter");
- return -ENOTSUP;
- }
-
- /* Check key length and choose key expansion function */
- switch (xform->cipher.key.length) {
- case AES_128_BYTES:
- sess->cipher.key_length_in_bytes = AES_128_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ case RTE_CRYPTO_CIPHER_DES_CBC:
+ sess->cipher.mode = DES;
+ is_aes = 0;
break;
- case AES_192_BYTES:
- sess->cipher.key_length_in_bytes = AES_192_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
- break;
- case AES_256_BYTES:
- sess->cipher.key_length_in_bytes = AES_256_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
+ sess->cipher.mode = DOCSIS_DES;
+ is_aes = 0;
break;
default:
- MB_LOG_ERR("Invalid cipher key length");
- return -EINVAL;
+ MB_LOG_ERR("Unsupported cipher mode parameter");
+ return -ENOTSUP;
}
/* Set IV parameters */
sess->iv.offset = xform->cipher.iv.offset;
sess->iv.length = xform->cipher.iv.length;
- /* Expanded cipher keys */
- (*aes_keyexp_fn)(xform->cipher.key.data,
- sess->cipher.expanded_aes_keys.encode,
- sess->cipher.expanded_aes_keys.decode);
+ /* Check key length and choose key expansion function for AES */
+ if (is_aes) {
+ switch (xform->cipher.key.length) {
+ case AES_128_BYTES:
+ sess->cipher.key_length_in_bytes = AES_128_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ break;
+ case AES_192_BYTES:
+ sess->cipher.key_length_in_bytes = AES_192_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
+ break;
+ case AES_256_BYTES:
+ sess->cipher.key_length_in_bytes = AES_256_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ break;
+ default:
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+
+ /* Expanded cipher keys */
+ (*aes_keyexp_fn)(xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+
+ } else {
+ if (xform->cipher.key.length != 8) {
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 8;
+
+ des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.encode,
+ xform->cipher.key.data);
+ des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.decode,
+ xform->cipher.key.data);
+ }
return 0;
}
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 4be9b80..2e52ac2 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -247,6 +247,48 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* DES CBC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_CBC,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* DES DOCSIS BPI */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+
+
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index a4116c6..c282f4d 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -4691,6 +4691,44 @@ test_DES_docsis_openssl_all(void)
}
static int
+test_DES_cipheronly_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_CIPHERONLY_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
+test_DES_docsis_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_DOCSIS_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
test_3DES_chain_dpaa2_sec_all(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -8289,6 +8327,10 @@ static struct unit_test_suite cryptodev_aesni_mb_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_docsis_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_cipheronly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_docsis_mb_all),
TEST_CASES_END() /**< NULL terminate unit test array */
}
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 0b6e0b8..9bb3618 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -851,13 +851,15 @@ static const struct blockcipher_test_case des_cipheronly_test_cases[] = {
.test_descr = "DES-CBC Encryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-CBC Decryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
};
@@ -965,42 +967,48 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Encryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Encryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Full Block Decryption",
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Decryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Decryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Full Block Encryption",
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add DES support
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add " Pablo de Lara
@ 2017-09-18 10:56 ` Radu Nicolau
2017-09-18 14:08 ` De Lara Guarch, Pablo
0 siblings, 1 reply; 21+ messages in thread
From: Radu Nicolau @ 2017-09-18 10:56 UTC (permalink / raw)
To: Pablo de Lara, declan.doherty; +Cc: dev
On 9/15/2017 3:09 AM, Pablo de Lara wrote:
> The Multi-buffer library now supports DES-CBC
> and DES-DOCSISBPI algorithms, so this commit
> extends adds support for them in the PMD.
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
> doc/guides/cryptodevs/aesni_mb.rst | 2 +
> doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
> doc/guides/rel_notes/release_17_11.rst | 7 +++
> drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 74 ++++++++++++++++++--------
> drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42 +++++++++++++++
> test/test/test_cryptodev.c | 42 +++++++++++++++
> test/test/test_cryptodev_des_test_vectors.h | 24 ++++++---
> 7 files changed, 163 insertions(+), 31 deletions(-)
>
> <snip>
>
> +#include <des.h>
> +
> #include <rte_common.h>
> #include <rte_hexdump.h>
> #include <rte_cryptodev.h>
> @@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
> struct aesni_mb_session *sess,
> const struct rte_crypto_sym_xform *xform)
> {
> + uint8_t is_aes;
Nitpicking: Maybe initialize with zero and remove is_aes = 0; from the
switch body?
> aes_keyexp_t aes_keyexp_fn;
>
> if (xform == NULL) {
> @@ -217,45 +220,70 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
> switch (xform->cipher.algo) {
> case RTE_CRYPTO_CIPHER_AES_CBC:
> sess->cipher.mode = CBC;
> + is_aes = 1;
> break;
> case RTE_CRYPTO_CIPHER_AES_CTR:
> sess->cipher.mode = CNTR;
> + is_aes = 1;
> break;
> case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
> sess->cipher.mode = DOCSIS_SEC_BPI;
> + is_aes = 1;
> break;
> - default:
> - MB_LOG_ERR("Unsupported cipher mode parameter");
> - return -ENOTSUP;
> - }
> -
> - /* Check key length and choose key expansion function */
> - switch (xform->cipher.key.length) {
> - case AES_128_BYTES:
> - sess->cipher.key_length_in_bytes = AES_128_BYTES;
> - aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
> + case RTE_CRYPTO_CIPHER_DES_CBC:
> + sess->cipher.mode = DES;
> + is_aes = 0;
> break;
> - case AES_192_BYTES:
> - sess->cipher.key_length_in_bytes = AES_192_BYTES;
> - aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
> - break;
> - case AES_256_BYTES:
> - sess->cipher.key_length_in_bytes = AES_256_BYTES;
> - aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
> + case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
> + sess->cipher.mode = DOCSIS_DES;
> + is_aes = 0;
> break;
> default:
> - MB_LOG_ERR("Invalid cipher key length");
> - return -EINVAL;
> + MB_LOG_ERR("Unsupported cipher mode parameter");
> + return -ENOTSUP;
> }
> <snip>
Reviewed-by: Radu Nicolau <radu.nicolau@intel.com>
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add DES support
2017-09-18 10:56 ` Radu Nicolau
@ 2017-09-18 14:08 ` De Lara Guarch, Pablo
0 siblings, 0 replies; 21+ messages in thread
From: De Lara Guarch, Pablo @ 2017-09-18 14:08 UTC (permalink / raw)
To: Nicolau, Radu, Doherty, Declan; +Cc: dev
> -----Original Message-----
> From: Nicolau, Radu
> Sent: Monday, September 18, 2017 11:56 AM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Doherty,
> Declan <declan.doherty@intel.com>
> Cc: dev@dpdk.org
> Subject: Re: [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add DES support
>
>
>
> On 9/15/2017 3:09 AM, Pablo de Lara wrote:
> > The Multi-buffer library now supports DES-CBC and DES-DOCSISBPI
> > algorithms, so this commit extends adds support for them in the PMD.
> >
> > Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> > Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> > ---
> > doc/guides/cryptodevs/aesni_mb.rst | 2 +
> > doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
> > doc/guides/rel_notes/release_17_11.rst | 7 +++
> > drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 74
> ++++++++++++++++++--------
> > drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42
> +++++++++++++++
> > test/test/test_cryptodev.c | 42 +++++++++++++++
> > test/test/test_cryptodev_des_test_vectors.h | 24 ++++++---
> > 7 files changed, 163 insertions(+), 31 deletions(-)
> >
> > <snip>
> >
> > +#include <des.h>
> > +
> > #include <rte_common.h>
> > #include <rte_hexdump.h>
> > #include <rte_cryptodev.h>
> > @@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const
> struct aesni_mb_op_fns *mb_ops,
> > struct aesni_mb_session *sess,
> > const struct rte_crypto_sym_xform *xform)
> > {
> > + uint8_t is_aes;
> Nitpicking: Maybe initialize with zero and remove is_aes = 0; from the
> switch body?
Good idea. Will do and will send a v3.
Thanks!
Pablo
> Reviewed-by: Radu Nicolau <radu.nicolau@intel.com>
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v2 2/3] crypto/openssl: add support for DES-CBC
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 0/3] Extend " Pablo de Lara
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add " Pablo de Lara
@ 2017-09-15 2:09 ` Pablo de Lara
2017-09-18 11:31 ` Radu Nicolau
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 3/3] app/crypto-perf: fix packet length check Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 0/3] Extend DES support Pablo de Lara
3 siblings, 1 reply; 21+ messages in thread
From: Pablo de Lara @ 2017-09-15 2:09 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 27 +++++++++++++++++++++++++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 20 ++++++++++++++++++++
test/test/test_cryptodev.c | 21 +++++++++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 6 ++++--
4 files changed, 72 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 438535e..926caa6 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -336,6 +336,33 @@ openssl_set_session_cipher_parameters(struct openssl_session *sess,
sess->cipher.key.data) != 0)
return -EINVAL;
break;
+
+ case RTE_CRYPTO_CIPHER_DES_CBC:
+ sess->cipher.algo = xform->cipher.algo;
+ sess->cipher.ctx = EVP_CIPHER_CTX_new();
+ sess->cipher.evp_algo = EVP_des_cbc();
+
+ get_cipher_key(xform->cipher.key.data, sess->cipher.key.length,
+ sess->cipher.key.data);
+ if (sess->cipher.direction == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+ if (EVP_EncryptInit_ex(sess->cipher.ctx,
+ sess->cipher.evp_algo,
+ NULL, xform->cipher.key.data,
+ NULL) != 1) {
+ return -EINVAL;
+ }
+ } else if (sess->cipher.direction ==
+ RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+ if (EVP_DecryptInit_ex(sess->cipher.ctx,
+ sess->cipher.evp_algo,
+ NULL, xform->cipher.key.data,
+ NULL) != 1) {
+ return -EINVAL;
+ }
+ }
+
+ break;
+
case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
sess->cipher.algo = xform->cipher.algo;
sess->chain_order = OPENSSL_CHAIN_CIPHER_BPI;
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 8cdd0b2..a197f79 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -427,6 +427,26 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* DES CBC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_CBC,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
{ /* DES DOCSIS BPI */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index c282f4d..0557152 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -4672,6 +4672,25 @@ test_DES_cipheronly_qat_all(void)
}
static int
+test_DES_cipheronly_openssl_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)),
+ BLKCIPHER_DES_CIPHERONLY_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
test_DES_docsis_openssl_all(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -8353,6 +8372,8 @@ static struct unit_test_suite cryptodev_openssl_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown,
test_3DES_cipheronly_openssl_all),
TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_cipheronly_openssl_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
test_DES_docsis_openssl_all),
TEST_CASE_ST(ut_setup, ut_teardown,
test_authonly_openssl_all),
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 9bb3618..bb01246 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -852,14 +852,16 @@ static const struct blockcipher_test_case des_cipheronly_test_cases[] = {
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
- BLOCKCIPHER_TEST_TARGET_PMD_MB
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+ BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
},
{
.test_descr = "DES-CBC Decryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
- BLOCKCIPHER_TEST_TARGET_PMD_MB
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+ BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
},
};
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v2 3/3] app/crypto-perf: fix packet length check
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 0/3] Extend " Pablo de Lara
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add " Pablo de Lara
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 2/3] crypto/openssl: add support for DES-CBC Pablo de Lara
@ 2017-09-15 2:09 ` Pablo de Lara
2017-09-18 11:32 ` Radu Nicolau
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 0/3] Extend DES support Pablo de Lara
3 siblings, 1 reply; 21+ messages in thread
From: Pablo de Lara @ 2017-09-15 2:09 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara, stable
When using DES-CBC, packet size has to be multiple
of 8 bytes, but if a list of packets is provided.
the check was not correct.
Fixes: fc4600fb2520 ("app/crypto-perf: add extra option checks")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
app/test-crypto-perf/cperf_options_parsing.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c
index 663f53f..3f933bc 100644
--- a/app/test-crypto-perf/cperf_options_parsing.c
+++ b/app/test-crypto-perf/cperf_options_parsing.c
@@ -832,14 +832,26 @@ check_cipher_buffer_length(struct cperf_options *options)
if (options->cipher_algo == RTE_CRYPTO_CIPHER_DES_CBC ||
options->cipher_algo == RTE_CRYPTO_CIPHER_3DES_CBC ||
options->cipher_algo == RTE_CRYPTO_CIPHER_3DES_ECB) {
- for (buffer_size = options->min_buffer_size;
- buffer_size < options->max_buffer_size;
- buffer_size += options->inc_buffer_size) {
+ if (options->inc_buffer_size != 0)
+ buffer_size = options->min_buffer_size;
+ else
+ buffer_size = options->buffer_size_list[0];
+
+ while (buffer_size <= options->max_buffer_size) {
if ((buffer_size % DES_BLOCK_SIZE) != 0) {
RTE_LOG(ERR, USER1, "Some of the buffer sizes are "
"not suitable for the algorithm selected\n");
return -EINVAL;
}
+
+ if (options->inc_buffer_size != 0)
+ buffer_size += options->inc_buffer_size;
+ else {
+ if (++buffer_size_idx == options->buffer_size_count)
+ break;
+ buffer_size = options->buffer_size_list[buffer_size_idx];
+ }
+
}
}
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v3 0/3] Extend DES support
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 0/3] Extend " Pablo de Lara
` (2 preceding siblings ...)
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 3/3] app/crypto-perf: fix packet length check Pablo de Lara
@ 2017-09-20 1:37 ` Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: add " Pablo de Lara
` (3 more replies)
3 siblings, 4 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-09-20 1:37 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
This patchset extends the support of DES algorithms to the AESNI MB and OpenSSL PMDs.
For AESNI MB PMD, the following algorithms are added:
- DES-CBC
- DES-DOCSISBPI
For OpenSSL PMD, DES-CBC is added, as DES-DOCSISBPI was already supported.
Changes in v3:
- Added release note for support for DES-CBC on OpenSSL PMD
- Addressed Radu's comments
Pablo de Lara (3):
crypto/aesni_mb: add DES support
crypto/openssl: add support for DES-CBC
app/crypto-perf: fix packet length check
app/test-crypto-perf/cperf_options_parsing.c | 18 +++++--
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
doc/guides/rel_notes/release_17_11.rst | 13 +++++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 72 ++++++++++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42 +++++++++++++++
drivers/crypto/openssl/rte_openssl_pmd.c | 27 ++++++++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 20 +++++++
test/test/test_cryptodev.c | 63 ++++++++++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 26 +++++++---
10 files changed, 252 insertions(+), 34 deletions(-)
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: add DES support
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 0/3] Extend DES support Pablo de Lara
@ 2017-09-20 1:37 ` Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 2/3] crypto/openssl: add support for DES-CBC Pablo de Lara
` (2 subsequent siblings)
3 siblings, 0 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-09-20 1:37 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
The Multi-buffer library now supports DES-CBC
and DES-DOCSISBPI algorithms, so this commit
extends adds support for them in the PMD.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Reviewed-by: Radu Nicolau <radu.nicolau@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
doc/guides/rel_notes/release_17_11.rst | 7 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 72 ++++++++++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42 +++++++++++++++
test/test/test_cryptodev.c | 42 +++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 24 ++++++---
7 files changed, 161 insertions(+), 31 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index b3b937f..2e07e1e 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -52,6 +52,8 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES192_CTR
* RTE_CRYPTO_CIPHER_AES256_CTR
* RTE_CRYPTO_CIPHER_AES_DOCSISBPI
+* RTE_CRYPTO_CIPHER_DES_CBC
+* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
Hash algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 03d8485..fab07cb 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -23,6 +23,9 @@ AES CTR (128) = Y
AES CTR (192) = Y
AES CTR (256) = Y
AES DOCSIS BPI = Y
+DES CBC = Y
+DES DOCSIS BPI = Y
+
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
;
diff --git a/doc/guides/rel_notes/release_17_11.rst b/doc/guides/rel_notes/release_17_11.rst
index 207c623..1ddc3cf 100644
--- a/doc/guides/rel_notes/release_17_11.rst
+++ b/doc/guides/rel_notes/release_17_11.rst
@@ -49,6 +49,13 @@ New Features
* Coalesce writes to HEAD CSR on response processing.
* Coalesce writes to TAIL CSR on request processing.
+* **Updated the AESNI MB PMD.**
+
+ The AESNI MB PMD has been updated with additional support for:
+
+ * DES CBC algorithm.
+ * DES DOCSIS BPI algorithm.
+
Resolved Issues
---------------
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index f91504d..49242fc 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -30,6 +30,8 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include <des.h>
+
#include <rte_common.h>
#include <rte_hexdump.h>
#include <rte_cryptodev.h>
@@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+ uint8_t is_aes = 0;
aes_keyexp_t aes_keyexp_fn;
if (xform == NULL) {
@@ -217,45 +220,68 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
switch (xform->cipher.algo) {
case RTE_CRYPTO_CIPHER_AES_CBC:
sess->cipher.mode = CBC;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_CTR:
sess->cipher.mode = CNTR;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
sess->cipher.mode = DOCSIS_SEC_BPI;
+ is_aes = 1;
break;
- default:
- MB_LOG_ERR("Unsupported cipher mode parameter");
- return -ENOTSUP;
- }
-
- /* Check key length and choose key expansion function */
- switch (xform->cipher.key.length) {
- case AES_128_BYTES:
- sess->cipher.key_length_in_bytes = AES_128_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ case RTE_CRYPTO_CIPHER_DES_CBC:
+ sess->cipher.mode = DES;
break;
- case AES_192_BYTES:
- sess->cipher.key_length_in_bytes = AES_192_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
- break;
- case AES_256_BYTES:
- sess->cipher.key_length_in_bytes = AES_256_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
+ sess->cipher.mode = DOCSIS_DES;
break;
default:
- MB_LOG_ERR("Invalid cipher key length");
- return -EINVAL;
+ MB_LOG_ERR("Unsupported cipher mode parameter");
+ return -ENOTSUP;
}
/* Set IV parameters */
sess->iv.offset = xform->cipher.iv.offset;
sess->iv.length = xform->cipher.iv.length;
- /* Expanded cipher keys */
- (*aes_keyexp_fn)(xform->cipher.key.data,
- sess->cipher.expanded_aes_keys.encode,
- sess->cipher.expanded_aes_keys.decode);
+ /* Check key length and choose key expansion function for AES */
+ if (is_aes) {
+ switch (xform->cipher.key.length) {
+ case AES_128_BYTES:
+ sess->cipher.key_length_in_bytes = AES_128_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ break;
+ case AES_192_BYTES:
+ sess->cipher.key_length_in_bytes = AES_192_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
+ break;
+ case AES_256_BYTES:
+ sess->cipher.key_length_in_bytes = AES_256_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ break;
+ default:
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+
+ /* Expanded cipher keys */
+ (*aes_keyexp_fn)(xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+
+ } else {
+ if (xform->cipher.key.length != 8) {
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 8;
+
+ des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.encode,
+ xform->cipher.key.data);
+ des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.decode,
+ xform->cipher.key.data);
+ }
return 0;
}
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 4be9b80..2e52ac2 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -247,6 +247,48 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* DES CBC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_CBC,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* DES DOCSIS BPI */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+
+
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index a4116c6..c282f4d 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -4691,6 +4691,44 @@ test_DES_docsis_openssl_all(void)
}
static int
+test_DES_cipheronly_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_CIPHERONLY_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
+test_DES_docsis_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_DOCSIS_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
test_3DES_chain_dpaa2_sec_all(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -8289,6 +8327,10 @@ static struct unit_test_suite cryptodev_aesni_mb_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_docsis_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_cipheronly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_docsis_mb_all),
TEST_CASES_END() /**< NULL terminate unit test array */
}
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 0b6e0b8..9bb3618 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -851,13 +851,15 @@ static const struct blockcipher_test_case des_cipheronly_test_cases[] = {
.test_descr = "DES-CBC Encryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-CBC Decryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
};
@@ -965,42 +967,48 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Encryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Encryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Full Block Decryption",
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Decryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Decryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Full Block Encryption",
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v3 2/3] crypto/openssl: add support for DES-CBC
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 0/3] Extend DES support Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: add " Pablo de Lara
@ 2017-09-20 1:37 ` Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 3/3] app/crypto-perf: fix packet length check Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support Pablo de Lara
3 siblings, 0 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-09-20 1:37 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
---
doc/guides/rel_notes/release_17_11.rst | 6 ++++++
drivers/crypto/openssl/rte_openssl_pmd.c | 27 +++++++++++++++++++++++++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 20 ++++++++++++++++++++
test/test/test_cryptodev.c | 21 +++++++++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 6 ++++--
5 files changed, 78 insertions(+), 2 deletions(-)
diff --git a/doc/guides/rel_notes/release_17_11.rst b/doc/guides/rel_notes/release_17_11.rst
index 1ddc3cf..683cc22 100644
--- a/doc/guides/rel_notes/release_17_11.rst
+++ b/doc/guides/rel_notes/release_17_11.rst
@@ -56,6 +56,12 @@ New Features
* DES CBC algorithm.
* DES DOCSIS BPI algorithm.
+* **Updated the OpenSSL PMD.**
+
+ The OpenSSL PMD has been updated with additional support for:
+
+ * DES CBC algorithm.
+
Resolved Issues
---------------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 438535e..926caa6 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -336,6 +336,33 @@ openssl_set_session_cipher_parameters(struct openssl_session *sess,
sess->cipher.key.data) != 0)
return -EINVAL;
break;
+
+ case RTE_CRYPTO_CIPHER_DES_CBC:
+ sess->cipher.algo = xform->cipher.algo;
+ sess->cipher.ctx = EVP_CIPHER_CTX_new();
+ sess->cipher.evp_algo = EVP_des_cbc();
+
+ get_cipher_key(xform->cipher.key.data, sess->cipher.key.length,
+ sess->cipher.key.data);
+ if (sess->cipher.direction == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+ if (EVP_EncryptInit_ex(sess->cipher.ctx,
+ sess->cipher.evp_algo,
+ NULL, xform->cipher.key.data,
+ NULL) != 1) {
+ return -EINVAL;
+ }
+ } else if (sess->cipher.direction ==
+ RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+ if (EVP_DecryptInit_ex(sess->cipher.ctx,
+ sess->cipher.evp_algo,
+ NULL, xform->cipher.key.data,
+ NULL) != 1) {
+ return -EINVAL;
+ }
+ }
+
+ break;
+
case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
sess->cipher.algo = xform->cipher.algo;
sess->chain_order = OPENSSL_CHAIN_CIPHER_BPI;
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 8cdd0b2..a197f79 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -427,6 +427,26 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* DES CBC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_CBC,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
{ /* DES DOCSIS BPI */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index c282f4d..0557152 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -4672,6 +4672,25 @@ test_DES_cipheronly_qat_all(void)
}
static int
+test_DES_cipheronly_openssl_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)),
+ BLKCIPHER_DES_CIPHERONLY_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
test_DES_docsis_openssl_all(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -8353,6 +8372,8 @@ static struct unit_test_suite cryptodev_openssl_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown,
test_3DES_cipheronly_openssl_all),
TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_cipheronly_openssl_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
test_DES_docsis_openssl_all),
TEST_CASE_ST(ut_setup, ut_teardown,
test_authonly_openssl_all),
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 9bb3618..bb01246 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -852,14 +852,16 @@ static const struct blockcipher_test_case des_cipheronly_test_cases[] = {
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
- BLOCKCIPHER_TEST_TARGET_PMD_MB
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+ BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
},
{
.test_descr = "DES-CBC Decryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
- BLOCKCIPHER_TEST_TARGET_PMD_MB
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+ BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
},
};
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v3 3/3] app/crypto-perf: fix packet length check
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 0/3] Extend DES support Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: add " Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 2/3] crypto/openssl: add support for DES-CBC Pablo de Lara
@ 2017-09-20 1:37 ` Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support Pablo de Lara
3 siblings, 0 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-09-20 1:37 UTC (permalink / raw)
To: declan.doherty; +Cc: dev, Pablo de Lara, stable
When using DES-CBC, packet size has to be multiple
of 8 bytes, but if a list of packets is provided.
the check was not correct.
Fixes: fc4600fb2520 ("app/crypto-perf: add extra option checks")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
---
app/test-crypto-perf/cperf_options_parsing.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c
index 663f53f..3f933bc 100644
--- a/app/test-crypto-perf/cperf_options_parsing.c
+++ b/app/test-crypto-perf/cperf_options_parsing.c
@@ -832,14 +832,26 @@ check_cipher_buffer_length(struct cperf_options *options)
if (options->cipher_algo == RTE_CRYPTO_CIPHER_DES_CBC ||
options->cipher_algo == RTE_CRYPTO_CIPHER_3DES_CBC ||
options->cipher_algo == RTE_CRYPTO_CIPHER_3DES_ECB) {
- for (buffer_size = options->min_buffer_size;
- buffer_size < options->max_buffer_size;
- buffer_size += options->inc_buffer_size) {
+ if (options->inc_buffer_size != 0)
+ buffer_size = options->min_buffer_size;
+ else
+ buffer_size = options->buffer_size_list[0];
+
+ while (buffer_size <= options->max_buffer_size) {
if ((buffer_size % DES_BLOCK_SIZE) != 0) {
RTE_LOG(ERR, USER1, "Some of the buffer sizes are "
"not suitable for the algorithm selected\n");
return -EINVAL;
}
+
+ if (options->inc_buffer_size != 0)
+ buffer_size += options->inc_buffer_size;
+ else {
+ if (++buffer_size_idx == options->buffer_size_count)
+ break;
+ buffer_size = options->buffer_size_list[buffer_size_idx];
+ }
+
}
}
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v4 0/4] Extend DES support
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 0/3] Extend DES support Pablo de Lara
` (2 preceding siblings ...)
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 3/3] app/crypto-perf: fix packet length check Pablo de Lara
@ 2017-10-05 5:27 ` Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 1/4] doc: update IPSec Multi-buffer lib versioning Pablo de Lara
` (4 more replies)
3 siblings, 5 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-10-05 5:27 UTC (permalink / raw)
To: declan.doherty, john.mcnamara; +Cc: dev, Pablo de Lara
This patchset extends the support of DES algorithms to the AESNI MB and OpenSSL PMDs.
For AESNI MB PMD, the following algorithms are added:
- DES-CBC
- DES-DOCSISBPI
For OpenSSL PMD, DES-CBC is added, as DES-DOCSISBPI was already supported.
Changes in v4:
- Updated documentation now that Multi-buffer library 0.47 has been released
Changes in v3:
- Added release note for support for DES-CBC on OpenSSL PMD
- Addressed Radu's comments
Pablo de Lara (4):
doc: update IPSec Multi-buffer lib versioning
crypto/aesni_mb: add DES support
crypto/openssl: add support for DES-CBC
app/crypto-perf: fix packet length check
app/test-crypto-perf/cperf_options_parsing.c | 18 +++++--
doc/guides/cryptodevs/aesni_mb.rst | 21 ++++----
doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
doc/guides/rel_notes/release_17_11.rst | 16 ++++++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 72 ++++++++++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42 +++++++++++++++
drivers/crypto/openssl/rte_openssl_pmd.c | 27 ++++++++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 20 +++++++
test/test/test_cryptodev.c | 63 ++++++++++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 26 +++++++---
10 files changed, 265 insertions(+), 43 deletions(-)
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v4 1/4] doc: update IPSec Multi-buffer lib versioning
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support Pablo de Lara
@ 2017-10-05 5:27 ` Pablo de Lara
2017-10-05 13:55 ` Mcnamara, John
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 2/4] crypto/aesni_mb: add DES support Pablo de Lara
` (3 subsequent siblings)
4 siblings, 1 reply; 21+ messages in thread
From: Pablo de Lara @ 2017-10-05 5:27 UTC (permalink / raw)
To: declan.doherty, john.mcnamara; +Cc: dev, Pablo de Lara
IPSec Multi-buffer library v0.47 has been released,
which includes, among other features, support for DES-CBC
and DES-DOCSIS.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index b3b937f..25d2553 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -76,8 +76,8 @@ Installation
To build DPDK with the AESNI_MB_PMD the user is required to download the multi-buffer
library from `here <https://github.com/01org/intel-ipsec-mb>`_
and compile it on their user system before building DPDK.
-The latest version of the library supported by this PMD is v0.46, which
-can be downloaded in `<https://github.com/01org/intel-ipsec-mb/archive/v0.46.zip>`_.
+The latest version of the library supported by this PMD is v0.47, which
+can be downloaded in `<https://github.com/01org/intel-ipsec-mb/archive/v0.47.zip>`_.
.. code-block:: console
@@ -90,13 +90,14 @@ and the Multi-Buffer library version supported by them:
.. table:: DPDK and Multi-Buffer library version compatibility
- ============= ============================
- DPDK version Multi-buffer library version
- ============= ============================
- 2.2 - 16.11 0.43 - 0.44
- 17.02 0.44
- 17.05+ 0.45+
- ============= ============================
+ ============== ============================
+ DPDK version Multi-buffer library version
+ ============== ============================
+ 2.2 - 16.11 0.43 - 0.44
+ 17.02 0.44
+ 17.05 - 17.08 0.45 - 0.47
+ 17.11+ 0.47
+ ============== ============================
Initialization
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: [dpdk-dev] [PATCH v4 1/4] doc: update IPSec Multi-buffer lib versioning
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 1/4] doc: update IPSec Multi-buffer lib versioning Pablo de Lara
@ 2017-10-05 13:55 ` Mcnamara, John
0 siblings, 0 replies; 21+ messages in thread
From: Mcnamara, John @ 2017-10-05 13:55 UTC (permalink / raw)
To: De Lara Guarch, Pablo, Doherty, Declan; +Cc: dev
> -----Original Message-----
> From: De Lara Guarch, Pablo
> Sent: Thursday, October 5, 2017 6:28 AM
> To: Doherty, Declan <declan.doherty@intel.com>; Mcnamara, John
> <john.mcnamara@intel.com>
> Cc: dev@dpdk.org; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Subject: [PATCH v4 1/4] doc: update IPSec Multi-buffer lib versioning
>
> IPSec Multi-buffer library v0.47 has been released, which includes, among
> other features, support for DES-CBC and DES-DOCSIS.
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v4 2/4] crypto/aesni_mb: add DES support
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 1/4] doc: update IPSec Multi-buffer lib versioning Pablo de Lara
@ 2017-10-05 5:27 ` Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 3/4] crypto/openssl: add support for DES-CBC Pablo de Lara
` (2 subsequent siblings)
4 siblings, 0 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-10-05 5:27 UTC (permalink / raw)
To: declan.doherty, john.mcnamara; +Cc: dev, Pablo de Lara
The Multi-buffer library now supports DES-CBC
and DES-DOCSISBPI algorithms, so this commit
extends adds support for them in the PMD.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Reviewed-by: Radu Nicolau <radu.nicolau@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
doc/guides/rel_notes/release_17_11.rst | 10 ++++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 72 ++++++++++++++++++--------
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42 +++++++++++++++
test/test/test_cryptodev.c | 42 +++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 24 ++++++---
7 files changed, 164 insertions(+), 31 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 25d2553..e908951 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -52,6 +52,8 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES192_CTR
* RTE_CRYPTO_CIPHER_AES256_CTR
* RTE_CRYPTO_CIPHER_AES_DOCSISBPI
+* RTE_CRYPTO_CIPHER_DES_CBC
+* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
Hash algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini
index 03d8485..fab07cb 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -23,6 +23,9 @@ AES CTR (128) = Y
AES CTR (192) = Y
AES CTR (256) = Y
AES DOCSIS BPI = Y
+DES CBC = Y
+DES DOCSIS BPI = Y
+
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
;
diff --git a/doc/guides/rel_notes/release_17_11.rst b/doc/guides/rel_notes/release_17_11.rst
index ca286a5..30fe28d 100644
--- a/doc/guides/rel_notes/release_17_11.rst
+++ b/doc/guides/rel_notes/release_17_11.rst
@@ -49,6 +49,16 @@ New Features
* Coalesce writes to HEAD CSR on response processing.
* Coalesce writes to TAIL CSR on request processing.
+* **Updated the AESNI MB PMD.**
+
+ The AESNI MB PMD has been updated with additional support for:
+
+ * DES CBC algorithm.
+ * DES DOCSIS BPI algorithm.
+
+ This requires the IPSec Multi-buffer library 0.47. For more details,
+ check out the AESNI MB PMD documenation.
+
* **Add new benchmarking mode to dpdk-test-crypto-perf application.**
Added new "PMD cyclecount" benchmark mode to dpdk-test-crypto-perf application
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index f91504d..49242fc 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -30,6 +30,8 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include <des.h>
+
#include <rte_common.h>
#include <rte_hexdump.h>
#include <rte_cryptodev.h>
@@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+ uint8_t is_aes = 0;
aes_keyexp_t aes_keyexp_fn;
if (xform == NULL) {
@@ -217,45 +220,68 @@ aesni_mb_set_session_cipher_parameters(const struct aesni_mb_op_fns *mb_ops,
switch (xform->cipher.algo) {
case RTE_CRYPTO_CIPHER_AES_CBC:
sess->cipher.mode = CBC;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_CTR:
sess->cipher.mode = CNTR;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
sess->cipher.mode = DOCSIS_SEC_BPI;
+ is_aes = 1;
break;
- default:
- MB_LOG_ERR("Unsupported cipher mode parameter");
- return -ENOTSUP;
- }
-
- /* Check key length and choose key expansion function */
- switch (xform->cipher.key.length) {
- case AES_128_BYTES:
- sess->cipher.key_length_in_bytes = AES_128_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ case RTE_CRYPTO_CIPHER_DES_CBC:
+ sess->cipher.mode = DES;
break;
- case AES_192_BYTES:
- sess->cipher.key_length_in_bytes = AES_192_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
- break;
- case AES_256_BYTES:
- sess->cipher.key_length_in_bytes = AES_256_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
+ sess->cipher.mode = DOCSIS_DES;
break;
default:
- MB_LOG_ERR("Invalid cipher key length");
- return -EINVAL;
+ MB_LOG_ERR("Unsupported cipher mode parameter");
+ return -ENOTSUP;
}
/* Set IV parameters */
sess->iv.offset = xform->cipher.iv.offset;
sess->iv.length = xform->cipher.iv.length;
- /* Expanded cipher keys */
- (*aes_keyexp_fn)(xform->cipher.key.data,
- sess->cipher.expanded_aes_keys.encode,
- sess->cipher.expanded_aes_keys.decode);
+ /* Check key length and choose key expansion function for AES */
+ if (is_aes) {
+ switch (xform->cipher.key.length) {
+ case AES_128_BYTES:
+ sess->cipher.key_length_in_bytes = AES_128_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ break;
+ case AES_192_BYTES:
+ sess->cipher.key_length_in_bytes = AES_192_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
+ break;
+ case AES_256_BYTES:
+ sess->cipher.key_length_in_bytes = AES_256_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ break;
+ default:
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+
+ /* Expanded cipher keys */
+ (*aes_keyexp_fn)(xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+
+ } else {
+ if (xform->cipher.key.length != 8) {
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 8;
+
+ des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.encode,
+ xform->cipher.key.data);
+ des_key_schedule((uint64_t *)sess->cipher.expanded_aes_keys.decode,
+ xform->cipher.key.data);
+ }
return 0;
}
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 4be9b80..2e52ac2 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -247,6 +247,48 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
}, }
}, }
},
+ { /* DES CBC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_CBC,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+ { /* DES DOCSIS BPI */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_DOCSISBPI,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
+
+
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
};
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index a4116c6..c282f4d 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -4691,6 +4691,44 @@ test_DES_docsis_openssl_all(void)
}
static int
+test_DES_cipheronly_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_CIPHERONLY_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
+test_DES_docsis_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_DOCSIS_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
test_3DES_chain_dpaa2_sec_all(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -8289,6 +8327,10 @@ static struct unit_test_suite cryptodev_aesni_mb_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_docsis_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_cipheronly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_docsis_mb_all),
TEST_CASES_END() /**< NULL terminate unit test array */
}
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 0b6e0b8..9bb3618 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -851,13 +851,15 @@ static const struct blockcipher_test_case des_cipheronly_test_cases[] = {
.test_descr = "DES-CBC Encryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-CBC Decryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
};
@@ -965,42 +967,48 @@ static const struct blockcipher_test_case des_docsis_test_cases[] = {
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Encryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Encryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Full Block Decryption",
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Decryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Decryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Full Block Encryption",
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v4 3/4] crypto/openssl: add support for DES-CBC
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 1/4] doc: update IPSec Multi-buffer lib versioning Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 2/4] crypto/aesni_mb: add DES support Pablo de Lara
@ 2017-10-05 5:27 ` Pablo de Lara
2017-10-05 5:28 ` [dpdk-dev] [PATCH v4 4/4] app/crypto-perf: fix packet length check Pablo de Lara
2017-10-05 14:14 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support De Lara Guarch, Pablo
4 siblings, 0 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-10-05 5:27 UTC (permalink / raw)
To: declan.doherty, john.mcnamara; +Cc: dev, Pablo de Lara
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
---
doc/guides/rel_notes/release_17_11.rst | 6 ++++++
drivers/crypto/openssl/rte_openssl_pmd.c | 27 +++++++++++++++++++++++++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 20 ++++++++++++++++++++
test/test/test_cryptodev.c | 21 +++++++++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 6 ++++--
5 files changed, 78 insertions(+), 2 deletions(-)
diff --git a/doc/guides/rel_notes/release_17_11.rst b/doc/guides/rel_notes/release_17_11.rst
index 30fe28d..f2c83f0 100644
--- a/doc/guides/rel_notes/release_17_11.rst
+++ b/doc/guides/rel_notes/release_17_11.rst
@@ -59,6 +59,12 @@ New Features
This requires the IPSec Multi-buffer library 0.47. For more details,
check out the AESNI MB PMD documenation.
+* **Updated the OpenSSL PMD.**
+
+ The OpenSSL PMD has been updated with additional support for:
+
+ * DES CBC algorithm.
+
* **Add new benchmarking mode to dpdk-test-crypto-perf application.**
Added new "PMD cyclecount" benchmark mode to dpdk-test-crypto-perf application
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 280148e..0c822a4 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -355,6 +355,33 @@ openssl_set_session_cipher_parameters(struct openssl_session *sess,
sess->cipher.key.data) != 0)
return -EINVAL;
break;
+
+ case RTE_CRYPTO_CIPHER_DES_CBC:
+ sess->cipher.algo = xform->cipher.algo;
+ sess->cipher.ctx = EVP_CIPHER_CTX_new();
+ sess->cipher.evp_algo = EVP_des_cbc();
+
+ get_cipher_key(xform->cipher.key.data, sess->cipher.key.length,
+ sess->cipher.key.data);
+ if (sess->cipher.direction == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
+ if (EVP_EncryptInit_ex(sess->cipher.ctx,
+ sess->cipher.evp_algo,
+ NULL, xform->cipher.key.data,
+ NULL) != 1) {
+ return -EINVAL;
+ }
+ } else if (sess->cipher.direction ==
+ RTE_CRYPTO_CIPHER_OP_DECRYPT) {
+ if (EVP_DecryptInit_ex(sess->cipher.ctx,
+ sess->cipher.evp_algo,
+ NULL, xform->cipher.key.data,
+ NULL) != 1) {
+ return -EINVAL;
+ }
+ }
+
+ break;
+
case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
sess->cipher.algo = xform->cipher.algo;
sess->chain_order = OPENSSL_CHAIN_CIPHER_BPI;
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 8cdd0b2..a197f79 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -427,6 +427,26 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* DES CBC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ {.cipher = {
+ .algo = RTE_CRYPTO_CIPHER_DES_CBC,
+ .block_size = 8,
+ .key_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ },
+ .iv_size = {
+ .min = 8,
+ .max = 8,
+ .increment = 0
+ }
+ }, }
+ }, }
+ },
{ /* DES DOCSIS BPI */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index c282f4d..0557152 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -4672,6 +4672,25 @@ test_DES_cipheronly_qat_all(void)
}
static int
+test_DES_cipheronly_openssl_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)),
+ BLKCIPHER_DES_CIPHERONLY_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
test_DES_docsis_openssl_all(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -8353,6 +8372,8 @@ static struct unit_test_suite cryptodev_openssl_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown,
test_3DES_cipheronly_openssl_all),
TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_cipheronly_openssl_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
test_DES_docsis_openssl_all),
TEST_CASE_ST(ut_setup, ut_teardown,
test_authonly_openssl_all),
diff --git a/test/test/test_cryptodev_des_test_vectors.h b/test/test/test_cryptodev_des_test_vectors.h
index 9bb3618..bb01246 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -852,14 +852,16 @@ static const struct blockcipher_test_case des_cipheronly_test_cases[] = {
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
- BLOCKCIPHER_TEST_TARGET_PMD_MB
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+ BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
},
{
.test_descr = "DES-CBC Decryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
- BLOCKCIPHER_TEST_TARGET_PMD_MB
+ BLOCKCIPHER_TEST_TARGET_PMD_MB |
+ BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL
},
};
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* [dpdk-dev] [PATCH v4 4/4] app/crypto-perf: fix packet length check
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support Pablo de Lara
` (2 preceding siblings ...)
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 3/4] crypto/openssl: add support for DES-CBC Pablo de Lara
@ 2017-10-05 5:28 ` Pablo de Lara
2017-10-05 14:14 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support De Lara Guarch, Pablo
4 siblings, 0 replies; 21+ messages in thread
From: Pablo de Lara @ 2017-10-05 5:28 UTC (permalink / raw)
To: declan.doherty, john.mcnamara; +Cc: dev, Pablo de Lara, stable
When using DES-CBC, packet size has to be multiple
of 8 bytes, but if a list of packets is provided.
the check was not correct.
Fixes: fc4600fb2520 ("app/crypto-perf: add extra option checks")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
---
app/test-crypto-perf/cperf_options_parsing.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c
index f3508a4..af81162 100644
--- a/app/test-crypto-perf/cperf_options_parsing.c
+++ b/app/test-crypto-perf/cperf_options_parsing.c
@@ -876,14 +876,26 @@ check_cipher_buffer_length(struct cperf_options *options)
if (options->cipher_algo == RTE_CRYPTO_CIPHER_DES_CBC ||
options->cipher_algo == RTE_CRYPTO_CIPHER_3DES_CBC ||
options->cipher_algo == RTE_CRYPTO_CIPHER_3DES_ECB) {
- for (buffer_size = options->min_buffer_size;
- buffer_size < options->max_buffer_size;
- buffer_size += options->inc_buffer_size) {
+ if (options->inc_buffer_size != 0)
+ buffer_size = options->min_buffer_size;
+ else
+ buffer_size = options->buffer_size_list[0];
+
+ while (buffer_size <= options->max_buffer_size) {
if ((buffer_size % DES_BLOCK_SIZE) != 0) {
RTE_LOG(ERR, USER1, "Some of the buffer sizes are "
"not suitable for the algorithm selected\n");
return -EINVAL;
}
+
+ if (options->inc_buffer_size != 0)
+ buffer_size += options->inc_buffer_size;
+ else {
+ if (++buffer_size_idx == options->buffer_size_count)
+ break;
+ buffer_size = options->buffer_size_list[buffer_size_idx];
+ }
+
}
}
--
2.9.4
^ permalink raw reply [flat|nested] 21+ messages in thread
* Re: [dpdk-dev] [PATCH v4 0/4] Extend DES support
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support Pablo de Lara
` (3 preceding siblings ...)
2017-10-05 5:28 ` [dpdk-dev] [PATCH v4 4/4] app/crypto-perf: fix packet length check Pablo de Lara
@ 2017-10-05 14:14 ` De Lara Guarch, Pablo
4 siblings, 0 replies; 21+ messages in thread
From: De Lara Guarch, Pablo @ 2017-10-05 14:14 UTC (permalink / raw)
To: Doherty, Declan, Mcnamara, John; +Cc: dev
> -----Original Message-----
> From: De Lara Guarch, Pablo
> Sent: Thursday, October 5, 2017 6:28 AM
> To: Doherty, Declan <declan.doherty@intel.com>; Mcnamara, John
> <john.mcnamara@intel.com>
> Cc: dev@dpdk.org; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>
> Subject: [PATCH v4 0/4] Extend DES support
>
> This patchset extends the support of DES algorithms to the AESNI MB and
> OpenSSL PMDs.
> For AESNI MB PMD, the following algorithms are added:
> - DES-CBC
> - DES-DOCSISBPI
>
> For OpenSSL PMD, DES-CBC is added, as DES-DOCSISBPI was already
> supported.
>
> Changes in v4:
> - Updated documentation now that Multi-buffer library 0.47 has been
> released
>
> Changes in v3:
> - Added release note for support for DES-CBC on OpenSSL PMD
> - Addressed Radu's comments
>
> Pablo de Lara (4):
> doc: update IPSec Multi-buffer lib versioning
> crypto/aesni_mb: add DES support
> crypto/openssl: add support for DES-CBC
> app/crypto-perf: fix packet length check
>
> app/test-crypto-perf/cperf_options_parsing.c | 18 +++++--
> doc/guides/cryptodevs/aesni_mb.rst | 21 ++++----
> doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
> doc/guides/rel_notes/release_17_11.rst | 16 ++++++
> drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 72
> ++++++++++++++++++--------
> drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 42
> +++++++++++++++
> drivers/crypto/openssl/rte_openssl_pmd.c | 27 ++++++++++
> drivers/crypto/openssl/rte_openssl_pmd_ops.c | 20 +++++++
> test/test/test_cryptodev.c | 63 ++++++++++++++++++++++
> test/test/test_cryptodev_des_test_vectors.h | 26 +++++++---
> 10 files changed, 265 insertions(+), 43 deletions(-)
>
> --
> 2.9.4
Applied to dpdk-next-crypto.
Pablo
^ permalink raw reply [flat|nested] 21+ messages in thread
end of thread, other threads:[~2017-10-05 14:14 UTC | newest]
Thread overview: 21+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-08-18 6:17 [dpdk-dev] [PATCH] crypto/aesni_mb: add DES support Pablo de Lara
2017-09-04 9:07 ` Zhang, Roy Fan
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 0/3] Extend " Pablo de Lara
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 1/3] crypto/aesni_mb: add " Pablo de Lara
2017-09-18 10:56 ` Radu Nicolau
2017-09-18 14:08 ` De Lara Guarch, Pablo
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 2/3] crypto/openssl: add support for DES-CBC Pablo de Lara
2017-09-18 11:31 ` Radu Nicolau
2017-09-15 2:09 ` [dpdk-dev] [PATCH v2 3/3] app/crypto-perf: fix packet length check Pablo de Lara
2017-09-18 11:32 ` Radu Nicolau
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 0/3] Extend DES support Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 1/3] crypto/aesni_mb: add " Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 2/3] crypto/openssl: add support for DES-CBC Pablo de Lara
2017-09-20 1:37 ` [dpdk-dev] [PATCH v3 3/3] app/crypto-perf: fix packet length check Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 1/4] doc: update IPSec Multi-buffer lib versioning Pablo de Lara
2017-10-05 13:55 ` Mcnamara, John
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 2/4] crypto/aesni_mb: add DES support Pablo de Lara
2017-10-05 5:27 ` [dpdk-dev] [PATCH v4 3/4] crypto/openssl: add support for DES-CBC Pablo de Lara
2017-10-05 5:28 ` [dpdk-dev] [PATCH v4 4/4] app/crypto-perf: fix packet length check Pablo de Lara
2017-10-05 14:14 ` [dpdk-dev] [PATCH v4 0/4] Extend DES support De Lara Guarch, Pablo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).