DPDK patches and discussions
 help / color / mirror / Atom feed
* [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology
@ 2019-02-28 16:18 Damian Nowak
  2019-02-28 16:18 ` [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT Damian Nowak
                   ` (3 more replies)
  0 siblings, 4 replies; 11+ messages in thread
From: Damian Nowak @ 2019-02-28 16:18 UTC (permalink / raw)
  To: fiona.trahe; +Cc: dev, Damian Nowak

This patchset adds XTS support for Intel QuickAssist Technology.

Following cipher algorithms are available with this patchset:
*	AES XTS (128)
*	AES XTS (256)

Damian Nowak (3):
  test/crypto: add tests for XTS on QAT
  crypto/qat: add XTS for QAT session config
  cryptodev: remove XTS text duplication

 doc/guides/cryptodevs/features/qat.ini      |   2 +
 doc/guides/cryptodevs/qat.rst               |   3 +-
 drivers/crypto/qat/qat_sym_capabilities.h   |  22 ++-
 drivers/crypto/qat/qat_sym_session.c        |  17 ++-
 lib/librte_cryptodev/rte_crypto_sym.h       |   9 +-
 test/test/test_cryptodev_aes_test_vectors.h | 223 +++++++++++++++++++++++++++-
 6 files changed, 265 insertions(+), 11 deletions(-)

-- 
2.7.4

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT
  2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak
@ 2019-02-28 16:18 ` Damian Nowak
  2019-02-28 16:18 ` [dpdk-dev] [PATCH 2/3] crypto/qat: add XTS for QAT session config Damian Nowak
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 11+ messages in thread
From: Damian Nowak @ 2019-02-28 16:18 UTC (permalink / raw)
  To: fiona.trahe; +Cc: dev, Damian Nowak

This patch adds test vectors for AES XTS mode on QAT.
It uses different plaintext sizes and AES keys sizes
of 128 and 256 bits.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
---
 test/test/test_cryptodev_aes_test_vectors.h | 223 +++++++++++++++++++++++++++-
 1 file changed, 222 insertions(+), 1 deletion(-)

diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h
index 6dd8e5f..960c3b1 100644
--- a/test/test/test_cryptodev_aes_test_vectors.h
+++ b/test/test/test_cryptodev_aes_test_vectors.h
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2016-2017 Intel Corporation
+ * Copyright(c) 2016-2019 Intel Corporation
  */
 
 #ifndef TEST_CRYPTODEV_AES_TEST_VECTORS_H_
@@ -1077,6 +1077,179 @@ static const struct blockcipher_test_data aes_test_data_13 = {
 	}
 };
 
+/** XTS-AES-128 test vector (2 keys * 128 bit) */
+static const uint8_t plaintext_aes128xts_16bytes[] = {
+	0xEB, 0xAB, 0xCE, 0x95, 0xB1, 0x4D, 0x3C, 0x8D,
+	0x6F, 0xB3, 0x50, 0x39, 0x07, 0x90, 0x31, 0x1C
+};
+static const uint8_t ciphertext_aes128xts_16bytes[] = {
+	0x77, 0x8A, 0xE8, 0xB4, 0x3C, 0xB9, 0x8D, 0x5A,
+	0x82, 0x50, 0x81, 0xD5, 0xBE, 0x47, 0x1C, 0x63
+};
+static const struct
+blockcipher_test_data aes_test_data_xts_key_32_pt_16 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS,
+	.cipher_key = {
+		.data = {
+			0xA1, 0xB9, 0x0C, 0xBA, 0x3F, 0x06, 0xAC, 0x35,
+			0x3B, 0x2C, 0x34, 0x38, 0x76, 0x08, 0x17, 0x62,
+			0x09, 0x09, 0x23, 0x02, 0x6E, 0x91, 0x77, 0x18,
+			0x15, 0xF2, 0x9D, 0xAB, 0x01, 0x93, 0x2F, 0x2F
+		},
+		.len = 32
+	},
+	.iv = {
+		.data = {
+			0x4F, 0xAE, 0xF7, 0x11, 0x7C, 0xDA, 0x59, 0xC6,
+			0x6E, 0x4B, 0x92, 0x01, 0x3E, 0x76, 0x8A, 0xD5
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes128xts_16bytes,
+		.len = 16
+	},
+	.ciphertext = {
+		.data = ciphertext_aes128xts_16bytes,
+		.len = 16
+	}
+};
+static const uint8_t plaintext_aes128xts_32bytes[] = {
+	0xB0, 0x4D, 0x84, 0xDA, 0x85, 0x6B, 0x9A, 0x59,
+	0xCE, 0x2D, 0x62, 0x67, 0x46, 0xF6, 0x89, 0xA8,
+	0x05, 0x1D, 0xAC, 0xD6, 0xBC, 0xE3, 0xB9, 0x90,
+	0xAA, 0x90, 0x1E, 0x40, 0x30, 0x64, 0x88, 0x79
+};
+static const uint8_t ciphertext_aes128xts_32bytes[] = {
+	0xF9, 0x41, 0x03, 0x9E, 0xBA, 0xB8, 0xCA, 0xC3,
+	0x9D, 0x59, 0x24, 0x7C, 0xBB, 0xCB, 0x4D, 0x81,
+	0x6C, 0x72, 0x6D, 0xAE, 0xD1, 0x15, 0x77, 0x69,
+	0x2C, 0x55, 0xE4, 0xAC, 0x6D, 0x3E, 0x68, 0x20
+};
+static const struct
+blockcipher_test_data aes_test_data_xts_key_32_pt_32 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS,
+	.cipher_key = {
+		.data = {
+			0x78, 0x3A, 0x83, 0xEC, 0x52, 0xA2, 0x74, 0x05,
+			0xDF, 0xF9, 0xDE, 0x4C, 0x57, 0xF9, 0xC9, 0x79,
+			0xB3, 0x60, 0xB6, 0xA5, 0xDF, 0x88, 0xD6, 0x7E,
+			0xC1, 0xA0, 0x52, 0xE6, 0xF5, 0x82, 0xA7, 0x17
+		},
+		.len = 32
+	},
+	.iv = {
+		.data = {
+			0x88, 0x6E, 0x97, 0x5B, 0x29, 0xBD, 0xF6, 0xF0,
+			0xC0, 0x1B, 0xB4, 0x7F, 0x61, 0xF6, 0xF0, 0xF5
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes128xts_32bytes,
+		.len = 32
+	},
+	.ciphertext = {
+		.data = ciphertext_aes128xts_32bytes,
+		.len = 32
+	}
+};
+
+/** XTS-AES-256 test vector (2 keys * 256 bit) */
+/* Encryption */
+static const uint8_t plaintext_aes256xts_32bytes[] = {
+	0x2E, 0xED, 0xEA, 0x52, 0xCD, 0x82, 0x15, 0xE1,
+	0xAC, 0xC6, 0x47, 0xE8, 0x10, 0xBB, 0xC3, 0x64,
+	0x2E, 0x87, 0x28, 0x7F, 0x8D, 0x2E, 0x57, 0xE3,
+	0x6C, 0x0A, 0x24, 0xFB, 0xC1, 0x2A, 0x20, 0x2E
+};
+static const uint8_t ciphertext_aes256xts_32bytes[] = {
+	0xCB, 0xAA, 0xD0, 0xE2, 0xF6, 0xCE, 0xA3, 0xF5,
+	0x0B, 0x37, 0xF9, 0x34, 0xD4, 0x6A, 0x9B, 0x13,
+	0x0B, 0x9D, 0x54, 0xF0, 0x7E, 0x34, 0xF3, 0x6A,
+	0xF7, 0x93, 0xE8, 0x6F, 0x73, 0xC6, 0xD7, 0xDB
+};
+static const struct
+blockcipher_test_data aes_test_data_xts_key_64_pt_32 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS,
+	.cipher_key = {
+		.data = {
+			0x1E, 0xA6, 0x61, 0xC5, 0x8D, 0x94, 0x3A, 0x0E,
+			0x48, 0x01, 0xE4, 0x2F, 0x4B, 0x09, 0x47, 0x14,
+			0x9E, 0x7F, 0x9F, 0x8E, 0x3E, 0x68, 0xD0, 0xC7,
+			0x50, 0x52, 0x10, 0xBD, 0x31, 0x1A, 0x0E, 0x7C,
+			0xD6, 0xE1, 0x3F, 0xFD, 0xF2, 0x41, 0x8D, 0x8D,
+			0x19, 0x11, 0xC0, 0x04, 0xCD, 0xA5, 0x8D, 0xA3,
+			0xD6, 0x19, 0xB7, 0xE2, 0xB9, 0x14, 0x1E, 0x58,
+			0x31, 0x8E, 0xEA, 0x39, 0x2C, 0xF4, 0x1B, 0x08
+		},
+		.len = 64
+	},
+	.iv = {
+		.data = {
+			0xAD, 0xF8, 0xD9, 0x26, 0x27, 0x46, 0x4A, 0xD2,
+			0xF0, 0x42, 0x8E, 0x84, 0xA9, 0xF8, 0x75, 0x64
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes256xts_32bytes,
+		.len = 32
+	},
+	.ciphertext = {
+		.data = ciphertext_aes256xts_32bytes,
+		.len = 32
+	}
+};
+static const uint8_t plaintext_aes256xts_48bytes[] = {
+	0xBB, 0xB2, 0x34, 0xDB, 0x01, 0xBE, 0x79, 0xD3,
+	0xDC, 0x7D, 0xCF, 0x49, 0xBC, 0x53, 0xB8, 0xEF,
+	0xC6, 0x2F, 0xE7, 0x17, 0x94, 0x39, 0x06, 0x1D,
+	0x73, 0xA6, 0xB2, 0x0E, 0xDB, 0x9B, 0x7D, 0xA0,
+	0x45, 0x0B, 0x19, 0xF0, 0x20, 0x82, 0x02, 0x09,
+	0xAF, 0xE0, 0x81, 0x12, 0xAE, 0x4A, 0xFD, 0xD3
+};
+static const uint8_t ciphertext_aes256xts_48bytes[] = {
+	0xCB, 0xF6, 0x88, 0x48, 0xC4, 0x20, 0x49, 0xEF,
+	0xB1, 0x46, 0xE2, 0xD1, 0xE4, 0x11, 0x5F, 0x62,
+	0xE4, 0xFA, 0xA4, 0xEF, 0xFF, 0x19, 0x8F, 0x1A,
+	0x0A, 0xA0, 0xC9, 0x8B, 0xA0, 0x2C, 0xC4, 0x4D,
+	0xA3, 0x76, 0xD7, 0x62, 0xD6, 0x15, 0x1F, 0x23,
+	0x45, 0x87, 0xBF, 0x12, 0x8B, 0x6A, 0x7F, 0xFA
+};
+static const struct
+blockcipher_test_data aes_test_data_xts_key_64_pt_48 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS,
+	.cipher_key = {
+		.data = {
+			0x7F, 0xB0, 0x92, 0x2F, 0xCE, 0x09, 0xED, 0xDD,
+			0x36, 0x65, 0xA1, 0x1F, 0x52, 0x35, 0xD5, 0x1E,
+			0xF7, 0x72, 0x06, 0xA7, 0xDE, 0x45, 0x47, 0x75,
+			0xB6, 0x9D, 0xCC, 0x54, 0x59, 0xAC, 0xDB, 0x24,
+			0xCC, 0xF0, 0x5C, 0x41, 0x5A, 0xF5, 0xAB, 0x8A,
+			0x06, 0x62, 0x3D, 0x19, 0x8D, 0x5B, 0x91, 0x85,
+			0x95, 0xA9, 0xDC, 0xAA, 0xF5, 0x39, 0x2E, 0xE7,
+			0x17, 0xC1, 0x04, 0x7F, 0x2F, 0x08, 0xF6, 0x2B
+		},
+		.len = 64
+	},
+	.iv = {
+		.data = {
+			0x8E, 0xA3, 0x63, 0x8B, 0x9D, 0x40, 0x62, 0xF1,
+			0x69, 0x19, 0x6F, 0xF4, 0x55, 0x5A, 0xD0, 0xAF
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes256xts_48bytes,
+		.len = 48
+	},
+	.ciphertext = {
+		.data = ciphertext_aes256xts_48bytes,
+		.len = 48
+	}
+};
+
 /* AES-DOCSIS-BPI test vectors */
 
 /* Multiple of AES block size */
@@ -1821,6 +1994,54 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
+	},
+	{
+		.test_descr = "AES-128-XTS Encryption (16-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_32_pt_16,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-128-XTS Decryption (16-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_32_pt_16,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-128-XTS Encryption (32-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_32_pt_32,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-128-XTS Decryption (32-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_32_pt_32,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-256-XTS Encryption (32-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_64_pt_32,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-256-XTS Decryption (32-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_64_pt_32,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-256-XTS Encryption (48-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_64_pt_48,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-256-XTS Decryption (48-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_64_pt_48,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
 	}
 };
 
-- 
2.7.4

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [dpdk-dev] [PATCH 2/3] crypto/qat: add XTS for QAT session config
  2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak
  2019-02-28 16:18 ` [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT Damian Nowak
@ 2019-02-28 16:18 ` Damian Nowak
  2019-02-28 16:18 ` [dpdk-dev] [PATCH 3/3] cryptodev: remove XTS text duplication Damian Nowak
  2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak
  3 siblings, 0 replies; 11+ messages in thread
From: Damian Nowak @ 2019-02-28 16:18 UTC (permalink / raw)
  To: fiona.trahe; +Cc: dev, Damian Nowak

This patch adds XTS capabilities and enables XTS cipher
mode on QAT.
It also updates the documentation for newly supported
AES XTS mode on QAT.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
---
 doc/guides/cryptodevs/features/qat.ini    |  2 ++
 doc/guides/cryptodevs/qat.rst             |  3 ++-
 drivers/crypto/qat/qat_sym_capabilities.h | 22 +++++++++++++++++++++-
 drivers/crypto/qat/qat_sym_session.c      | 17 +++++++++++++++--
 4 files changed, 40 insertions(+), 4 deletions(-)

diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini
index 4f15ee0..a7c7273 100644
--- a/doc/guides/cryptodevs/features/qat.ini
+++ b/doc/guides/cryptodevs/features/qat.ini
@@ -24,6 +24,8 @@ AES CBC (256)  = Y
 AES CTR (128)  = Y
 AES CTR (192)  = Y
 AES CTR (256)  = Y
+AES XTS (128)  = Y
+AES XTS (256)  = Y
 3DES CBC       = Y
 3DES CTR       = Y
 DES CBC        = Y
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index b079aa3..d5bb1d4 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -1,5 +1,5 @@
 ..  SPDX-License-Identifier: BSD-3-Clause
-    Copyright(c) 2015-2016 Intel Corporation.
+    Copyright(c) 2015-2019 Intel Corporation.
 
 Intel(R) QuickAssist (QAT) Crypto Poll Mode Driver
 ==================================================
@@ -41,6 +41,7 @@ Cipher algorithms:
 * ``RTE_CRYPTO_CIPHER_AES128_CTR``
 * ``RTE_CRYPTO_CIPHER_AES192_CTR``
 * ``RTE_CRYPTO_CIPHER_AES256_CTR``
+* ``RTE_CRYPTO_CIPHER_AES_XTS``
 * ``RTE_CRYPTO_CIPHER_SNOW3G_UEA2``
 * ``RTE_CRYPTO_CIPHER_NULL``
 * ``RTE_CRYPTO_CIPHER_KASUMI_F8``
diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h
index 7cba87d..6df12b9 100644
--- a/drivers/crypto/qat/qat_sym_capabilities.h
+++ b/drivers/crypto/qat/qat_sym_capabilities.h
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2017-2018 Intel Corporation
+ * Copyright(c) 2017-2019 Intel Corporation
  */
 
 #ifndef _QAT_SYM_CAPABILITIES_H_
@@ -304,6 +304,26 @@
 			}, }						\
 		}, }							\
 	},								\
+	{	/* AES XTS */					\
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,			\
+		{.sym = {						\
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,	\
+			{.cipher = {					\
+				.algo = RTE_CRYPTO_CIPHER_AES_XTS,	\
+				.block_size = 16,			\
+				.key_size = {				\
+					.min = 32,			\
+					.max = 64,			\
+					.increment = 0			\
+				},					\
+				.iv_size = {				\
+					.min = 16,			\
+					.max = 16,			\
+					.increment = 0			\
+				}					\
+			}, }						\
+		}, }							\
+	},								\
 	{	/* AES DOCSIS BPI */					\
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,			\
 		{.sym = {						\
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 4d7ec01..5cc86f5 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0)
- * Copyright(c) 2015-2018 Intel Corporation
+ * Copyright(c) 2015-2019 Intel Corporation
  */
 
 #include <openssl/sha.h>	/* Needed to calculate pre-compute values */
@@ -333,10 +333,23 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
 		}
 		session->qat_mode = ICP_QAT_HW_CIPHER_ECB_MODE;
 		break;
+	case RTE_CRYPTO_CIPHER_AES_XTS:
+		if ((cipher_xform->key.length/2) == ICP_QAT_HW_AES_192_KEY_SZ) {
+			QAT_LOG(ERR, "AES-XTS-192 not supported");
+			ret = -EINVAL;
+			goto error_out;
+		}
+		if (qat_sym_validate_aes_key((cipher_xform->key.length/2),
+				&session->qat_cipher_alg) != 0) {
+			QAT_LOG(ERR, "Invalid AES-XTS cipher key size");
+			ret = -EINVAL;
+			goto error_out;
+		}
+		session->qat_mode = ICP_QAT_HW_CIPHER_XTS_MODE;
+		break;
 	case RTE_CRYPTO_CIPHER_3DES_ECB:
 	case RTE_CRYPTO_CIPHER_AES_ECB:
 	case RTE_CRYPTO_CIPHER_AES_F8:
-	case RTE_CRYPTO_CIPHER_AES_XTS:
 	case RTE_CRYPTO_CIPHER_ARC4:
 		QAT_LOG(ERR, "Crypto QAT PMD: Unsupported Cipher alg %u",
 				cipher_xform->algo);
-- 
2.7.4

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [dpdk-dev] [PATCH 3/3] cryptodev: remove XTS text duplication
  2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak
  2019-02-28 16:18 ` [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT Damian Nowak
  2019-02-28 16:18 ` [dpdk-dev] [PATCH 2/3] crypto/qat: add XTS for QAT session config Damian Nowak
@ 2019-02-28 16:18 ` Damian Nowak
  2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak
  3 siblings, 0 replies; 11+ messages in thread
From: Damian Nowak @ 2019-02-28 16:18 UTC (permalink / raw)
  To: fiona.trahe; +Cc: dev, Damian Nowak

This patch removes duplicated text about AES-XTS
mode.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
---
 lib/librte_cryptodev/rte_crypto_sym.h | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index eb5afc5..c80e90e 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2016-2017 Intel Corporation
+ * Copyright(c) 2016-2019 Intel Corporation
  */
 
 #ifndef _RTE_CRYPTO_SYM_H_
@@ -124,11 +124,6 @@ struct rte_crypto_cipher_xform {
 	 * keymask. As per RFC3711, the keymask should be padded with trailing
 	 * bytes to match the length of the encryption key used.
 	 *
-	 * For AES-XTS mode of operation, two keys must be provided and
-	 * key.data must point to the two keys concatenated together (Key1 ||
-	 * Key2). The cipher key length will contain the total size of both
-	 * keys.
-	 *
 	 * Cipher key length is in bytes. For AES it can be 128 bits (16 bytes),
 	 * 192 bits (24 bytes) or 256 bits (32 bytes).
 	 *
@@ -140,6 +135,8 @@ struct rte_crypto_cipher_xform {
 	 * For the AES-XTS mode of operation:
 	 *  - Two keys must be provided and key.length refers to total length of
 	 *    the two keys.
+	 *  - key.data must point to the two keys concatenated together
+	 *    (key1 || key2).
 	 *  - Each key can be either 128 bits (16 bytes) or 256 bits (32 bytes).
 	 *  - Both keys must have the same size.
 	 **/
-- 
2.7.4

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT
  2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak
                   ` (2 preceding siblings ...)
  2019-02-28 16:18 ` [dpdk-dev] [PATCH 3/3] cryptodev: remove XTS text duplication Damian Nowak
@ 2019-03-13 14:52 ` Damian Nowak
  2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT Damian Nowak
                     ` (3 more replies)
  3 siblings, 4 replies; 11+ messages in thread
From: Damian Nowak @ 2019-03-13 14:52 UTC (permalink / raw)
  To: dev; +Cc: fiona.trahe, Damian Nowak

This patchset adds XTS support for Intel
QuickAssist Technology.

Following cipher algorithms are available
with this patchset:
*	AES XTS (128)
*	AES XTS (256)

---
v2:
- update release notes

Damian Nowak (3):
  test/crypto: add tests for XTS on QAT
  crypto/qat: add XTS for QAT session config
  cryptodev: remove XTS text duplication

 app/test/test_cryptodev_aes_test_vectors.h | 223 ++++++++++++++++++++++++++++-
 doc/guides/cryptodevs/features/qat.ini     |   2 +
 doc/guides/cryptodevs/qat.rst              |   3 +-
 doc/guides/rel_notes/release_19_05.rst     |  10 ++
 drivers/crypto/qat/qat_sym_capabilities.h  |  22 ++-
 drivers/crypto/qat/qat_sym_session.c       |  17 ++-
 lib/librte_cryptodev/rte_crypto_sym.h      |   9 +-
 7 files changed, 275 insertions(+), 11 deletions(-)

-- 
2.7.4

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT
  2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak
@ 2019-03-13 14:52   ` Damian Nowak
  2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config Damian Nowak
                     ` (2 subsequent siblings)
  3 siblings, 0 replies; 11+ messages in thread
From: Damian Nowak @ 2019-03-13 14:52 UTC (permalink / raw)
  To: dev; +Cc: fiona.trahe, Damian Nowak

This patch adds test vectors for AES XTS mode
on QAT. It uses different plaintext sizes
and AES keys sizes of 128 and 256 bits.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
---
 app/test/test_cryptodev_aes_test_vectors.h | 223 ++++++++++++++++++++++++++++-
 1 file changed, 222 insertions(+), 1 deletion(-)

diff --git a/app/test/test_cryptodev_aes_test_vectors.h b/app/test/test_cryptodev_aes_test_vectors.h
index 6dd8e5f..960c3b1 100644
--- a/app/test/test_cryptodev_aes_test_vectors.h
+++ b/app/test/test_cryptodev_aes_test_vectors.h
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2016-2017 Intel Corporation
+ * Copyright(c) 2016-2019 Intel Corporation
  */
 
 #ifndef TEST_CRYPTODEV_AES_TEST_VECTORS_H_
@@ -1077,6 +1077,179 @@ static const struct blockcipher_test_data aes_test_data_13 = {
 	}
 };
 
+/** XTS-AES-128 test vector (2 keys * 128 bit) */
+static const uint8_t plaintext_aes128xts_16bytes[] = {
+	0xEB, 0xAB, 0xCE, 0x95, 0xB1, 0x4D, 0x3C, 0x8D,
+	0x6F, 0xB3, 0x50, 0x39, 0x07, 0x90, 0x31, 0x1C
+};
+static const uint8_t ciphertext_aes128xts_16bytes[] = {
+	0x77, 0x8A, 0xE8, 0xB4, 0x3C, 0xB9, 0x8D, 0x5A,
+	0x82, 0x50, 0x81, 0xD5, 0xBE, 0x47, 0x1C, 0x63
+};
+static const struct
+blockcipher_test_data aes_test_data_xts_key_32_pt_16 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS,
+	.cipher_key = {
+		.data = {
+			0xA1, 0xB9, 0x0C, 0xBA, 0x3F, 0x06, 0xAC, 0x35,
+			0x3B, 0x2C, 0x34, 0x38, 0x76, 0x08, 0x17, 0x62,
+			0x09, 0x09, 0x23, 0x02, 0x6E, 0x91, 0x77, 0x18,
+			0x15, 0xF2, 0x9D, 0xAB, 0x01, 0x93, 0x2F, 0x2F
+		},
+		.len = 32
+	},
+	.iv = {
+		.data = {
+			0x4F, 0xAE, 0xF7, 0x11, 0x7C, 0xDA, 0x59, 0xC6,
+			0x6E, 0x4B, 0x92, 0x01, 0x3E, 0x76, 0x8A, 0xD5
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes128xts_16bytes,
+		.len = 16
+	},
+	.ciphertext = {
+		.data = ciphertext_aes128xts_16bytes,
+		.len = 16
+	}
+};
+static const uint8_t plaintext_aes128xts_32bytes[] = {
+	0xB0, 0x4D, 0x84, 0xDA, 0x85, 0x6B, 0x9A, 0x59,
+	0xCE, 0x2D, 0x62, 0x67, 0x46, 0xF6, 0x89, 0xA8,
+	0x05, 0x1D, 0xAC, 0xD6, 0xBC, 0xE3, 0xB9, 0x90,
+	0xAA, 0x90, 0x1E, 0x40, 0x30, 0x64, 0x88, 0x79
+};
+static const uint8_t ciphertext_aes128xts_32bytes[] = {
+	0xF9, 0x41, 0x03, 0x9E, 0xBA, 0xB8, 0xCA, 0xC3,
+	0x9D, 0x59, 0x24, 0x7C, 0xBB, 0xCB, 0x4D, 0x81,
+	0x6C, 0x72, 0x6D, 0xAE, 0xD1, 0x15, 0x77, 0x69,
+	0x2C, 0x55, 0xE4, 0xAC, 0x6D, 0x3E, 0x68, 0x20
+};
+static const struct
+blockcipher_test_data aes_test_data_xts_key_32_pt_32 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS,
+	.cipher_key = {
+		.data = {
+			0x78, 0x3A, 0x83, 0xEC, 0x52, 0xA2, 0x74, 0x05,
+			0xDF, 0xF9, 0xDE, 0x4C, 0x57, 0xF9, 0xC9, 0x79,
+			0xB3, 0x60, 0xB6, 0xA5, 0xDF, 0x88, 0xD6, 0x7E,
+			0xC1, 0xA0, 0x52, 0xE6, 0xF5, 0x82, 0xA7, 0x17
+		},
+		.len = 32
+	},
+	.iv = {
+		.data = {
+			0x88, 0x6E, 0x97, 0x5B, 0x29, 0xBD, 0xF6, 0xF0,
+			0xC0, 0x1B, 0xB4, 0x7F, 0x61, 0xF6, 0xF0, 0xF5
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes128xts_32bytes,
+		.len = 32
+	},
+	.ciphertext = {
+		.data = ciphertext_aes128xts_32bytes,
+		.len = 32
+	}
+};
+
+/** XTS-AES-256 test vector (2 keys * 256 bit) */
+/* Encryption */
+static const uint8_t plaintext_aes256xts_32bytes[] = {
+	0x2E, 0xED, 0xEA, 0x52, 0xCD, 0x82, 0x15, 0xE1,
+	0xAC, 0xC6, 0x47, 0xE8, 0x10, 0xBB, 0xC3, 0x64,
+	0x2E, 0x87, 0x28, 0x7F, 0x8D, 0x2E, 0x57, 0xE3,
+	0x6C, 0x0A, 0x24, 0xFB, 0xC1, 0x2A, 0x20, 0x2E
+};
+static const uint8_t ciphertext_aes256xts_32bytes[] = {
+	0xCB, 0xAA, 0xD0, 0xE2, 0xF6, 0xCE, 0xA3, 0xF5,
+	0x0B, 0x37, 0xF9, 0x34, 0xD4, 0x6A, 0x9B, 0x13,
+	0x0B, 0x9D, 0x54, 0xF0, 0x7E, 0x34, 0xF3, 0x6A,
+	0xF7, 0x93, 0xE8, 0x6F, 0x73, 0xC6, 0xD7, 0xDB
+};
+static const struct
+blockcipher_test_data aes_test_data_xts_key_64_pt_32 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS,
+	.cipher_key = {
+		.data = {
+			0x1E, 0xA6, 0x61, 0xC5, 0x8D, 0x94, 0x3A, 0x0E,
+			0x48, 0x01, 0xE4, 0x2F, 0x4B, 0x09, 0x47, 0x14,
+			0x9E, 0x7F, 0x9F, 0x8E, 0x3E, 0x68, 0xD0, 0xC7,
+			0x50, 0x52, 0x10, 0xBD, 0x31, 0x1A, 0x0E, 0x7C,
+			0xD6, 0xE1, 0x3F, 0xFD, 0xF2, 0x41, 0x8D, 0x8D,
+			0x19, 0x11, 0xC0, 0x04, 0xCD, 0xA5, 0x8D, 0xA3,
+			0xD6, 0x19, 0xB7, 0xE2, 0xB9, 0x14, 0x1E, 0x58,
+			0x31, 0x8E, 0xEA, 0x39, 0x2C, 0xF4, 0x1B, 0x08
+		},
+		.len = 64
+	},
+	.iv = {
+		.data = {
+			0xAD, 0xF8, 0xD9, 0x26, 0x27, 0x46, 0x4A, 0xD2,
+			0xF0, 0x42, 0x8E, 0x84, 0xA9, 0xF8, 0x75, 0x64
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes256xts_32bytes,
+		.len = 32
+	},
+	.ciphertext = {
+		.data = ciphertext_aes256xts_32bytes,
+		.len = 32
+	}
+};
+static const uint8_t plaintext_aes256xts_48bytes[] = {
+	0xBB, 0xB2, 0x34, 0xDB, 0x01, 0xBE, 0x79, 0xD3,
+	0xDC, 0x7D, 0xCF, 0x49, 0xBC, 0x53, 0xB8, 0xEF,
+	0xC6, 0x2F, 0xE7, 0x17, 0x94, 0x39, 0x06, 0x1D,
+	0x73, 0xA6, 0xB2, 0x0E, 0xDB, 0x9B, 0x7D, 0xA0,
+	0x45, 0x0B, 0x19, 0xF0, 0x20, 0x82, 0x02, 0x09,
+	0xAF, 0xE0, 0x81, 0x12, 0xAE, 0x4A, 0xFD, 0xD3
+};
+static const uint8_t ciphertext_aes256xts_48bytes[] = {
+	0xCB, 0xF6, 0x88, 0x48, 0xC4, 0x20, 0x49, 0xEF,
+	0xB1, 0x46, 0xE2, 0xD1, 0xE4, 0x11, 0x5F, 0x62,
+	0xE4, 0xFA, 0xA4, 0xEF, 0xFF, 0x19, 0x8F, 0x1A,
+	0x0A, 0xA0, 0xC9, 0x8B, 0xA0, 0x2C, 0xC4, 0x4D,
+	0xA3, 0x76, 0xD7, 0x62, 0xD6, 0x15, 0x1F, 0x23,
+	0x45, 0x87, 0xBF, 0x12, 0x8B, 0x6A, 0x7F, 0xFA
+};
+static const struct
+blockcipher_test_data aes_test_data_xts_key_64_pt_48 = {
+	.crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS,
+	.cipher_key = {
+		.data = {
+			0x7F, 0xB0, 0x92, 0x2F, 0xCE, 0x09, 0xED, 0xDD,
+			0x36, 0x65, 0xA1, 0x1F, 0x52, 0x35, 0xD5, 0x1E,
+			0xF7, 0x72, 0x06, 0xA7, 0xDE, 0x45, 0x47, 0x75,
+			0xB6, 0x9D, 0xCC, 0x54, 0x59, 0xAC, 0xDB, 0x24,
+			0xCC, 0xF0, 0x5C, 0x41, 0x5A, 0xF5, 0xAB, 0x8A,
+			0x06, 0x62, 0x3D, 0x19, 0x8D, 0x5B, 0x91, 0x85,
+			0x95, 0xA9, 0xDC, 0xAA, 0xF5, 0x39, 0x2E, 0xE7,
+			0x17, 0xC1, 0x04, 0x7F, 0x2F, 0x08, 0xF6, 0x2B
+		},
+		.len = 64
+	},
+	.iv = {
+		.data = {
+			0x8E, 0xA3, 0x63, 0x8B, 0x9D, 0x40, 0x62, 0xF1,
+			0x69, 0x19, 0x6F, 0xF4, 0x55, 0x5A, 0xD0, 0xAF
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = plaintext_aes256xts_48bytes,
+		.len = 48
+	},
+	.ciphertext = {
+		.data = ciphertext_aes256xts_48bytes,
+		.len = 48
+	}
+};
+
 /* AES-DOCSIS-BPI test vectors */
 
 /* Multiple of AES block size */
@@ -1821,6 +1994,54 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = {
 		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
 		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB |
 			    BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX
+	},
+	{
+		.test_descr = "AES-128-XTS Encryption (16-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_32_pt_16,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-128-XTS Decryption (16-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_32_pt_16,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-128-XTS Encryption (32-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_32_pt_32,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-128-XTS Decryption (32-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_32_pt_32,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-256-XTS Encryption (32-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_64_pt_32,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-256-XTS Decryption (32-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_64_pt_32,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-256-XTS Encryption (48-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_64_pt_48,
+		.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+	},
+	{
+		.test_descr = "AES-256-XTS Decryption (48-byte plaintext)",
+		.test_data = &aes_test_data_xts_key_64_pt_48,
+		.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
+		.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
 	}
 };
 
-- 
2.7.4

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config
  2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak
  2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT Damian Nowak
@ 2019-03-13 14:52   ` Damian Nowak
  2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 3/3] cryptodev: remove XTS text duplication Damian Nowak
  2019-03-13 17:51   ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Trahe, Fiona
  3 siblings, 0 replies; 11+ messages in thread
From: Damian Nowak @ 2019-03-13 14:52 UTC (permalink / raw)
  To: dev; +Cc: fiona.trahe, Damian Nowak

This patch adds XTS capabilities and enables
XTS cipher mode on QAT.
It also updates the documentation for newly
supported AES XTS mode on QAT.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
---
 doc/guides/cryptodevs/features/qat.ini    |  2 ++
 doc/guides/cryptodevs/qat.rst             |  3 ++-
 doc/guides/rel_notes/release_19_05.rst    | 10 ++++++++++
 drivers/crypto/qat/qat_sym_capabilities.h | 22 +++++++++++++++++++++-
 drivers/crypto/qat/qat_sym_session.c      | 17 +++++++++++++++--
 5 files changed, 50 insertions(+), 4 deletions(-)

diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini
index 4f15ee0..a7c7273 100644
--- a/doc/guides/cryptodevs/features/qat.ini
+++ b/doc/guides/cryptodevs/features/qat.ini
@@ -24,6 +24,8 @@ AES CBC (256)  = Y
 AES CTR (128)  = Y
 AES CTR (192)  = Y
 AES CTR (256)  = Y
+AES XTS (128)  = Y
+AES XTS (256)  = Y
 3DES CBC       = Y
 3DES CTR       = Y
 DES CBC        = Y
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index b7eace1..b1a5c0e 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -1,5 +1,5 @@
 ..  SPDX-License-Identifier: BSD-3-Clause
-    Copyright(c) 2015-2016 Intel Corporation.
+    Copyright(c) 2015-2019 Intel Corporation.
 
 Intel(R) QuickAssist (QAT) Crypto Poll Mode Driver
 ==================================================
@@ -41,6 +41,7 @@ Cipher algorithms:
 * ``RTE_CRYPTO_CIPHER_AES128_CTR``
 * ``RTE_CRYPTO_CIPHER_AES192_CTR``
 * ``RTE_CRYPTO_CIPHER_AES256_CTR``
+* ``RTE_CRYPTO_CIPHER_AES_XTS``
 * ``RTE_CRYPTO_CIPHER_SNOW3G_UEA2``
 * ``RTE_CRYPTO_CIPHER_NULL``
 * ``RTE_CRYPTO_CIPHER_KASUMI_F8``
diff --git a/doc/guides/rel_notes/release_19_05.rst b/doc/guides/rel_notes/release_19_05.rst
index 61a2c73..6ea2e15 100644
--- a/doc/guides/rel_notes/release_19_05.rst
+++ b/doc/guides/rel_notes/release_19_05.rst
@@ -91,6 +91,10 @@ New Features
 
   * Added promiscuous mode support.
 
+* **Updated the QuickAssist Technology PMD.**
+
+  Added support for AES-XTS with 128 and 256 bit AES keys.
+
 
 Removed Items
 -------------
@@ -226,6 +230,12 @@ Known Issues
    Also, make sure to start the actual text at the margin.
    =========================================================
 
+* **No software AES-XTS implementation.**
+
+  There are currently no cryptodev software PMDs available which implement
+  support for the AES-XTS algorithm, so this feature can only be used
+  if compatible hardware and an associated PMD is available.
+
 
 Tested Platforms
 ----------------
diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h
index 7cba87d..6df12b9 100644
--- a/drivers/crypto/qat/qat_sym_capabilities.h
+++ b/drivers/crypto/qat/qat_sym_capabilities.h
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2017-2018 Intel Corporation
+ * Copyright(c) 2017-2019 Intel Corporation
  */
 
 #ifndef _QAT_SYM_CAPABILITIES_H_
@@ -304,6 +304,26 @@
 			}, }						\
 		}, }							\
 	},								\
+	{	/* AES XTS */					\
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,			\
+		{.sym = {						\
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,	\
+			{.cipher = {					\
+				.algo = RTE_CRYPTO_CIPHER_AES_XTS,	\
+				.block_size = 16,			\
+				.key_size = {				\
+					.min = 32,			\
+					.max = 64,			\
+					.increment = 0			\
+				},					\
+				.iv_size = {				\
+					.min = 16,			\
+					.max = 16,			\
+					.increment = 0			\
+				}					\
+			}, }						\
+		}, }							\
+	},								\
 	{	/* AES DOCSIS BPI */					\
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,			\
 		{.sym = {						\
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 4d7ec01..5cc86f5 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0)
- * Copyright(c) 2015-2018 Intel Corporation
+ * Copyright(c) 2015-2019 Intel Corporation
  */
 
 #include <openssl/sha.h>	/* Needed to calculate pre-compute values */
@@ -333,10 +333,23 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
 		}
 		session->qat_mode = ICP_QAT_HW_CIPHER_ECB_MODE;
 		break;
+	case RTE_CRYPTO_CIPHER_AES_XTS:
+		if ((cipher_xform->key.length/2) == ICP_QAT_HW_AES_192_KEY_SZ) {
+			QAT_LOG(ERR, "AES-XTS-192 not supported");
+			ret = -EINVAL;
+			goto error_out;
+		}
+		if (qat_sym_validate_aes_key((cipher_xform->key.length/2),
+				&session->qat_cipher_alg) != 0) {
+			QAT_LOG(ERR, "Invalid AES-XTS cipher key size");
+			ret = -EINVAL;
+			goto error_out;
+		}
+		session->qat_mode = ICP_QAT_HW_CIPHER_XTS_MODE;
+		break;
 	case RTE_CRYPTO_CIPHER_3DES_ECB:
 	case RTE_CRYPTO_CIPHER_AES_ECB:
 	case RTE_CRYPTO_CIPHER_AES_F8:
-	case RTE_CRYPTO_CIPHER_AES_XTS:
 	case RTE_CRYPTO_CIPHER_ARC4:
 		QAT_LOG(ERR, "Crypto QAT PMD: Unsupported Cipher alg %u",
 				cipher_xform->algo);
-- 
2.7.4

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [dpdk-dev] [PATCH v2 3/3] cryptodev: remove XTS text duplication
  2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak
  2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT Damian Nowak
  2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config Damian Nowak
@ 2019-03-13 14:52   ` Damian Nowak
  2019-03-13 17:51   ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Trahe, Fiona
  3 siblings, 0 replies; 11+ messages in thread
From: Damian Nowak @ 2019-03-13 14:52 UTC (permalink / raw)
  To: dev; +Cc: fiona.trahe, Damian Nowak

This patch removes duplicated text about AES-XTS
mode.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
---
 lib/librte_cryptodev/rte_crypto_sym.h | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index eb5afc5..c80e90e 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2016-2017 Intel Corporation
+ * Copyright(c) 2016-2019 Intel Corporation
  */
 
 #ifndef _RTE_CRYPTO_SYM_H_
@@ -124,11 +124,6 @@ struct rte_crypto_cipher_xform {
 	 * keymask. As per RFC3711, the keymask should be padded with trailing
 	 * bytes to match the length of the encryption key used.
 	 *
-	 * For AES-XTS mode of operation, two keys must be provided and
-	 * key.data must point to the two keys concatenated together (Key1 ||
-	 * Key2). The cipher key length will contain the total size of both
-	 * keys.
-	 *
 	 * Cipher key length is in bytes. For AES it can be 128 bits (16 bytes),
 	 * 192 bits (24 bytes) or 256 bits (32 bytes).
 	 *
@@ -140,6 +135,8 @@ struct rte_crypto_cipher_xform {
 	 * For the AES-XTS mode of operation:
 	 *  - Two keys must be provided and key.length refers to total length of
 	 *    the two keys.
+	 *  - key.data must point to the two keys concatenated together
+	 *    (key1 || key2).
 	 *  - Each key can be either 128 bits (16 bytes) or 256 bits (32 bytes).
 	 *  - Both keys must have the same size.
 	 **/
-- 
2.7.4

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT
  2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak
                     ` (2 preceding siblings ...)
  2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 3/3] cryptodev: remove XTS text duplication Damian Nowak
@ 2019-03-13 17:51   ` Trahe, Fiona
  2019-03-22 15:08     ` Akhil Goyal
  3 siblings, 1 reply; 11+ messages in thread
From: Trahe, Fiona @ 2019-03-13 17:51 UTC (permalink / raw)
  To: Nowak, DamianX, dev



> -----Original Message-----
> From: Nowak, DamianX
> Sent: Wednesday, March 13, 2019 2:52 PM
> To: dev@dpdk.org
> Cc: Trahe, Fiona <fiona.trahe@intel.com>; Nowak, DamianX <damianx.nowak@intel.com>
> Subject: [PATCH v2 0/3] add XTS support for Intel QAT
> 
> This patchset adds XTS support for Intel
> QuickAssist Technology.
> 
> Following cipher algorithms are available
> with this patchset:
> *	AES XTS (128)
> *	AES XTS (256)
> 
> ---
> v2:
> - update release notes
> 
> Damian Nowak (3):
Series-acked-by: Fiona Trahe <fiona.trahe@intel.com>

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT
  2019-03-13 17:51   ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Trahe, Fiona
@ 2019-03-22 15:08     ` Akhil Goyal
  2019-03-22 15:08       ` Akhil Goyal
  0 siblings, 1 reply; 11+ messages in thread
From: Akhil Goyal @ 2019-03-22 15:08 UTC (permalink / raw)
  To: Trahe, Fiona, Nowak, DamianX, dev



On 3/13/2019 11:21 PM, Trahe, Fiona wrote:
>
>> -----Original Message-----
>> From: Nowak, DamianX
>> Sent: Wednesday, March 13, 2019 2:52 PM
>> To: dev@dpdk.org
>> Cc: Trahe, Fiona <fiona.trahe@intel.com>; Nowak, DamianX <damianx.nowak@intel.com>
>> Subject: [PATCH v2 0/3] add XTS support for Intel QAT
>>
>> This patchset adds XTS support for Intel
>> QuickAssist Technology.
>>
>> Following cipher algorithms are available
>> with this patchset:
>> *	AES XTS (128)
>> *	AES XTS (256)
>>
>> ---
>> v2:
>> - update release notes
>>
>> Damian Nowak (3):
> Series-acked-by: Fiona Trahe <fiona.trahe@intel.com>
Series applied to dpdk-next-crypto

Thanks.

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT
  2019-03-22 15:08     ` Akhil Goyal
@ 2019-03-22 15:08       ` Akhil Goyal
  0 siblings, 0 replies; 11+ messages in thread
From: Akhil Goyal @ 2019-03-22 15:08 UTC (permalink / raw)
  To: Trahe, Fiona, Nowak, DamianX, dev



On 3/13/2019 11:21 PM, Trahe, Fiona wrote:
>
>> -----Original Message-----
>> From: Nowak, DamianX
>> Sent: Wednesday, March 13, 2019 2:52 PM
>> To: dev@dpdk.org
>> Cc: Trahe, Fiona <fiona.trahe@intel.com>; Nowak, DamianX <damianx.nowak@intel.com>
>> Subject: [PATCH v2 0/3] add XTS support for Intel QAT
>>
>> This patchset adds XTS support for Intel
>> QuickAssist Technology.
>>
>> Following cipher algorithms are available
>> with this patchset:
>> *	AES XTS (128)
>> *	AES XTS (256)
>>
>> ---
>> v2:
>> - update release notes
>>
>> Damian Nowak (3):
> Series-acked-by: Fiona Trahe <fiona.trahe@intel.com>
Series applied to dpdk-next-crypto

Thanks.

^ permalink raw reply	[flat|nested] 11+ messages in thread

end of thread, other threads:[~2019-03-22 15:08 UTC | newest]

Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak
2019-02-28 16:18 ` [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT Damian Nowak
2019-02-28 16:18 ` [dpdk-dev] [PATCH 2/3] crypto/qat: add XTS for QAT session config Damian Nowak
2019-02-28 16:18 ` [dpdk-dev] [PATCH 3/3] cryptodev: remove XTS text duplication Damian Nowak
2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak
2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT Damian Nowak
2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config Damian Nowak
2019-03-13 14:52   ` [dpdk-dev] [PATCH v2 3/3] cryptodev: remove XTS text duplication Damian Nowak
2019-03-13 17:51   ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Trahe, Fiona
2019-03-22 15:08     ` Akhil Goyal
2019-03-22 15:08       ` Akhil Goyal

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).