[PATCH] crypto/ipsec_mb: support all tag sizes for ZUC-EIA3-256

DPDK patches and discussions
 help / color / mirror / Atom feed

From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: roy.fan.zhang@intel.com
Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>
Subject: [PATCH] crypto/ipsec_mb: support all tag sizes for ZUC-EIA3-256
Date: Wed, 24 Aug 2022 15:58:26 +0000	[thread overview]
Message-ID: <20220824155826.16424-1-pablo.de.lara.guarch@intel.com> (raw)

Add support for 8-byte and 16-byte tags for ZUC-EIA3-256.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 doc/guides/cryptodevs/aesni_mb.rst          |  1 -
 doc/guides/rel_notes/release_22_11.rst      |  4 ++++
 drivers/crypto/ipsec_mb/pmd_aesni_mb.c      | 22 ++++++++++++++-------
 drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h |  5 +++++
 4 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 07222ee117..00ac454b6c 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -77,7 +77,6 @@ Limitations
   protocol.
 * RTE_CRYPTO_CIPHER_DES_DOCSISBPI is not supported for combined Crypto-CRC
   DOCSIS security protocol.
-* The only tag size supported for ZUC-EIA3-256 is 4 bytes.
 
 
 Installation
diff --git a/doc/guides/rel_notes/release_22_11.rst b/doc/guides/rel_notes/release_22_11.rst
index 8c021cf050..f1f304bee2 100644
--- a/doc/guides/rel_notes/release_22_11.rst
+++ b/doc/guides/rel_notes/release_22_11.rst
@@ -55,6 +55,10 @@ New Features
      Also, make sure to start the actual text at the margin.
      =======================================================
 
+* **Updated the aesni_mb crypto PMD.**
+
+  * Added support for 8-byte and 16-byte tags for ZUC-EIA3-256.
+
 
 Removed Items
 -------------
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 6d5d3ce8eb..1a3d51b764 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -192,20 +192,28 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 	if (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {
 		if (xform->auth.key.length == 16) {
 			sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+
+			if (sess->auth.req_digest_len != 4) {
+				IPSEC_MB_LOG(ERR, "Invalid digest size\n");
+				return -EINVAL;
+			}
 		} else if (xform->auth.key.length == 32) {
 			sess->auth.algo = IMB_AUTH_ZUC256_EIA3_BITLEN;
+#if IMB_VERSION(1, 2, 0) > IMB_VERSION_NUM
+			if (sess->auth.req_digest_len != 4 &&
+					sess->auth.req_digest_len != 8 &&
+					sess->auth.req_digest_len != 16) {
+#else
+			if (sess->auth.req_digest_len != 4) {
+#endif
+				IPSEC_MB_LOG(ERR, "Invalid digest size\n");
+				return -EINVAL;
+			}
 		} else {
 			IPSEC_MB_LOG(ERR, "Invalid authentication key length\n");
 			return -EINVAL;
 		}
 
-		uint16_t zuc_eia3_digest_len =
-			get_truncated_digest_byte_length(
-						IMB_AUTH_ZUC_EIA3_BITLEN);
-		if (sess->auth.req_digest_len != zuc_eia3_digest_len) {
-			IPSEC_MB_LOG(ERR, "Invalid digest size\n");
-			return -EINVAL;
-		}
 		sess->auth.gen_digest_len = sess->auth.req_digest_len;
 
 		memcpy(sess->auth.zuc_auth_key, xform->auth.key.data,
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
index 9ef75aa51f..661a072e20 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
@@ -568,8 +568,13 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
 				},
 				.digest_size = {
 					.min = 4,
+#if IMB_VERSION(1, 2, 0) > IMB_VERSION_NUM
+					.max = 16,
+					.increment = 4
+#else
 					.max = 4,
 					.increment = 0
+#endif
 				},
 				.iv_size = {
 					.min = 16,
-- 
2.25.1

next             reply	other threads:[~2022-08-24 15:58 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-24 15:58 Pablo de Lara [this message]
2022-10-07 13:23 ` [EXT] " Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220824155826.16424-1-pablo.de.lara.guarch@intel.com \
    --to=pablo.de.lara.guarch@intel.com \
    --cc=dev@dpdk.org \
    --cc=roy.fan.zhang@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).