diff mbox series

crypto/aesni_mb: modify chain order for AES-CCM

Message ID	1567694706-152289-1-git-send-email-pablo.de.lara.guarch@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Pablo de Lara <pablo.de.lara.guarch@intel.com> To: akhil.goyal@nxp.com Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com> Date: Thu, 5 Sep 2019 15:45:06 +0100 Message-Id: <1567694706-152289-1-git-send-email-pablo.de.lara.guarch@intel.com> Subject: [dpdk-dev] [PATCH] crypto/aesni_mb: modify chain order for AES-CCM Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	crypto/aesni_mb: modify chain order for AES-CCM \| crypto/aesni_mb: modify chain order for AES-CCM

Checks

Context	Check	Description
ci/checkpatch	warning	coding style issues
ci/Intel-compilation	success	Compilation OK
ci/iol-dpdk_compile_ovs	success	Compile Testing PASS
ci/iol-dpdk_compile_spdk	success	Compile Testing PASS
ci/iol-dpdk_compile	success	Compile Testing PASS
ci/intel-Performance	success	Performance Testing PASS
ci/mellanox-Performance	success	Performance Testing PASS

Commit Message

De Lara Guarch, Pablo Sept. 5, 2019, 2:45 p.m. UTC

  Up to version 0.52 of the IPSec Multi buffer library,
the chain order for AES-CCM was CIPHER_HASH when encrypting.
However, after this version, the order has been reversed in the library
since, when encrypting, hashing is done first and then ciphering.

Therefore, order is changed to be compatible with newer versions
of the library.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

Comments

Akhil Goyal Sept. 19, 2019, 3:11 p.m. UTC | #1

> 
> Up to version 0.52 of the IPSec Multi buffer library,
> the chain order for AES-CCM was CIPHER_HASH when encrypting.
> However, after this version, the order has been reversed in the library
> since, when encrypting, hashing is done first and then ciphering.
> 
> Therefore, order is changed to be compatible with newer versions
> of the library.
> 
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> ---
Applied to dpdk-next-crypto

Thanks.

diff mbox series

Patch

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index b495a96..ce1144b 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -84,7 +84,25 @@  aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform)
 		if (xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER)
 			return AESNI_MB_OP_HASH_CIPHER;
 	}
-
+#if IMB_VERSION_NUM > IMB_VERSION(0, 52, 0)
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+		if (xform->aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT) {
+			/*
+			 * CCM requires to hash first and cipher later
+			 * when encrypting
+			 */
+			if (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM)
+				return AESNI_MB_OP_AEAD_HASH_CIPHER;
+			else
+				return AESNI_MB_OP_AEAD_CIPHER_HASH;
+		} else {
+			if (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM)
+				return AESNI_MB_OP_AEAD_CIPHER_HASH;
+			else
+				return AESNI_MB_OP_AEAD_HASH_CIPHER;
+		}
+	}
+#else
 	if (xform->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
 		if (xform->aead.algo == RTE_CRYPTO_AEAD_AES_CCM ||
 				xform->aead.algo == RTE_CRYPTO_AEAD_AES_GCM) {
@@ -94,6 +112,7 @@  aesni_mb_get_chain_order(const struct rte_crypto_sym_xform *xform)
 				return AESNI_MB_OP_AEAD_HASH_CIPHER;
 		}
 	}
+#endif
 
 	return AESNI_MB_OP_NOT_SUPPORTED;
 }