diff mbox series

[v4,04/14] crypto/ipsec_mb: support ZUC-256 for aesni_mb

Message ID	20211015143957.842499-5-ciara.power@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Ciara Power <ciara.power@intel.com> To: dev@dpdk.org Cc: roy.fan.zhang@intel.com, piotrx.bronowski@intel.com, gakhil@marvell.com, pablo.de.lara.guarch@intel.com, mdr@ashroe.eu Date: Fri, 15 Oct 2021 14:39:47 +0000 Message-Id: <20211015143957.842499-5-ciara.power@intel.com> In-Reply-To: <20211015143957.842499-1-ciara.power@intel.com> References: <20210618121803.1189857-1-piotrx.bronowski@intel.com> <20211015143957.842499-1-ciara.power@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v4 04/14] crypto/ipsec_mb: support ZUC-256 for aesni_mb Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	drivers/crypto: introduce ipsec_mb framework \| [v4,00/14] drivers/crypto: introduce ipsec_mb framework [v4,01/14] drivers/crypto: introduce IPsec-mb framework [v4,02/14] crypto/ipsec_mb: add multiprocess support [v4,03/14] drivers/crypto: move aesni-mb PMD to IPsec-mb framework [v4,04/14] crypto/ipsec_mb: support ZUC-256 for aesni_mb [v4,05/14] test/crypto: check cipher parameters [v4,06/14] test/crypto: check auth parameters [v4,07/14] test/crypto: add ZUC-256 vectors [v4,08/14] drivers/crypto: move aesni-gcm PMD to IPsec-mb framework [v4,09/14] drivers/crypto: move kasumi PMD to IPsec-mb framework [v4,10/14] drivers/crypto: move snow3g PMD to IPsec-mb framework [v4,11/14] crypto/ipsec_mb: add snow3g digest appended ops support [v4,12/14] drivers/crypto: move zuc PMD to IPsec-mb framework [v4,13/14] crypto/ipsec_mb: add chacha20-poly1305 PMD to framework [v4,14/14] test/crypto: add test for chacha20_poly1305 PMD

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Power, Ciara Oct. 15, 2021, 2:39 p.m. UTC

  From: Pablo de Lara <pablo.de.lara.guarch@intel.com>

Add support for ZUC-EEA3-256 and ZUC-EIA3-256.
Only 4-byte tags supported for now.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 doc/guides/cryptodevs/aesni_mb.rst          |  1 +
 doc/guides/rel_notes/release_21_11.rst      |  4 ++++
 drivers/crypto/ipsec_mb/pmd_aesni_mb.c      | 21 ++++++++++++++++-----
 drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h | 16 ++++++++--------
 4 files changed, 29 insertions(+), 13 deletions(-)

Comments

Fan Zhang Oct. 18, 2021, 7:39 a.m. UTC | #1

> -----Original Message-----
> From: Power, Ciara <ciara.power@intel.com>
> Sent: Friday, October 15, 2021 3:40 PM
> To: dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; Bronowski, PiotrX
> <piotrx.bronowski@intel.com>; gakhil@marvell.com; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>; mdr@ashroe.eu
> Subject: [PATCH v4 04/14] crypto/ipsec_mb: support ZUC-256 for aesni_mb
> 
> From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> 
> Add support for ZUC-EEA3-256 and ZUC-EIA3-256.
> Only 4-byte tags supported for now.
> 
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>

diff mbox series

Patch

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 3551a0dbd7..948128ae9b 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -77,6 +77,7 @@  Limitations
   protocol.
 * RTE_CRYPTO_CIPHER_DES_DOCSISBPI is not supported for combined Crypto-CRC
   DOCSIS security protocol.
+* The only tag size supported for ZUC-EIA3-256 is 4 bytes.
 
 
 Installation
diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst
index 7628c32052..46f8a22c8d 100644
--- a/doc/guides/rel_notes/release_21_11.rst
+++ b/doc/guides/rel_notes/release_21_11.rst
@@ -106,6 +106,10 @@  New Features
 
     * AESNI_MB PMD.
 
+* **Updated the aesni_mb crypto PMD.**
+
+  * Added support for ZUC-EEA3-256 and ZUC-EIA3-256.
+
 * **Updated Marvell cnxk ethdev driver.**
 
   * Added rte_flow support for dual VLAN insert and strip actions.
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index c9c4906722..c38d85a366 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -179,7 +179,15 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 	}
 
 	if (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {
-		sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+		if (xform->auth.key.length == 16) {
+			sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+		} else if (xform->auth.key.length == 32) {
+			sess->auth.algo = IMB_AUTH_ZUC256_EIA3_BITLEN;
+		} else {
+			IPSEC_MB_LOG(ERR, "Invalid authentication key length\n");
+			return -EINVAL;
+		}
+
 		uint16_t zuc_eia3_digest_len =
 			get_truncated_digest_byte_length(
 						IMB_AUTH_ZUC_EIA3_BITLEN);
@@ -189,7 +197,8 @@  aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
 		}
 		sess->auth.gen_digest_len = sess->auth.req_digest_len;
 
-		memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
+		memcpy(sess->auth.zuc_auth_key, xform->auth.key.data,
+			xform->auth.key.length);
 		return 0;
 	} else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
 		sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
@@ -522,13 +531,14 @@  aesni_mb_set_session_cipher_parameters(const IMB_MGR *mb_mgr,
 
 		sess->cipher.key_length_in_bytes = 24;
 	} else if (is_zuc) {
-		if (xform->cipher.key.length != 16) {
+		if (xform->cipher.key.length != 16 &&
+				xform->cipher.key.length != 32) {
 			IPSEC_MB_LOG(ERR, "Invalid cipher key length");
 			return -EINVAL;
 		}
-		sess->cipher.key_length_in_bytes = 16;
+		sess->cipher.key_length_in_bytes = xform->cipher.key.length;
 		memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
-			16);
+			xform->cipher.key.length);
 	} else if (is_snow3g) {
 		if (xform->cipher.key.length != 16) {
 			IPSEC_MB_LOG(ERR, "Invalid cipher key length");
@@ -1150,6 +1160,7 @@  set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
 		job->dec_keys = &session->cipher.gcm_key;
 		break;
 	case IMB_AUTH_ZUC_EIA3_BITLEN:
+	case IMB_AUTH_ZUC256_EIA3_BITLEN:
 		job->u.ZUC_EIA3._key = session->auth.zuc_auth_key;
 		job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
 						session->auth_iv.offset);
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
index db7d283ca2..d37cc787a0 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
@@ -526,8 +526,8 @@  static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
 				.block_size = 16,
 				.key_size = {
 					.min = 16,
-					.max = 16,
-					.increment = 0
+					.max = 32,
+					.increment = 16
 				},
 				.digest_size = {
 					.min = 4,
@@ -536,8 +536,8 @@  static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
 				},
 				.iv_size = {
 					.min = 16,
-					.max = 16,
-					.increment = 0
+					.max = 25,
+					.increment = 9
 				}
 			}, }
 		}, }
@@ -551,13 +551,13 @@  static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
 				.block_size = 16,
 				.key_size = {
 					.min = 16,
-					.max = 16,
-					.increment = 0
+					.max = 32,
+					.increment = 16
 				},
 				.iv_size = {
 					.min = 16,
-					.max = 16,
-					.increment = 0
+					.max = 25,
+					.increment = 9
 				},
 			}, }
 		}, }