diff mbox series

[3/4] ipsec: add 3DES-CBC algorithm support

Message ID	20190218163254.56905-4-roy.fan.zhang@intel.com (mailing list archive)
State	Superseded, archived
Delegated to:	akhil goyal
Headers	From: Fan Zhang <roy.fan.zhang@intel.com> To: dev@dpdk.org Cc: akhil.goyal@nxp.com, konstantin.ananyev@intel.com, roy.fan.zhang@intel.com Date: Mon, 18 Feb 2019 16:32:53 +0000 Message-Id: <20190218163254.56905-4-roy.fan.zhang@intel.com> In-Reply-To: <20190218163254.56905-1-roy.fan.zhang@intel.com> References: <20190218163254.56905-1-roy.fan.zhang@intel.com> Subject: [dpdk-dev] [PATCH 3/4] ipsec: add 3DES-CBC algorithm support Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	ipsec: add AES-CTR and 3DES-CBC support \| [0/4] ipsec: add AES-CTR and 3DES-CBC support [1/4] ipsec: add AES-CTR algorithm support [2/4] ipsec-secgw: add test scripts for aes ctr [3/4] ipsec: add 3DES-CBC algorithm support [4/4] ipsec-secgw: add 3des test files

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK

Commit Message

Fan Zhang Feb. 18, 2019, 4:32 p.m. UTC

  This patch adds triple-des CBC mode cipher algorithm to ipsec
library.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 lib/librte_ipsec/sa.c | 10 ++++++++++
 lib/librte_ipsec/sa.h |  6 ++++++
 2 files changed, 16 insertions(+)

diff mbox series

Patch

diff --git a/lib/librte_ipsec/sa.c b/lib/librte_ipsec/sa.c
index e34dd320a..5c59c4b67 100644
--- a/lib/librte_ipsec/sa.c
+++ b/lib/librte_ipsec/sa.c
@@ -307,6 +307,13 @@  esp_sa_init(struct rte_ipsec_sa *sa, const struct rte_ipsec_sa_prm *prm,
 			sa->algo_type = ALGO_TYPE_AES_CTR;
 			break;
 
+		case RTE_CRYPTO_CIPHER_3DES_CBC:
+			/* RFC 1851 */
+			sa->pad_align = IPSEC_PAD_3DES_CBC;
+			sa->iv_len = IPSEC_3DES_IV_SIZE;
+			sa->algo_type = ALGO_TYPE_3DES;
+			break;
+
 		default:
 			return -EINVAL;
 		}
@@ -512,6 +519,8 @@  esp_outb_cop_prepare(struct rte_crypto_op *cop,
 			sa->iv_ofs);
 		aes_ctr_cnt_blk_fill(ctr, ivp[0], sa->salt);
 		break;
+	case ALGO_TYPE_3DES:
+		/* Cipher-Auth (3DES-CBC *) case */
 	case ALGO_TYPE_NULL:
 		/* NULL case */
 		sop->cipher.data.offset = sa->ctp.cipher.offset + hlen;
@@ -873,6 +882,7 @@  esp_inb_tun_cop_prepare(struct rte_crypto_op *cop,
 		aead_gcm_iv_fill(gcm, ivp[0], sa->salt);
 		break;
 	case ALGO_TYPE_AES_CBC:
+	case ALGO_TYPE_3DES:
 		sop->cipher.data.offset = pofs + sa->ctp.cipher.offset;
 		sop->cipher.data.length = clen;
 		sop->auth.data.offset = pofs + sa->ctp.auth.offset;
diff --git a/lib/librte_ipsec/sa.h b/lib/librte_ipsec/sa.h
index 12c061ee6..8398748d1 100644
--- a/lib/librte_ipsec/sa.h
+++ b/lib/librte_ipsec/sa.h
@@ -14,6 +14,7 @@ 
 /* padding alignment for different algorithms */
 enum {
 	IPSEC_PAD_DEFAULT = 4,
+	IPSEC_PAD_3DES_CBC = IPSEC_PAD_DEFAULT,
 	IPSEC_PAD_AES_CBC = IPSEC_MAX_IV_SIZE,
 	IPSEC_PAD_AES_CTR = IPSEC_PAD_DEFAULT,
 	IPSEC_PAD_AES_GCM = IPSEC_PAD_DEFAULT,
@@ -24,6 +25,10 @@  enum {
 enum {
 	IPSEC_IV_SIZE_DEFAULT = IPSEC_MAX_IV_SIZE,
 	IPSEC_AES_CTR_IV_SIZE = sizeof(uint64_t),
+	/* TripleDES supports IV size of 32bits or 64bits but he library
+	 * only supports 64bits.
+	 */
+	IPSEC_3DES_IV_SIZE = sizeof(uint64_t),
 };
 
 /* these definitions probably has to be in rte_crypto_sym.h */
@@ -57,6 +62,7 @@  struct replay_sqn {
 /*IPSEC SA supported algorithms */
 enum sa_algo_type	{
 	ALGO_TYPE_NULL = 0,
+	ALGO_TYPE_3DES,
 	ALGO_TYPE_AES_CBC,
 	ALGO_TYPE_AES_CTR,
 	ALGO_TYPE_AES_GCM,