[2/3] crypto/qat: add XTS for QAT session config
Checks
Commit Message
This patch adds XTS capabilities and enables XTS cipher
mode on QAT.
It also updates the documentation for newly supported
AES XTS mode on QAT.
Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
---
doc/guides/cryptodevs/features/qat.ini | 2 ++
doc/guides/cryptodevs/qat.rst | 3 ++-
drivers/crypto/qat/qat_sym_capabilities.h | 22 +++++++++++++++++++++-
drivers/crypto/qat/qat_sym_session.c | 17 +++++++++++++++--
4 files changed, 40 insertions(+), 4 deletions(-)
@@ -24,6 +24,8 @@ AES CBC (256) = Y
AES CTR (128) = Y
AES CTR (192) = Y
AES CTR (256) = Y
+AES XTS (128) = Y
+AES XTS (256) = Y
3DES CBC = Y
3DES CTR = Y
DES CBC = Y
@@ -1,5 +1,5 @@
.. SPDX-License-Identifier: BSD-3-Clause
- Copyright(c) 2015-2016 Intel Corporation.
+ Copyright(c) 2015-2019 Intel Corporation.
Intel(R) QuickAssist (QAT) Crypto Poll Mode Driver
==================================================
@@ -41,6 +41,7 @@ Cipher algorithms:
* ``RTE_CRYPTO_CIPHER_AES128_CTR``
* ``RTE_CRYPTO_CIPHER_AES192_CTR``
* ``RTE_CRYPTO_CIPHER_AES256_CTR``
+* ``RTE_CRYPTO_CIPHER_AES_XTS``
* ``RTE_CRYPTO_CIPHER_SNOW3G_UEA2``
* ``RTE_CRYPTO_CIPHER_NULL``
* ``RTE_CRYPTO_CIPHER_KASUMI_F8``
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: BSD-3-Clause
- * Copyright(c) 2017-2018 Intel Corporation
+ * Copyright(c) 2017-2019 Intel Corporation
*/
#ifndef _QAT_SYM_CAPABILITIES_H_
@@ -304,6 +304,26 @@
}, } \
}, } \
}, \
+ { /* AES XTS */ \
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
+ {.sym = { \
+ .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, \
+ {.cipher = { \
+ .algo = RTE_CRYPTO_CIPHER_AES_XTS, \
+ .block_size = 16, \
+ .key_size = { \
+ .min = 32, \
+ .max = 64, \
+ .increment = 0 \
+ }, \
+ .iv_size = { \
+ .min = 16, \
+ .max = 16, \
+ .increment = 0 \
+ } \
+ }, } \
+ }, } \
+ }, \
{ /* AES DOCSIS BPI */ \
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \
{.sym = { \
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0)
- * Copyright(c) 2015-2018 Intel Corporation
+ * Copyright(c) 2015-2019 Intel Corporation
*/
#include <openssl/sha.h> /* Needed to calculate pre-compute values */
@@ -333,10 +333,23 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
}
session->qat_mode = ICP_QAT_HW_CIPHER_ECB_MODE;
break;
+ case RTE_CRYPTO_CIPHER_AES_XTS:
+ if ((cipher_xform->key.length/2) == ICP_QAT_HW_AES_192_KEY_SZ) {
+ QAT_LOG(ERR, "AES-XTS-192 not supported");
+ ret = -EINVAL;
+ goto error_out;
+ }
+ if (qat_sym_validate_aes_key((cipher_xform->key.length/2),
+ &session->qat_cipher_alg) != 0) {
+ QAT_LOG(ERR, "Invalid AES-XTS cipher key size");
+ ret = -EINVAL;
+ goto error_out;
+ }
+ session->qat_mode = ICP_QAT_HW_CIPHER_XTS_MODE;
+ break;
case RTE_CRYPTO_CIPHER_3DES_ECB:
case RTE_CRYPTO_CIPHER_AES_ECB:
case RTE_CRYPTO_CIPHER_AES_F8:
- case RTE_CRYPTO_CIPHER_AES_XTS:
case RTE_CRYPTO_CIPHER_ARC4:
QAT_LOG(ERR, "Crypto QAT PMD: Unsupported Cipher alg %u",
cipher_xform->algo);