crypto/aesni_mb: fix DOCSIS AES-256
Checks
Commit Message
When adding support for DOCSIS AES-256,
when setting the cipher parameters, all key sizes
were accepted, but only 128-bit and 256-bit keys
are.
Fixes: 124d04b43743 ("crypto/aesni_mb: support DOCSIS AES-256")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
Comments
Hi Akhil,
> -----Original Message-----
> From: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Sent: Tuesday, April 21, 2020 2:22 PM
> To: Doherty, Declan <declan.doherty@intel.com>; O'loingsigh, Mairtin
> <mairtin.oloingsigh@intel.com>
> Cc: dev@dpdk.org; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Subject: [PATCH] crypto/aesni_mb: fix DOCSIS AES-256
>
> When adding support for DOCSIS AES-256,
> when setting the cipher parameters, all key sizes were accepted, but only 128-bit
> and 256-bit keys are.
>
> Fixes: 124d04b43743 ("crypto/aesni_mb: support DOCSIS AES-256")
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
This can be merged to the commit above before RC1 is out, if there is still time.
Thanks,
Pablo
-----Original Message-----
From: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
Sent: Tuesday, April 21, 2020 2:22 PM
To: Doherty, Declan <declan.doherty@intel.com>; O'loingsigh, Mairtin <mairtin.oloingsigh@intel.com>
Cc: dev@dpdk.org; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
Subject: [PATCH] crypto/aesni_mb: fix DOCSIS AES-256
When adding support for DOCSIS AES-256,
when setting the cipher parameters, all key sizes were accepted, but only 128-bit and 256-bit keys are.
Fixes: 124d04b43743 ("crypto/aesni_mb: support DOCSIS AES-256")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
@@ -381,6 +381,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
{
uint8_t is_aes = 0;
uint8_t is_3DES = 0;
+ uint8_t is_docsis = 0;
if (xform == NULL) {
sess->cipher.mode = NULL_CIPHER;
@@ -417,7 +418,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
break;
case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
sess->cipher.mode = DOCSIS_SEC_BPI;
- is_aes = 1;
+ is_docsis = 1;
break;
case RTE_CRYPTO_CIPHER_DES_CBC:
sess->cipher.mode = DES;
@@ -463,6 +464,26 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
AESNI_MB_LOG(ERR, "Invalid cipher key length");
return -EINVAL;
}
+ } else if (is_docsis) {
+ switch (xform->cipher.key.length) {
+ case AES_128_BYTES:
+ sess->cipher.key_length_in_bytes = AES_128_BYTES;
+ IMB_AES_KEYEXP_128(mb_mgr, xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+ break;
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ case AES_256_BYTES:
+ sess->cipher.key_length_in_bytes = AES_256_BYTES;
+ IMB_AES_KEYEXP_256(mb_mgr, xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+ break;
+#endif
+ default:
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
} else if (is_3DES) {
uint64_t *keys[3] = {sess->cipher.exp_3des_keys.key[0],
sess->cipher.exp_3des_keys.key[1],