Add support for ZUC-EEA3-256 and ZUC-EIA3-256 (only 4-byte tags supported for now).
Signed-off-by: Pablo de Lara <pablo.de.lara.gua...@intel.com> --- This patch depends on patchset https://patches.dpdk.org/project/dpdk/list/?series=18470 --- doc/guides/cryptodevs/aesni_mb.rst | 1 + doc/guides/rel_notes/release_21_11.rst | 4 ++++ drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 18 ++++++++++-------- 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst index 3551a0dbd7..948128ae9b 100644 --- a/doc/guides/cryptodevs/aesni_mb.rst +++ b/doc/guides/cryptodevs/aesni_mb.rst @@ -77,6 +77,7 @@ Limitations protocol. * RTE_CRYPTO_CIPHER_DES_DOCSISBPI is not supported for combined Crypto-CRC DOCSIS security protocol. +* The only tag size supported for ZUC-EIA3-256 is 4 bytes. Installation diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst index 3fa8018695..71380d4986 100644 --- a/doc/guides/rel_notes/release_21_11.rst +++ b/doc/guides/rel_notes/release_21_11.rst @@ -82,6 +82,10 @@ New Features * Added PDCP short MAC-I support. +* **Updated the aesni_mb crypto PMD.** + + * Added support for ZUC-EEA3-256 and ZUC-EIA3-256. + Removed Items ------------- diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c index e05865798b..31c25e2bc7 100644 --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c @@ -526,8 +526,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = { .block_size = 16, .key_size = { .min = 16, - .max = 16, - .increment = 0 + .max = 32, + .increment = 16 }, .digest_size = { .min = 4, @@ -551,8 +551,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = { .block_size = 16, .key_size = { .min = 16, - .max = 16, - .increment = 0 + .max = 32, + .increment = 16 }, .iv_size = { .min = 16, @@ -1099,7 +1099,8 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr, } sess->auth.gen_digest_len = sess->auth.req_digest_len; - memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16); + memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, + xform->auth.key.length); return 0; } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) { sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN; @@ -1427,13 +1428,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr, sess->cipher.key_length_in_bytes = 24; } else if (is_zuc) { - if (xform->cipher.key.length != 16) { + if (xform->cipher.key.length != 16 && + xform->cipher.key.length != 32) { IPSEC_MB_LOG(ERR, "Invalid cipher key length"); return -EINVAL; } - sess->cipher.key_length_in_bytes = 16; + sess->cipher.key_length_in_bytes = xform->cipher.key.length; memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data, - 16); + xform->cipher.key.length); } else if (is_snow3g) { if (xform->cipher.key.length != 16) { IPSEC_MB_LOG(ERR, "Invalid cipher key length"); -- 2.25.1
