Hi Vamsi,
Please see inline.
Thanks,
Anoob
> -----Original Message-----
> From: Vamsi Attunuru <vattun...@marvell.com>
> Sent: Saturday, April 30, 2022 11:07 AM
> To: dev@dpdk.org
> Cc: Anoob Joseph <ano...@marvell.com>; Akhil Goyal
> <gak...@marvell.com>; Vamsi Krishna Attunuru <vattun...@marvell.com>
> Subject: [PATCH 1/1] crypto/cnxk: enable 3des-cbc secure capability
>
> Patch enables 3DES-CBC secure capability of crypto device.
>
> Signed-off-by: Vamsi Attunuru <vattun...@marvell.com>
> ---
> drivers/crypto/cnxk/cnxk_cryptodev.h | 2 +-
> .../crypto/cnxk/cnxk_cryptodev_capabilities.c | 24 +++++++++++++++++++
> drivers/crypto/cnxk/cnxk_ipsec.h | 3 ++-
> 3 files changed, 27 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev.h
> b/drivers/crypto/cnxk/cnxk_cryptodev.h
> index b75d681185..8870021725 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev.h
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev.h
> @@ -11,7 +11,7 @@
> #include "roc_cpt.h"
>
> #define CNXK_CPT_MAX_CAPS 35
> -#define CNXK_SEC_CRYPTO_MAX_CAPS 12
> +#define CNXK_SEC_CRYPTO_MAX_CAPS 13
> #define CNXK_SEC_MAX_CAPS 9
> #define CNXK_AE_EC_ID_MAX 8
> /**
> diff --git a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> index 98b002d93a..ba9eaf2325 100644
> --- a/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> +++ b/drivers/crypto/cnxk/cnxk_cryptodev_capabilities.c
> @@ -862,6 +862,29 @@ static const struct rte_cryptodev_capabilities
> sec_caps_aes[] = {
> },
> };
>
> +static const struct rte_cryptodev_capabilities sec_caps_des[] = {
> + { /* 3DES CBC */
> + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> + {.sym = {
> + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
> + {.cipher = {
> + .algo = RTE_CRYPTO_CIPHER_3DES_CBC,
> + .block_size = 8,
> + .key_size = {
> + .min = 24,
> + .max = 24,
> + .increment = 0
> + },
> + .iv_size = {
> + .min = 8,
> + .max = 16,
> + .increment = 8
> + }
> + }, }
> + }, }
> + }
> +};
> +
> static const struct rte_cryptodev_capabilities sec_caps_sha1_sha2[] = {
> { /* SHA1 HMAC */
> .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
> @@ -1195,6 +1218,7 @@ sec_crypto_caps_populate(struct
> rte_cryptodev_capabilities cnxk_caps[],
> int cur_pos = 0;
>
> SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, aes);
> + SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, des);
> SEC_CAPS_ADD(cnxk_caps, &cur_pos, hw_caps, sha1_sha2);
>
> if (roc_model_is_cn10k())
> diff --git a/drivers/crypto/cnxk/cnxk_ipsec.h
> b/drivers/crypto/cnxk/cnxk_ipsec.h
> index 171ea2774e..7c7833ac1b 100644
> --- a/drivers/crypto/cnxk/cnxk_ipsec.h
> +++ b/drivers/crypto/cnxk/cnxk_ipsec.h
> @@ -24,7 +24,8 @@ ipsec_xform_cipher_verify(struct
> rte_crypto_sym_xform *crypto_xform)
> return 0;
>
> if (crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CBC ||
> - crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR) {
> + crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_AES_CTR ||
> + crypto_xform->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC) {
[Anoob] We can support only key.length as 24 with 3DES. Rest of the checks are
for AES. Please introduce a separate check for 3DES.
Rest of the patch looks good.
> switch (crypto_xform->cipher.key.length) {
> case 16:
> case 24:
> --
> 2.25.1
