The Multi-buffer library now supports DES-CBC
and DES-DOCSISBPI algorithms, so this commit
extends adds support for them in the PMD.
Signed-off-by: Pablo de Lara <pablo.de.lara.gua...@intel.com>
---
doc/guides/cryptodevs/aesni_mb.rst | 2 +
doc/guides/cryptodevs/features/aesni_mb.ini | 3 ++
doc/guides/rel_notes/release_17_11.rst | 7 +++
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 74 ++++++++++++++++++++---------
test/test/test_cryptodev.c | 42 ++++++++++++++++
test/test/test_cryptodev_des_test_vectors.h | 42 ++++++++++------
6 files changed, 133 insertions(+), 37 deletions(-)
diff --git a/doc/guides/cryptodevs/aesni_mb.rst
b/doc/guides/cryptodevs/aesni_mb.rst
index b3b937f..2e07e1e 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -52,6 +52,8 @@ Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES192_CTR
* RTE_CRYPTO_CIPHER_AES256_CTR
* RTE_CRYPTO_CIPHER_AES_DOCSISBPI
+* RTE_CRYPTO_CIPHER_DES_CBC
+* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
Hash algorithms:
diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini
b/doc/guides/cryptodevs/features/aesni_mb.ini
index 03d8485..fab07cb 100644
--- a/doc/guides/cryptodevs/features/aesni_mb.ini
+++ b/doc/guides/cryptodevs/features/aesni_mb.ini
@@ -23,6 +23,9 @@ AES CTR (128) = Y
AES CTR (192) = Y
AES CTR (256) = Y
AES DOCSIS BPI = Y
+DES CBC = Y
+DES DOCSIS BPI = Y
+
;
; Supported authentication algorithms of the 'aesni_mb' crypto driver.
;
diff --git a/doc/guides/rel_notes/release_17_11.rst
b/doc/guides/rel_notes/release_17_11.rst
index 170f4f9..134477f 100644
--- a/doc/guides/rel_notes/release_17_11.rst
+++ b/doc/guides/rel_notes/release_17_11.rst
@@ -41,6 +41,13 @@ New Features
Also, make sure to start the actual text at the margin.
=========================================================
+* **Updated the AESNI MB PMD.**
+
+ The AESNI MB PMD has been updated with additional support for:
+
+ * DES CBC algorithm.
+ * DES DOCSIS BPI algorithm.
+
Resolved Issues
---------------
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 16e1451..ca25e28 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -30,6 +30,8 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include <des.h>
+
#include <rte_common.h>
#include <rte_hexdump.h>
#include <rte_cryptodev.h>
@@ -188,6 +190,7 @@ aesni_mb_set_session_cipher_parameters(const struct
aesni_mb_op_fns *mb_ops,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
+ uint8_t is_aes;
aes_keyexp_t aes_keyexp_fn;
if (xform == NULL) {
@@ -217,45 +220,70 @@ aesni_mb_set_session_cipher_parameters(const struct
aesni_mb_op_fns *mb_ops,
switch (xform->cipher.algo) {
case RTE_CRYPTO_CIPHER_AES_CBC:
sess->cipher.mode = CBC;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_CTR:
sess->cipher.mode = CNTR;
+ is_aes = 1;
break;
case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
sess->cipher.mode = DOCSIS_SEC_BPI;
+ is_aes = 1;
break;
- default:
- MB_LOG_ERR("Unsupported cipher mode parameter");
- return -ENOTSUP;
- }
-
- /* Check key length and choose key expansion function */
- switch (xform->cipher.key.length) {
- case AES_128_BYTES:
- sess->cipher.key_length_in_bytes = AES_128_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ case RTE_CRYPTO_CIPHER_DES_CBC:
+ sess->cipher.mode = DES;
+ is_aes = 0;
break;
- case AES_192_BYTES:
- sess->cipher.key_length_in_bytes = AES_192_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
- break;
- case AES_256_BYTES:
- sess->cipher.key_length_in_bytes = AES_256_BYTES;
- aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ case RTE_CRYPTO_CIPHER_DES_DOCSISBPI:
+ sess->cipher.mode = DOCSIS_DES;
+ is_aes = 0;
break;
default:
- MB_LOG_ERR("Invalid cipher key length");
- return -EINVAL;
+ MB_LOG_ERR("Unsupported cipher mode parameter");
+ return -ENOTSUP;
}
/* Set IV parameters */
sess->iv.offset = xform->cipher.iv.offset;
sess->iv.length = xform->cipher.iv.length;
- /* Expanded cipher keys */
- (*aes_keyexp_fn)(xform->cipher.key.data,
- sess->cipher.expanded_aes_keys.encode,
- sess->cipher.expanded_aes_keys.decode);
+ /* Check key length and choose key expansion function for AES */
+ if (is_aes) {
+ switch (xform->cipher.key.length) {
+ case AES_128_BYTES:
+ sess->cipher.key_length_in_bytes = AES_128_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes128;
+ break;
+ case AES_192_BYTES:
+ sess->cipher.key_length_in_bytes = AES_192_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes192;
+ break;
+ case AES_256_BYTES:
+ sess->cipher.key_length_in_bytes = AES_256_BYTES;
+ aes_keyexp_fn = mb_ops->aux.keyexp.aes256;
+ break;
+ default:
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+
+ /* Expanded cipher keys */
+ (*aes_keyexp_fn)(xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+
+ } else {
+ if (xform->cipher.key.length != 8) {
+ MB_LOG_ERR("Invalid cipher key length");
+ return -EINVAL;
+ }
+ sess->cipher.key_length_in_bytes = 8;
+
+ des_key_schedule((uint64_t
*)sess->cipher.expanded_aes_keys.encode,
+ xform->cipher.key.data);
+ des_key_schedule((uint64_t
*)sess->cipher.expanded_aes_keys.decode,
+ xform->cipher.key.data);
+ }
return 0;
}
diff --git a/test/test/test_cryptodev.c b/test/test/test_cryptodev.c
index a4116c6..c282f4d 100644
--- a/test/test/test_cryptodev.c
+++ b/test/test/test_cryptodev.c
@@ -4691,6 +4691,44 @@ test_DES_docsis_openssl_all(void)
}
static int
+test_DES_cipheronly_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_CIPHERONLY_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
+test_DES_docsis_mb_all(void)
+{
+ struct crypto_testsuite_params *ts_params = &testsuite_params;
+ int status;
+
+ status = test_blockcipher_all_tests(ts_params->mbuf_pool,
+ ts_params->op_mpool,
+ ts_params->session_mpool,
+ ts_params->valid_devs[0],
+ rte_cryptodev_driver_id_get(
+ RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)),
+ BLKCIPHER_DES_DOCSIS_TYPE);
+
+ TEST_ASSERT_EQUAL(status, 0, "Test failed");
+
+ return TEST_SUCCESS;
+}
+
+static int
test_3DES_chain_dpaa2_sec_all(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -8289,6 +8327,10 @@ static struct unit_test_suite
cryptodev_aesni_mb_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_AES_docsis_mb_all),
TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_cipheronly_mb_all),
+ TEST_CASE_ST(ut_setup, ut_teardown,
+ test_DES_docsis_mb_all),
TEST_CASES_END() /**< NULL terminate unit test array */
}
diff --git a/test/test/test_cryptodev_des_test_vectors.h
b/test/test/test_cryptodev_des_test_vectors.h
index 0b6e0b8..14123d7 100644
--- a/test/test/test_cryptodev_des_test_vectors.h
+++ b/test/test/test_cryptodev_des_test_vectors.h
@@ -851,13 +851,15 @@ static const struct blockcipher_test_case
des_cipheronly_test_cases[] = {
.test_descr = "DES-CBC Encryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-CBC Decryption",
.test_data = &des_cbc_test_vector,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
- .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
};
@@ -965,42 +967,48 @@ static const struct blockcipher_test_case
des_docsis_test_cases[] = {
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Encryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Encryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Full Block Decryption",
.test_data = &des_test_data_1,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Runt Block Decryption",
.test_data = &des_test_data_2,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI Uneven Decryption",
.test_data = &des_test_data_3,
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Full Block Encryption",
@@ -1008,7 +1016,8 @@ static const struct blockcipher_test_case
des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Runt Block Encryption",
@@ -1016,7 +1025,8 @@ static const struct blockcipher_test_case
des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Uneven Encryption",
@@ -1024,7 +1034,8 @@ static const struct blockcipher_test_case
des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Full Block Decryption",
@@ -1032,7 +1043,8 @@ static const struct blockcipher_test_case
des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Runt Block Decryption",
@@ -1040,7 +1052,8 @@ static const struct blockcipher_test_case
des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
},
{
.test_descr = "DES-DOCSIS-BPI OOP Uneven Decryption",
@@ -1048,7 +1061,8 @@ static const struct blockcipher_test_case
des_docsis_test_cases[] = {
.op_mask = BLOCKCIPHER_TEST_OP_DECRYPT,
.feature_mask = BLOCKCIPHER_TEST_FEATURE_OOP,
.pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_OPENSSL |
- BLOCKCIPHER_TEST_TARGET_PMD_QAT
+ BLOCKCIPHER_TEST_TARGET_PMD_QAT |
+ BLOCKCIPHER_TEST_TARGET_PMD_MB
}
};
--
2.9.4
