From 1a75e9f3fadbb1587afc6ef63236cba0e7b78c50 Mon Sep 17 00:00:00 2001 From: Pablo de Lara Date: Fri, 11 Mar 2016 00:02:50 +0000 Subject: [PATCH] examples/l2fwd-crypto: add cipher/hash only cases Added cipher-only, hash-only operation cases, which will be supported in the future. Also, only sets authentication and ciphering parameters when needed. Signed-off-by: Pablo de Lara Tested-by: Min Cao Acked-by: Sergio Gonzalez Monroy --- examples/l2fwd-crypto/main.c | 112 ++++++++++++++++++++++++----------- 1 file changed, 76 insertions(+), 36 deletions(-) diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c index d7e349934d..c8e4c6efce 100644 --- a/examples/l2fwd-crypto/main.c +++ b/examples/l2fwd-crypto/main.c @@ -115,7 +115,9 @@ struct op_buffer { enum l2fwd_crypto_xform_chain { L2FWD_CRYPTO_CIPHER_HASH, - L2FWD_CRYPTO_HASH_CIPHER + L2FWD_CRYPTO_HASH_CIPHER, + L2FWD_CRYPTO_CIPHER_ONLY, + L2FWD_CRYPTO_HASH_ONLY }; struct l2fwd_key { @@ -159,6 +161,9 @@ struct l2fwd_crypto_params { struct l2fwd_key iv; struct l2fwd_key aad; struct rte_cryptodev_sym_session *session; + + uint8_t do_cipher; + uint8_t do_hash; }; /** lcore configuration */ @@ -393,30 +398,33 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m, /* Set crypto operation data parameters */ rte_crypto_op_attach_sym_session(op, cparams->session); - /* Append space for digest to end of packet */ - op->sym->auth.digest.data = (uint8_t *)rte_pktmbuf_append(m, - cparams->digest_length); - op->sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(m, - rte_pktmbuf_pkt_len(m) - cparams->digest_length); - op->sym->auth.digest.length = cparams->digest_length; - - op->sym->auth.data.offset = ipdata_offset; - op->sym->auth.data.length = data_len; - + if (cparams->do_hash) { + /* Append space for digest to end of packet */ + op->sym->auth.digest.data = (uint8_t *)rte_pktmbuf_append(m, + cparams->digest_length); + op->sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(m, + rte_pktmbuf_pkt_len(m) - cparams->digest_length); + op->sym->auth.digest.length = cparams->digest_length; + + op->sym->auth.data.offset = ipdata_offset; + op->sym->auth.data.length = data_len; + + if (cparams->aad.length) { + op->sym->auth.aad.data = cparams->aad.data; + op->sym->auth.aad.phys_addr = cparams->aad.phys_addr; + op->sym->auth.aad.length = cparams->aad.length; + } + } - op->sym->cipher.iv.data = cparams->iv.data; - op->sym->cipher.iv.phys_addr = cparams->iv.phys_addr; - op->sym->cipher.iv.length = cparams->iv.length; + if (cparams->do_cipher) { + op->sym->cipher.iv.data = cparams->iv.data; + op->sym->cipher.iv.phys_addr = cparams->iv.phys_addr; + op->sym->cipher.iv.length = cparams->iv.length; - if (cparams->aad.length) { - op->sym->auth.aad.data = cparams->aad.data; - op->sym->auth.aad.phys_addr = cparams->aad.phys_addr; - op->sym->auth.aad.length = cparams->aad.length; + op->sym->cipher.data.offset = ipdata_offset; + op->sym->cipher.data.length = data_len; } - op->sym->cipher.data.offset = ipdata_offset; - op->sym->cipher.data.length = data_len; - op->sym->m_src = m; return l2fwd_crypto_enqueue(op, cparams); @@ -508,9 +516,13 @@ initialize_crypto_session(struct l2fwd_crypto_options *options, if (options->xform_chain == L2FWD_CRYPTO_CIPHER_HASH) { first_xform = &options->cipher_xform; first_xform->next = &options->auth_xform; - } else { + } else if (options->xform_chain == L2FWD_CRYPTO_HASH_CIPHER) { first_xform = &options->auth_xform; first_xform->next = &options->cipher_xform; + } else if (options->xform_chain == L2FWD_CRYPTO_CIPHER_ONLY) { + first_xform = &options->cipher_xform; + } else { + first_xform = &options->auth_xform; } /* Setup Cipher Parameters */ @@ -553,26 +565,48 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options) } for (i = 0; i < qconf->nb_crypto_devs; i++) { + port_cparams[i].do_cipher = 0; + port_cparams[i].do_hash = 0; + + switch (options->xform_chain) { + case L2FWD_CRYPTO_CIPHER_HASH: + case L2FWD_CRYPTO_HASH_CIPHER: + port_cparams[i].do_cipher = 1; + port_cparams[i].do_hash = 1; + break; + case L2FWD_CRYPTO_HASH_ONLY: + port_cparams[i].do_hash = 1; + break; + case L2FWD_CRYPTO_CIPHER_ONLY: + port_cparams[i].do_cipher = 1; + break; + } + port_cparams[i].dev_id = qconf->cryptodev_list[i]; port_cparams[i].qp_id = 0; port_cparams[i].block_size = 64; - port_cparams[i].digest_length = 20; - port_cparams[i].iv.length = 16; - port_cparams[i].iv.data = options->iv.data; - port_cparams[i].iv.phys_addr = options->iv.phys_addr; - if (!options->iv_param) - generate_random_key(options->iv.data, - port_cparams[i].iv.length); + if (port_cparams[i].do_hash) { + port_cparams[i].digest_length = 20; - port_cparams[i].aad.length = - options->auth_xform.auth.add_auth_data_length; - port_cparams[i].aad.phys_addr = options->aad.phys_addr; - port_cparams[i].aad.data = options->aad.data; - if (!options->aad_param) - generate_random_key(options->aad.data, - port_cparams[i].aad.length); + port_cparams[i].aad.length = + options->auth_xform.auth.add_auth_data_length; + port_cparams[i].aad.phys_addr = options->aad.phys_addr; + port_cparams[i].aad.data = options->aad.data; + if (!options->aad_param) + generate_random_key(options->aad.data, + port_cparams[i].aad.length); + } + + if (port_cparams[i].do_cipher) { + port_cparams[i].iv.length = 16; + port_cparams[i].iv.data = options->iv.data; + port_cparams[i].iv.phys_addr = options->iv.phys_addr; + if (!options->iv_param) + generate_random_key(options->iv.data, + port_cparams[i].iv.length); + } port_cparams[i].session = initialize_crypto_session(options, @@ -745,6 +779,12 @@ parse_crypto_opt_chain(struct l2fwd_crypto_options *options, char *optarg) } else if (strcmp("HASH_CIPHER", optarg) == 0) { options->xform_chain = L2FWD_CRYPTO_HASH_CIPHER; return 0; + } else if (strcmp("CIPHER_ONLY", optarg) == 0) { + options->xform_chain = L2FWD_CRYPTO_CIPHER_ONLY; + return 0; + } else if (strcmp("HASH_ONLY", optarg) == 0) { + options->xform_chain = L2FWD_CRYPTO_HASH_ONLY; + return 0; } return -1; -- 2.20.1