crypto/ipsec_mb: support ZUC-256 for aesni_mb

Add support for ZUC-EEA3-256 and ZUC-EIA3-256.
Only 4-byte tags supported for now.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 3551a0d..948128a 100644 (file)
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -77,6 +77,7 @@ Limitations
   protocol.
 * RTE_CRYPTO_CIPHER_DES_DOCSISBPI is not supported for combined Crypto-CRC
   DOCSIS security protocol.
+* The only tag size supported for ZUC-EIA3-256 is 4 bytes.
 
 
 Installation

diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst
index 9d5454a..31dccce 100644 (file)
--- a/doc/guides/rel_notes/release_21_11.rst
+++ b/doc/guides/rel_notes/release_21_11.rst
@@ -232,6 +232,10 @@ New Features
     however their usage and EAL options remain unchanged.
     * AESNI_MB PMD.
 
+* **Updated the aesni_mb crypto PMD.**
+
+  * Added support for ZUC-EEA3-256 and ZUC-EIA3-256.
+
 * **Updated the ACC100 bbdev PMD.**
 
   Added support for more comprehensive CRC options.

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index a395d27..e05bc04 100644 (file)
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -179,7 +179,15 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
        }
 
        if (xform->auth.algo == RTE_CRYPTO_AUTH_ZUC_EIA3) {
-               sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+               if (xform->auth.key.length == 16) {
+                       sess->auth.algo = IMB_AUTH_ZUC_EIA3_BITLEN;
+               } else if (xform->auth.key.length == 32) {
+                       sess->auth.algo = IMB_AUTH_ZUC256_EIA3_BITLEN;
+               } else {
+                       IPSEC_MB_LOG(ERR, "Invalid authentication key length\n");
+                       return -EINVAL;
+               }
+
                uint16_t zuc_eia3_digest_len =
                        get_truncated_digest_byte_length(
                                                IMB_AUTH_ZUC_EIA3_BITLEN);
@@ -189,7 +197,8 @@ aesni_mb_set_session_auth_parameters(const IMB_MGR *mb_mgr,
                }
                sess->auth.gen_digest_len = sess->auth.req_digest_len;
 
-               memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
+               memcpy(sess->auth.zuc_auth_key, xform->auth.key.data,
+                       xform->auth.key.length);
                return 0;
        } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
                sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
@@ -522,13 +531,14 @@ aesni_mb_set_session_cipher_parameters(const IMB_MGR *mb_mgr,
 
                sess->cipher.key_length_in_bytes = 24;
        } else if (is_zuc) {
-               if (xform->cipher.key.length != 16) {
+               if (xform->cipher.key.length != 16 &&
+                               xform->cipher.key.length != 32) {
                        IPSEC_MB_LOG(ERR, "Invalid cipher key length");
                        return -EINVAL;
                }
-               sess->cipher.key_length_in_bytes = 16;
+               sess->cipher.key_length_in_bytes = xform->cipher.key.length;
                memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
-                       16);
+                       xform->cipher.key.length);
        } else if (is_snow3g) {
                if (xform->cipher.key.length != 16) {
                        IPSEC_MB_LOG(ERR, "Invalid cipher key length");
@@ -1150,6 +1160,7 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
                job->dec_keys = &session->cipher.gcm_key;
                break;
        case IMB_AUTH_ZUC_EIA3_BITLEN:
+       case IMB_AUTH_ZUC256_EIA3_BITLEN:
                job->u.ZUC_EIA3._key = session->auth.zuc_auth_key;
                job->u.ZUC_EIA3._iv = rte_crypto_op_ctod_offset(op, uint8_t *,
                                                session->auth_iv.offset);

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
index db7d283..d37cc78 100644 (file)
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb_priv.h
@@ -526,8 +526,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
                                .block_size = 16,
                                .key_size = {
                                        .min = 16,
-                                       .max = 16,
-                                       .increment = 0
+                                       .max = 32,
+                                       .increment = 16
                                },
                                .digest_size = {
                                        .min = 4,
@@ -536,8 +536,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
                                },
                                .iv_size = {
                                        .min = 16,
-                                       .max = 16,
-                                       .increment = 0
+                                       .max = 25,
+                                       .increment = 9
                                }
                        }, }
                }, }
@@ -551,13 +551,13 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
                                .block_size = 16,
                                .key_size = {
                                        .min = 16,
-                                       .max = 16,
-                                       .increment = 0
+                                       .max = 32,
+                                       .increment = 16
                                },
                                .iv_size = {
                                        .min = 16,
-                                       .max = 16,
-                                       .increment = 0
+                                       .max = 25,
+                                       .increment = 9
                                },
                        }, }
                }, }