uint8_t do_cipher;
uint8_t do_hash;
uint8_t hash_verify;
+
+ enum rte_crypto_cipher_algorithm cipher_algo;
+ enum rte_crypto_auth_algorithm auth_algo;
};
/** lcore configuration */
rte_pktmbuf_pkt_len(m) - cparams->digest_length);
op->sym->auth.digest.length = cparams->digest_length;
- op->sym->auth.data.offset = ipdata_offset;
- op->sym->auth.data.length = data_len;
+ /* For SNOW3G algorithms, offset/length must be in bits */
+ if (cparams->auth_algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
+ op->sym->auth.data.offset = ipdata_offset << 3;
+ op->sym->auth.data.length = data_len << 3;
+ } else {
+ op->sym->auth.data.offset = ipdata_offset;
+ op->sym->auth.data.length = data_len;
+ }
if (cparams->aad.length) {
op->sym->auth.aad.data = cparams->aad.data;
op->sym->cipher.iv.phys_addr = cparams->iv.phys_addr;
op->sym->cipher.iv.length = cparams->iv.length;
- op->sym->cipher.data.offset = ipdata_offset;
- if (cparams->do_hash && cparams->hash_verify)
- /* Do not cipher the hash tag */
- op->sym->cipher.data.length = data_len -
- cparams->digest_length;
- else
- op->sym->cipher.data.length = data_len;
+ /* For SNOW3G algorithms, offset/length must be in bits */
+ if (cparams->cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2) {
+ op->sym->cipher.data.offset = ipdata_offset << 3;
+ if (cparams->do_hash && cparams->hash_verify)
+ /* Do not cipher the hash tag */
+ op->sym->cipher.data.length = (data_len -
+ cparams->digest_length) << 3;
+ else
+ op->sym->cipher.data.length = data_len << 3;
+
+ } else {
+ op->sym->cipher.data.offset = ipdata_offset;
+ if (cparams->do_hash && cparams->hash_verify)
+ /* Do not cipher the hash tag */
+ op->sym->cipher.data.length = data_len -
+ cparams->digest_length;
+ else
+ op->sym->cipher.data.length = data_len;
+ }
}
op->sym->m_src = m;
port_cparams[i].hash_verify = 1;
else
port_cparams[i].hash_verify = 0;
+
+ port_cparams[i].auth_algo = options->auth_xform.auth.algo;
}
if (port_cparams[i].do_cipher) {
generate_random_key(port_cparams[i].iv.data,
sizeof(port_cparams[i].iv.length));
+ port_cparams[i].cipher_algo = options->cipher_xform.cipher.algo;
}
port_cparams[i].session = initialize_crypto_session(options,
static void
l2fwd_crypto_usage(const char *prgname)
{
- printf("%s [EAL options] -- --cdev TYPE [optional parameters]\n"
+ printf("%s [EAL options] --\n"
" -p PORTMASK: hexadecimal bitmask of ports to configure\n"
" -q NQ: number of queue (=ports) per lcore (default is 1)\n"
- " -s manage all ports from single lcore"
- " -t PERIOD: statistics will be refreshed each PERIOD seconds"
+ " -s manage all ports from single lcore\n"
+ " -T PERIOD: statistics will be refreshed each PERIOD seconds"
" (0 to disable, 10 default, 86400 maximum)\n"
- " --cdev AESNI_MB / QAT\n"
+ " --cdev_type HW / SW / ANY\n"
" --chain HASH_CIPHER / CIPHER_HASH\n"
" --cipher_algo ALGO\n"
} else if (strcmp("AES_GCM", optarg) == 0) {
*algo = RTE_CRYPTO_CIPHER_AES_GCM;
return 0;
+ } else if (strcmp("NULL", optarg) == 0) {
+ *algo = RTE_CRYPTO_CIPHER_NULL;
+ return 0;
+ } else if (strcmp("SNOW3G_UEA2", optarg) == 0) {
+ *algo = RTE_CRYPTO_CIPHER_SNOW3G_UEA2;
+ return 0;
}
printf("Cipher algorithm not supported!\n");
static int
parse_auth_algo(enum rte_crypto_auth_algorithm *algo, char *optarg)
{
- if (strcmp("MD5_HMAC", optarg) == 0) {
+ if (strcmp("AES_GCM", optarg) == 0) {
+ *algo = RTE_CRYPTO_AUTH_AES_GCM;
+ return 0;
+ } else if (strcmp("MD5_HMAC", optarg) == 0) {
*algo = RTE_CRYPTO_AUTH_MD5_HMAC;
return 0;
+ } else if (strcmp("NULL", optarg) == 0) {
+ *algo = RTE_CRYPTO_AUTH_NULL;
+ return 0;
} else if (strcmp("SHA1_HMAC", optarg) == 0) {
*algo = RTE_CRYPTO_AUTH_SHA1_HMAC;
return 0;
} else if (strcmp("SHA512_HMAC", optarg) == 0) {
*algo = RTE_CRYPTO_AUTH_SHA512_HMAC;
return 0;
+ } else if (strcmp("SNOW3G_UIA2", optarg) == 0) {
+ *algo = RTE_CRYPTO_AUTH_SNOW3G_UIA2;
+ return 0;
}
printf("Authentication algorithm specified not supported!\n");
{
int retval;
- if (strcmp(lgopts[option_index].name, "cdev_type") == 0)
- return parse_cryptodev_type(&options->type, optarg);
+ if (strcmp(lgopts[option_index].name, "cdev_type") == 0) {
+ retval = parse_cryptodev_type(&options->type, optarg);
+ if (retval == 0)
+ strcpy(options->string_type, optarg);
+ return retval;
+ }
else if (strcmp(lgopts[option_index].name, "chain") == 0)
return parse_crypto_opt_chain(options, optarg);
break;
/* timer period */
- case 't':
+ case 'T':
retval = l2fwd_crypto_parse_timer_period(options,
optarg);
if (retval < 0) {