};
/**
- * Synchronous operation descriptor.
- * Supposed to be used with CPU crypto API call.
+ * Crypto virtual and IOVA address descriptor, used to describe cryptographic
+ * data buffer without the length information. The length information is
+ * normally predefined during session creation.
+ */
+struct rte_crypto_va_iova_ptr {
+ void *va;
+ rte_iova_t iova;
+};
+
+/**
+ * Raw data operation descriptor.
+ * Supposed to be used with synchronous CPU crypto API call or asynchronous
+ * RAW data path API call.
*/
struct rte_crypto_sym_vec {
+ /** number of operations to perform */
+ uint32_t num;
/** array of SGL vectors */
struct rte_crypto_sgl *sgl;
- /** array of pointers to IV */
- void **iv;
- /** array of pointers to AAD */
- void **aad;
+ /** array of pointers to cipher IV */
+ struct rte_crypto_va_iova_ptr *iv;
/** array of pointers to digest */
- void **digest;
+ struct rte_crypto_va_iova_ptr *digest;
+
+ __extension__
+ union {
+ /** array of pointers to auth IV, used for chain operation */
+ struct rte_crypto_va_iova_ptr *auth_iv;
+ /** array of pointers to AAD, used for AEAD operation */
+ struct rte_crypto_va_iova_ptr *aad;
+ };
+
/**
* array of statuses for each operation:
- * - 0 on success
- * - errno on error
+ * - 0 on success
+ * - errno on error
*/
int32_t *status;
- /** number of operations to perform */
- uint32_t num;
};
/**
} ofs;
};
-/** Symmetric Cipher Algorithms */
+/** Symmetric Cipher Algorithms
+ *
+ * Note, to avoid ABI breakage across releases
+ * - LIST_END should not be added to this enum
+ * - the order of enums should not be changed
+ * - new algorithms should only be added to the end
+ */
enum rte_crypto_cipher_algorithm {
RTE_CRYPTO_CIPHER_NULL = 1,
/**< NULL cipher algorithm. No mode applies to the NULL algorithm. */
* for m_src and m_dst in the rte_crypto_sym_op must be NULL.
*/
- RTE_CRYPTO_CIPHER_DES_DOCSISBPI,
+ RTE_CRYPTO_CIPHER_DES_DOCSISBPI
/**< DES algorithm using modes required by
* DOCSIS Baseline Privacy Plus Spec.
* Chained mbufs are not supported in this mode, i.e. rte_mbuf.next
* for m_src and m_dst in the rte_crypto_sym_op must be NULL.
*/
-
- RTE_CRYPTO_CIPHER_LIST_END
-
};
/** Cipher algorithm name strings */
} iv; /**< Initialisation vector parameters */
};
-/** Symmetric Authentication / Hash Algorithms */
+/** Symmetric Authentication / Hash Algorithms
+ *
+ * Note, to avoid ABI breakage across releases
+ * - LIST_END should not be added to this enum
+ * - the order of enums should not be changed
+ * - new algorithms should only be added to the end
+ */
enum rte_crypto_auth_algorithm {
RTE_CRYPTO_AUTH_NULL = 1,
/**< NULL hash algorithm. */
/**< HMAC using MD5 algorithm */
RTE_CRYPTO_AUTH_SHA1,
- /**< 128 bit SHA algorithm. */
+ /**< 160 bit SHA algorithm. */
RTE_CRYPTO_AUTH_SHA1_HMAC,
- /**< HMAC using 128 bit SHA algorithm. */
+ /**< HMAC using 160 bit SHA algorithm.
+ * HMAC-SHA-1-96 can be generated by setting
+ * digest_length to 12 bytes in auth/aead xforms.
+ */
RTE_CRYPTO_AUTH_SHA224,
/**< 224 bit SHA algorithm. */
RTE_CRYPTO_AUTH_SHA224_HMAC,
/**< HMAC using 384 bit SHA3 algorithm. */
RTE_CRYPTO_AUTH_SHA3_512,
/**< 512 bit SHA3 algorithm. */
- RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ RTE_CRYPTO_AUTH_SHA3_512_HMAC
/**< HMAC using 512 bit SHA3 algorithm. */
-
- RTE_CRYPTO_AUTH_LIST_END
};
/** Authentication algorithm name strings */
};
-/** Symmetric AEAD Algorithms */
+/** Symmetric AEAD Algorithms
+ *
+ * Note, to avoid ABI breakage across releases
+ * - LIST_END should not be added to this enum
+ * - the order of enums should not be changed
+ * - new algorithms should only be added to the end
+ */
enum rte_crypto_aead_algorithm {
RTE_CRYPTO_AEAD_AES_CCM = 1,
/**< AES algorithm in CCM mode. */
RTE_CRYPTO_AEAD_AES_GCM,
/**< AES algorithm in GCM mode. */
- RTE_CRYPTO_AEAD_LIST_END
+ RTE_CRYPTO_AEAD_CHACHA20_POLY1305
+ /**< Chacha20 cipher with poly1305 authenticator */
};
/** AEAD algorithm name strings */
* be allocated, even though the length field will
* have a value less than this.
*
+ * - For Chacha20-Poly1305 it is 96-bit nonce.
+ * PMD sets initial counter for Poly1305 key generation
+ * part to 0 and for Chacha20 encryption to 1 as per
+ * rfc8439 2.8. AEAD construction.
+ *
* For optimum performance, the data pointed to SHOULD
* be 8-byte aligned.
*/
*
* - For CCM mode, this is the length of the nonce,
* which can be in the range 7 to 13 inclusive.
+ *
+ * - For Chacha20-Poly1305 this field is always 12.
*/
} iv; /**< Initialisation vector parameters */
* For KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9,
* this offset should be such that
* data to authenticate starts at COUNT.
+ *
+ * @note
+ * For DOCSIS security protocol, this
+ * offset is the DOCSIS header length
+ * and, therefore, also the CRC offset
+ * i.e. the number of bytes into the
+ * packet at which CRC calculation
+ * should begin.
*/
uint32_t length;
/**< The message length, in bytes, of the source
* the length should include the COUNT,
* FRESH, message, direction bit and padding
* (to be multiple of 8 bits).
+ *
+ * @note
+ * For DOCSIS security protocol, this
+ * is the CRC length i.e. the number of
+ * bytes in the packet over which the
+ * CRC should be calculated
*/
} data;
/**< Data offsets and length for authentication */
* @param len
* Length of data to represent.
* @param vec
+ * Pointer to an output array of IO vectors.
* @param num
+ * Size of an output array.
* @return
* - number of successfully filled entries in *vec* array.
* - negative number of elements in *vec* array required.
git.droids-corp.org / dpdk.git / blobdiff