crypto/qat: support DOCSIS AES-256

This patch adds support for DOCSIS AES-256 when using qat

Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h
index 028a56c..7d216de 100644 (file)
--- a/drivers/crypto/qat/qat_sym_capabilities.h
+++ b/drivers/crypto/qat/qat_sym_capabilities.h
@@ -333,8 +333,8 @@
                                .block_size = 16,                       \
                                .key_size = {                           \
                                        .min = 16,                      \
-                                       .max = 16,                      \
-                                       .increment = 0                  \
+                                       .max = 32,                      \
+                                       .increment = 16                 \
                                },                                      \
                                .iv_size = {                            \
                                        .min = 16,                      \

diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 4359f2f..d8b21bc 100644 (file)
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -35,7 +35,7 @@ bpi_cipher_ctx_free(void *bpi_ctx)
 static int
 bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm cryptodev_algo,
                enum rte_crypto_cipher_operation direction __rte_unused,
-               const uint8_t *key, void **ctx)
+               const uint8_t *key, uint16_t key_length, void **ctx)
 {
        const EVP_CIPHER *algo = NULL;
        int ret;
@@ -49,7 +49,10 @@ bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm cryptodev_algo,
        if (cryptodev_algo == RTE_CRYPTO_CIPHER_DES_DOCSISBPI)
                algo = EVP_des_ecb();
        else
-               algo = EVP_aes_128_ecb();
+               if (key_length == ICP_QAT_HW_AES_128_KEY_SZ)
+                       algo = EVP_aes_128_ecb();
+               else
+                       algo = EVP_aes_256_ecb();
 
        /* IV will be ECB encrypted whether direction is encrypt or decrypt*/
        if (EVP_EncryptInit_ex(*ctx, algo, NULL, key, 0) != 1) {
@@ -286,6 +289,7 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
                                        cipher_xform->algo,
                                        cipher_xform->op,
                                        cipher_xform->key.data,
+                                       cipher_xform->key.length,
                                        &session->bpi_ctx);
                if (ret != 0) {
                        QAT_LOG(ERR, "failed to create DES BPI ctx");
@@ -304,6 +308,7 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
                                        cipher_xform->algo,
                                        cipher_xform->op,
                                        cipher_xform->key.data,
+                                       cipher_xform->key.length,
                                        &session->bpi_ctx);
                if (ret != 0) {
                        QAT_LOG(ERR, "failed to create AES BPI ctx");
@@ -1909,6 +1914,9 @@ int qat_sym_validate_aes_docsisbpi_key(int key_len,
        case ICP_QAT_HW_AES_128_KEY_SZ:
                *alg = ICP_QAT_HW_CIPHER_ALGO_AES128;
                break;
+       case ICP_QAT_HW_AES_256_KEY_SZ:
+               *alg = ICP_QAT_HW_CIPHER_ALGO_AES256;
+               break;
        default:
                return -EINVAL;
        }