From: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
Date: Wed, 26 Feb 2020 09:04:10 +0000 (+0000)
Subject: crypto/qat: support DOCSIS AES-256
X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=2aab3ff3d8cf;p=dpdk.git

crypto/qat: support DOCSIS AES-256

This patch adds support for DOCSIS AES-256 when using qat

Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
---

diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h
index 028a56c568..7d216dea4f 100644
--- a/drivers/crypto/qat/qat_sym_capabilities.h
+++ b/drivers/crypto/qat/qat_sym_capabilities.h
@@ -333,8 +333,8 @@
 				.block_size = 16,			\
 				.key_size = {				\
 					.min = 16,			\
-					.max = 16,			\
-					.increment = 0			\
+					.max = 32,			\
+					.increment = 16			\
 				},					\
 				.iv_size = {				\
 					.min = 16,			\
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 4359f2f0b8..d8b21bc2bd 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -35,7 +35,7 @@ bpi_cipher_ctx_free(void *bpi_ctx)
 static int
 bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm cryptodev_algo,
 		enum rte_crypto_cipher_operation direction __rte_unused,
-		const uint8_t *key, void **ctx)
+		const uint8_t *key, uint16_t key_length, void **ctx)
 {
 	const EVP_CIPHER *algo = NULL;
 	int ret;
@@ -49,7 +49,10 @@ bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm cryptodev_algo,
 	if (cryptodev_algo == RTE_CRYPTO_CIPHER_DES_DOCSISBPI)
 		algo = EVP_des_ecb();
 	else
-		algo = EVP_aes_128_ecb();
+		if (key_length == ICP_QAT_HW_AES_128_KEY_SZ)
+			algo = EVP_aes_128_ecb();
+		else
+			algo = EVP_aes_256_ecb();
 
 	/* IV will be ECB encrypted whether direction is encrypt or decrypt*/
 	if (EVP_EncryptInit_ex(*ctx, algo, NULL, key, 0) != 1) {
@@ -286,6 +289,7 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
 					cipher_xform->algo,
 					cipher_xform->op,
 					cipher_xform->key.data,
+					cipher_xform->key.length,
 					&session->bpi_ctx);
 		if (ret != 0) {
 			QAT_LOG(ERR, "failed to create DES BPI ctx");
@@ -304,6 +308,7 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
 					cipher_xform->algo,
 					cipher_xform->op,
 					cipher_xform->key.data,
+					cipher_xform->key.length,
 					&session->bpi_ctx);
 		if (ret != 0) {
 			QAT_LOG(ERR, "failed to create AES BPI ctx");
@@ -1909,6 +1914,9 @@ int qat_sym_validate_aes_docsisbpi_key(int key_len,
 	case ICP_QAT_HW_AES_128_KEY_SZ:
 		*alg = ICP_QAT_HW_CIPHER_ALGO_AES128;
 		break;
+	case ICP_QAT_HW_AES_256_KEY_SZ:
+		*alg = ICP_QAT_HW_CIPHER_ALGO_AES256;
+		break;
 	default:
 		return -EINVAL;
 	}