From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Date: Thu, 23 Apr 2020 13:46:49 +0000 (+0100)
Subject: crypto/aesni_mb: fix DOCSIS AES-256
X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=6ab5245040d2e5d1da7cfe18cdbdf9f142f7a271;p=dpdk.git

crypto/aesni_mb: fix DOCSIS AES-256

When adding support for DOCSIS AES-256,
when setting the cipher parameters, all key sizes
were accepted, but only 128-bit and 256-bit keys
are supported.

Fixes: 9536622b86c8 ("crypto/aesni_mb: support DOCSIS AES-256")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
---

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 4bfc752dca..2d688f4d3d 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -381,6 +381,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
 {
 	uint8_t is_aes = 0;
 	uint8_t is_3DES = 0;
+	uint8_t is_docsis = 0;
 
 	if (xform == NULL) {
 		sess->cipher.mode = NULL_CIPHER;
@@ -417,7 +418,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
 		break;
 	case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
 		sess->cipher.mode = DOCSIS_SEC_BPI;
-		is_aes = 1;
+		is_docsis = 1;
 		break;
 	case RTE_CRYPTO_CIPHER_DES_CBC:
 		sess->cipher.mode = DES;
@@ -463,6 +464,26 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
 			AESNI_MB_LOG(ERR, "Invalid cipher key length");
 			return -EINVAL;
 		}
+	} else if (is_docsis) {
+		switch (xform->cipher.key.length) {
+		case AES_128_BYTES:
+			sess->cipher.key_length_in_bytes = AES_128_BYTES;
+			IMB_AES_KEYEXP_128(mb_mgr, xform->cipher.key.data,
+					sess->cipher.expanded_aes_keys.encode,
+					sess->cipher.expanded_aes_keys.decode);
+			break;
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+		case AES_256_BYTES:
+			sess->cipher.key_length_in_bytes = AES_256_BYTES;
+			IMB_AES_KEYEXP_256(mb_mgr, xform->cipher.key.data,
+					sess->cipher.expanded_aes_keys.encode,
+					sess->cipher.expanded_aes_keys.decode);
+			break;
+#endif
+		default:
+			AESNI_MB_LOG(ERR, "Invalid cipher key length");
+			return -EINVAL;
+		}
 	} else if (is_3DES) {
 		uint64_t *keys[3] = {sess->cipher.exp_3des_keys.key[0],
 				sess->cipher.exp_3des_keys.key[1],