From 2aab3ff3d8cf65a503592e0fb83b718bd8ae22ce Mon Sep 17 00:00:00 2001 From: Mairtin o Loingsigh Date: Wed, 26 Feb 2020 09:04:10 +0000 Subject: [PATCH] crypto/qat: support DOCSIS AES-256 This patch adds support for DOCSIS AES-256 when using qat Signed-off-by: Mairtin o Loingsigh Acked-by: Fiona Trahe --- drivers/crypto/qat/qat_sym_capabilities.h | 4 ++-- drivers/crypto/qat/qat_sym_session.c | 12 ++++++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h index 028a56c568..7d216dea4f 100644 --- a/drivers/crypto/qat/qat_sym_capabilities.h +++ b/drivers/crypto/qat/qat_sym_capabilities.h @@ -333,8 +333,8 @@ .block_size = 16, \ .key_size = { \ .min = 16, \ - .max = 16, \ - .increment = 0 \ + .max = 32, \ + .increment = 16 \ }, \ .iv_size = { \ .min = 16, \ diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index 4359f2f0b8..d8b21bc2bd 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -35,7 +35,7 @@ bpi_cipher_ctx_free(void *bpi_ctx) static int bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm cryptodev_algo, enum rte_crypto_cipher_operation direction __rte_unused, - const uint8_t *key, void **ctx) + const uint8_t *key, uint16_t key_length, void **ctx) { const EVP_CIPHER *algo = NULL; int ret; @@ -49,7 +49,10 @@ bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm cryptodev_algo, if (cryptodev_algo == RTE_CRYPTO_CIPHER_DES_DOCSISBPI) algo = EVP_des_ecb(); else - algo = EVP_aes_128_ecb(); + if (key_length == ICP_QAT_HW_AES_128_KEY_SZ) + algo = EVP_aes_128_ecb(); + else + algo = EVP_aes_256_ecb(); /* IV will be ECB encrypted whether direction is encrypt or decrypt*/ if (EVP_EncryptInit_ex(*ctx, algo, NULL, key, 0) != 1) { @@ -286,6 +289,7 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev, cipher_xform->algo, cipher_xform->op, cipher_xform->key.data, + cipher_xform->key.length, &session->bpi_ctx); if (ret != 0) { QAT_LOG(ERR, "failed to create DES BPI ctx"); @@ -304,6 +308,7 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev, cipher_xform->algo, cipher_xform->op, cipher_xform->key.data, + cipher_xform->key.length, &session->bpi_ctx); if (ret != 0) { QAT_LOG(ERR, "failed to create AES BPI ctx"); @@ -1909,6 +1914,9 @@ int qat_sym_validate_aes_docsisbpi_key(int key_len, case ICP_QAT_HW_AES_128_KEY_SZ: *alg = ICP_QAT_HW_CIPHER_ALGO_AES128; break; + case ICP_QAT_HW_AES_256_KEY_SZ: + *alg = ICP_QAT_HW_CIPHER_ALGO_AES256; + break; default: return -EINVAL; } -- 2.20.1