[dpdk-dev] [PATCH v2] cryptodev: enable BPI for Cablelabs DOCSIS security spec

De Lara Guarch, Pablo pablo.de.lara.guarch at intel.com
Mon Mar 6 17:47:05 CET 2017

> -----Original Message-----
> From: De Lara Guarch, Pablo
> Sent: Thursday, February 23, 2017 2:03 PM
> To: Doherty, Declan; Trahe, Fiona
> Cc: dev at dpdk.org; De Lara Guarch, Pablo
> Subject: [PATCH v2] cryptodev: enable BPI for Cablelabs DOCSIS security
> spec
> Extend the DPDK cryptodev API to enable processing of packets according
> to the Baseline Privacy Interface Plus (BPI+) Specification described in
> the security specification of the Cablelabs Data-over-Cable Service
> Interface Specification (DOCSIS).
> Brief summary of BPI+ symmetric cryptography requirements:
> BPI+ cryptography uses a block cipher (AES-CBC/DES-CBC) to
> encrypt/decrypt
> all the whole blocks in the packet. However the data length is not always
> a block-multiple, so where there is a final block less than the full block
> size this residual block requires special handling using AES-CFB/DES-CFB
> mode. Similar special handling is specified where there is only one block,
> smaller than the block size for the cipher. See spec for further details.
> https://apps.cablelabs.com/specification/docsis-3-1-security-specification/
> Two new elements are added to the enum rte_crypto_cipher_algorithm.
> Note elements of this enum are actually a combination of an algorithm
> (AES,
> 3DES, etc) and mode (CBC, CTR, etc). The new DOCSISBPI mode is used to
> convey to the PMD that the mode applied should be the specific
> combination
> of CBC and CFB required by the DOCSIS Baseline Privacy Plus Spec.
> Signed-off-by: Fiona Trahe <fiona.trahe at intel.com>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>

Applied to dpdk-next-crypto.


More information about the dev mailing list