[dpdk-dev] [PATCH v2] crypto/aesni_mb: fix DOCSIS AES-256
Pablo de Lara
pablo.de.lara.guarch at intel.com
Thu Apr 23 15:46:49 CEST 2020
When adding support for DOCSIS AES-256,
when setting the cipher parameters, all key sizes
were accepted, but only 128-bit and 256-bit keys
are supported.
Fixes: 124d04b43743 ("crypto/aesni_mb: support DOCSIS AES-256")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
Acked-by: Mairtin o Loingsigh <mairtin.oloingsigh at intel.com>
---
v2:
- Fixed commit message (missing a word).
- Rebased on top of dpdk-next-crypto
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index a1d59e8..5ff6a79 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -381,6 +381,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
{
uint8_t is_aes = 0;
uint8_t is_3DES = 0;
+ uint8_t is_docsis = 0;
if (xform == NULL) {
sess->cipher.mode = NULL_CIPHER;
@@ -417,7 +418,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
break;
case RTE_CRYPTO_CIPHER_AES_DOCSISBPI:
sess->cipher.mode = DOCSIS_SEC_BPI;
- is_aes = 1;
+ is_docsis = 1;
break;
case RTE_CRYPTO_CIPHER_DES_CBC:
sess->cipher.mode = DES;
@@ -463,6 +464,26 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
AESNI_MB_LOG(ERR, "Invalid cipher key length");
return -EINVAL;
}
+ } else if (is_docsis) {
+ switch (xform->cipher.key.length) {
+ case AES_128_BYTES:
+ sess->cipher.key_length_in_bytes = AES_128_BYTES;
+ IMB_AES_KEYEXP_128(mb_mgr, xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+ break;
+#if IMB_VERSION_NUM >= IMB_VERSION(0, 53, 3)
+ case AES_256_BYTES:
+ sess->cipher.key_length_in_bytes = AES_256_BYTES;
+ IMB_AES_KEYEXP_256(mb_mgr, xform->cipher.key.data,
+ sess->cipher.expanded_aes_keys.encode,
+ sess->cipher.expanded_aes_keys.decode);
+ break;
+#endif
+ default:
+ AESNI_MB_LOG(ERR, "Invalid cipher key length");
+ return -EINVAL;
+ }
} else if (is_3DES) {
uint64_t *keys[3] = {sess->cipher.exp_3des_keys.key[0],
sess->cipher.exp_3des_keys.key[1],
--
2.7.5
More information about the dev
mailing list