[dpdk-dev] [PATCH v3] crypto/qat: support DOCSIS AES-256

Mairtin o Loingsigh mairtin.oloingsigh at intel.com
Mon May 11 12:19:14 CEST 2020


This patch adds support for DOCSIS AES-256 when using qat

Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh at intel.com>
Acked-by: Fiona Trahe <fiona.trahe at intel.com>
---
 drivers/crypto/qat/qat_sym_capabilities.h |  4 ++--
 drivers/crypto/qat/qat_sym_session.c      | 12 ++++++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h
index 028a56c56..7d216dea4 100644
--- a/drivers/crypto/qat/qat_sym_capabilities.h
+++ b/drivers/crypto/qat/qat_sym_capabilities.h
@@ -333,8 +333,8 @@
 				.block_size = 16,			\
 				.key_size = {				\
 					.min = 16,			\
-					.max = 16,			\
-					.increment = 0			\
+					.max = 32,			\
+					.increment = 16			\
 				},					\
 				.iv_size = {				\
 					.min = 16,			\
diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 4359f2f0b..d8b21bc2b 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -35,7 +35,7 @@ bpi_cipher_ctx_free(void *bpi_ctx)
 static int
 bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm cryptodev_algo,
 		enum rte_crypto_cipher_operation direction __rte_unused,
-		const uint8_t *key, void **ctx)
+		const uint8_t *key, uint16_t key_length, void **ctx)
 {
 	const EVP_CIPHER *algo = NULL;
 	int ret;
@@ -49,7 +49,10 @@ bpi_cipher_ctx_init(enum rte_crypto_cipher_algorithm cryptodev_algo,
 	if (cryptodev_algo == RTE_CRYPTO_CIPHER_DES_DOCSISBPI)
 		algo = EVP_des_ecb();
 	else
-		algo = EVP_aes_128_ecb();
+		if (key_length == ICP_QAT_HW_AES_128_KEY_SZ)
+			algo = EVP_aes_128_ecb();
+		else
+			algo = EVP_aes_256_ecb();
 
 	/* IV will be ECB encrypted whether direction is encrypt or decrypt*/
 	if (EVP_EncryptInit_ex(*ctx, algo, NULL, key, 0) != 1) {
@@ -286,6 +289,7 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
 					cipher_xform->algo,
 					cipher_xform->op,
 					cipher_xform->key.data,
+					cipher_xform->key.length,
 					&session->bpi_ctx);
 		if (ret != 0) {
 			QAT_LOG(ERR, "failed to create DES BPI ctx");
@@ -304,6 +308,7 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev,
 					cipher_xform->algo,
 					cipher_xform->op,
 					cipher_xform->key.data,
+					cipher_xform->key.length,
 					&session->bpi_ctx);
 		if (ret != 0) {
 			QAT_LOG(ERR, "failed to create AES BPI ctx");
@@ -1909,6 +1914,9 @@ int qat_sym_validate_aes_docsisbpi_key(int key_len,
 	case ICP_QAT_HW_AES_128_KEY_SZ:
 		*alg = ICP_QAT_HW_CIPHER_ALGO_AES128;
 		break;
+	case ICP_QAT_HW_AES_256_KEY_SZ:
+		*alg = ICP_QAT_HW_CIPHER_ALGO_AES256;
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.12.3



More information about the dev mailing list