@@ -67,6 +67,8 @@ Hash algorithms:
* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA3_512``
* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHAKE_128``
+* ``RTE_CRYPTO_AUTH_SHAKE_256``
* ``RTE_CRYPTO_AUTH_SNOW3G_UIA2``
* ``RTE_CRYPTO_AUTH_ZUC_EIA3``
* ``RTE_CRYPTO_AUTH_AES_CMAC``
@@ -71,6 +71,8 @@ SHA3_384 = Y
SHA3_384 HMAC = Y
SHA3_512 = Y
SHA3_512 HMAC = Y
+SHAKE_128 = Y
+SHAKE_256 = Y
;
; Supported AEAD algorithms of 'cn10k' crypto driver.
@@ -72,6 +72,8 @@ SHA3_384 = Y
SHA3_384 HMAC = Y
SHA3_512 = Y
SHA3_512 HMAC = Y
+SHAKE_128 = Y
+SHAKE_256 = Y
;
; Supported AEAD algorithms of 'cn9k' crypto driver.
@@ -85,8 +85,8 @@ typedef enum {
ROC_SE_SHA3_SHA256 = 11,
ROC_SE_SHA3_SHA384 = 12,
ROC_SE_SHA3_SHA512 = 13,
- ROC_SE_SHA3_SHAKE256 = 14,
- ROC_SE_SHA3_SHAKE512 = 15,
+ ROC_SE_SHA3_SHAKE128 = 14,
+ ROC_SE_SHA3_SHAKE256 = 15,
/* These are only for software use */
ROC_SE_ZUC_EIA3 = 0x90,
@@ -10,7 +10,7 @@
#include "roc_cpt.h"
-#define CNXK_CPT_MAX_CAPS 45
+#define CNXK_CPT_MAX_CAPS 47
#define CNXK_SEC_CRYPTO_MAX_CAPS 16
#define CNXK_SEC_MAX_CAPS 9
#define CNXK_AE_EC_ID_MAX 8
@@ -498,6 +498,46 @@ static const struct rte_cryptodev_capabilities caps_sha3[] = {
}, }
}, }
},
+ { /* SHAKE_128 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_128,
+ .block_size = 168,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 255,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
+ { /* SHAKE_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 255,
+ .increment = 1
+ },
+ }, }
+ }, }
+ },
};
static const struct rte_cryptodev_capabilities caps_chacha20[] = {
@@ -192,6 +192,13 @@ cpt_mac_len_verify(struct rte_crypto_auth_xform *auth)
case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
ret = (mac_len <= 64) ? 0 : -1;
break;
+ /* SHAKE itself doesn't have limitation of digest length,
+ * but in microcode size of length field is limited to 8 bits
+ */
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ case RTE_CRYPTO_AUTH_SHAKE_256:
+ ret = (mac_len <= UINT8_MAX) ? 0 : -1;
+ break;
case RTE_CRYPTO_AUTH_NULL:
ret = 0;
break;
@@ -1949,6 +1956,14 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
is_sha3 = 1;
auth_type = ROC_SE_SHA3_SHA512;
break;
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ is_sha3 = 1;
+ auth_type = ROC_SE_SHA3_SHAKE128;
+ break;
+ case RTE_CRYPTO_AUTH_SHAKE_256:
+ is_sha3 = 1;
+ auth_type = ROC_SE_SHA3_SHAKE256;
+ break;
case RTE_CRYPTO_AUTH_MD5_HMAC:
case RTE_CRYPTO_AUTH_MD5:
auth_type = ROC_SE_MD5_TYPE;