[1/7] crypto/cnxk: return error for unsupported paths
Checks
Commit Message
Returning error in control path for unsupported
algorithm combinations.
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
drivers/common/cnxk/roc_se.c | 12 +++++++++---
drivers/crypto/cnxk/cnxk_cryptodev_ops.c | 5 +++++
2 files changed, 14 insertions(+), 3 deletions(-)
@@ -329,6 +329,11 @@ roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
if (!key_len)
return -1;
+ if (se_ctx->fc_type == ROC_SE_FC_GEN) {
+ plt_err("Cipher and Auth algorithm combination is not supported");
+ return -1;
+ }
+
if (roc_model_is_cn9k()) {
ci_key = zs_ctx->zuc.onk_ctx.ci_key;
zuc_const = zs_ctx->zuc.onk_ctx.zuc_const;
@@ -454,12 +459,13 @@ roc_se_auth_key_set(struct roc_se_ctx *se_ctx, roc_se_auth_type type,
return 0;
}
- if (!se_ctx->fc_type ||
- (type && type != ROC_SE_GMAC_TYPE && !se_ctx->enc_cipher))
+ if (!se_ctx->fc_type || (type && type != ROC_SE_GMAC_TYPE && !se_ctx->enc_cipher))
se_ctx->fc_type = ROC_SE_HASH_HMAC;
- if (se_ctx->fc_type == ROC_SE_FC_GEN && key_len > 64)
+ if (se_ctx->fc_type == ROC_SE_FC_GEN && key_len > 64) {
+ plt_err("Maximum auth key length supported is 64");
return -1;
+ }
/* For GMAC auth, cipher must be NULL */
if (type == ROC_SE_GMAC_TYPE) {
@@ -551,6 +551,11 @@ cnxk_sess_fill(struct roc_cpt *roc_cpt, struct rte_crypto_sym_xform *xform,
return -EINVAL;
}
+ if (c_xfrm->cipher.algo == RTE_CRYPTO_CIPHER_AES_XTS) {
+ plt_err("AES XTS with auth algorithm is not supported");
+ return -ENOTSUP;
+ }
+
if (c_xfrm->cipher.algo == RTE_CRYPTO_CIPHER_3DES_CBC &&
a_xfrm->auth.algo == RTE_CRYPTO_AUTH_SHA1) {
plt_dp_err("3DES-CBC + SHA1 is not supported");