Enabling the SHA224 support in ipsec proto mode
for dpaax drivers.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
drivers/common/dpaax/caamflib/desc.h | 5 ++++-
drivers/common/dpaax/caamflib/desc/ipsec.h | 5 +++++
drivers/common/dpaax/caamflib/rta/protocol_cmd.h | 5 ++++-
drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 10 +++++++++-
drivers/crypto/dpaa_sec/dpaa_sec.c | 10 +++++++++-
5 files changed, 31 insertions(+), 4 deletions(-)
@@ -1,7 +1,7 @@
/* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0)
*
* Copyright 2008-2016 Freescale Semiconductor Inc.
- * Copyright 2016, 2019 NXP
+ * Copyright 2016, 2019, 2023 NXP
*
*/
@@ -662,6 +662,9 @@ extern enum rta_sec_era rta_sec_era;
#define OP_PCL_IPSEC_HMAC_SHA2_256_128 0x000c
#define OP_PCL_IPSEC_HMAC_SHA2_384_192 0x000d
#define OP_PCL_IPSEC_HMAC_SHA2_512_256 0x000e
+#define OP_PCL_IPSEC_HMAC_SHA2_224_96 0x00f2
+#define OP_PCL_IPSEC_HMAC_SHA2_224_112 0x00f4
+#define OP_PCL_IPSEC_HMAC_SHA2_224_224 0x00f8
/* For SRTP - OP_PCLID_SRTP */
#define OP_PCL_SRTP_CIPHER_MASK 0xff00
@@ -710,6 +710,11 @@ static inline void __gen_auth_key(struct program *program,
case OP_PCL_IPSEC_HMAC_SHA2_512_256:
dkp_protid = OP_PCLID_DKP_SHA512;
break;
+ case OP_PCL_IPSEC_HMAC_SHA2_224_96:
+ case OP_PCL_IPSEC_HMAC_SHA2_224_112:
+ case OP_PCL_IPSEC_HMAC_SHA2_224_224:
+ dkp_protid = OP_PCLID_DKP_SHA224;
+ break;
default:
KEY(program, KEY2, authdata->key_enc_flags, authdata->key,
authdata->keylen, INLINE_KEY(authdata));
@@ -1,7 +1,7 @@
/* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0)
*
* Copyright 2008-2016 Freescale Semiconductor Inc.
- * Copyright 2016,2019 NXP
+ * Copyright 2016,2019,2023 NXP
*
*/
@@ -241,6 +241,9 @@ __rta_ipsec_proto(uint16_t protoinfo)
case OP_PCL_IPSEC_HMAC_MD5_128:
case OP_PCL_IPSEC_HMAC_SHA1_160:
case OP_PCL_IPSEC_AES_CMAC_96:
+ case OP_PCL_IPSEC_HMAC_SHA2_224_96:
+ case OP_PCL_IPSEC_HMAC_SHA2_224_112:
+ case OP_PCL_IPSEC_HMAC_SHA2_224_224:
case OP_PCL_IPSEC_HMAC_SHA2_256_128:
case OP_PCL_IPSEC_HMAC_SHA2_384_192:
case OP_PCL_IPSEC_HMAC_SHA2_512_256:
@@ -3005,6 +3005,15 @@ dpaa2_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
authdata->algtype = OP_PCL_IPSEC_HMAC_MD5_96;
authdata->algmode = OP_ALG_AAI_HMAC;
break;
+ case RTE_CRYPTO_AUTH_SHA224_HMAC:
+ authdata->algmode = OP_ALG_AAI_HMAC;
+ if (session->digest_length == 6)
+ authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_224_96;
+ else if (session->digest_length == 14)
+ authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_224_224;
+ else
+ authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_224_112;
+ break;
case RTE_CRYPTO_AUTH_SHA256_HMAC:
authdata->algtype = OP_PCL_IPSEC_HMAC_SHA2_256_128;
authdata->algmode = OP_ALG_AAI_HMAC;
@@ -3032,7 +3041,6 @@ dpaa2_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
case RTE_CRYPTO_AUTH_NULL:
authdata->algtype = OP_PCL_IPSEC_HMAC_NULL;
break;
- case RTE_CRYPTO_AUTH_SHA224_HMAC:
case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
case RTE_CRYPTO_AUTH_SHA1:
case RTE_CRYPTO_AUTH_SHA256:
@@ -2817,6 +2817,15 @@ dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
"+++Using sha256-hmac truncated len is non-standard,"
"it will not work with lookaside proto");
break;
+ case RTE_CRYPTO_AUTH_SHA224_HMAC:
+ session->auth_key.algmode = OP_ALG_AAI_HMAC;
+ if (session->digest_length == 6)
+ session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_224_96;
+ else if (session->digest_length == 14)
+ session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_224_224;
+ else
+ session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_224_112;
+ break;
case RTE_CRYPTO_AUTH_SHA384_HMAC:
session->auth_key.alg = OP_PCL_IPSEC_HMAC_SHA2_384_192;
session->auth_key.algmode = OP_ALG_AAI_HMAC;
@@ -2836,7 +2845,6 @@ dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
session->auth_key.alg = OP_PCL_IPSEC_AES_XCBC_MAC_96;
session->auth_key.algmode = OP_ALG_AAI_XCBC_MAC;
break;
- case RTE_CRYPTO_AUTH_SHA224_HMAC:
case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
case RTE_CRYPTO_AUTH_SHA1:
case RTE_CRYPTO_AUTH_SHA256: