Message ID | 1484232757-6451-1-git-send-email-zbigniew.bodek@caviumnetworks.com (mailing list archive) |
---|---|
State | Accepted, archived |
Delegated to: | Pablo de Lara Guarch |
Headers | show |
Context | Check | Description |
---|---|---|
ci/checkpatch | success | coding style OK |
ci/Intel compilation | success | Compilation OK |
On 12/01/2017 14:52, zbigniew.bodek@caviumnetworks.com wrote: > From: Zbigniew Bodek <zbigniew.bodek@caviumnetworks.com> > > Add minor adjustments to support SHA256 HMAC: > - extend maximum key length to match SHA256 HMAC > - add SHA256 HMAC parameters and configuration string > - add SHA256 HMAC to inbound and outbound cases > > Signed-off-by: Zbigniew Bodek <zbigniew.bodek@caviumnetworks.com> > --- Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
> -----Original Message----- > From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Sergio Gonzalez > Monroy > Sent: Friday, January 13, 2017 8:52 AM > To: zbigniew.bodek@caviumnetworks.com; dev@dpdk.org > Cc: jerin.jacob@caviumnetworks.com > Subject: Re: [dpdk-dev] [PATCH] examples/ipsec-secgw: add support for > SHA256 HMAC > > On 12/01/2017 14:52, zbigniew.bodek@caviumnetworks.com wrote: > > From: Zbigniew Bodek <zbigniew.bodek@caviumnetworks.com> > > > > Add minor adjustments to support SHA256 HMAC: > > - extend maximum key length to match SHA256 HMAC > > - add SHA256 HMAC parameters and configuration string > > - add SHA256 HMAC to inbound and outbound cases > > > > Signed-off-by: Zbigniew Bodek <zbigniew.bodek@caviumnetworks.com> > > --- > > Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com> Applied to dpdk-next-crypto. Thanks, Pablo
diff --git a/examples/ipsec-secgw/esp.c b/examples/ipsec-secgw/esp.c index 9715ea9..e77afa0 100644 --- a/examples/ipsec-secgw/esp.c +++ b/examples/ipsec-secgw/esp.c @@ -122,6 +122,7 @@ switch (sa->auth_algo) { case RTE_CRYPTO_AUTH_NULL: case RTE_CRYPTO_AUTH_SHA1_HMAC: + case RTE_CRYPTO_AUTH_SHA256_HMAC: sym_cop->auth.data.offset = ip_hdr_len; sym_cop->auth.data.length = sizeof(struct esp_hdr) + sa->iv_len + payload_len; @@ -354,6 +355,7 @@ switch (sa->auth_algo) { case RTE_CRYPTO_AUTH_NULL: case RTE_CRYPTO_AUTH_SHA1_HMAC: + case RTE_CRYPTO_AUTH_SHA256_HMAC: sym_cop->auth.data.offset = ip_hdr_len; sym_cop->auth.data.length = sizeof(struct esp_hdr) + sa->iv_len + pad_payload_len; diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h index dbc8c2c..fe42661 100644 --- a/examples/ipsec-secgw/ipsec.h +++ b/examples/ipsec-secgw/ipsec.h @@ -90,7 +90,7 @@ struct ip_addr { } ip; }; -#define MAX_KEY_SIZE 20 +#define MAX_KEY_SIZE 32 struct ipsec_sa { uint32_t spi; diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c index 8c4406c..39624c4 100644 --- a/examples/ipsec-secgw/sa.c +++ b/examples/ipsec-secgw/sa.c @@ -114,6 +114,12 @@ struct supported_auth_algo { .key_len = 20 }, { + .keyword = "sha256-hmac", + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .digest_len = 12, + .key_len = 32 + }, + { .keyword = "aes-128-gcm", .algo = RTE_CRYPTO_AUTH_AES_GCM, .digest_len = 16,