From patchwork Fri Apr 14 04:35:45 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tejasree Kondoj <ktejasree@marvell.com>
X-Patchwork-Id: 126059
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 713FD4293B;
	Fri, 14 Apr 2023 06:35:52 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 49A75410F6;
	Fri, 14 Apr 2023 06:35:52 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id A4D52400D5
 for <dev@dpdk.org>; Fri, 14 Apr 2023 06:35:50 +0200 (CEST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 33E3K4HV013352; Thu, 13 Apr 2023 21:35:49 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : mime-version : content-transfer-encoding :
 content-type; s=pfpt0220; bh=CuSBaF7drQVVZgMszBY3HAJYOTKvu+bxFv6mZm2mK7w=;
 b=fWeyPD3jIj7vSiP8JdP/90hZw4bse1YB5EYrX0DbWEW0QaXHwv8VSL94FvJp3WHsCcHB
 Nw5TBpdH4vK/09z6cJNy9wqxe4fCPGyWQht1XbxY12dxMJQsKWGh9X+4LahgC5hXytqm
 YNozG9PcgeSkjID3Z0dCaygYd4mr5fXskXsU7A3PAyl7qIaqWn878ti+vuaHwLXCqN0u
 90hDZHo1gY7CQQP1pe+Qkq27DUmaNauZ/HmtX73Qm+BPz9Vr6rQDhv1Uy9IEZxjwSFst
 +bNVqYujA84qo5w0wBI7SW3LB1SVh7Yb0Xv/1azRVj7HRFjQJmXQScPvPLzf5fNSg5ou kQ==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3pxxu8896k-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
 Thu, 13 Apr 2023 21:35:49 -0700
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48;
 Thu, 13 Apr 2023 21:35:47 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend
 Transport; Thu, 13 Apr 2023 21:35:47 -0700
Received: from hyd1554.marvell.com (unknown [10.29.57.11])
 by maili.marvell.com (Postfix) with ESMTP id 4826A3F7044;
 Thu, 13 Apr 2023 21:35:46 -0700 (PDT)
From: Tejasree Kondoj <ktejasree@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>, Radu Nicolau <radu.nicolau@intel.com>
CC: Anoob Joseph <anoobj@marvell.com>, <dev@dpdk.org>
Subject: [PATCH] examples/ipsec-secgw: fix AES-CTR IV length
Date: Fri, 14 Apr 2023 10:05:45 +0530
Message-ID: <20230414043545.784656-1-ktejasree@marvell.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: RZSkjFgIXbcwoWRyjrPiwoV01x-r2j1w
X-Proofpoint-GUID: RZSkjFgIXbcwoWRyjrPiwoV01x-r2j1w
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22
 definitions=2023-04-14_01,2023-04-13_01,2023-02-09_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Set AES-CTR IV length to 8 in SA config as it is
used for per packet IV length and set it to 16
in xform since the application populates 16B IV
in the datapath. AES-CTR requires 16B IV
constructed from nonce and counter.

Fixes: 5ff7502f345e ("examples/ipsec-secgw: set AES-CTR IV length to 16")

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
---
 examples/ipsec-secgw/sa.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 5f5d2685f6..63eadb3393 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -96,10 +96,8 @@ const struct supported_cipher_algo cipher_algos[] = {
 	{
 		.keyword = "aes-128-ctr",
 		.algo = RTE_CRYPTO_CIPHER_AES_CTR,
-		/* iv_len includes 8B per packet IV, 4B nonce
-		 * and 4B counter
-		 */
-		.iv_len = 16,
+		/* Per packet IV length */
+		.iv_len = 8,
 		.block_size = 4,
 		.key_len = 20
 	},
@@ -1332,9 +1330,14 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
 			case RTE_CRYPTO_CIPHER_DES_CBC:
 			case RTE_CRYPTO_CIPHER_3DES_CBC:
 			case RTE_CRYPTO_CIPHER_AES_CBC:
-			case RTE_CRYPTO_CIPHER_AES_CTR:
 				iv_length = sa->iv_len;
 				break;
+			case RTE_CRYPTO_CIPHER_AES_CTR:
+				/* Length includes 8B per packet IV, 4B nonce and
+				 * 4B counter as populated in datapath.
+				 */
+				iv_length = 16;
+				break;
 			default:
 				RTE_LOG(ERR, IPSEC_ESP,
 						"unsupported cipher algorithm %u\n",