From patchwork Fri Sep 10 16:45:16 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "De Lara Guarch,
 Pablo" <pablo.de.lara.guarch@intel.com>
X-Patchwork-Id: 98661
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id E7003A0547;
	Fri, 10 Sep 2021 18:45:28 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 887BE4068C;
	Fri, 10 Sep 2021 18:45:28 +0200 (CEST)
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136])
 by mails.dpdk.org (Postfix) with ESMTP id 5E47A4067E
 for <dev@dpdk.org>; Fri, 10 Sep 2021 18:45:27 +0200 (CEST)
X-IronPort-AV: E=McAfee;i="6200,9189,10103"; a="200643285"
X-IronPort-AV: E=Sophos;i="5.85,283,1624345200"; d="scan'208";a="200643285"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
 by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 10 Sep 2021 09:45:19 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.85,283,1624345200"; d="scan'208";a="505161913"
Received: from silpixa00401162.ir.intel.com ([10.55.128.50])
 by fmsmga008.fm.intel.com with ESMTP; 10 Sep 2021 09:45:18 -0700
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: declan.doherty@intel.com,
	ciara.power@intel.com
Cc: dev@dpdk.org,
	Pablo de Lara <pablo.de.lara.guarch@intel.com>
Date: Fri, 10 Sep 2021 16:45:16 +0000
Message-Id: <20210910164516.807659-1-pablo.de.lara.guarch@intel.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Subject: [dpdk-dev] [PATCH] crypto/ipsec_mb: support ZUC-256
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Add support for ZUC-EEA3-256 and ZUC-EIA3-256
(only 4-byte tags supported for now).

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---

This patch depends on patchset https://patches.dpdk.org/project/dpdk/list/?series=18470

---

 doc/guides/cryptodevs/aesni_mb.rst     |  1 +
 doc/guides/rel_notes/release_21_11.rst |  4 ++++
 drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 18 ++++++++++--------
 3 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 3551a0dbd7..948128ae9b 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -77,6 +77,7 @@ Limitations
   protocol.
 * RTE_CRYPTO_CIPHER_DES_DOCSISBPI is not supported for combined Crypto-CRC
   DOCSIS security protocol.
+* The only tag size supported for ZUC-EIA3-256 is 4 bytes.
 
 
 Installation
diff --git a/doc/guides/rel_notes/release_21_11.rst b/doc/guides/rel_notes/release_21_11.rst
index 3fa8018695..71380d4986 100644
--- a/doc/guides/rel_notes/release_21_11.rst
+++ b/doc/guides/rel_notes/release_21_11.rst
@@ -82,6 +82,10 @@ New Features
 
   * Added PDCP short MAC-I support.
 
+* **Updated the aesni_mb crypto PMD.**
+
+  * Added support for ZUC-EEA3-256 and ZUC-EIA3-256.
+
 
 Removed Items
 -------------
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index e05865798b..31c25e2bc7 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -526,8 +526,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
 				.block_size = 16,
 				.key_size = {
 					.min = 16,
-					.max = 16,
-					.increment = 0
+					.max = 32,
+					.increment = 16
 				},
 				.digest_size = {
 					.min = 4,
@@ -551,8 +551,8 @@ static const struct rte_cryptodev_capabilities aesni_mb_capabilities[] = {
 				.block_size = 16,
 				.key_size = {
 					.min = 16,
-					.max = 16,
-					.increment = 0
+					.max = 32,
+					.increment = 16
 				},
 				.iv_size = {
 					.min = 16,
@@ -1099,7 +1099,8 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 		}
 		sess->auth.gen_digest_len = sess->auth.req_digest_len;
 
-		memcpy(sess->auth.zuc_auth_key, xform->auth.key.data, 16);
+		memcpy(sess->auth.zuc_auth_key, xform->auth.key.data,
+			xform->auth.key.length);
 		return 0;
 	} else if (xform->auth.algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2) {
 		sess->auth.algo = IMB_AUTH_SNOW3G_UIA2_BITLEN;
@@ -1427,13 +1428,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr,
 
 		sess->cipher.key_length_in_bytes = 24;
 	} else if (is_zuc) {
-		if (xform->cipher.key.length != 16) {
+		if (xform->cipher.key.length != 16 &&
+				xform->cipher.key.length != 32) {
 			IPSEC_MB_LOG(ERR, "Invalid cipher key length");
 			return -EINVAL;
 		}
-		sess->cipher.key_length_in_bytes = 16;
+		sess->cipher.key_length_in_bytes = xform->cipher.key.length;
 		memcpy(sess->cipher.zuc_cipher_key, xform->cipher.key.data,
-			16);
+			xform->cipher.key.length);
 	} else if (is_snow3g) {
 		if (xform->cipher.key.length != 16) {
 			IPSEC_MB_LOG(ERR, "Invalid cipher key length");