diff mbox series

[5/5] crypto/dpaa_sec: add support for AES CMAC integrity check

Message ID 20210721073920.21893-5-hemant.agrawal@nxp.com
State Superseded
Headers show
Series [1/5] crypto/dpaa2_sec: fix to check next null for auth only case | expand

Commit Message

Hemant Agrawal July 21, 2021, 7:39 a.m. UTC
From: Gagandeep Singh <g.singh@nxp.com>


This patch adds support for AES_CMAC integrity in non-security mode.
This patch modifies the camm flib to handles the AES CMAC
without conflicting the proto ALG operations. i.e. by creating
another ALG operation routine.

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>

---
 doc/guides/cryptodevs/features/dpaa_sec.ini |  1 +
 drivers/crypto/dpaa_sec/dpaa_sec.c          | 10 +++++
 drivers/crypto/dpaa_sec/dpaa_sec.h          | 43 +++++++++++++++++++++
 3 files changed, 54 insertions(+)

-- 
2.17.1
diff mbox series

Patch

diff --git a/doc/guides/cryptodevs/features/dpaa_sec.ini b/doc/guides/cryptodevs/features/dpaa_sec.ini
index d7bc319373..6a8f77fb1d 100644
--- a/doc/guides/cryptodevs/features/dpaa_sec.ini
+++ b/doc/guides/cryptodevs/features/dpaa_sec.ini
@@ -48,6 +48,7 @@  SHA512 HMAC  = Y
 SNOW3G UIA2  = Y
 ZUC EIA3     = Y
 AES XCBC MAC = Y
+AES CMAC (128) = Y
 
 ;
 ; Supported AEAD algorithms of the 'dpaa_sec' crypto driver.
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.c b/drivers/crypto/dpaa_sec/dpaa_sec.c
index fc9c3a4c2c..c5416df726 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.c
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.c
@@ -528,6 +528,7 @@  dpaa_sec_prep_cdb(dpaa_sec_session *ses)
 						ses->digest_length);
 			break;
 		case RTE_CRYPTO_AUTH_AES_XCBC_MAC:
+		case RTE_CRYPTO_AUTH_AES_CMAC:
 			shared_desc_len = cnstr_shdsc_aes_mac(
 						cdb->sh_desc,
 						true, swap, SHR_NEVER,
@@ -2180,6 +2181,10 @@  dpaa_sec_auth_init(struct rte_cryptodev *dev __rte_unused,
 		session->auth_key.alg = OP_ALG_ALGSEL_AES;
 		session->auth_key.algmode = OP_ALG_AAI_XCBC_MAC;
 		break;
+	case RTE_CRYPTO_AUTH_AES_CMAC:
+		session->auth_key.alg = OP_ALG_ALGSEL_AES;
+		session->auth_key.algmode = OP_ALG_AAI_CMAC;
+		break;
 	default:
 		DPAA_SEC_ERR("Crypto: Unsupported Auth specified %u",
 			      xform->auth.algo);
@@ -2265,6 +2270,10 @@  dpaa_sec_chain_init(struct rte_cryptodev *dev __rte_unused,
 		session->auth_key.alg = OP_ALG_ALGSEL_AES;
 		session->auth_key.algmode = OP_ALG_AAI_XCBC_MAC;
 		break;
+	case RTE_CRYPTO_AUTH_AES_CMAC:
+		session->auth_key.alg = OP_ALG_ALGSEL_AES;
+		session->auth_key.algmode = OP_ALG_AAI_CMAC;
+		break;
 	default:
 		DPAA_SEC_ERR("Crypto: Unsupported Auth specified %u",
 			      auth_xform->algo);
@@ -2700,6 +2709,7 @@  dpaa_sec_ipsec_proto_init(struct rte_crypto_cipher_xform *cipher_xform,
 		break;
 	case RTE_CRYPTO_AUTH_AES_CMAC:
 		session->auth_key.alg = OP_PCL_IPSEC_AES_CMAC_96;
+		session->auth_key.algmode = OP_ALG_AAI_CMAC;
 		break;
 	case RTE_CRYPTO_AUTH_NULL:
 		session->auth_key.alg = OP_PCL_IPSEC_HMAC_NULL;
diff --git a/drivers/crypto/dpaa_sec/dpaa_sec.h b/drivers/crypto/dpaa_sec/dpaa_sec.h
index d500a4c246..c94d78e046 100644
--- a/drivers/crypto/dpaa_sec/dpaa_sec.h
+++ b/drivers/crypto/dpaa_sec/dpaa_sec.h
@@ -712,6 +712,49 @@  static const struct rte_cryptodev_capabilities dpaa_sec_capabilities[] = {
 			}, }
 		}, }
 	},
+	{       /* AES CMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_AES_CMAC,
+				.block_size = 16,
+				.key_size = {
+					.min = 1,
+					.max = 16,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 12,
+					.max = 16,
+					.increment = 4
+				},
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
+	{       /* AES XCBC HMAC */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+				.block_size = 16,
+				.key_size = {
+					.min = 1,
+					.max = 16,
+					.increment = 1
+				},
+				.digest_size = {
+					.min = 12,
+					.max = 16,
+					.increment = 4
+				},
+				.aad_size = { 0 },
+				.iv_size = { 0 }
+			}, }
+		}, }
+	},
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };