15 #ifndef __DPDK_ESP_H__ 16 #define __DPDK_ESP_H__ 24 enum rte_crypto_cipher_algorithm algo;
31 enum rte_crypto_auth_algorithm algo;
53 c->
algo = RTE_CRYPTO_CIPHER_AES_CBC;
58 c->
algo = RTE_CRYPTO_CIPHER_AES_CBC;
63 c->
algo = RTE_CRYPTO_CIPHER_AES_CBC;
68 c->
algo = RTE_CRYPTO_CIPHER_AES_GCM;
75 i->
algo = RTE_CRYPTO_AUTH_SHA1_HMAC;
79 i->
algo = RTE_CRYPTO_AUTH_SHA256_HMAC;
83 i->
algo = RTE_CRYPTO_AUTH_SHA256_HMAC;
87 i->
algo = RTE_CRYPTO_AUTH_SHA384_HMAC;
91 i->
algo = RTE_CRYPTO_AUTH_SHA512_HMAC;
95 i->
algo = RTE_CRYPTO_AUTH_AES_GCM;
101 struct rte_crypto_sym_xform *cipher_xform)
105 case IPSEC_CRYPTO_ALG_NONE:
106 cipher_xform->cipher.algo = RTE_CRYPTO_CIPHER_NULL;
108 case IPSEC_CRYPTO_ALG_AES_CBC_128:
109 case IPSEC_CRYPTO_ALG_AES_CBC_192:
110 case IPSEC_CRYPTO_ALG_AES_CBC_256:
111 cipher_xform->cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC;
113 case IPSEC_CRYPTO_ALG_AES_GCM_128:
114 cipher_xform->cipher.algo = RTE_CRYPTO_CIPHER_AES_GCM;
120 cipher_xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
127 struct rte_crypto_sym_xform *auth_xform,
int use_esn)
131 case IPSEC_INTEG_ALG_NONE:
132 auth_xform->auth.algo = RTE_CRYPTO_AUTH_NULL;
133 auth_xform->auth.digest_length = 0;
135 case IPSEC_INTEG_ALG_SHA1_96:
136 auth_xform->auth.algo = RTE_CRYPTO_AUTH_SHA1_HMAC;
137 auth_xform->auth.digest_length = 12;
139 case IPSEC_INTEG_ALG_SHA_256_96:
140 auth_xform->auth.algo = RTE_CRYPTO_AUTH_SHA256_HMAC;
141 auth_xform->auth.digest_length = 12;
143 case IPSEC_INTEG_ALG_SHA_256_128:
144 auth_xform->auth.algo = RTE_CRYPTO_AUTH_SHA256_HMAC;
145 auth_xform->auth.digest_length = 16;
147 case IPSEC_INTEG_ALG_SHA_384_192:
148 auth_xform->auth.algo = RTE_CRYPTO_AUTH_SHA384_HMAC;
149 auth_xform->auth.digest_length = 24;
151 case IPSEC_INTEG_ALG_SHA_512_256:
152 auth_xform->auth.algo = RTE_CRYPTO_AUTH_SHA512_HMAC;
153 auth_xform->auth.digest_length = 32;
155 case IPSEC_INTEG_ALG_AES_GCM_128:
156 auth_xform->auth.algo = RTE_CRYPTO_AUTH_AES_GCM;
157 auth_xform->auth.digest_length = 16;
158 auth_xform->auth.add_auth_data_length = use_esn ? 12 : 8;
164 auth_xform->type = RTE_CRYPTO_SYM_XFORM_AUTH;
176 struct rte_crypto_sym_xform cipher_xform = { 0 };
177 struct rte_crypto_sym_xform auth_xform = { 0 };
178 struct rte_crypto_sym_xform *xfs;
179 uword key = 0, *data;
182 if (sa->
crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_128)
193 cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
194 cipher_xform.cipher.key.data = sa->
crypto_key;
197 auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
198 auth_xform.auth.key.data = sa->
integ_key;
211 cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
212 auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
213 cipher_xform.next = &auth_xform;
218 cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT;
219 auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
220 auth_xform.next = &cipher_xform;
231 rte_cryptodev_sym_session_create (cwm->
qp_data[*data].
dev_id, xfs);
#define vec_validate(V, I)
Make sure vector is long enough for given index (no header, unspecified alignment) ...
static_always_inline int translate_crypto_algo(ipsec_crypto_alg_t crypto_algo, struct rte_crypto_sym_xform *cipher_xform)
sll srl srl sll sra u16x4 i
ipsec_integ_alg_t integ_alg
static u64 clib_cpu_time_now(void)
dpdk_crypto_main_t dpdk_crypto_main
static_always_inline void dpdk_esp_init()
#define static_always_inline
static_always_inline int translate_integ_algo(ipsec_integ_alg_t integ_alg, struct rte_crypto_sym_xform *auth_xform, int use_esn)
dpdk_esp_main_t dpdk_esp_main
dpdk_esp_integ_alg_t * esp_integ_algs
dpdk_esp_crypto_alg_t * esp_crypto_algs
static_always_inline uword vlib_get_thread_index(void)
#define clib_memcpy(a, b, c)
enum rte_crypto_auth_algorithm algo
crypto_worker_main_t * workers_main
crypto_qp_data_t * qp_data
static u32 random_u32(u32 *seed)
32-bit random number generator
ipsec_crypto_alg_t crypto_alg
enum rte_crypto_cipher_algorithm algo
static_always_inline int create_sym_sess(ipsec_sa_t *sa, crypto_sa_session_t *sa_sess, u8 is_outbound)