/** Parse crypto xform chain and set private session parameters */
int
aesni_mb_set_session_parameters(const struct aesni_mb_ops *mb_ops,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
const struct rte_crypto_sym_xform *auth_xform = NULL;
const struct rte_crypto_sym_xform *cipher_xform = NULL;
/* Select Crypto operation - hash then cipher / cipher then hash */
switch (aesni_mb_get_chain_order(xform)) {
case HASH_CIPHER:
sess->chain_order = HASH_CIPHER;
auth_xform = xform;
cipher_xform = xform->next;
break;
case CIPHER_HASH:
sess->chain_order = CIPHER_HASH;
auth_xform = xform->next;
cipher_xform = xform;
break;
default:
MB_LOG_ERR("Unsupported operation chain order parameter");
return -1;
}
if (aesni_mb_set_session_auth_parameters(mb_ops, sess, auth_xform)) {
MB_LOG_ERR("Invalid/unsupported authentication parameters");
return -1;
}
if (aesni_mb_set_session_cipher_parameters(mb_ops, sess,
cipher_xform)) {
MB_LOG_ERR("Invalid/unsupported cipher parameters");
return -1;
}
return 0;
}
/** Parse crypto xform chain and set private session parameters */
int
aesni_mb_set_session_parameters(const struct aesni_mb_op_fns *mb_ops,
struct aesni_mb_session *sess,
const struct rte_crypto_sym_xform *xform)
{
const struct rte_crypto_sym_xform *auth_xform = NULL;
const struct rte_crypto_sym_xform *cipher_xform = NULL;
const struct rte_crypto_sym_xform *aead_xform = NULL;
int ret;
/* Select Crypto operation - hash then cipher / cipher then hash */
switch (aesni_mb_get_chain_order(xform)) {
case AESNI_MB_OP_HASH_CIPHER:
sess->chain_order = HASH_CIPHER;
auth_xform = xform;
cipher_xform = xform->next;
break;
case AESNI_MB_OP_CIPHER_HASH:
sess->chain_order = CIPHER_HASH;
auth_xform = xform->next;
cipher_xform = xform;
break;
case AESNI_MB_OP_HASH_ONLY:
sess->chain_order = HASH_CIPHER;
auth_xform = xform;
cipher_xform = NULL;
break;
case AESNI_MB_OP_CIPHER_ONLY:
/*
* Multi buffer library operates only at two modes,
* CIPHER_HASH and HASH_CIPHER. When doing ciphering only,
* chain order depends on cipher operation: encryption is always
* the first operation and decryption the last one.
*/
if (xform->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
sess->chain_order = CIPHER_HASH;
else
sess->chain_order = HASH_CIPHER;
auth_xform = NULL;
cipher_xform = xform;
break;
case AESNI_MB_OP_AEAD_CIPHER_HASH:
sess->chain_order = CIPHER_HASH;
sess->aead.aad_len = xform->aead.aad_length;
aead_xform = xform;
break;
case AESNI_MB_OP_AEAD_HASH_CIPHER:
sess->chain_order = HASH_CIPHER;
sess->aead.aad_len = xform->aead.aad_length;
aead_xform = xform;
break;
case AESNI_MB_OP_NOT_SUPPORTED:
default:
AESNI_MB_LOG(ERR, "Unsupported operation chain order parameter");
return -ENOTSUP;
}
/* Default IV length = 0 */
sess->iv.length = 0;
ret = aesni_mb_set_session_auth_parameters(mb_ops, sess, auth_xform);
if (ret != 0) {
AESNI_MB_LOG(ERR, "Invalid/unsupported authentication parameters");
return ret;
}
ret = aesni_mb_set_session_cipher_parameters(mb_ops, sess,
cipher_xform);
if (ret != 0) {
AESNI_MB_LOG(ERR, "Invalid/unsupported cipher parameters");
return ret;
}
if (aead_xform) {
ret = aesni_mb_set_session_aead_parameters(mb_ops, sess,
aead_xform);
if (ret != 0) {
AESNI_MB_LOG(ERR, "Invalid/unsupported aead parameters");
return ret;
}
}
return 0;
}
