doca_flow_crypto.h

Go to the documentation of this file.

/*
 * Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES, ALL RIGHTS RESERVED.
 *
 * This software product is a proprietary product of NVIDIA CORPORATION &
 * AFFILIATES (the "Company") and all right, title, and interest in and to the
 * software product, including all associated intellectual property rights, are
 * and shall remain exclusively with the Company.
 *
 * This software product is governed by the End User License Agreement
 * provided with the software product.
 *
 */
 
#ifndef DOCA_FLOW_CRYPTO_H_
#define DOCA_FLOW_CRYPTO_H_
 
#include <doca_compat.h>
#include <doca_error.h>
 
#ifdef __cplusplus
extern "C" {
#endif
 
struct doca_flow_port;
 
struct doca_flow_crypto_psp_spi_key_bulk;
 
enum doca_flow_crypto_resource_type {
    DOCA_FLOW_CRYPTO_RESOURCE_NONE = 0,
    DOCA_FLOW_CRYPTO_RESOURCE_IPSEC_SA,
    DOCA_FLOW_CRYPTO_RESOURCE_PSP,
};
 
enum doca_flow_crypto_action_type {
    DOCA_FLOW_CRYPTO_ACTION_NONE = 0,
    DOCA_FLOW_CRYPTO_ACTION_ENCRYPT,
    DOCA_FLOW_CRYPTO_ACTION_DECRYPT,
};
 
enum doca_flow_crypto_encap_action_type {
    DOCA_FLOW_CRYPTO_REFORMAT_NONE = 0,
    DOCA_FLOW_CRYPTO_REFORMAT_ENCAP,
    DOCA_FLOW_CRYPTO_REFORMAT_DECAP,
};
 
enum doca_flow_crypto_encap_net_type {
    DOCA_FLOW_CRYPTO_HEADER_NONE = 0,
    DOCA_FLOW_CRYPTO_HEADER_ESP_TUNNEL,
    DOCA_FLOW_CRYPTO_HEADER_ESP_OVER_IPV4,
    DOCA_FLOW_CRYPTO_HEADER_ESP_OVER_IPV6,
    DOCA_FLOW_CRYPTO_HEADER_UDP_ESP_OVER_IPV4,
    DOCA_FLOW_CRYPTO_HEADER_UDP_ESP_OVER_IPV6,
    DOCA_FLOW_CRYPTO_HEADER_ESP_OVER_LAN,
    DOCA_FLOW_CRYPTO_HEADER_PSP_TUNNEL,
    DOCA_FLOW_CRYPTO_HEADER_PSP_OVER_IPV4,
    DOCA_FLOW_CRYPTO_HEADER_PSP_OVER_IPV6,
    DOCA_FLOW_CRYPTO_HEADER_NON_ESP_MARKER
};
 
enum doca_flow_crypto_key_type {
    DOCA_FLOW_CRYPTO_KEY_128,
    DOCA_FLOW_CRYPTO_KEY_256,
};
 
enum doca_flow_crypto_icv_len {
    DOCA_FLOW_CRYPTO_ICV_LENGTH_8,
    DOCA_FLOW_CRYPTO_ICV_LENGTH_12,
    DOCA_FLOW_CRYPTO_ICV_LENGTH_16,
};
 
enum doca_flow_crypto_replay_win_size {
    DOCA_FLOW_CRYPTO_REPLAY_WIN_SIZE_32,
    DOCA_FLOW_CRYPTO_REPLAY_WIN_SIZE_64,
    DOCA_FLOW_CRYPTO_REPLAY_WIN_SIZE_128,
    DOCA_FLOW_CRYPTO_REPLAY_WIN_SIZE_256,
};
 
enum doca_flow_crypto_sn_offload_type {
    DOCA_FLOW_CRYPTO_SN_OFFLOAD_INC,
    DOCA_FLOW_CRYPTO_SN_OFFLOAD_AR,
};
 
struct doca_flow_crypto_key_cfg {
    enum doca_flow_crypto_key_type key_type;
    uint32_t *key;
};
 
DOCA_EXPERIMENTAL
doca_error_t doca_flow_crypto_psp_master_key_rotate(struct doca_flow_port *port);
 
DOCA_EXPERIMENTAL
doca_error_t doca_flow_crypto_psp_spi_key_bulk_alloc(struct doca_flow_port *port,
                             enum doca_flow_crypto_key_type key_type,
                             uint32_t nr_spi_keys,
                             struct doca_flow_crypto_psp_spi_key_bulk **spi_key_bulk);
 
DOCA_EXPERIMENTAL
doca_error_t doca_flow_crypto_psp_spi_key_bulk_generate(struct doca_flow_crypto_psp_spi_key_bulk *spi_key_bulk);
 
DOCA_EXPERIMENTAL
doca_error_t doca_flow_crypto_psp_spi_key_bulk_get(struct doca_flow_crypto_psp_spi_key_bulk *spi_key_bulk,
                           uint32_t spi_key_idx,
                           uint32_t *spi,
                           uint32_t *key);
 
DOCA_EXPERIMENTAL
doca_error_t doca_flow_crypto_psp_spi_key_wipe(struct doca_flow_crypto_psp_spi_key_bulk *spi_key_bulk,
                           uint32_t spi_key_idx);
 
DOCA_EXPERIMENTAL
doca_error_t doca_flow_crypto_psp_spi_key_bulk_clear(struct doca_flow_crypto_psp_spi_key_bulk *spi_key_bulk);
 
DOCA_EXPERIMENTAL
doca_error_t doca_flow_crypto_psp_spi_key_bulk_free(struct doca_flow_crypto_psp_spi_key_bulk *spi_key_bulk);
 
DOCA_EXPERIMENTAL
int doca_flow_crypto_ipsec_resource_handle(struct doca_flow_port *port,
                       uint64_t quota,
                       uint32_t max_processed_resources);
 
DOCA_EXPERIMENTAL
doca_error_t doca_flow_crypto_ipsec_update_sn(uint32_t shared_res_id, uint64_t sequence_number);
 
#ifdef __cplusplus
} /* extern "C" */
#endif
 
#endif /* DOCA_FLOW_CRYPTO_H_ */