* [PATCH] crypto/openssl: Add support for SHAKE algorithms
@ 2026-01-08 14:38 Emma Finn
2026-01-08 15:33 ` [v2] " Emma Finn
0 siblings, 1 reply; 6+ messages in thread
From: Emma Finn @ 2026-01-08 14:38 UTC (permalink / raw)
To: Akhil Goyal, Fan Zhang, Kai Ji; +Cc: dev, Emma Finn
OpenSSL 3.X has support for SHAKE, Hence adding
SHAKE-128 and SHAKE-256 support to the OpenSSL PMD.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
app/test/test_cryptodev_blockcipher.c | 4 +-
drivers/crypto/openssl/rte_openssl_pmd.c | 28 +++++++++++--
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 42 ++++++++++++++++++++
3 files changed, 70 insertions(+), 4 deletions(-)
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 6b37347789..1438f24993 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -1174,7 +1174,9 @@ authonly_setup(void)
RTE_CRYPTO_AUTH_SHA512_HMAC,
RTE_CRYPTO_AUTH_AES_CMAC,
RTE_CRYPTO_AUTH_NULL,
- RTE_CRYPTO_AUTH_AES_XCBC_MAC
+ RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+ RTE_CRYPTO_AUTH_SHAKE_128,
+ RTE_CRYPTO_AUTH_SHAKE_256
};
rte_cryptodev_info_get(dev_id, &dev_info);
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..eaf5eef6ff 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -270,6 +270,12 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ *algo = EVP_shake128();
+ break;
+ case RTE_CRYPTO_AUTH_SHAKE_256:
+ *algo = EVP_shake256();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +665,8 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ case RTE_CRYPTO_AUTH_SHAKE_256:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -1397,7 +1405,7 @@ process_openssl_auth_decryption_ccm(struct rte_mbuf *mbuf_src, int offset,
static int
process_openssl_auth(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
__rte_unused uint8_t *iv, __rte_unused EVP_PKEY * pkey,
- int srclen, EVP_MD_CTX *ctx, const EVP_MD *algo)
+ int srclen, EVP_MD_CTX *ctx, const EVP_MD *algo, int digest_length)
{
size_t dstlen;
struct rte_mbuf *m;
@@ -1437,8 +1445,22 @@ process_openssl_auth(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
}
process_auth_final:
- if (EVP_DigestFinal_ex(ctx, dst, (unsigned int *)&dstlen) <= 0)
+ /* SHAKE algorithms are XOFs and require EVP_DigestFinalXOF */
+ if (algo == EVP_shake128() || algo == EVP_shake256()) {
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ /* Set XOF output length before calling EVP_DigestFinalXOF */
+ if (EVP_MD_CTX_ctrl(ctx, EVP_MD_CTRL_XOF_LEN, digest_length, NULL) <= 0)
+ goto process_auth_err;
+ if (EVP_DigestFinalXOF(ctx, dst, digest_length) <= 0)
+ goto process_auth_err;
+#else
+ OPENSSL_LOG(ERR, "SHAKE algorithms require OpenSSL 3.0+");
goto process_auth_err;
+#endif
+ } else {
+ if (EVP_DigestFinal_ex(ctx, dst, (unsigned int *)&dstlen) <= 0)
+ goto process_auth_err;
+}
return 0;
process_auth_err:
@@ -1995,7 +2017,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
ctx_a = get_local_auth_ctx(sess, qp);
status = process_openssl_auth(mbuf_src, dst,
op->sym->auth.data.offset, NULL, NULL, srclen,
- ctx_a, sess->auth.auth.evp_algo);
+ ctx_a, sess->auth.auth.evp_algo, sess->auth.digest_length);
break;
case OPENSSL_AUTH_AS_HMAC:
ctx_h = get_local_hmac_ctx(sess, qp);
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..f6c32fdcb6 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,48 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHAKE_128 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_128,
+ .block_size = 168,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 256,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHAKE_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 256,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 6+ messages in thread* [v2] crypto/openssl: Add support for SHAKE algorithms
2026-01-08 14:38 [PATCH] crypto/openssl: Add support for SHAKE algorithms Emma Finn
@ 2026-01-08 15:33 ` Emma Finn
2026-01-23 16:34 ` Ji, Kai
2026-01-27 10:07 ` [v3] " Emma Finn
0 siblings, 2 replies; 6+ messages in thread
From: Emma Finn @ 2026-01-08 15:33 UTC (permalink / raw)
To: Akhil Goyal, Fan Zhang, Kai Ji; +Cc: dev, Emma Finn
OpenSSL 3.X has support for SHAKE, Hence adding
SHAKE-128 and SHAKE-256 support to the OpenSSL PMD.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Fixed unused digest_length variable
---
app/test/test_cryptodev_blockcipher.c | 4 +-
drivers/crypto/openssl/rte_openssl_pmd.c | 30 ++++++++++++--
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 42 ++++++++++++++++++++
3 files changed, 72 insertions(+), 4 deletions(-)
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 6b37347789..1438f24993 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -1174,7 +1174,9 @@ authonly_setup(void)
RTE_CRYPTO_AUTH_SHA512_HMAC,
RTE_CRYPTO_AUTH_AES_CMAC,
RTE_CRYPTO_AUTH_NULL,
- RTE_CRYPTO_AUTH_AES_XCBC_MAC
+ RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+ RTE_CRYPTO_AUTH_SHAKE_128,
+ RTE_CRYPTO_AUTH_SHAKE_256
};
rte_cryptodev_info_get(dev_id, &dev_info);
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..755674f71a 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -270,6 +270,12 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ *algo = EVP_shake128();
+ break;
+ case RTE_CRYPTO_AUTH_SHAKE_256:
+ *algo = EVP_shake256();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +665,8 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ case RTE_CRYPTO_AUTH_SHAKE_256:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -1397,7 +1405,7 @@ process_openssl_auth_decryption_ccm(struct rte_mbuf *mbuf_src, int offset,
static int
process_openssl_auth(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
__rte_unused uint8_t *iv, __rte_unused EVP_PKEY * pkey,
- int srclen, EVP_MD_CTX *ctx, const EVP_MD *algo)
+ int srclen, EVP_MD_CTX *ctx, const EVP_MD *algo, int digest_length)
{
size_t dstlen;
struct rte_mbuf *m;
@@ -1437,8 +1445,24 @@ process_openssl_auth(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
}
process_auth_final:
- if (EVP_DigestFinal_ex(ctx, dst, (unsigned int *)&dstlen) <= 0)
+ /* SHAKE algorithms are XOFs and require EVP_DigestFinalXOF */
+ if (algo == EVP_shake128() || algo == EVP_shake256()) {
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ /* Set XOF output length before calling EVP_DigestFinalXOF */
+ if (EVP_MD_CTX_ctrl(ctx, EVP_MD_CTRL_XOF_LEN, digest_length, NULL) <= 0)
+ goto process_auth_err;
+ if (EVP_DigestFinalXOF(ctx, dst, digest_length) <= 0)
+ goto process_auth_err;
+#else
+ RTE_SET_USED(digest_length);
+ OPENSSL_LOG(ERR, "SHAKE algorithms require OpenSSL 3.0+");
goto process_auth_err;
+#endif
+ } else {
+ if (EVP_DigestFinal_ex(ctx, dst, (unsigned int *)&dstlen) <= 0)
+ goto process_auth_err;
+ }
+
return 0;
process_auth_err:
@@ -1995,7 +2019,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
ctx_a = get_local_auth_ctx(sess, qp);
status = process_openssl_auth(mbuf_src, dst,
op->sym->auth.data.offset, NULL, NULL, srclen,
- ctx_a, sess->auth.auth.evp_algo);
+ ctx_a, sess->auth.auth.evp_algo, sess->auth.digest_length);
break;
case OPENSSL_AUTH_AS_HMAC:
ctx_h = get_local_hmac_ctx(sess, qp);
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..f6c32fdcb6 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,48 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHAKE_128 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_128,
+ .block_size = 168,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 256,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHAKE_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 256,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 6+ messages in thread* Re: [v2] crypto/openssl: Add support for SHAKE algorithms
2026-01-08 15:33 ` [v2] " Emma Finn
@ 2026-01-23 16:34 ` Ji, Kai
2026-01-27 10:07 ` [v3] " Emma Finn
1 sibling, 0 replies; 6+ messages in thread
From: Ji, Kai @ 2026-01-23 16:34 UTC (permalink / raw)
To: Finn, Emma, Akhil Goyal, Fan Zhang; +Cc: dev@dpdk.org
[-- Attachment #1: Type: text/plain, Size: 7332 bytes --]
Release note and PMD documentation need update to support SHAKE algo
________________________________
From: Finn, Emma <emma.finn@intel.com>
Sent: 08 January 2026 15:33
To: Akhil Goyal <gakhil@marvell.com>; Fan Zhang <fanzhang.oss@gmail.com>; Ji, Kai <kai.ji@intel.com>
Cc: dev@dpdk.org <dev@dpdk.org>; Finn, Emma <emma.finn@intel.com>
Subject: [v2] crypto/openssl: Add support for SHAKE algorithms
OpenSSL 3.X has support for SHAKE, Hence adding
SHAKE-128 and SHAKE-256 support to the OpenSSL PMD.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Fixed unused digest_length variable
---
app/test/test_cryptodev_blockcipher.c | 4 +-
drivers/crypto/openssl/rte_openssl_pmd.c | 30 ++++++++++++--
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 42 ++++++++++++++++++++
3 files changed, 72 insertions(+), 4 deletions(-)
diff --git a/app/test/test_cryptodev_blockcipher.c b/app/test/test_cryptodev_blockcipher.c
index 6b37347789..1438f24993 100644
--- a/app/test/test_cryptodev_blockcipher.c
+++ b/app/test/test_cryptodev_blockcipher.c
@@ -1174,7 +1174,9 @@ authonly_setup(void)
RTE_CRYPTO_AUTH_SHA512_HMAC,
RTE_CRYPTO_AUTH_AES_CMAC,
RTE_CRYPTO_AUTH_NULL,
- RTE_CRYPTO_AUTH_AES_XCBC_MAC
+ RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+ RTE_CRYPTO_AUTH_SHAKE_128,
+ RTE_CRYPTO_AUTH_SHAKE_256
};
rte_cryptodev_info_get(dev_id, &dev_info);
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..755674f71a 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -270,6 +270,12 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ *algo = EVP_shake128();
+ break;
+ case RTE_CRYPTO_AUTH_SHAKE_256:
+ *algo = EVP_shake256();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +665,8 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ case RTE_CRYPTO_AUTH_SHAKE_256:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -1397,7 +1405,7 @@ process_openssl_auth_decryption_ccm(struct rte_mbuf *mbuf_src, int offset,
static int
process_openssl_auth(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
__rte_unused uint8_t *iv, __rte_unused EVP_PKEY * pkey,
- int srclen, EVP_MD_CTX *ctx, const EVP_MD *algo)
+ int srclen, EVP_MD_CTX *ctx, const EVP_MD *algo, int digest_length)
{
size_t dstlen;
struct rte_mbuf *m;
@@ -1437,8 +1445,24 @@ process_openssl_auth(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
}
process_auth_final:
- if (EVP_DigestFinal_ex(ctx, dst, (unsigned int *)&dstlen) <= 0)
+ /* SHAKE algorithms are XOFs and require EVP_DigestFinalXOF */
+ if (algo == EVP_shake128() || algo == EVP_shake256()) {
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ /* Set XOF output length before calling EVP_DigestFinalXOF */
+ if (EVP_MD_CTX_ctrl(ctx, EVP_MD_CTRL_XOF_LEN, digest_length, NULL) <= 0)
+ goto process_auth_err;
+ if (EVP_DigestFinalXOF(ctx, dst, digest_length) <= 0)
+ goto process_auth_err;
+#else
+ RTE_SET_USED(digest_length);
+ OPENSSL_LOG(ERR, "SHAKE algorithms require OpenSSL 3.0+");
goto process_auth_err;
+#endif
+ } else {
+ if (EVP_DigestFinal_ex(ctx, dst, (unsigned int *)&dstlen) <= 0)
+ goto process_auth_err;
+ }
+
return 0;
process_auth_err:
@@ -1995,7 +2019,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
ctx_a = get_local_auth_ctx(sess, qp);
status = process_openssl_auth(mbuf_src, dst,
op->sym->auth.data.offset, NULL, NULL, srclen,
- ctx_a, sess->auth.auth.evp_algo);
+ ctx_a, sess->auth.auth.evp_algo, sess->auth.digest_length);
break;
case OPENSSL_AUTH_AS_HMAC:
ctx_h = get_local_hmac_ctx(sess, qp);
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..f6c32fdcb6 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,48 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHAKE_128 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_128,
+ .block_size = 168,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 256,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHAKE_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 256,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
[-- Attachment #2: Type: text/html, Size: 19471 bytes --]
^ permalink raw reply related [flat|nested] 6+ messages in thread* [v3] crypto/openssl: Add support for SHAKE algorithms
2026-01-08 15:33 ` [v2] " Emma Finn
2026-01-23 16:34 ` Ji, Kai
@ 2026-01-27 10:07 ` Emma Finn
2026-02-10 15:10 ` [EXTERNAL] " Akhil Goyal
1 sibling, 1 reply; 6+ messages in thread
From: Emma Finn @ 2026-01-27 10:07 UTC (permalink / raw)
To: Kai Ji; +Cc: dev, Emma Finn
OpenSSL 3.X has support for SHAKE, Hence adding
SHAKE-128 and SHAKE-256 support to the OpenSSL PMD.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Fixed unused digest_length variable
v3:
* Updated documentation
---
doc/guides/cryptodevs/features/openssl.ini | 2 +
doc/guides/cryptodevs/openssl.rst | 2 +
doc/guides/rel_notes/release_26_03.rst | 4 ++
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++++++++++++--
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 44 ++++++++++++++++++++
5 files changed, 85 insertions(+), 3 deletions(-)
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini
index df6e7de316..afe230bb9d 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -43,6 +43,8 @@ SHA384 = Y
SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
+SHAKE_128 = Y
+SHAKE_256 = Y
AES GMAC = Y
;
diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst
index d467069cac..c4eead5932 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -40,6 +40,8 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHAKE_128``
+* ``RTE_CRYPTO_AUTH_SHAKE_256``
Supported AEAD algorithms:
diff --git a/doc/guides/rel_notes/release_26_03.rst b/doc/guides/rel_notes/release_26_03.rst
index 15dabee7a1..6169f6b887 100644
--- a/doc/guides/rel_notes/release_26_03.rst
+++ b/doc/guides/rel_notes/release_26_03.rst
@@ -55,6 +55,10 @@ New Features
Also, make sure to start the actual text at the margin.
=======================================================
+* **Updated openssl crypto driver.**
+
+ * Added support for SHAKE-128 and SHAKE-256 algorithms.
+
Removed Items
-------------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..7316d7e957 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -270,6 +270,14 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ *algo = EVP_shake128();
+ break;
+ case RTE_CRYPTO_AUTH_SHAKE_256:
+ *algo = EVP_shake256();
+ break;
+#endif
default:
res = -EINVAL;
break;
@@ -659,6 +667,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ case RTE_CRYPTO_AUTH_SHAKE_128:
+ case RTE_CRYPTO_AUTH_SHAKE_256:
+#endif
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -1397,7 +1409,7 @@ process_openssl_auth_decryption_ccm(struct rte_mbuf *mbuf_src, int offset,
static int
process_openssl_auth(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
__rte_unused uint8_t *iv, __rte_unused EVP_PKEY * pkey,
- int srclen, EVP_MD_CTX *ctx, const EVP_MD *algo)
+ int srclen, EVP_MD_CTX *ctx, const EVP_MD *algo, int digest_length)
{
size_t dstlen;
struct rte_mbuf *m;
@@ -1437,8 +1449,24 @@ process_openssl_auth(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
}
process_auth_final:
- if (EVP_DigestFinal_ex(ctx, dst, (unsigned int *)&dstlen) <= 0)
+ /* SHAKE algorithms are XOFs and require EVP_DigestFinalXOF */
+ if (algo == EVP_shake128() || algo == EVP_shake256()) {
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ /* Set XOF output length before calling EVP_DigestFinalXOF */
+ if (EVP_MD_CTX_ctrl(ctx, EVP_MD_CTRL_XOF_LEN, digest_length, NULL) <= 0)
+ goto process_auth_err;
+ if (EVP_DigestFinalXOF(ctx, dst, digest_length) <= 0)
+ goto process_auth_err;
+#else
+ RTE_SET_USED(digest_length);
+ OPENSSL_LOG(ERR, "SHAKE algorithms require OpenSSL 3.0+");
goto process_auth_err;
+#endif
+ } else {
+ if (EVP_DigestFinal_ex(ctx, dst, (unsigned int *)&dstlen) <= 0)
+ goto process_auth_err;
+ }
+
return 0;
process_auth_err:
@@ -1995,7 +2023,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
ctx_a = get_local_auth_ctx(sess, qp);
status = process_openssl_auth(mbuf_src, dst,
op->sym->auth.data.offset, NULL, NULL, srclen,
- ctx_a, sess->auth.auth.evp_algo);
+ ctx_a, sess->auth.auth.evp_algo, sess->auth.digest_length);
break;
case OPENSSL_AUTH_AS_HMAC:
ctx_h = get_local_hmac_ctx(sess, qp);
@@ -4008,12 +4036,14 @@ mldsa_sign_op_evp(struct rte_crypto_op *cop,
case RTE_CRYPTO_AUTH_SHA3_512:
check_md = EVP_sha3_512();
break;
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
case RTE_CRYPTO_AUTH_SHAKE_128:
check_md = EVP_shake128();
break;
case RTE_CRYPTO_AUTH_SHAKE_256:
check_md = EVP_shake256();
break;
+#endif
default:
break;
}
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..5ad457ca53 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,50 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
+ { /* SHAKE_128 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_128,
+ .block_size = 168,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 256,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHAKE_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHAKE_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 256,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+#endif
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 6+ messages in thread* RE: [EXTERNAL] [v3] crypto/openssl: Add support for SHAKE algorithms
2026-01-27 10:07 ` [v3] " Emma Finn
@ 2026-02-10 15:10 ` Akhil Goyal
2026-02-11 11:50 ` Finn, Emma
0 siblings, 1 reply; 6+ messages in thread
From: Akhil Goyal @ 2026-02-10 15:10 UTC (permalink / raw)
To: Emma Finn, Kai Ji; +Cc: dev@dpdk.org
> OpenSSL 3.X has support for SHAKE, Hence adding
> SHAKE-128 and SHAKE-256 support to the OpenSSL PMD.
Since OpenSSL 1.1.1 is EOL (https://openssl-corporation.org/post/2023-09-11-eol-111/)
Can we remove the ifdefs in future for version checks and update the minimum
OpenSSL version supported in DPDK as 3.0?
If no objection can you send deprecation notice in this release and do the cleanup in next release?
>
> Signed-off-by: Emma Finn <emma.finn@intel.com>
> ---
> v2:
> * Fixed unused digest_length variable
> v3:
> * Updated documentation
> ---
> doc/guides/cryptodevs/features/openssl.ini | 2 +
> doc/guides/cryptodevs/openssl.rst | 2 +
> doc/guides/rel_notes/release_26_03.rst | 4 ++
> drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++++++++++++--
> drivers/crypto/openssl/rte_openssl_pmd_ops.c | 44 ++++++++++++++++++++
> 5 files changed, 85 insertions(+), 3 deletions(-)
>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Applied to dpdk-next-crypto
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [EXTERNAL] [v3] crypto/openssl: Add support for SHAKE algorithms
2026-02-10 15:10 ` [EXTERNAL] " Akhil Goyal
@ 2026-02-11 11:50 ` Finn, Emma
0 siblings, 0 replies; 6+ messages in thread
From: Finn, Emma @ 2026-02-11 11:50 UTC (permalink / raw)
To: Akhil Goyal, Ji, Kai; +Cc: dev@dpdk.org
> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Tuesday 10 February 2026 15:11
> To: Finn, Emma <emma.finn@intel.com>; Ji, Kai <kai.ji@intel.com>
> Cc: dev@dpdk.org
> Subject: RE: [EXTERNAL] [v3] crypto/openssl: Add support for SHAKE
> algorithms
> Importance: High
>
> > OpenSSL 3.X has support for SHAKE, Hence adding
> > SHAKE-128 and SHAKE-256 support to the OpenSSL PMD.
>
> Since OpenSSL 1.1.1 is EOL (https://openssl-corporation.org/post/2023-09-
> 11-eol-111/)
> Can we remove the ifdefs in future for version checks and update the
> minimum OpenSSL version supported in DPDK as 3.0?
>
> If no objection can you send deprecation notice in this release and do the
> cleanup in next release?
Thanks Akhil. Sure I will send a deprecation notice now and cleanup the PMD next release.
> >
> > Signed-off-by: Emma Finn <emma.finn@intel.com>
> > ---
> > v2:
> > * Fixed unused digest_length variable
> > v3:
> > * Updated documentation
> > ---
> > doc/guides/cryptodevs/features/openssl.ini | 2 +
> > doc/guides/cryptodevs/openssl.rst | 2 +
> > doc/guides/rel_notes/release_26_03.rst | 4 ++
> > drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++++++++++++--
> > drivers/crypto/openssl/rte_openssl_pmd_ops.c | 44
> > ++++++++++++++++++++
> > 5 files changed, 85 insertions(+), 3 deletions(-)
> >
>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
>
> Applied to dpdk-next-crypto
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2026-02-11 11:51 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-01-08 14:38 [PATCH] crypto/openssl: Add support for SHAKE algorithms Emma Finn
2026-01-08 15:33 ` [v2] " Emma Finn
2026-01-23 16:34 ` Ji, Kai
2026-01-27 10:07 ` [v3] " Emma Finn
2026-02-10 15:10 ` [EXTERNAL] " Akhil Goyal
2026-02-11 11:50 ` Finn, Emma
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox