* [PATCH] crypto/openssl: Add support for SHA3 algorithms
@ 2026-01-08 13:08 Emma Finn
2026-01-23 16:36 ` Ji, Kai
2026-01-27 10:05 ` [v2] " Emma Finn
0 siblings, 2 replies; 12+ messages in thread
From: Emma Finn @ 2026-01-08 13:08 UTC (permalink / raw)
To: Kai Ji; +Cc: dev, Emma Finn
Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
support to the OpenSSL PMD, including both hash
and HMAC variants.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
2 files changed, 204 insertions(+)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..8817d7893c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -270,6 +278,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +683,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -714,6 +742,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -744,6 +776,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..8d6ae346a8 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH] crypto/openssl: Add support for SHA3 algorithms
2026-01-08 13:08 [PATCH] crypto/openssl: Add support for SHA3 algorithms Emma Finn
@ 2026-01-23 16:36 ` Ji, Kai
2026-01-27 10:05 ` [v2] " Emma Finn
1 sibling, 0 replies; 12+ messages in thread
From: Ji, Kai @ 2026-01-23 16:36 UTC (permalink / raw)
To: Finn, Emma; +Cc: dev@dpdk.org
[-- Attachment #1: Type: text/plain, Size: 12335 bytes --]
Release notes doc/guides/rel_notes/ and PMD documentation need to updated for the new SHA3 algo
________________________________
From: Finn, Emma <emma.finn@intel.com>
Sent: 08 January 2026 13:08
To: Ji, Kai <kai.ji@intel.com>
Cc: dev@dpdk.org <dev@dpdk.org>; Finn, Emma <emma.finn@intel.com>
Subject: [PATCH] crypto/openssl: Add support for SHA3 algorithms
Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
support to the OpenSSL PMD, including both hash
and HMAC variants.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
2 files changed, 204 insertions(+)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..8817d7893c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -270,6 +278,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +683,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -714,6 +742,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -744,6 +776,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..8d6ae346a8 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
[-- Attachment #2: Type: text/html, Size: 41545 bytes --]
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [v2] crypto/openssl: Add support for SHA3 algorithms
2026-01-08 13:08 [PATCH] crypto/openssl: Add support for SHA3 algorithms Emma Finn
2026-01-23 16:36 ` Ji, Kai
@ 2026-01-27 10:05 ` Emma Finn
2026-01-27 10:11 ` Emma Finn
1 sibling, 1 reply; 12+ messages in thread
From: Emma Finn @ 2026-01-27 10:05 UTC (permalink / raw)
To: Kai Ji; +Cc: dev, Emma Finn
openssl 3.X supports SHA3. Hence adding SHA3-224, SHA3-256,
SHA3-384 and SHA3-512 support to the PMD.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Updated documentation
---
doc/guides/cryptodevs/features/openssl.ini | 8 +
doc/guides/cryptodevs/openssl.rst | 8 +
doc/guides/rel_notes/release_26_03.rst | 3 +
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
5 files changed, 223 insertions(+)
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini
index df6e7de316..08f7e0f82f 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -43,6 +43,14 @@ SHA384 = Y
SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
+SHA3-224 = Y
+SHA3-224 HMAC = Y
+SHA3-256 = Y
+SHA3-256 HMAC = Y
+SHA3-384 = Y
+SHA3-384 HMAC = Y
+SHA3-512 = Y
+SHA3-512 HMAC = Y
AES GMAC = Y
;
diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst
index d467069cac..0af609fddf 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -34,12 +34,20 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SHA3_224``
+* ``RTE_CRYPTO_AUTH_SHA3_256``
+* ``RTE_CRYPTO_AUTH_SHA3_384``
+* ``RTE_CRYPTO_AUTH_SHA3_512``
* ``RTE_CRYPTO_AUTH_MD5_HMAC``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
Supported AEAD algorithms:
diff --git a/doc/guides/rel_notes/release_26_03.rst b/doc/guides/rel_notes/release_26_03.rst
index 15dabee7a1..e1a4e9d7a2 100644
--- a/doc/guides/rel_notes/release_26_03.rst
+++ b/doc/guides/rel_notes/release_26_03.rst
@@ -55,6 +55,9 @@ New Features
Also, make sure to start the actual text at the margin.
=======================================================
+ * **Updated openssl crypto driver.**
+
+ * Added support for SHA3-224/256/384/512 algorithms.
Removed Items
-------------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..8817d7893c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -270,6 +278,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +683,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -714,6 +742,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -744,6 +776,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..8d6ae346a8 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [v2] crypto/openssl: Add support for SHA3 algorithms
2026-01-27 10:05 ` [v2] " Emma Finn
@ 2026-01-27 10:11 ` Emma Finn
2026-01-29 14:42 ` Emma Finn
0 siblings, 1 reply; 12+ messages in thread
From: Emma Finn @ 2026-01-27 10:11 UTC (permalink / raw)
To: Kai Ji; +Cc: dev, Emma Finn
Openssl has support for SHA3. Hence adding SHA3-224, SHA3-256,
SHA3-384 and SHA3-512 support to the PMD.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Updated documentation
---
doc/guides/cryptodevs/features/openssl.ini | 8 +
doc/guides/cryptodevs/openssl.rst | 8 +
doc/guides/rel_notes/release_26_03.rst | 3 +
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
5 files changed, 223 insertions(+)
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini
index df6e7de316..08f7e0f82f 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -43,6 +43,14 @@ SHA384 = Y
SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
+SHA3-224 = Y
+SHA3-224 HMAC = Y
+SHA3-256 = Y
+SHA3-256 HMAC = Y
+SHA3-384 = Y
+SHA3-384 HMAC = Y
+SHA3-512 = Y
+SHA3-512 HMAC = Y
AES GMAC = Y
;
diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst
index d467069cac..0af609fddf 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -34,12 +34,20 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SHA3_224``
+* ``RTE_CRYPTO_AUTH_SHA3_256``
+* ``RTE_CRYPTO_AUTH_SHA3_384``
+* ``RTE_CRYPTO_AUTH_SHA3_512``
* ``RTE_CRYPTO_AUTH_MD5_HMAC``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
Supported AEAD algorithms:
diff --git a/doc/guides/rel_notes/release_26_03.rst b/doc/guides/rel_notes/release_26_03.rst
index 15dabee7a1..e1a4e9d7a2 100644
--- a/doc/guides/rel_notes/release_26_03.rst
+++ b/doc/guides/rel_notes/release_26_03.rst
@@ -55,6 +55,9 @@ New Features
Also, make sure to start the actual text at the margin.
=======================================================
+ * **Updated openssl crypto driver.**
+
+ * Added support for SHA3-224/256/384/512 algorithms.
Removed Items
-------------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..8817d7893c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -270,6 +278,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +683,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -714,6 +742,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -744,6 +776,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..8d6ae346a8 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [v2] crypto/openssl: Add support for SHA3 algorithms
2026-01-27 10:11 ` Emma Finn
@ 2026-01-29 14:42 ` Emma Finn
2026-02-04 10:05 ` Emma Finn
0 siblings, 1 reply; 12+ messages in thread
From: Emma Finn @ 2026-01-29 14:42 UTC (permalink / raw)
To: Kai Ji; +Cc: dev, Emma Finn
Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
support to the OpenSSL PMD, including both hash
and HMAC variants.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Updated documentation
---
doc/guides/cryptodevs/features/openssl.ini | 10 +-
doc/guides/cryptodevs/openssl.rst | 8 +
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
4 files changed, 221 insertions(+), 1 deletion(-)
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini
index df6e7de316..82da0df22f 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -43,7 +43,15 @@ SHA384 = Y
SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
-AES GMAC = Y
+SHA3_224 = Y
+SHA3_224 HMAC = Y
+SHA3_256 = Y
+SHA3_256 HMAC = Y
+SHA3_384 = Y
+SHA3_384 HMAC = Y
+SHA3_512 = Y
+SHA3_512 HMAC = Y
+AES GMAC = Y
;
; Supported AEAD algorithms of the 'openssl' crypto driver.
diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst
index d467069cac..0af609fddf 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -34,12 +34,20 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SHA3_224``
+* ``RTE_CRYPTO_AUTH_SHA3_256``
+* ``RTE_CRYPTO_AUTH_SHA3_384``
+* ``RTE_CRYPTO_AUTH_SHA3_512``
* ``RTE_CRYPTO_AUTH_MD5_HMAC``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
Supported AEAD algorithms:
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..8817d7893c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -270,6 +278,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +683,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -714,6 +742,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -744,6 +776,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..8d6ae346a8 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [v2] crypto/openssl: Add support for SHA3 algorithms
2026-01-29 14:42 ` Emma Finn
@ 2026-02-04 10:05 ` Emma Finn
2026-02-10 15:04 ` [EXTERNAL] " Akhil Goyal
2026-02-11 11:47 ` [v3] " Emma Finn
0 siblings, 2 replies; 12+ messages in thread
From: Emma Finn @ 2026-02-04 10:05 UTC (permalink / raw)
To: Kai Ji; +Cc: dev, Emma Finn
Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
support to the OpenSSL PMD, including both hash
and HMAC variants.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Updated documentation
---
doc/guides/cryptodevs/features/openssl.ini | 10 +-
doc/guides/cryptodevs/openssl.rst | 8 +
doc/guides/rel_notes/release_26_03.rst | 4 +
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
5 files changed, 225 insertions(+), 1 deletion(-)
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini
index df6e7de316..82da0df22f 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -43,7 +43,15 @@ SHA384 = Y
SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
-AES GMAC = Y
+SHA3_224 = Y
+SHA3_224 HMAC = Y
+SHA3_256 = Y
+SHA3_256 HMAC = Y
+SHA3_384 = Y
+SHA3_384 HMAC = Y
+SHA3_512 = Y
+SHA3_512 HMAC = Y
+AES GMAC = Y
;
; Supported AEAD algorithms of the 'openssl' crypto driver.
diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst
index d467069cac..0af609fddf 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -34,12 +34,20 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SHA3_224``
+* ``RTE_CRYPTO_AUTH_SHA3_256``
+* ``RTE_CRYPTO_AUTH_SHA3_384``
+* ``RTE_CRYPTO_AUTH_SHA3_512``
* ``RTE_CRYPTO_AUTH_MD5_HMAC``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
Supported AEAD algorithms:
diff --git a/doc/guides/rel_notes/release_26_03.rst b/doc/guides/rel_notes/release_26_03.rst
index a0f89b5ea2..d7c9352649 100644
--- a/doc/guides/rel_notes/release_26_03.rst
+++ b/doc/guides/rel_notes/release_26_03.rst
@@ -63,6 +63,10 @@ New Features
* Added support for pre and post VF reset callbacks.
+* **Updated openssl crypto driver.**
+
+ * Added support for SHA3-224, SHA3-256, SHA3-384, and SHA3-512 hash algorithms
+ and their HMAC variants.
Removed Items
-------------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..8817d7893c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -270,6 +278,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +683,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -714,6 +742,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -744,6 +776,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..8d6ae346a8 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 12+ messages in thread
* RE: [EXTERNAL] [v2] crypto/openssl: Add support for SHA3 algorithms
2026-02-04 10:05 ` Emma Finn
@ 2026-02-10 15:04 ` Akhil Goyal
2026-02-11 11:47 ` [v3] " Emma Finn
1 sibling, 0 replies; 12+ messages in thread
From: Akhil Goyal @ 2026-02-10 15:04 UTC (permalink / raw)
To: Emma Finn, Kai Ji; +Cc: dev@dpdk.org
> Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
> support to the OpenSSL PMD, including both hash
> and HMAC variants.
>
> Signed-off-by: Emma Finn <emma.finn@intel.com>
> ---
> v2:
> * Updated documentation
> ---
> doc/guides/cryptodevs/features/openssl.ini | 10 +-
> doc/guides/cryptodevs/openssl.rst | 8 +
> doc/guides/rel_notes/release_26_03.rst | 4 +
> drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
> drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
> 5 files changed, 225 insertions(+), 1 deletion(-)
>
Please rebase.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [v3] crypto/openssl: Add support for SHA3 algorithms
2026-02-04 10:05 ` Emma Finn
2026-02-10 15:04 ` [EXTERNAL] " Akhil Goyal
@ 2026-02-11 11:47 ` Emma Finn
2026-03-03 15:45 ` Ji, Kai
` (2 more replies)
1 sibling, 3 replies; 12+ messages in thread
From: Emma Finn @ 2026-02-11 11:47 UTC (permalink / raw)
To: Kai Ji; +Cc: dev, Emma Finn
Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
support to the OpenSSL PMD, including both hash
and HMAC variants.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Updated documentation
v3:
* rebase
---
doc/guides/cryptodevs/features/openssl.ini | 10 +-
doc/guides/cryptodevs/openssl.rst | 8 +
doc/guides/rel_notes/release_26_03.rst | 4 +
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
5 files changed, 225 insertions(+), 1 deletion(-)
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini
index df6e7de316..82da0df22f 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -43,7 +43,15 @@ SHA384 = Y
SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
-AES GMAC = Y
+SHA3_224 = Y
+SHA3_224 HMAC = Y
+SHA3_256 = Y
+SHA3_256 HMAC = Y
+SHA3_384 = Y
+SHA3_384 HMAC = Y
+SHA3_512 = Y
+SHA3_512 HMAC = Y
+AES GMAC = Y
;
; Supported AEAD algorithms of the 'openssl' crypto driver.
diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst
index d467069cac..0af609fddf 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -34,12 +34,20 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SHA3_224``
+* ``RTE_CRYPTO_AUTH_SHA3_256``
+* ``RTE_CRYPTO_AUTH_SHA3_384``
+* ``RTE_CRYPTO_AUTH_SHA3_512``
* ``RTE_CRYPTO_AUTH_MD5_HMAC``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
Supported AEAD algorithms:
diff --git a/doc/guides/rel_notes/release_26_03.rst b/doc/guides/rel_notes/release_26_03.rst
index 5c2a4bb32e..de7182dc08 100644
--- a/doc/guides/rel_notes/release_26_03.rst
+++ b/doc/guides/rel_notes/release_26_03.rst
@@ -82,6 +82,10 @@ New Features
* NEA5, NIA5, NCA5: AES 256 confidentiality, integrity and AEAD modes.
* NEA6, NIA6, NCA6: ZUC 256 confidentiality, integrity and AEAD modes.
+* **Updated openssl crypto driver.**
+
+ * Added support for SHA3-224, SHA3-256, SHA3-384, and SHA3-512 hash algorithms
+ and their HMAC variants.
Removed Items
-------------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..8817d7893c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -270,6 +278,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +683,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -714,6 +742,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -744,6 +776,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..8d6ae346a8 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [v3] crypto/openssl: Add support for SHA3 algorithms
2026-02-11 11:47 ` [v3] " Emma Finn
@ 2026-03-03 15:45 ` Ji, Kai
2026-03-10 6:03 ` [EXTERNAL] " Akhil Goyal
2026-03-10 10:20 ` [v4] " Emma Finn
2 siblings, 0 replies; 12+ messages in thread
From: Ji, Kai @ 2026-03-03 15:45 UTC (permalink / raw)
To: Finn, Emma; +Cc: dev@dpdk.org
[-- Attachment #1: Type: text/plain, Size: 14599 bytes --]
Acked-by: Kai Ji <kai.ji@intel.com>
________________________________
From: Finn, Emma <emma.finn@intel.com>
Sent: 11 February 2026 11:47
To: Ji, Kai <kai.ji@intel.com>
Cc: dev@dpdk.org <dev@dpdk.org>; Finn, Emma <emma.finn@intel.com>
Subject: [v3] crypto/openssl: Add support for SHA3 algorithms
Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
support to the OpenSSL PMD, including both hash
and HMAC variants.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Updated documentation
v3:
* rebase
---
doc/guides/cryptodevs/features/openssl.ini | 10 +-
doc/guides/cryptodevs/openssl.rst | 8 +
doc/guides/rel_notes/release_26_03.rst | 4 +
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
5 files changed, 225 insertions(+), 1 deletion(-)
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini
index df6e7de316..82da0df22f 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -43,7 +43,15 @@ SHA384 = Y
SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
-AES GMAC = Y
+SHA3_224 = Y
+SHA3_224 HMAC = Y
+SHA3_256 = Y
+SHA3_256 HMAC = Y
+SHA3_384 = Y
+SHA3_384 HMAC = Y
+SHA3_512 = Y
+SHA3_512 HMAC = Y
+AES GMAC = Y
;
; Supported AEAD algorithms of the 'openssl' crypto driver.
diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst
index d467069cac..0af609fddf 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -34,12 +34,20 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SHA3_224``
+* ``RTE_CRYPTO_AUTH_SHA3_256``
+* ``RTE_CRYPTO_AUTH_SHA3_384``
+* ``RTE_CRYPTO_AUTH_SHA3_512``
* ``RTE_CRYPTO_AUTH_MD5_HMAC``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
Supported AEAD algorithms:
diff --git a/doc/guides/rel_notes/release_26_03.rst b/doc/guides/rel_notes/release_26_03.rst
index 5c2a4bb32e..de7182dc08 100644
--- a/doc/guides/rel_notes/release_26_03.rst
+++ b/doc/guides/rel_notes/release_26_03.rst
@@ -82,6 +82,10 @@ New Features
* NEA5, NIA5, NCA5: AES 256 confidentiality, integrity and AEAD modes.
* NEA6, NIA6, NCA6: ZUC 256 confidentiality, integrity and AEAD modes.
+* **Updated openssl crypto driver.**
+
+ * Added support for SHA3-224, SHA3-256, SHA3-384, and SHA3-512 hash algorithms
+ and their HMAC variants.
Removed Items
-------------
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 4f171f48cc..8817d7893c 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -270,6 +278,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
default:
res = -EINVAL;
break;
@@ -659,6 +683,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
sess->auth.mode = OPENSSL_AUTH_AS_AUTH;
if (get_auth_algo(xform->auth.algo,
&sess->auth.auth.evp_algo) != 0)
@@ -714,6 +742,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -744,6 +776,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 5095e6cbea..8d6ae346a8 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES CBC */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
[-- Attachment #2: Type: text/html, Size: 44681 bytes --]
^ permalink raw reply related [flat|nested] 12+ messages in thread
* RE: [EXTERNAL] [v3] crypto/openssl: Add support for SHA3 algorithms
2026-02-11 11:47 ` [v3] " Emma Finn
2026-03-03 15:45 ` Ji, Kai
@ 2026-03-10 6:03 ` Akhil Goyal
2026-03-10 10:20 ` [v4] " Emma Finn
2 siblings, 0 replies; 12+ messages in thread
From: Akhil Goyal @ 2026-03-10 6:03 UTC (permalink / raw)
To: Emma Finn, Kai Ji; +Cc: dev@dpdk.org
> Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
> support to the OpenSSL PMD, including both hash
> and HMAC variants.
>
> Signed-off-by: Emma Finn <emma.finn@intel.com>
> ---
> v2:
> * Updated documentation
> v3:
> * rebase
Seems it is still not rebased on next-crypto
dpdk-next-crypto$ git am index.html
Applying: crypto/openssl: Add support for SHA3 algorithms
error: patch failed: doc/guides/cryptodevs/features/openssl.ini:43
error: doc/guides/cryptodevs/features/openssl.ini: patch does not apply
error: patch failed: doc/guides/cryptodevs/openssl.rst:34
error: doc/guides/cryptodevs/openssl.rst: patch does not apply
error: patch failed: doc/guides/rel_notes/release_26_03.rst:82
error: doc/guides/rel_notes/release_26_03.rst: patch does not apply
error: patch failed: drivers/crypto/openssl/rte_openssl_pmd.c:270
error: drivers/crypto/openssl/rte_openssl_pmd.c: patch does not apply
error: patch failed: drivers/crypto/openssl/rte_openssl_pmd_ops.c:269
error: drivers/crypto/openssl/rte_openssl_pmd_ops.c: patch does not apply
Patch failed at 0001 crypto/openssl: Add support for SHA3 algorithms
^ permalink raw reply [flat|nested] 12+ messages in thread
* [v4] crypto/openssl: Add support for SHA3 algorithms
2026-02-11 11:47 ` [v3] " Emma Finn
2026-03-03 15:45 ` Ji, Kai
2026-03-10 6:03 ` [EXTERNAL] " Akhil Goyal
@ 2026-03-10 10:20 ` Emma Finn
2026-03-10 14:41 ` [EXTERNAL] " Akhil Goyal
2 siblings, 1 reply; 12+ messages in thread
From: Emma Finn @ 2026-03-10 10:20 UTC (permalink / raw)
To: Kai Ji; +Cc: dev, gakhil, Emma Finn
Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
support to the OpenSSL PMD, including both hash
and HMAC variants.
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
v2:
* Updated documentation
v3:
* rebase
v4:
* rebase
---
doc/guides/cryptodevs/features/openssl.ini | 8 +
doc/guides/cryptodevs/openssl.rst | 8 +
doc/guides/rel_notes/release_26_03.rst | 2 +
drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
5 files changed, 222 insertions(+)
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini
index 536557e9e0..bcc0c39c2f 100644
--- a/doc/guides/cryptodevs/features/openssl.ini
+++ b/doc/guides/cryptodevs/features/openssl.ini
@@ -45,6 +45,14 @@ SHA384 = Y
SHA384 HMAC = Y
SHA512 = Y
SHA512 HMAC = Y
+SHA3_224 = Y
+SHA3_224 HMAC = Y
+SHA3_256 = Y
+SHA3_256 HMAC = Y
+SHA3_384 = Y
+SHA3_384 HMAC = Y
+SHA3_512 = Y
+SHA3_512 HMAC = Y
SHAKE_128 = Y
SHAKE_256 = Y
AES GMAC = Y
diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst
index 921592ba2d..9d94668a9a 100644
--- a/doc/guides/cryptodevs/openssl.rst
+++ b/doc/guides/cryptodevs/openssl.rst
@@ -35,12 +35,20 @@ Supported authentication algorithms:
* ``RTE_CRYPTO_AUTH_SHA256``
* ``RTE_CRYPTO_AUTH_SHA384``
* ``RTE_CRYPTO_AUTH_SHA512``
+* ``RTE_CRYPTO_AUTH_SHA3_224``
+* ``RTE_CRYPTO_AUTH_SHA3_256``
+* ``RTE_CRYPTO_AUTH_SHA3_384``
+* ``RTE_CRYPTO_AUTH_SHA3_512``
* ``RTE_CRYPTO_AUTH_MD5_HMAC``
* ``RTE_CRYPTO_AUTH_SHA1_HMAC``
* ``RTE_CRYPTO_AUTH_SHA224_HMAC``
* ``RTE_CRYPTO_AUTH_SHA256_HMAC``
* ``RTE_CRYPTO_AUTH_SHA384_HMAC``
* ``RTE_CRYPTO_AUTH_SHA512_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_224_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_256_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_384_HMAC``
+* ``RTE_CRYPTO_AUTH_SHA3_512_HMAC``
* ``RTE_CRYPTO_AUTH_SHAKE_128``
* ``RTE_CRYPTO_AUTH_SHAKE_256``
diff --git a/doc/guides/rel_notes/release_26_03.rst b/doc/guides/rel_notes/release_26_03.rst
index b4499ec066..2c3a318dba 100644
--- a/doc/guides/rel_notes/release_26_03.rst
+++ b/doc/guides/rel_notes/release_26_03.rst
@@ -100,6 +100,8 @@ New Features
* Added support for AES-XTS cipher algorithm.
* Added support for SHAKE-128 and SHAKE-256 authentication algorithms.
+ * Added support for SHA3-224, SHA3-256, SHA3-384, and SHA3-512 hash algorithms
+ and their HMAC variants.
* **Added Ctrl+L support to cmdline library.**
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index e5fa1a4eeb..c34efb8ad0 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -92,6 +92,14 @@ digest_name_get(enum rte_crypto_auth_algorithm algo)
return OSSL_DIGEST_NAME_SHA2_384;
case RTE_CRYPTO_AUTH_SHA512_HMAC:
return OSSL_DIGEST_NAME_SHA2_512;
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_224;
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_256;
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_384;
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ return OSSL_DIGEST_NAME_SHA3_512;
default:
return NULL;
}
@@ -282,6 +290,22 @@ get_auth_algo(enum rte_crypto_auth_algorithm sessalgo,
case RTE_CRYPTO_AUTH_SHA512_HMAC:
*algo = EVP_sha512();
break;
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ *algo = EVP_sha3_224();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ *algo = EVP_sha3_256();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ *algo = EVP_sha3_384();
+ break;
+ case RTE_CRYPTO_AUTH_SHA3_512:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
+ *algo = EVP_sha3_512();
+ break;
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
case RTE_CRYPTO_AUTH_SHAKE_128:
*algo = EVP_shake128();
@@ -680,6 +704,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256:
case RTE_CRYPTO_AUTH_SHA384:
case RTE_CRYPTO_AUTH_SHA512:
+ case RTE_CRYPTO_AUTH_SHA3_224:
+ case RTE_CRYPTO_AUTH_SHA3_256:
+ case RTE_CRYPTO_AUTH_SHA3_384:
+ case RTE_CRYPTO_AUTH_SHA3_512:
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
case RTE_CRYPTO_AUTH_SHAKE_128:
case RTE_CRYPTO_AUTH_SHAKE_256:
@@ -739,6 +767,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
algo = digest_name_get(xform->auth.algo);
@@ -769,6 +801,10 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA256_HMAC:
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_224_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_256_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_384_HMAC:
+ case RTE_CRYPTO_AUTH_SHA3_512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 0f2b82ec00..6133622f1b 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -269,6 +269,174 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
}, }
}, }
},
+ { /* SHA3_224 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224_HMAC,
+ .block_size = 144,
+ .key_size = {
+ .min = 1,
+ .max = 144,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 28,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_224 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_224,
+ .block_size = 144,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 28,
+ .max = 28,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256_HMAC,
+ .block_size = 136,
+ .key_size = {
+ .min = 1,
+ .max = 136,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 32,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_256 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_256,
+ .block_size = 136,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 32,
+ .max = 32,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384_HMAC,
+ .block_size = 104,
+ .key_size = {
+ .min = 1,
+ .max = 104,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 48,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_384 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_384,
+ .block_size = 104,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 48,
+ .max = 48,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 HMAC */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512_HMAC,
+ .block_size = 72,
+ .key_size = {
+ .min = 1,
+ .max = 72,
+ .increment = 1
+ },
+ .digest_size = {
+ .min = 1,
+ .max = 64,
+ .increment = 1
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
+ { /* SHA3_512 */
+ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+ {.sym = {
+ .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ {.auth = {
+ .algo = RTE_CRYPTO_AUTH_SHA3_512,
+ .block_size = 72,
+ .key_size = {
+ .min = 0,
+ .max = 0,
+ .increment = 0
+ },
+ .digest_size = {
+ .min = 64,
+ .max = 64,
+ .increment = 0
+ },
+ .iv_size = { 0 }
+ }, }
+ }, }
+ },
{ /* AES XTS */
.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
{.sym = {
--
2.43.0
^ permalink raw reply related [flat|nested] 12+ messages in thread
* RE: [EXTERNAL] [v4] crypto/openssl: Add support for SHA3 algorithms
2026-03-10 10:20 ` [v4] " Emma Finn
@ 2026-03-10 14:41 ` Akhil Goyal
0 siblings, 0 replies; 12+ messages in thread
From: Akhil Goyal @ 2026-03-10 14:41 UTC (permalink / raw)
To: Emma Finn, Kai Ji; +Cc: dev@dpdk.org
> Add SHA3-224, SHA3-256, SHA3-384, and SHA3-512
> support to the OpenSSL PMD, including both hash
> and HMAC variants.
>
> Signed-off-by: Emma Finn <emma.finn@intel.com>
> ---
> v2:
> * Updated documentation
> v3:
> * rebase
> v4:
> * rebase
> ---
> doc/guides/cryptodevs/features/openssl.ini | 8 +
> doc/guides/cryptodevs/openssl.rst | 8 +
> doc/guides/rel_notes/release_26_03.rst | 2 +
> drivers/crypto/openssl/rte_openssl_pmd.c | 36 ++++
> drivers/crypto/openssl/rte_openssl_pmd_ops.c | 168 +++++++++++++++++++
> 5 files changed, 222 insertions(+)
Acked-by: Akhil Goyal <gakhil@marvell.com>
Applied to dpdk-next-crypto
Thanks.
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2026-03-10 14:42 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-01-08 13:08 [PATCH] crypto/openssl: Add support for SHA3 algorithms Emma Finn
2026-01-23 16:36 ` Ji, Kai
2026-01-27 10:05 ` [v2] " Emma Finn
2026-01-27 10:11 ` Emma Finn
2026-01-29 14:42 ` Emma Finn
2026-02-04 10:05 ` Emma Finn
2026-02-10 15:04 ` [EXTERNAL] " Akhil Goyal
2026-02-11 11:47 ` [v3] " Emma Finn
2026-03-03 15:45 ` Ji, Kai
2026-03-10 6:03 ` [EXTERNAL] " Akhil Goyal
2026-03-10 10:20 ` [v4] " Emma Finn
2026-03-10 14:41 ` [EXTERNAL] " Akhil Goyal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox