From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: declan.doherty@intel.com, akhil.goyal@nxp.com,
hemant.agrawal@nxp.com, zbigniew.bodek@caviumnetworks.com,
jerin.jacob@caviumnetworks.com
Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>
Subject: [PATCH 07/13] cryptodev: remove digest length from crypto op
Date: Sun, 28 May 2017 22:05:16 +0100 [thread overview]
Message-ID: <1496005522-134934-8-git-send-email-pablo.de.lara.guarch@intel.com> (raw)
In-Reply-To: <1496005522-134934-1-git-send-email-pablo.de.lara.guarch@intel.com>
Digest length was duplicated in the authentication transform
and the crypto operation structures.
Since digest length is not expected to change in a same
session, it is removed from the crypto operation.
Also, the length has been shrunk to 16 bits,
which should be sufficient for any digest.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
app/test-crypto-perf/cperf_ops.c | 7 -----
drivers/crypto/aesni_gcm/aesni_gcm_pmd.c | 35 ++++++++++++++----------
drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h | 2 ++
drivers/crypto/armv8/rte_armv8_pmd.c | 9 ++++--
drivers/crypto/armv8/rte_armv8_pmd_private.h | 2 ++
drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 34 +++++++++++++----------
drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h | 1 +
drivers/crypto/kasumi/rte_kasumi_pmd.c | 18 ++++++------
drivers/crypto/openssl/rte_openssl_pmd.c | 8 ++++--
drivers/crypto/openssl/rte_openssl_pmd_private.h | 3 ++
drivers/crypto/qat/qat_adf/qat_algs.h | 1 +
drivers/crypto/qat/qat_crypto.c | 2 +-
drivers/crypto/snow3g/rte_snow3g_pmd.c | 18 ++++++------
drivers/crypto/zuc/rte_zuc_pmd.c | 18 ++++++------
lib/librte_cryptodev/rte_crypto_sym.h | 6 +---
15 files changed, 88 insertions(+), 76 deletions(-)
diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 18a0c2c..a101ba1 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -142,7 +142,6 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
sym_op->auth.digest.data = test_vector->digest.data;
sym_op->auth.digest.phys_addr =
test_vector->digest.phys_addr;
- sym_op->auth.digest.length = options->auth_digest_sz;
} else {
uint32_t offset = options->test_buffer_size;
@@ -165,7 +164,6 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
uint8_t *, offset);
sym_op->auth.digest.phys_addr =
rte_pktmbuf_mtophys_offset(buf, offset);
- sym_op->auth.digest.length = options->auth_digest_sz;
sym_op->auth.aad.phys_addr = test_vector->aad.phys_addr;
sym_op->auth.aad.data = test_vector->aad.data;
sym_op->auth.aad.length = options->auth_aad_sz;
@@ -221,7 +219,6 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
sym_op->auth.digest.data = test_vector->digest.data;
sym_op->auth.digest.phys_addr =
test_vector->digest.phys_addr;
- sym_op->auth.digest.length = options->auth_digest_sz;
} else {
uint32_t offset = options->test_buffer_size;
@@ -244,7 +241,6 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
uint8_t *, offset);
sym_op->auth.digest.phys_addr =
rte_pktmbuf_mtophys_offset(buf, offset);
- sym_op->auth.digest.length = options->auth_digest_sz;
sym_op->auth.aad.phys_addr = test_vector->aad.phys_addr;
sym_op->auth.aad.data = test_vector->aad.data;
sym_op->auth.aad.length = options->auth_aad_sz;
@@ -298,7 +294,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
sym_op->auth.digest.data = test_vector->digest.data;
sym_op->auth.digest.phys_addr =
test_vector->digest.phys_addr;
- sym_op->auth.digest.length = options->auth_digest_sz;
} else {
uint32_t offset = sym_op->cipher.data.length +
@@ -322,8 +317,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
uint8_t *, offset);
sym_op->auth.digest.phys_addr =
rte_pktmbuf_mtophys_offset(buf, offset);
-
- sym_op->auth.digest.length = options->auth_digest_sz;
}
sym_op->auth.data.length = options->test_buffer_size;
diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
index ec00d22..31e48aa 100644
--- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
+++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
@@ -77,6 +77,7 @@ aesni_gcm_set_session_parameters(struct aesni_gcm_session *sess,
{
const struct rte_crypto_sym_xform *auth_xform;
const struct rte_crypto_sym_xform *cipher_xform;
+ uint16_t digest_length;
if (xform->next == NULL || xform->next->next != NULL) {
GCM_LOG_ERR("Two and only two chained xform required");
@@ -116,6 +117,8 @@ aesni_gcm_set_session_parameters(struct aesni_gcm_session *sess,
return -EINVAL;
}
+ digest_length = auth_xform->auth.digest_length;
+
/* Check key length and calculate GCM pre-compute. */
switch (cipher_xform->cipher.key.length) {
case 16:
@@ -133,6 +136,15 @@ aesni_gcm_set_session_parameters(struct aesni_gcm_session *sess,
return -EINVAL;
}
+ /* Digest check */
+ if (digest_length != 16 &&
+ digest_length != 12 &&
+ digest_length != 8) {
+ GCM_LOG_ERR("digest");
+ return -EINVAL;
+ }
+ sess->digest_length = digest_length;
+
return 0;
}
@@ -234,13 +246,6 @@ process_gcm_crypto_op(struct rte_crypto_sym_op *op,
*iv_padd = rte_bswap32(1);
}
- if (op->auth.digest.length != 16 &&
- op->auth.digest.length != 12 &&
- op->auth.digest.length != 8) {
- GCM_LOG_ERR("digest");
- return -1;
- }
-
if (session->op == AESNI_GCM_OP_AUTHENTICATED_ENCRYPTION) {
aesni_gcm_enc[session->key].init(&session->gdata,
@@ -270,11 +275,11 @@ process_gcm_crypto_op(struct rte_crypto_sym_op *op,
aesni_gcm_enc[session->key].finalize(&session->gdata,
op->auth.digest.data,
- (uint64_t)op->auth.digest.length);
+ (uint64_t)session->digest_length);
} else { /* session->op == AESNI_GCM_OP_AUTHENTICATED_DECRYPTION */
uint8_t *auth_tag = (uint8_t *)rte_pktmbuf_append(op->m_dst ?
op->m_dst : op->m_src,
- op->auth.digest.length);
+ session->digest_length);
if (!auth_tag) {
GCM_LOG_ERR("auth_tag");
@@ -308,7 +313,7 @@ process_gcm_crypto_op(struct rte_crypto_sym_op *op,
aesni_gcm_dec[session->key].finalize(&session->gdata,
auth_tag,
- (uint64_t)op->auth.digest.length);
+ (uint64_t)session->digest_length);
}
return 0;
@@ -338,21 +343,21 @@ post_process_gcm_crypto_op(struct rte_crypto_op *op)
if (session->op == AESNI_GCM_OP_AUTHENTICATED_DECRYPTION) {
uint8_t *tag = rte_pktmbuf_mtod_offset(m, uint8_t *,
- m->data_len - op->sym->auth.digest.length);
+ m->data_len - session->digest_length);
#ifdef RTE_LIBRTE_PMD_AESNI_GCM_DEBUG
rte_hexdump(stdout, "auth tag (orig):",
- op->sym->auth.digest.data, op->sym->auth.digest.length);
+ op->sym->auth.digest.data, session->digest_length);
rte_hexdump(stdout, "auth tag (calc):",
- tag, op->sym->auth.digest.length);
+ tag, session->digest_length);
#endif
if (memcmp(tag, op->sym->auth.digest.data,
- op->sym->auth.digest.length) != 0)
+ session->digest_length) != 0)
op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
/* trim area used for digest from mbuf */
- rte_pktmbuf_trim(m, op->sym->auth.digest.length);
+ rte_pktmbuf_trim(m, session->digest_length);
}
}
diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h
index 0496b44..b27ad40 100644
--- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h
+++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h
@@ -90,6 +90,8 @@ enum aesni_gcm_key {
/** AESNI GCM private session structure */
struct aesni_gcm_session {
+ uint16_t digest_length;
+ /**< Digest length */
enum aesni_gcm_operation op;
/**< GCM operation type */
enum aesni_gcm_key key;
diff --git a/drivers/crypto/armv8/rte_armv8_pmd.c b/drivers/crypto/armv8/rte_armv8_pmd.c
index 146e68a..3ca9007 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd.c
+++ b/drivers/crypto/armv8/rte_armv8_pmd.c
@@ -451,6 +451,9 @@ armv8_crypto_set_session_chained_parameters(struct armv8_crypto_session *sess,
return -EINVAL;
}
+ /* Set the digest length */
+ sess->auth.digest_length = auth_xform->auth.digest_length;
+
/* Verify supported key lengths and extract proper algorithm */
switch (cipher_xform->cipher.key.length << 3) {
case 128:
@@ -645,7 +648,7 @@ process_armv8_chained_op
}
} else {
adst = (uint8_t *)rte_pktmbuf_append(m_asrc,
- op->sym->auth.digest.length);
+ sess->auth.digest_length);
}
if (unlikely(op->sym->cipher.iv.length != sess->cipher.iv_len)) {
@@ -667,12 +670,12 @@ process_armv8_chained_op
op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
if (memcmp(adst, op->sym->auth.digest.data,
- op->sym->auth.digest.length) != 0) {
+ sess->auth.digest_length) != 0) {
op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
}
/* Trim area used for digest from mbuf. */
rte_pktmbuf_trim(m_asrc,
- op->sym->auth.digest.length);
+ sess->auth.digest_length);
}
}
diff --git a/drivers/crypto/armv8/rte_armv8_pmd_private.h b/drivers/crypto/armv8/rte_armv8_pmd_private.h
index b75107f..ccd5fdc 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd_private.h
+++ b/drivers/crypto/armv8/rte_armv8_pmd_private.h
@@ -196,6 +196,8 @@ struct armv8_crypto_session {
/**< HMAC key (max supported length)*/
} hmac;
};
+ uint16_t digest_length;
+ /* Digest length */
} auth;
} __rte_cache_aligned;
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index ba0bfb3..336c281 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -84,7 +84,7 @@ build_authenc_fd(dpaa2_sec_session *sess,
struct sec_flow_context *flc;
uint32_t auth_only_len = sym_op->auth.data.length -
sym_op->cipher.data.length;
- int icv_len = sym_op->auth.digest.length;
+ int icv_len = sess->digest_length;
uint8_t *old_icv;
uint32_t mem_len = (7 * sizeof(struct qbman_fle)) + icv_len;
@@ -133,7 +133,7 @@ build_authenc_fd(dpaa2_sec_session *sess,
"cipher_off: 0x%x/length %d, iv-len=%d data_off: 0x%x\n",
sym_op->auth.data.offset,
sym_op->auth.data.length,
- sym_op->auth.digest.length,
+ sess->digest_length,
sym_op->cipher.data.offset,
sym_op->cipher.data.length,
sym_op->cipher.iv.length,
@@ -159,7 +159,7 @@ build_authenc_fd(dpaa2_sec_session *sess,
sge++;
DPAA2_SET_FLE_ADDR(sge,
DPAA2_VADDR_TO_IOVA(sym_op->auth.digest.data));
- sge->length = sym_op->auth.digest.length;
+ sge->length = sess->digest_length;
DPAA2_SET_FD_LEN(fd, (sym_op->auth.data.length +
sym_op->cipher.iv.length));
}
@@ -175,7 +175,7 @@ build_authenc_fd(dpaa2_sec_session *sess,
fle->length = (sess->dir == DIR_ENC) ?
(sym_op->auth.data.length + sym_op->cipher.iv.length) :
(sym_op->auth.data.length + sym_op->cipher.iv.length +
- sym_op->auth.digest.length);
+ sess->digest_length);
/* Configure Input SGE for Encap/Decap */
DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(sym_op->cipher.iv.data));
@@ -190,12 +190,12 @@ build_authenc_fd(dpaa2_sec_session *sess,
sge++;
old_icv = (uint8_t *)(sge + 1);
memcpy(old_icv, sym_op->auth.digest.data,
- sym_op->auth.digest.length);
- memset(sym_op->auth.digest.data, 0, sym_op->auth.digest.length);
+ sess->digest_length);
+ memset(sym_op->auth.digest.data, 0, sess->digest_length);
DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_icv));
- sge->length = sym_op->auth.digest.length;
+ sge->length = sess->digest_length;
DPAA2_SET_FD_LEN(fd, (sym_op->auth.data.length +
- sym_op->auth.digest.length +
+ sess->digest_length +
sym_op->cipher.iv.length));
}
DPAA2_SET_FLE_FIN(sge);
@@ -215,7 +215,7 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
uint32_t mem_len = (sess->dir == DIR_ENC) ?
(3 * sizeof(struct qbman_fle)) :
(5 * sizeof(struct qbman_fle) +
- sym_op->auth.digest.length);
+ sess->digest_length);
struct sec_flow_context *flc;
struct ctxt_priv *priv = sess->ctxt;
uint8_t *old_digest;
@@ -249,7 +249,7 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
DPAA2_SET_FD_FLC(fd, DPAA2_VADDR_TO_IOVA(flc));
DPAA2_SET_FLE_ADDR(fle, DPAA2_VADDR_TO_IOVA(sym_op->auth.digest.data));
- fle->length = sym_op->auth.digest.length;
+ fle->length = sess->digest_length;
DPAA2_SET_FD_ADDR(fd, DPAA2_VADDR_TO_IOVA(fle));
DPAA2_SET_FD_COMPOUND_FMT(fd);
@@ -280,17 +280,17 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
sym_op->m_src->data_off);
DPAA2_SET_FD_LEN(fd, sym_op->auth.data.length +
- sym_op->auth.digest.length);
+ sess->digest_length);
sge->length = sym_op->auth.data.length;
sge++;
old_digest = (uint8_t *)(sge + 1);
rte_memcpy(old_digest, sym_op->auth.digest.data,
- sym_op->auth.digest.length);
- memset(sym_op->auth.digest.data, 0, sym_op->auth.digest.length);
+ sess->digest_length);
+ memset(sym_op->auth.digest.data, 0, sess->digest_length);
DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_digest));
- sge->length = sym_op->auth.digest.length;
+ sge->length = sess->digest_length;
fle->length = sym_op->auth.data.length +
- sym_op->auth.digest.length;
+ sess->digest_length;
DPAA2_SET_FLE_FIN(sge);
}
DPAA2_SET_FLE_FIN(fle);
@@ -904,6 +904,8 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev,
authdata.key_enc_flags = 0;
authdata.key_type = RTA_DATA_IMM;
+ session->digest_length = xform->auth.digest_length;
+
switch (xform->auth.algo) {
case RTE_CRYPTO_AUTH_SHA1_HMAC:
authdata.algtype = OP_ALG_ALGSEL_SHA1;
@@ -1051,6 +1053,8 @@ dpaa2_sec_aead_init(struct rte_cryptodev *dev,
authdata.key_enc_flags = 0;
authdata.key_type = RTA_DATA_IMM;
+ session->digest_length = xform->auth.digest_length;
+
switch (auth_xform->algo) {
case RTE_CRYPTO_AUTH_SHA1_HMAC:
authdata.algtype = OP_ALG_ALGSEL_SHA1;
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
index f5c6169..d4ca86c 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
@@ -187,6 +187,7 @@ typedef struct dpaa2_sec_session_entry {
uint8_t *data; /**< pointer to key data */
size_t length; /**< key length in bytes */
} auth_key;
+ uint16_t digest_length;
uint8_t status;
union {
struct dpaa2_sec_cipher_ctxt cipher_ctxt;
diff --git a/drivers/crypto/kasumi/rte_kasumi_pmd.c b/drivers/crypto/kasumi/rte_kasumi_pmd.c
index d089b0d..6407a7d 100644
--- a/drivers/crypto/kasumi/rte_kasumi_pmd.c
+++ b/drivers/crypto/kasumi/rte_kasumi_pmd.c
@@ -124,6 +124,12 @@ kasumi_set_session_parameters(struct kasumi_session *sess,
/* Only KASUMI F9 supported */
if (auth_xform->auth.algo != RTE_CRYPTO_AUTH_KASUMI_F9)
return -EINVAL;
+
+ if (auth_xform->auth.digest_length != KASUMI_DIGEST_LENGTH) {
+ KASUMI_LOG_ERR("Wrong digest length");
+ return -EINVAL;
+ }
+
sess->auth_op = auth_xform->auth.op;
/* Initialize key */
sso_kasumi_init_f9_key_sched(auth_xform->auth.key.data,
@@ -259,12 +265,6 @@ process_kasumi_hash_op(struct rte_crypto_op **ops,
break;
}
- if (unlikely(ops[i]->sym->auth.digest.length != KASUMI_DIGEST_LENGTH)) {
- ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
- KASUMI_LOG_ERR("digest");
- break;
- }
-
/* Data must be byte aligned */
if ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {
ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
@@ -285,19 +285,19 @@ process_kasumi_hash_op(struct rte_crypto_op **ops,
if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
dst = (uint8_t *)rte_pktmbuf_append(ops[i]->sym->m_src,
- ops[i]->sym->auth.digest.length);
+ KASUMI_DIGEST_LENGTH);
sso_kasumi_f9_1_buffer_user(&session->pKeySched_hash,
IV, src,
length_in_bits, dst, direction);
/* Verify digest. */
if (memcmp(dst, ops[i]->sym->auth.digest.data,
- ops[i]->sym->auth.digest.length) != 0)
+ KASUMI_DIGEST_LENGTH) != 0)
ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
/* Trim area used for digest from mbuf. */
rte_pktmbuf_trim(ops[i]->sym->m_src,
- ops[i]->sym->auth.digest.length);
+ KASUMI_DIGEST_LENGTH);
} else {
dst = ops[i]->sym->auth.digest.data;
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index a92bd88..0333526 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -365,6 +365,8 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
return -EINVAL;
}
+ sess->auth.digest_length = xform->auth.digest_length;
+
return 0;
}
@@ -1116,7 +1118,7 @@ process_openssl_auth_op
if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY)
dst = (uint8_t *)rte_pktmbuf_append(mbuf_src,
- op->sym->auth.digest.length);
+ sess->auth.digest_length);
else {
dst = op->sym->auth.digest.data;
if (dst == NULL)
@@ -1144,11 +1146,11 @@ process_openssl_auth_op
if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
if (memcmp(dst, op->sym->auth.digest.data,
- op->sym->auth.digest.length) != 0) {
+ sess->auth.digest_length) != 0) {
op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
}
/* Trim area used for digest from mbuf. */
- rte_pktmbuf_trim(mbuf_src, op->sym->auth.digest.length);
+ rte_pktmbuf_trim(mbuf_src, sess->auth.digest_length);
}
if (status != 0)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_private.h b/drivers/crypto/openssl/rte_openssl_pmd_private.h
index 4d820c5..28a8e36 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_private.h
+++ b/drivers/crypto/openssl/rte_openssl_pmd_private.h
@@ -157,6 +157,9 @@ struct openssl_session {
/**< pointer to EVP context structure */
} hmac;
};
+
+ uint16_t digest_length;
+ /**< digest length */
} auth;
} __rte_cache_aligned;
diff --git a/drivers/crypto/qat/qat_adf/qat_algs.h b/drivers/crypto/qat/qat_adf/qat_algs.h
index b139007..9acd68a 100644
--- a/drivers/crypto/qat/qat_adf/qat_algs.h
+++ b/drivers/crypto/qat/qat_adf/qat_algs.h
@@ -127,6 +127,7 @@ struct qat_session {
struct icp_qat_fw_la_bulk_req fw_req;
uint32_t *aad_len;
struct qat_crypto_instance *inst;
+ uint16_t digest_length;
rte_spinlock_t lock; /* protects this struct */
};
diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c
index 35edfc9..329f88a 100644
--- a/drivers/crypto/qat/qat_crypto.c
+++ b/drivers/crypto/qat/qat_crypto.c
@@ -1188,7 +1188,7 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
rte_hexdump(stdout, "iv:", op->sym->cipher.iv.data,
op->sym->cipher.iv.length);
rte_hexdump(stdout, "digest:", op->sym->auth.digest.data,
- op->sym->auth.digest.length);
+ ctx->digest_length);
rte_hexdump(stdout, "aad:", op->sym->auth.aad.data,
op->sym->auth.aad.length);
#endif
diff --git a/drivers/crypto/snow3g/rte_snow3g_pmd.c b/drivers/crypto/snow3g/rte_snow3g_pmd.c
index d928ed2..75989da 100644
--- a/drivers/crypto/snow3g/rte_snow3g_pmd.c
+++ b/drivers/crypto/snow3g/rte_snow3g_pmd.c
@@ -124,6 +124,12 @@ snow3g_set_session_parameters(struct snow3g_session *sess,
/* Only SNOW 3G UIA2 supported */
if (auth_xform->auth.algo != RTE_CRYPTO_AUTH_SNOW3G_UIA2)
return -EINVAL;
+
+ if (auth_xform->auth.digest_length != SNOW3G_DIGEST_LENGTH) {
+ SNOW3G_LOG_ERR("Wrong digest length");
+ return -EINVAL;
+ }
+
sess->auth_op = auth_xform->auth.op;
/* Initialize key */
sso_snow3g_init_key_sched(auth_xform->auth.key.data,
@@ -254,12 +260,6 @@ process_snow3g_hash_op(struct rte_crypto_op **ops,
break;
}
- if (unlikely(ops[i]->sym->auth.digest.length != SNOW3G_DIGEST_LENGTH)) {
- ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
- SNOW3G_LOG_ERR("digest");
- break;
- }
-
/* Data must be byte aligned */
if ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {
ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
@@ -274,19 +274,19 @@ process_snow3g_hash_op(struct rte_crypto_op **ops,
if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
dst = (uint8_t *)rte_pktmbuf_append(ops[i]->sym->m_src,
- ops[i]->sym->auth.digest.length);
+ SNOW3G_DIGEST_LENGTH);
sso_snow3g_f9_1_buffer(&session->pKeySched_hash,
ops[i]->sym->auth.aad.data, src,
length_in_bits, dst);
/* Verify digest. */
if (memcmp(dst, ops[i]->sym->auth.digest.data,
- ops[i]->sym->auth.digest.length) != 0)
+ SNOW3G_DIGEST_LENGTH) != 0)
ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
/* Trim area used for digest from mbuf. */
rte_pktmbuf_trim(ops[i]->sym->m_src,
- ops[i]->sym->auth.digest.length);
+ SNOW3G_DIGEST_LENGTH);
} else {
dst = ops[i]->sym->auth.digest.data;
diff --git a/drivers/crypto/zuc/rte_zuc_pmd.c b/drivers/crypto/zuc/rte_zuc_pmd.c
index 046c830..e7a3de8 100644
--- a/drivers/crypto/zuc/rte_zuc_pmd.c
+++ b/drivers/crypto/zuc/rte_zuc_pmd.c
@@ -123,6 +123,12 @@ zuc_set_session_parameters(struct zuc_session *sess,
/* Only ZUC EIA3 supported */
if (auth_xform->auth.algo != RTE_CRYPTO_AUTH_ZUC_EIA3)
return -EINVAL;
+
+ if (auth_xform->auth.digest_length != ZUC_DIGEST_LENGTH) {
+ ZUC_LOG_ERR("Wrong digest length");
+ return -EINVAL;
+ }
+
sess->auth_op = auth_xform->auth.op;
/* Copy the key */
memcpy(sess->pKey_hash, auth_xform->auth.key.data,
@@ -245,12 +251,6 @@ process_zuc_hash_op(struct rte_crypto_op **ops,
break;
}
- if (unlikely(ops[i]->sym->auth.digest.length != ZUC_DIGEST_LENGTH)) {
- ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
- ZUC_LOG_ERR("digest");
- break;
- }
-
/* Data must be byte aligned */
if ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {
ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
@@ -265,19 +265,19 @@ process_zuc_hash_op(struct rte_crypto_op **ops,
if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
dst = (uint32_t *)rte_pktmbuf_append(ops[i]->sym->m_src,
- ops[i]->sym->auth.digest.length);
+ ZUC_DIGEST_LENGTH);
sso_zuc_eia3_1_buffer(session->pKey_hash,
ops[i]->sym->auth.aad.data, src,
length_in_bits, dst);
/* Verify digest. */
if (memcmp(dst, ops[i]->sym->auth.digest.data,
- ops[i]->sym->auth.digest.length) != 0)
+ ZUC_DIGEST_LENGTH) != 0)
ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
/* Trim area used for digest from mbuf. */
rte_pktmbuf_trim(ops[i]->sym->m_src,
- ops[i]->sym->auth.digest.length);
+ ZUC_DIGEST_LENGTH);
} else {
dst = (uint32_t *)ops[i]->sym->auth.digest.data;
diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index 08f4d02..982a97c 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -305,7 +305,7 @@ struct rte_crypto_auth_xform {
* (for example RFC 2104, FIPS 198a).
*/
- uint32_t digest_length;
+ uint16_t digest_length;
/**< Length of the digest to be returned. If the verify option is set,
* this specifies the length of the digest to be compared for the
* session.
@@ -553,10 +553,6 @@ struct rte_crypto_sym_op {
*/
phys_addr_t phys_addr;
/**< Physical address of digest */
- uint16_t length;
- /**< Length of digest. This must be the same value as
- * @ref rte_crypto_auth_xform.digest_length.
- */
} digest; /**< Digest parameters */
struct {
--
2.7.4
next prev parent reply other threads:[~2017-05-28 21:05 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-28 21:05 [PATCH 00/13] Crypto operation restructuring Pablo de Lara
2017-05-28 21:05 ` [PATCH 01/13] cryptodev: move session type to generic crypto op Pablo de Lara
2017-05-28 21:05 ` [PATCH 02/13] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-05-28 21:05 ` [PATCH 03/13] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-05-28 21:05 ` [PATCH 04/13] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-05-28 21:05 ` [PATCH 05/13] cryptodev: add crypto op helper macros Pablo de Lara
2017-05-28 21:05 ` [PATCH 06/13] cryptodev: remove additional auth data from xform Pablo de Lara
2017-05-28 21:05 ` Pablo de Lara [this message]
2017-05-28 21:05 ` [PATCH 08/13] app/crypto-perf: move IV to crypto op private data Pablo de Lara
2017-05-28 21:05 ` [PATCH 09/13] cryptodev: pass IV as offset Pablo de Lara
2017-05-28 21:05 ` [PATCH 10/13] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-05-28 21:05 ` [PATCH 11/13] drivers/crypto: do not use AAD in wireless algorithms Pablo de Lara
2017-05-28 21:05 ` [PATCH 12/13] cryptodev: aad AEAD specific data Pablo de Lara
2017-05-28 21:05 ` [PATCH 13/13] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 00/27] Crypto operation restructuring Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 01/27] cryptodev: move session type to generic crypto op Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 02/27] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 03/27] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 04/27] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 05/27] cryptodev: remove useless alignment Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 06/27] cryptodev: add crypto op helper macros Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 07/27] crypto/qat: fix KASUMI authentication Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 08/27] test/crypto: move IV to crypto op private data Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 09/27] test/crypto-perf: " Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 10/27] app/crypto-perf: " Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 11/27] examples/l2fwd-crypto: " Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 12/27] examples/ipsec-secgw: " Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 13/27] cryptodev: pass IV as offset Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 14/27] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 15/27] cryptodev: add auth IV Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 16/27] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 17/27] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 18/27] cryptodev: remove digest " Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 19/27] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 20/27] cryptodev: add AEAD specific data Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 21/27] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 22/27] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 23/27] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 24/27] examples/ipsec-secgw: " Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 25/27] examples/l2fwd-crypto: " Pablo de Lara
2017-06-26 10:22 ` [PATCH v2 26/27] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-06-26 10:23 ` [PATCH v2 27/27] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-06-29 11:34 ` [PATCH v3 00/26] Crypto operation restructuring Pablo de Lara
2017-06-29 11:34 ` [PATCH v3 01/26] cryptodev: move session type to generic crypto op Pablo de Lara
2017-06-29 11:34 ` [PATCH v3 02/26] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-06-29 11:34 ` [PATCH v3 03/26] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-06-29 11:34 ` [PATCH v3 04/26] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 05/26] cryptodev: remove useless alignment Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 06/26] cryptodev: add crypto op helper macros Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 07/26] test/crypto: move IV to crypto op private data Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 08/26] test/crypto-perf: " Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 09/26] app/crypto-perf: " Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 10/26] examples/l2fwd-crypto: " Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 11/26] examples/ipsec-secgw: " Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 12/26] cryptodev: pass IV as offset Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 13/26] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 14/26] cryptodev: add auth IV Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 15/26] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 16/26] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 17/26] cryptodev: remove digest " Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 18/26] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 19/26] cryptodev: add AEAD specific data Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 20/26] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 21/26] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 22/26] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 23/26] examples/ipsec-secgw: " Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 24/26] examples/l2fwd-crypto: " Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 25/26] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-06-29 11:35 ` [PATCH v3 26/26] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-06-30 13:23 ` [PATCH v3 00/26] Crypto operation restructuring Trahe, Fiona
2017-07-02 5:41 ` [PATCH v4 " Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 01/26] cryptodev: move session type to generic crypto op Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 02/26] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 03/26] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 04/26] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 05/26] cryptodev: remove useless alignment Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 06/26] cryptodev: add crypto op helper macros Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 07/26] test/crypto: move IV to crypto op private data Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 08/26] test/crypto-perf: " Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 09/26] app/crypto-perf: " Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 10/26] examples/l2fwd-crypto: " Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 11/26] examples/ipsec-secgw: " Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 12/26] cryptodev: pass IV as offset Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 13/26] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 14/26] cryptodev: add auth IV Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 15/26] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 16/26] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 17/26] cryptodev: remove digest " Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 18/26] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 19/26] cryptodev: add AEAD specific data Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 20/26] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 21/26] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 22/26] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 23/26] examples/ipsec-secgw: " Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 24/26] examples/l2fwd-crypto: " Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 25/26] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-07-02 5:41 ` [PATCH v4 26/26] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-07-03 15:44 ` [PATCH v4 00/26] Crypto operation restructuring Declan Doherty
2017-07-03 16:27 ` De Lara Guarch, Pablo
2017-06-29 16:39 ` [PATCH v2 00/27] " Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1496005522-134934-8-git-send-email-pablo.de.lara.guarch@intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=hemant.agrawal@nxp.com \
--cc=jerin.jacob@caviumnetworks.com \
--cc=zbigniew.bodek@caviumnetworks.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.