From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <akhil.goyal@nxp.com>
Cc: Sucharitha Sarananaga <ssarananaga@marvell.com>, <dev@dpdk.org>,
"Archana Muniganti" <marchana@marvell.com>,
Anoob Joseph <anoobj@marvell.com>
Subject: [dpdk-dev] [PATCH 3/6] common/cpt: support variable key size for HMAC
Date: Wed, 5 Feb 2020 18:46:15 +0530 [thread overview]
Message-ID: <1580908578-3384-4-git-send-email-anoobj@marvell.com> (raw)
In-Reply-To: <1580908578-3384-1-git-send-email-anoobj@marvell.com>
From: Sucharitha Sarananaga <ssarananaga@marvell.com>
HMAC algorithms supports key lengths from 1 to 1024 bytes.
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Sucharitha Sarananaga <ssarananaga@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
drivers/common/cpt/cpt_mcode_defines.h | 2 +-
drivers/common/cpt/cpt_ucode.h | 15 ++++++-----
.../crypto/octeontx/otx_cryptodev_capabilities.c | 30 +++++++++++-----------
.../crypto/octeontx2/otx2_cryptodev_capabilities.c | 30 +++++++++++-----------
4 files changed, 40 insertions(+), 37 deletions(-)
diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h
index 8bb09e6..69d831b 100644
--- a/drivers/common/cpt/cpt_mcode_defines.h
+++ b/drivers/common/cpt/cpt_mcode_defines.h
@@ -320,7 +320,7 @@ struct cpt_ctx {
mc_zuc_snow3g_ctx_t zs_ctx;
mc_kasumi_ctx_t k_ctx;
};
- uint8_t auth_key[64];
+ uint8_t auth_key[1024];
};
/* Prime and order fields of built-in elliptic curves */
diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
index 24b53a1..4ef87c2 100644
--- a/drivers/common/cpt/cpt_ucode.h
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -230,6 +230,9 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key,
* sometimes iverride IV per operation.
*/
fctx->enc.iv_source = CPT_FROM_DPTR;
+
+ if (cpt_ctx->auth_key_len > 64)
+ return -1;
}
switch (type) {
@@ -2537,6 +2540,9 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key,
cpt_ctx->fc_type = HASH_HMAC;
}
+ if (cpt_ctx->fc_type == FC_GEN && key_len > 64)
+ return -1;
+
/* For GMAC auth, cipher must be NULL */
if (type == GMAC_TYPE)
fctx->enc.enc_cipher = 0;
@@ -2551,7 +2557,9 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key,
cpt_ctx->auth_key_len = key_len;
memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad));
memset(fctx->hmac.opad, 0, sizeof(fctx->hmac.opad));
- memcpy(fctx->hmac.opad, key, key_len);
+
+ if (key_len <= 64)
+ memcpy(fctx->hmac.opad, key, key_len);
fctx->enc.auth_input_type = 1;
}
return 0;
@@ -2736,11 +2744,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform,
return -1;
}
- if (a_form->key.length > 64) {
- CPT_LOG_DP_ERR("Auth key length is big");
- return -1;
- }
-
switch (a_form->algo) {
case RTE_CRYPTO_AUTH_SHA1_HMAC:
/* Fall through */
diff --git a/drivers/crypto/octeontx/otx_cryptodev_capabilities.c b/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
index 1174ee4..3f734b2 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
@@ -141,9 +141,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 20,
@@ -181,9 +181,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 28,
@@ -221,9 +221,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 32,
@@ -261,9 +261,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 48,
@@ -301,9 +301,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
.block_size = 128,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 64,
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
index 2ddf628..3eb3d85 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
@@ -142,9 +142,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 20,
@@ -182,9 +182,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 28,
@@ -222,9 +222,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 32,
@@ -262,9 +262,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 48,
@@ -302,9 +302,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
.block_size = 128,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 64,
--
2.7.4
next prev parent reply other threads:[~2020-02-05 13:17 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-05 13:16 [dpdk-dev] [PATCH 0/6] code improvements for OCTEON TX crypto PMDs Anoob Joseph
2020-02-05 13:16 ` [dpdk-dev] [PATCH 1/6] common/cpt: remove redundant bitswaps Anoob Joseph
2020-02-05 13:16 ` [dpdk-dev] [PATCH 2/6] crypto/octeontx2: add AES-GCM capabilities supported with new firmware Anoob Joseph
2020-02-05 13:16 ` Anoob Joseph [this message]
2020-02-05 13:16 ` [dpdk-dev] [PATCH 4/6] common/cpt: fix error path when cipher and auth key are not set Anoob Joseph
2020-02-05 13:16 ` [dpdk-dev] [PATCH 5/6] common/cpt: fix fill_sg_comp api for zero datalen Anoob Joseph
2020-02-05 13:16 ` [dpdk-dev] [PATCH 6/6] common/cpt: removes self assignment code Anoob Joseph
2020-02-05 13:19 ` [dpdk-dev] [PATCH 0/6] code improvements for OCTEON TX crypto PMDs Anoob Joseph
2020-02-05 14:56 ` Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1580908578-3384-4-git-send-email-anoobj@marvell.com \
--to=anoobj@marvell.com \
--cc=akhil.goyal@nxp.com \
--cc=dev@dpdk.org \
--cc=marchana@marvell.com \
--cc=ssarananaga@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).