From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by dpdk.org (Postfix) with ESMTP id 2CA184CE6 for ; Mon, 2 Jan 2017 10:08:22 +0100 (CET) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga102.jf.intel.com with ESMTP; 02 Jan 2017 01:08:21 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,432,1477983600"; d="scan'208";a="48667598" Received: from irsmsx101.ger.corp.intel.com ([163.33.3.153]) by fmsmga005.fm.intel.com with ESMTP; 02 Jan 2017 01:08:20 -0800 Received: from irsmsx102.ger.corp.intel.com ([169.254.2.230]) by IRSMSX101.ger.corp.intel.com ([169.254.1.112]) with mapi id 14.03.0248.002; Mon, 2 Jan 2017 09:08:18 +0000 From: "Azarewicz, PiotrX T" To: "Azarewicz, PiotrX T" , "Kusztal, ArkadiuszX" , "dev@dpdk.org" CC: "Trahe, Fiona" , "De Lara Guarch, Pablo" , "Griffin, John" , "Jain, Deepak K" , "Doherty, Declan" , "Kusztal, ArkadiuszX" Thread-Topic: [dpdk-dev] [PATCH v2 2/3] crypto/aesni_gcm: fix iv size in PMD capabilities Thread-Index: AQHSYdYHKZLS0Y7OqEa3gcB+Aw7jz6Ek6Ztw Date: Mon, 2 Jan 2017 09:08:18 +0000 Message-ID: <4837007523CC9A4B9414D20C13DE6E6413758F80@IRSMSX102.ger.corp.intel.com> References: <1482481493-4369-1-git-send-email-arkadiuszx.kusztal@intel.com> <1482481493-4369-3-git-send-email-arkadiuszx.kusztal@intel.com> <4837007523CC9A4B9414D20C13DE6E6413757B3D@IRSMSX102.ger.corp.intel.com> In-Reply-To: <4837007523CC9A4B9414D20C13DE6E6413757B3D@IRSMSX102.ger.corp.intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [163.33.239.182] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] [PATCH v2 2/3] crypto/aesni_gcm: fix iv size in PMD capabilities X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jan 2017 09:08:23 -0000 > Subject: Re: [dpdk-dev] [PATCH v2 2/3] crypto/aesni_gcm: fix iv size in P= MD > capabilities >=20 > > Subject: [dpdk-dev] [PATCH v2 2/3] crypto/aesni_gcm: fix iv size in > > PMD capabilities > > > > This patch sets iv size in aesni gcm PMD to 12 bytes to be conformant > > with nist SP800-38D. > > > > Fixes: eec136f3c54f ("aesni_gcm: add driver for AES-GCM crypto > > operations") > > > > Signed-off-by: Arek Kusztal > > --- > > drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c > > b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c > > index e824d4b..c51f82a 100644 > > --- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c > > +++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c > > @@ -77,8 +77,8 @@ static const struct rte_cryptodev_capabilities > > aesni_gcm_pmd_capabilities[] =3D { > > .increment =3D 0 > > }, > > .iv_size =3D { > > - .min =3D 16, > > - .max =3D 16, > > + .min =3D 12, > > + .max =3D 12, > > .increment =3D 0 > > } > > }, } >=20 > I think that we should also remove 16 na 0 bytes allowed in > process_gcm_crypto_op() function: > if (op->cipher.iv.length !=3D 16 && op->cipher.iv.length !=3D 12 && > op->cipher.iv.length !=3D 0) { > GCM_LOG_ERR("iv"); > return -1; > } I found this notice about IV in rte_crypto_sym.h : * - For GCM mode, this is either the IV (if the length * is 96 bits) or J0 (for other sizes), where J0 is as * defined by NIST SP800-38D. Regardless of the IV * length, a full 16 bytes needs to be allocated. So it is fine to leave unchanged above code. Acked-by: Piotr Azarewicz