From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <arkadiuszx.kusztal@intel.com>
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 by dpdk.org (Postfix) with ESMTP id 660FA58DD
 for <dev@dpdk.org>; Wed, 21 Sep 2016 12:41:21 +0200 (CEST)
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
 by orsmga103.jf.intel.com with ESMTP; 21 Sep 2016 03:41:20 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.30,373,1470726000"; d="scan'208";a="11595284"
Received: from irsmsx107.ger.corp.intel.com ([163.33.3.99])
 by fmsmga006.fm.intel.com with ESMTP; 21 Sep 2016 03:41:19 -0700
Received: from irsmsx102.ger.corp.intel.com ([169.254.2.248]) by
 IRSMSX107.ger.corp.intel.com ([169.254.10.95]) with mapi id 14.03.0248.002;
 Wed, 21 Sep 2016 11:41:18 +0100
From: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>
To: "De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>, "dev@dpdk.org"
 <dev@dpdk.org>
CC: "Trahe, Fiona" <fiona.trahe@intel.com>, "Jain, Deepak K"
 <deepak.k.jain@intel.com>, "Griffin, John" <john.griffin@intel.com>
Thread-Topic: [PATCH 1/3] crypto/aesni_gcm: move pre-counter block to GCM
 driver
Thread-Index: AQHR/si7zQyWJXMeBUGa27tOksP9pKCDABGAgADmSKA=
Date: Wed, 21 Sep 2016 10:41:17 +0000
Message-ID: <80307F746F1522479831AB1253B7024E6D414E@IRSMSX102.ger.corp.intel.com>
References: <1472126563-31268-1-git-send-email-arkadiuszx.kusztal@intel.com>
 <1472126563-31268-2-git-send-email-arkadiuszx.kusztal@intel.com>
 <E115CCD9D858EF4F90C690B0DCB4D8973C9FAD3E@IRSMSX108.ger.corp.intel.com>
In-Reply-To: <E115CCD9D858EF4F90C690B0DCB4D8973C9FAD3E@IRSMSX108.ger.corp.intel.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiNjliYjE4NTctZTdhMC00MzA3LTlhYTEtODE0NDY5OWNjYmM5IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX1BVQkxJQyJ9XX1dfSwiU3ViamVjdExhYmVscyI6W10sIlRNQ1ZlcnNpb24iOiIxNS45LjYuNiIsIlRydXN0ZWRMYWJlbEhhc2giOiJPZkI5YWVjZEZtK0phakFNUlBndmNIdWpaYmgzSlB0SHBhUXgwQzIyZk53PSJ9
x-ctpclassification: CTP_PUBLIC
x-originating-ip: [163.33.239.180]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [dpdk-dev] [PATCH 1/3] crypto/aesni_gcm: move pre-counter block
 to GCM driver
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2016 10:41:21 -0000

Hi Pablo,

GCM works with two IV length modes:
First case if - If (len(IV) =3D=3D 12B) =3D> J0 =3D iv || 0^31 || 1 =3D> Le=
n =3D 16B

And according to the API comments rte_crypto_sym.h: 435 (iv.data)
			 * - For GCM mode, this is either the IV (if the length
			 * is 96 bits) or J0 (for other sizes), where J0 is as
			 * defined by NIST SP800-38D. Regardless of the IV
			 * length, a full 16 bytes needs to be allocated.
So there is no worry of overflowing.

Thanks,
Arek


-----Original Message-----
From: De Lara Guarch, Pablo=20
Sent: Tuesday, September 20, 2016 10:38 PM
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
Cc: Trahe, Fiona <fiona.trahe@intel.com>; Jain, Deepak K <deepak.k.jain@int=
el.com>; Griffin, John <john.griffin@intel.com>
Subject: RE: [PATCH 1/3] crypto/aesni_gcm: move pre-counter block to GCM dr=
iver

Hi Arek,

> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Thursday, August 25, 2016 5:03 AM
> To: dev@dpdk.org
> Cc: Trahe, Fiona; Jain, Deepak K; De Lara Guarch, Pablo; Griffin,=20
> John; Kusztal, ArkadiuszX
> Subject: [PATCH 1/3] crypto/aesni_gcm: move pre-counter block to GCM=20
> driver
>=20
> This patch moves computing of pre-counter block into the AESNI-GCM=20
> driver so it can be moved from test files.
>=20
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
>  drivers/crypto/aesni_gcm/aesni_gcm_pmd.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>=20
> diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> index dc0b033..d8b6287 100644
> --- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> +++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> @@ -230,11 +230,16 @@ process_gcm_crypto_op(struct aesni_gcm_qp *qp,=20
> struct rte_crypto_sym_op *op,
>  					op->cipher.data.offset);
>=20
>  	/* sanity checks */
> -	if (op->cipher.iv.length !=3D 16 && op->cipher.iv.length !=3D 0) {
> +	if (op->cipher.iv.length !=3D 16 && op->cipher.iv.length !=3D 12 &&
> +			op->cipher.iv.length !=3D 0) {
>  		GCM_LOG_ERR("iv");
>  		return -1;
>  	}
>=20
> +	if (op->cipher.iv.length =3D=3D 12) {
> +		op->cipher.iv.data[15] =3D 1;
> +	}

Is this correct? In the second patch, you are removing code that set this b=
yte when IV length was 16, so I would expect this to be the same. Also, if =
length is 12, then data[15] looks like overflow.
Probably a comment would be useful here.

> +
>  	if (op->auth.aad.length !=3D 12 && op->auth.aad.length !=3D 8 &&
>  			op->auth.aad.length !=3D 0) {
>  		GCM_LOG_ERR("iv");
> --
> 2.1.0