From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <yliu@fridaylinux.org>
Received: from mail-pg0-f50.google.com (mail-pg0-f50.google.com [74.125.83.50])
 by dpdk.org (Postfix) with ESMTP id 92610915F
 for <stable@dpdk.org>; Mon, 21 Aug 2017 11:36:13 +0200 (CEST)
Received: by mail-pg0-f50.google.com with SMTP id i12so96970257pgr.3
 for <stable@dpdk.org>; Mon, 21 Aug 2017 02:36:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=fridaylinux-org.20150623.gappssmtp.com; s=20150623;
 h=from:to:cc:subject:date:message-id:in-reply-to:references;
 bh=MetwZVCBr2kX7eTGyyUkfbqjuNHhK0YvEk9PlHoBO5U=;
 b=W71lb3GCDZrdIohsEVaQCVYpBtCo/dF/8PbgfivD8XxYLVwQAjfoEA+B2D/019KW38
 Wc9FumwiZa5AkwcNUZBq2fpVk+n3G6uZd+hDzivdFBGJfgnJGZ6dKzLiAueB+P2KFwGg
 WFDhphojIiaDbl66fRbW513I7g4HMzMdcbu6gNAKbWT5/EiDAcjVQt4gsIgzABzCOgO0
 jtTDcdV2bkDPXK7n9YKBvzTjWnX5T83sFePmoeiZFFKZQ4xO6TTJLsP5VKR5IYDhGBbU
 l+VU5SnR09cD6Prn872niavssvAj+9UMYbowYIN5dQupDNmkS48jiRxb3T5oF1q2Ot08
 QAJQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references;
 bh=MetwZVCBr2kX7eTGyyUkfbqjuNHhK0YvEk9PlHoBO5U=;
 b=JP2Hpqh8HbON5FpF1V9WeVxLJSoRm1spHjI9xLkmUvFiu7kpiuzDaYqC2lcDTwPUcD
 iT4yyf53x7lYHCoHHs/AhRhZHcgAvr5cZQ8f/L/lDOOSCer5S0FjlowMcx7YJ3n50IsP
 MpAD3CvLeBwbZqofqkoIoIurRyL+iT9olESx8wDE2ItR2gOxjHsCZnCewMcjRVEhb5Ab
 bRzoS/xbvSlpqhzGB1cLpREY7Ro0bUaus/K7yvdKhQzNcu/XibpUmk+u3wgXGtk3HuiW
 0vP390KKw2UQdY3wmjh2dTB/AU2k35epBLfuvb9huoXGLje9PPD/eNo7yR/cq5Y/ZqwD
 CHYg==
X-Gm-Message-State: AHYfb5h4m72B31QxHQ5O6rLSs7QRmXK1v/fjeSWKS60WiEdP6TrOC0Is
 38Mk7Xgi0Q+zik6sftGbIw==
X-Received: by 10.84.218.4 with SMTP id q4mr18385197pli.202.1503308172905;
 Mon, 21 Aug 2017 02:36:12 -0700 (PDT)
Received: from localhost.localdomain ([45.63.61.64])
 by smtp.gmail.com with ESMTPSA id 69sm23355087pfh.186.2017.08.21.02.36.08
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
 Mon, 21 Aug 2017 02:36:11 -0700 (PDT)
From: Yuanhan Liu <yliu@fridaylinux.org>
To: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Cc: dpdk stable <stable@dpdk.org>,
	Yuanhan Liu <yliu@fridaylinux.org>
Date: Mon, 21 Aug 2017 17:30:50 +0800
Message-Id: <1503307878-16728-36-git-send-email-yliu@fridaylinux.org>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1503307878-16728-1-git-send-email-yliu@fridaylinux.org>
References: <1503307878-16728-1-git-send-email-yliu@fridaylinux.org>
Subject: [dpdk-stable] patch 'crypto/armv8: fix authentication session
	configuration' has been queued to stable release 17.05.2
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Aug 2017 09:36:14 -0000

Hi,

FYI, your patch has been queued to stable release 17.05.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 08/24/17. So please
shout if anyone has objections.

Thanks.

	--yliu

---
>>From bcb44e17f90bfd38cc258751f2785e647d3963c2 Mon Sep 17 00:00:00 2001
From: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Date: Sun, 30 Jul 2017 16:53:00 +0530
Subject: [PATCH] crypto/armv8: fix authentication session configuration

[ upstream commit 473174a7da555ec26751c89b56255192586cb0aa ]

For key sizes greater than digest length, pad with zero rather than
computing hash of the key itself.

Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")

Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
---
 drivers/crypto/armv8/rte_armv8_pmd.c         | 58 ++++++++--------------------
 drivers/crypto/armv8/rte_armv8_pmd_private.h |  4 +-
 2 files changed, 18 insertions(+), 44 deletions(-)

diff --git a/drivers/crypto/armv8/rte_armv8_pmd.c b/drivers/crypto/armv8/rte_armv8_pmd.c
index 3d603a5..8371245 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd.c
+++ b/drivers/crypto/armv8/rte_armv8_pmd.c
@@ -288,27 +288,14 @@ auth_set_prerequisites(struct armv8_crypto_session *sess,
 		 * Generate authentication key, i_key_pad and o_key_pad.
 		 */
 		/* Zero memory under key */
-		memset(sess->auth.hmac.key, 0, SHA1_AUTH_KEY_LENGTH);
-
-		if (xform->auth.key.length > SHA1_AUTH_KEY_LENGTH) {
-			/*
-			 * In case the key is longer than 160 bits
-			 * the algorithm will use SHA1(key) instead.
-			 */
-			error = sha1_block(NULL, xform->auth.key.data,
-				sess->auth.hmac.key, xform->auth.key.length);
-			if (error != 0)
-				return -1;
-		} else {
-			/*
-			 * Now copy the given authentication key to the session
-			 * key assuming that the session key is zeroed there is
-			 * no need for additional zero padding if the key is
-			 * shorter than SHA1_AUTH_KEY_LENGTH.
-			 */
-			rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
-							xform->auth.key.length);
-		}
+		memset(sess->auth.hmac.key, 0, SHA1_BLOCK_SIZE);
+
+		/*
+		 * Now copy the given authentication key to the session
+		 * key.
+		 */
+		rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
+						xform->auth.key.length);
 
 		/* Prepare HMAC padding: key|pattern */
 		auth_hmac_pad_prepare(sess, xform);
@@ -334,27 +321,14 @@ auth_set_prerequisites(struct armv8_crypto_session *sess,
 		 * Generate authentication key, i_key_pad and o_key_pad.
 		 */
 		/* Zero memory under key */
-		memset(sess->auth.hmac.key, 0, SHA256_AUTH_KEY_LENGTH);
-
-		if (xform->auth.key.length > SHA256_AUTH_KEY_LENGTH) {
-			/*
-			 * In case the key is longer than 256 bits
-			 * the algorithm will use SHA256(key) instead.
-			 */
-			error = sha256_block(NULL, xform->auth.key.data,
-				sess->auth.hmac.key, xform->auth.key.length);
-			if (error != 0)
-				return -1;
-		} else {
-			/*
-			 * Now copy the given authentication key to the session
-			 * key assuming that the session key is zeroed there is
-			 * no need for additional zero padding if the key is
-			 * shorter than SHA256_AUTH_KEY_LENGTH.
-			 */
-			rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
-							xform->auth.key.length);
-		}
+		memset(sess->auth.hmac.key, 0, SHA256_BLOCK_SIZE);
+
+		/*
+		 * Now copy the given authentication key to the session
+		 * key.
+		 */
+		rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
+						xform->auth.key.length);
 
 		/* Prepare HMAC padding: key|pattern */
 		auth_hmac_pad_prepare(sess, xform);
diff --git a/drivers/crypto/armv8/rte_armv8_pmd_private.h b/drivers/crypto/armv8/rte_armv8_pmd_private.h
index b75107f..34ab9de 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd_private.h
+++ b/drivers/crypto/armv8/rte_armv8_pmd_private.h
@@ -192,8 +192,8 @@ struct armv8_crypto_session {
 				uint8_t o_key_pad[SHA_BLOCK_MAX]
 							__rte_cache_aligned;
 				/**< outer pad (max supported block length) */
-				uint8_t key[SHA_AUTH_KEY_MAX];
-				/**< HMAC key (max supported length)*/
+				uint8_t key[SHA_BLOCK_MAX];
+				/**< HMAC key (max supported block length)*/
 			} hmac;
 		};
 	} auth;
-- 
2.7.4