patches for DPDK stable branches
 help / color / mirror / Atom feed
* [dpdk-stable] [dpdk-dev] [PATCH 1/2] crypto/armv8: fix authentication session configuration
@ 2017-07-30 11:23 Jerin Jacob
  2017-07-30 11:23 ` [dpdk-stable] [dpdk-dev] [PATCH 2/2] crypto/armv8: fix HMAC supported key sizes Jerin Jacob
  0 siblings, 1 reply; 3+ messages in thread
From: Jerin Jacob @ 2017-07-30 11:23 UTC (permalink / raw)
  To: dev
  Cc: pablo.de.lara.guarch, thomas, hemant.agrawal, akhil.goyal,
	Srisivasubramanian S, stable

From: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>

For key sizes greater than digest length, pad with zero rather than
computing hash of the key itself.

Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
Cc: stable@dpdk.org

Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
---
 drivers/crypto/armv8/rte_armv8_pmd.c         | 54 ++++++++--------------------
 drivers/crypto/armv8/rte_armv8_pmd_private.h |  4 +--
 2 files changed, 16 insertions(+), 42 deletions(-)

diff --git a/drivers/crypto/armv8/rte_armv8_pmd.c b/drivers/crypto/armv8/rte_armv8_pmd.c
index c3ba439fc..a5c39c9b7 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd.c
+++ b/drivers/crypto/armv8/rte_armv8_pmd.c
@@ -291,27 +291,14 @@ auth_set_prerequisites(struct armv8_crypto_session *sess,
 		 * Generate authentication key, i_key_pad and o_key_pad.
 		 */
 		/* Zero memory under key */
-		memset(sess->auth.hmac.key, 0, SHA1_AUTH_KEY_LENGTH);
+		memset(sess->auth.hmac.key, 0, SHA1_BLOCK_SIZE);
 
-		if (xform->auth.key.length > SHA1_AUTH_KEY_LENGTH) {
-			/*
-			 * In case the key is longer than 160 bits
-			 * the algorithm will use SHA1(key) instead.
-			 */
-			error = sha1_block(NULL, xform->auth.key.data,
-				sess->auth.hmac.key, xform->auth.key.length);
-			if (error != 0)
-				return -1;
-		} else {
-			/*
-			 * Now copy the given authentication key to the session
-			 * key assuming that the session key is zeroed there is
-			 * no need for additional zero padding if the key is
-			 * shorter than SHA1_AUTH_KEY_LENGTH.
-			 */
-			rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
-							xform->auth.key.length);
-		}
+		/*
+		 * Now copy the given authentication key to the session
+		 * key.
+		 */
+		rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
+						xform->auth.key.length);
 
 		/* Prepare HMAC padding: key|pattern */
 		auth_hmac_pad_prepare(sess, xform);
@@ -337,27 +324,14 @@ auth_set_prerequisites(struct armv8_crypto_session *sess,
 		 * Generate authentication key, i_key_pad and o_key_pad.
 		 */
 		/* Zero memory under key */
-		memset(sess->auth.hmac.key, 0, SHA256_AUTH_KEY_LENGTH);
+		memset(sess->auth.hmac.key, 0, SHA256_BLOCK_SIZE);
 
-		if (xform->auth.key.length > SHA256_AUTH_KEY_LENGTH) {
-			/*
-			 * In case the key is longer than 256 bits
-			 * the algorithm will use SHA256(key) instead.
-			 */
-			error = sha256_block(NULL, xform->auth.key.data,
-				sess->auth.hmac.key, xform->auth.key.length);
-			if (error != 0)
-				return -1;
-		} else {
-			/*
-			 * Now copy the given authentication key to the session
-			 * key assuming that the session key is zeroed there is
-			 * no need for additional zero padding if the key is
-			 * shorter than SHA256_AUTH_KEY_LENGTH.
-			 */
-			rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
-							xform->auth.key.length);
-		}
+		/*
+		 * Now copy the given authentication key to the session
+		 * key.
+		 */
+		rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
+						xform->auth.key.length);
 
 		/* Prepare HMAC padding: key|pattern */
 		auth_hmac_pad_prepare(sess, xform);
diff --git a/drivers/crypto/armv8/rte_armv8_pmd_private.h b/drivers/crypto/armv8/rte_armv8_pmd_private.h
index 679a71af3..d02992a64 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd_private.h
+++ b/drivers/crypto/armv8/rte_armv8_pmd_private.h
@@ -198,8 +198,8 @@ struct armv8_crypto_session {
 				uint8_t o_key_pad[SHA_BLOCK_MAX]
 							__rte_cache_aligned;
 				/**< outer pad (max supported block length) */
-				uint8_t key[SHA_AUTH_KEY_MAX];
-				/**< HMAC key (max supported length)*/
+				uint8_t key[SHA_BLOCK_MAX];
+				/**< HMAC key (max supported block length)*/
 			} hmac;
 		};
 		uint16_t digest_length;
-- 
2.13.3

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [dpdk-stable] [dpdk-dev] [PATCH 2/2] crypto/armv8: fix HMAC supported key sizes
  2017-07-30 11:23 [dpdk-stable] [dpdk-dev] [PATCH 1/2] crypto/armv8: fix authentication session configuration Jerin Jacob
@ 2017-07-30 11:23 ` Jerin Jacob
  2017-07-30 16:57   ` Thomas Monjalon
  0 siblings, 1 reply; 3+ messages in thread
From: Jerin Jacob @ 2017-07-30 11:23 UTC (permalink / raw)
  To: dev
  Cc: pablo.de.lara.guarch, thomas, hemant.agrawal, akhil.goyal,
	Srisivasubramanian S, stable, Jerin Jacob

From: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>

For HMAC algorithms (SHAx-HMAC), the supported
key sizes are not a fixed value, but a range between
1 and the block size.

Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
Cc: stable@dpdk.org

Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
---
 drivers/crypto/armv8/rte_armv8_pmd_ops.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/drivers/crypto/armv8/rte_armv8_pmd_ops.c b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
index f6f38037e..00297bebb 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd_ops.c
+++ b/drivers/crypto/armv8/rte_armv8_pmd_ops.c
@@ -50,9 +50,9 @@ static const struct rte_cryptodev_capabilities
 					.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
 					.block_size = 64,
 					.key_size = {
-						.min = 16,
-						.max = 128,
-						.increment = 0
+						.min = 1,
+						.max = 64,
+						.increment = 1
 					},
 					.digest_size = {
 						.min = 20,
@@ -71,9 +71,9 @@ static const struct rte_cryptodev_capabilities
 					.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
 					.block_size = 64,
 					.key_size = {
-						.min = 16,
-						.max = 128,
-						.increment = 0
+						.min = 1,
+						.max = 64,
+						.increment = 1
 					},
 					.digest_size = {
 						.min = 32,
-- 
2.13.3

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [dpdk-stable] [dpdk-dev] [PATCH 2/2] crypto/armv8: fix HMAC supported key sizes
  2017-07-30 11:23 ` [dpdk-stable] [dpdk-dev] [PATCH 2/2] crypto/armv8: fix HMAC supported key sizes Jerin Jacob
@ 2017-07-30 16:57   ` Thomas Monjalon
  0 siblings, 0 replies; 3+ messages in thread
From: Thomas Monjalon @ 2017-07-30 16:57 UTC (permalink / raw)
  To: Jerin Jacob, Srisivasubramanian S
  Cc: stable, dev, pablo.de.lara.guarch, hemant.agrawal, akhil.goyal

30/07/2017 13:23, Jerin Jacob:
> From: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
> 
> For HMAC algorithms (SHAx-HMAC), the supported
> key sizes are not a fixed value, but a range between
> 1 and the block size.
> 
> Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
> Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>

Series applies, thanks

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2017-07-30 16:57 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-07-30 11:23 [dpdk-stable] [dpdk-dev] [PATCH 1/2] crypto/armv8: fix authentication session configuration Jerin Jacob
2017-07-30 11:23 ` [dpdk-stable] [dpdk-dev] [PATCH 2/2] crypto/armv8: fix HMAC supported key sizes Jerin Jacob
2017-07-30 16:57   ` Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).