DPDK patches and discussions
 help / color / mirror / Atom feed
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: declan.doherty@intel.com, akhil.goyal@nxp.com,
	hemant.agrawal@nxp.com, zbigniew.bodek@caviumnetworks.com,
	jerin.jacob@caviumnetworks.com
Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>
Subject: [dpdk-dev] [PATCH 07/13] cryptodev: remove digest length from crypto op
Date: Sun, 28 May 2017 22:05:16 +0100	[thread overview]
Message-ID: <1496005522-134934-8-git-send-email-pablo.de.lara.guarch@intel.com> (raw)
In-Reply-To: <1496005522-134934-1-git-send-email-pablo.de.lara.guarch@intel.com>

Digest length was duplicated in the authentication transform
and the crypto operation structures.

Since digest length is not expected to change in a same
session, it is removed from the crypto operation.

Also, the length has been shrunk to 16 bits,
which should be sufficient for any digest.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 app/test-crypto-perf/cperf_ops.c                 |  7 -----
 drivers/crypto/aesni_gcm/aesni_gcm_pmd.c         | 35 ++++++++++++++----------
 drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h |  2 ++
 drivers/crypto/armv8/rte_armv8_pmd.c             |  9 ++++--
 drivers/crypto/armv8/rte_armv8_pmd_private.h     |  2 ++
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c      | 34 +++++++++++++----------
 drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h        |  1 +
 drivers/crypto/kasumi/rte_kasumi_pmd.c           | 18 ++++++------
 drivers/crypto/openssl/rte_openssl_pmd.c         |  8 ++++--
 drivers/crypto/openssl/rte_openssl_pmd_private.h |  3 ++
 drivers/crypto/qat/qat_adf/qat_algs.h            |  1 +
 drivers/crypto/qat/qat_crypto.c                  |  2 +-
 drivers/crypto/snow3g/rte_snow3g_pmd.c           | 18 ++++++------
 drivers/crypto/zuc/rte_zuc_pmd.c                 | 18 ++++++------
 lib/librte_cryptodev/rte_crypto_sym.h            |  6 +---
 15 files changed, 88 insertions(+), 76 deletions(-)

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 18a0c2c..a101ba1 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -142,7 +142,6 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
 			sym_op->auth.digest.data = test_vector->digest.data;
 			sym_op->auth.digest.phys_addr =
 					test_vector->digest.phys_addr;
-			sym_op->auth.digest.length = options->auth_digest_sz;
 		} else {
 
 			uint32_t offset = options->test_buffer_size;
@@ -165,7 +164,6 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
 					uint8_t *, offset);
 			sym_op->auth.digest.phys_addr =
 					rte_pktmbuf_mtophys_offset(buf,	offset);
-			sym_op->auth.digest.length = options->auth_digest_sz;
 			sym_op->auth.aad.phys_addr = test_vector->aad.phys_addr;
 			sym_op->auth.aad.data = test_vector->aad.data;
 			sym_op->auth.aad.length = options->auth_aad_sz;
@@ -221,7 +219,6 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 			sym_op->auth.digest.data = test_vector->digest.data;
 			sym_op->auth.digest.phys_addr =
 					test_vector->digest.phys_addr;
-			sym_op->auth.digest.length = options->auth_digest_sz;
 		} else {
 
 			uint32_t offset = options->test_buffer_size;
@@ -244,7 +241,6 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 					uint8_t *, offset);
 			sym_op->auth.digest.phys_addr =
 					rte_pktmbuf_mtophys_offset(buf,	offset);
-			sym_op->auth.digest.length = options->auth_digest_sz;
 			sym_op->auth.aad.phys_addr = test_vector->aad.phys_addr;
 			sym_op->auth.aad.data = test_vector->aad.data;
 			sym_op->auth.aad.length = options->auth_aad_sz;
@@ -298,7 +294,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 			sym_op->auth.digest.data = test_vector->digest.data;
 			sym_op->auth.digest.phys_addr =
 					test_vector->digest.phys_addr;
-			sym_op->auth.digest.length = options->auth_digest_sz;
 		} else {
 
 			uint32_t offset = sym_op->cipher.data.length +
@@ -322,8 +317,6 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 					uint8_t *, offset);
 			sym_op->auth.digest.phys_addr =
 					rte_pktmbuf_mtophys_offset(buf,	offset);
-
-			sym_op->auth.digest.length = options->auth_digest_sz;
 		}
 
 		sym_op->auth.data.length = options->test_buffer_size;
diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
index ec00d22..31e48aa 100644
--- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
+++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
@@ -77,6 +77,7 @@ aesni_gcm_set_session_parameters(struct aesni_gcm_session *sess,
 {
 	const struct rte_crypto_sym_xform *auth_xform;
 	const struct rte_crypto_sym_xform *cipher_xform;
+	uint16_t digest_length;
 
 	if (xform->next == NULL || xform->next->next != NULL) {
 		GCM_LOG_ERR("Two and only two chained xform required");
@@ -116,6 +117,8 @@ aesni_gcm_set_session_parameters(struct aesni_gcm_session *sess,
 		return -EINVAL;
 	}
 
+	digest_length = auth_xform->auth.digest_length;
+
 	/* Check key length and calculate GCM pre-compute. */
 	switch (cipher_xform->cipher.key.length) {
 	case 16:
@@ -133,6 +136,15 @@ aesni_gcm_set_session_parameters(struct aesni_gcm_session *sess,
 		return -EINVAL;
 	}
 
+	/* Digest check */
+	if (digest_length != 16 &&
+			digest_length != 12 &&
+			digest_length != 8) {
+		GCM_LOG_ERR("digest");
+		return -EINVAL;
+	}
+	sess->digest_length = digest_length;
+
 	return 0;
 }
 
@@ -234,13 +246,6 @@ process_gcm_crypto_op(struct rte_crypto_sym_op *op,
 		*iv_padd = rte_bswap32(1);
 	}
 
-	if (op->auth.digest.length != 16 &&
-			op->auth.digest.length != 12 &&
-			op->auth.digest.length != 8) {
-		GCM_LOG_ERR("digest");
-		return -1;
-	}
-
 	if (session->op == AESNI_GCM_OP_AUTHENTICATED_ENCRYPTION) {
 
 		aesni_gcm_enc[session->key].init(&session->gdata,
@@ -270,11 +275,11 @@ process_gcm_crypto_op(struct rte_crypto_sym_op *op,
 
 		aesni_gcm_enc[session->key].finalize(&session->gdata,
 				op->auth.digest.data,
-				(uint64_t)op->auth.digest.length);
+				(uint64_t)session->digest_length);
 	} else { /* session->op == AESNI_GCM_OP_AUTHENTICATED_DECRYPTION */
 		uint8_t *auth_tag = (uint8_t *)rte_pktmbuf_append(op->m_dst ?
 				op->m_dst : op->m_src,
-				op->auth.digest.length);
+				session->digest_length);
 
 		if (!auth_tag) {
 			GCM_LOG_ERR("auth_tag");
@@ -308,7 +313,7 @@ process_gcm_crypto_op(struct rte_crypto_sym_op *op,
 
 		aesni_gcm_dec[session->key].finalize(&session->gdata,
 				auth_tag,
-				(uint64_t)op->auth.digest.length);
+				(uint64_t)session->digest_length);
 	}
 
 	return 0;
@@ -338,21 +343,21 @@ post_process_gcm_crypto_op(struct rte_crypto_op *op)
 	if (session->op == AESNI_GCM_OP_AUTHENTICATED_DECRYPTION) {
 
 		uint8_t *tag = rte_pktmbuf_mtod_offset(m, uint8_t *,
-				m->data_len - op->sym->auth.digest.length);
+				m->data_len - session->digest_length);
 
 #ifdef RTE_LIBRTE_PMD_AESNI_GCM_DEBUG
 		rte_hexdump(stdout, "auth tag (orig):",
-				op->sym->auth.digest.data, op->sym->auth.digest.length);
+				op->sym->auth.digest.data, session->digest_length);
 		rte_hexdump(stdout, "auth tag (calc):",
-				tag, op->sym->auth.digest.length);
+				tag, session->digest_length);
 #endif
 
 		if (memcmp(tag, op->sym->auth.digest.data,
-				op->sym->auth.digest.length) != 0)
+				session->digest_length) != 0)
 			op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
 
 		/* trim area used for digest from mbuf */
-		rte_pktmbuf_trim(m, op->sym->auth.digest.length);
+		rte_pktmbuf_trim(m, session->digest_length);
 	}
 }
 
diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h
index 0496b44..b27ad40 100644
--- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h
+++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_private.h
@@ -90,6 +90,8 @@ enum aesni_gcm_key {
 
 /** AESNI GCM private session structure */
 struct aesni_gcm_session {
+	uint16_t digest_length;
+	/**< Digest length */
 	enum aesni_gcm_operation op;
 	/**< GCM operation type */
 	enum aesni_gcm_key key;
diff --git a/drivers/crypto/armv8/rte_armv8_pmd.c b/drivers/crypto/armv8/rte_armv8_pmd.c
index 146e68a..3ca9007 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd.c
+++ b/drivers/crypto/armv8/rte_armv8_pmd.c
@@ -451,6 +451,9 @@ armv8_crypto_set_session_chained_parameters(struct armv8_crypto_session *sess,
 		return -EINVAL;
 	}
 
+	/* Set the digest length */
+	sess->auth.digest_length = auth_xform->auth.digest_length;
+
 	/* Verify supported key lengths and extract proper algorithm */
 	switch (cipher_xform->cipher.key.length << 3) {
 	case 128:
@@ -645,7 +648,7 @@ process_armv8_chained_op
 		}
 	} else {
 		adst = (uint8_t *)rte_pktmbuf_append(m_asrc,
-				op->sym->auth.digest.length);
+				sess->auth.digest_length);
 	}
 
 	if (unlikely(op->sym->cipher.iv.length != sess->cipher.iv_len)) {
@@ -667,12 +670,12 @@ process_armv8_chained_op
 	op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 	if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
 		if (memcmp(adst, op->sym->auth.digest.data,
-				op->sym->auth.digest.length) != 0) {
+				sess->auth.digest_length) != 0) {
 			op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
 		}
 		/* Trim area used for digest from mbuf. */
 		rte_pktmbuf_trim(m_asrc,
-				op->sym->auth.digest.length);
+				sess->auth.digest_length);
 	}
 }
 
diff --git a/drivers/crypto/armv8/rte_armv8_pmd_private.h b/drivers/crypto/armv8/rte_armv8_pmd_private.h
index b75107f..ccd5fdc 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd_private.h
+++ b/drivers/crypto/armv8/rte_armv8_pmd_private.h
@@ -196,6 +196,8 @@ struct armv8_crypto_session {
 				/**< HMAC key (max supported length)*/
 			} hmac;
 		};
+		uint16_t digest_length;
+		/* Digest length */
 	} auth;
 
 } __rte_cache_aligned;
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index ba0bfb3..336c281 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -84,7 +84,7 @@ build_authenc_fd(dpaa2_sec_session *sess,
 	struct sec_flow_context *flc;
 	uint32_t auth_only_len = sym_op->auth.data.length -
 				sym_op->cipher.data.length;
-	int icv_len = sym_op->auth.digest.length;
+	int icv_len = sess->digest_length;
 	uint8_t *old_icv;
 	uint32_t mem_len = (7 * sizeof(struct qbman_fle)) + icv_len;
 
@@ -133,7 +133,7 @@ build_authenc_fd(dpaa2_sec_session *sess,
 		   "cipher_off: 0x%x/length %d, iv-len=%d data_off: 0x%x\n",
 		   sym_op->auth.data.offset,
 		   sym_op->auth.data.length,
-		   sym_op->auth.digest.length,
+		   sess->digest_length,
 		   sym_op->cipher.data.offset,
 		   sym_op->cipher.data.length,
 		   sym_op->cipher.iv.length,
@@ -159,7 +159,7 @@ build_authenc_fd(dpaa2_sec_session *sess,
 		sge++;
 		DPAA2_SET_FLE_ADDR(sge,
 				DPAA2_VADDR_TO_IOVA(sym_op->auth.digest.data));
-		sge->length = sym_op->auth.digest.length;
+		sge->length = sess->digest_length;
 		DPAA2_SET_FD_LEN(fd, (sym_op->auth.data.length +
 					sym_op->cipher.iv.length));
 	}
@@ -175,7 +175,7 @@ build_authenc_fd(dpaa2_sec_session *sess,
 	fle->length = (sess->dir == DIR_ENC) ?
 			(sym_op->auth.data.length + sym_op->cipher.iv.length) :
 			(sym_op->auth.data.length + sym_op->cipher.iv.length +
-			 sym_op->auth.digest.length);
+			 sess->digest_length);
 
 	/* Configure Input SGE for Encap/Decap */
 	DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(sym_op->cipher.iv.data));
@@ -190,12 +190,12 @@ build_authenc_fd(dpaa2_sec_session *sess,
 		sge++;
 		old_icv = (uint8_t *)(sge + 1);
 		memcpy(old_icv,	sym_op->auth.digest.data,
-		       sym_op->auth.digest.length);
-		memset(sym_op->auth.digest.data, 0, sym_op->auth.digest.length);
+		       sess->digest_length);
+		memset(sym_op->auth.digest.data, 0, sess->digest_length);
 		DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_icv));
-		sge->length = sym_op->auth.digest.length;
+		sge->length = sess->digest_length;
 		DPAA2_SET_FD_LEN(fd, (sym_op->auth.data.length +
-				 sym_op->auth.digest.length +
+				 sess->digest_length +
 				 sym_op->cipher.iv.length));
 	}
 	DPAA2_SET_FLE_FIN(sge);
@@ -215,7 +215,7 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 	uint32_t mem_len = (sess->dir == DIR_ENC) ?
 			   (3 * sizeof(struct qbman_fle)) :
 			   (5 * sizeof(struct qbman_fle) +
-			    sym_op->auth.digest.length);
+			    sess->digest_length);
 	struct sec_flow_context *flc;
 	struct ctxt_priv *priv = sess->ctxt;
 	uint8_t *old_digest;
@@ -249,7 +249,7 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 	DPAA2_SET_FD_FLC(fd, DPAA2_VADDR_TO_IOVA(flc));
 
 	DPAA2_SET_FLE_ADDR(fle, DPAA2_VADDR_TO_IOVA(sym_op->auth.digest.data));
-	fle->length = sym_op->auth.digest.length;
+	fle->length = sess->digest_length;
 
 	DPAA2_SET_FD_ADDR(fd, DPAA2_VADDR_TO_IOVA(fle));
 	DPAA2_SET_FD_COMPOUND_FMT(fd);
@@ -280,17 +280,17 @@ build_auth_fd(dpaa2_sec_session *sess, struct rte_crypto_op *op,
 				     sym_op->m_src->data_off);
 
 		DPAA2_SET_FD_LEN(fd, sym_op->auth.data.length +
-				 sym_op->auth.digest.length);
+				 sess->digest_length);
 		sge->length = sym_op->auth.data.length;
 		sge++;
 		old_digest = (uint8_t *)(sge + 1);
 		rte_memcpy(old_digest, sym_op->auth.digest.data,
-			   sym_op->auth.digest.length);
-		memset(sym_op->auth.digest.data, 0, sym_op->auth.digest.length);
+			   sess->digest_length);
+		memset(sym_op->auth.digest.data, 0, sess->digest_length);
 		DPAA2_SET_FLE_ADDR(sge, DPAA2_VADDR_TO_IOVA(old_digest));
-		sge->length = sym_op->auth.digest.length;
+		sge->length = sess->digest_length;
 		fle->length = sym_op->auth.data.length +
-				sym_op->auth.digest.length;
+				sess->digest_length;
 		DPAA2_SET_FLE_FIN(sge);
 	}
 	DPAA2_SET_FLE_FIN(fle);
@@ -904,6 +904,8 @@ dpaa2_sec_auth_init(struct rte_cryptodev *dev,
 	authdata.key_enc_flags = 0;
 	authdata.key_type = RTA_DATA_IMM;
 
+	session->digest_length = xform->auth.digest_length;
+
 	switch (xform->auth.algo) {
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		authdata.algtype = OP_ALG_ALGSEL_SHA1;
@@ -1051,6 +1053,8 @@ dpaa2_sec_aead_init(struct rte_cryptodev *dev,
 	authdata.key_enc_flags = 0;
 	authdata.key_type = RTA_DATA_IMM;
 
+	session->digest_length = xform->auth.digest_length;
+
 	switch (auth_xform->algo) {
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		authdata.algtype = OP_ALG_ALGSEL_SHA1;
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
index f5c6169..d4ca86c 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_priv.h
@@ -187,6 +187,7 @@ typedef struct dpaa2_sec_session_entry {
 		uint8_t *data;	/**< pointer to key data */
 		size_t length;	/**< key length in bytes */
 	} auth_key;
+	uint16_t digest_length;
 	uint8_t status;
 	union {
 		struct dpaa2_sec_cipher_ctxt cipher_ctxt;
diff --git a/drivers/crypto/kasumi/rte_kasumi_pmd.c b/drivers/crypto/kasumi/rte_kasumi_pmd.c
index d089b0d..6407a7d 100644
--- a/drivers/crypto/kasumi/rte_kasumi_pmd.c
+++ b/drivers/crypto/kasumi/rte_kasumi_pmd.c
@@ -124,6 +124,12 @@ kasumi_set_session_parameters(struct kasumi_session *sess,
 		/* Only KASUMI F9 supported */
 		if (auth_xform->auth.algo != RTE_CRYPTO_AUTH_KASUMI_F9)
 			return -EINVAL;
+
+		if (auth_xform->auth.digest_length != KASUMI_DIGEST_LENGTH) {
+			KASUMI_LOG_ERR("Wrong digest length");
+			return -EINVAL;
+		}
+
 		sess->auth_op = auth_xform->auth.op;
 		/* Initialize key */
 		sso_kasumi_init_f9_key_sched(auth_xform->auth.key.data,
@@ -259,12 +265,6 @@ process_kasumi_hash_op(struct rte_crypto_op **ops,
 			break;
 		}
 
-		if (unlikely(ops[i]->sym->auth.digest.length != KASUMI_DIGEST_LENGTH)) {
-			ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
-			KASUMI_LOG_ERR("digest");
-			break;
-		}
-
 		/* Data must be byte aligned */
 		if ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {
 			ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
@@ -285,19 +285,19 @@ process_kasumi_hash_op(struct rte_crypto_op **ops,
 
 		if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
 			dst = (uint8_t *)rte_pktmbuf_append(ops[i]->sym->m_src,
-					ops[i]->sym->auth.digest.length);
+					KASUMI_DIGEST_LENGTH);
 
 			sso_kasumi_f9_1_buffer_user(&session->pKeySched_hash,
 					IV, src,
 					length_in_bits,	dst, direction);
 			/* Verify digest. */
 			if (memcmp(dst, ops[i]->sym->auth.digest.data,
-					ops[i]->sym->auth.digest.length) != 0)
+					KASUMI_DIGEST_LENGTH) != 0)
 				ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
 
 			/* Trim area used for digest from mbuf. */
 			rte_pktmbuf_trim(ops[i]->sym->m_src,
-					ops[i]->sym->auth.digest.length);
+					KASUMI_DIGEST_LENGTH);
 		} else  {
 			dst = ops[i]->sym->auth.digest.data;
 
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index a92bd88..0333526 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -365,6 +365,8 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
 		return -EINVAL;
 	}
 
+	sess->auth.digest_length = xform->auth.digest_length;
+
 	return 0;
 }
 
@@ -1116,7 +1118,7 @@ process_openssl_auth_op
 
 	if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY)
 		dst = (uint8_t *)rte_pktmbuf_append(mbuf_src,
-				op->sym->auth.digest.length);
+				sess->auth.digest_length);
 	else {
 		dst = op->sym->auth.digest.data;
 		if (dst == NULL)
@@ -1144,11 +1146,11 @@ process_openssl_auth_op
 
 	if (sess->auth.operation == RTE_CRYPTO_AUTH_OP_VERIFY) {
 		if (memcmp(dst, op->sym->auth.digest.data,
-				op->sym->auth.digest.length) != 0) {
+				sess->auth.digest_length) != 0) {
 			op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
 		}
 		/* Trim area used for digest from mbuf. */
-		rte_pktmbuf_trim(mbuf_src, op->sym->auth.digest.length);
+		rte_pktmbuf_trim(mbuf_src, sess->auth.digest_length);
 	}
 
 	if (status != 0)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_private.h b/drivers/crypto/openssl/rte_openssl_pmd_private.h
index 4d820c5..28a8e36 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_private.h
+++ b/drivers/crypto/openssl/rte_openssl_pmd_private.h
@@ -157,6 +157,9 @@ struct openssl_session {
 				/**< pointer to EVP context structure */
 			} hmac;
 		};
+
+		uint16_t digest_length;
+		/**< digest length */
 	} auth;
 
 } __rte_cache_aligned;
diff --git a/drivers/crypto/qat/qat_adf/qat_algs.h b/drivers/crypto/qat/qat_adf/qat_algs.h
index b139007..9acd68a 100644
--- a/drivers/crypto/qat/qat_adf/qat_algs.h
+++ b/drivers/crypto/qat/qat_adf/qat_algs.h
@@ -127,6 +127,7 @@ struct qat_session {
 	struct icp_qat_fw_la_bulk_req fw_req;
 	uint32_t *aad_len;
 	struct qat_crypto_instance *inst;
+	uint16_t digest_length;
 	rte_spinlock_t lock;	/* protects this struct */
 };
 
diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c
index 35edfc9..329f88a 100644
--- a/drivers/crypto/qat/qat_crypto.c
+++ b/drivers/crypto/qat/qat_crypto.c
@@ -1188,7 +1188,7 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
 	rte_hexdump(stdout, "iv:", op->sym->cipher.iv.data,
 			op->sym->cipher.iv.length);
 	rte_hexdump(stdout, "digest:", op->sym->auth.digest.data,
-			op->sym->auth.digest.length);
+			ctx->digest_length);
 	rte_hexdump(stdout, "aad:", op->sym->auth.aad.data,
 			op->sym->auth.aad.length);
 #endif
diff --git a/drivers/crypto/snow3g/rte_snow3g_pmd.c b/drivers/crypto/snow3g/rte_snow3g_pmd.c
index d928ed2..75989da 100644
--- a/drivers/crypto/snow3g/rte_snow3g_pmd.c
+++ b/drivers/crypto/snow3g/rte_snow3g_pmd.c
@@ -124,6 +124,12 @@ snow3g_set_session_parameters(struct snow3g_session *sess,
 		/* Only SNOW 3G UIA2 supported */
 		if (auth_xform->auth.algo != RTE_CRYPTO_AUTH_SNOW3G_UIA2)
 			return -EINVAL;
+
+		if (auth_xform->auth.digest_length != SNOW3G_DIGEST_LENGTH) {
+			SNOW3G_LOG_ERR("Wrong digest length");
+			return -EINVAL;
+		}
+
 		sess->auth_op = auth_xform->auth.op;
 		/* Initialize key */
 		sso_snow3g_init_key_sched(auth_xform->auth.key.data,
@@ -254,12 +260,6 @@ process_snow3g_hash_op(struct rte_crypto_op **ops,
 			break;
 		}
 
-		if (unlikely(ops[i]->sym->auth.digest.length != SNOW3G_DIGEST_LENGTH)) {
-			ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
-			SNOW3G_LOG_ERR("digest");
-			break;
-		}
-
 		/* Data must be byte aligned */
 		if ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {
 			ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
@@ -274,19 +274,19 @@ process_snow3g_hash_op(struct rte_crypto_op **ops,
 
 		if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
 			dst = (uint8_t *)rte_pktmbuf_append(ops[i]->sym->m_src,
-					ops[i]->sym->auth.digest.length);
+					SNOW3G_DIGEST_LENGTH);
 
 			sso_snow3g_f9_1_buffer(&session->pKeySched_hash,
 					ops[i]->sym->auth.aad.data, src,
 					length_in_bits,	dst);
 			/* Verify digest. */
 			if (memcmp(dst, ops[i]->sym->auth.digest.data,
-					ops[i]->sym->auth.digest.length) != 0)
+					SNOW3G_DIGEST_LENGTH) != 0)
 				ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
 
 			/* Trim area used for digest from mbuf. */
 			rte_pktmbuf_trim(ops[i]->sym->m_src,
-					ops[i]->sym->auth.digest.length);
+					SNOW3G_DIGEST_LENGTH);
 		} else  {
 			dst = ops[i]->sym->auth.digest.data;
 
diff --git a/drivers/crypto/zuc/rte_zuc_pmd.c b/drivers/crypto/zuc/rte_zuc_pmd.c
index 046c830..e7a3de8 100644
--- a/drivers/crypto/zuc/rte_zuc_pmd.c
+++ b/drivers/crypto/zuc/rte_zuc_pmd.c
@@ -123,6 +123,12 @@ zuc_set_session_parameters(struct zuc_session *sess,
 		/* Only ZUC EIA3 supported */
 		if (auth_xform->auth.algo != RTE_CRYPTO_AUTH_ZUC_EIA3)
 			return -EINVAL;
+
+		if (auth_xform->auth.digest_length != ZUC_DIGEST_LENGTH) {
+			ZUC_LOG_ERR("Wrong digest length");
+			return -EINVAL;
+		}
+
 		sess->auth_op = auth_xform->auth.op;
 		/* Copy the key */
 		memcpy(sess->pKey_hash, auth_xform->auth.key.data,
@@ -245,12 +251,6 @@ process_zuc_hash_op(struct rte_crypto_op **ops,
 			break;
 		}
 
-		if (unlikely(ops[i]->sym->auth.digest.length != ZUC_DIGEST_LENGTH)) {
-			ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
-			ZUC_LOG_ERR("digest");
-			break;
-		}
-
 		/* Data must be byte aligned */
 		if ((ops[i]->sym->auth.data.offset % BYTE_LEN) != 0) {
 			ops[i]->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
@@ -265,19 +265,19 @@ process_zuc_hash_op(struct rte_crypto_op **ops,
 
 		if (session->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
 			dst = (uint32_t *)rte_pktmbuf_append(ops[i]->sym->m_src,
-					ops[i]->sym->auth.digest.length);
+					ZUC_DIGEST_LENGTH);
 
 			sso_zuc_eia3_1_buffer(session->pKey_hash,
 					ops[i]->sym->auth.aad.data, src,
 					length_in_bits,	dst);
 			/* Verify digest. */
 			if (memcmp(dst, ops[i]->sym->auth.digest.data,
-					ops[i]->sym->auth.digest.length) != 0)
+					ZUC_DIGEST_LENGTH) != 0)
 				ops[i]->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
 
 			/* Trim area used for digest from mbuf. */
 			rte_pktmbuf_trim(ops[i]->sym->m_src,
-					ops[i]->sym->auth.digest.length);
+					ZUC_DIGEST_LENGTH);
 		} else  {
 			dst = (uint32_t *)ops[i]->sym->auth.digest.data;
 
diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index 08f4d02..982a97c 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -305,7 +305,7 @@ struct rte_crypto_auth_xform {
 	 * (for example RFC 2104, FIPS 198a).
 	 */
 
-	uint32_t digest_length;
+	uint16_t digest_length;
 	/**< Length of the digest to be returned. If the verify option is set,
 	 * this specifies the length of the digest to be compared for the
 	 * session.
@@ -553,10 +553,6 @@ struct rte_crypto_sym_op {
 			 */
 			phys_addr_t phys_addr;
 			/**< Physical address of digest */
-			uint16_t length;
-			/**< Length of digest. This must be the same value as
-			 * @ref rte_crypto_auth_xform.digest_length.
-			 */
 		} digest; /**< Digest parameters */
 
 		struct {
-- 
2.7.4

  parent reply	other threads:[~2017-05-28 21:05 UTC|newest]

Thread overview: 100+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-28 21:05 [dpdk-dev] [PATCH 00/13] Crypto operation restructuring Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 01/13] cryptodev: move session type to generic crypto op Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 02/13] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 03/13] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 04/13] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 05/13] cryptodev: add crypto op helper macros Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 06/13] cryptodev: remove additional auth data from xform Pablo de Lara
2017-05-28 21:05 ` Pablo de Lara [this message]
2017-05-28 21:05 ` [dpdk-dev] [PATCH 08/13] app/crypto-perf: move IV to crypto op private data Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 09/13] cryptodev: pass IV as offset Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 10/13] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 11/13] drivers/crypto: do not use AAD in wireless algorithms Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 12/13] cryptodev: aad AEAD specific data Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 13/13] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 00/27] Crypto operation restructuring Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 01/27] cryptodev: move session type to generic crypto op Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 02/27] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 03/27] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 04/27] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 05/27] cryptodev: remove useless alignment Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 06/27] cryptodev: add crypto op helper macros Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 07/27] crypto/qat: fix KASUMI authentication Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 08/27] test/crypto: move IV to crypto op private data Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 09/27] test/crypto-perf: " Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 10/27] app/crypto-perf: " Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 11/27] examples/l2fwd-crypto: " Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 12/27] examples/ipsec-secgw: " Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 13/27] cryptodev: pass IV as offset Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 14/27] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 15/27] cryptodev: add auth IV Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 16/27] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 17/27] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 18/27] cryptodev: remove digest " Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 19/27] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 20/27] cryptodev: add AEAD specific data Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 21/27] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 22/27] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 23/27] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 24/27] examples/ipsec-secgw: " Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 25/27] examples/l2fwd-crypto: " Pablo de Lara
2017-06-26 10:22   ` [dpdk-dev] [PATCH v2 26/27] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-06-26 10:23   ` [dpdk-dev] [PATCH v2 27/27] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-06-29 11:34   ` [dpdk-dev] [PATCH v3 00/26] Crypto operation restructuring Pablo de Lara
2017-06-29 11:34     ` [dpdk-dev] [PATCH v3 01/26] cryptodev: move session type to generic crypto op Pablo de Lara
2017-06-29 11:34     ` [dpdk-dev] [PATCH v3 02/26] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-06-29 11:34     ` [dpdk-dev] [PATCH v3 03/26] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-06-29 11:34     ` [dpdk-dev] [PATCH v3 04/26] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 05/26] cryptodev: remove useless alignment Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 06/26] cryptodev: add crypto op helper macros Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 07/26] test/crypto: move IV to crypto op private data Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 08/26] test/crypto-perf: " Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 09/26] app/crypto-perf: " Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 10/26] examples/l2fwd-crypto: " Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 11/26] examples/ipsec-secgw: " Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 12/26] cryptodev: pass IV as offset Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 13/26] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 14/26] cryptodev: add auth IV Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 15/26] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 16/26] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 17/26] cryptodev: remove digest " Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 18/26] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 19/26] cryptodev: add AEAD specific data Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 20/26] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 21/26] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 22/26] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 23/26] examples/ipsec-secgw: " Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 24/26] examples/l2fwd-crypto: " Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 25/26] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-06-29 11:35     ` [dpdk-dev] [PATCH v3 26/26] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-06-30 13:23     ` [dpdk-dev] [PATCH v3 00/26] Crypto operation restructuring Trahe, Fiona
2017-07-02  5:41     ` [dpdk-dev] [PATCH v4 " Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 01/26] cryptodev: move session type to generic crypto op Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 02/26] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 03/26] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 04/26] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 05/26] cryptodev: remove useless alignment Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 06/26] cryptodev: add crypto op helper macros Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 07/26] test/crypto: move IV to crypto op private data Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 08/26] test/crypto-perf: " Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 09/26] app/crypto-perf: " Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 10/26] examples/l2fwd-crypto: " Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 11/26] examples/ipsec-secgw: " Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 12/26] cryptodev: pass IV as offset Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 13/26] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 14/26] cryptodev: add auth IV Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 15/26] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 16/26] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 17/26] cryptodev: remove digest " Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 18/26] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 19/26] cryptodev: add AEAD specific data Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 20/26] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 21/26] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 22/26] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 23/26] examples/ipsec-secgw: " Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 24/26] examples/l2fwd-crypto: " Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 25/26] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-07-02  5:41       ` [dpdk-dev] [PATCH v4 26/26] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-07-03 15:44       ` [dpdk-dev] [PATCH v4 00/26] Crypto operation restructuring Declan Doherty
2017-07-03 16:27         ` De Lara Guarch, Pablo
2017-06-29 16:39   ` [dpdk-dev] [PATCH v2 00/27] " Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1496005522-134934-8-git-send-email-pablo.de.lara.guarch@intel.com \
    --to=pablo.de.lara.guarch@intel.com \
    --cc=akhil.goyal@nxp.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=hemant.agrawal@nxp.com \
    --cc=jerin.jacob@caviumnetworks.com \
    --cc=zbigniew.bodek@caviumnetworks.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).