From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: declan.doherty@intel.com, zbigniew.bodek@caviumnetworks.com,
jerin.jacob@caviumnetworks.com, akhil.goyal@nxp.com,
hemant.agrawal@nxp.com
Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>
Subject: [dpdk-dev] [PATCH v2 25/27] examples/l2fwd-crypto: add AEAD parameters
Date: Mon, 26 Jun 2017 11:22:58 +0100 [thread overview]
Message-ID: <20170626102300.56637-26-pablo.de.lara.guarch@intel.com> (raw)
In-Reply-To: <20170626102300.56637-1-pablo.de.lara.guarch@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
doc/guides/sample_app_ug/l2_forward_crypto.rst | 24 +-
examples/l2fwd-crypto/main.c | 388 +++++++++++++++++++++----
2 files changed, 357 insertions(+), 55 deletions(-)
diff --git a/doc/guides/sample_app_ug/l2_forward_crypto.rst b/doc/guides/sample_app_ug/l2_forward_crypto.rst
index b9aa573..2880c43 100644
--- a/doc/guides/sample_app_ug/l2_forward_crypto.rst
+++ b/doc/guides/sample_app_ug/l2_forward_crypto.rst
@@ -110,7 +110,9 @@ where,
* chain: select the operation chaining to perform: Cipher->Hash (CIPHER_HASH),
- Hash->Cipher (HASH_CIPHER), Cipher (CIPHER_ONLY), Hash(HASH_ONLY)
+ Hash->Cipher (HASH_CIPHER), Cipher (CIPHER_ONLY), Hash (HASH_ONLY)
+
+ or AEAD (AEAD)
(default is Cipher->Hash)
@@ -154,6 +156,26 @@ where,
Note that if --auth_iv is used, this will be ignored.
+* aead_algo: select the AEAD algorithm
+
+* aead_op: select the AEAD operation to perform: ENCRYPT or DECRYPT
+
+ (default is ENCRYPT)
+
+* aead_key: set the AEAD key to be used. Bytes has to be separated with ":"
+
+* aead_key_random_size: set the size of the AEAD key,
+
+ which will be generated randomly.
+
+ Note that if --aead_key is used, this will be ignored.
+
+* aead_iv: set the AEAD IV to be used. Bytes has to be separated with ":"
+
+* aead_iv_random_size: set the size of the AEAD IV, which will be generated randomly.
+
+ Note that if --aead_iv is used, this will be ignored.
+
* aad: set the AAD to be used. Bytes has to be separated with ":"
* aad_random_size: set the size of the AAD, which will be generated randomly.
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index fb829e3..914f8ed 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -130,7 +130,8 @@ enum l2fwd_crypto_xform_chain {
L2FWD_CRYPTO_CIPHER_HASH,
L2FWD_CRYPTO_HASH_CIPHER,
L2FWD_CRYPTO_CIPHER_ONLY,
- L2FWD_CRYPTO_HASH_ONLY
+ L2FWD_CRYPTO_HASH_ONLY,
+ L2FWD_CRYPTO_AEAD
};
struct l2fwd_key {
@@ -172,6 +173,14 @@ struct l2fwd_crypto_options {
unsigned int auth_iv_param;
int auth_iv_random_size;
+ struct rte_crypto_sym_xform aead_xform;
+ unsigned int aead_key_param;
+ int aead_key_random_size;
+
+ struct l2fwd_iv aead_iv;
+ unsigned int aead_iv_param;
+ int aead_iv_random_size;
+
struct l2fwd_key aad;
unsigned aad_param;
int aad_random_size;
@@ -194,15 +203,18 @@ struct l2fwd_crypto_params {
struct l2fwd_iv cipher_iv;
struct l2fwd_iv auth_iv;
+ struct l2fwd_iv aead_iv;
struct l2fwd_key aad;
struct rte_cryptodev_sym_session *session;
uint8_t do_cipher;
uint8_t do_hash;
+ uint8_t do_aead;
uint8_t hash_verify;
enum rte_crypto_cipher_algorithm cipher_algo;
enum rte_crypto_auth_algorithm auth_algo;
+ enum rte_crypto_aead_algorithm aead_algo;
};
/** lcore configuration */
@@ -492,14 +504,6 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m,
op->sym->auth.data.offset = ipdata_offset;
op->sym->auth.data.length = data_len;
}
-
- if (cparams->aad.length) {
- op->sym->auth.aad.data = cparams->aad.data;
- op->sym->auth.aad.phys_addr = cparams->aad.phys_addr;
- } else {
- op->sym->auth.aad.data = NULL;
- op->sym->auth.aad.phys_addr = 0;
- }
}
if (cparams->do_cipher) {
@@ -521,6 +525,33 @@ l2fwd_simple_crypto_enqueue(struct rte_mbuf *m,
}
}
+ if (cparams->do_aead) {
+ uint8_t *iv_ptr = rte_crypto_op_ctod_offset(op, uint8_t *,
+ IV_OFFSET);
+ /* Copy IV at the end of the crypto operation */
+ rte_memcpy(iv_ptr, cparams->aead_iv.data, cparams->aead_iv.length);
+
+ op->sym->aead.data.offset = ipdata_offset;
+ op->sym->aead.data.length = data_len;
+
+ if (!cparams->hash_verify) {
+ /* Append space for digest to end of packet */
+ op->sym->aead.digest.data = (uint8_t *)rte_pktmbuf_append(m,
+ cparams->digest_length);
+ } else {
+ op->sym->aead.digest.data = rte_pktmbuf_mtod(m,
+ uint8_t *) + ipdata_offset + data_len;
+ }
+
+ op->sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(m,
+ rte_pktmbuf_pkt_len(m) - cparams->digest_length);
+
+ if (cparams->aad.length) {
+ op->sym->aead.aad.data = cparams->aad.data;
+ op->sym->aead.aad.phys_addr = cparams->aad.phys_addr;
+ }
+ }
+
op->sym->m_src = m;
return l2fwd_crypto_enqueue(op, cparams);
@@ -617,7 +648,9 @@ initialize_crypto_session(struct l2fwd_crypto_options *options,
{
struct rte_crypto_sym_xform *first_xform;
- if (options->xform_chain == L2FWD_CRYPTO_CIPHER_HASH) {
+ if (options->xform_chain == L2FWD_CRYPTO_AEAD) {
+ first_xform = &options->aead_xform;
+ } else if (options->xform_chain == L2FWD_CRYPTO_CIPHER_HASH) {
first_xform = &options->cipher_xform;
first_xform->next = &options->auth_xform;
} else if (options->xform_chain == L2FWD_CRYPTO_HASH_CIPHER) {
@@ -669,8 +702,12 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
for (i = 0; i < qconf->nb_crypto_devs; i++) {
port_cparams[i].do_cipher = 0;
port_cparams[i].do_hash = 0;
+ port_cparams[i].do_aead = 0;
switch (options->xform_chain) {
+ case L2FWD_CRYPTO_AEAD:
+ port_cparams[i].do_aead = 1;
+ break;
case L2FWD_CRYPTO_CIPHER_HASH:
case L2FWD_CRYPTO_HASH_CIPHER:
port_cparams[i].do_cipher = 1;
@@ -695,6 +732,12 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
if (!options->auth_iv_param)
generate_random_key(port_cparams[i].auth_iv.data,
port_cparams[i].auth_iv.length);
+ if (options->auth_xform.auth.op == RTE_CRYPTO_AUTH_OP_VERIFY)
+ port_cparams[i].hash_verify = 1;
+ else
+ port_cparams[i].hash_verify = 0;
+
+ port_cparams[i].auth_algo = options->auth_xform.auth.algo;
/* Set IV parameters */
if (options->auth_iv.length) {
options->auth_xform.auth.iv.offset =
@@ -702,11 +745,16 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
options->auth_xform.auth.iv.length =
options->auth_iv.length;
}
+ }
+
+ if (port_cparams[i].do_aead) {
+ port_cparams[i].aead_algo = options->aead_xform.aead.algo;
port_cparams[i].digest_length =
- options->auth_xform.auth.digest_length;
- if (options->auth_xform.auth.add_auth_data_length) {
+ options->aead_xform.aead.digest_length;
+ if (options->aead_xform.aead.add_auth_data_length) {
port_cparams[i].aad.data = options->aad.data;
port_cparams[i].aad.phys_addr = options->aad.phys_addr;
+ port_cparams[i].aad.length = options->aad.length;
if (!options->aad_param)
generate_random_key(port_cparams[i].aad.data,
port_cparams[i].aad.length);
@@ -714,12 +762,14 @@ l2fwd_main_loop(struct l2fwd_crypto_options *options)
} else
port_cparams[i].aad.length = 0;
- if (options->auth_xform.auth.op == RTE_CRYPTO_AUTH_OP_VERIFY)
+ if (options->aead_xform.aead.op == RTE_CRYPTO_AEAD_OP_DECRYPT)
port_cparams[i].hash_verify = 1;
else
port_cparams[i].hash_verify = 0;
- port_cparams[i].auth_algo = options->auth_xform.auth.algo;
+ /* Set IV parameters */
+ options->aead_xform.aead.iv.offset = IV_OFFSET;
+ options->aead_xform.aead.iv.length = options->aead_iv.length;
}
if (port_cparams[i].do_cipher) {
@@ -881,7 +931,7 @@ l2fwd_crypto_usage(const char *prgname)
" --cdev_type HW / SW / ANY\n"
" --chain HASH_CIPHER / CIPHER_HASH / CIPHER_ONLY /"
- " HASH_ONLY\n"
+ " HASH_ONLY / AEAD\n"
" --cipher_algo ALGO\n"
" --cipher_op ENCRYPT / DECRYPT\n"
@@ -896,8 +946,16 @@ l2fwd_crypto_usage(const char *prgname)
" --auth_key_random_size SIZE: size of auth key when generated randomly\n"
" --auth_iv IV (bytes separated with \":\")\n"
" --auth_iv_random_size SIZE: size of auth IV when generated randomly\n"
+
+ " --aead_algo ALGO\n"
+ " --aead_op ENCRYPT / DECRYPT\n"
+ " --aead_key KEY (bytes separated with \":\")\n"
+ " --aead_key_random_size SIZE: size of AEAD key when generated randomly\n"
+ " --aead_iv IV (bytes separated with \":\")\n"
+ " --aead_iv_random_size SIZE: size of AEAD IV when generated randomly\n"
" --aad AAD (bytes separated with \":\")\n"
" --aad_random_size SIZE: size of AAD when generated randomly\n"
+
" --digest_size SIZE: size of digest to be generated/verified\n"
" --sessionless\n"
@@ -939,6 +997,9 @@ parse_crypto_opt_chain(struct l2fwd_crypto_options *options, char *optarg)
} else if (strcmp("HASH_ONLY", optarg) == 0) {
options->xform_chain = L2FWD_CRYPTO_HASH_ONLY;
return 0;
+ } else if (strcmp("AEAD", optarg) == 0) {
+ options->xform_chain = L2FWD_CRYPTO_AEAD;
+ return 0;
}
return -1;
@@ -1046,6 +1107,32 @@ parse_auth_op(enum rte_crypto_auth_operation *op, char *optarg)
}
static int
+parse_aead_algo(enum rte_crypto_aead_algorithm *algo, char *optarg)
+{
+ if (rte_cryptodev_get_aead_algo_enum(algo, optarg) < 0) {
+ RTE_LOG(ERR, USER1, "AEAD algorithm specified "
+ "not supported!\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+static int
+parse_aead_op(enum rte_crypto_aead_operation *op, char *optarg)
+{
+ if (strcmp("ENCRYPT", optarg) == 0) {
+ *op = RTE_CRYPTO_AEAD_OP_ENCRYPT;
+ return 0;
+ } else if (strcmp("DECRYPT", optarg) == 0) {
+ *op = RTE_CRYPTO_AEAD_OP_DECRYPT;
+ return 0;
+ }
+
+ printf("AEAD operation specified not supported!\n");
+ return -1;
+}
+static int
parse_cryptodev_mask(struct l2fwd_crypto_options *options,
const char *q_arg)
{
@@ -1143,7 +1230,6 @@ l2fwd_crypto_parse_args_long_options(struct l2fwd_crypto_options *options,
return parse_size(&options->akey_random_size, optarg);
}
-
else if (strcmp(lgopts[option_index].name, "auth_iv") == 0) {
options->auth_iv_param = 1;
options->auth_iv.length =
@@ -1157,6 +1243,43 @@ l2fwd_crypto_parse_args_long_options(struct l2fwd_crypto_options *options,
else if (strcmp(lgopts[option_index].name, "auth_iv_random_size") == 0)
return parse_size(&options->auth_iv_random_size, optarg);
+ /* AEAD options */
+ else if (strcmp(lgopts[option_index].name, "aead_algo") == 0) {
+ return parse_aead_algo(&options->aead_xform.aead.algo,
+ optarg);
+ }
+
+ else if (strcmp(lgopts[option_index].name, "aead_op") == 0)
+ return parse_aead_op(&options->aead_xform.aead.op,
+ optarg);
+
+ else if (strcmp(lgopts[option_index].name, "aead_key") == 0) {
+ options->aead_key_param = 1;
+ options->aead_xform.aead.key.length =
+ parse_key(options->aead_xform.aead.key.data, optarg);
+ if (options->aead_xform.aead.key.length > 0)
+ return 0;
+ else
+ return -1;
+ }
+
+ else if (strcmp(lgopts[option_index].name, "aead_key_random_size") == 0)
+ return parse_size(&options->aead_key_random_size, optarg);
+
+
+ else if (strcmp(lgopts[option_index].name, "aead_iv") == 0) {
+ options->aead_iv_param = 1;
+ options->aead_iv.length =
+ parse_key(options->aead_iv.data, optarg);
+ if (options->aead_iv.length > 0)
+ return 0;
+ else
+ return -1;
+ }
+
+ else if (strcmp(lgopts[option_index].name, "aead_iv_random_size") == 0)
+ return parse_size(&options->aead_iv_random_size, optarg);
+
else if (strcmp(lgopts[option_index].name, "aad") == 0) {
options->aad_param = 1;
options->aad.length =
@@ -1291,13 +1414,25 @@ l2fwd_crypto_default_options(struct l2fwd_crypto_options *options)
options->auth_iv_param = 0;
options->auth_iv_random_size = -1;
options->auth_iv.length = 0;
+
+ options->auth_xform.auth.algo = RTE_CRYPTO_AUTH_SHA1_HMAC;
+ options->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+
+ /* AEAD Data */
+ options->aead_xform.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+ options->aead_xform.next = NULL;
+ options->aead_key_param = 0;
+ options->aead_key_random_size = -1;
+ options->aead_xform.aead.key.length = 0;
+ options->aead_iv_param = 0;
+ options->aead_iv_random_size = -1;
+ options->aead_iv.length = 0;
+
options->aad_param = 0;
options->aad_random_size = -1;
options->aad.length = 0;
- options->digest_size = -1;
- options->auth_xform.auth.algo = RTE_CRYPTO_AUTH_SHA1_HMAC;
- options->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+ options->digest_size = -1;
options->type = CDEV_TYPE_ANY;
options->cryptodev_mask = UINT64_MAX;
@@ -1325,6 +1460,18 @@ display_auth_info(struct l2fwd_crypto_options *options)
options->auth_xform.auth.key.data,
options->auth_xform.auth.key.length);
rte_hexdump(stdout, "IV:", options->auth_iv.data, options->auth_iv.length);
+}
+
+static void
+display_aead_info(struct l2fwd_crypto_options *options)
+{
+ printf("\n---- AEAD information ---\n");
+ printf("Algorithm: %s\n",
+ rte_crypto_aead_algorithm_strings[options->aead_xform.aead.algo]);
+ rte_hexdump(stdout, "AEAD key:",
+ options->aead_xform.aead.key.data,
+ options->aead_xform.aead.key.length);
+ rte_hexdump(stdout, "IV:", options->aead_iv.data, options->aead_iv.length);
rte_hexdump(stdout, "AAD:", options->aad.data, options->aad.length);
}
@@ -1333,6 +1480,7 @@ l2fwd_crypto_options_print(struct l2fwd_crypto_options *options)
{
char string_cipher_op[MAX_STR_LEN];
char string_auth_op[MAX_STR_LEN];
+ char string_aead_op[MAX_STR_LEN];
if (options->cipher_xform.cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
strcpy(string_cipher_op, "Encrypt");
@@ -1344,6 +1492,12 @@ l2fwd_crypto_options_print(struct l2fwd_crypto_options *options)
else
strcpy(string_auth_op, "Auth verify");
+ if (options->aead_xform.aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT)
+ strcpy(string_aead_op, "Authenticated encryption");
+ else
+ strcpy(string_aead_op, "Authenticated decryption");
+
+
printf("Options:-\nn");
printf("portmask: %x\n", options->portmask);
printf("ports per lcore: %u\n", options->nb_ports_per_lcore);
@@ -1373,6 +1527,10 @@ l2fwd_crypto_options_print(struct l2fwd_crypto_options *options)
printf("\nCrypto chain: ");
switch (options->xform_chain) {
+ case L2FWD_CRYPTO_AEAD:
+ printf("Input --> %s --> Output\n", string_aead_op);
+ display_aead_info(options);
+ break;
case L2FWD_CRYPTO_CIPHER_HASH:
printf("Input --> %s --> %s --> Output\n",
string_cipher_op, string_auth_op);
@@ -1424,8 +1582,16 @@ l2fwd_crypto_parse_args(struct l2fwd_crypto_options *options,
{ "auth_iv", required_argument, 0, 0 },
{ "auth_iv_random_size", required_argument, 0, 0 },
+ { "aead_algo", required_argument, 0, 0 },
+ { "aead_op", required_argument, 0, 0 },
+ { "aead_key", required_argument, 0, 0 },
+ { "aead_key_random_size", required_argument, 0, 0 },
+ { "aead_iv", required_argument, 0, 0 },
+ { "aead_iv_random_size", required_argument, 0, 0 },
+
{ "aad", required_argument, 0, 0 },
{ "aad_random_size", required_argument, 0, 0 },
+
{ "digest_size", required_argument, 0, 0 },
{ "sessionless", no_argument, 0, 0 },
@@ -1639,6 +1805,40 @@ check_device_support_auth_algo(const struct l2fwd_crypto_options *options,
return cap;
}
+static const struct rte_cryptodev_capabilities *
+check_device_support_aead_algo(const struct l2fwd_crypto_options *options,
+ const struct rte_cryptodev_info *dev_info,
+ uint8_t cdev_id)
+{
+ unsigned int i = 0;
+ const struct rte_cryptodev_capabilities *cap = &dev_info->capabilities[0];
+ enum rte_crypto_aead_algorithm cap_aead_algo;
+ enum rte_crypto_aead_algorithm opt_aead_algo =
+ options->aead_xform.aead.algo;
+
+ while (cap->op != RTE_CRYPTO_OP_TYPE_UNDEFINED) {
+ cap_aead_algo = cap->sym.aead.algo;
+ if (cap->sym.xform_type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+ if (cap_aead_algo == opt_aead_algo) {
+ if (check_type(options, dev_info) == 0)
+ break;
+ }
+ }
+ cap = &dev_info->capabilities[++i];
+ }
+
+ if (cap->op == RTE_CRYPTO_OP_TYPE_UNDEFINED) {
+ printf("Algorithm %s not supported by cryptodev %u"
+ " or device not of preferred type (%s)\n",
+ rte_crypto_aead_algorithm_strings[opt_aead_algo],
+ cdev_id,
+ options->string_type);
+ return NULL;
+ }
+
+ return cap;
+}
+
/* Check if the device is enabled by cryptodev_mask */
static int
check_cryptodev_mask(struct l2fwd_crypto_options *options,
@@ -1745,6 +1945,112 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,
rte_cryptodev_info_get(cdev_id, &dev_info);
+ /* Set AEAD parameters */
+ if (options->xform_chain == L2FWD_CRYPTO_AEAD) {
+ /* Check if device supports AEAD algo */
+ cap = check_device_support_aead_algo(options, &dev_info,
+ cdev_id);
+ if (cap == NULL)
+ continue;
+
+ options->block_size = cap->sym.aead.block_size;
+
+ check_iv_param(&cap->sym.aead.iv_size,
+ options->aead_iv_param,
+ options->aead_iv_random_size,
+ &options->aead_iv.length);
+
+ /*
+ * Check if length of provided AEAD key is supported
+ * by the algorithm chosen.
+ */
+ if (options->aead_key_param) {
+ if (check_supported_size(
+ options->aead_xform.aead.key.length,
+ cap->sym.aead.key_size.min,
+ cap->sym.aead.key_size.max,
+ cap->sym.aead.key_size.increment)
+ != 0) {
+ printf("Unsupported aead key length\n");
+ return -1;
+ }
+ /*
+ * Check if length of the aead key to be randomly generated
+ * is supported by the algorithm chosen.
+ */
+ } else if (options->aead_key_random_size != -1) {
+ if (check_supported_size(options->ckey_random_size,
+ cap->sym.aead.key_size.min,
+ cap->sym.aead.key_size.max,
+ cap->sym.aead.key_size.increment)
+ != 0) {
+ printf("Unsupported aead key length\n");
+ return -1;
+ }
+ options->aead_xform.aead.key.length =
+ options->ckey_random_size;
+ /* No size provided, use minimum size. */
+ } else
+ options->aead_xform.aead.key.length =
+ cap->sym.aead.key_size.min;
+
+ if (!options->aead_key_param)
+ generate_random_key(
+ options->aead_xform.aead.key.data,
+ options->aead_xform.aead.key.length);
+
+ /*
+ * Check if length of provided AAD is supported
+ * by the algorithm chosen.
+ */
+ if (options->aad_param) {
+ if (check_supported_size(options->aad.length,
+ cap->sym.aead.aad_size.min,
+ cap->sym.aead.aad_size.max,
+ cap->sym.aead.aad_size.increment)
+ != 0) {
+ printf("Unsupported AAD length\n");
+ return -1;
+ }
+ /*
+ * Check if length of AAD to be randomly generated
+ * is supported by the algorithm chosen.
+ */
+ } else if (options->aad_random_size != -1) {
+ if (check_supported_size(options->aad_random_size,
+ cap->sym.aead.aad_size.min,
+ cap->sym.aead.aad_size.max,
+ cap->sym.aead.aad_size.increment)
+ != 0) {
+ printf("Unsupported AAD length\n");
+ return -1;
+ }
+ options->aad.length = options->aad_random_size;
+ /* No size provided, use minimum size. */
+ } else
+ options->aad.length = cap->sym.auth.aad_size.min;
+
+ options->aead_xform.aead.add_auth_data_length =
+ options->aad.length;
+
+ /* Check if digest size is supported by the algorithm. */
+ if (options->digest_size != -1) {
+ if (check_supported_size(options->digest_size,
+ cap->sym.aead.digest_size.min,
+ cap->sym.aead.digest_size.max,
+ cap->sym.aead.digest_size.increment)
+ != 0) {
+ printf("Unsupported digest length\n");
+ return -1;
+ }
+ options->aead_xform.aead.digest_length =
+ options->digest_size;
+ /* No size provided, use minimum size. */
+ } else
+ options->aead_xform.aead.digest_length =
+ cap->sym.aead.digest_size.min;
+ }
+
/* Set cipher parameters */
if (options->xform_chain == L2FWD_CRYPTO_CIPHER_HASH ||
options->xform_chain == L2FWD_CRYPTO_HASH_CIPHER ||
@@ -1818,40 +2124,6 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,
options->auth_iv_random_size,
&options->auth_iv.length);
/*
- * Check if length of provided AAD is supported
- * by the algorithm chosen.
- */
- if (options->aad_param) {
- if (check_supported_size(options->aad.length,
- cap->sym.auth.aad_size.min,
- cap->sym.auth.aad_size.max,
- cap->sym.auth.aad_size.increment)
- != 0) {
- printf("Unsupported AAD length\n");
- return -1;
- }
- /*
- * Check if length of AAD to be randomly generated
- * is supported by the algorithm chosen.
- */
- } else if (options->aad_random_size != -1) {
- if (check_supported_size(options->aad_random_size,
- cap->sym.auth.aad_size.min,
- cap->sym.auth.aad_size.max,
- cap->sym.auth.aad_size.increment)
- != 0) {
- printf("Unsupported AAD length\n");
- return -1;
- }
- options->aad.length = options->aad_random_size;
- /* No size provided, use minimum size. */
- } else
- options->aad.length = cap->sym.auth.aad_size.min;
-
- options->auth_xform.auth.add_auth_data_length =
- options->aad.length;
-
- /*
* Check if length of provided auth key is supported
* by the algorithm chosen.
*/
@@ -2052,12 +2324,16 @@ reserve_key_memory(struct l2fwd_crypto_options *options)
if (options->cipher_xform.cipher.key.data == NULL)
rte_exit(EXIT_FAILURE, "Failed to allocate memory for cipher key");
-
options->auth_xform.auth.key.data = rte_malloc("auth key",
MAX_KEY_SIZE, 0);
if (options->auth_xform.auth.key.data == NULL)
rte_exit(EXIT_FAILURE, "Failed to allocate memory for auth key");
+ options->aead_xform.aead.key.data = rte_malloc("aead key",
+ MAX_KEY_SIZE, 0);
+ if (options->aead_xform.aead.key.data == NULL)
+ rte_exit(EXIT_FAILURE, "Failed to allocate memory for AEAD key");
+
options->cipher_iv.data = rte_malloc("cipher iv", MAX_KEY_SIZE, 0);
if (options->cipher_iv.data == NULL)
rte_exit(EXIT_FAILURE, "Failed to allocate memory for cipher IV");
@@ -2066,6 +2342,10 @@ reserve_key_memory(struct l2fwd_crypto_options *options)
if (options->auth_iv.data == NULL)
rte_exit(EXIT_FAILURE, "Failed to allocate memory for auth IV");
+ options->aead_iv.data = rte_malloc("aead_iv", MAX_KEY_SIZE, 0);
+ if (options->aead_iv.data == NULL)
+ rte_exit(EXIT_FAILURE, "Failed to allocate memory for AEAD iv");
+
options->aad.data = rte_malloc("aad", MAX_KEY_SIZE, 0);
if (options->aad.data == NULL)
rte_exit(EXIT_FAILURE, "Failed to allocate memory for AAD");
--
2.9.4
next prev parent reply other threads:[~2017-06-26 18:23 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-28 21:05 [dpdk-dev] [PATCH 00/13] Crypto operation restructuring Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 01/13] cryptodev: move session type to generic crypto op Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 02/13] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 03/13] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 04/13] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 05/13] cryptodev: add crypto op helper macros Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 06/13] cryptodev: remove additional auth data from xform Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 07/13] cryptodev: remove digest length from crypto op Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 08/13] app/crypto-perf: move IV to crypto op private data Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 09/13] cryptodev: pass IV as offset Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 10/13] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 11/13] drivers/crypto: do not use AAD in wireless algorithms Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 12/13] cryptodev: aad AEAD specific data Pablo de Lara
2017-05-28 21:05 ` [dpdk-dev] [PATCH 13/13] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 00/27] Crypto operation restructuring Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 01/27] cryptodev: move session type to generic crypto op Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 02/27] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 03/27] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 04/27] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 05/27] cryptodev: remove useless alignment Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 06/27] cryptodev: add crypto op helper macros Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 07/27] crypto/qat: fix KASUMI authentication Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 08/27] test/crypto: move IV to crypto op private data Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 09/27] test/crypto-perf: " Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 10/27] app/crypto-perf: " Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 11/27] examples/l2fwd-crypto: " Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 12/27] examples/ipsec-secgw: " Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 13/27] cryptodev: pass IV as offset Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 14/27] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 15/27] cryptodev: add auth IV Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 16/27] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 17/27] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 18/27] cryptodev: remove digest " Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 19/27] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 20/27] cryptodev: add AEAD specific data Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 21/27] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 22/27] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 23/27] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 24/27] examples/ipsec-secgw: " Pablo de Lara
2017-06-26 10:22 ` Pablo de Lara [this message]
2017-06-26 10:22 ` [dpdk-dev] [PATCH v2 26/27] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-06-26 10:23 ` [dpdk-dev] [PATCH v2 27/27] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-06-29 11:34 ` [dpdk-dev] [PATCH v3 00/26] Crypto operation restructuring Pablo de Lara
2017-06-29 11:34 ` [dpdk-dev] [PATCH v3 01/26] cryptodev: move session type to generic crypto op Pablo de Lara
2017-06-29 11:34 ` [dpdk-dev] [PATCH v3 02/26] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-06-29 11:34 ` [dpdk-dev] [PATCH v3 03/26] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-06-29 11:34 ` [dpdk-dev] [PATCH v3 04/26] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 05/26] cryptodev: remove useless alignment Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 06/26] cryptodev: add crypto op helper macros Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 07/26] test/crypto: move IV to crypto op private data Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 08/26] test/crypto-perf: " Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 09/26] app/crypto-perf: " Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 10/26] examples/l2fwd-crypto: " Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 11/26] examples/ipsec-secgw: " Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 12/26] cryptodev: pass IV as offset Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 13/26] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 14/26] cryptodev: add auth IV Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 15/26] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 16/26] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 17/26] cryptodev: remove digest " Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 18/26] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 19/26] cryptodev: add AEAD specific data Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 20/26] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 21/26] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 22/26] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 23/26] examples/ipsec-secgw: " Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 24/26] examples/l2fwd-crypto: " Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 25/26] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-06-29 11:35 ` [dpdk-dev] [PATCH v3 26/26] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-06-30 13:23 ` [dpdk-dev] [PATCH v3 00/26] Crypto operation restructuring Trahe, Fiona
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 " Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 01/26] cryptodev: move session type to generic crypto op Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 02/26] cryptodev: replace enums with 1-byte variables Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 03/26] cryptodev: remove opaque data pointer in crypto op Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 04/26] cryptodev: do not store pointer to op specific params Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 05/26] cryptodev: remove useless alignment Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 06/26] cryptodev: add crypto op helper macros Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 07/26] test/crypto: move IV to crypto op private data Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 08/26] test/crypto-perf: " Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 09/26] app/crypto-perf: " Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 10/26] examples/l2fwd-crypto: " Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 11/26] examples/ipsec-secgw: " Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 12/26] cryptodev: pass IV as offset Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 13/26] cryptodev: move IV parameters to crypto session Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 14/26] cryptodev: add auth IV Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 15/26] cryptodev: do not use AAD in wireless algorithms Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 16/26] cryptodev: remove AAD length from crypto op Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 17/26] cryptodev: remove digest " Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 18/26] cryptodev: set AES-GMAC as auth-only algo Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 19/26] cryptodev: add AEAD specific data Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 20/26] cryptodev: add AEAD parameters in crypto operation Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 21/26] examples/l2fwd-crypto: avoid too many tabs Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 22/26] app/test-crypto-perf: add AEAD parameters Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 23/26] examples/ipsec-secgw: " Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 24/26] examples/l2fwd-crypto: " Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 25/26] cryptodev: use AES-GCM/CCM as AEAD algorithms Pablo de Lara
2017-07-02 5:41 ` [dpdk-dev] [PATCH v4 26/26] cryptodev: remove AAD from authentication structure Pablo de Lara
2017-07-03 15:44 ` [dpdk-dev] [PATCH v4 00/26] Crypto operation restructuring Declan Doherty
2017-07-03 16:27 ` De Lara Guarch, Pablo
2017-06-29 16:39 ` [dpdk-dev] [PATCH v2 00/27] " Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170626102300.56637-26-pablo.de.lara.guarch@intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=hemant.agrawal@nxp.com \
--cc=jerin.jacob@caviumnetworks.com \
--cc=zbigniew.bodek@caviumnetworks.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).