From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: declan.doherty@intel.com, fiona.trahe@intel.com,
deepak.k.jain@intel.com, john.griffin@intel.com
Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>
Subject: [dpdk-dev] [PATCH v2 3/9] app/crypto-perf: add AES-CCM support
Date: Thu, 21 Sep 2017 14:11:16 +0100 [thread overview]
Message-ID: <20170921131123.16513-4-pablo.de.lara.guarch@intel.com> (raw)
In-Reply-To: <20170921131123.16513-1-pablo.de.lara.guarch@intel.com>
According to the API, AES-CCM has special requirements
when setting IV and AAD fields.
The L2fwd-crypto app is updated to set the nonce (IV)
and AAD in the right positions in these two fields
(1 byte after start of IV field and 18 bytes after start
of AAD).
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
app/test-crypto-perf/cperf_ops.c | 21 +++++++++++++++--
app/test-crypto-perf/cperf_test_latency.c | 34 +++++++++++++++++++++++----
app/test-crypto-perf/cperf_test_throughput.c | 34 +++++++++++++++++++++++----
app/test-crypto-perf/cperf_test_verify.c | 35 ++++++++++++++++++++++++----
4 files changed, 107 insertions(+), 17 deletions(-)
diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 88fb972..df579f8 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -318,7 +318,15 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
/* AEAD parameters */
sym_op->aead.data.length = options->test_buffer_size;
- sym_op->aead.data.offset =
+ /*
+ * If doing AES-CCM, first 18 bytes has to be reserved,
+ * and actual AAD should start from byte 18
+ */
+ if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+ sym_op->aead.data.offset =
+ RTE_ALIGN_CEIL(options->aead_aad_sz + 18, 16);
+ else
+ sym_op->aead.data.offset =
RTE_ALIGN_CEIL(options->aead_aad_sz, 16);
sym_op->aead.aad.data = rte_pktmbuf_mtod(bufs_in[i], uint8_t *);
@@ -358,8 +366,17 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ops[i],
uint8_t *, iv_offset);
- memcpy(iv_ptr, test_vector->aead_iv.data,
+ /*
+ * If doing AES-CCM, nonce is copied one byte
+ * after the start of IV field
+ */
+ if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+ memcpy(iv_ptr + 1, test_vector->aead_iv.data,
test_vector->aead_iv.length);
+ else
+ memcpy(iv_ptr, test_vector->aead_iv.data,
+ test_vector->aead_iv.length);
+
}
}
diff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c
index 58b21ab..0e21092 100644
--- a/app/test-crypto-perf/cperf_test_latency.c
+++ b/app/test-crypto-perf/cperf_test_latency.c
@@ -175,13 +175,29 @@ cperf_mbuf_create(struct rte_mempool *mempool,
}
if (options->op_type == CPERF_AEAD) {
- uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
- RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
+ /*
+ * If doing AES-CCM, first 18 bytes has to be reserved,
+ * and actual AAD should start from byte 18
+ */
+ if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM) {
+ uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+ RTE_ALIGN_CEIL(options->aead_aad_sz + 18, 16));
+
+ if (aad == NULL)
+ goto error;
+
+ memcpy(aad + 18, test_vector->aad.data,
+ test_vector->aad.length);
+ } else {
+ uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+ RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
- if (aead == NULL)
- goto error;
+ if (aad == NULL)
+ goto error;
- memcpy(aead, test_vector->aad.data, test_vector->aad.length);
+ memcpy(aad, test_vector->aad.data,
+ test_vector->aad.length);
+ }
}
return mbuf;
@@ -293,6 +309,14 @@ cperf_latency_test_constructor(struct rte_mempool *sess_mp,
test_vector->cipher_iv.length +
test_vector->auth_iv.length +
test_vector->aead_iv.length;
+ /*
+ * If doing AES-CCM, 16 bytes need to be reserved,
+ * regardless the IV length
+ */
+ if (options->op_type == CPERF_AEAD &&
+ options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+ priv_size = 16;
+
ctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,
RTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz,
512, priv_size, rte_socket_id());
diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c
index 3bb1cb0..6f34708 100644
--- a/app/test-crypto-perf/cperf_test_throughput.c
+++ b/app/test-crypto-perf/cperf_test_throughput.c
@@ -159,13 +159,29 @@ cperf_mbuf_create(struct rte_mempool *mempool,
}
if (options->op_type == CPERF_AEAD) {
- uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
- RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
+ /*
+ * If doing AES-CCM, first 18 bytes has to be reserved,
+ * and actual AAD should start from byte 18
+ */
+ if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM) {
+ uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+ RTE_ALIGN_CEIL(options->aead_aad_sz + 18, 16));
+
+ if (aad == NULL)
+ goto error;
+
+ memcpy(aad + 18, test_vector->aad.data,
+ test_vector->aad.length);
+ } else {
+ uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+ RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
- if (aead == NULL)
- goto error;
+ if (aad == NULL)
+ goto error;
- memcpy(aead, test_vector->aad.data, test_vector->aad.length);
+ memcpy(aad, test_vector->aad.data,
+ test_vector->aad.length);
+ }
}
return mbuf;
@@ -273,6 +289,14 @@ cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
uint16_t priv_size = test_vector->cipher_iv.length +
test_vector->auth_iv.length + test_vector->aead_iv.length;
+ /*
+ * If doing AES-CCM, 16 bytes need to be reserved,
+ * regardless the IV length
+ */
+ if (options->op_type == CPERF_AEAD &&
+ options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+ priv_size = 16;
+
ctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,
RTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz,
512, priv_size, rte_socket_id());
diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c
index a314646..32818fe 100644
--- a/app/test-crypto-perf/cperf_test_verify.c
+++ b/app/test-crypto-perf/cperf_test_verify.c
@@ -163,13 +163,29 @@ cperf_mbuf_create(struct rte_mempool *mempool,
}
if (options->op_type == CPERF_AEAD) {
- uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
- RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
+ /*
+ * If doing AES-CCM, first 18 bytes has to be reserved,
+ * and actual AAD should start from byte 18
+ */
+ if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM) {
+ uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+ RTE_ALIGN_CEIL(options->aead_aad_sz + 18, 16));
- if (aead == NULL)
- goto error;
+ if (aad == NULL)
+ goto error;
+
+ memcpy(aad + 18, test_vector->aad.data,
+ test_vector->aad.length);
+ } else {
+ uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+ RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
- memcpy(aead, test_vector->aad.data, test_vector->aad.length);
+ if (aad == NULL)
+ goto error;
+
+ memcpy(aad, test_vector->aad.data,
+ test_vector->aad.length);
+ }
}
return mbuf;
@@ -276,6 +292,15 @@ cperf_verify_test_constructor(struct rte_mempool *sess_mp,
uint16_t priv_size = test_vector->cipher_iv.length +
test_vector->auth_iv.length + test_vector->aead_iv.length;
+
+ /*
+ * If doing AES-CCM, 16 bytes need to be reserved,
+ * regardless the IV length
+ */
+ if (options->op_type == CPERF_AEAD &&
+ options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+ priv_size = 16;
+
ctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,
RTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz,
512, priv_size, rte_socket_id());
--
2.9.4
next prev parent reply other threads:[~2017-09-21 21:11 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-18 8:07 [dpdk-dev] [PATCH 0/4] Add support for AES-CCM Pablo de Lara
2017-08-18 8:07 ` [dpdk-dev] [PATCH 1/4] crypto/openssl: fix AEAD parameters Pablo de Lara
2017-08-18 8:07 ` [dpdk-dev] [PATCH] test/crypto: rename GCM test code Pablo de Lara
2017-08-18 16:09 ` De Lara Guarch, Pablo
2017-08-18 8:07 ` [dpdk-dev] [PATCH 2/4] crypto/openssl: init GCM key at session creation Pablo de Lara
2017-08-18 8:07 ` [dpdk-dev] [PATCH 3/4] test/crypto: rename GCM test code Pablo de Lara
2017-08-18 8:07 ` [dpdk-dev] [PATCH 4/4] crypto/openssl: add AES-CCM support Pablo de Lara
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 0/9] Add support for AES-CCM Pablo de Lara
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 1/9] cryptodev: clarify API " Pablo de Lara
2017-10-09 9:57 ` Trahe, Fiona
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 2/9] examples/l2fwd-crypto: add AES-CCM support Pablo de Lara
2017-09-21 13:11 ` Pablo de Lara [this message]
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 4/9] crypto/openssl: fix AEAD parameters Pablo de Lara
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 5/9] crypto/openssl: init GCM key at session creation Pablo de Lara
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 6/9] crypto/openssl: add AES-CCM support Pablo de Lara
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 7/9] crypto/qat: " Pablo de Lara
2017-10-09 9:55 ` Trahe, Fiona
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 8/9] test/crypto: rename GCM test code Pablo de Lara
2017-09-21 13:11 ` [dpdk-dev] [PATCH v2 9/9] test/crypto: add AES-CCM tests Pablo de Lara
2017-10-05 9:12 ` [dpdk-dev] [PATCH v2 0/9] Add support for AES-CCM Zhang, Roy Fan
2017-10-09 10:10 ` De Lara Guarch, Pablo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170921131123.16513-4-pablo.de.lara.guarch@intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=declan.doherty@intel.com \
--cc=deepak.k.jain@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
--cc=john.griffin@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).