* [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology @ 2019-02-28 16:18 Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT Damian Nowak ` (3 more replies) 0 siblings, 4 replies; 11+ messages in thread From: Damian Nowak @ 2019-02-28 16:18 UTC (permalink / raw) To: fiona.trahe; +Cc: dev, Damian Nowak This patchset adds XTS support for Intel QuickAssist Technology. Following cipher algorithms are available with this patchset: * AES XTS (128) * AES XTS (256) Damian Nowak (3): test/crypto: add tests for XTS on QAT crypto/qat: add XTS for QAT session config cryptodev: remove XTS text duplication doc/guides/cryptodevs/features/qat.ini | 2 + doc/guides/cryptodevs/qat.rst | 3 +- drivers/crypto/qat/qat_sym_capabilities.h | 22 ++- drivers/crypto/qat/qat_sym_session.c | 17 ++- lib/librte_cryptodev/rte_crypto_sym.h | 9 +- test/test/test_cryptodev_aes_test_vectors.h | 223 +++++++++++++++++++++++++++- 6 files changed, 265 insertions(+), 11 deletions(-) -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT 2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak @ 2019-02-28 16:18 ` Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 2/3] crypto/qat: add XTS for QAT session config Damian Nowak ` (2 subsequent siblings) 3 siblings, 0 replies; 11+ messages in thread From: Damian Nowak @ 2019-02-28 16:18 UTC (permalink / raw) To: fiona.trahe; +Cc: dev, Damian Nowak This patch adds test vectors for AES XTS mode on QAT. It uses different plaintext sizes and AES keys sizes of 128 and 256 bits. Signed-off-by: Damian Nowak <damianx.nowak@intel.com> --- test/test/test_cryptodev_aes_test_vectors.h | 223 +++++++++++++++++++++++++++- 1 file changed, 222 insertions(+), 1 deletion(-) diff --git a/test/test/test_cryptodev_aes_test_vectors.h b/test/test/test_cryptodev_aes_test_vectors.h index 6dd8e5f..960c3b1 100644 --- a/test/test/test_cryptodev_aes_test_vectors.h +++ b/test/test/test_cryptodev_aes_test_vectors.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2016-2017 Intel Corporation + * Copyright(c) 2016-2019 Intel Corporation */ #ifndef TEST_CRYPTODEV_AES_TEST_VECTORS_H_ @@ -1077,6 +1077,179 @@ static const struct blockcipher_test_data aes_test_data_13 = { } }; +/** XTS-AES-128 test vector (2 keys * 128 bit) */ +static const uint8_t plaintext_aes128xts_16bytes[] = { + 0xEB, 0xAB, 0xCE, 0x95, 0xB1, 0x4D, 0x3C, 0x8D, + 0x6F, 0xB3, 0x50, 0x39, 0x07, 0x90, 0x31, 0x1C +}; +static const uint8_t ciphertext_aes128xts_16bytes[] = { + 0x77, 0x8A, 0xE8, 0xB4, 0x3C, 0xB9, 0x8D, 0x5A, + 0x82, 0x50, 0x81, 0xD5, 0xBE, 0x47, 0x1C, 0x63 +}; +static const struct +blockcipher_test_data aes_test_data_xts_key_32_pt_16 = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS, + .cipher_key = { + .data = { + 0xA1, 0xB9, 0x0C, 0xBA, 0x3F, 0x06, 0xAC, 0x35, + 0x3B, 0x2C, 0x34, 0x38, 0x76, 0x08, 0x17, 0x62, + 0x09, 0x09, 0x23, 0x02, 0x6E, 0x91, 0x77, 0x18, + 0x15, 0xF2, 0x9D, 0xAB, 0x01, 0x93, 0x2F, 0x2F + }, + .len = 32 + }, + .iv = { + .data = { + 0x4F, 0xAE, 0xF7, 0x11, 0x7C, 0xDA, 0x59, 0xC6, + 0x6E, 0x4B, 0x92, 0x01, 0x3E, 0x76, 0x8A, 0xD5 + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes128xts_16bytes, + .len = 16 + }, + .ciphertext = { + .data = ciphertext_aes128xts_16bytes, + .len = 16 + } +}; +static const uint8_t plaintext_aes128xts_32bytes[] = { + 0xB0, 0x4D, 0x84, 0xDA, 0x85, 0x6B, 0x9A, 0x59, + 0xCE, 0x2D, 0x62, 0x67, 0x46, 0xF6, 0x89, 0xA8, + 0x05, 0x1D, 0xAC, 0xD6, 0xBC, 0xE3, 0xB9, 0x90, + 0xAA, 0x90, 0x1E, 0x40, 0x30, 0x64, 0x88, 0x79 +}; +static const uint8_t ciphertext_aes128xts_32bytes[] = { + 0xF9, 0x41, 0x03, 0x9E, 0xBA, 0xB8, 0xCA, 0xC3, + 0x9D, 0x59, 0x24, 0x7C, 0xBB, 0xCB, 0x4D, 0x81, + 0x6C, 0x72, 0x6D, 0xAE, 0xD1, 0x15, 0x77, 0x69, + 0x2C, 0x55, 0xE4, 0xAC, 0x6D, 0x3E, 0x68, 0x20 +}; +static const struct +blockcipher_test_data aes_test_data_xts_key_32_pt_32 = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS, + .cipher_key = { + .data = { + 0x78, 0x3A, 0x83, 0xEC, 0x52, 0xA2, 0x74, 0x05, + 0xDF, 0xF9, 0xDE, 0x4C, 0x57, 0xF9, 0xC9, 0x79, + 0xB3, 0x60, 0xB6, 0xA5, 0xDF, 0x88, 0xD6, 0x7E, + 0xC1, 0xA0, 0x52, 0xE6, 0xF5, 0x82, 0xA7, 0x17 + }, + .len = 32 + }, + .iv = { + .data = { + 0x88, 0x6E, 0x97, 0x5B, 0x29, 0xBD, 0xF6, 0xF0, + 0xC0, 0x1B, 0xB4, 0x7F, 0x61, 0xF6, 0xF0, 0xF5 + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes128xts_32bytes, + .len = 32 + }, + .ciphertext = { + .data = ciphertext_aes128xts_32bytes, + .len = 32 + } +}; + +/** XTS-AES-256 test vector (2 keys * 256 bit) */ +/* Encryption */ +static const uint8_t plaintext_aes256xts_32bytes[] = { + 0x2E, 0xED, 0xEA, 0x52, 0xCD, 0x82, 0x15, 0xE1, + 0xAC, 0xC6, 0x47, 0xE8, 0x10, 0xBB, 0xC3, 0x64, + 0x2E, 0x87, 0x28, 0x7F, 0x8D, 0x2E, 0x57, 0xE3, + 0x6C, 0x0A, 0x24, 0xFB, 0xC1, 0x2A, 0x20, 0x2E +}; +static const uint8_t ciphertext_aes256xts_32bytes[] = { + 0xCB, 0xAA, 0xD0, 0xE2, 0xF6, 0xCE, 0xA3, 0xF5, + 0x0B, 0x37, 0xF9, 0x34, 0xD4, 0x6A, 0x9B, 0x13, + 0x0B, 0x9D, 0x54, 0xF0, 0x7E, 0x34, 0xF3, 0x6A, + 0xF7, 0x93, 0xE8, 0x6F, 0x73, 0xC6, 0xD7, 0xDB +}; +static const struct +blockcipher_test_data aes_test_data_xts_key_64_pt_32 = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS, + .cipher_key = { + .data = { + 0x1E, 0xA6, 0x61, 0xC5, 0x8D, 0x94, 0x3A, 0x0E, + 0x48, 0x01, 0xE4, 0x2F, 0x4B, 0x09, 0x47, 0x14, + 0x9E, 0x7F, 0x9F, 0x8E, 0x3E, 0x68, 0xD0, 0xC7, + 0x50, 0x52, 0x10, 0xBD, 0x31, 0x1A, 0x0E, 0x7C, + 0xD6, 0xE1, 0x3F, 0xFD, 0xF2, 0x41, 0x8D, 0x8D, + 0x19, 0x11, 0xC0, 0x04, 0xCD, 0xA5, 0x8D, 0xA3, + 0xD6, 0x19, 0xB7, 0xE2, 0xB9, 0x14, 0x1E, 0x58, + 0x31, 0x8E, 0xEA, 0x39, 0x2C, 0xF4, 0x1B, 0x08 + }, + .len = 64 + }, + .iv = { + .data = { + 0xAD, 0xF8, 0xD9, 0x26, 0x27, 0x46, 0x4A, 0xD2, + 0xF0, 0x42, 0x8E, 0x84, 0xA9, 0xF8, 0x75, 0x64 + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes256xts_32bytes, + .len = 32 + }, + .ciphertext = { + .data = ciphertext_aes256xts_32bytes, + .len = 32 + } +}; +static const uint8_t plaintext_aes256xts_48bytes[] = { + 0xBB, 0xB2, 0x34, 0xDB, 0x01, 0xBE, 0x79, 0xD3, + 0xDC, 0x7D, 0xCF, 0x49, 0xBC, 0x53, 0xB8, 0xEF, + 0xC6, 0x2F, 0xE7, 0x17, 0x94, 0x39, 0x06, 0x1D, + 0x73, 0xA6, 0xB2, 0x0E, 0xDB, 0x9B, 0x7D, 0xA0, + 0x45, 0x0B, 0x19, 0xF0, 0x20, 0x82, 0x02, 0x09, + 0xAF, 0xE0, 0x81, 0x12, 0xAE, 0x4A, 0xFD, 0xD3 +}; +static const uint8_t ciphertext_aes256xts_48bytes[] = { + 0xCB, 0xF6, 0x88, 0x48, 0xC4, 0x20, 0x49, 0xEF, + 0xB1, 0x46, 0xE2, 0xD1, 0xE4, 0x11, 0x5F, 0x62, + 0xE4, 0xFA, 0xA4, 0xEF, 0xFF, 0x19, 0x8F, 0x1A, + 0x0A, 0xA0, 0xC9, 0x8B, 0xA0, 0x2C, 0xC4, 0x4D, + 0xA3, 0x76, 0xD7, 0x62, 0xD6, 0x15, 0x1F, 0x23, + 0x45, 0x87, 0xBF, 0x12, 0x8B, 0x6A, 0x7F, 0xFA +}; +static const struct +blockcipher_test_data aes_test_data_xts_key_64_pt_48 = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS, + .cipher_key = { + .data = { + 0x7F, 0xB0, 0x92, 0x2F, 0xCE, 0x09, 0xED, 0xDD, + 0x36, 0x65, 0xA1, 0x1F, 0x52, 0x35, 0xD5, 0x1E, + 0xF7, 0x72, 0x06, 0xA7, 0xDE, 0x45, 0x47, 0x75, + 0xB6, 0x9D, 0xCC, 0x54, 0x59, 0xAC, 0xDB, 0x24, + 0xCC, 0xF0, 0x5C, 0x41, 0x5A, 0xF5, 0xAB, 0x8A, + 0x06, 0x62, 0x3D, 0x19, 0x8D, 0x5B, 0x91, 0x85, + 0x95, 0xA9, 0xDC, 0xAA, 0xF5, 0x39, 0x2E, 0xE7, + 0x17, 0xC1, 0x04, 0x7F, 0x2F, 0x08, 0xF6, 0x2B + }, + .len = 64 + }, + .iv = { + .data = { + 0x8E, 0xA3, 0x63, 0x8B, 0x9D, 0x40, 0x62, 0xF1, + 0x69, 0x19, 0x6F, 0xF4, 0x55, 0x5A, 0xD0, 0xAF + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes256xts_48bytes, + .len = 48 + }, + .ciphertext = { + .data = ciphertext_aes256xts_48bytes, + .len = 48 + } +}; + /* AES-DOCSIS-BPI test vectors */ /* Multiple of AES block size */ @@ -1821,6 +1994,54 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = { .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB | BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX + }, + { + .test_descr = "AES-128-XTS Encryption (16-byte plaintext)", + .test_data = &aes_test_data_xts_key_32_pt_16, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-128-XTS Decryption (16-byte plaintext)", + .test_data = &aes_test_data_xts_key_32_pt_16, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-128-XTS Encryption (32-byte plaintext)", + .test_data = &aes_test_data_xts_key_32_pt_32, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-128-XTS Decryption (32-byte plaintext)", + .test_data = &aes_test_data_xts_key_32_pt_32, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-256-XTS Encryption (32-byte plaintext)", + .test_data = &aes_test_data_xts_key_64_pt_32, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-256-XTS Decryption (32-byte plaintext)", + .test_data = &aes_test_data_xts_key_64_pt_32, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-256-XTS Encryption (48-byte plaintext)", + .test_data = &aes_test_data_xts_key_64_pt_48, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-256-XTS Decryption (48-byte plaintext)", + .test_data = &aes_test_data_xts_key_64_pt_48, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT } }; -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* [dpdk-dev] [PATCH 2/3] crypto/qat: add XTS for QAT session config 2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT Damian Nowak @ 2019-02-28 16:18 ` Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 3/3] cryptodev: remove XTS text duplication Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak 3 siblings, 0 replies; 11+ messages in thread From: Damian Nowak @ 2019-02-28 16:18 UTC (permalink / raw) To: fiona.trahe; +Cc: dev, Damian Nowak This patch adds XTS capabilities and enables XTS cipher mode on QAT. It also updates the documentation for newly supported AES XTS mode on QAT. Signed-off-by: Damian Nowak <damianx.nowak@intel.com> --- doc/guides/cryptodevs/features/qat.ini | 2 ++ doc/guides/cryptodevs/qat.rst | 3 ++- drivers/crypto/qat/qat_sym_capabilities.h | 22 +++++++++++++++++++++- drivers/crypto/qat/qat_sym_session.c | 17 +++++++++++++++-- 4 files changed, 40 insertions(+), 4 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 4f15ee0..a7c7273 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -24,6 +24,8 @@ AES CBC (256) = Y AES CTR (128) = Y AES CTR (192) = Y AES CTR (256) = Y +AES XTS (128) = Y +AES XTS (256) = Y 3DES CBC = Y 3DES CTR = Y DES CBC = Y diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index b079aa3..d5bb1d4 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -1,5 +1,5 @@ .. SPDX-License-Identifier: BSD-3-Clause - Copyright(c) 2015-2016 Intel Corporation. + Copyright(c) 2015-2019 Intel Corporation. Intel(R) QuickAssist (QAT) Crypto Poll Mode Driver ================================================== @@ -41,6 +41,7 @@ Cipher algorithms: * ``RTE_CRYPTO_CIPHER_AES128_CTR`` * ``RTE_CRYPTO_CIPHER_AES192_CTR`` * ``RTE_CRYPTO_CIPHER_AES256_CTR`` +* ``RTE_CRYPTO_CIPHER_AES_XTS`` * ``RTE_CRYPTO_CIPHER_SNOW3G_UEA2`` * ``RTE_CRYPTO_CIPHER_NULL`` * ``RTE_CRYPTO_CIPHER_KASUMI_F8`` diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h index 7cba87d..6df12b9 100644 --- a/drivers/crypto/qat/qat_sym_capabilities.h +++ b/drivers/crypto/qat/qat_sym_capabilities.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2017-2018 Intel Corporation + * Copyright(c) 2017-2019 Intel Corporation */ #ifndef _QAT_SYM_CAPABILITIES_H_ @@ -304,6 +304,26 @@ }, } \ }, } \ }, \ + { /* AES XTS */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, \ + {.cipher = { \ + .algo = RTE_CRYPTO_CIPHER_AES_XTS, \ + .block_size = 16, \ + .key_size = { \ + .min = 32, \ + .max = 64, \ + .increment = 0 \ + }, \ + .iv_size = { \ + .min = 16, \ + .max = 16, \ + .increment = 0 \ + } \ + }, } \ + }, } \ + }, \ { /* AES DOCSIS BPI */ \ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ {.sym = { \ diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index 4d7ec01..5cc86f5 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) - * Copyright(c) 2015-2018 Intel Corporation + * Copyright(c) 2015-2019 Intel Corporation */ #include <openssl/sha.h> /* Needed to calculate pre-compute values */ @@ -333,10 +333,23 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev, } session->qat_mode = ICP_QAT_HW_CIPHER_ECB_MODE; break; + case RTE_CRYPTO_CIPHER_AES_XTS: + if ((cipher_xform->key.length/2) == ICP_QAT_HW_AES_192_KEY_SZ) { + QAT_LOG(ERR, "AES-XTS-192 not supported"); + ret = -EINVAL; + goto error_out; + } + if (qat_sym_validate_aes_key((cipher_xform->key.length/2), + &session->qat_cipher_alg) != 0) { + QAT_LOG(ERR, "Invalid AES-XTS cipher key size"); + ret = -EINVAL; + goto error_out; + } + session->qat_mode = ICP_QAT_HW_CIPHER_XTS_MODE; + break; case RTE_CRYPTO_CIPHER_3DES_ECB: case RTE_CRYPTO_CIPHER_AES_ECB: case RTE_CRYPTO_CIPHER_AES_F8: - case RTE_CRYPTO_CIPHER_AES_XTS: case RTE_CRYPTO_CIPHER_ARC4: QAT_LOG(ERR, "Crypto QAT PMD: Unsupported Cipher alg %u", cipher_xform->algo); -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* [dpdk-dev] [PATCH 3/3] cryptodev: remove XTS text duplication 2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 2/3] crypto/qat: add XTS for QAT session config Damian Nowak @ 2019-02-28 16:18 ` Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak 3 siblings, 0 replies; 11+ messages in thread From: Damian Nowak @ 2019-02-28 16:18 UTC (permalink / raw) To: fiona.trahe; +Cc: dev, Damian Nowak This patch removes duplicated text about AES-XTS mode. Signed-off-by: Damian Nowak <damianx.nowak@intel.com> --- lib/librte_cryptodev/rte_crypto_sym.h | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h index eb5afc5..c80e90e 100644 --- a/lib/librte_cryptodev/rte_crypto_sym.h +++ b/lib/librte_cryptodev/rte_crypto_sym.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2016-2017 Intel Corporation + * Copyright(c) 2016-2019 Intel Corporation */ #ifndef _RTE_CRYPTO_SYM_H_ @@ -124,11 +124,6 @@ struct rte_crypto_cipher_xform { * keymask. As per RFC3711, the keymask should be padded with trailing * bytes to match the length of the encryption key used. * - * For AES-XTS mode of operation, two keys must be provided and - * key.data must point to the two keys concatenated together (Key1 || - * Key2). The cipher key length will contain the total size of both - * keys. - * * Cipher key length is in bytes. For AES it can be 128 bits (16 bytes), * 192 bits (24 bytes) or 256 bits (32 bytes). * @@ -140,6 +135,8 @@ struct rte_crypto_cipher_xform { * For the AES-XTS mode of operation: * - Two keys must be provided and key.length refers to total length of * the two keys. + * - key.data must point to the two keys concatenated together + * (key1 || key2). * - Each key can be either 128 bits (16 bytes) or 256 bits (32 bytes). * - Both keys must have the same size. **/ -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT 2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak ` (2 preceding siblings ...) 2019-02-28 16:18 ` [dpdk-dev] [PATCH 3/3] cryptodev: remove XTS text duplication Damian Nowak @ 2019-03-13 14:52 ` Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT Damian Nowak ` (3 more replies) 3 siblings, 4 replies; 11+ messages in thread From: Damian Nowak @ 2019-03-13 14:52 UTC (permalink / raw) To: dev; +Cc: fiona.trahe, Damian Nowak This patchset adds XTS support for Intel QuickAssist Technology. Following cipher algorithms are available with this patchset: * AES XTS (128) * AES XTS (256) --- v2: - update release notes Damian Nowak (3): test/crypto: add tests for XTS on QAT crypto/qat: add XTS for QAT session config cryptodev: remove XTS text duplication app/test/test_cryptodev_aes_test_vectors.h | 223 ++++++++++++++++++++++++++++- doc/guides/cryptodevs/features/qat.ini | 2 + doc/guides/cryptodevs/qat.rst | 3 +- doc/guides/rel_notes/release_19_05.rst | 10 ++ drivers/crypto/qat/qat_sym_capabilities.h | 22 ++- drivers/crypto/qat/qat_sym_session.c | 17 ++- lib/librte_cryptodev/rte_crypto_sym.h | 9 +- 7 files changed, 275 insertions(+), 11 deletions(-) -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak @ 2019-03-13 14:52 ` Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config Damian Nowak ` (2 subsequent siblings) 3 siblings, 0 replies; 11+ messages in thread From: Damian Nowak @ 2019-03-13 14:52 UTC (permalink / raw) To: dev; +Cc: fiona.trahe, Damian Nowak This patch adds test vectors for AES XTS mode on QAT. It uses different plaintext sizes and AES keys sizes of 128 and 256 bits. Signed-off-by: Damian Nowak <damianx.nowak@intel.com> --- app/test/test_cryptodev_aes_test_vectors.h | 223 ++++++++++++++++++++++++++++- 1 file changed, 222 insertions(+), 1 deletion(-) diff --git a/app/test/test_cryptodev_aes_test_vectors.h b/app/test/test_cryptodev_aes_test_vectors.h index 6dd8e5f..960c3b1 100644 --- a/app/test/test_cryptodev_aes_test_vectors.h +++ b/app/test/test_cryptodev_aes_test_vectors.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2016-2017 Intel Corporation + * Copyright(c) 2016-2019 Intel Corporation */ #ifndef TEST_CRYPTODEV_AES_TEST_VECTORS_H_ @@ -1077,6 +1077,179 @@ static const struct blockcipher_test_data aes_test_data_13 = { } }; +/** XTS-AES-128 test vector (2 keys * 128 bit) */ +static const uint8_t plaintext_aes128xts_16bytes[] = { + 0xEB, 0xAB, 0xCE, 0x95, 0xB1, 0x4D, 0x3C, 0x8D, + 0x6F, 0xB3, 0x50, 0x39, 0x07, 0x90, 0x31, 0x1C +}; +static const uint8_t ciphertext_aes128xts_16bytes[] = { + 0x77, 0x8A, 0xE8, 0xB4, 0x3C, 0xB9, 0x8D, 0x5A, + 0x82, 0x50, 0x81, 0xD5, 0xBE, 0x47, 0x1C, 0x63 +}; +static const struct +blockcipher_test_data aes_test_data_xts_key_32_pt_16 = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS, + .cipher_key = { + .data = { + 0xA1, 0xB9, 0x0C, 0xBA, 0x3F, 0x06, 0xAC, 0x35, + 0x3B, 0x2C, 0x34, 0x38, 0x76, 0x08, 0x17, 0x62, + 0x09, 0x09, 0x23, 0x02, 0x6E, 0x91, 0x77, 0x18, + 0x15, 0xF2, 0x9D, 0xAB, 0x01, 0x93, 0x2F, 0x2F + }, + .len = 32 + }, + .iv = { + .data = { + 0x4F, 0xAE, 0xF7, 0x11, 0x7C, 0xDA, 0x59, 0xC6, + 0x6E, 0x4B, 0x92, 0x01, 0x3E, 0x76, 0x8A, 0xD5 + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes128xts_16bytes, + .len = 16 + }, + .ciphertext = { + .data = ciphertext_aes128xts_16bytes, + .len = 16 + } +}; +static const uint8_t plaintext_aes128xts_32bytes[] = { + 0xB0, 0x4D, 0x84, 0xDA, 0x85, 0x6B, 0x9A, 0x59, + 0xCE, 0x2D, 0x62, 0x67, 0x46, 0xF6, 0x89, 0xA8, + 0x05, 0x1D, 0xAC, 0xD6, 0xBC, 0xE3, 0xB9, 0x90, + 0xAA, 0x90, 0x1E, 0x40, 0x30, 0x64, 0x88, 0x79 +}; +static const uint8_t ciphertext_aes128xts_32bytes[] = { + 0xF9, 0x41, 0x03, 0x9E, 0xBA, 0xB8, 0xCA, 0xC3, + 0x9D, 0x59, 0x24, 0x7C, 0xBB, 0xCB, 0x4D, 0x81, + 0x6C, 0x72, 0x6D, 0xAE, 0xD1, 0x15, 0x77, 0x69, + 0x2C, 0x55, 0xE4, 0xAC, 0x6D, 0x3E, 0x68, 0x20 +}; +static const struct +blockcipher_test_data aes_test_data_xts_key_32_pt_32 = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS, + .cipher_key = { + .data = { + 0x78, 0x3A, 0x83, 0xEC, 0x52, 0xA2, 0x74, 0x05, + 0xDF, 0xF9, 0xDE, 0x4C, 0x57, 0xF9, 0xC9, 0x79, + 0xB3, 0x60, 0xB6, 0xA5, 0xDF, 0x88, 0xD6, 0x7E, + 0xC1, 0xA0, 0x52, 0xE6, 0xF5, 0x82, 0xA7, 0x17 + }, + .len = 32 + }, + .iv = { + .data = { + 0x88, 0x6E, 0x97, 0x5B, 0x29, 0xBD, 0xF6, 0xF0, + 0xC0, 0x1B, 0xB4, 0x7F, 0x61, 0xF6, 0xF0, 0xF5 + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes128xts_32bytes, + .len = 32 + }, + .ciphertext = { + .data = ciphertext_aes128xts_32bytes, + .len = 32 + } +}; + +/** XTS-AES-256 test vector (2 keys * 256 bit) */ +/* Encryption */ +static const uint8_t plaintext_aes256xts_32bytes[] = { + 0x2E, 0xED, 0xEA, 0x52, 0xCD, 0x82, 0x15, 0xE1, + 0xAC, 0xC6, 0x47, 0xE8, 0x10, 0xBB, 0xC3, 0x64, + 0x2E, 0x87, 0x28, 0x7F, 0x8D, 0x2E, 0x57, 0xE3, + 0x6C, 0x0A, 0x24, 0xFB, 0xC1, 0x2A, 0x20, 0x2E +}; +static const uint8_t ciphertext_aes256xts_32bytes[] = { + 0xCB, 0xAA, 0xD0, 0xE2, 0xF6, 0xCE, 0xA3, 0xF5, + 0x0B, 0x37, 0xF9, 0x34, 0xD4, 0x6A, 0x9B, 0x13, + 0x0B, 0x9D, 0x54, 0xF0, 0x7E, 0x34, 0xF3, 0x6A, + 0xF7, 0x93, 0xE8, 0x6F, 0x73, 0xC6, 0xD7, 0xDB +}; +static const struct +blockcipher_test_data aes_test_data_xts_key_64_pt_32 = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS, + .cipher_key = { + .data = { + 0x1E, 0xA6, 0x61, 0xC5, 0x8D, 0x94, 0x3A, 0x0E, + 0x48, 0x01, 0xE4, 0x2F, 0x4B, 0x09, 0x47, 0x14, + 0x9E, 0x7F, 0x9F, 0x8E, 0x3E, 0x68, 0xD0, 0xC7, + 0x50, 0x52, 0x10, 0xBD, 0x31, 0x1A, 0x0E, 0x7C, + 0xD6, 0xE1, 0x3F, 0xFD, 0xF2, 0x41, 0x8D, 0x8D, + 0x19, 0x11, 0xC0, 0x04, 0xCD, 0xA5, 0x8D, 0xA3, + 0xD6, 0x19, 0xB7, 0xE2, 0xB9, 0x14, 0x1E, 0x58, + 0x31, 0x8E, 0xEA, 0x39, 0x2C, 0xF4, 0x1B, 0x08 + }, + .len = 64 + }, + .iv = { + .data = { + 0xAD, 0xF8, 0xD9, 0x26, 0x27, 0x46, 0x4A, 0xD2, + 0xF0, 0x42, 0x8E, 0x84, 0xA9, 0xF8, 0x75, 0x64 + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes256xts_32bytes, + .len = 32 + }, + .ciphertext = { + .data = ciphertext_aes256xts_32bytes, + .len = 32 + } +}; +static const uint8_t plaintext_aes256xts_48bytes[] = { + 0xBB, 0xB2, 0x34, 0xDB, 0x01, 0xBE, 0x79, 0xD3, + 0xDC, 0x7D, 0xCF, 0x49, 0xBC, 0x53, 0xB8, 0xEF, + 0xC6, 0x2F, 0xE7, 0x17, 0x94, 0x39, 0x06, 0x1D, + 0x73, 0xA6, 0xB2, 0x0E, 0xDB, 0x9B, 0x7D, 0xA0, + 0x45, 0x0B, 0x19, 0xF0, 0x20, 0x82, 0x02, 0x09, + 0xAF, 0xE0, 0x81, 0x12, 0xAE, 0x4A, 0xFD, 0xD3 +}; +static const uint8_t ciphertext_aes256xts_48bytes[] = { + 0xCB, 0xF6, 0x88, 0x48, 0xC4, 0x20, 0x49, 0xEF, + 0xB1, 0x46, 0xE2, 0xD1, 0xE4, 0x11, 0x5F, 0x62, + 0xE4, 0xFA, 0xA4, 0xEF, 0xFF, 0x19, 0x8F, 0x1A, + 0x0A, 0xA0, 0xC9, 0x8B, 0xA0, 0x2C, 0xC4, 0x4D, + 0xA3, 0x76, 0xD7, 0x62, 0xD6, 0x15, 0x1F, 0x23, + 0x45, 0x87, 0xBF, 0x12, 0x8B, 0x6A, 0x7F, 0xFA +}; +static const struct +blockcipher_test_data aes_test_data_xts_key_64_pt_48 = { + .crypto_algo = RTE_CRYPTO_CIPHER_AES_XTS, + .cipher_key = { + .data = { + 0x7F, 0xB0, 0x92, 0x2F, 0xCE, 0x09, 0xED, 0xDD, + 0x36, 0x65, 0xA1, 0x1F, 0x52, 0x35, 0xD5, 0x1E, + 0xF7, 0x72, 0x06, 0xA7, 0xDE, 0x45, 0x47, 0x75, + 0xB6, 0x9D, 0xCC, 0x54, 0x59, 0xAC, 0xDB, 0x24, + 0xCC, 0xF0, 0x5C, 0x41, 0x5A, 0xF5, 0xAB, 0x8A, + 0x06, 0x62, 0x3D, 0x19, 0x8D, 0x5B, 0x91, 0x85, + 0x95, 0xA9, 0xDC, 0xAA, 0xF5, 0x39, 0x2E, 0xE7, + 0x17, 0xC1, 0x04, 0x7F, 0x2F, 0x08, 0xF6, 0x2B + }, + .len = 64 + }, + .iv = { + .data = { + 0x8E, 0xA3, 0x63, 0x8B, 0x9D, 0x40, 0x62, 0xF1, + 0x69, 0x19, 0x6F, 0xF4, 0x55, 0x5A, 0xD0, 0xAF + }, + .len = 16 + }, + .plaintext = { + .data = plaintext_aes256xts_48bytes, + .len = 48 + }, + .ciphertext = { + .data = ciphertext_aes256xts_48bytes, + .len = 48 + } +}; + /* AES-DOCSIS-BPI test vectors */ /* Multiple of AES block size */ @@ -1821,6 +1994,54 @@ static const struct blockcipher_test_case aes_cipheronly_test_cases[] = { .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_MB | BLOCKCIPHER_TEST_TARGET_PMD_OCTEONTX + }, + { + .test_descr = "AES-128-XTS Encryption (16-byte plaintext)", + .test_data = &aes_test_data_xts_key_32_pt_16, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-128-XTS Decryption (16-byte plaintext)", + .test_data = &aes_test_data_xts_key_32_pt_16, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-128-XTS Encryption (32-byte plaintext)", + .test_data = &aes_test_data_xts_key_32_pt_32, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-128-XTS Decryption (32-byte plaintext)", + .test_data = &aes_test_data_xts_key_32_pt_32, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-256-XTS Encryption (32-byte plaintext)", + .test_data = &aes_test_data_xts_key_64_pt_32, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-256-XTS Decryption (32-byte plaintext)", + .test_data = &aes_test_data_xts_key_64_pt_32, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-256-XTS Encryption (48-byte plaintext)", + .test_data = &aes_test_data_xts_key_64_pt_48, + .op_mask = BLOCKCIPHER_TEST_OP_ENCRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT + }, + { + .test_descr = "AES-256-XTS Decryption (48-byte plaintext)", + .test_data = &aes_test_data_xts_key_64_pt_48, + .op_mask = BLOCKCIPHER_TEST_OP_DECRYPT, + .pmd_mask = BLOCKCIPHER_TEST_TARGET_PMD_QAT } }; -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT Damian Nowak @ 2019-03-13 14:52 ` Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 3/3] cryptodev: remove XTS text duplication Damian Nowak 2019-03-13 17:51 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Trahe, Fiona 3 siblings, 0 replies; 11+ messages in thread From: Damian Nowak @ 2019-03-13 14:52 UTC (permalink / raw) To: dev; +Cc: fiona.trahe, Damian Nowak This patch adds XTS capabilities and enables XTS cipher mode on QAT. It also updates the documentation for newly supported AES XTS mode on QAT. Signed-off-by: Damian Nowak <damianx.nowak@intel.com> --- doc/guides/cryptodevs/features/qat.ini | 2 ++ doc/guides/cryptodevs/qat.rst | 3 ++- doc/guides/rel_notes/release_19_05.rst | 10 ++++++++++ drivers/crypto/qat/qat_sym_capabilities.h | 22 +++++++++++++++++++++- drivers/crypto/qat/qat_sym_session.c | 17 +++++++++++++++-- 5 files changed, 50 insertions(+), 4 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index 4f15ee0..a7c7273 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -24,6 +24,8 @@ AES CBC (256) = Y AES CTR (128) = Y AES CTR (192) = Y AES CTR (256) = Y +AES XTS (128) = Y +AES XTS (256) = Y 3DES CBC = Y 3DES CTR = Y DES CBC = Y diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index b7eace1..b1a5c0e 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -1,5 +1,5 @@ .. SPDX-License-Identifier: BSD-3-Clause - Copyright(c) 2015-2016 Intel Corporation. + Copyright(c) 2015-2019 Intel Corporation. Intel(R) QuickAssist (QAT) Crypto Poll Mode Driver ================================================== @@ -41,6 +41,7 @@ Cipher algorithms: * ``RTE_CRYPTO_CIPHER_AES128_CTR`` * ``RTE_CRYPTO_CIPHER_AES192_CTR`` * ``RTE_CRYPTO_CIPHER_AES256_CTR`` +* ``RTE_CRYPTO_CIPHER_AES_XTS`` * ``RTE_CRYPTO_CIPHER_SNOW3G_UEA2`` * ``RTE_CRYPTO_CIPHER_NULL`` * ``RTE_CRYPTO_CIPHER_KASUMI_F8`` diff --git a/doc/guides/rel_notes/release_19_05.rst b/doc/guides/rel_notes/release_19_05.rst index 61a2c73..6ea2e15 100644 --- a/doc/guides/rel_notes/release_19_05.rst +++ b/doc/guides/rel_notes/release_19_05.rst @@ -91,6 +91,10 @@ New Features * Added promiscuous mode support. +* **Updated the QuickAssist Technology PMD.** + + Added support for AES-XTS with 128 and 256 bit AES keys. + Removed Items ------------- @@ -226,6 +230,12 @@ Known Issues Also, make sure to start the actual text at the margin. ========================================================= +* **No software AES-XTS implementation.** + + There are currently no cryptodev software PMDs available which implement + support for the AES-XTS algorithm, so this feature can only be used + if compatible hardware and an associated PMD is available. + Tested Platforms ---------------- diff --git a/drivers/crypto/qat/qat_sym_capabilities.h b/drivers/crypto/qat/qat_sym_capabilities.h index 7cba87d..6df12b9 100644 --- a/drivers/crypto/qat/qat_sym_capabilities.h +++ b/drivers/crypto/qat/qat_sym_capabilities.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2017-2018 Intel Corporation + * Copyright(c) 2017-2019 Intel Corporation */ #ifndef _QAT_SYM_CAPABILITIES_H_ @@ -304,6 +304,26 @@ }, } \ }, } \ }, \ + { /* AES XTS */ \ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ + {.sym = { \ + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, \ + {.cipher = { \ + .algo = RTE_CRYPTO_CIPHER_AES_XTS, \ + .block_size = 16, \ + .key_size = { \ + .min = 32, \ + .max = 64, \ + .increment = 0 \ + }, \ + .iv_size = { \ + .min = 16, \ + .max = 16, \ + .increment = 0 \ + } \ + }, } \ + }, } \ + }, \ { /* AES DOCSIS BPI */ \ .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, \ {.sym = { \ diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c index 4d7ec01..5cc86f5 100644 --- a/drivers/crypto/qat/qat_sym_session.c +++ b/drivers/crypto/qat/qat_sym_session.c @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: (BSD-3-Clause OR GPL-2.0) - * Copyright(c) 2015-2018 Intel Corporation + * Copyright(c) 2015-2019 Intel Corporation */ #include <openssl/sha.h> /* Needed to calculate pre-compute values */ @@ -333,10 +333,23 @@ qat_sym_session_configure_cipher(struct rte_cryptodev *dev, } session->qat_mode = ICP_QAT_HW_CIPHER_ECB_MODE; break; + case RTE_CRYPTO_CIPHER_AES_XTS: + if ((cipher_xform->key.length/2) == ICP_QAT_HW_AES_192_KEY_SZ) { + QAT_LOG(ERR, "AES-XTS-192 not supported"); + ret = -EINVAL; + goto error_out; + } + if (qat_sym_validate_aes_key((cipher_xform->key.length/2), + &session->qat_cipher_alg) != 0) { + QAT_LOG(ERR, "Invalid AES-XTS cipher key size"); + ret = -EINVAL; + goto error_out; + } + session->qat_mode = ICP_QAT_HW_CIPHER_XTS_MODE; + break; case RTE_CRYPTO_CIPHER_3DES_ECB: case RTE_CRYPTO_CIPHER_AES_ECB: case RTE_CRYPTO_CIPHER_AES_F8: - case RTE_CRYPTO_CIPHER_AES_XTS: case RTE_CRYPTO_CIPHER_ARC4: QAT_LOG(ERR, "Crypto QAT PMD: Unsupported Cipher alg %u", cipher_xform->algo); -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* [dpdk-dev] [PATCH v2 3/3] cryptodev: remove XTS text duplication 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config Damian Nowak @ 2019-03-13 14:52 ` Damian Nowak 2019-03-13 17:51 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Trahe, Fiona 3 siblings, 0 replies; 11+ messages in thread From: Damian Nowak @ 2019-03-13 14:52 UTC (permalink / raw) To: dev; +Cc: fiona.trahe, Damian Nowak This patch removes duplicated text about AES-XTS mode. Signed-off-by: Damian Nowak <damianx.nowak@intel.com> --- lib/librte_cryptodev/rte_crypto_sym.h | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h index eb5afc5..c80e90e 100644 --- a/lib/librte_cryptodev/rte_crypto_sym.h +++ b/lib/librte_cryptodev/rte_crypto_sym.h @@ -1,5 +1,5 @@ /* SPDX-License-Identifier: BSD-3-Clause - * Copyright(c) 2016-2017 Intel Corporation + * Copyright(c) 2016-2019 Intel Corporation */ #ifndef _RTE_CRYPTO_SYM_H_ @@ -124,11 +124,6 @@ struct rte_crypto_cipher_xform { * keymask. As per RFC3711, the keymask should be padded with trailing * bytes to match the length of the encryption key used. * - * For AES-XTS mode of operation, two keys must be provided and - * key.data must point to the two keys concatenated together (Key1 || - * Key2). The cipher key length will contain the total size of both - * keys. - * * Cipher key length is in bytes. For AES it can be 128 bits (16 bytes), * 192 bits (24 bytes) or 256 bits (32 bytes). * @@ -140,6 +135,8 @@ struct rte_crypto_cipher_xform { * For the AES-XTS mode of operation: * - Two keys must be provided and key.length refers to total length of * the two keys. + * - key.data must point to the two keys concatenated together + * (key1 || key2). * - Each key can be either 128 bits (16 bytes) or 256 bits (32 bytes). * - Both keys must have the same size. **/ -- 2.7.4 ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak ` (2 preceding siblings ...) 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 3/3] cryptodev: remove XTS text duplication Damian Nowak @ 2019-03-13 17:51 ` Trahe, Fiona 2019-03-22 15:08 ` Akhil Goyal 3 siblings, 1 reply; 11+ messages in thread From: Trahe, Fiona @ 2019-03-13 17:51 UTC (permalink / raw) To: Nowak, DamianX, dev > -----Original Message----- > From: Nowak, DamianX > Sent: Wednesday, March 13, 2019 2:52 PM > To: dev@dpdk.org > Cc: Trahe, Fiona <fiona.trahe@intel.com>; Nowak, DamianX <damianx.nowak@intel.com> > Subject: [PATCH v2 0/3] add XTS support for Intel QAT > > This patchset adds XTS support for Intel > QuickAssist Technology. > > Following cipher algorithms are available > with this patchset: > * AES XTS (128) > * AES XTS (256) > > --- > v2: > - update release notes > > Damian Nowak (3): Series-acked-by: Fiona Trahe <fiona.trahe@intel.com> ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT 2019-03-13 17:51 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Trahe, Fiona @ 2019-03-22 15:08 ` Akhil Goyal 2019-03-22 15:08 ` Akhil Goyal 0 siblings, 1 reply; 11+ messages in thread From: Akhil Goyal @ 2019-03-22 15:08 UTC (permalink / raw) To: Trahe, Fiona, Nowak, DamianX, dev On 3/13/2019 11:21 PM, Trahe, Fiona wrote: > >> -----Original Message----- >> From: Nowak, DamianX >> Sent: Wednesday, March 13, 2019 2:52 PM >> To: dev@dpdk.org >> Cc: Trahe, Fiona <fiona.trahe@intel.com>; Nowak, DamianX <damianx.nowak@intel.com> >> Subject: [PATCH v2 0/3] add XTS support for Intel QAT >> >> This patchset adds XTS support for Intel >> QuickAssist Technology. >> >> Following cipher algorithms are available >> with this patchset: >> * AES XTS (128) >> * AES XTS (256) >> >> --- >> v2: >> - update release notes >> >> Damian Nowak (3): > Series-acked-by: Fiona Trahe <fiona.trahe@intel.com> Series applied to dpdk-next-crypto Thanks. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT 2019-03-22 15:08 ` Akhil Goyal @ 2019-03-22 15:08 ` Akhil Goyal 0 siblings, 0 replies; 11+ messages in thread From: Akhil Goyal @ 2019-03-22 15:08 UTC (permalink / raw) To: Trahe, Fiona, Nowak, DamianX, dev On 3/13/2019 11:21 PM, Trahe, Fiona wrote: > >> -----Original Message----- >> From: Nowak, DamianX >> Sent: Wednesday, March 13, 2019 2:52 PM >> To: dev@dpdk.org >> Cc: Trahe, Fiona <fiona.trahe@intel.com>; Nowak, DamianX <damianx.nowak@intel.com> >> Subject: [PATCH v2 0/3] add XTS support for Intel QAT >> >> This patchset adds XTS support for Intel >> QuickAssist Technology. >> >> Following cipher algorithms are available >> with this patchset: >> * AES XTS (128) >> * AES XTS (256) >> >> --- >> v2: >> - update release notes >> >> Damian Nowak (3): > Series-acked-by: Fiona Trahe <fiona.trahe@intel.com> Series applied to dpdk-next-crypto Thanks. ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2019-03-22 15:08 UTC | newest] Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-02-28 16:18 [dpdk-dev] [PATCH 0/3] Add XTS support for Intel QuickAssist Technology Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 1/3] test/crypto: add tests for XTS on QAT Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 2/3] crypto/qat: add XTS for QAT session config Damian Nowak 2019-02-28 16:18 ` [dpdk-dev] [PATCH 3/3] cryptodev: remove XTS text duplication Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 1/3] test/crypto: add tests for XTS on QAT Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 2/3] crypto/qat: add XTS for QAT session config Damian Nowak 2019-03-13 14:52 ` [dpdk-dev] [PATCH v2 3/3] cryptodev: remove XTS text duplication Damian Nowak 2019-03-13 17:51 ` [dpdk-dev] [PATCH v2 0/3] add XTS support for Intel QAT Trahe, Fiona 2019-03-22 15:08 ` Akhil Goyal 2019-03-22 15:08 ` Akhil Goyal
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).