[dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver

DPDK patches and discussions
 help / color / mirror / Atom feed

* [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver
@ 2016-09-20 12:35 Arek Kusztal
  2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 1/3] crypto/qat: add GMAC capability to " Arek Kusztal
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: Arek Kusztal @ 2016-09-20 12:35 UTC (permalink / raw)
  To: dev
  Cc: fiona.trahe, deepak.k.jain, pablo.de.lara.guarch, john.griffin,
	Arek Kusztal

This patches add AES GMAC capability to Intel(R) QuickAssist
Technology driver and corresponsing test cases.

Changes in v2:
* Updated API comments librte_cryptodev
* Removed unnecessary rte_crypto_sym_op reference in the driver for GMAC
* Changed GMAC aad capability values
* Rebased against next-crypto subtree

Arek Kusztal (3):
  crypto/qat: add GMAC capability to Intel QuickAssist driver
  app/test: add GMAC authentication tests to cryptodev tests
  lib/librte_cryptodev: change GMAC API comments

 app/test/test_cryptodev.c                  | 265 +++++++++++++++++++++++++++++
 app/test/test_cryptodev_gcm_test_vectors.h | 150 ++++++++++++++++
 doc/guides/cryptodevs/qat.rst              |   1 +
 doc/guides/rel_notes/release_16_11.rst     |   1 +
 drivers/crypto/qat/qat_crypto.c            |  42 ++++-
 lib/librte_cryptodev/rte_crypto_sym.h      |  27 ++-
 6 files changed, 471 insertions(+), 15 deletions(-)

-- 
2.1.0

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [dpdk-dev] [PATCH v2 1/3] crypto/qat: add GMAC capability to Intel QuickAssist driver
  2016-09-20 12:35 [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver Arek Kusztal
@ 2016-09-20 12:35 ` Arek Kusztal
  2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 2/3] app/test: add GMAC authentication tests to cryptodev tests Arek Kusztal
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: Arek Kusztal @ 2016-09-20 12:35 UTC (permalink / raw)
  To: dev
  Cc: fiona.trahe, deepak.k.jain, pablo.de.lara.guarch, john.griffin,
	Arek Kusztal

Added Galois Message Authentication Code (GMAC) capability to
QuickAssist Technology symmetric cryptographic driver.
GMAC is authentication only variant of Galois Counter Mode (GCM)
where all plaintext is provided with AAD pointer only.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
---
 doc/guides/cryptodevs/qat.rst          |  1 +
 doc/guides/rel_notes/release_16_11.rst |  1 +
 drivers/crypto/qat/qat_crypto.c        | 42 +++++++++++++++++++++++++++++++++-
 3 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 3adb179..a8f9074 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -65,6 +65,7 @@ Hash algorithms:
 * ``RTE_CRYPTO_AUTH_MD5_HMAC``
 * ``RTE_CRYPTO_AUTH_NULL``
 * ``RTE_CRYPTO_AUTH_KASUMI_F9``
+* ``RTE_CRYPTO_AUTH_AES_GMAC``
 
 
 Limitations
diff --git a/doc/guides/rel_notes/release_16_11.rst b/doc/guides/rel_notes/release_16_11.rst
index 451872e..9d4f075 100644
--- a/doc/guides/rel_notes/release_16_11.rst
+++ b/doc/guides/rel_notes/release_16_11.rst
@@ -51,6 +51,7 @@ New Features
   * Added support for SHA384-HMAC algorithm.
   * Added support for NULL algorithm.
   * Added support for KASUMI (F8 and F9) algorithm.
+  * Added support for GMAC algorithm.
 
 
 Resolved Issues
diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c
index f989cf7..5969ba6 100644
--- a/drivers/crypto/qat/qat_crypto.c
+++ b/drivers/crypto/qat/qat_crypto.c
@@ -240,6 +240,31 @@ static const struct rte_cryptodev_capabilities qat_pmd_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* AES GMAC (AUTH) */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			{.auth = {
+				.algo = RTE_CRYPTO_AUTH_AES_GMAC,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.digest_size = {
+					.min = 8,
+					.max = 16,
+					.increment = 4
+				},
+				.aad_size = {
+					.min = 1,
+					.max = 65535,
+					.increment = 1
+				}
+			}, }
+		}, }
+	},
 	{	/* SNOW3G (UIA2) */
 		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
 		{.sym = {
@@ -687,6 +712,9 @@ qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev,
 	case RTE_CRYPTO_AUTH_AES_GCM:
 		session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_GALOIS_128;
 		break;
+	case RTE_CRYPTO_AUTH_AES_GMAC:
+		session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_GALOIS_128;
+		break;
 	case RTE_CRYPTO_AUTH_SNOW3G_UIA2:
 		session->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2;
 		break;
@@ -706,7 +734,6 @@ qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev,
 	case RTE_CRYPTO_AUTH_SHA384:
 	case RTE_CRYPTO_AUTH_MD5:
 	case RTE_CRYPTO_AUTH_AES_CCM:
-	case RTE_CRYPTO_AUTH_AES_GMAC:
 	case RTE_CRYPTO_AUTH_AES_CMAC:
 	case RTE_CRYPTO_AUTH_AES_CBC_MAC:
 	case RTE_CRYPTO_AUTH_ZUC_EIA3:
@@ -983,6 +1010,19 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg)
 				qat_req->comn_hdr.serv_specif_flags,
 				ICP_QAT_FW_LA_GCM_IV_LEN_12_OCTETS);
 		}
+		if (op->sym->cipher.data.length == 0) {
+			/*
+			 * GMAC
+			 */
+			qat_req->comn_mid.dest_data_addr =
+				qat_req->comn_mid.src_data_addr =
+					op->sym->auth.aad.phys_addr;
+			auth_param->u1.aad_adr = 0;
+			auth_param->auth_len = op->sym->auth.aad.length;
+			auth_param->u2.aad_sz = 0;
+
+		}
+
 	}
 
 #ifdef RTE_LIBRTE_PMD_QAT_DEBUG_TX
-- 
2.1.0

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [dpdk-dev] [PATCH v2 2/3] app/test: add GMAC authentication tests to cryptodev tests
  2016-09-20 12:35 [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver Arek Kusztal
  2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 1/3] crypto/qat: add GMAC capability to " Arek Kusztal
@ 2016-09-20 12:35 ` Arek Kusztal
  2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 3/3] lib/librte_cryptodev: change GMAC API comments Arek Kusztal
  2016-09-20 22:55 ` [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver De Lara Guarch, Pablo
  3 siblings, 0 replies; 5+ messages in thread
From: Arek Kusztal @ 2016-09-20 12:35 UTC (permalink / raw)
  To: dev
  Cc: fiona.trahe, deepak.k.jain, pablo.de.lara.guarch, john.griffin,
	Arek Kusztal

Added Galois Message Authentication Code (GMAC) tests to cryptodev tests

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
---
 app/test/test_cryptodev.c                  | 265 +++++++++++++++++++++++++++++
 app/test/test_cryptodev_gcm_test_vectors.h | 150 ++++++++++++++++
 2 files changed, 415 insertions(+)

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 0c2878a..8e8fb07 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -4204,8 +4204,259 @@ test_null_burst_operation(void)
 	return TEST_SUCCESS;
 }
 
+static int
+create_gmac_operation(enum rte_crypto_auth_operation op,
+		const struct gmac_test_data *tdata)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+	struct rte_crypto_sym_op *sym_op;
+
+	unsigned iv_pad_len;
+	unsigned aad_pad_len;
+
+	iv_pad_len = RTE_ALIGN_CEIL(tdata->iv.len, 16);
+	aad_pad_len = RTE_ALIGN_CEIL(tdata->aad.len, 16);
+
+	/* Generate Crypto op data structure */
+	ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
+			RTE_CRYPTO_OP_TYPE_SYMMETRIC);
+	TEST_ASSERT_NOT_NULL(ut_params->op,
+			"Failed to allocate symmetric crypto operation struct");
+
+	sym_op = ut_params->op->sym;
+	sym_op->auth.aad.data = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+			aad_pad_len);
+	TEST_ASSERT_NOT_NULL(sym_op->auth.aad.data,
+			"no room to append aad");
+
+	sym_op->auth.aad.length = tdata->aad.len;
+	sym_op->auth.aad.phys_addr =
+			rte_pktmbuf_mtophys(ut_params->ibuf);
+	memcpy(sym_op->auth.aad.data, tdata->aad.data, tdata->aad.len);
+
+	sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append(
+			ut_params->ibuf, tdata->gmac_tag.len);
+	TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data,
+			"no room to append digest");
+
+	sym_op->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
+			ut_params->ibuf, aad_pad_len);
+	sym_op->auth.digest.length = tdata->gmac_tag.len;
+
+	if (op == RTE_CRYPTO_AUTH_OP_VERIFY) {
+		rte_memcpy(sym_op->auth.digest.data, tdata->gmac_tag.data,
+				tdata->gmac_tag.len);
+		TEST_HEXDUMP(stdout, "digest:",
+				sym_op->auth.digest.data,
+				sym_op->auth.digest.length);
+	}
+
+	sym_op->cipher.iv.data = (uint8_t *)rte_pktmbuf_prepend(
+			ut_params->ibuf, iv_pad_len);
+	TEST_ASSERT_NOT_NULL(sym_op->cipher.iv.data, "no room to prepend iv");
+
+	memset(sym_op->cipher.iv.data, 0, iv_pad_len);
+	sym_op->cipher.iv.phys_addr = rte_pktmbuf_mtophys(ut_params->ibuf);
+	sym_op->cipher.iv.length = tdata->iv.len;
+
+	rte_memcpy(sym_op->cipher.iv.data, tdata->iv.data, tdata->iv.len);
+
+	TEST_HEXDUMP(stdout, "iv:", sym_op->cipher.iv.data, iv_pad_len);
+
+	sym_op->cipher.data.length = 0;
+	sym_op->cipher.data.offset = 0;
+
+	sym_op->auth.data.offset = 0;
+	sym_op->auth.data.length = 0;
+
+	return 0;
+}
+
+static int create_gmac_session(uint8_t dev_id,
+		enum rte_crypto_cipher_operation op,
+		const struct gmac_test_data *tdata,
+		enum rte_crypto_auth_operation auth_op)
+{
+	uint8_t cipher_key[tdata->key.len];
+
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	memcpy(cipher_key, tdata->key.data, tdata->key.len);
+
+	/* For GMAC we setup cipher parameters */
+	ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+	ut_params->cipher_xform.next = NULL;
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_GCM;
+	ut_params->cipher_xform.cipher.op = op;
+	ut_params->cipher_xform.cipher.key.data = cipher_key;
+	ut_params->cipher_xform.cipher.key.length = tdata->key.len;
+
+	TEST_HEXDUMP(stdout, "key:", key, key_len);
+
+	ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+	ut_params->auth_xform.next = NULL;
+
+	ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_AES_GMAC;
+	ut_params->auth_xform.auth.op = auth_op;
+	ut_params->auth_xform.auth.digest_length = tdata->gmac_tag.len;
+	ut_params->auth_xform.auth.add_auth_data_length = 0;
+	ut_params->auth_xform.auth.key.length = 0;
+	ut_params->auth_xform.auth.key.data = NULL;
+
+	ut_params->cipher_xform.next = &ut_params->auth_xform;
+
+	ut_params->sess = rte_cryptodev_sym_session_create(dev_id,
+			&ut_params->cipher_xform);
+
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	return 0;
+}
+
+static int
+test_AES_GMAC_authentication(const struct gmac_test_data *tdata)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+
+	int retval;
+
+	uint8_t *auth_tag, *p;
+	uint16_t aad_pad_len;
+
+	TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0,
+			      "No GMAC length in the source data");
+
+	retval = create_gmac_session(ts_params->valid_devs[0],
+			RTE_CRYPTO_CIPHER_OP_ENCRYPT,
+			tdata, RTE_CRYPTO_AUTH_OP_GENERATE);
+
+	if (retval < 0)
+		return retval;
+
+	ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+
+	memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
+			rte_pktmbuf_tailroom(ut_params->ibuf));
 
+	aad_pad_len = RTE_ALIGN_CEIL(tdata->aad.len, 16);
 
+	p = rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *);
+
+	retval = create_gmac_operation(RTE_CRYPTO_AUTH_OP_GENERATE,
+			tdata);
+
+	if (retval < 0)
+		return retval;
+
+	rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess);
+
+	ut_params->op->sym->m_src = ut_params->ibuf;
+
+	TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0],
+			ut_params->op), "failed to process sym crypto op");
+
+	TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS,
+			"crypto op processing failed");
+
+	if (ut_params->op->sym->m_dst) {
+		auth_tag = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_dst,
+				uint8_t *, aad_pad_len);
+	} else {
+		auth_tag = p + aad_pad_len;
+	}
+
+	TEST_HEXDUMP(stdout, "auth tag:", auth_tag, tdata->gmac_tag.len);
+
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(
+			auth_tag,
+			tdata->gmac_tag.data,
+			tdata->gmac_tag.len,
+			"GMAC Generated auth tag not as expected");
+
+	return 0;
+}
+
+static int
+test_AES_GMAC_authentication_test_case_1(void)
+{
+	return test_AES_GMAC_authentication(&gmac_test_case_1);
+}
+
+static int
+test_AES_GMAC_authentication_test_case_2(void)
+{
+	return test_AES_GMAC_authentication(&gmac_test_case_2);
+}
+
+static int
+test_AES_GMAC_authentication_test_case_3(void)
+{
+	return test_AES_GMAC_authentication(&gmac_test_case_3);
+}
+
+static int
+test_AES_GMAC_authentication_verify(const struct gmac_test_data *tdata)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+	int retval;
+
+	TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0,
+			      "No GMAC length in the source data");
+
+	retval = create_gmac_session(ts_params->valid_devs[0],
+			RTE_CRYPTO_CIPHER_OP_DECRYPT,
+			tdata, RTE_CRYPTO_AUTH_OP_VERIFY);
+
+	if (retval < 0)
+		return retval;
+
+	ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
+
+	memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0,
+			rte_pktmbuf_tailroom(ut_params->ibuf));
+
+	retval = create_gmac_operation(RTE_CRYPTO_AUTH_OP_VERIFY,
+			tdata);
+
+	if (retval < 0)
+		return retval;
+
+	rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess);
+
+	ut_params->op->sym->m_src = ut_params->ibuf;
+
+	TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0],
+			ut_params->op), "failed to process sym crypto op");
+
+	TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS,
+			"crypto op processing failed");
+
+	TEST_HEXDUMP(stdout, "auth tag:", auth_tag, tdata->gmac_tag.len);
+
+	return 0;
+
+}
+
+static int
+test_AES_GMAC_authentication_verify_test_case_1(void)
+{
+	return test_AES_GMAC_authentication_verify(&gmac_test_case_1);
+}
+
+static int
+test_AES_GMAC_authentication_verify_test_case_2(void)
+{
+	return test_AES_GMAC_authentication_verify(&gmac_test_case_2);
+}
+
+static int
+test_AES_GMAC_authentication_verify_test_case_3(void)
+{
+	return test_AES_GMAC_authentication_verify(&gmac_test_case_3);
+}
 
 static struct unit_test_suite cryptodev_qat_testsuite  = {
 	.suite_name = "Crypto QAT Unit Test Suite",
@@ -4256,6 +4507,20 @@ static struct unit_test_suite cryptodev_qat_testsuite  = {
 		TEST_CASE_ST(ut_setup, ut_teardown,
 			test_mb_AES_GCM_authenticated_decryption_test_case_7),
 
+		/** AES GMAC Authentication */
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GMAC_authentication_test_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GMAC_authentication_verify_test_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GMAC_authentication_test_case_2),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GMAC_authentication_verify_test_case_2),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GMAC_authentication_test_case_3),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+			test_AES_GMAC_authentication_verify_test_case_3),
+
 		/** Snow3G encrypt only (UEA2) */
 		TEST_CASE_ST(ut_setup, ut_teardown,
 			test_snow3g_encryption_test_case_1),
diff --git a/app/test/test_cryptodev_gcm_test_vectors.h b/app/test/test_cryptodev_gcm_test_vectors.h
index 8ae22ba..4f6cb8f 100644
--- a/app/test/test_cryptodev_gcm_test_vectors.h
+++ b/app/test/test_cryptodev_gcm_test_vectors.h
@@ -63,6 +63,35 @@ struct gcm_test_data {
 		uint8_t data[16];
 		unsigned len;
 	} auth_tag;
+
+};
+
+struct gmac_test_data {
+	struct {
+		uint8_t data[64];
+		unsigned len;
+	} key;
+
+	struct {
+		uint8_t data[64] __rte_aligned(16);
+		unsigned len;
+	} iv;
+
+	struct {
+		uint8_t *data;
+		unsigned len;
+	} aad;
+
+	struct {
+		uint8_t *data;
+		unsigned len;
+	} plaintext;
+
+	struct {
+		uint8_t data[16];
+		unsigned len;
+	} gmac_tag;
+
 };
 
 /** AES-128 Test Vectors */
@@ -419,5 +448,126 @@ static const struct gcm_test_data gcm_test_case_7 = {
 	}
 };
 
+/** GMAC Test Vectors */
+
+uint8_t gmac_plaintext[] = {
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+			0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10
+};
+
+static const struct gmac_test_data gmac_test_case_1 = {
+	.key = {
+		.data = {
+			0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+			0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
+		},
+		.len = 16
+	},
+	.iv = {
+		.data = {
+			0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+			0xde, 0xca, 0xf8, 0x88 },
+		.len = 12
+	},
+	.aad = {
+		.data = gmac_plaintext,
+		.len = 160
+	},
+	.plaintext = {
+		.data = NULL,
+		.len = 0
+	},
+	.gmac_tag = {
+		.data = {
+			0x4C, 0x0C, 0x4F, 0x47, 0x2D, 0x78, 0xF6, 0xD8,
+			0x03, 0x53, 0x20, 0x2F, 0x1A, 0xDF, 0x90, 0xD0
+		},
+		.len = 16
+	},
+};
+
+static const struct gmac_test_data gmac_test_case_2 = {
+	.key = {
+		.data = {
+		    0xaa, 0x74, 0x0a, 0xbf, 0xad, 0xcd, 0xa7, 0x79,
+		    0x22, 0x0d, 0x3b, 0x40, 0x6c, 0x5d, 0x7e, 0xc0,
+		    0x9a, 0x77, 0xfe, 0x9d, 0x94, 0x10, 0x45, 0x39,
+		},
+		.len = 24
+	},
+	.iv = {
+		.data = {
+		    0xab, 0x22, 0x65, 0xb4, 0xc1, 0x68, 0x95,
+		    0x55, 0x61, 0xf0, 0x43, 0x15, },
+		.len = 12
+	},
+	.aad = {
+		.data = gmac_plaintext,
+		.len = 80
+	},
+	.plaintext = {
+		.data = NULL,
+		.len = 0
+	},
+	.gmac_tag = {
+		.data = {
+		    0xCF, 0x82, 0x80, 0x64, 0x02, 0x46, 0xF4, 0xFB,
+		    0x33, 0xAE, 0x1D, 0x90, 0xEA, 0x48, 0x83, 0xDB
+		},
+		.len = 16
+	},
+};
+
+static const struct gmac_test_data gmac_test_case_3 = {
+	.key = {
+		.data = {
+		    0xb5, 0x48, 0xe4, 0x93, 0x4f, 0x5c, 0x64, 0xd3,
+		    0xc0, 0xf0, 0xb7, 0x8f, 0x7b, 0x4d, 0x88, 0x24,
+		    0xaa, 0xc4, 0x6b, 0x3c, 0x8d, 0x2c, 0xc3, 0x5e,
+		    0xe4, 0xbf, 0xb2, 0x54, 0xe4, 0xfc, 0xba, 0xf7,
+		},
+		.len = 32
+	},
+	.iv = {
+		.data = {
+		    0x2e, 0xed, 0xe1, 0xdc, 0x64, 0x47, 0xc7,
+		    0xaf, 0xc4, 0x41, 0x53, 0x58,
+		},
+		.len = 12
+	},
+	.aad = {
+		.data = gmac_plaintext,
+		.len = 65
+	},
+	.plaintext = {
+		.data = NULL,
+		.len = 0
+	},
+	.gmac_tag = {
+		.data = {
+			0x77, 0x46, 0x0D, 0x6F, 0xB1, 0x87, 0xDB, 0xA9,
+			0x46, 0xAD, 0xCD, 0xFB, 0xB7, 0xF9, 0x13, 0xA1
+		},
+		.len = 16
+	},
+};
 
 #endif /* TEST_CRYPTODEV_GCM_TEST_VECTORS_H_ */
-- 
2.1.0

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [dpdk-dev] [PATCH v2 3/3] lib/librte_cryptodev: change GMAC API comments
  2016-09-20 12:35 [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver Arek Kusztal
  2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 1/3] crypto/qat: add GMAC capability to " Arek Kusztal
  2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 2/3] app/test: add GMAC authentication tests to cryptodev tests Arek Kusztal
@ 2016-09-20 12:35 ` Arek Kusztal
  2016-09-20 22:55 ` [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver De Lara Guarch, Pablo
  3 siblings, 0 replies; 5+ messages in thread
From: Arek Kusztal @ 2016-09-20 12:35 UTC (permalink / raw)
  To: dev
  Cc: fiona.trahe, deepak.k.jain, pablo.de.lara.guarch, john.griffin,
	Arek Kusztal

File rte_crypto_sym.h GMAC API comments need to be changed
to comply to the GMAC specification. Main areas of changes is
aad pointer and aad len which now will be used to
provide plaintext.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
---
 lib/librte_cryptodev/rte_crypto_sym.h | 27 +++++++++++++--------------
 1 file changed, 13 insertions(+), 14 deletions(-)

diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
index 8178e5a..5b18865 100644
--- a/lib/librte_cryptodev/rte_crypto_sym.h
+++ b/lib/librte_cryptodev/rte_crypto_sym.h
@@ -84,11 +84,11 @@ enum rte_crypto_cipher_algorithm {
 	/**< AES algorithm in F8 mode */
 	RTE_CRYPTO_CIPHER_AES_GCM,
 	/**< AES algorithm in GCM mode. When this cipher algorithm is used the
-	 * *RTE_CRYPTO_AUTH_AES_GCM* element of the
-	 * *rte_crypto_auth_algorithm* enum MUST be used to set up the related
-	 * *rte_crypto_auth_setup_data* structure in the session context or in
-	 * the op_params of the crypto operation structure in the case of a
-	 * session-less crypto operation.
+	 * *RTE_CRYPTO_AUTH_AES_GCM* or *RTE_CRYPTO_AUTH_AES_GMAC* element
+	 * of the *rte_crypto_auth_algorithm* enum MUST be used to set up
+	 * the related *rte_crypto_auth_setup_data* structure in the session
+	 * context or in the op_params of the crypto operation structure
+	 * in the case of a session-less crypto operation.
 	 */
 	RTE_CRYPTO_CIPHER_AES_XTS,
 	/**< AES algorithm in XTS mode */
@@ -308,8 +308,8 @@ struct rte_crypto_auth_xform {
 	 * @note
 	 *  For AES-GMAC (@ref RTE_CRYPTO_AUTH_AES_GMAC) mode of operation
 	 *  this field is not used and should be set to 0. Instead the length
-	 *  of the AAD data is specified in the message length to hash field of
-	 *  the rte_crypto_sym_op_data structure.
+	 *  of the AAD data is specified in additional authentication data
+	 *  length field of the rte_crypto_sym_op_data structure
 	 */
 };
 
@@ -485,8 +485,9 @@ struct rte_crypto_sym_op {
 			  * should be set instead.
 			  *
 			  * @note For AES-GMAC (@ref RTE_CRYPTO_AUTH_AES_GMAC)
-			  * mode of operation, this field specifies the start
-			  * of the AAD data in the source buffer.
+			  * mode of operation, this field is set to 0. aad data
+			  * pointer of rte_crypto_sym_op_data structure is
+			  * used instead
 			  *
 			  * @note
 			  * For Snow3G @ RTE_CRYPTO_AUTH_SNOW3G_UIA2
@@ -505,8 +506,8 @@ struct rte_crypto_sym_op {
 			  *
 			  * @note
 			  * For AES-GMAC @ref RTE_CRYPTO_AUTH_AES_GMAC mode
-			  * of operation, this field specifies the length of
-			  * the AAD data in the source buffer.
+			  * of operation, this field is set to 0.
+			  * Auth.aad.length is used instead.
 			  *
 			  * @note
 			  * For Snow3G @ RTE_CRYPTO_AUTH_SNOW3G_UIA2
@@ -592,9 +593,7 @@ struct rte_crypto_sym_op {
 			 *
 			 * @note
 			 * For AES-GMAC (@ref RTE_CRYPTO_AUTH_AES_GMAC) mode of
-			 * operation, this field is not used and should be set
-			 * to 0. Instead the AAD data should be placed in the
-			 * source buffer.
+			 * operation, this field is used to pass plaintext.
 			 */
 			phys_addr_t phys_addr;	/**< physical address */
 			uint16_t length;	/**< Length of digest */
-- 
2.1.0

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver
  2016-09-20 12:35 [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver Arek Kusztal
                   ` (2 preceding siblings ...)
  2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 3/3] lib/librte_cryptodev: change GMAC API comments Arek Kusztal
@ 2016-09-20 22:55 ` De Lara Guarch, Pablo
  3 siblings, 0 replies; 5+ messages in thread
From: De Lara Guarch, Pablo @ 2016-09-20 22:55 UTC (permalink / raw)
  To: Kusztal, ArkadiuszX, dev; +Cc: Trahe, Fiona, Jain, Deepak K, Griffin, John



> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Tuesday, September 20, 2016 5:36 AM
> To: dev@dpdk.org
> Cc: Trahe, Fiona; Jain, Deepak K; De Lara Guarch, Pablo; Griffin, John;
> Kusztal, ArkadiuszX
> Subject: [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver
> 
> This patches add AES GMAC capability to Intel(R) QuickAssist
> Technology driver and corresponsing test cases.
> 
> Changes in v2:
> * Updated API comments librte_cryptodev
> * Removed unnecessary rte_crypto_sym_op reference in the driver for
> GMAC
> * Changed GMAC aad capability values
> * Rebased against next-crypto subtree
> 
> Arek Kusztal (3):
>   crypto/qat: add GMAC capability to Intel QuickAssist driver
>   app/test: add GMAC authentication tests to cryptodev tests
>   lib/librte_cryptodev: change GMAC API comments
> 
>  app/test/test_cryptodev.c                  | 265
> +++++++++++++++++++++++++++++
>  app/test/test_cryptodev_gcm_test_vectors.h | 150 ++++++++++++++++
>  doc/guides/cryptodevs/qat.rst              |   1 +
>  doc/guides/rel_notes/release_16_11.rst     |   1 +
>  drivers/crypto/qat/qat_crypto.c            |  42 ++++-
>  lib/librte_cryptodev/rte_crypto_sym.h      |  27 ++-
>  6 files changed, 471 insertions(+), 15 deletions(-)
> 
> --
> 2.1.0

Applied to dpdk-next-crypto.
Thanks,

Pablo

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2016-09-20 22:56 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-09-20 12:35 [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver Arek Kusztal
2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 1/3] crypto/qat: add GMAC capability to " Arek Kusztal
2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 2/3] app/test: add GMAC authentication tests to cryptodev tests Arek Kusztal
2016-09-20 12:35 ` [dpdk-dev] [PATCH v2 3/3] lib/librte_cryptodev: change GMAC API comments Arek Kusztal
2016-09-20 22:55 ` [dpdk-dev] [PATCH v2 0/3] add GMAC capability Intel QuickAssist driver De Lara Guarch, Pablo

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).