patches for DPDK stable branches
 help / color / mirror / Atom feed
* [dpdk-stable] [PATCH] crypto/mvsam: set session params for AES-GCM mode
@ 2021-07-01  6:58 danat
  2021-07-07 15:35 ` Akhil Goyal
  0 siblings, 1 reply; 2+ messages in thread
From: danat @ 2021-07-01  6:58 UTC (permalink / raw)
  To: gakhil; +Cc: dev, danat, lironh, michaelsh, stable

From: Dana Vardi <danat@marvell.com>

For AEAD session and AES-GCM mode, IV offset will
set to include the Nonce.
In addition, the following operations order will define:
first encryption and then authentication.

Fixes: 8a61c83af2fa ("crypto/mrvl: add mrvl crypto driver")
Cc: stable@dpdk.org

Signed-off-by: Dana Vardi <danat@marvell.com>
Reviewed-by: Liron Himi <lironh@marvell.com>
Tested-by: Liron Himi <lironh@marvell.com>
---
 drivers/crypto/mvsam/rte_mrvl_pmd.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd.c b/drivers/crypto/mvsam/rte_mrvl_pmd.c
index 9054210ce..d8e07e9c1 100644
--- a/drivers/crypto/mvsam/rte_mrvl_pmd.c
+++ b/drivers/crypto/mvsam/rte_mrvl_pmd.c
@@ -361,6 +361,14 @@ mrvl_crypto_set_aead_session_parameters(struct mrvl_crypto_session *sess,
 	sess->sam_sess_params.cipher_mode =
 		aead_map[aead_xform->aead.algo].cipher_mode;
 
+	if (sess->sam_sess_params.cipher_mode == SAM_CIPHER_GCM) {
+		/* IV must include nonce for all counter modes */
+		sess->cipher_iv_offset = aead_xform->cipher.iv.offset;
+
+		/* Set order of authentication then encryption to 0 in GCM */
+		sess->sam_sess_params.u.basic.auth_then_encrypt = 0;
+	}
+
 	/* Assume IV will be passed together with data. */
 	sess->sam_sess_params.cipher_iv = NULL;
 
-- 
2.17.1


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2021-07-07 15:35 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-01  6:58 [dpdk-stable] [PATCH] crypto/mvsam: set session params for AES-GCM mode danat
2021-07-07 15:35 ` Akhil Goyal

patches for DPDK stable branches

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.dpdk.org/stable/0 stable/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 stable stable/ https://inbox.dpdk.org/stable \
		stable@dpdk.org
	public-inbox-index stable

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.stable


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git