From: Naveen Kumar <Naveen.Kumar@commagility.com>
To: "Dybkowski, AdamX" <adamx.dybkowski@intel.com>,
"users@dpdk.org" <users@dpdk.org>
Subject: Re: [dpdk-users] AES "Digest-encrypted" crypto chain case.
Date: Tue, 5 Nov 2019 11:17:25 +0000 [thread overview]
Message-ID: <72dca1ade181433d9762b98cfbbd5648@de-mta1.commagility.com> (raw)
In-Reply-To: <522B1A062D56224ABC0C6BDBCD64D9D369E6F504@IRSMSX103.ger.corp.intel.com>
Hi Adam,
The combination works now as expected. The issue was because of using 19.05 tag. Seems a fix went in after that.
After updating to current master, I could get the aes-cmac+ aes-ctr combination working as expected in my project.
Previously, I verified successfully your unit test patch as well to rule out any hardware glitch.
Thanks
--
Naveen Kumar
Senior Engineer
CommAgility is a Wireless Telecom Group company
T: +49 (0)203 306 4537 | www.commagility.com
Registered in England, Company No. 05914025. VAT No. DE299686390
CommAgility is an ISO 9001:2015-certified company
This email is confidential, for recipient’s use only.
-----Original Message-----
From: Dybkowski, AdamX <adamx.dybkowski@intel.com>
Sent: Friday, October 18, 2019 3:20 PM
To: Naveen Kumar <Naveen.Kumar@commagility.com>; users@dpdk.org
Cc: Trahe, Fiona <fiona.trahe@intel.com>
Subject: RE: [dpdk-users] AES "Digest-encrypted" crypto chain case.
Hi Naveen.
The unit tests for AES-CTR + AES CMAC was posted today to dev@dpdk.org I also added you in CC.
I hope this helps.
Best regards,
Adam Dybkowski
> -----Original Message-----
> From: Naveen Kumar [mailto:Naveen.Kumar@commagility.com]
> Sent: Thursday, 17 October, 2019 17:30
> To: Dybkowski, AdamX <adamx.dybkowski@intel.com>; users@dpdk.org
> Cc: Trahe, Fiona <fiona.trahe@intel.com>
> Subject: RE: [dpdk-users] AES "Digest-encrypted" crypto chain case.
>
> Hi Adam,
> I configured the lengths as mentioned in comment you pointed and
> verified it carefully.
> Is the test suite with digest-encrypted combination you tested
> available in public?
> Can you share the QAT device information (hardware, firmware versions
> etc) you used?
>
> Note:
> I have done some experiments to conclude the overwriting issue:
> Configured “auth_xform->auth.digest_length = 4” and expecting 4
> bytes of CMAC. Digest data location is configured immediately after data.
> Just for experiment purpose, I increased the length by 4 bytes
> more than the actual data length to be ciphered (on top of data_length + digest_length).
> The sample result is as below, where “raw” digest overwritten on
> the highlighted location. (It also confirms my data length
> configuration is intact)
>
> 00000090: 00 00 00 00 00 00 00 00 87 4D 61 91 B6 20 E3 26 |
> .........Ma.. .&
> 000000A0: 1B EF 68 64 99 0D B6 CE 98 06 F6 6B 79 70 FD FF | ..hd.......kyp..
> 000000B0: 86 17 18 7B B9 FF FD FF 5A E4 DF 3E DB D5 D3 5E |
> ...{....Z..>...^
> 000000C0: 5B 4F 09 02 0D B0 3E AB 1E 03 1D DA 2F BE 03 D1 | [O....>...../...
> 000000D0: 79 21 70 A0 F3 00 9C EE "E8 1E 96 D6" 14 8A 91 0E | y!p.............
>
> Regards,
> Naveen
>
> --
> Naveen Kumar
> Senior Engineer
>
> CommAgility is a http://wirelesstelecomgroup.com/ company
> T: +49 (0)203 306 4537 | http://www.commagility.com Registered in
> England, Company No. 05914025. VAT No. DE299686390 CommAgility is an
> ISO 9001:2015-certified company This email is confidential, for
> recipient’s use only.
>
> --
> Naveen Kumar
> Senior Engineer
>
> CommAgility is a Wireless Telecom Group company
> T: +49 (0)203 306 4537 | www.commagility.com Registered in England,
> Company No. 05914025. VAT No. DE299686390 CommAgility is an ISO
> 9001:2015-certified company This email is confidential, for
> recipient’s use only.
> From: Dybkowski, AdamX <mailto:adamx.dybkowski@intel.com>
> Sent: Wednesday, October 16, 2019 2:49 PM
> To: mailto:users@dpdk.org; Naveen Kumar
> <mailto:Naveen.Kumar@commagility.com>
> Cc: Trahe, Fiona <mailto:fiona.trahe@intel.com>
> Subject: Re: [dpdk-users] AES "Digest-encrypted" crypto chain case.
>
> Hi Naveen.
>
> Regarding your message sent to dpdk-users mailing list:
> https://mails.dpdk.org/archives/users/2019-September/004382.html
>
> We’ve tested here at Intel the digest-encrypted combination you wrote
> about, with auth.algo = AES-CMAC and cipher.algo = AES-CTR, and it
> seems everything works fine.
> Do you set the length fields properly when creating the operation?
> According to the header file rte_crypto_sym.h, in the structure
> rte_crypto_sym_op, the field cipher.data.length should be written in
> bits for the SNOW 3G, KASUMI and ZUC ciphers, and in bytes for other.
>
> Have a look what the header file says:
>
> uint32_t length;
> /**< The message length, in bytes, of the
> * source buffer on which the cryptographic
> * operation will be computed.
> * This must be a multiple of the block size
> * if a block cipher is being used. This is
> * also the same as the result length.
> *
> * @note
> * For SNOW 3G @ RTE_CRYPTO_AUTH_SNOW3G_UEA2,
> * KASUMI @ RTE_CRYPTO_CIPHER_KASUMI_F8
> * and ZUC @ RTE_CRYPTO_CIPHER_ZUC_EEA3,
> * this field should be in bits.
> */
>
> This also gets built into the documentation available here:
> https://doc.dpdk.org/api-
> 19.08/structrte__crypto__sym__op.html#aebb70c2aab3407a9f05334c47131
> a43b
>
> Maybe that’s why SNOW3G and ZUC were working for you, while AES-CTR
> did not?
> The same applies to the offset field and to digest.data.offset and
> digest.data.length fields.
>
> Please verify in your code how you set these all offset and length
> fields and check if you write the number of bits or the number of bytes in them.
>
> Adam
next prev parent reply other threads:[~2019-11-05 11:17 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-16 12:48 Dybkowski, AdamX
[not found] ` <9836169a72be40328d96c3c08e78ad3d@de-mta1.commagility.com>
2019-10-17 15:30 ` Naveen Kumar
2019-10-18 13:19 ` Dybkowski, AdamX
2019-11-05 11:17 ` Naveen Kumar [this message]
-- strict thread matches above, loose matches on Subject: below --
2019-09-09 9:15 Naveen Kumar
2019-09-09 14:08 ` Trahe, Fiona
2019-09-09 14:27 ` Naveen Kumar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=72dca1ade181433d9762b98cfbbd5648@de-mta1.commagility.com \
--to=naveen.kumar@commagility.com \
--cc=adamx.dybkowski@intel.com \
--cc=users@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).