[dpdk-dev,1/3] crypto/aesni_gcm: move pre-counter block to GCM driver
Commit Message
This patch moves computing of pre-counter block into the AESNI-GCM
driver so it can be moved from test files.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/aesni_gcm/aesni_gcm_pmd.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
Comments
Hi Arek,
> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Thursday, August 25, 2016 5:03 AM
> To: dev@dpdk.org
> Cc: Trahe, Fiona; Jain, Deepak K; De Lara Guarch, Pablo; Griffin, John;
> Kusztal, ArkadiuszX
> Subject: [PATCH 1/3] crypto/aesni_gcm: move pre-counter block to GCM
> driver
>
> This patch moves computing of pre-counter block into the AESNI-GCM
> driver so it can be moved from test files.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
> drivers/crypto/aesni_gcm/aesni_gcm_pmd.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> index dc0b033..d8b6287 100644
> --- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> +++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> @@ -230,11 +230,16 @@ process_gcm_crypto_op(struct aesni_gcm_qp
> *qp, struct rte_crypto_sym_op *op,
> op->cipher.data.offset);
>
> /* sanity checks */
> - if (op->cipher.iv.length != 16 && op->cipher.iv.length != 0) {
> + if (op->cipher.iv.length != 16 && op->cipher.iv.length != 12 &&
> + op->cipher.iv.length != 0) {
> GCM_LOG_ERR("iv");
> return -1;
> }
>
> + if (op->cipher.iv.length == 12) {
> + op->cipher.iv.data[15] = 1;
> + }
Is this correct? In the second patch, you are removing code that set this byte when IV length was 16,
so I would expect this to be the same. Also, if length is 12, then data[15] looks like overflow.
Probably a comment would be useful here.
> +
> if (op->auth.aad.length != 12 && op->auth.aad.length != 8 &&
> op->auth.aad.length != 0) {
> GCM_LOG_ERR("iv");
> --
> 2.1.0
Hi Pablo,
GCM works with two IV length modes:
First case if - If (len(IV) == 12B) => J0 = iv || 0^31 || 1 => Len = 16B
And according to the API comments rte_crypto_sym.h: 435 (iv.data)
* - For GCM mode, this is either the IV (if the length
* is 96 bits) or J0 (for other sizes), where J0 is as
* defined by NIST SP800-38D. Regardless of the IV
* length, a full 16 bytes needs to be allocated.
So there is no worry of overflowing.
Thanks,
Arek
-----Original Message-----
From: De Lara Guarch, Pablo
Sent: Tuesday, September 20, 2016 10:38 PM
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
Cc: Trahe, Fiona <fiona.trahe@intel.com>; Jain, Deepak K <deepak.k.jain@intel.com>; Griffin, John <john.griffin@intel.com>
Subject: RE: [PATCH 1/3] crypto/aesni_gcm: move pre-counter block to GCM driver
Hi Arek,
> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Thursday, August 25, 2016 5:03 AM
> To: dev@dpdk.org
> Cc: Trahe, Fiona; Jain, Deepak K; De Lara Guarch, Pablo; Griffin,
> John; Kusztal, ArkadiuszX
> Subject: [PATCH 1/3] crypto/aesni_gcm: move pre-counter block to GCM
> driver
>
> This patch moves computing of pre-counter block into the AESNI-GCM
> driver so it can be moved from test files.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
> drivers/crypto/aesni_gcm/aesni_gcm_pmd.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> index dc0b033..d8b6287 100644
> --- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> +++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd.c
> @@ -230,11 +230,16 @@ process_gcm_crypto_op(struct aesni_gcm_qp *qp,
> struct rte_crypto_sym_op *op,
> op->cipher.data.offset);
>
> /* sanity checks */
> - if (op->cipher.iv.length != 16 && op->cipher.iv.length != 0) {
> + if (op->cipher.iv.length != 16 && op->cipher.iv.length != 12 &&
> + op->cipher.iv.length != 0) {
> GCM_LOG_ERR("iv");
> return -1;
> }
>
> + if (op->cipher.iv.length == 12) {
> + op->cipher.iv.data[15] = 1;
> + }
Is this correct? In the second patch, you are removing code that set this byte when IV length was 16, so I would expect this to be the same. Also, if length is 12, then data[15] looks like overflow.
Probably a comment would be useful here.
> +
> if (op->auth.aad.length != 12 && op->auth.aad.length != 8 &&
> op->auth.aad.length != 0) {
> GCM_LOG_ERR("iv");
> --
> 2.1.0
@@ -230,11 +230,16 @@ process_gcm_crypto_op(struct aesni_gcm_qp *qp, struct rte_crypto_sym_op *op,
op->cipher.data.offset);
/* sanity checks */
- if (op->cipher.iv.length != 16 && op->cipher.iv.length != 0) {
+ if (op->cipher.iv.length != 16 && op->cipher.iv.length != 12 &&
+ op->cipher.iv.length != 0) {
GCM_LOG_ERR("iv");
return -1;
}
+ if (op->cipher.iv.length == 12) {
+ op->cipher.iv.data[15] = 1;
+ }
+
if (op->auth.aad.length != 12 && op->auth.aad.length != 8 &&
op->auth.aad.length != 0) {
GCM_LOG_ERR("iv");