From patchwork Thu Sep 29 15:44:13 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sergio Gonzalez Monroy
 <sergio.gonzalez.monroy@intel.com>
X-Patchwork-Id: 16236
X-Patchwork-Delegate: pablo.de.lara.guarch@intel.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@dpdk.org
Delivered-To: patchwork@dpdk.org
Received: from [92.243.14.124] (localhost [IPv6:::1])
	by dpdk.org (Postfix) with ESMTP id E11C058CF;
	Thu, 29 Sep 2016 17:44:38 +0200 (CEST)
Received: from mga06.intel.com (mga06.intel.com [134.134.136.31])
	by dpdk.org (Postfix) with ESMTP id C33F35689
	for <dev@dpdk.org>; Thu, 29 Sep 2016 17:44:26 +0200 (CEST)
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
	by orsmga104.jf.intel.com with ESMTP; 29 Sep 2016 08:44:26 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.30,415,1470726000"; d="scan'208";a="14587626"
Received: from sie-lab-212-109.ir.intel.com (HELO
	silpixa00389029.ir.intel.com) ([10.237.212.109])
	by fmsmga005.fm.intel.com with ESMTP; 29 Sep 2016 08:44:25 -0700
From: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
To: dev@dpdk.org
Cc: pablo.de.lara.guarch@intel.com
Date: Thu, 29 Sep 2016 16:44:13 +0100
Message-Id: 
 <1475163857-142366-8-git-send-email-sergio.gonzalez.monroy@intel.com>
X-Mailer: git-send-email 2.5.5
In-Reply-To: 
 <1475163857-142366-1-git-send-email-sergio.gonzalez.monroy@intel.com>
References: 
 <1474616734-118291-1-git-send-email-sergio.gonzalez.monroy@intel.com>
	<1475163857-142366-1-git-send-email-sergio.gonzalez.monroy@intel.com>
Subject: [dpdk-dev] [PATCH v3 7/9] examples/ipsec-secgw: initialize sa salt
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
	<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
	<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch initializes the salt value used by the following cipher
algorithms:
- CBC: random salt
- GCM/CTR: the key required is 20B, and the last 4B are used as salt.

Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
---
 examples/ipsec-secgw/sa.c | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 00c8cce..9e2c8a9 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -45,6 +45,7 @@
 #include <rte_byteorder.h>
 #include <rte_errno.h>
 #include <rte_ip.h>
+#include <rte_random.h>
 
 #include "ipsec.h"
 #include "esp.h"
@@ -87,14 +88,14 @@ const struct supported_cipher_algo cipher_algos[] = {
 		.algo = RTE_CRYPTO_CIPHER_AES_GCM,
 		.iv_len = 8,
 		.block_size = 4,
-		.key_len = 16
+		.key_len = 20
 	},
 	{
 		.keyword = "aes-128-ctr",
 		.algo = RTE_CRYPTO_CIPHER_AES_CTR,
 		.iv_len = 8,
 		.block_size = 16, /* XXX AESNI MB limition, should be 4 */
-		.key_len = 16
+		.key_len = 20
 	}
 };
 
@@ -116,7 +117,6 @@ const struct supported_auth_algo auth_algos[] = {
 		.keyword = "aes-128-gcm",
 		.algo = RTE_CRYPTO_AUTH_AES_GCM,
 		.digest_len = 16,
-		.key_len = 16,
 		.aad_len = 8,
 		.key_not_req = 1
 	}
@@ -307,6 +307,17 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 			if (status->status < 0)
 				return;
 
+			if (algo->algo == RTE_CRYPTO_CIPHER_AES_CBC)
+				rule->salt = (uint32_t)rte_rand();
+
+			if ((algo->algo == RTE_CRYPTO_CIPHER_AES_CTR) ||
+				(algo->algo == RTE_CRYPTO_CIPHER_AES_GCM)) {
+				key_len -= 4;
+				rule->cipher_key_len = key_len;
+				memcpy(&rule->salt,
+					&rule->cipher_key[key_len], 4);
+			}
+
 			cipher_algo_p = 1;
 			continue;
 		}