[dpdk-dev] [PATCH 3/6] common/cpt: support variable key size for HMAC
Anoob Joseph
anoobj at marvell.com
Wed Feb 5 14:16:15 CET 2020
From: Sucharitha Sarananaga <ssarananaga at marvell.com>
HMAC algorithms supports key lengths from 1 to 1024 bytes.
Signed-off-by: Archana Muniganti <marchana at marvell.com>
Signed-off-by: Sucharitha Sarananaga <ssarananaga at marvell.com>
Signed-off-by: Anoob Joseph <anoobj at marvell.com>
---
drivers/common/cpt/cpt_mcode_defines.h | 2 +-
drivers/common/cpt/cpt_ucode.h | 15 ++++++-----
.../crypto/octeontx/otx_cryptodev_capabilities.c | 30 +++++++++++-----------
.../crypto/octeontx2/otx2_cryptodev_capabilities.c | 30 +++++++++++-----------
4 files changed, 40 insertions(+), 37 deletions(-)
diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h
index 8bb09e6..69d831b 100644
--- a/drivers/common/cpt/cpt_mcode_defines.h
+++ b/drivers/common/cpt/cpt_mcode_defines.h
@@ -320,7 +320,7 @@ struct cpt_ctx {
mc_zuc_snow3g_ctx_t zs_ctx;
mc_kasumi_ctx_t k_ctx;
};
- uint8_t auth_key[64];
+ uint8_t auth_key[1024];
};
/* Prime and order fields of built-in elliptic curves */
diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
index 24b53a1..4ef87c2 100644
--- a/drivers/common/cpt/cpt_ucode.h
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -230,6 +230,9 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key,
* sometimes iverride IV per operation.
*/
fctx->enc.iv_source = CPT_FROM_DPTR;
+
+ if (cpt_ctx->auth_key_len > 64)
+ return -1;
}
switch (type) {
@@ -2537,6 +2540,9 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key,
cpt_ctx->fc_type = HASH_HMAC;
}
+ if (cpt_ctx->fc_type == FC_GEN && key_len > 64)
+ return -1;
+
/* For GMAC auth, cipher must be NULL */
if (type == GMAC_TYPE)
fctx->enc.enc_cipher = 0;
@@ -2551,7 +2557,9 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key,
cpt_ctx->auth_key_len = key_len;
memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad));
memset(fctx->hmac.opad, 0, sizeof(fctx->hmac.opad));
- memcpy(fctx->hmac.opad, key, key_len);
+
+ if (key_len <= 64)
+ memcpy(fctx->hmac.opad, key, key_len);
fctx->enc.auth_input_type = 1;
}
return 0;
@@ -2736,11 +2744,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform,
return -1;
}
- if (a_form->key.length > 64) {
- CPT_LOG_DP_ERR("Auth key length is big");
- return -1;
- }
-
switch (a_form->algo) {
case RTE_CRYPTO_AUTH_SHA1_HMAC:
/* Fall through */
diff --git a/drivers/crypto/octeontx/otx_cryptodev_capabilities.c b/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
index 1174ee4..3f734b2 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
@@ -141,9 +141,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 20,
@@ -181,9 +181,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 28,
@@ -221,9 +221,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 32,
@@ -261,9 +261,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 48,
@@ -301,9 +301,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
.block_size = 128,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 64,
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
index 2ddf628..3eb3d85 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
@@ -142,9 +142,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 20,
@@ -182,9 +182,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 28,
@@ -222,9 +222,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 32,
@@ -262,9 +262,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
.block_size = 64,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 48,
@@ -302,9 +302,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
.block_size = 128,
.key_size = {
- .min = 64,
- .max = 64,
- .increment = 0
+ .min = 1,
+ .max = 1024,
+ .increment = 1
},
.digest_size = {
.min = 64,
--
2.7.4
More information about the dev
mailing list