[dpdk-dev] [PATCH 3/6] common/cpt: support variable key size for HMAC

Anoob Joseph anoobj at marvell.com
Wed Feb 5 14:16:15 CET 2020


From: Sucharitha Sarananaga <ssarananaga at marvell.com>

HMAC algorithms supports key lengths from 1 to 1024 bytes.

Signed-off-by: Archana Muniganti <marchana at marvell.com>
Signed-off-by: Sucharitha Sarananaga <ssarananaga at marvell.com>
Signed-off-by: Anoob Joseph <anoobj at marvell.com>
---
 drivers/common/cpt/cpt_mcode_defines.h             |  2 +-
 drivers/common/cpt/cpt_ucode.h                     | 15 ++++++-----
 .../crypto/octeontx/otx_cryptodev_capabilities.c   | 30 +++++++++++-----------
 .../crypto/octeontx2/otx2_cryptodev_capabilities.c | 30 +++++++++++-----------
 4 files changed, 40 insertions(+), 37 deletions(-)

diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h
index 8bb09e6..69d831b 100644
--- a/drivers/common/cpt/cpt_mcode_defines.h
+++ b/drivers/common/cpt/cpt_mcode_defines.h
@@ -320,7 +320,7 @@ struct cpt_ctx {
 		mc_zuc_snow3g_ctx_t zs_ctx;
 		mc_kasumi_ctx_t k_ctx;
 	};
-	uint8_t  auth_key[64];
+	uint8_t  auth_key[1024];
 };
 
 /* Prime and order fields of built-in elliptic curves */
diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h
index 24b53a1..4ef87c2 100644
--- a/drivers/common/cpt/cpt_ucode.h
+++ b/drivers/common/cpt/cpt_ucode.h
@@ -230,6 +230,9 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key,
 		 * sometimes iverride IV per operation.
 		 */
 		fctx->enc.iv_source = CPT_FROM_DPTR;
+
+		if (cpt_ctx->auth_key_len > 64)
+			return -1;
 	}
 
 	switch (type) {
@@ -2537,6 +2540,9 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key,
 			cpt_ctx->fc_type = HASH_HMAC;
 	}
 
+	if (cpt_ctx->fc_type == FC_GEN && key_len > 64)
+		return -1;
+
 	/* For GMAC auth, cipher must be NULL */
 	if (type == GMAC_TYPE)
 		fctx->enc.enc_cipher = 0;
@@ -2551,7 +2557,9 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key,
 		cpt_ctx->auth_key_len = key_len;
 		memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad));
 		memset(fctx->hmac.opad, 0, sizeof(fctx->hmac.opad));
-		memcpy(fctx->hmac.opad, key, key_len);
+
+		if (key_len <= 64)
+			memcpy(fctx->hmac.opad, key, key_len);
 		fctx->enc.auth_input_type = 1;
 	}
 	return 0;
@@ -2736,11 +2744,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform,
 		return -1;
 	}
 
-	if (a_form->key.length > 64) {
-		CPT_LOG_DP_ERR("Auth key length is big");
-		return -1;
-	}
-
 	switch (a_form->algo) {
 	case RTE_CRYPTO_AUTH_SHA1_HMAC:
 		/* Fall through */
diff --git a/drivers/crypto/octeontx/otx_cryptodev_capabilities.c b/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
index 1174ee4..3f734b2 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_capabilities.c
@@ -141,9 +141,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
 				.block_size = 64,
 				.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 20,
@@ -181,9 +181,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
 				.block_size = 64,
 					.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 28,
@@ -221,9 +221,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
 				.block_size = 64,
 				.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 32,
@@ -261,9 +261,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
 				.block_size = 64,
 				.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 48,
@@ -301,9 +301,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
 				.block_size = 128,
 				.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 64,
diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
index 2ddf628..3eb3d85 100644
--- a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
+++ b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c
@@ -142,9 +142,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
 				.block_size = 64,
 				.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 20,
@@ -182,9 +182,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA224_HMAC,
 				.block_size = 64,
 					.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 28,
@@ -222,9 +222,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
 				.block_size = 64,
 				.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 32,
@@ -262,9 +262,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA384_HMAC,
 				.block_size = 64,
 				.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 48,
@@ -302,9 +302,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = {
 				.algo = RTE_CRYPTO_AUTH_SHA512_HMAC,
 				.block_size = 128,
 				.key_size = {
-					.min = 64,
-					.max = 64,
-					.increment = 0
+					.min = 1,
+					.max = 1024,
+					.increment = 1
 				},
 				.digest_size = {
 					.min = 64,
-- 
2.7.4



More information about the dev mailing list