X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=lib%2Flibrte_cryptodev%2Frte_crypto_sym.h;h=ea58cef79e6dca9d4bd4f03dea4217a45806d348;hb=46a0547f9f2a07169c7285e098539ccc7c003dcc;hp=a718a7b6ab28afa9f1fa07dd4f7ed98073602982;hpb=b59502a5e3d065ed4c1bb0f9e7888703ee311e33;p=dpdk.git diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h index a718a7b6ab..ea58cef79e 100644 --- a/lib/librte_cryptodev/rte_crypto_sym.h +++ b/lib/librte_cryptodev/rte_crypto_sym.h @@ -68,27 +68,12 @@ enum rte_crypto_cipher_algorithm { RTE_CRYPTO_CIPHER_AES_CBC, /**< AES algorithm in CBC mode */ - RTE_CRYPTO_CIPHER_AES_CCM, - /**< AES algorithm in CCM mode. When this cipher algorithm is used the - * *RTE_CRYPTO_AUTH_AES_CCM* element of the - * *rte_crypto_hash_algorithm* enum MUST be used to set up the related - * *rte_crypto_auth_xform* structure in the session context or in - * the op_params of the crypto operation structure in the case of a - * session-less crypto operation - */ RTE_CRYPTO_CIPHER_AES_CTR, /**< AES algorithm in Counter mode */ RTE_CRYPTO_CIPHER_AES_ECB, /**< AES algorithm in ECB mode */ RTE_CRYPTO_CIPHER_AES_F8, /**< AES algorithm in F8 mode */ - RTE_CRYPTO_CIPHER_AES_GCM, - /**< AES algorithm in GCM mode. When this cipher algorithm is used the - * *RTE_CRYPTO_AUTH_AES_GCM* element of the *rte_crypto_auth_algorithm* - * enum MUST be used to set up the related *rte_crypto_auth_setup_data* - * structure in the session context or in the op_params of the crypto - * operation structure in the case of a session-less crypto operation. - */ RTE_CRYPTO_CIPHER_AES_XTS, /**< AES algorithm in XTS mode */ @@ -158,7 +143,7 @@ struct rte_crypto_cipher_xform { struct { uint8_t *data; /**< pointer to key data */ - size_t length; /**< key length in bytes */ + uint16_t length;/**< key length in bytes */ } key; /**< Cipher key * @@ -247,25 +232,8 @@ enum rte_crypto_auth_algorithm { RTE_CRYPTO_AUTH_AES_CBC_MAC, /**< AES-CBC-MAC algorithm. Only 128-bit keys are supported. */ - RTE_CRYPTO_AUTH_AES_CCM, - /**< AES algorithm in CCM mode. This is an authenticated cipher. When - * this hash algorithm is used, the *RTE_CRYPTO_CIPHER_AES_CCM* - * element of the *rte_crypto_cipher_algorithm* enum MUST be used to - * set up the related rte_crypto_cipher_setup_data structure in the - * session context or the corresponding parameter in the crypto - * operation data structures op_params parameter MUST be set for a - * session-less crypto operation. - */ RTE_CRYPTO_AUTH_AES_CMAC, /**< AES CMAC algorithm. */ - RTE_CRYPTO_AUTH_AES_GCM, - /**< AES algorithm in GCM mode. When this hash algorithm - * is used, the RTE_CRYPTO_CIPHER_AES_GCM element of the - * rte_crypto_cipher_algorithm enum MUST be used to set up the related - * rte_crypto_cipher_setup_data structure in the session context, or - * the corresponding parameter in the crypto operation data structures - * op_params parameter MUST be set for a session-less crypto operation. - */ RTE_CRYPTO_AUTH_AES_GMAC, /**< AES GMAC algorithm. */ RTE_CRYPTO_AUTH_AES_XCBC_MAC, @@ -338,7 +306,7 @@ struct rte_crypto_auth_xform { struct { uint8_t *data; /**< pointer to key data */ - size_t length; /**< key length in bytes */ + uint16_t length;/**< key length in bytes */ } key; /**< Authentication key data. * The authentication key length MUST be less than or equal to the @@ -358,37 +326,18 @@ struct rte_crypto_auth_xform { * the result shall be truncated. */ - uint16_t add_auth_data_length; - /**< The length of the additional authenticated data (AAD) in bytes. - * The maximum permitted value is 65535 (2^16 - 1) bytes, unless - * otherwise specified below. - * - * This field must be specified when the hash algorithm is one of the - * following: - * - * - For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM). In this case, this is - * the length of the Additional Authenticated Data (called A, in NIST - * SP800-38D). - * - * - For CCM (@ref RTE_CRYPTO_AUTH_AES_CCM). In this case, this is - * the length of the associated data (called A, in NIST SP800-38C). - * Note that this does NOT include the length of any padding, or the - * 18 bytes reserved at the start of the above field to store the - * block B0 and the encoded length. The maximum permitted value in - * this case is 222 bytes. - * - */ - struct { uint16_t offset; /**< Starting point for Initialisation Vector or Counter, * specified as number of bytes from start of crypto * operation (rte_crypto_op). * - * - For KASUMI in F9 mode, SNOW 3G in UIA2 mode, - * for ZUC in EIA3 mode and for AES-GMAC, this is the - * authentication Initialisation Vector (IV) value. + * - For SNOW 3G in UIA2 mode, for ZUC in EIA3 mode and + * for AES-GMAC, this is the authentication + * Initialisation Vector (IV) value. * + * - For KASUMI in F9 mode and other authentication + * algorithms, this field is not used. * * For optimum performance, the data pointed to SHOULD * be 8-byte aligned. @@ -396,9 +345,11 @@ struct rte_crypto_auth_xform { uint16_t length; /**< Length of valid IV data. * - * - For KASUMI in F9 mode, SNOW3G in UIA2 mode, for - * ZUC in EIA3 mode and for AES-GMAC, this is the length - * of the IV. + * - For SNOW3G in UIA2 mode, for ZUC in EIA3 mode and + * for AES-GMAC, this is the length of the IV. + * + * - For KASUMI in F9 mode and other authentication + * algorithms, this field is not used. * */ } iv; /**< Initialisation vector parameters */ @@ -438,7 +389,7 @@ struct rte_crypto_aead_xform { struct { uint8_t *data; /**< pointer to key data */ - size_t length; /**< key length in bytes */ + uint16_t length;/**< key length in bytes */ } key; struct { @@ -473,9 +424,9 @@ struct rte_crypto_aead_xform { */ } iv; /**< Initialisation vector parameters */ - uint32_t digest_length; + uint16_t digest_length; - uint16_t add_auth_data_length; + uint16_t aad_length; /**< The length of the additional authenticated data (AAD) in bytes. */ }; @@ -658,15 +609,6 @@ struct rte_crypto_sym_op { * also the same as the result length. * * @note - * In the case of CCM - * @ref RTE_CRYPTO_AUTH_AES_CCM, this value - * should not include the length of the padding - * or the length of the MAC; the driver will - * compute the actual number of bytes over - * which the encryption will occur, which will - * include these values. - * - * @note * For SNOW 3G @ RTE_CRYPTO_AUTH_SNOW3G_UEA2, * KASUMI @ RTE_CRYPTO_CIPHER_KASUMI_F8 * and ZUC @ RTE_CRYPTO_CIPHER_ZUC_EEA3, @@ -683,31 +625,31 @@ struct rte_crypto_sym_op { * packet in source buffer. * * @note - * For CCM and GCM modes of operation, - * this field is ignored. - * The field @ref aad field should be set - * instead. - * - * @note * For SNOW 3G @ RTE_CRYPTO_AUTH_SNOW3G_UIA2, * KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9 * and ZUC @ RTE_CRYPTO_AUTH_ZUC_EIA3, * this field should be in bits. + * + * @note + * For KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9, + * this offset should be such that + * data to authenticate starts at COUNT. */ uint32_t length; /**< The message length, in bytes, of the source * buffer that the hash will be computed on. * * @note - * For CCM and GCM modes of operation, - * this field is ignored. The field @ref aad - * field should be set instead. - * - * @note * For SNOW 3G @ RTE_CRYPTO_AUTH_SNOW3G_UIA2, * KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9 * and ZUC @ RTE_CRYPTO_AUTH_ZUC_EIA3, * this field should be in bits. + * + * @note + * For KASUMI @ RTE_CRYPTO_AUTH_KASUMI_F9, + * the length should include the COUNT, + * FRESH, message, direction bit and padding + * (to be multiple of 8 bits). */ } data; /**< Data offsets and length for authentication */ @@ -732,63 +674,10 @@ struct rte_crypto_sym_op { * For digest generation, the digest result * will overwrite any data at this location. * - * @note - * For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM), for - * "digest result" read "authentication tag T". */ phys_addr_t phys_addr; /**< Physical address of digest */ } digest; /**< Digest parameters */ - - struct { - uint8_t *data; - /**< Pointer to Additional Authenticated - * Data (AAD) needed for authenticated cipher - * mechanisms (CCM and GCM). - * - * The length of the data pointed to by this - * field is set up for the session in the @ref - * rte_crypto_auth_xform structure as part of - * the @ref rte_cryptodev_sym_session_create - * function call. - * This length must not exceed 65535 (2^16-1) - * bytes. - * - * Specifically for CCM - * (@ref RTE_CRYPTO_AUTH_AES_CCM), - * the caller should setup this field as follows: - * - * - the nonce should be written starting at - * an offset of one byte into the array, - * leaving room for the implementation to - * write in the flags to the first byte. - * - * - the additional authentication data - * itself should be written starting at - * an offset of 18 bytes into the array, - * leaving room for the length encoding in - * the first two bytes of the second block. - * - * - the array should be big enough to hold - * the above fields, plus any padding to - * round this up to the nearest multiple of - * the block size (16 bytes). - * Padding will be added by the implementation. - * - * Finally, for GCM - * (@ref RTE_CRYPTO_AUTH_AES_GCM), the - * caller should setup this field as follows: - * - * - the AAD is written in starting at byte 0 - * - the array must be big enough to hold - * the AAD, plus any space to round this up to - * the nearest multiple of the block size - * (16 bytes). - * - */ - phys_addr_t phys_addr; /**< physical address */ - } aad; - /**< Additional authentication parameters */ } auth; }; };