From: John Griffin Date: Tue, 8 Mar 2016 16:22:15 +0000 (+0000) Subject: qat: fix AES-GCM decryption X-Git-Tag: spdx-start~7497 X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=53d8971cbe81c525ab6d36c46329d514ce154278;p=dpdk.git qat: fix AES-GCM decryption AES GCM on the cryptodev API was giving invalid results in some cases, due to an incorrect IV setting. Added AES GCM in the QAT supported algorithms, as encryption/decryption is fully functional. Fixes: 1703e94ac5ce ("qat: add driver for QuickAssist devices") Signed-off-by: John Griffin Acked-by: Pablo de Lara --- diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst index 8f09d3230a..a3090f5a4a 100644 --- a/doc/guides/cryptodevs/qat.rst +++ b/doc/guides/cryptodevs/qat.rst @@ -48,6 +48,7 @@ Cipher algorithms: * ``RTE_CRYPTO_SYM_CIPHER_AES192_CBC`` * ``RTE_CRYPTO_SYM_CIPHER_AES256_CBC`` * ``RTE_CRYPTO_SYM_CIPHER_SNOW3G_UEA2`` +* ``RTE_CRYPTO_CIPHER_AES_GCM`` Hash algorithms: diff --git a/doc/guides/rel_notes/release_16_04.rst b/doc/guides/rel_notes/release_16_04.rst index 8b82492b52..e978efee96 100644 --- a/doc/guides/rel_notes/release_16_04.rst +++ b/doc/guides/rel_notes/release_16_04.rst @@ -122,6 +122,11 @@ Drivers This made impossible the creation of more than one aesni_mb device from command line. +* **qat: Fixed AES GCM decryption.** + + Allowed AES GCM on the cryptodev API, but in some cases gave invalid results + due to incorrect IV setting. + Libraries ~~~~~~~~~ diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c index 9ddd333603..f267da5c41 100644 --- a/drivers/crypto/qat/qat_crypto.c +++ b/drivers/crypto/qat/qat_crypto.c @@ -553,11 +553,27 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg) auth_param->u1.aad_adr = op->sym->auth.aad.phys_addr; /* (GCM) aad length(240 max) will be at this location after precompute */ if (ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_128 || - ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_64) { - auth_param->u2.aad_sz = - ALIGN_POW2_ROUNDUP(ctx->cd.hash.sha.state1[ + ctx->qat_hash_alg == ICP_QAT_HW_AUTH_ALGO_GALOIS_64) { + struct icp_qat_hw_auth_algo_blk *hash; + + if (ctx->qat_cmd == ICP_QAT_FW_LA_CMD_HASH_CIPHER) + hash = (struct icp_qat_hw_auth_algo_blk *)((char *)&ctx->cd); + else + hash = (struct icp_qat_hw_auth_algo_blk *)((char *)&ctx->cd + + sizeof(struct icp_qat_hw_cipher_algo_blk)); + + auth_param->u2.aad_sz = ALIGN_POW2_ROUNDUP(hash->sha.state1[ ICP_QAT_HW_GALOIS_128_STATE1_SZ + ICP_QAT_HW_GALOIS_H_SZ + 3], 16); + if (op->sym->cipher.iv.length == 12) { + /* + * For GCM a 12 bit IV is allowed, + * but we need to inform the f/w + */ + ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_SET( + qat_req->comn_hdr.serv_specif_flags, + ICP_QAT_FW_LA_GCM_IV_LEN_12_OCTETS); + } } auth_param->hash_state_sz = (auth_param->u2.aad_sz) >> 3;