From 2839a8abf92538ce6cf49e02deb032134bee5241 Mon Sep 17 00:00:00 2001 From: Sucharitha Sarananaga Date: Wed, 5 Feb 2020 18:46:15 +0530 Subject: [PATCH] common/cpt: support variable key size for HMAC HMAC algorithms supports key lengths from 1 to 1024 bytes. Signed-off-by: Archana Muniganti Signed-off-by: Sucharitha Sarananaga Signed-off-by: Anoob Joseph --- drivers/common/cpt/cpt_mcode_defines.h | 2 +- drivers/common/cpt/cpt_ucode.h | 15 ++++++---- .../octeontx/otx_cryptodev_capabilities.c | 30 +++++++++---------- .../octeontx2/otx2_cryptodev_capabilities.c | 30 +++++++++---------- 4 files changed, 40 insertions(+), 37 deletions(-) diff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h index 8bb09e62c6..69d831b5cc 100644 --- a/drivers/common/cpt/cpt_mcode_defines.h +++ b/drivers/common/cpt/cpt_mcode_defines.h @@ -320,7 +320,7 @@ struct cpt_ctx { mc_zuc_snow3g_ctx_t zs_ctx; mc_kasumi_ctx_t k_ctx; }; - uint8_t auth_key[64]; + uint8_t auth_key[1024]; }; /* Prime and order fields of built-in elliptic curves */ diff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h index 24b53a142f..4ef87c298e 100644 --- a/drivers/common/cpt/cpt_ucode.h +++ b/drivers/common/cpt/cpt_ucode.h @@ -230,6 +230,9 @@ cpt_fc_ciph_set_key(void *ctx, cipher_type_t type, const uint8_t *key, * sometimes iverride IV per operation. */ fctx->enc.iv_source = CPT_FROM_DPTR; + + if (cpt_ctx->auth_key_len > 64) + return -1; } switch (type) { @@ -2537,6 +2540,9 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key, cpt_ctx->fc_type = HASH_HMAC; } + if (cpt_ctx->fc_type == FC_GEN && key_len > 64) + return -1; + /* For GMAC auth, cipher must be NULL */ if (type == GMAC_TYPE) fctx->enc.enc_cipher = 0; @@ -2551,7 +2557,9 @@ cpt_fc_auth_set_key(void *ctx, auth_type_t type, const uint8_t *key, cpt_ctx->auth_key_len = key_len; memset(fctx->hmac.ipad, 0, sizeof(fctx->hmac.ipad)); memset(fctx->hmac.opad, 0, sizeof(fctx->hmac.opad)); - memcpy(fctx->hmac.opad, key, key_len); + + if (key_len <= 64) + memcpy(fctx->hmac.opad, key, key_len); fctx->enc.auth_input_type = 1; } return 0; @@ -2736,11 +2744,6 @@ fill_sess_auth(struct rte_crypto_sym_xform *xform, return -1; } - if (a_form->key.length > 64) { - CPT_LOG_DP_ERR("Auth key length is big"); - return -1; - } - switch (a_form->algo) { case RTE_CRYPTO_AUTH_SHA1_HMAC: /* Fall through */ diff --git a/drivers/crypto/octeontx/otx_cryptodev_capabilities.c b/drivers/crypto/octeontx/otx_cryptodev_capabilities.c index 1174ee4734..3f734b232c 100644 --- a/drivers/crypto/octeontx/otx_cryptodev_capabilities.c +++ b/drivers/crypto/octeontx/otx_cryptodev_capabilities.c @@ -141,9 +141,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, .block_size = 64, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 20, @@ -181,9 +181,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, .block_size = 64, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 28, @@ -221,9 +221,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, .block_size = 64, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 32, @@ -261,9 +261,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, .block_size = 64, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 48, @@ -301,9 +301,9 @@ static const struct rte_cryptodev_capabilities otx_sym_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, .block_size = 128, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 64, diff --git a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c index 2ddf628091..3eb3d8532c 100644 --- a/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c +++ b/drivers/crypto/octeontx2/otx2_cryptodev_capabilities.c @@ -142,9 +142,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA1_HMAC, .block_size = 64, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 20, @@ -182,9 +182,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA224_HMAC, .block_size = 64, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 28, @@ -222,9 +222,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, .block_size = 64, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 32, @@ -262,9 +262,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, .block_size = 64, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 48, @@ -302,9 +302,9 @@ rte_cryptodev_capabilities otx2_cpt_capabilities[] = { .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, .block_size = 128, .key_size = { - .min = 64, - .max = 64, - .increment = 0 + .min = 1, + .max = 1024, + .increment = 1 }, .digest_size = { .min = 64, -- 2.20.1