| Message ID | 1495203810-9148-1-git-send-email-balakrishna.garapati@linaro.org |
|---|---|
| State | New |
| Headers | show |
Regards, Bala On 19 May 2017 at 07:23, Balakrishna Garapati <balakrishna.garapati@linaro.org> wrote: > dpdk pmd's require to minatain min, max, inc fields for all > crypto capabilitites. By making iv_len to feature like dpdk pmd's > it is easier to create cipher entires in odp based on key_len. > > Signed-off-by: Balakrishna Garapati <balakrishna.garapati@linaro.org> > --- > since v1: fixed comments from v1, > - updated the description about the patch > - Fixed the bug in crypto validation > since v2: if statement correction in validation "check_cipher_options" > since v3: updated doing key_len check prior to iv_len and corrected iv_len > data type in validation "check_cipher_options" > > include/odp/api/spec/crypto.h | 12 +++- > platform/linux-generic/odp_crypto.c | 8 +-- > .../validation/api/crypto/odp_crypto_test_inp.c | 81 ++++++---------------- > 3 files changed, 37 insertions(+), 64 deletions(-) > > diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h > index c47d314..a1b540a 100644 > --- a/include/odp/api/spec/crypto.h > +++ b/include/odp/api/spec/crypto.h > @@ -497,7 +497,17 @@ typedef struct odp_crypto_cipher_capability_t { > uint32_t key_len; > > /** IV length in bytes */ > - uint32_t iv_len; > + struct { > + /** Minimum iv length in bytes */ > + uint32_t min; > + > + /** Maximum iv length in bytes */ > + uint32_t max; > + > + /** Increment of supported lengths between min and max > + * (in bytes) */ > + uint32_t inc; > + } iv_len; > > } odp_crypto_cipher_capability_t; This is part of capability API which will be in control path and not in the data path, IMO I feel this change adds more complexity. Regards, Bala > > diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c > index a0f3f7e..3e9b607 100644 > --- a/platform/linux-generic/odp_crypto.c > +++ b/platform/linux-generic/odp_crypto.c > @@ -35,16 +35,16 @@ > * Keep sorted: first by key length, then by IV length > */ > static const odp_crypto_cipher_capability_t cipher_capa_des[] = { > -{.key_len = 24, .iv_len = 8} }; > +{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } }; > > static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = { > -{.key_len = 24, .iv_len = 8} }; > +{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } }; > > static const odp_crypto_cipher_capability_t cipher_capa_aes_cbc[] = { > -{.key_len = 16, .iv_len = 16} }; > +{.key_len = 16, .iv_len = {.min = 16, .max = 16, .inc = 0} } }; > > static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { > -{.key_len = 16, .iv_len = 12} }; > +{.key_len = 16, .iv_len = {.min = 12, .max = 12, .inc = 0} } }; > > /* > * Authentication algorithm capabilities > diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c > index 24ea493..0545384 100644 > --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c > +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c > @@ -93,10 +93,6 @@ static void alg_test(odp_crypto_op_t op, > odp_crypto_op_param_t op_params; > uint8_t *data_addr; > int data_off; > - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; > - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; > - int num, i; > - int found; > > rc = odp_crypto_capability(&capa); > CU_ASSERT(!rc); > @@ -136,59 +132,6 @@ static void alg_test(odp_crypto_op_t op, > CU_ASSERT(!rc); > CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); > > - num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, > - MAX_ALG_CAPA); > - > - if (cipher_alg != ODP_CIPHER_ALG_NULL) { > - CU_ASSERT(num > 0); > - found = 0; > - } else { > - CU_ASSERT(num == 0); > - found = 1; > - } > - > - CU_ASSERT(num <= MAX_ALG_CAPA); > - > - if (num > MAX_ALG_CAPA) > - num = MAX_ALG_CAPA; > - > - /* Search for the test case */ > - for (i = 0; i < num; i++) { > - if (cipher_capa[i].key_len == cipher_key.length && > - cipher_capa[i].iv_len == ses_iv.length) { > - found = 1; > - break; > - } > - } > - > - CU_ASSERT(found); > - > - num = odp_crypto_auth_capability(auth_alg, auth_capa, MAX_ALG_CAPA); > - > - if (auth_alg != ODP_AUTH_ALG_NULL) { > - CU_ASSERT(num > 0); > - found = 0; > - } else { > - CU_ASSERT(num == 0); > - found = 1; > - } > - > - CU_ASSERT(num <= MAX_ALG_CAPA); > - > - if (num > MAX_ALG_CAPA) > - num = MAX_ALG_CAPA; > - > - /* Search for the test case */ > - for (i = 0; i < num; i++) { > - if (auth_capa[i].digest_len == digest_len && > - auth_capa[i].key_len == auth_key.length) { > - found = 1; > - break; > - } > - } > - > - CU_ASSERT(found); > - > /* Create a crypto session */ > odp_crypto_session_param_init(&ses_params); > ses_params.op = op; > @@ -379,14 +322,34 @@ static int check_cipher_options(odp_cipher_alg_t cipher, uint32_t key_len, > { > int i; > int num; > + int found = 0; > + > odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; > > num = odp_crypto_cipher_capability(cipher, cipher_capa, MAX_ALG_CAPA); > CU_ASSERT_FATAL(num >= 1); > > for (i = 0; i < num; i++) { > - if (key_len == cipher_capa[i].key_len && > - iv_len == cipher_capa[i].iv_len) > + if (key_len != cipher_capa[i].key_len) > + continue; > + > + uint32_t inc = cipher_capa[i].iv_len.inc; > + uint32_t iv_min = cipher_capa[i].iv_len.min; > + uint32_t iv_max = cipher_capa[i].iv_len.max; > + > + if (inc == 0 && iv_len == iv_min) { > + found = 1; > + } else { > + for (uint32_t iv = iv_min; iv <= iv_max; > + iv = iv + inc) { > + if (iv_len == iv) { > + found = 1; > + break; > + } > + } > + } > + > + if (found == 1) > break; > } > > -- > 1.9.1 >
> -----Original Message----- > From: lng-odp [mailto:lng-odp-bounces@lists.linaro.org] On Behalf Of > Balakrishna Garapati > Sent: Friday, May 19, 2017 5:24 PM > To: lng-odp@lists.linaro.org > Subject: [lng-odp] [API-NEXT PATCHv4] api: crypto: change iv_len field to > feature min-max len > > dpdk pmd's require to minatain min, max, inc fields for all > crypto capabilitites. By making iv_len to feature like dpdk pmd's > it is easier to create cipher entires in odp based on key_len. > > Signed-off-by: Balakrishna Garapati <balakrishna.garapati@linaro.org> > --- > since v1: fixed comments from v1, > - updated the description about the patch > - Fixed the bug in crypto validation > since v2: if statement correction in validation "check_cipher_options" > since v3: updated doing key_len check prior to iv_len and corrected > iv_len > data type in validation "check_cipher_options" > > include/odp/api/spec/crypto.h | 12 +++- > platform/linux-generic/odp_crypto.c | 8 +-- > .../validation/api/crypto/odp_crypto_test_inp.c | 81 ++++++----------- > ----- > 3 files changed, 37 insertions(+), 64 deletions(-) > > diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h > index c47d314..a1b540a 100644 > --- a/include/odp/api/spec/crypto.h > +++ b/include/odp/api/spec/crypto.h > @@ -497,7 +497,17 @@ typedef struct odp_crypto_cipher_capability_t { > uint32_t key_len; > > /** IV length in bytes */ > - uint32_t iv_len; > + struct { > + /** Minimum iv length in bytes */ > + uint32_t min; > + > + /** Maximum iv length in bytes */ > + uint32_t max; > + > + /** Increment of supported lengths between min and > max > + * (in bytes) */ > + uint32_t inc; > + } iv_len; I choose to not use this mechanism since: * number of key_len / iv_len combination should not be too large * this is inflexible if there are holes in the range: e.g. iv_len == 4, 8, 16 could not be expressed with min/max/inc * application should have an easy job to scroll through a sorted list of key/iv lengths * implementation can have predefined arrays sorted already at build time -Petri
diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index c47d314..a1b540a 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -497,7 +497,17 @@ typedef struct odp_crypto_cipher_capability_t { uint32_t key_len; /** IV length in bytes */ - uint32_t iv_len; + struct { + /** Minimum iv length in bytes */ + uint32_t min; + + /** Maximum iv length in bytes */ + uint32_t max; + + /** Increment of supported lengths between min and max + * (in bytes) */ + uint32_t inc; + } iv_len; } odp_crypto_cipher_capability_t; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index a0f3f7e..3e9b607 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -35,16 +35,16 @@ * Keep sorted: first by key length, then by IV length */ static const odp_crypto_cipher_capability_t cipher_capa_des[] = { -{.key_len = 24, .iv_len = 8} }; +{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } }; static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = { -{.key_len = 24, .iv_len = 8} }; +{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } }; static const odp_crypto_cipher_capability_t cipher_capa_aes_cbc[] = { -{.key_len = 16, .iv_len = 16} }; +{.key_len = 16, .iv_len = {.min = 16, .max = 16, .inc = 0} } }; static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { -{.key_len = 16, .iv_len = 12} }; +{.key_len = 16, .iv_len = {.min = 12, .max = 12, .inc = 0} } }; /* * Authentication algorithm capabilities diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index 24ea493..0545384 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -93,10 +93,6 @@ static void alg_test(odp_crypto_op_t op, odp_crypto_op_param_t op_params; uint8_t *data_addr; int data_off; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; - int num, i; - int found; rc = odp_crypto_capability(&capa); CU_ASSERT(!rc); @@ -136,59 +132,6 @@ static void alg_test(odp_crypto_op_t op, CU_ASSERT(!rc); CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); - num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, - MAX_ALG_CAPA); - - if (cipher_alg != ODP_CIPHER_ALG_NULL) { - CU_ASSERT(num > 0); - found = 0; - } else { - CU_ASSERT(num == 0); - found = 1; - } - - CU_ASSERT(num <= MAX_ALG_CAPA); - - if (num > MAX_ALG_CAPA) - num = MAX_ALG_CAPA; - - /* Search for the test case */ - for (i = 0; i < num; i++) { - if (cipher_capa[i].key_len == cipher_key.length && - cipher_capa[i].iv_len == ses_iv.length) { - found = 1; - break; - } - } - - CU_ASSERT(found); - - num = odp_crypto_auth_capability(auth_alg, auth_capa, MAX_ALG_CAPA); - - if (auth_alg != ODP_AUTH_ALG_NULL) { - CU_ASSERT(num > 0); - found = 0; - } else { - CU_ASSERT(num == 0); - found = 1; - } - - CU_ASSERT(num <= MAX_ALG_CAPA); - - if (num > MAX_ALG_CAPA) - num = MAX_ALG_CAPA; - - /* Search for the test case */ - for (i = 0; i < num; i++) { - if (auth_capa[i].digest_len == digest_len && - auth_capa[i].key_len == auth_key.length) { - found = 1; - break; - } - } - - CU_ASSERT(found); - /* Create a crypto session */ odp_crypto_session_param_init(&ses_params); ses_params.op = op; @@ -379,14 +322,34 @@ static int check_cipher_options(odp_cipher_alg_t cipher, uint32_t key_len, { int i; int num; + int found = 0; + odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; num = odp_crypto_cipher_capability(cipher, cipher_capa, MAX_ALG_CAPA); CU_ASSERT_FATAL(num >= 1); for (i = 0; i < num; i++) { - if (key_len == cipher_capa[i].key_len && - iv_len == cipher_capa[i].iv_len) + if (key_len != cipher_capa[i].key_len) + continue; + + uint32_t inc = cipher_capa[i].iv_len.inc; + uint32_t iv_min = cipher_capa[i].iv_len.min; + uint32_t iv_max = cipher_capa[i].iv_len.max; + + if (inc == 0 && iv_len == iv_min) { + found = 1; + } else { + for (uint32_t iv = iv_min; iv <= iv_max; + iv = iv + inc) { + if (iv_len == iv) { + found = 1; + break; + } + } + } + + if (found == 1) break; }
dpdk pmd's require to minatain min, max, inc fields for all crypto capabilitites. By making iv_len to feature like dpdk pmd's it is easier to create cipher entires in odp based on key_len. Signed-off-by: Balakrishna Garapati <balakrishna.garapati@linaro.org> --- since v1: fixed comments from v1, - updated the description about the patch - Fixed the bug in crypto validation since v2: if statement correction in validation "check_cipher_options" since v3: updated doing key_len check prior to iv_len and corrected iv_len data type in validation "check_cipher_options" include/odp/api/spec/crypto.h | 12 +++- platform/linux-generic/odp_crypto.c | 8 +-- .../validation/api/crypto/odp_crypto_test_inp.c | 81 ++++++---------------- 3 files changed, 37 insertions(+), 64 deletions(-) -- 1.9.1