[dpdk-dev] [PATCH v2 3/9] app/crypto-perf: add AES-CCM support

Pablo de Lara pablo.de.lara.guarch at intel.com
Thu Sep 21 15:11:16 CEST 2017


According to the API, AES-CCM has special requirements
when setting IV and AAD fields.
The L2fwd-crypto app is updated to set the nonce (IV)
and AAD in the right positions in these two fields
(1 byte after start of IV field and 18 bytes after start
of AAD).

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
---
 app/test-crypto-perf/cperf_ops.c             | 21 +++++++++++++++--
 app/test-crypto-perf/cperf_test_latency.c    | 34 +++++++++++++++++++++++----
 app/test-crypto-perf/cperf_test_throughput.c | 34 +++++++++++++++++++++++----
 app/test-crypto-perf/cperf_test_verify.c     | 35 ++++++++++++++++++++++++----
 4 files changed, 107 insertions(+), 17 deletions(-)

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index 88fb972..df579f8 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -318,7 +318,15 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 
 		/* AEAD parameters */
 		sym_op->aead.data.length = options->test_buffer_size;
-		sym_op->aead.data.offset =
+		/*
+		 * If doing AES-CCM, first 18 bytes has to be reserved,
+		 * and actual AAD should start from byte 18
+		 */
+		if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+			sym_op->aead.data.offset =
+				RTE_ALIGN_CEIL(options->aead_aad_sz + 18, 16);
+		else
+			sym_op->aead.data.offset =
 				RTE_ALIGN_CEIL(options->aead_aad_sz, 16);
 
 		sym_op->aead.aad.data = rte_pktmbuf_mtod(bufs_in[i], uint8_t *);
@@ -358,8 +366,17 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 			uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ops[i],
 					uint8_t *, iv_offset);
 
-			memcpy(iv_ptr, test_vector->aead_iv.data,
+			/*
+			 * If doing AES-CCM, nonce is copied one byte
+			 * after the start of IV field
+			 */
+			if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+				memcpy(iv_ptr + 1, test_vector->aead_iv.data,
 					test_vector->aead_iv.length);
+			else
+				memcpy(iv_ptr, test_vector->aead_iv.data,
+					test_vector->aead_iv.length);
+
 		}
 	}
 
diff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c
index 58b21ab..0e21092 100644
--- a/app/test-crypto-perf/cperf_test_latency.c
+++ b/app/test-crypto-perf/cperf_test_latency.c
@@ -175,13 +175,29 @@ cperf_mbuf_create(struct rte_mempool *mempool,
 	}
 
 	if (options->op_type == CPERF_AEAD) {
-		uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
-			RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
+		/*
+		 * If doing AES-CCM, first 18 bytes has to be reserved,
+		 * and actual AAD should start from byte 18
+		 */
+		if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM) {
+			uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+				RTE_ALIGN_CEIL(options->aead_aad_sz + 18, 16));
+
+			if (aad == NULL)
+				goto error;
+
+			memcpy(aad + 18, test_vector->aad.data,
+					test_vector->aad.length);
+		} else {
+			uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+				RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
 
-		if (aead == NULL)
-			goto error;
+			if (aad == NULL)
+				goto error;
 
-		memcpy(aead, test_vector->aad.data, test_vector->aad.length);
+			memcpy(aad, test_vector->aad.data,
+					test_vector->aad.length);
+		}
 	}
 
 	return mbuf;
@@ -293,6 +309,14 @@ cperf_latency_test_constructor(struct rte_mempool *sess_mp,
 			test_vector->cipher_iv.length +
 			test_vector->auth_iv.length +
 			test_vector->aead_iv.length;
+	/*
+	 * If doing AES-CCM, 16 bytes need to be reserved,
+	 * regardless the IV length
+	 */
+	if (options->op_type == CPERF_AEAD &&
+			options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+		priv_size = 16;
+
 	ctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,
 			RTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz,
 			512, priv_size, rte_socket_id());
diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c
index 3bb1cb0..6f34708 100644
--- a/app/test-crypto-perf/cperf_test_throughput.c
+++ b/app/test-crypto-perf/cperf_test_throughput.c
@@ -159,13 +159,29 @@ cperf_mbuf_create(struct rte_mempool *mempool,
 	}
 
 	if (options->op_type == CPERF_AEAD) {
-		uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
-			RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
+		/*
+		 * If doing AES-CCM, first 18 bytes has to be reserved,
+		 * and actual AAD should start from byte 18
+		 */
+		if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM) {
+			uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+				RTE_ALIGN_CEIL(options->aead_aad_sz + 18, 16));
+
+			if (aad == NULL)
+				goto error;
+
+			memcpy(aad + 18, test_vector->aad.data,
+					test_vector->aad.length);
+		} else {
+			uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+				RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
 
-		if (aead == NULL)
-			goto error;
+			if (aad == NULL)
+				goto error;
 
-		memcpy(aead, test_vector->aad.data, test_vector->aad.length);
+			memcpy(aad, test_vector->aad.data,
+					test_vector->aad.length);
+		}
 	}
 
 	return mbuf;
@@ -273,6 +289,14 @@ cperf_throughput_test_constructor(struct rte_mempool *sess_mp,
 	uint16_t priv_size = test_vector->cipher_iv.length +
 		test_vector->auth_iv.length + test_vector->aead_iv.length;
 
+	/*
+	 * If doing AES-CCM, 16 bytes need to be reserved,
+	 * regardless the IV length
+	 */
+	if (options->op_type == CPERF_AEAD &&
+			options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+		priv_size = 16;
+
 	ctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,
 			RTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz,
 			512, priv_size, rte_socket_id());
diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c
index a314646..32818fe 100644
--- a/app/test-crypto-perf/cperf_test_verify.c
+++ b/app/test-crypto-perf/cperf_test_verify.c
@@ -163,13 +163,29 @@ cperf_mbuf_create(struct rte_mempool *mempool,
 	}
 
 	if (options->op_type == CPERF_AEAD) {
-		uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
-			RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
+		/*
+		 * If doing AES-CCM, first 18 bytes has to be reserved,
+		 * and actual AAD should start from byte 18
+		 */
+		if (options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM) {
+			uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+				RTE_ALIGN_CEIL(options->aead_aad_sz + 18, 16));
 
-		if (aead == NULL)
-			goto error;
+			if (aad == NULL)
+				goto error;
+
+			memcpy(aad + 18, test_vector->aad.data,
+					test_vector->aad.length);
+		} else {
+			uint8_t *aad = (uint8_t *)rte_pktmbuf_prepend(mbuf,
+				RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
 
-		memcpy(aead, test_vector->aad.data, test_vector->aad.length);
+			if (aad == NULL)
+				goto error;
+
+			memcpy(aad, test_vector->aad.data,
+					test_vector->aad.length);
+		}
 	}
 
 	return mbuf;
@@ -276,6 +292,15 @@ cperf_verify_test_constructor(struct rte_mempool *sess_mp,
 
 	uint16_t priv_size = test_vector->cipher_iv.length +
 		test_vector->auth_iv.length + test_vector->aead_iv.length;
+
+	/*
+	 * If doing AES-CCM, 16 bytes need to be reserved,
+	 * regardless the IV length
+	 */
+	if (options->op_type == CPERF_AEAD &&
+			options->aead_algo == RTE_CRYPTO_AEAD_AES_CCM)
+		priv_size = 16;
+
 	ctx->crypto_op_pool = rte_crypto_op_pool_create(pool_name,
 			RTE_CRYPTO_OP_TYPE_SYMMETRIC, options->pool_sz,
 			512, priv_size, rte_socket_id());
-- 
2.9.4



More information about the dev mailing list