@@ -376,14 +376,11 @@ cperf_create_session(uint8_t dev_id,
if (options->auth_algo != RTE_CRYPTO_AUTH_NULL) {
auth_xform.auth.digest_length =
options->auth_digest_sz;
- auth_xform.auth.add_auth_data_length =
- options->auth_aad_sz;
auth_xform.auth.key.length =
test_vector->auth_key.length;
auth_xform.auth.key.data = test_vector->auth_key.data;
} else {
auth_xform.auth.digest_length = 0;
- auth_xform.auth.add_auth_data_length = 0;
auth_xform.auth.key.length = 0;
auth_xform.auth.key.data = NULL;
}
@@ -426,8 +423,6 @@ cperf_create_session(uint8_t dev_id,
/* auth different than null */
if (options->auth_algo != RTE_CRYPTO_AUTH_NULL) {
auth_xform.auth.digest_length = options->auth_digest_sz;
- auth_xform.auth.add_auth_data_length =
- options->auth_aad_sz;
/* auth options for aes gcm */
if (options->cipher_algo == RTE_CRYPTO_CIPHER_AES_GCM &&
options->auth_algo == RTE_CRYPTO_AUTH_AES_GCM) {
@@ -441,7 +436,6 @@ cperf_create_session(uint8_t dev_id,
}
} else {
auth_xform.auth.digest_length = 0;
- auth_xform.auth.add_auth_data_length = 0;
auth_xform.auth.key.length = 0;
auth_xform.auth.key.data = NULL;
}
@@ -125,7 +125,7 @@ struct qat_session {
uint8_t *cd_cur_ptr;
phys_addr_t cd_paddr;
struct icp_qat_fw_la_bulk_req fw_req;
- uint8_t aad_len;
+ uint32_t *aad_len;
struct qat_crypto_instance *inst;
rte_spinlock_t lock; /* protects this struct */
};
@@ -147,7 +147,6 @@ int qat_alg_aead_session_create_content_desc_cipher(struct qat_session *cd,
int qat_alg_aead_session_create_content_desc_auth(struct qat_session *cdesc,
uint8_t *authkey,
uint32_t authkeylen,
- uint32_t add_auth_data_length,
uint32_t digestsize,
unsigned int operation);
@@ -661,7 +661,6 @@ int qat_alg_aead_session_create_content_desc_cipher(struct qat_session *cdesc,
int qat_alg_aead_session_create_content_desc_auth(struct qat_session *cdesc,
uint8_t *authkey,
uint32_t authkeylen,
- uint32_t add_auth_data_length,
uint32_t digestsize,
unsigned int operation)
{
@@ -679,7 +678,6 @@ int qat_alg_aead_session_create_content_desc_auth(struct qat_session *cdesc,
sizeof(struct icp_qat_fw_la_cipher_req_params));
uint16_t state1_size = 0, state2_size = 0;
uint16_t hash_offset, cd_size;
- uint32_t *aad_len = NULL;
uint32_t wordIndex = 0;
uint32_t *pTempKey;
enum qat_crypto_proto_flag qat_proto_flag =
@@ -805,18 +803,10 @@ int qat_alg_aead_session_create_content_desc_auth(struct qat_session *cdesc,
PMD_DRV_LOG(ERR, "(GCM)precompute failed");
return -EFAULT;
}
- /*
- * Write (the length of AAD) into bytes 16-19 of state2
- * in big-endian format. This field is 8 bytes
- */
- auth_param->u2.aad_sz =
- RTE_ALIGN_CEIL(add_auth_data_length, 16);
- auth_param->hash_state_sz = (auth_param->u2.aad_sz) >> 3;
- aad_len = (uint32_t *)(cdesc->cd_cur_ptr +
+ cdesc->aad_len = (uint32_t *)(cdesc->cd_cur_ptr +
ICP_QAT_HW_GALOIS_128_STATE1_SZ +
ICP_QAT_HW_GALOIS_H_SZ);
- *aad_len = rte_bswap32(add_auth_data_length);
break;
case ICP_QAT_HW_AUTH_ALGO_SNOW_3G_UIA2:
qat_proto_flag = QAT_CRYPTO_PROTO_FLAG_SNOW3G;
@@ -837,8 +827,8 @@ int qat_alg_aead_session_create_content_desc_auth(struct qat_session *cdesc,
0, ICP_QAT_HW_SNOW_3G_UEA2_IV_SZ);
cdesc->cd_cur_ptr += sizeof(struct icp_qat_hw_cipher_config) +
authkeylen + ICP_QAT_HW_SNOW_3G_UEA2_IV_SZ;
- auth_param->hash_state_sz =
- RTE_ALIGN_CEIL(add_auth_data_length, 16) >> 3;
+ /* IV = 16 bytes for SNOW3G */
+ auth_param->hash_state_sz = (16 >> 3);
break;
case ICP_QAT_HW_AUTH_ALGO_ZUC_3G_128_EIA3:
hash->auth_config.config =
@@ -854,8 +844,8 @@ int qat_alg_aead_session_create_content_desc_auth(struct qat_session *cdesc,
memcpy(cdesc->cd_cur_ptr + state1_size, authkey, authkeylen);
cdesc->cd_cur_ptr += state1_size + state2_size
+ ICP_QAT_HW_ZUC_3G_EEA3_IV_SZ;
- auth_param->hash_state_sz =
- RTE_ALIGN_CEIL(add_auth_data_length, 16) >> 3;
+ /* IV = 16 bytes for ZUC */
+ auth_param->hash_state_sz = 16 >> 3;
break;
case ICP_QAT_HW_AUTH_ALGO_MD5:
@@ -586,7 +586,6 @@ qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev,
if (qat_alg_aead_session_create_content_desc_auth(session,
cipher_xform->key.data,
cipher_xform->key.length,
- auth_xform->add_auth_data_length,
auth_xform->digest_length,
auth_xform->op))
goto error_out;
@@ -594,7 +593,6 @@ qat_crypto_sym_configure_session_auth(struct rte_cryptodev *dev,
if (qat_alg_aead_session_create_content_desc_auth(session,
auth_xform->key.data,
auth_xform->key.length,
- auth_xform->add_auth_data_length,
auth_xform->digest_length,
auth_xform->op))
goto error_out;
@@ -1027,6 +1025,15 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
ICP_QAT_HW_AUTH_ALGO_GALOIS_64) {
auth_ofs = op->sym->cipher.data.offset;
auth_len = op->sym->cipher.data.length;
+ /*
+ * Write (the length of AAD) into bytes 16-19 of state2
+ * in big-endian format. This field is 8 bytes
+ */
+ auth_param->u2.aad_sz =
+ RTE_ALIGN_CEIL(op->sym->auth.aad.length, 16);
+ auth_param->hash_state_sz = (auth_param->u2.aad_sz) >> 3;
+
+ *(ctx->aad_len) = rte_bswap32(op->sym->auth.aad.length);
} else {
auth_ofs = op->sym->auth.data.offset;
auth_len = op->sym->auth.data.length;
@@ -315,35 +315,6 @@ struct rte_crypto_auth_xform {
* If the value is less than the maximum length allowed by the hash,
* the result shall be truncated.
*/
-
- uint32_t add_auth_data_length;
- /**< The length of the additional authenticated data (AAD) in bytes.
- * The maximum permitted value is 65535 (2^16 - 1) bytes, unless
- * otherwise specified below.
- *
- * This field must be specified when the hash algorithm is one of the
- * following:
- *
- * - For SNOW 3G (@ref RTE_CRYPTO_AUTH_SNOW3G_UIA2), this is the
- * length of the IV (which should be 16).
- *
- * - For GCM (@ref RTE_CRYPTO_AUTH_AES_GCM). In this case, this is
- * the length of the Additional Authenticated Data (called A, in NIST
- * SP800-38D).
- *
- * - For CCM (@ref RTE_CRYPTO_AUTH_AES_CCM). In this case, this is
- * the length of the associated data (called A, in NIST SP800-38C).
- * Note that this does NOT include the length of any padding, or the
- * 18 bytes reserved at the start of the above field to store the
- * block B0 and the encoded length. The maximum permitted value in
- * this case is 222 bytes.
- *
- * @note
- * For AES-GMAC (@ref RTE_CRYPTO_AUTH_AES_GMAC) mode of operation
- * this field is not used and should be set to 0. Instead the length
- * of the AAD data is specified in additional authentication data
- * length field of the rte_crypto_sym_op_data structure
- */
};
/** Crypto transformation types */
@@ -1778,7 +1778,7 @@ test_AES_chain_armv8_all(void)
static int
create_wireless_algo_hash_session(uint8_t dev_id,
const uint8_t *key, const uint8_t key_len,
- const uint8_t aad_len, const uint8_t auth_len,
+ const uint8_t auth_len,
enum rte_crypto_auth_operation op,
enum rte_crypto_auth_algorithm algo)
{
@@ -1799,7 +1799,6 @@ create_wireless_algo_hash_session(uint8_t dev_id,
ut_params->auth_xform.auth.key.length = key_len;
ut_params->auth_xform.auth.key.data = hash_key;
ut_params->auth_xform.auth.digest_length = auth_len;
- ut_params->auth_xform.auth.add_auth_data_length = aad_len;
ut_params->sess = rte_cryptodev_sym_session_create(dev_id,
&ut_params->auth_xform);
TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
@@ -1938,7 +1937,7 @@ create_wireless_algo_cipher_auth_session(uint8_t dev_id,
enum rte_crypto_auth_algorithm auth_algo,
enum rte_crypto_cipher_algorithm cipher_algo,
const uint8_t *key, const uint8_t key_len,
- const uint8_t aad_len, const uint8_t auth_len)
+ const uint8_t auth_len)
{
uint8_t cipher_auth_key[key_len];
@@ -1957,7 +1956,6 @@ create_wireless_algo_cipher_auth_session(uint8_t dev_id,
/* Hash key = cipher key */
ut_params->auth_xform.auth.key.data = cipher_auth_key;
ut_params->auth_xform.auth.digest_length = auth_len;
- ut_params->auth_xform.auth.add_auth_data_length = aad_len;
/* Setup Cipher Parameters */
ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
@@ -1991,7 +1989,6 @@ create_wireless_cipher_auth_session(uint8_t dev_id,
struct crypto_unittest_params *ut_params = &unittest_params;
const uint8_t *key = tdata->key.data;
- const uint8_t aad_len = tdata->aad.len;
const uint8_t auth_len = tdata->digest.len;
memcpy(cipher_auth_key, key, key_len);
@@ -2006,7 +2003,6 @@ create_wireless_cipher_auth_session(uint8_t dev_id,
/* Hash key = cipher key */
ut_params->auth_xform.auth.key.data = cipher_auth_key;
ut_params->auth_xform.auth.digest_length = auth_len;
- ut_params->auth_xform.auth.add_auth_data_length = aad_len;
/* Setup Cipher Parameters */
ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
@@ -2044,7 +2040,7 @@ create_wireless_algo_auth_cipher_session(uint8_t dev_id,
enum rte_crypto_auth_algorithm auth_algo,
enum rte_crypto_cipher_algorithm cipher_algo,
const uint8_t *key, const uint8_t key_len,
- const uint8_t aad_len, const uint8_t auth_len)
+ const uint8_t auth_len)
{
uint8_t auth_cipher_key[key_len];
@@ -2060,7 +2056,6 @@ create_wireless_algo_auth_cipher_session(uint8_t dev_id,
ut_params->auth_xform.auth.key.length = key_len;
ut_params->auth_xform.auth.key.data = auth_cipher_key;
ut_params->auth_xform.auth.digest_length = auth_len;
- ut_params->auth_xform.auth.add_auth_data_length = aad_len;
/* Setup Cipher Parameters */
ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
@@ -2480,7 +2475,7 @@ test_snow3g_authentication(const struct snow3g_hash_test_data *tdata)
/* Create SNOW 3G session */
retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len,
+ tdata->digest.len,
RTE_CRYPTO_AUTH_OP_GENERATE,
RTE_CRYPTO_AUTH_SNOW3G_UIA2);
if (retval < 0)
@@ -2541,7 +2536,7 @@ test_snow3g_authentication_verify(const struct snow3g_hash_test_data *tdata)
/* Create SNOW 3G session */
retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len,
+ tdata->digest.len,
RTE_CRYPTO_AUTH_OP_VERIFY,
RTE_CRYPTO_AUTH_SNOW3G_UIA2);
if (retval < 0)
@@ -2602,7 +2597,7 @@ test_kasumi_authentication(const struct kasumi_hash_test_data *tdata)
/* Create KASUMI session */
retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len,
+ tdata->digest.len,
RTE_CRYPTO_AUTH_OP_GENERATE,
RTE_CRYPTO_AUTH_KASUMI_F9);
if (retval < 0)
@@ -2663,7 +2658,7 @@ test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata)
/* Create KASUMI session */
retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len,
+ tdata->digest.len,
RTE_CRYPTO_AUTH_OP_VERIFY,
RTE_CRYPTO_AUTH_KASUMI_F9);
if (retval < 0)
@@ -3844,7 +3839,7 @@ test_snow3g_cipher_auth(const struct snow3g_test_data *tdata)
RTE_CRYPTO_AUTH_SNOW3G_UIA2,
RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len);
+ tdata->digest.len);
if (retval < 0)
return retval;
ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
@@ -3927,7 +3922,7 @@ test_snow3g_auth_cipher(const struct snow3g_test_data *tdata)
RTE_CRYPTO_AUTH_SNOW3G_UIA2,
RTE_CRYPTO_CIPHER_SNOW3G_UEA2,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len);
+ tdata->digest.len);
if (retval < 0)
return retval;
@@ -4014,7 +4009,7 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata)
RTE_CRYPTO_AUTH_KASUMI_F9,
RTE_CRYPTO_CIPHER_KASUMI_F8,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len);
+ tdata->digest.len);
if (retval < 0)
return retval;
ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool);
@@ -4097,7 +4092,7 @@ test_kasumi_cipher_auth(const struct kasumi_test_data *tdata)
RTE_CRYPTO_AUTH_KASUMI_F9,
RTE_CRYPTO_CIPHER_KASUMI_F8,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len);
+ tdata->digest.len);
if (retval < 0)
return retval;
@@ -4349,7 +4344,7 @@ test_zuc_authentication(const struct wireless_test_data *tdata)
/* Create ZUC session */
retval = create_wireless_algo_hash_session(ts_params->valid_devs[0],
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->digest.len,
+ tdata->digest.len,
RTE_CRYPTO_AUTH_OP_GENERATE,
RTE_CRYPTO_AUTH_ZUC_EIA3);
if (retval < 0)
@@ -4816,7 +4811,7 @@ test_3DES_cipheronly_openssl_all(void)
static int
create_gcm_session(uint8_t dev_id, enum rte_crypto_cipher_operation op,
const uint8_t *key, const uint8_t key_len,
- const uint8_t aad_len, const uint8_t auth_len,
+ const uint8_t auth_len,
enum rte_crypto_auth_operation auth_op)
{
uint8_t cipher_key[key_len];
@@ -4844,7 +4839,6 @@ create_gcm_session(uint8_t dev_id, enum rte_crypto_cipher_operation op,
ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_AES_GCM;
ut_params->auth_xform.auth.digest_length = auth_len;
- ut_params->auth_xform.auth.add_auth_data_length = aad_len;
ut_params->auth_xform.auth.key.length = 0;
ut_params->auth_xform.auth.key.data = NULL;
@@ -4869,7 +4863,7 @@ static int
create_gcm_xforms(struct rte_crypto_op *op,
enum rte_crypto_cipher_operation cipher_op,
uint8_t *key, const uint8_t key_len,
- const uint8_t aad_len, const uint8_t auth_len,
+ const uint8_t auth_len,
enum rte_crypto_auth_operation auth_op)
{
TEST_ASSERT_NOT_NULL(rte_crypto_op_sym_xforms_alloc(op, 2),
@@ -4891,7 +4885,6 @@ create_gcm_xforms(struct rte_crypto_op *op,
sym_op->xform->next->auth.algo = RTE_CRYPTO_AUTH_AES_GCM;
sym_op->xform->next->auth.op = auth_op;
sym_op->xform->next->auth.digest_length = auth_len;
- sym_op->xform->next->auth.add_auth_data_length = aad_len;
sym_op->xform->next->auth.key.length = 0;
sym_op->xform->next->auth.key.data = NULL;
sym_op->xform->next->next = NULL;
@@ -5048,7 +5041,7 @@ test_mb_AES_GCM_authenticated_encryption(const struct gcm_test_data *tdata)
retval = create_gcm_session(ts_params->valid_devs[0],
RTE_CRYPTO_CIPHER_OP_ENCRYPT,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->auth_tag.len,
+ tdata->auth_tag.len,
RTE_CRYPTO_AUTH_OP_GENERATE);
if (retval < 0)
return retval;
@@ -5225,7 +5218,7 @@ test_mb_AES_GCM_authenticated_decryption(const struct gcm_test_data *tdata)
retval = create_gcm_session(ts_params->valid_devs[0],
RTE_CRYPTO_CIPHER_OP_DECRYPT,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->auth_tag.len,
+ tdata->auth_tag.len,
RTE_CRYPTO_AUTH_OP_VERIFY);
if (retval < 0)
return retval;
@@ -5391,7 +5384,7 @@ test_AES_GCM_authenticated_encryption_oop(const struct gcm_test_data *tdata)
retval = create_gcm_session(ts_params->valid_devs[0],
RTE_CRYPTO_CIPHER_OP_ENCRYPT,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->auth_tag.len,
+ tdata->auth_tag.len,
RTE_CRYPTO_AUTH_OP_GENERATE);
if (retval < 0)
return retval;
@@ -5467,7 +5460,7 @@ test_AES_GCM_authenticated_decryption_oop(const struct gcm_test_data *tdata)
retval = create_gcm_session(ts_params->valid_devs[0],
RTE_CRYPTO_CIPHER_OP_DECRYPT,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->auth_tag.len,
+ tdata->auth_tag.len,
RTE_CRYPTO_AUTH_OP_VERIFY);
if (retval < 0)
return retval;
@@ -5550,7 +5543,7 @@ test_AES_GCM_authenticated_encryption_sessionless(
retval = create_gcm_xforms(ut_params->op,
RTE_CRYPTO_CIPHER_OP_ENCRYPT,
key, tdata->key.len,
- tdata->aad.len, tdata->auth_tag.len,
+ tdata->auth_tag.len,
RTE_CRYPTO_AUTH_OP_GENERATE);
if (retval < 0)
return retval;
@@ -5630,7 +5623,7 @@ test_AES_GCM_authenticated_decryption_sessionless(
retval = create_gcm_xforms(ut_params->op,
RTE_CRYPTO_CIPHER_OP_DECRYPT,
key, tdata->key.len,
- tdata->aad.len, tdata->auth_tag.len,
+ tdata->auth_tag.len,
RTE_CRYPTO_AUTH_OP_VERIFY);
if (retval < 0)
return retval;
@@ -5750,7 +5743,6 @@ static int MD5_HMAC_create_session(struct crypto_testsuite_params *ts_params,
ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_MD5_HMAC;
ut_params->auth_xform.auth.digest_length = MD5_DIGEST_LEN;
- ut_params->auth_xform.auth.add_auth_data_length = 0;
ut_params->auth_xform.auth.key.length = test_case->key.len;
ut_params->auth_xform.auth.key.data = key;
@@ -6560,7 +6552,6 @@ static int create_gmac_session(uint8_t dev_id,
ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_AES_GMAC;
ut_params->auth_xform.auth.op = auth_op;
ut_params->auth_xform.auth.digest_length = tdata->gmac_tag.len;
- ut_params->auth_xform.auth.add_auth_data_length = 0;
ut_params->auth_xform.auth.key.length = 0;
ut_params->auth_xform.auth.key.data = NULL;
@@ -6909,7 +6900,6 @@ create_auth_session(struct crypto_unittest_params *ut_params,
ut_params->auth_xform.auth.key.length = reference->auth_key.len;
ut_params->auth_xform.auth.key.data = auth_key;
ut_params->auth_xform.auth.digest_length = reference->digest.len;
- ut_params->auth_xform.auth.add_auth_data_length = reference->aad.len;
/* Create Crypto session*/
ut_params->sess = rte_cryptodev_sym_session_create(dev_id,
@@ -6942,7 +6932,6 @@ create_auth_cipher_session(struct crypto_unittest_params *ut_params,
ut_params->auth_xform.auth.key.length = reference->auth_key.len;
ut_params->auth_xform.auth.key.data = auth_key;
ut_params->auth_xform.auth.digest_length = reference->digest.len;
- ut_params->auth_xform.auth.add_auth_data_length = reference->aad.len;
/* Setup Cipher Parameters */
ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
@@ -7466,7 +7455,7 @@ test_AES_GCM_authenticated_encryption_SGL(const struct gcm_test_data *tdata,
retval = create_gcm_session(ts_params->valid_devs[0],
RTE_CRYPTO_CIPHER_OP_ENCRYPT,
tdata->key.data, tdata->key.len,
- tdata->aad.len, tdata->auth_tag.len,
+ tdata->auth_tag.len,
RTE_CRYPTO_AUTH_OP_GENERATE);
if (retval < 0)
return retval;
@@ -2749,7 +2749,6 @@ test_perf_create_snow3g_session(uint8_t dev_id, enum chain_mode chain,
auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
auth_xform.auth.algo = auth_algo;
- auth_xform.auth.add_auth_data_length = SNOW3G_CIPHER_IV_LENGTH;
auth_xform.auth.key.data = snow3g_hash_key;
auth_xform.auth.key.length = get_auth_key_max_length(auth_algo);
auth_xform.auth.digest_length = get_auth_digest_length(auth_algo);