Re: [lng-odp] [API-NEXT PATCHv3] api: crypto: change iv_len field to feature min-max len

2017-05-18 Thread Krishna Garapati 
On 17 May 2017 at 22:29, Dmitry Eremin-Solenikov <
dmitry.ereminsoleni...@linaro.org> wrote:

> Balakrishna,
>
> On 17.05.2017 13:49, Balakrishna Garapati wrote:
> > dpdk pmd's require to minatain min, max, inc fields for all
> > crypto capabilitites. By making iv_len to feature like dpdk pmd's
> > it is easier to create cipher entires in odp based on key_len.
>
> Unless you'd like to express something more comlex than
> { .key_len = 128, .iv_len = 8 },
> { .key_len = 128, .iv_len = 12 },
> { .key_len = 192, .iv_len = 8 },
> { .key_len = 192, .iv_len = 12 },
> { .key_len = 256, .iv_len = 8 },
> { .key_len = 256, .iv_len = 12 },
>
> your suggestion adds more complexity.
>
instead of duplicating key_len's for different iv's I like to make a key
based array where the no.of entries can be limited by key_len index and
also limit the need to validate key_len for each entry.

>
> > Signed-off-by: Balakrishna Garapati 
> > ---
> >  since v1: fixed comments from v1,
> >- updated the description about the patch
> >- Fixed the bug in crypto validation
> >  since v2: if statement correction in validation "check_cipher_options"
> >
> >  include/odp/api/spec/crypto.h  | 12 +++-
> >  platform/linux-generic/odp_crypto.c|  8 +--
> >  .../validation/api/crypto/odp_crypto_test_inp.c| 81
> ++
> >  3 files changed, 37 insertions(+), 64 deletions(-)
> >
> > diff --git a/include/odp/api/spec/crypto.h
> b/include/odp/api/spec/crypto.h
> > index c47d314..a1b540a 100644
> > --- a/include/odp/api/spec/crypto.h
> > +++ b/include/odp/api/spec/crypto.h
> > @@ -497,7 +497,17 @@ typedef struct odp_crypto_cipher_capability_t {
> >   uint32_t key_len;
> >
> >   /** IV length in bytes */
> > - uint32_t iv_len;
> > + struct {
> > + /** Minimum iv length in bytes */
> > + uint32_t min;
> > +
> > + /** Maximum iv length in bytes */
> > + uint32_t max;
> > +
> > + /** Increment of supported lengths between min and max
> > +  *  (in bytes) */
> > + uint32_t inc;
> > + } iv_len;
> >
> >  } odp_crypto_cipher_capability_t;
> >
> > diff --git a/platform/linux-generic/odp_crypto.c
> b/platform/linux-generic/odp_crypto.c
> > index a0f3f7e..3e9b607 100644
> > --- a/platform/linux-generic/odp_crypto.c
> > +++ b/platform/linux-generic/odp_crypto.c
> > @@ -35,16 +35,16 @@
> >   * Keep sorted: first by key length, then by IV length
> >   */
> >  static const odp_crypto_cipher_capability_t cipher_capa_des[] = {
> > -{.key_len = 24, .iv_len = 8} };
> > +{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } };
> >
> >  static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = {
> > -{.key_len = 24, .iv_len = 8} };
> > +{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } };
> >
> >  static const odp_crypto_cipher_capability_t cipher_capa_aes_cbc[] = {
> > -{.key_len = 16, .iv_len = 16} };
> > +{.key_len = 16, .iv_len = {.min = 16, .max = 16, .inc = 0} } };
> >
> >  static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = {
> > -{.key_len = 16, .iv_len = 12} };
> > +{.key_len = 16, .iv_len = {.min = 12, .max = 12, .inc = 0} } };
> >
> >  /*
> >   * Authentication algorithm capabilities
> > diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
> b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
> > index 24ea493..0f98fe5 100644
> > --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
> > +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
> > @@ -93,10 +93,6 @@ static void alg_test(odp_crypto_op_t op,
> >   odp_crypto_op_param_t op_params;
> >   uint8_t *data_addr;
> >   int data_off;
> > - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA];
> > - odp_crypto_auth_capability_t   auth_capa[MAX_ALG_CAPA];
> > - int num, i;
> > - int found;
> >
> >   rc = odp_crypto_capability();
> >   CU_ASSERT(!rc);
> > @@ -136,59 +132,6 @@ static void alg_test(odp_crypto_op_t op,
> >   CU_ASSERT(!rc);
> >   CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0);
> >
> > - num = odp_crypto_cipher_capability(cipher_alg, cipher_capa,
> > -MAX_ALG_CAPA);
> > -
> > - if (cipher_alg != ODP_CIPHER_ALG_NULL) {
> > - CU_ASSERT(num > 0);
> > - found = 0;
> > - } else {
> > - CU_ASSERT(num == 0);
> > - found = 1;
> > - }
> > -
> > - CU_ASSERT(num <= MAX_ALG_CAPA);
> > -
> > - if (num > MAX_ALG_CAPA)
> > - num = MAX_ALG_CAPA;
> > -
> > - /* Search for the test case */
> > - for (i = 0; i < num; i++) {
> > - if (cipher_capa[i].key_len == cipher_key.length &&
> > - cipher_capa[i].iv_len  == ses_iv.length) {
> > - found = 1;
> > -

Re: [lng-odp] [API-NEXT PATCHv3] api: crypto: change iv_len field to feature min-max len

2017-05-17 Thread Dmitry Eremin-Solenikov 
Balakrishna,

On 17.05.2017 13:49, Balakrishna Garapati wrote:
> dpdk pmd's require to minatain min, max, inc fields for all
> crypto capabilitites. By making iv_len to feature like dpdk pmd's
> it is easier to create cipher entires in odp based on key_len.

Unless you'd like to express something more comlex than
{ .key_len = 128, .iv_len = 8 },
{ .key_len = 128, .iv_len = 12 },
{ .key_len = 192, .iv_len = 8 },
{ .key_len = 192, .iv_len = 12 },
{ .key_len = 256, .iv_len = 8 },
{ .key_len = 256, .iv_len = 12 },

your suggestion adds more complexity.

> Signed-off-by: Balakrishna Garapati 
> ---
>  since v1: fixed comments from v1,
>- updated the description about the patch
>- Fixed the bug in crypto validation
>  since v2: if statement correction in validation "check_cipher_options"
> 
>  include/odp/api/spec/crypto.h  | 12 +++-
>  platform/linux-generic/odp_crypto.c|  8 +--
>  .../validation/api/crypto/odp_crypto_test_inp.c| 81 
> ++
>  3 files changed, 37 insertions(+), 64 deletions(-)
> 
> diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h
> index c47d314..a1b540a 100644
> --- a/include/odp/api/spec/crypto.h
> +++ b/include/odp/api/spec/crypto.h
> @@ -497,7 +497,17 @@ typedef struct odp_crypto_cipher_capability_t {
>   uint32_t key_len;
> 
>   /** IV length in bytes */
> - uint32_t iv_len;
> + struct {
> + /** Minimum iv length in bytes */
> + uint32_t min;
> +
> + /** Maximum iv length in bytes */
> + uint32_t max;
> +
> + /** Increment of supported lengths between min and max
> +  *  (in bytes) */
> + uint32_t inc;
> + } iv_len;
> 
>  } odp_crypto_cipher_capability_t;
> 
> diff --git a/platform/linux-generic/odp_crypto.c 
> b/platform/linux-generic/odp_crypto.c
> index a0f3f7e..3e9b607 100644
> --- a/platform/linux-generic/odp_crypto.c
> +++ b/platform/linux-generic/odp_crypto.c
> @@ -35,16 +35,16 @@
>   * Keep sorted: first by key length, then by IV length
>   */
>  static const odp_crypto_cipher_capability_t cipher_capa_des[] = {
> -{.key_len = 24, .iv_len = 8} };
> +{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } };
> 
>  static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = {
> -{.key_len = 24, .iv_len = 8} };
> +{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } };
> 
>  static const odp_crypto_cipher_capability_t cipher_capa_aes_cbc[] = {
> -{.key_len = 16, .iv_len = 16} };
> +{.key_len = 16, .iv_len = {.min = 16, .max = 16, .inc = 0} } };
> 
>  static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = {
> -{.key_len = 16, .iv_len = 12} };
> +{.key_len = 16, .iv_len = {.min = 12, .max = 12, .inc = 0} } };
> 
>  /*
>   * Authentication algorithm capabilities
> diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c 
> b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
> index 24ea493..0f98fe5 100644
> --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
> +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
> @@ -93,10 +93,6 @@ static void alg_test(odp_crypto_op_t op,
>   odp_crypto_op_param_t op_params;
>   uint8_t *data_addr;
>   int data_off;
> - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA];
> - odp_crypto_auth_capability_t   auth_capa[MAX_ALG_CAPA];
> - int num, i;
> - int found;
> 
>   rc = odp_crypto_capability();
>   CU_ASSERT(!rc);
> @@ -136,59 +132,6 @@ static void alg_test(odp_crypto_op_t op,
>   CU_ASSERT(!rc);
>   CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0);
> 
> - num = odp_crypto_cipher_capability(cipher_alg, cipher_capa,
> -MAX_ALG_CAPA);
> -
> - if (cipher_alg != ODP_CIPHER_ALG_NULL) {
> - CU_ASSERT(num > 0);
> - found = 0;
> - } else {
> - CU_ASSERT(num == 0);
> - found = 1;
> - }
> -
> - CU_ASSERT(num <= MAX_ALG_CAPA);
> -
> - if (num > MAX_ALG_CAPA)
> - num = MAX_ALG_CAPA;
> -
> - /* Search for the test case */
> - for (i = 0; i < num; i++) {
> - if (cipher_capa[i].key_len == cipher_key.length &&
> - cipher_capa[i].iv_len  == ses_iv.length) {
> - found = 1;
> - break;
> - }
> - }
> -
> - CU_ASSERT(found);
> -
> - num = odp_crypto_auth_capability(auth_alg, auth_capa, MAX_ALG_CAPA);
> -
> - if (auth_alg != ODP_AUTH_ALG_NULL) {
> - CU_ASSERT(num > 0);
> - found = 0;
> - } else {
> - CU_ASSERT(num == 0);
> - found = 1;
> - }
> -
> - CU_ASSERT(num <= MAX_ALG_CAPA);
> -
> - if (num > MAX_ALG_CAPA)
> - num = MAX_ALG_CAPA;
> -
> - /* Search for the test case */
> -

[lng-odp] [API-NEXT PATCHv3] api: crypto: change iv_len field to feature min-max len

2017-05-17 Thread Balakrishna Garapati 
dpdk pmd's require to minatain min, max, inc fields for all
crypto capabilitites. By making iv_len to feature like dpdk pmd's
it is easier to create cipher entires in odp based on key_len.

Signed-off-by: Balakrishna Garapati 
---
 since v1: fixed comments from v1,
   - updated the description about the patch
   - Fixed the bug in crypto validation
 since v2: if statement correction in validation "check_cipher_options"

 include/odp/api/spec/crypto.h  | 12 +++-
 platform/linux-generic/odp_crypto.c|  8 +--
 .../validation/api/crypto/odp_crypto_test_inp.c| 81 ++
 3 files changed, 37 insertions(+), 64 deletions(-)

diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h
index c47d314..a1b540a 100644
--- a/include/odp/api/spec/crypto.h
+++ b/include/odp/api/spec/crypto.h
@@ -497,7 +497,17 @@ typedef struct odp_crypto_cipher_capability_t {
uint32_t key_len;

/** IV length in bytes */
-   uint32_t iv_len;
+   struct {
+   /** Minimum iv length in bytes */
+   uint32_t min;
+
+   /** Maximum iv length in bytes */
+   uint32_t max;
+
+   /** Increment of supported lengths between min and max
+*  (in bytes) */
+   uint32_t inc;
+   } iv_len;

 } odp_crypto_cipher_capability_t;

diff --git a/platform/linux-generic/odp_crypto.c 
b/platform/linux-generic/odp_crypto.c
index a0f3f7e..3e9b607 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -35,16 +35,16 @@
  * Keep sorted: first by key length, then by IV length
  */
 static const odp_crypto_cipher_capability_t cipher_capa_des[] = {
-{.key_len = 24, .iv_len = 8} };
+{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } };

 static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = {
-{.key_len = 24, .iv_len = 8} };
+{.key_len = 24, .iv_len = {.min = 8, .max = 8, .inc = 0} } };

 static const odp_crypto_cipher_capability_t cipher_capa_aes_cbc[] = {
-{.key_len = 16, .iv_len = 16} };
+{.key_len = 16, .iv_len = {.min = 16, .max = 16, .inc = 0} } };

 static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = {
-{.key_len = 16, .iv_len = 12} };
+{.key_len = 16, .iv_len = {.min = 12, .max = 12, .inc = 0} } };

 /*
  * Authentication algorithm capabilities
diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c 
b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
index 24ea493..0f98fe5 100644
--- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
+++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c
@@ -93,10 +93,6 @@ static void alg_test(odp_crypto_op_t op,
odp_crypto_op_param_t op_params;
uint8_t *data_addr;
int data_off;
-   odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA];
-   odp_crypto_auth_capability_t   auth_capa[MAX_ALG_CAPA];
-   int num, i;
-   int found;

rc = odp_crypto_capability();
CU_ASSERT(!rc);
@@ -136,59 +132,6 @@ static void alg_test(odp_crypto_op_t op,
CU_ASSERT(!rc);
CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0);

-   num = odp_crypto_cipher_capability(cipher_alg, cipher_capa,
-  MAX_ALG_CAPA);
-
-   if (cipher_alg != ODP_CIPHER_ALG_NULL) {
-   CU_ASSERT(num > 0);
-   found = 0;
-   } else {
-   CU_ASSERT(num == 0);
-   found = 1;
-   }
-
-   CU_ASSERT(num <= MAX_ALG_CAPA);
-
-   if (num > MAX_ALG_CAPA)
-   num = MAX_ALG_CAPA;
-
-   /* Search for the test case */
-   for (i = 0; i < num; i++) {
-   if (cipher_capa[i].key_len == cipher_key.length &&
-   cipher_capa[i].iv_len  == ses_iv.length) {
-   found = 1;
-   break;
-   }
-   }
-
-   CU_ASSERT(found);
-
-   num = odp_crypto_auth_capability(auth_alg, auth_capa, MAX_ALG_CAPA);
-
-   if (auth_alg != ODP_AUTH_ALG_NULL) {
-   CU_ASSERT(num > 0);
-   found = 0;
-   } else {
-   CU_ASSERT(num == 0);
-   found = 1;
-   }
-
-   CU_ASSERT(num <= MAX_ALG_CAPA);
-
-   if (num > MAX_ALG_CAPA)
-   num = MAX_ALG_CAPA;
-
-   /* Search for the test case */
-   for (i = 0; i < num; i++) {
-   if (auth_capa[i].digest_len == digest_len &&
-   auth_capa[i].key_len== auth_key.length) {
-   found = 1;
-   break;
-   }
-   }
-
-   CU_ASSERT(found);
-
/* Create a crypto session */
odp_crypto_session_param_init(_params);
ses_params.op = op;
@@ -379,14 +322,34 @@ static int check_cipher_options(odp_cipher_alg_t cipher, 
uint32_t key_len,
 {