Message ID | 20190826094120.22590-1-michaelsh@marvell.com (mailing list archive) |
---|---|
Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id D31741BF49; Mon, 26 Aug 2019 11:23:28 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by dpdk.org (Postfix) with ESMTP id 82F661BF46 for <dev@dpdk.org>; Mon, 26 Aug 2019 11:23:27 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x7Q9JZvZ020149; Mon, 26 Aug 2019 02:23:27 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=pfpt0818; bh=VY7JCEO7CVVaI4RtmqVWRganz4aMcZNtuXMK48F6snI=; b=VvAy4pd+GvfM/HNzztIz2b0K/MHhuJO9NxmMU59I0U/62/oY4+biHhmq6qJCcXwy+65B eQbx/A/fCvsBueECtz7A/boviYbIfc2QESxG+9k/BeDDQrqS2KfW3KXfsaLhPg2yi/Cr oNYTy+ysevyucC97MMVS/xJ7Q6FrfnI9qWfIoeK7NNaSpmETTdq2euu7VJ81x3QzKa1j AQU5GxFIc/uTNYGY8W0r4a2AxG8wz+MQ5QlkXld9/gDfMLOgTk9+F7r9H5oRzMeLQwNw Jkh47K9MWf89AA0vP+FlE/feWRX6AAM8DYNyFu+DjqTWAdCglg01B2mFP0ZstAzKVSSe rQ== Received: from sc-exch04.marvell.com ([199.233.58.184]) by mx0b-0016f401.pphosted.com with ESMTP id 2uk4rke1gf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 26 Aug 2019 02:23:26 -0700 Received: from SC-EXCH01.marvell.com (10.93.176.81) by SC-EXCH04.marvell.com (10.93.176.84) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Mon, 26 Aug 2019 02:23:25 -0700 Received: from maili.marvell.com (10.93.176.43) by SC-EXCH01.marvell.com (10.93.176.81) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Mon, 26 Aug 2019 02:23:25 -0700 Received: from vvenus375.il.marvell.com (unknown [10.5.120.75]) by maili.marvell.com (Postfix) with ESMTP id CCBA43F703F; Mon, 26 Aug 2019 02:23:23 -0700 (PDT) From: <michaelsh@marvell.com> To: <marko.kovacevic@intel.com> CC: <dev@dpdk.org>, <lironh@marvell.com>, <michaelsh@marvell.com> Date: Mon, 26 Aug 2019 12:41:08 +0300 Message-ID: <20190826094120.22590-1-michaelsh@marvell.com> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:5.22.84,1.0.8 definitions=2019-08-26_06:2019-08-23,2019-08-26 signatures=0 Subject: [dpdk-dev] [PATCH 00/12] FIPS improvements X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
Series |
FIPS improvements
|
|
Message
Michael Shamis
Aug. 26, 2019, 9:41 a.m. UTC
From: Michael Shamis <michaelsh@marvell.com>
Added support for ECB mode in TDES and AES.
Fixed some bugs in TDES and AES-GCM.
Michael Shamis (12):
examples/fips: added support for SHA algorithm in FIPS tests
examples/fips: added support for TDES ECB mode in FIPS tests
examples/fips: added support AES ECB mode in FIPS tests
examples/fips: fix bad return code in fips_test_parse_header()
examples/fips: AES-GCM vectors will use aead structure
examples/fips: set initial IV in AES-GCM if configured only salt value
examples/fips: keep digest after crypto text
examples/fips: AES-GCM decryption vectors fix
examples/fips: fix KEY and PT output prints for TDES mode
examples/fips: supported IV, PT and CT init for TDES ECB mode
examples/fips: algorithm definition by folder if it's not in file
examples/fips: erroneous overwrite of PLAINTEXT after DECRYPT
examples/fips_validation/fips_validation.c | 92 ++++++--
examples/fips_validation/fips_validation.h | 7 +
.../fips_validation/fips_validation_aes.c | 1 +
.../fips_validation/fips_validation_gcm.c | 39 +++-
.../fips_validation/fips_validation_tdes.c | 7 +
examples/fips_validation/main.c | 204 +++++++++++++++---
6 files changed, 301 insertions(+), 49 deletions(-)
Comments
Hi Michael, Please try to improve descriptions and patch titles as per the suggestions given below. There are many patches which are fixes. Are the eligible for backport to stable branches? The support which is getting added, is it eligible for documentation update for the application. -Akhil > > Added support for ECB mode in TDES and AES. > Fixed some bugs in TDES and AES-GCM. > > Michael Shamis (12): > examples/fips: added support for SHA algorithm in FIPS tests examples/fips_validation: support SHA > examples/fips: added support for TDES ECB mode in FIPS tests examples/fips_validation: support TDES ECB > examples/fips: added support AES ECB mode in FIPS tests examples/fips_validation: support AES ECB > examples/fips: fix bad return code in fips_test_parse_header() examples/fips_validation: fix bad return value Can be a separate patch from this set. Also send to stable. > examples/fips: AES-GCM vectors will use aead structure examples/fips_validation: use AEAD based structs for AES-GCM rather it is a fix and should be sent to stable and the title would be examples/fips_validation: fix structs used for AES-GCM > examples/fips: set initial IV in AES-GCM if configured only salt value examples/fips_validation: initialize IV for AES-GCM > examples/fips: keep digest after crypto text examples/fips_validation: move digest after cipher text > examples/fips: AES-GCM decryption vectors fix examples/fips_validation: fix AES-GCM decryption vector Add fixes line and cc stable. Can be a separate patchset for fixes. > examples/fips: fix KEY and PT output prints for TDES mode Does not have a patch description and title does not look to justify the patch. > examples/fips: supported IV, PT and CT init for TDES ECB mode Again there is no patch description and title is pretty long. Try to make it short. > examples/fips: algorithm definition by folder if it's not in file examples/fips_validation: improve algo parsing logic update description text to elaborate the need for this logic > examples/fips: erroneous overwrite of PLAINTEXT after DECRYPT examples/fips_validation: fix plain text overwrite send to stable and add fixes line. > > examples/fips_validation/fips_validation.c | 92 ++++++-- > examples/fips_validation/fips_validation.h | 7 + > .../fips_validation/fips_validation_aes.c | 1 + > .../fips_validation/fips_validation_gcm.c | 39 +++- > .../fips_validation/fips_validation_tdes.c | 7 + > examples/fips_validation/main.c | 204 +++++++++++++++--- > 6 files changed, 301 insertions(+), 49 deletions(-) > > -- > 2.23.0
Hi Akhil, I send 2 patch sets: one for new functionality support and another one for fixes. One patch was sent separately from both of the sets according to your requirement: >> examples/fips: fix bad return code in fips_test_parse_header() >examples/fips_validation: fix bad return value Can be a separate patch from this set. Also send to stable. Please instruct me how to send the patches to stable. Thanks, Michael -----Original Message----- From: Akhil Goyal <akhil.goyal@nxp.com> Sent: Wednesday, September 4, 2019 1:14 PM To: Michael Shamis <michaelsh@marvell.com>; marko.kovacevic@intel.com Cc: dev@dpdk.org; Liron Himi <lironh@marvell.com> Subject: [EXT] RE: [dpdk-dev] [PATCH 00/12] FIPS improvements External Email ---------------------------------------------------------------------- Hi Michael, Please try to improve descriptions and patch titles as per the suggestions given below. There are many patches which are fixes. Are the eligible for backport to stable branches? The support which is getting added, is it eligible for documentation update for the application. -Akhil > > Added support for ECB mode in TDES and AES. > Fixed some bugs in TDES and AES-GCM. > > Michael Shamis (12): > examples/fips: added support for SHA algorithm in FIPS tests examples/fips_validation: support SHA > examples/fips: added support for TDES ECB mode in FIPS tests examples/fips_validation: support TDES ECB > examples/fips: added support AES ECB mode in FIPS tests examples/fips_validation: support AES ECB > examples/fips: fix bad return code in fips_test_parse_header() examples/fips_validation: fix bad return value Can be a separate patch from this set. Also send to stable. > examples/fips: AES-GCM vectors will use aead structure examples/fips_validation: use AEAD based structs for AES-GCM rather it is a fix and should be sent to stable and the title would be examples/fips_validation: fix structs used for AES-GCM > examples/fips: set initial IV in AES-GCM if configured only salt > value examples/fips_validation: initialize IV for AES-GCM > examples/fips: keep digest after crypto text examples/fips_validation: move digest after cipher text > examples/fips: AES-GCM decryption vectors fix examples/fips_validation: fix AES-GCM decryption vector Add fixes line and cc stable. Can be a separate patchset for fixes. > examples/fips: fix KEY and PT output prints for TDES mode Does not have a patch description and title does not look to justify the patch. > examples/fips: supported IV, PT and CT init for TDES ECB mode Again there is no patch description and title is pretty long. Try to make it short. > examples/fips: algorithm definition by folder if it's not in file examples/fips_validation: improve algo parsing logic update description text to elaborate the need for this logic > examples/fips: erroneous overwrite of PLAINTEXT after DECRYPT examples/fips_validation: fix plain text overwrite send to stable and add fixes line. > > examples/fips_validation/fips_validation.c | 92 ++++++-- > examples/fips_validation/fips_validation.h | 7 + > .../fips_validation/fips_validation_aes.c | 1 + > .../fips_validation/fips_validation_gcm.c | 39 +++- > .../fips_validation/fips_validation_tdes.c | 7 + > examples/fips_validation/main.c | 204 +++++++++++++++--- > 6 files changed, 301 insertions(+), 49 deletions(-) > > -- > 2.23.0
> > Hi Akhil, > > I send 2 patch sets: one for new functionality support and another one for fixes. > One patch was sent separately from both of the sets according to your > requirement: Ok will have a look. Thanks. > > >> examples/fips: fix bad return code in fips_test_parse_header() > >examples/fips_validation: fix bad return value Can be a separate patch from > this set. Also send to stable. > > Please instruct me how to send the patches to stable. You just need to cc stable@dpdk.org and add this in the commit message as well below the fixes line. You can check the git log for reference for the fixes. I will do this when I will apply the patch. You can take care of this in future. Thanks, Akhil > > Thanks, > Michael > > -----Original Message----- > From: Akhil Goyal <akhil.goyal@nxp.com> > Sent: Wednesday, September 4, 2019 1:14 PM > To: Michael Shamis <michaelsh@marvell.com>; marko.kovacevic@intel.com > Cc: dev@dpdk.org; Liron Himi <lironh@marvell.com> > Subject: [EXT] RE: [dpdk-dev] [PATCH 00/12] FIPS improvements > > External Email > > ---------------------------------------------------------------------- > Hi Michael, > > Please try to improve descriptions and patch titles as per the suggestions given > below. > There are many patches which are fixes. Are the eligible for backport to stable > branches? > The support which is getting added, is it eligible for documentation update for > the application. > > -Akhil > > > > > Added support for ECB mode in TDES and AES. > > Fixed some bugs in TDES and AES-GCM. > > > > Michael Shamis (12): > > examples/fips: added support for SHA algorithm in FIPS tests > examples/fips_validation: support SHA > > > examples/fips: added support for TDES ECB mode in FIPS tests > examples/fips_validation: support TDES ECB > > > examples/fips: added support AES ECB mode in FIPS tests > examples/fips_validation: support AES ECB > > > examples/fips: fix bad return code in fips_test_parse_header() > examples/fips_validation: fix bad return value Can be a separate patch from this > set. Also send to stable. > > > examples/fips: AES-GCM vectors will use aead structure > examples/fips_validation: use AEAD based structs for AES-GCM rather it is a fix > and should be sent to stable and the title would be > examples/fips_validation: fix structs used for AES-GCM > > > examples/fips: set initial IV in AES-GCM if configured only salt > > value > examples/fips_validation: initialize IV for AES-GCM > > > examples/fips: keep digest after crypto text > examples/fips_validation: move digest after cipher text > > > examples/fips: AES-GCM decryption vectors fix > examples/fips_validation: fix AES-GCM decryption vector Add fixes line and cc > stable. Can be a separate patchset for fixes. > > > examples/fips: fix KEY and PT output prints for TDES mode > Does not have a patch description and title does not look to justify the patch. > > > examples/fips: supported IV, PT and CT init for TDES ECB mode > Again there is no patch description and title is pretty long. Try to make it short. > > > examples/fips: algorithm definition by folder if it's not in file > examples/fips_validation: improve algo parsing logic update description text to > elaborate the need for this logic > > > examples/fips: erroneous overwrite of PLAINTEXT after DECRYPT > examples/fips_validation: fix plain text overwrite send to stable and add fixes > line. > > > > > examples/fips_validation/fips_validation.c | 92 ++++++-- > > examples/fips_validation/fips_validation.h | 7 + > > .../fips_validation/fips_validation_aes.c | 1 + > > .../fips_validation/fips_validation_gcm.c | 39 +++- > > .../fips_validation/fips_validation_tdes.c | 7 + > > examples/fips_validation/main.c | 204 +++++++++++++++--- > > 6 files changed, 301 insertions(+), 49 deletions(-) > > > > -- > > 2.23.0
From: Michael Shamis <michaelsh@marvell.com>
v3:
Changed patch names to comply DPDK contributing
requirements
v2:
fips_validation-separation-between-HMAC-SHA.patch
has been moved to fix patch
Michael Shamis (3):
examples/fips_validation: add TDES ECB support
examples/fips_validation: add AES ECB support
examples/fips_validation: separate ECB and CBC
examples/fips_validation/fips_validation.c | 1 +
examples/fips_validation/fips_validation.h | 7 +
.../fips_validation/fips_validation_aes.c | 1 +
.../fips_validation/fips_validation_tdes.c | 7 +
examples/fips_validation/main.c | 189 +++++++++++++++---
5 files changed, 179 insertions(+), 26 deletions(-)
Hi Marko, Could you please review this series. Regards, Akhil > -----Original Message----- > From: michaelsh@marvell.com <michaelsh@marvell.com> > Sent: Tuesday, October 1, 2019 4:53 PM > To: Akhil Goyal <akhil.goyal@nxp.com> > Cc: dev@dpdk.org; marko.kovacevic@intel.com; lironh@marvell.com; > michaelsh@marvell.com > Subject: [PATCH v3 0/3] support ECB for AES and TDES > > From: Michael Shamis <michaelsh@marvell.com> > > v3: > Changed patch names to comply DPDK contributing > requirements > v2: > fips_validation-separation-between-HMAC-SHA.patch > has been moved to fix patch > > Michael Shamis (3): > examples/fips_validation: add TDES ECB support > examples/fips_validation: add AES ECB support > examples/fips_validation: separate ECB and CBC > > examples/fips_validation/fips_validation.c | 1 + > examples/fips_validation/fips_validation.h | 7 + > .../fips_validation/fips_validation_aes.c | 1 + > .../fips_validation/fips_validation_tdes.c | 7 + > examples/fips_validation/main.c | 189 +++++++++++++++--- > 5 files changed, 179 insertions(+), 26 deletions(-) > > -- > 2.23.0
Hi Marko, A kind reminder. We are approaching RC1 date. Could you please review this series? Regards, Akhil > -----Original Message----- > From: Akhil Goyal > Sent: Friday, October 4, 2019 4:04 PM > To: marko.kovacevic@intel.com > Cc: dev@dpdk.org; lironh@marvell.com; michaelsh@marvell.com > Subject: RE: [PATCH v3 0/3] support ECB for AES and TDES > > Hi Marko, > > Could you please review this series. > > Regards, > Akhil > > > -----Original Message----- > > From: michaelsh@marvell.com <michaelsh@marvell.com> > > Sent: Tuesday, October 1, 2019 4:53 PM > > To: Akhil Goyal <akhil.goyal@nxp.com> > > Cc: dev@dpdk.org; marko.kovacevic@intel.com; lironh@marvell.com; > > michaelsh@marvell.com > > Subject: [PATCH v3 0/3] support ECB for AES and TDES > > > > From: Michael Shamis <michaelsh@marvell.com> > > > > v3: > > Changed patch names to comply DPDK contributing > > requirements > > v2: > > fips_validation-separation-between-HMAC-SHA.patch > > has been moved to fix patch > > > > Michael Shamis (3): > > examples/fips_validation: add TDES ECB support > > examples/fips_validation: add AES ECB support > > examples/fips_validation: separate ECB and CBC > > > > examples/fips_validation/fips_validation.c | 1 + > > examples/fips_validation/fips_validation.h | 7 + > > .../fips_validation/fips_validation_aes.c | 1 + > > .../fips_validation/fips_validation_tdes.c | 7 + > > examples/fips_validation/main.c | 189 +++++++++++++++--- > > 5 files changed, 179 insertions(+), 26 deletions(-) > > > > -- > > 2.23.0
> > > -----Original Message----- > > > From: michaelsh@marvell.com <michaelsh@marvell.com> > > > Sent: Tuesday, October 1, 2019 4:53 PM > > > To: Akhil Goyal <akhil.goyal@nxp.com> > > > Cc: dev@dpdk.org; marko.kovacevic@intel.com; lironh@marvell.com; > > > michaelsh@marvell.com > > > Subject: [PATCH v3 0/3] support ECB for AES and TDES > > > > > > From: Michael Shamis <michaelsh@marvell.com> > > > > > > v3: > > > Changed patch names to comply DPDK contributing > > > requirements > > > v2: > > > fips_validation-separation-between-HMAC-SHA.patch > > > has been moved to fix patch > > > > > > Michael Shamis (3): > > > examples/fips_validation: add TDES ECB support > > > examples/fips_validation: add AES ECB support > > > examples/fips_validation: separate ECB and CBC > > > > > > examples/fips_validation/fips_validation.c | 1 + > > > examples/fips_validation/fips_validation.h | 7 + > > > .../fips_validation/fips_validation_aes.c | 1 + > > > .../fips_validation/fips_validation_tdes.c | 7 + > > > examples/fips_validation/main.c | 189 +++++++++++++++--- > > > 5 files changed, 179 insertions(+), 26 deletions(-) > > > > > > -- > > > 2.23.0 Applied to dpdk-next-crypto Thanks.