[v3,2/8] cryptodev: add digest encrypted feature flag
Checks
Commit Message
Some PMDs can only support digest being
encrypted separately in auth-cipher operations.
Thus it is required to add feature flag in PMD
to reflect if it does support digest-appended
both: digest generation with encryption and
decryption with digest verification.
This patch also adds information about new
feature flag to the release notes.
Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
---
doc/guides/cryptodevs/features/default.ini | 1 +
doc/guides/cryptodevs/overview.rst | 3 +++
doc/guides/rel_notes/release_19_08.rst | 3 +++
lib/librte_cryptodev/rte_cryptodev.c | 2 ++
lib/librte_cryptodev/rte_cryptodev.h | 2 ++
5 files changed, 11 insertions(+)
Comments
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Damian Nowak
> Sent: Wednesday, July 3, 2019 12:16 PM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Trahe, Fiona <fiona.trahe@intel.com>; Kusztal,
> ArkadiuszX <arkadiuszx.kusztal@intel.com>; Nowak, DamianX
> <damianx.nowak@intel.com>
> Subject: [dpdk-dev] [PATCH v3 2/8] cryptodev: add digest encrypted feature
> flag
>
> Some PMDs can only support digest being
> encrypted separately in auth-cipher operations.
> Thus it is required to add feature flag in PMD to reflect if it does support
> digest-appended
> both: digest generation with encryption and decryption with digest
> verification.
> This patch also adds information about new feature flag to the release
> notes.
>
> Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Looks good. Just one comment below:
> +++ b/doc/guides/rel_notes/release_19_08.rst
> @@ -169,6 +169,9 @@ API Changes
> structure (``rte_crypto_cipher_xform``, ``rte_crypto_auth_xform``, and
> ``rte_crypto_aead_xform``) have been changed to ``const uint8_t *data``.
>
> +* cryptodev: ``RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED`` feature flag
> + has been introduced.
I don't think you need to add anything here, as you are extending the feature flags,
not changing any, so there is no API breakage.
Apart from this comment:
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> >
> > Some PMDs can only support digest being
> > encrypted separately in auth-cipher operations.
> > Thus it is required to add feature flag in PMD to reflect if it does support
> > digest-appended
> > both: digest generation with encryption and decryption with digest
> > verification.
> > This patch also adds information about new feature flag to the release
> > notes.
> >
> > Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
>
> Looks good. Just one comment below:
>
> > +++ b/doc/guides/rel_notes/release_19_08.rst
> > @@ -169,6 +169,9 @@ API Changes
> > structure (``rte_crypto_cipher_xform``, ``rte_crypto_auth_xform``, and
> > ``rte_crypto_aead_xform``) have been changed to ``const uint8_t *data``.
> >
> > +* cryptodev: ``RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED`` feature flag
> > + has been introduced.
>
> I don't think you need to add anything here, as you are extending the feature
> flags,
> not changing any, so there is no API breakage.
>
> Apart from this comment:
>
> Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Removed changes in the release notes, as suggested by Pablo.
Series Applied to dpdk-next-crypto
Thanks.
@@ -25,6 +25,7 @@ OOP LB In SGL Out =
OOP LB In LB Out =
RSA PRIV OP KEY EXP =
RSA PRIV OP KEY QT =
+Digest encrypted =
;
; Supported crypto algorithms of a default crypto driver.
@@ -43,6 +43,9 @@ Supported Feature Flags
- "RSA PRIV OP KEY QT" feature flag means PMD support RSA private key
operation (Sign and Decrypt) using quintuple (crt) type key only.
+ - "Digest encrypted" feature flag means PMD support hash-cipher cases,
+ where generated digest is appended to and encrypted with the data.
+
Supported Cipher Algorithms
---------------------------
@@ -169,6 +169,9 @@ API Changes
structure (``rte_crypto_cipher_xform``, ``rte_crypto_auth_xform``, and
``rte_crypto_aead_xform``) have been changed to ``const uint8_t *data``.
+* cryptodev: ``RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED`` feature flag
+ has been introduced.
+
ABI Changes
-----------
@@ -490,6 +490,8 @@ rte_cryptodev_get_feature_name(uint64_t flag)
return "RSA_PRIV_OP_KEY_EXP";
case RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT:
return "RSA_PRIV_OP_KEY_QT";
+ case RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED:
+ return "DIGEST_ENCRYPTED";
default:
return NULL;
}
@@ -446,6 +446,8 @@ rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum,
/**< Support RSA Private Key OP with exponent */
#define RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT (1ULL << 18)
/**< Support RSA Private Key OP with CRT (quintuple) Keys */
+#define RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED (1ULL << 19)
+/**< Support encrypted-digest operations where digest is appended to data */
/**