diff options
| author | Janne Peltonen <janne.peltonen@nokia.com> | 2023-03-22 12:23:15 +0200 |
|---|---|---|
| committer | Matias Elo <matias.elo@nokia.com> | 2023-03-23 08:55:21 +0200 |
| commit | 4822dfbe714d18772e6eed7539d8d62930969737 (patch) | |
| tree | 3e392eabda5a2489b639e60083f6d1b35c2d4c7c /platform/linux-dpdk | |
| parent | bb2e517d0cef5a44ab5322f286201306c1d7a502 (diff) | |
linux-dpdk: crypto: accept AES-GMAC only with non-null cipher
Combining AES-GMAC with a non-null cipher does not work with certain
crypto devices (at least aesni_mb and openssl) even though DPDK crypto
session creation succeeds.
Fail ODP crypto session creation and return ODP_CRYPTO_SES_ERR_ALG_COMBO
if AES-GMAC is requested with any cipher other than the null cipher.
This will prevent failures in validation tests that will later test all
combinations that are indicated to be supported.
Since combining AES-GMAC with a non-null cipher is not expected to be
a real-life use case, disable the combination for all crypto devices,
not just the ones known not to work.
Signed-off-by: Janne Peltonen <janne.peltonen@nokia.com>
Reviewed-by: Matias Elo <matias.elo@nokia.com>
Diffstat (limited to 'platform/linux-dpdk')
| -rw-r--r-- | platform/linux-dpdk/odp_crypto.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/platform/linux-dpdk/odp_crypto.c b/platform/linux-dpdk/odp_crypto.c index c1cac8566..800b42973 100644 --- a/platform/linux-dpdk/odp_crypto.c +++ b/platform/linux-dpdk/odp_crypto.c @@ -1399,6 +1399,13 @@ int odp_crypto_session_create(const odp_crypto_session_param_t *param, return -1; } + if (param->auth_alg == ODP_AUTH_ALG_AES_GMAC && + param->cipher_alg != ODP_CIPHER_ALG_NULL) { + *status = ODP_CRYPTO_SES_ERR_ALG_COMBO; + *session_out = ODP_CRYPTO_SESSION_INVALID; + return -1; + } + /* ODP_CRYPTO_OP_TYPE_OOP not supported */ if (param->op_type == ODP_CRYPTO_OP_TYPE_OOP) { *status = ODP_CRYPTO_SES_ERR_PARAMS; |