I'm happy with this series, but I think Bala and Nikhil should be the reviewers since we want to be sure it doesn't impact their crypto implementations.
On Thu, Dec 8, 2016 at 8:05 AM, Petri Savolainen <[email protected]> wrote: > Various cipher and authentication algorithms support multiple key/IV/digest > lengths. It's not a scalable solution to define these lengths as part of > algorithm enumeration. This patch set deprecates enumerations (e.g. > ODP_CIPHER_ALG_AES128_CBC) with length definitions. Those are still supported > but will be removed in next API version. New enumerations define only > algorithm names, with the exception of SHA-2 family of algorithms which are > commonly referred with their digest length (such as SHA-256). The supported > key/IV/digest lengths are requested with two new functions > odp_crypto_cipher_capa() and odp_crypto_auth_capa(). Usage of HMAC is included > into authentication algorithm name (it used to be implicit). Only currently > supported and validation tested algorithms are defined, but later on e.g. MD5 > or SHA-256 (without HMAC) may be defined as well as a set of new algorithms. > > Supported key/IV/digest lengths are set to values that pass current validation > test suite. Some tests may need to be updated with their key/IV/digest length > usage. For example, AES-GCM authentication test uses key length of zero bytes > (since it's paired with AES-GCM cipher). > > > v2: > * deprecate _params_t and use _param_t instead > * rename cipher/auth_capa_t to _capability_t > * rename cipher/auth_capa() to _capability() > > > Petri Savolainen (10): > api: crypto: rename _params_t to _param_t > linux-gen: crypto: rename params to param > api: crypto: decouple key length from algorithm enumeration > linux-gen: crypto: add algo capability functions > linux-gen: crypto: add support to new enumerations > api: crypto: added session param init > api: crypto: documentation clean up > test: crypto: use odp_crypto_session_param_init > validation: crypto: use algorithm capability > example: ipsec: use op_param_t instead of op_params_t > > example/ipsec/odp_ipsec.c | 6 +- > example/ipsec/odp_ipsec_cache.c | 4 +- > include/odp/api/spec/crypto.h | 441 ++++++++++++++----- > .../linux-generic/include/odp_crypto_internal.h | 21 +- > platform/linux-generic/odp_crypto.c | 489 > +++++++++++++-------- > test/common_plat/performance/odp_crypto.c | 9 +- > .../validation/api/crypto/odp_crypto_test_inp.c | 120 +++-- > 7 files changed, 744 insertions(+), 346 deletions(-) > > -- > 2.8.1 >
