This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "".
The branch, api-next has been updated via 5718327018debbb02aacb464493504c95fbe57a3 (commit) via e67a037925a63d3be069a9af471c73e9b4b3f3f6 (commit) from abc7b3bb0babe8efa0fde52752bcd514f2f0d422 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 5718327018debbb02aacb464493504c95fbe57a3 Author: Petri Savolainen petri.savolainen@linaro.org Date: Thu Jan 25 10:43:30 2018 +0200
api: crypto: add enumeration for AES-CCM
Added enumerations for AES CCM authentication / encryption algorithm.
Signed-off-by: Petri Savolainen petri.savolainen@linaro.org Reviewed-by: Bill Fischofer bill.fischofer@linaro.org Reviewed-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index e4b0e8ce..b8c7b9d8 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -92,6 +92,15 @@ typedef enum { */ ODP_CIPHER_ALG_AES_GCM,
+ /** AES-CCM + * + * AES in Counter with CBC-MAC (CCM) mode algorithm. CCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_AUTH_ALG_AES_CCM authentication. + */ + ODP_CIPHER_ALG_AES_CCM, + /** @deprecated Use ODP_CIPHER_ALG_AES_CBC instead */ ODP_DEPRECATE(ODP_CIPHER_ALG_AES128_CBC),
@@ -157,6 +166,15 @@ typedef enum { */ ODP_AUTH_ALG_AES_GMAC,
+ /** AES-CCM + * + * AES in Counter with CBC-MAC (CCM) mode algorithm. CCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_CIPHER_ALG_AES_CCM cipher. + */ + ODP_AUTH_ALG_AES_CCM, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96),
@@ -192,6 +210,9 @@ typedef union odp_crypto_cipher_algos_t { /** ODP_CIPHER_ALG_AES_GCM */ uint32_t aes_gcm : 1;
+ /** ODP_CIPHER_ALG_AES_CCM */ + uint32_t aes_ccm : 1; + /** @deprecated Use aes_cbc instead */ uint32_t ODP_DEPRECATE(aes128_cbc) : 1;
@@ -234,6 +255,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_GMAC*/ uint32_t aes_gmac : 1;
+ /** ODP_AUTH_ALG_AES_CCM */ + uint32_t aes_ccm : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1;
commit e67a037925a63d3be069a9af471c73e9b4b3f3f6 Author: Petri Savolainen petri.savolainen@linaro.org Date: Thu Jan 25 10:27:17 2018 +0200
api: crypto: clarify special nature of gcm and gmac
Reword specification text to be more clear about special nature of GCM (authenticate encryption in general) and GMAC (cannot be paired with cipher) algorithms.
Signed-off-by: Petri Savolainen petri.savolainen@linaro.org Reviewed-by: Bill Fischofer bill.fischofer@linaro.org Reviewed-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 77ea317b..e4b0e8ce 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -83,9 +83,12 @@ typedef enum { /** AES with counter mode */ ODP_CIPHER_ALG_AES_CTR,
- /** AES in Galois/Counter Mode + /** AES-GCM * - * @note Must be paired with cipher ODP_AUTH_ALG_AES_GCM + * AES in Galois/Counter Mode (GCM) algorithm. GCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_AUTH_ALG_AES_GCM authentication. */ ODP_CIPHER_ALG_AES_GCM,
@@ -128,23 +131,29 @@ typedef enum { */ ODP_AUTH_ALG_SHA512_HMAC,
- /** AES in Galois/Counter Mode + /** AES-GCM * - * @note Must be paired with cipher ODP_CIPHER_ALG_AES_GCM + * AES in Galois/Counter Mode (GCM) algorithm. GCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_CIPHER_ALG_AES_GCM cipher. */ ODP_AUTH_ALG_AES_GCM,
- /** AES in Galois/Counter MAC Mode + /** AES-GMAC * - * NIST and RFC specifications of GCM/GMAC refer to all data to be - * authenticated as AAD. In constrast to that, ODP API specifies the - * bulk of authenticated data to be located in packet payload for all - * authentication algorithms, including GMAC. Thus for GMAC application - * should also pass all data to be authenticated as packet data. AAD is - * not used for GMAC. GMAC IV should be passed via session IV or - * per-packet IV override. + * AES Galois Message Authentication Code (GMAC) algorithm. AES-GMAC + * is based on AES-GCM operation, but provides authentication only. + * Hence this algorithm can be paired only with ODP_CIPHER_ALG_NULL + * cipher. * - * @note Must be paired with cipher ODP_CIPHER_ALG_NULL + * NIST and RFC specifications of GMAC refer to all data to be + * authenticated as AAD. In constrast to that, ODP API specifies + * the bulk of authenticated data to be located in packet payload for + * all authentication algorithms. Thus GMAC operation authenticates + * only packet payload and AAD is not used. GMAC needs + * an initialization vector, which can be passed via session (auth_iv) + * or packet (auth_iv_ptr) level parameters. */ ODP_AUTH_ALG_AES_GMAC,
-----------------------------------------------------------------------
Summary of changes: include/odp/api/spec/crypto.h | 59 +++++++++++++++++++++++++++++++++---------- 1 file changed, 46 insertions(+), 13 deletions(-)
hooks/post-receive