Hi,
I'm using LSDK20.04 and wish to use AES-CMAC crypto algorithm.
As far as I know, in that version AES-CMAC is not supported for DPAA2 crypto Authentication algorithm and only support in PDCP offloading.
Can I get the information of which DPDK version NXP DPAA2 support AES-CMAC algorithm in crypto authentication?
In LSDK 21.08, Is AES-CAMC is fully supported in dpaa2 crypto auth algorithm?
Thanks in advance.
J.Hwan Kim
AES-CAMC is supported in dpaa2 crypto auth algorithm in DPDK provided in LSDK 21.08.
Thank you for reply.
I'm testing the LSDK21.08 DPDK dpaa2 AES-CMAC crypto algorithm.
When I test AES-CMAC digest (mac-i) generation mode, the result was success.
But in digest verification mode, the result was fail. (SEC driver returns error value of 2000101a)
I attached the IV first 8bytes in front of message as I did in digest generation mode.
INPUT data for digest verification = [ IV first 8 bytes + message + 4byte digest ]
Does AES-CMAC support only digest generation mode?
Status 0x2000101a means ICV check failed.
Accordint to rfc4493, AES_CMAC Verify_MAC Figure 2.4,
Input : K ( 128-bit Key )
: M ( message to be verified )
: len ( length of the message in octets )
: T' ( the received MAC to be verified )
Output : INVALID or VALID
IV was not required in AES_CMAC, the verify_MAC input should be "message + ICV".
For detailed FD construction with input/otuput buffer, please check LSDK21.08 DPDK DPAA2_SEC API "build_auth_fd()".