From patchwork Tue Jan 30 15:00:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126259 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp3453656ljd; Tue, 30 Jan 2018 07:19:08 -0800 (PST) X-Google-Smtp-Source: AH8x227Vr0WM29jFzhQziEZpE/L+FMtnqZEuJhthaLGIxIP/rK26vRDyX2ucCSEd2LEOCfpFl9FB X-Received: by 10.200.1.82 with SMTP id f18mr48416340qtg.51.1517325548135; Tue, 30 Jan 2018 07:19:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517325548; cv=none; d=google.com; s=arc-20160816; b=pG9Jw3CgRfwgsa2Kej+B131Xf18bjID0/J8WudflOHRmDnGJsM7+ebl179Ycy++6Or n2B46JmZ0OSi3hobK7wtBW+VrwIpZxhJUcV3tAVMIXZZhaGqJqZm9EHxPwbBMg2m7JkQ pQLjq1iN65YLzdgJ3Tldwsla3FexKAps+f2u+Su9FZya9d5nNRsfYn8sWpJUJzhSE1Lz pL+r4IQf4DuInm7Kqu4CmOwaANMGsyzedw6BzorcacFlsVIrI1lJdkooVmOICd9I8FUO /jTWzpMORFHd2v+uzmG0zQf+MkwKmu7S9JNiiAsII7vxPx1MuEdThyxl9uJHP1co5OZV M9aA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=fHUaB9iKfFG4AHWfT9jKFkHIeZnURY4AMwKzLkLPWFM=; b=zzlInKY+Kw+lCisE6UiW6gc8478zTTFK+k3mJGV9taNAJwkvRNIiiqessxI+ZSTayj H3EaT1m8n2egAZ7/K9m1ldZsa375ZZRCkEK6e73SKLqe/hQjQQC8Otp+qjFxLVx3a2bs uklu4/segSUz8G8E0Yi4/mYVRk5cgQi/erGhgFZdTeojZ9YrIDGWtof8lYK8hWIAVTv4 bX7Nv/5ashf0Q1K1ygCmcRJaVM0/NhdLFqWwV3FXd2N3MBB71osvdISsH96gm6oLU57T mK8+btLriCTvpt077O02/taBhwYZF6t6K0XPEH0/260hDKoKW7NmH0skLUfjtnPjn670 mrsg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id u90si1372206qku.287.2018.01.30.07.19.07; Tue, 30 Jan 2018 07:19:08 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id C447A6176E; Tue, 30 Jan 2018 15:19:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id DF9D061787; Tue, 30 Jan 2018 15:02:24 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 78ADA614E1; Tue, 30 Jan 2018 15:00:47 +0000 (UTC) Received: from forward101j.mail.yandex.net (forward101j.mail.yandex.net [5.45.198.241]) by lists.linaro.org (Postfix) with ESMTPS id 7E49C61555 for ; Tue, 30 Jan 2018 15:00:25 +0000 (UTC) Received: from mxback18j.mail.yandex.net (mxback18j.mail.yandex.net [IPv6:2a02:6b8:0:1619::94]) by forward101j.mail.yandex.net (Yandex) with ESMTP id 0A2E51243930 for ; Tue, 30 Jan 2018 18:00:24 +0300 (MSK) Received: from smtp1p.mail.yandex.net (smtp1p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:6]) by mxback18j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id ThvVm31Lo4-0Nj0ETJx; Tue, 30 Jan 2018 18:00:23 +0300 Received: by smtp1p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id sxKD104gxy-0NrGK3Gt; Tue, 30 Jan 2018 18:00:23 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 30 Jan 2018 18:00:09 +0300 Message-Id: <1517324412-24567-15-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517324412-24567-1-git-send-email-odpbot@yandex.ru> References: <1517324412-24567-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v3 14/17] linux-gen: crypto: rename auth functions X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Point that current authentication functions use HMAC by including hmac in their names. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: abc7b3bb0babe8efa0fde52752bcd514f2f0d422 ** Merge commit sha: 15e0c830b5937ae889b7bcf6822797dbe0ecb799 **/ platform/linux-generic/odp_crypto.c | 94 ++++++++++++++++++++----------------- 1 file changed, 50 insertions(+), 44 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index e9d436198..faa415cd0 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -149,8 +149,6 @@ struct odp_crypto_generic_session_t { struct { uint8_t key[EVP_MAX_KEY_LENGTH]; uint8_t iv_data[EVP_MAX_IV_LENGTH]; - uint32_t key_length; - uint32_t bytes; union { const EVP_MD *evp_md; const EVP_CIPHER *evp_cipher; @@ -260,13 +258,13 @@ static void HMAC_CTX_free(HMAC_CTX *ctx) #endif static void -auth_init(odp_crypto_generic_session_t *session) +auth_hmac_init(odp_crypto_generic_session_t *session) { HMAC_CTX *ctx = local.hmac_ctx[session->idx]; HMAC_Init_ex(ctx, session->auth.key, - session->auth.key_length, + session->p.auth_key.length, session->auth.evp_md, NULL); } @@ -301,9 +299,9 @@ void packet_hmac(odp_packet_t pkt, } static -odp_crypto_alg_err_t auth_gen(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t auth_hmac_gen(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) { uint8_t hash[EVP_MAX_MD_SIZE]; @@ -320,9 +318,9 @@ odp_crypto_alg_err_t auth_gen(odp_packet_t pkt, } static -odp_crypto_alg_err_t auth_check(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t auth_hmac_check(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) { uint32_t bytes = session->p.auth_digest_len; uint8_t hash_in[EVP_MAX_MD_SIZE]; @@ -824,12 +822,24 @@ static int process_aes_gmac_param(odp_crypto_generic_session_t *session, return 0; } +static void +aes_ccm_encrypt_init(odp_crypto_generic_session_t *session) +{ + EVP_CIPHER_CTX *ctx = local.cipher_ctx[session->idx]; + + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + NULL, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, + session->p.cipher_iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); +} + static odp_crypto_alg_err_t aes_ccm_encrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.cipher_ctx[session->idx]; const uint8_t *aad_head = param->aad_ptr; uint32_t aad_len = session->p.auth_aad_len; void *iv_ptr; @@ -847,16 +857,9 @@ odp_crypto_alg_err_t aes_ccm_encrypt(odp_packet_t pkt, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - NULL, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, - session->p.cipher_iv.length, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, session->p.auth_digest_len, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, session->cipher.key_data, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); /* Set len */ EVP_EncryptUpdate(ctx, NULL, &dummy_len, NULL, in_len); @@ -882,18 +885,28 @@ odp_crypto_alg_err_t aes_ccm_encrypt(odp_packet_t pkt, odp_packet_copy_from_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } +static void +aes_ccm_decrypt_init(odp_crypto_generic_session_t *session) +{ + EVP_CIPHER_CTX *ctx = local.cipher_ctx[session->idx]; + + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.cipher_iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); +} + static odp_crypto_alg_err_t aes_ccm_decrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.cipher_ctx[session->idx]; const uint8_t *aad_head = param->aad_ptr; uint32_t aad_len = session->p.auth_aad_len; void *iv_ptr; @@ -911,18 +924,11 @@ odp_crypto_alg_err_t aes_ccm_decrypt(odp_packet_t pkt, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - NULL, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, - session->p.cipher_iv.length, NULL); odp_packet_copy_to_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, session->p.auth_digest_len, block); EVP_DecryptInit_ex(ctx, NULL, NULL, session->cipher.key_data, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); /* Set len */ EVP_DecryptUpdate(ctx, NULL, &dummy_len, NULL, in_len); @@ -943,8 +949,6 @@ odp_crypto_alg_err_t aes_ccm_decrypt(odp_packet_t pkt, odp_packet_copy_from_mem(pkt, param->cipher_range.offset, in_len, data); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : ODP_CRYPTO_ALG_ERR_NONE; } @@ -963,24 +967,26 @@ static int process_aes_ccm_param(odp_crypto_generic_session_t *session, session->cipher.evp_cipher = cipher; /* Set function */ - if (ODP_CRYPTO_OP_ENCODE == session->p.op) + if (ODP_CRYPTO_OP_ENCODE == session->p.op) { session->cipher.func = aes_ccm_encrypt; - else + session->cipher.init = aes_ccm_encrypt_init; + } else { session->cipher.func = aes_ccm_decrypt; + session->cipher.init = aes_ccm_decrypt_init; + } return 0; } -static int process_auth_param(odp_crypto_generic_session_t *session, - uint32_t key_length, - const EVP_MD *evp_md) +static int process_auth_hmac_param(odp_crypto_generic_session_t *session, + const EVP_MD *evp_md) { /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->auth.func = auth_gen; + session->auth.func = auth_hmac_gen; else - session->auth.func = auth_check; - session->auth.init = auth_init; + session->auth.func = auth_hmac_check; + session->auth.init = auth_hmac_init; session->auth.evp_md = evp_md; @@ -989,9 +995,8 @@ static int process_auth_param(odp_crypto_generic_session_t *session, return -1; /* Convert keys */ - session->auth.key_length = key_length; memcpy(session->auth.key, session->p.auth_key.data, - session->auth.key_length); + session->p.auth_key.length); return 0; } @@ -1312,10 +1317,10 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, #endif /* Fallthrough */ case ODP_AUTH_ALG_MD5_HMAC: - rc = process_auth_param(session, 16, EVP_md5()); + rc = process_auth_hmac_param(session, EVP_md5()); break; case ODP_AUTH_ALG_SHA1_HMAC: - rc = process_auth_param(session, 20, EVP_sha1()); + rc = process_auth_hmac_param(session, EVP_sha1()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_SHA256_128: @@ -1324,10 +1329,10 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, #endif /* Fallthrough */ case ODP_AUTH_ALG_SHA256_HMAC: - rc = process_auth_param(session, 32, EVP_sha256()); + rc = process_auth_hmac_param(session, EVP_sha256()); break; case ODP_AUTH_ALG_SHA512_HMAC: - rc = process_auth_param(session, 64, EVP_sha512()); + rc = process_auth_hmac_param(session, EVP_sha512()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: @@ -1363,6 +1368,7 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, * cipher at the same time */ if (param->cipher_alg == ODP_CIPHER_ALG_AES_CCM) { session->auth.func = null_crypto_routine; + session->auth.init = null_crypto_init_routine; rc = 0; } else { rc = -1;