From patchwork Mon May 22 10:59:51 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100274 Delivered-To: patch@linaro.org Received: by 10.182.142.97 with SMTP id rv1csp1336356obb; Mon, 22 May 2017 04:00:36 -0700 (PDT) X-Received: by 10.55.159.66 with SMTP id i63mr19174554qke.207.1495450836326; Mon, 22 May 2017 04:00:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495450836; cv=none; d=google.com; s=arc-20160816; b=wjDbCyM7y5ba9oo5vi41IqpOuPVJRO+Fti3FnPU5/83rTNiFXjHYuEojUdPkwfUkSJ IN+DqAO3cHPYteP+43z0bvPzDTqdkAuQKYDZCTTnkfFxvSyff0GTH9u+pyPoX8IdJXSc 04Wd8Kh8cM5MSyONfF99YoL7+szSZzXfMpE+2HllP7WD1mHGzjlQ2hxH0+TifgAKM4bE gO5fofPL9KbRItKnAYjingkp0gk5gR8dpWWlvLuuXkVLRLOjaQn8dALgwEoUuKv4dUSn 65G4Puj8nO3LIBOUhanNuXOeSZe58MhDVPCLFngKzaG7hWZF9bmDHKOYVuMgb5ABujG4 tyag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=TabcdQJgExV3vnA0EAYd614MFE02evaVzb3zP2tCr2k=; b=z5wqOVxR+Lvp/6flpDSzL0hMnle0HquruMFtLNGf18qEZAUhnF5Fn4lHdo6NNySHOb 6HXwF58T42juVH1emytM6NZp/1myy6j34hi6vtQyKEU6B+NwliAHjiZQaJb9X2vcYhnD +o+Ye64tYcApy/GTpuQQz/Wq/JD1MhYGzcHPhJah2TCah9xjOg9GJAG0bHsO8WEQJ+wW 5s82eSCqr4pQjZhTSd8CIoGs8uRMJSGvXkU34GJ206k4vxZavzoj48CCyfGsjmLil627 XhXRlS9PP5qxswx9k+B0b8HUDpKGkjEPODbtSqYfA/FQyg/7GAUOdoi46tgDe9jU2PeU 3Xlg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id d187si14975341qkc.80.2017.05.22.04.00.35; Mon, 22 May 2017 04:00:36 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 6207460A46; Mon, 22 May 2017 11:00:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id D11F960762; Mon, 22 May 2017 11:00:27 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 25D8660764; Mon, 22 May 2017 11:00:25 +0000 (UTC) Received: from forward2m.cmail.yandex.net (forward2m.cmail.yandex.net [5.255.216.20]) by lists.linaro.org (Postfix) with ESMTPS id 54F3060745 for ; Mon, 22 May 2017 11:00:23 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward2m.cmail.yandex.net (Yandex) with ESMTP id 8E7D42112E for ; Mon, 22 May 2017 14:00:21 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id A42DB2941042 for ; Mon, 22 May 2017 14:00:18 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0Ip8hL2A; Mon, 22 May 2017 14:00:18 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:51 +0300 Message-Id: <1495450806-27703-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 1/16] test: crypto: explicitly pass auth_digest_len to crypto subsystem X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ .../validation/api/crypto/odp_crypto_test_inp.c | 57 +++++++++++++--------- .../validation/api/crypto/test_vectors.h | 10 ++++ .../validation/api/crypto/test_vectors_len.h | 3 -- 3 files changed, 43 insertions(+), 27 deletions(-) diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index bfc9da3c..3d09e374 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -201,6 +201,7 @@ static void alg_test(odp_crypto_op_t op, ses_params.cipher_key = cipher_key; ses_params.iv = ses_iv; ses_params.auth_key = auth_key; + ses_params.auth_digest_len = digest_len; rc = odp_crypto_session_create(&ses_params, &session, &status); CU_ASSERT_FATAL(!rc); @@ -620,7 +621,8 @@ void crypto_test_enc_alg_aes128_gcm(void) cipher_key.length, iv.length)) continue; if (!check_auth_options(ODP_AUTH_ALG_AES_GCM, - auth_key.length, AES128_GCM_CHECK_LEN)) + auth_key.length, + aes128_gcm_reference_tag_length[i])) continue; alg_test(ODP_CRYPTO_OP_ENCODE, @@ -639,7 +641,7 @@ void crypto_test_enc_alg_aes128_gcm(void) aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); } } @@ -664,7 +666,8 @@ void crypto_test_enc_alg_aes128_gcm_ovr_iv(void) cipher_key.length, iv.length)) continue; if (!check_auth_options(ODP_AUTH_ALG_AES_GCM, - auth_key.length, AES128_GCM_CHECK_LEN)) + auth_key.length, + aes128_gcm_reference_tag_length[i])) continue; alg_test(ODP_CRYPTO_OP_ENCODE, @@ -683,7 +686,7 @@ void crypto_test_enc_alg_aes128_gcm_ovr_iv(void) aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); } } @@ -714,7 +717,8 @@ void crypto_test_dec_alg_aes128_gcm(void) cipher_key.length, iv.length)) continue; if (!check_auth_options(ODP_AUTH_ALG_AES_GCM, - auth_key.length, AES128_GCM_CHECK_LEN)) + auth_key.length, + aes128_gcm_reference_tag_length[i])) continue; alg_test(ODP_CRYPTO_OP_DECODE, @@ -728,12 +732,13 @@ void crypto_test_dec_alg_aes128_gcm(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_ciphertext[i], - aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_length[i] + + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); alg_test(ODP_CRYPTO_OP_DECODE, 1, @@ -746,11 +751,12 @@ void crypto_test_dec_alg_aes128_gcm(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_ciphertext[i], - aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_length[i] + + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], wrong_digest, - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); } } @@ -779,7 +785,8 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) cipher_key.length, iv.length)) continue; if (!check_auth_options(ODP_AUTH_ALG_AES_GCM, - auth_key.length, AES128_GCM_CHECK_LEN)) + auth_key.length, + aes128_gcm_reference_tag_length[i])) continue; alg_test(ODP_CRYPTO_OP_DECODE, @@ -793,12 +800,13 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_ciphertext[i], - aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_length[i] + + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); alg_test(ODP_CRYPTO_OP_DECODE, 1, @@ -811,11 +819,12 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_ciphertext[i], - aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_length[i] + + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], wrong_digest, - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); } } @@ -1004,7 +1013,7 @@ void crypto_test_gen_alg_hmac_md5(void) auth_key.length = sizeof(hmac_md5_reference_key[i]); if (!check_auth_options(ODP_AUTH_ALG_MD5_HMAC, auth_key.length, - HMAC_MD5_96_CHECK_LEN)) + hmac_md5_reference_digest_length[i])) continue; alg_test(ODP_CRYPTO_OP_ENCODE, @@ -1020,7 +1029,7 @@ void crypto_test_gen_alg_hmac_md5(void) hmac_md5_reference_length[i], NULL, 0, hmac_md5_reference_digest[i], - HMAC_MD5_96_CHECK_LEN); + hmac_md5_reference_digest_length[i]); } } @@ -1042,7 +1051,7 @@ void crypto_test_check_alg_hmac_md5(void) auth_key.length = sizeof(hmac_md5_reference_key[i]); if (!check_auth_options(ODP_AUTH_ALG_MD5_HMAC, auth_key.length, - HMAC_MD5_96_CHECK_LEN)) + hmac_md5_reference_digest_length[i])) continue; alg_test(ODP_CRYPTO_OP_DECODE, @@ -1058,7 +1067,7 @@ void crypto_test_check_alg_hmac_md5(void) hmac_md5_reference_length[i], NULL, 0, hmac_md5_reference_digest[i], - HMAC_MD5_96_CHECK_LEN); + hmac_md5_reference_digest_length[i]); alg_test(ODP_CRYPTO_OP_DECODE, 1, @@ -1073,7 +1082,7 @@ void crypto_test_check_alg_hmac_md5(void) hmac_md5_reference_length[i], NULL, 0, wrong_digest, - HMAC_MD5_96_CHECK_LEN); + hmac_md5_reference_digest_length[i]); } } @@ -1106,7 +1115,7 @@ void crypto_test_gen_alg_hmac_sha256(void) if (!check_auth_options(ODP_AUTH_ALG_SHA256_HMAC, auth_key.length, - HMAC_SHA256_128_CHECK_LEN)) + hmac_sha256_reference_digest_length[i])) continue; alg_test(ODP_CRYPTO_OP_ENCODE, @@ -1122,7 +1131,7 @@ void crypto_test_gen_alg_hmac_sha256(void) hmac_sha256_reference_length[i], NULL, 0, hmac_sha256_reference_digest[i], - HMAC_SHA256_128_CHECK_LEN); + hmac_sha256_reference_digest_length[i]); } } @@ -1146,7 +1155,7 @@ void crypto_test_check_alg_hmac_sha256(void) if (!check_auth_options(ODP_AUTH_ALG_SHA256_HMAC, auth_key.length, - HMAC_SHA256_128_CHECK_LEN)) + hmac_sha256_reference_digest_length[i])) continue; alg_test(ODP_CRYPTO_OP_DECODE, @@ -1162,7 +1171,7 @@ void crypto_test_check_alg_hmac_sha256(void) hmac_sha256_reference_length[i], NULL, 0, hmac_sha256_reference_digest[i], - HMAC_SHA256_128_CHECK_LEN); + hmac_sha256_reference_digest_length[i]); alg_test(ODP_CRYPTO_OP_DECODE, 1, @@ -1177,7 +1186,7 @@ void crypto_test_check_alg_hmac_sha256(void) hmac_sha256_reference_length[i], NULL, 0, wrong_digest, - HMAC_SHA256_128_CHECK_LEN); + hmac_sha256_reference_digest_length[i]); } } diff --git a/test/common_plat/validation/api/crypto/test_vectors.h b/test/common_plat/validation/api/crypto/test_vectors.h index a1cf4faf..defbda45 100644 --- a/test/common_plat/validation/api/crypto/test_vectors.h +++ b/test/common_plat/validation/api/crypto/test_vectors.h @@ -139,6 +139,8 @@ static uint8_t aes128_gcm_reference_iv[][AES128_GCM_IV_LEN] = { static uint32_t aes128_gcm_reference_length[] = { 84, 72, 72, 40}; +static uint32_t aes128_gcm_reference_tag_length[] = { 16, 16, 16, 16}; + static odp_packet_data_range_t aes128_gcm_cipher_range[] = { { .offset = 12, .length = 72 }, { .offset = 8, .length = 64 }, @@ -306,6 +308,10 @@ static uint8_t hmac_md5_reference_digest[][HMAC_MD5_DIGEST_LEN] = { 0xdb, 0xb8, 0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6 } }; +static uint32_t hmac_md5_reference_digest_length[] = { + 12, 12, 12 +}; + static uint8_t hmac_sha256_reference_key[][HMAC_SHA256_KEY_LEN] = { { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, @@ -350,4 +356,8 @@ static uint8_t hmac_sha256_reference_digest[][HMAC_SHA256_DIGEST_LEN] = { 0x85, 0x4d, 0xb8, 0xeb, 0xd0, 0x91, 0x81, 0xa7 } }; +static uint32_t hmac_sha256_reference_digest_length[] = { + 16, 16, 16 +}; + #endif diff --git a/test/common_plat/validation/api/crypto/test_vectors_len.h b/test/common_plat/validation/api/crypto/test_vectors_len.h index 4fbb5cd7..80fd927b 100644 --- a/test/common_plat/validation/api/crypto/test_vectors_len.h +++ b/test/common_plat/validation/api/crypto/test_vectors_len.h @@ -21,18 +21,15 @@ #define AES128_GCM_IV_LEN 12 #define AES128_GCM_MAX_DATA_LEN 106 #define AES128_GCM_DIGEST_LEN 16 -#define AES128_GCM_CHECK_LEN 16 /* HMAC-MD5 */ #define HMAC_MD5_KEY_LEN 16 #define HMAC_MD5_MAX_DATA_LEN 128 #define HMAC_MD5_DIGEST_LEN 16 -#define HMAC_MD5_96_CHECK_LEN 12 /* HMAC-SHA256 */ #define HMAC_SHA256_KEY_LEN 32 #define HMAC_SHA256_MAX_DATA_LEN 128 #define HMAC_SHA256_DIGEST_LEN 32 -#define HMAC_SHA256_128_CHECK_LEN 16 #endif From patchwork Mon May 22 10:59:52 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100276 Delivered-To: patch@linaro.org Received: by 10.182.142.97 with SMTP id rv1csp1337800obb; Mon, 22 May 2017 04:03:48 -0700 (PDT) X-Received: by 10.55.33.17 with SMTP id h17mr21181958qkh.246.1495451028423; Mon, 22 May 2017 04:03:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451028; cv=none; d=google.com; s=arc-20160816; b=F8fsdypn3dOy6JanHktUfL4ZDq85uDRuEXTLrBfE3PwHnitMoN2stedJAVfV2ALRni qMmVc4axN5ddyvwYuWiuSmA3HHjNr4ZDuVkQn7UkeibXz9p7FwLMzHnoN0eDNPni7Juw uVumqGDuTN5rpp65BzNo4POcM4bIYB/rmHhJOY32E70SnfhJYQ30Sf0JZVpZIpgsxKF+ h2qVOROnSEXiUezmeQ1HbQ8636WWsAJiNHHPRPmEg8cUnNqj/5WdvqtfGX+RNsoWRHHA TJG3d8EVWjO0VIY8ddoMHInkTc2gA22HdUvjxvoQiZ8SIscUtpsrXWcvqc84LfgJBcL1 ByDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=A+6PVQdP7dtOPv+Q6z/kDtUeXrvB8kDl58A5uSA+rLs=; b=fDrsbpfD6QToRWTpQd9s53jdV1EA0yXqBdabpx9HwIXEae0F6qyDf3RqWZk0mJqI9x 47d8alhDftwAZQVGVmcSZ0SCWsaK4n2OhuFFyz/zYv9dY33GE8otOT4da3csJkClwYJE ZMs72xuA3mLOW4jolOPQSvPmi96T3odnPIhzhZSdwbe3X/Br2vrb40pzSuRRHw1vXLjT il7rWSpIhWKgaZhC2pBYpz/+NbWJ4imS5h/C7vMta4z6liun6zaBuAZd4ODjY0BDK3oE 5sKmtskyuYi+wvTmg56FaGINSlDOPmirwlkblWYPl5eTlfHlitbbXsMGv3GaDGm7GAr4 poRw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id v15si12104832qkl.239.2017.05.22.04.03.48; Mon, 22 May 2017 04:03:48 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id F270960B06; Mon, 22 May 2017 11:03:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id BD5BD60A38; Mon, 22 May 2017 11:02:18 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 9971760762; Mon, 22 May 2017 11:02:06 +0000 (UTC) Received: from forward2j.cmail.yandex.net (forward2j.cmail.yandex.net [5.255.227.20]) by lists.linaro.org (Postfix) with ESMTPS id 54BFB60762 for ; Mon, 22 May 2017 11:00:38 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::27]) by forward2j.cmail.yandex.net (Yandex) with ESMTP id A2DE320ECA for ; Mon, 22 May 2017 14:00:36 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 130B2294113C for ; Mon, 22 May 2017 14:00:20 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0JpKMx0v; Mon, 22 May 2017 14:00:20 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:52 +0300 Message-Id: <1495450806-27703-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 2/16] test: crypto: explicitly pass AAD to crypto subsystem X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ .../validation/api/crypto/odp_crypto_test_inp.c | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index 3d09e374..3f57a907 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -74,6 +74,8 @@ static void alg_test(odp_crypto_op_t op, odp_crypto_key_t auth_key, odp_packet_data_range_t *cipher_range, odp_packet_data_range_t *auth_range, + uint8_t *aad, + uint32_t aad_len, const uint8_t *plaintext, unsigned int plaintext_len, const uint8_t *ciphertext, @@ -240,6 +242,9 @@ static void alg_test(odp_crypto_op_t op, if (op_iv_ptr) op_params.override_iv_ptr = op_iv_ptr; + op_params.aad.ptr = aad; + op_params.aad.length = aad_len; + op_params.hash_result_offset = plaintext_len; if (0 != digest_len) { memcpy(data_addr + op_params.hash_result_offset, @@ -472,6 +477,7 @@ void crypto_test_enc_alg_3des_cbc(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, tdes_cbc_reference_plaintext[i], tdes_cbc_reference_length[i], tdes_cbc_reference_ciphertext[i], @@ -508,6 +514,7 @@ void crypto_test_enc_alg_3des_cbc_ovr_iv(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, tdes_cbc_reference_plaintext[i], tdes_cbc_reference_length[i], tdes_cbc_reference_ciphertext[i], @@ -548,6 +555,7 @@ void crypto_test_dec_alg_3des_cbc(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, tdes_cbc_reference_ciphertext[i], tdes_cbc_reference_length[i], tdes_cbc_reference_plaintext[i], @@ -586,6 +594,7 @@ void crypto_test_dec_alg_3des_cbc_ovr_iv(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, tdes_cbc_reference_ciphertext[i], tdes_cbc_reference_length[i], tdes_cbc_reference_plaintext[i], @@ -636,6 +645,9 @@ void crypto_test_enc_alg_aes128_gcm(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, + aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i], @@ -681,6 +693,9 @@ void crypto_test_enc_alg_aes128_gcm_ovr_iv(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, + aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i], @@ -731,6 +746,9 @@ void crypto_test_dec_alg_aes128_gcm(void) auth_key, &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], + aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], @@ -750,6 +768,9 @@ void crypto_test_dec_alg_aes128_gcm(void) auth_key, &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], + aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], @@ -799,6 +820,9 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) auth_key, &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], + aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], @@ -818,6 +842,9 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) auth_key, &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], + aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], @@ -865,6 +892,7 @@ void crypto_test_enc_alg_aes128_cbc(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, aes128_cbc_reference_plaintext[i], aes128_cbc_reference_length[i], aes128_cbc_reference_ciphertext[i], @@ -901,6 +929,7 @@ void crypto_test_enc_alg_aes128_cbc_ovr_iv(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, aes128_cbc_reference_plaintext[i], aes128_cbc_reference_length[i], aes128_cbc_reference_ciphertext[i], @@ -941,6 +970,7 @@ void crypto_test_dec_alg_aes128_cbc(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, aes128_cbc_reference_ciphertext[i], aes128_cbc_reference_length[i], aes128_cbc_reference_plaintext[i], @@ -979,6 +1009,7 @@ void crypto_test_dec_alg_aes128_cbc_ovr_iv(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, aes128_cbc_reference_ciphertext[i], aes128_cbc_reference_length[i], aes128_cbc_reference_plaintext[i], @@ -1025,6 +1056,7 @@ void crypto_test_gen_alg_hmac_md5(void) ODP_AUTH_ALG_MD5_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_md5_reference_plaintext[i], hmac_md5_reference_length[i], NULL, 0, @@ -1063,6 +1095,7 @@ void crypto_test_check_alg_hmac_md5(void) ODP_AUTH_ALG_MD5_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_md5_reference_plaintext[i], hmac_md5_reference_length[i], NULL, 0, @@ -1078,6 +1111,7 @@ void crypto_test_check_alg_hmac_md5(void) ODP_AUTH_ALG_MD5_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_md5_reference_plaintext[i], hmac_md5_reference_length[i], NULL, 0, @@ -1127,6 +1161,7 @@ void crypto_test_gen_alg_hmac_sha256(void) ODP_AUTH_ALG_SHA256_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_sha256_reference_plaintext[i], hmac_sha256_reference_length[i], NULL, 0, @@ -1167,6 +1202,7 @@ void crypto_test_check_alg_hmac_sha256(void) ODP_AUTH_ALG_SHA256_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_sha256_reference_plaintext[i], hmac_sha256_reference_length[i], NULL, 0, @@ -1182,6 +1218,7 @@ void crypto_test_check_alg_hmac_sha256(void) ODP_AUTH_ALG_SHA256_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_sha256_reference_plaintext[i], hmac_sha256_reference_length[i], NULL, 0, From patchwork Mon May 22 10:59:53 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100275 Delivered-To: patch@linaro.org Received: by 10.182.142.97 with SMTP id rv1csp1337271obb; Mon, 22 May 2017 04:02:31 -0700 (PDT) X-Received: by 10.200.49.75 with SMTP id h11mr20895822qtb.13.1495450951301; Mon, 22 May 2017 04:02:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495450951; cv=none; d=google.com; s=arc-20160816; b=qZZ/M9xVy5PLJ4DZS/qhDsDsuCBlsABBaeyqpgTgu8df3reS2sKDtRqXNfJzp+D0Og 7J1HUB/XdW4zOYXposp6k1lmohLFs379J4qcUQFGumpRBBJp0OdgUfheFYkHODCeIupN xxhLWxviKdcqH8tgHZkRnAYSYNn/UHUYQLaBjTW3Vy9/51aN1jSQsmO9oAi1hlnqCQjM BZI/61NgcSaLMwHboW2KQpN402RhE/yr/JMX5OLrBSKR9B+qe9nAarJpruZ9+vOA3dR0 Q7RRodKKdb/I9jjUBX85XsF5jXQ+Hh84tt1vpEk45DqFfzkP5+RiSIzSEFOj3I3prNWb Ab5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=rfB4u70FXAgyNF/YOEsfh4LG1QnNen/c7Xo/mHozWqY=; b=JQd/JpbzO8OZ+nTe8pNFODj8acmXVORhUrdgW0wLCoT9LTYxPCpaHWkxb+UdbDgJFQ FXEClZ2nC2xLRz59MnHs2CS2J5XxYYrJwbs22ascf8fG/JtcNByDKUVtZbDJM/lJw2f2 O0TPye9ROrEJKe76p1wEu5/Rv2UuZK8VW8nyWUBZKc4QKKlJUu6wR5bG3a4AzJBnZAEr eUj6Qqpa7fcR1wxi67f/KfyJ8J+m1oJ5RJVjc1v8i96iwv33+LVJbFYenBerXbQ6IPh1 lsmdxoNgZzftVmSKSvXFmXux15ccTui6lhJypt+T0CdBIczPtz6u4k5THmIcj0IOdnrl x5uA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id g46si17688599qtb.268.2017.05.22.04.02.30; Mon, 22 May 2017 04:02:31 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id CE97A60A59; Mon, 22 May 2017 11:02:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 2BEDA60764; Mon, 22 May 2017 11:02:11 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 41F4F60A57; Mon, 22 May 2017 11:02:04 +0000 (UTC) Received: from forward4p.cmail.yandex.net (forward4p.cmail.yandex.net [77.88.31.19]) by lists.linaro.org (Postfix) with ESMTPS id DA898609CF for ; Mon, 22 May 2017 11:00:29 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward4p.cmail.yandex.net (Yandex) with ESMTP id B4ED620BD3 for ; Mon, 22 May 2017 14:00:27 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 702012941148 for ; Mon, 22 May 2017 14:00:21 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0LpWY0WA; Mon, 22 May 2017 14:00:21 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:53 +0300 Message-Id: <1495450806-27703-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 3/16] linux: crypto: use auth_digest_len when calculating HMACs X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ platform/linux-generic/odp_crypto.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index a993542f..d6b4ee3f 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -522,7 +522,6 @@ static int process_des_param(odp_crypto_generic_session_t *session) } static int process_auth_param(odp_crypto_generic_session_t *session, - uint32_t bits, uint32_t key_length, const EVP_MD *evp_md) { @@ -535,7 +534,9 @@ static int process_auth_param(odp_crypto_generic_session_t *session, session->auth.evp_md = evp_md; /* Number of valid bytes */ - session->auth.bytes = bits / 8; + session->auth.bytes = session->p.auth_digest_len; + if (session->auth.bytes < (unsigned)EVP_MD_size(evp_md) / 2) + return -1; /* Convert keys */ session->auth.key_length = key_length; @@ -745,17 +746,21 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, session->auth.func = null_crypto_routine; rc = 0; break; - case ODP_AUTH_ALG_MD5_HMAC: #if ODP_DEPRECATED_API case ODP_AUTH_ALG_MD5_96: + session->p.auth_digest_len = 96 / 8; + /* Fallthrough */ #endif - rc = process_auth_param(session, 96, 16, EVP_md5()); + case ODP_AUTH_ALG_MD5_HMAC: + rc = process_auth_param(session, 16, EVP_md5()); break; - case ODP_AUTH_ALG_SHA256_HMAC: #if ODP_DEPRECATED_API case ODP_AUTH_ALG_SHA256_128: + session->p.auth_digest_len = 128 / 8; + /* Fallthrough */ #endif - rc = process_auth_param(session, 128, 32, EVP_sha256()); + case ODP_AUTH_ALG_SHA256_HMAC: + rc = process_auth_param(session, 32, EVP_sha256()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: From patchwork Mon May 22 10:59:54 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100283 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp190693qge; Mon, 22 May 2017 04:11:44 -0700 (PDT) X-Received: by 10.107.20.145 with SMTP id 139mr21817729iou.11.1495451504671; Mon, 22 May 2017 04:11:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451504; cv=none; d=google.com; s=arc-20160816; b=z2MpZEpgSmNuokcki6gCFMrbqErbAq65tcXtNG7lMX7SkQjdX7keJNP79Wvq2pZ3RF A4Gnm7NRgzPO7MqQBpRP1fKcblsiTz9VdPkteDUUxlaRDxkaBp9lDHkZbb15WVh3ki2E h6mYK1M+2lt2somDpX+qFb5+4PGG1I1pcLvtkVDPORXPJRqLI3NvNyqAoFwydANSwctF fkYgN2Fy9FuaLwCGJMUBZxFNPSVyeTKK6YRdFaHtpznMdeImEKB6ERNI71UYLTbCD7Lb KpjIOSGDnvEw+d/Q01748zonu9zFrqDOsHeqti+UZNh/nJcQa2M9fbWEDo8lw7vl3vz1 LcbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=eM6d/ut4i5eakhx55ygWdECilGq3TWbkRCqxDaqg4X4=; b=qTzJiEKngPvzAWXKp4ERol1+KlkBGwaKn+toBhArdG+5Q4++qksYvPXCeJEgTWZbw/ cjsRzT66lhf+SVSWPzGL2QxfSTAxpLF+NuHZoEWxUHWiY+vKZ3B17wKocxc8hDK/9ojH CXTzMVowFrN1lAY3PTxBHuEjQztI+6oIf5rFa1vAkA6zDhBzXcJ40NNu4jBByeGub9BY mb/1uNpBVsz+rRxLDDFGNOzC3nPEQSKPukXx6J+KmaaHLR8hMBne8nlnvHYbJXlyA/vY zj7yg+4i16Tl3dfnFcvLb+1gEUgFZPHQmRIxxeGr7nOLCNxzZ88BQ8bXE+2PwH8rwdTZ iYsw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id x13si19329737ite.18.2017.05.22.04.11.44; Mon, 22 May 2017 04:11:44 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 2922460679; Mon, 22 May 2017 11:11:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 9E1A660ACC; Mon, 22 May 2017 11:03:25 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 1A1CB60A56; Mon, 22 May 2017 11:02:20 +0000 (UTC) Received: from forward4m.cmail.yandex.net (forward4m.cmail.yandex.net [5.255.216.22]) by lists.linaro.org (Postfix) with ESMTPS id 8E65860A4E for ; Mon, 22 May 2017 11:00:52 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward4m.cmail.yandex.net (Yandex) with ESMTP id E89E42104E for ; Mon, 22 May 2017 14:00:50 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id EC9662940FCA for ; Mon, 22 May 2017 14:00:23 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0MpGCNCX; Mon, 22 May 2017 14:00:23 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:54 +0300 Message-Id: <1495450806-27703-5-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 4/16] linux: crypto: add SHA* capabilities for full length digests X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov In addition to truncated digests (used by IPsec) add full-length capabilities to SHA* algos. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ platform/linux-generic/odp_crypto.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index d6b4ee3f..2fdcfa3f 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -52,10 +52,12 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { * Keep sorted: first by digest length, then by key length */ static const odp_crypto_auth_capability_t auth_capa_md5_hmac[] = { -{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; static const odp_crypto_auth_capability_t auth_capa_sha256_hmac[] = { -{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 32, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; From patchwork Mon May 22 10:59:55 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100277 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp188089qge; Mon, 22 May 2017 04:05:22 -0700 (PDT) X-Received: by 10.200.55.124 with SMTP id p57mr20613056qtb.258.1495451121929; Mon, 22 May 2017 04:05:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451121; cv=none; d=google.com; s=arc-20160816; b=QSSWKk8UIEGcbBc0wNsOEuAB3Zo25vruLAuUtdD54SAlMJpH6hKVL0vJaxXx/UwK4A zcN8wFtnpLrMg36CwMxurfjuFvgKmAU3nCR3/90pQItt1g+RX68dC68KDf03gSvrWz4a Ein5RPwAE6jqShnIWYwevtFBmie36UwS/tcdeUxs/mbNtIIU2Q+sXDXuiS5SbDUJKRht QOg7SqwtOg1QCcdsy3Rv8G3e8bRBj1HgvwfdmQ3qMeHbGBboaHWKHDHzh3YF73peusmm CCMGLOSW2UdSQt7XMbu2j4MS9aJX0cHu7Wv2wGbVGwVSUfj9INWT0ISM2FD9tgC9q+Yn hoGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=+AmooKruPIQsdAbUkJAl6ltzV0/xiZtD8/HsOJh2XPo=; b=saDacw7srcWVOmmKpqj7rnAf8jEkbwlEdJkxyTvAhrR7z/KmLZkS1iaSibcW9hGRLu ZpdaVseihXD749JhvC3P7fFbpoOS603ogYfMclsA8RiP4T/MM1xSOpmcSC0L86NxpQOM 9l4g9g2Bkm38NTaKS0daKG/zdj3esnRfQPZXG2uJVoc+SOQrqaULY4vbwadQR9N67M1h yzaaR4P3YyXCszj49ys6wlyYChzkm/HRd1EmOEa1nOCbCmYhjO9d7ITzdvtRzagWGwNG o8vt2ouzGj0I+H8ElVgiR4daxPS+cZxyWn27iokh3jOd8/+lVop+vlk2WHHsFhr6+rsW qB9Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id g123si15143927qkf.141.2017.05.22.04.05.21; Mon, 22 May 2017 04:05:21 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 86EA360BF4; Mon, 22 May 2017 11:05:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 365F260A46; Mon, 22 May 2017 11:02:26 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 3A4BF60764; Mon, 22 May 2017 11:02:08 +0000 (UTC) Received: from forward2j.cmail.yandex.net (forward2j.cmail.yandex.net [5.255.227.20]) by lists.linaro.org (Postfix) with ESMTPS id C1666609D0 for ; Mon, 22 May 2017 11:00:39 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward2j.cmail.yandex.net (Yandex) with ESMTP id 759AA206F7 for ; Mon, 22 May 2017 14:00:38 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 5D2A02940EF7 for ; Mon, 22 May 2017 14:00:26 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0Pp8o4FR; Mon, 22 May 2017 14:00:25 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:55 +0300 Message-Id: <1495450806-27703-6-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 5/16] linux: crypto: update AES-GCM support to reflect aad and auth_digest_len X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Make AES-GCM use recently introduced aad and auth_digest_len fields. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ platform/linux-generic/odp_crypto.c | 60 ++++++++++--------------------------- 1 file changed, 16 insertions(+), 44 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 2fdcfa3f..0ca3e110 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -267,10 +267,8 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, { uint8_t *data = odp_packet_data(param->out_pkt); uint32_t plain_len = param->cipher_range.length; - uint8_t *aad_head = data + param->auth_range.offset; - uint8_t *aad_tail = data + param->cipher_range.offset + - param->cipher_range.length; - uint32_t auth_len = param->auth_range.length; + const uint8_t *aad_head = param->aad.ptr; + uint32_t aad_len = param->aad.length; unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -282,12 +280,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* All cipher data must be part of the authentication */ - if (param->auth_range.offset > param->cipher_range.offset || - param->auth_range.offset + auth_len < - param->cipher_range.offset + plain_len) - return ODP_CRYPTO_ALG_ERR_DATA_SIZE; - /* * Create a copy of the IV. The DES library modifies IV * and if we are processing packets on parallel threads @@ -305,23 +297,16 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); /* Authenticate header data (if any) without encrypting them */ - if (aad_head < plaindata) { + if (aad_len > 0) EVP_EncryptUpdate(ctx, NULL, &cipher_len, - aad_head, plaindata - aad_head); - } + aad_head, aad_len); EVP_EncryptUpdate(ctx, plaindata, &cipher_len, plaindata, plain_len); - cipher_len = plain_len; - - /* Authenticate footer data (if any) without encrypting them */ - if (aad_head + auth_len > plaindata + plain_len) { - EVP_EncryptUpdate(ctx, NULL, NULL, aad_tail, - auth_len - (aad_tail - aad_head)); - } EVP_EncryptFinal_ex(ctx, plaindata + cipher_len, &cipher_len); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, + session->p.auth_digest_len, tag); return ODP_CRYPTO_ALG_ERR_NONE; } @@ -332,10 +317,8 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, { uint8_t *data = odp_packet_data(param->out_pkt); uint32_t cipher_len = param->cipher_range.length; - uint8_t *aad_head = data + param->auth_range.offset; - uint8_t *aad_tail = data + param->cipher_range.offset + - param->cipher_range.length; - uint32_t auth_len = param->auth_range.length; + const uint8_t *aad_head = param->aad.ptr; + uint32_t aad_len = param->aad.length; unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -347,12 +330,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* All cipher data must be part of the authentication */ - if (param->auth_range.offset > param->cipher_range.offset || - param->auth_range.offset + auth_len < - param->cipher_range.offset + cipher_len) - return ODP_CRYPTO_ALG_ERR_DATA_SIZE; - /* * Create a copy of the IV. The DES library modifies IV * and if we are processing packets on parallel threads @@ -368,25 +345,18 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, + session->p.auth_digest_len, tag); /* Authenticate header data (if any) without encrypting them */ - if (aad_head < cipherdata) { + if (aad_len > 0) EVP_DecryptUpdate(ctx, NULL, &plain_len, - aad_head, cipherdata - aad_head); - } + aad_head, aad_len); EVP_DecryptUpdate(ctx, cipherdata, &plain_len, cipherdata, cipher_len); - plain_len = cipher_len; - - /* Authenticate footer data (if any) without encrypting them */ - if (aad_head + auth_len > cipherdata + cipher_len) { - EVP_DecryptUpdate(ctx, NULL, NULL, aad_tail, - auth_len - (aad_tail - aad_head)); - } - if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) <= 0) + if (EVP_DecryptFinal_ex(ctx, cipherdata + plain_len, &plain_len) <= 0) return ODP_CRYPTO_ALG_ERR_ICV_CHECK; return ODP_CRYPTO_ALG_ERR_NONE; @@ -768,12 +738,14 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, case ODP_AUTH_ALG_AES128_GCM: if (param->cipher_alg == ODP_CIPHER_ALG_AES128_GCM) aes_gcm = 1; + session->p.auth_digest_len = 128 / 8; /* Fallthrough */ #endif case ODP_AUTH_ALG_AES_GCM: /* AES-GCM requires to do both auth and * cipher at the same time */ - if (param->cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) { + if ((param->cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) && + session->p.auth_digest_len == 128 / 8) { session->auth.func = null_crypto_routine; rc = 0; } else { From patchwork Mon May 22 10:59:56 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100284 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp190917qge; Mon, 22 May 2017 04:12:23 -0700 (PDT) X-Received: by 10.36.115.1 with SMTP id y1mr4020392itb.117.1495451543397; Mon, 22 May 2017 04:12:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451543; cv=none; d=google.com; s=arc-20160816; b=DCLN/QvnmrkJRauibPO/sRd1sfCyLns97NWuGTk9nEMTjkExJ+F2J67ZyA2+yhJcnb Ck+6p29WD7/+C6v+tlUxMU35OSktvHdKQtoRJUYHFeVRhG2bOinJ3qNQgNDzCydDh+qc FH2fxYakkjtIYpG8txkjAuTYD/r06r2ENDjF7QNQR+wSBywlL4A2g4dD6+ZiK4X9mqjv 9mTskMXp+/vZRwmZOewxbO2SF+x0x/k7Hpjm361Lkg9Tv6Fmhv3LtMq8RQczuS3p5SpP /67cy/mpw0VWfJZJXw807GqOrZiOlHpxgms7lVya7ujIJ/3Eu2WtRZ05uEyHcp5AwYRi QQcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=iQX6ohfNV6uIaVUYtJF9eUqy0ejbCJoVyswnm0j03/4=; b=eDVZZfk587C60C3A43GPNNUeFgVA84mG7/DvQhoJY+7E/9K/DaG48jJk+j4wX8VPW+ 2XfmgYSOUY9BmuQ6o2hacXEmRltoqEDLOdQXohFpLGieW6kteS4iUcXrdKTddTJ0k8z7 oOjPHPCp8sMTuQsKGkbjhs4bEciDkg/UcgFYJNyL/pFIaS16K7747tNa8RQU50uV1CYm VnQ+OF3dusBiokbI2UhXJwB+brnGUaOLcUU2NuJfkZeKU3DxJXz0PHO3bkfblBWv7QjH C33aX6CY/5EYrcmoyDn4RajiR9oCyuOJsz6/76vNDSeNQIXRgIdMFO8DAnlJYwdZY8Pg 0FMw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id u3si31514877iti.101.2017.05.22.04.12.23; Mon, 22 May 2017 04:12:23 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id EECE0609D0; Mon, 22 May 2017 11:12:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 14D4460722; Mon, 22 May 2017 11:03:31 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id D5F2460A4E; Mon, 22 May 2017 11:02:20 +0000 (UTC) Received: from forward3h.cmail.yandex.net (forward3h.cmail.yandex.net [87.250.230.18]) by lists.linaro.org (Postfix) with ESMTPS id 7866960A49 for ; Mon, 22 May 2017 11:00:52 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::27]) by forward3h.cmail.yandex.net (Yandex) with ESMTP id E7EBA20FCD for ; Mon, 22 May 2017 14:00:50 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id EE2352941005 for ; Mon, 22 May 2017 14:00:28 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0RpqAYSA; Mon, 22 May 2017 14:00:27 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:56 +0300 Message-Id: <1495450806-27703-7-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 6/16] crypto: linux-generic: add capabilities for CIPHER_NULL and AUTH_NULL X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov There is no point in having separate cases for NULL algorithms. Add capabilities returning 0 key/digest/iv length. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ platform/linux-generic/odp_crypto.c | 14 ++++++++++---- .../validation/api/crypto/odp_crypto_test_inp.c | 18 ++++-------------- 2 files changed, 14 insertions(+), 18 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 0ca3e110..156aab30 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -34,6 +34,9 @@ * * Keep sorted: first by key length, then by IV length */ +static const odp_crypto_cipher_capability_t cipher_capa_null[] = { +{.key_len = 0, .iv_len = 0} }; + static const odp_crypto_cipher_capability_t cipher_capa_des[] = { {.key_len = 24, .iv_len = 8} }; @@ -51,6 +54,9 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { * * Keep sorted: first by digest length, then by key length */ +static const odp_crypto_auth_capability_t auth_capa_null[] = { +{.digest_len = 0, .key_len = 0, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; + static const odp_crypto_auth_capability_t auth_capa_md5_hmac[] = { {.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; @@ -562,8 +568,8 @@ int odp_crypto_cipher_capability(odp_cipher_alg_t cipher, switch (cipher) { case ODP_CIPHER_ALG_NULL: - src = NULL; - num = 0; + src = cipher_capa_null; + num = sizeof(cipher_capa_null) / size; break; case ODP_CIPHER_ALG_DES: src = cipher_capa_des; @@ -602,8 +608,8 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, switch (auth) { case ODP_AUTH_ALG_NULL: - src = NULL; - num = 0; + src = auth_capa_null; + num = sizeof(auth_capa_null) / size; break; case ODP_AUTH_ALG_MD5_HMAC: src = auth_capa_md5_hmac; diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index 3f57a907..a7d8727b 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -141,13 +141,8 @@ static void alg_test(odp_crypto_op_t op, num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, MAX_ALG_CAPA); - if (cipher_alg != ODP_CIPHER_ALG_NULL) { - CU_ASSERT(num > 0); - found = 0; - } else { - CU_ASSERT(num == 0); - found = 1; - } + CU_ASSERT(num > 0); + found = 0; CU_ASSERT(num <= MAX_ALG_CAPA); @@ -167,13 +162,8 @@ static void alg_test(odp_crypto_op_t op, num = odp_crypto_auth_capability(auth_alg, auth_capa, MAX_ALG_CAPA); - if (auth_alg != ODP_AUTH_ALG_NULL) { - CU_ASSERT(num > 0); - found = 0; - } else { - CU_ASSERT(num == 0); - found = 1; - } + CU_ASSERT(num > 0); + found = 0; CU_ASSERT(num <= MAX_ALG_CAPA); From patchwork Mon May 22 10:59:57 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100279 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp189162qge; Mon, 22 May 2017 04:08:03 -0700 (PDT) X-Received: by 10.107.136.17 with SMTP id k17mr22553766iod.89.1495451283270; Mon, 22 May 2017 04:08:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451283; cv=none; d=google.com; s=arc-20160816; b=xFSxv5bjKaD9h1jIAdlW1Un+VwFMWOJ3Gg9JUJbJddThvnCYT8IuVhc5nEnGHZXG0L 7bjZN9C3WQ15VNCzVi0YRcWLibCbDUuMWbqDEtSWWEvC9TYtDLRS+1filhP9HJm54C4M kZzDjQ3IwfBDzWyMqV49+88+DqJXgrGQzP+0hjzIEVZUIX7FCiNNbsg2UL8TBe+2aDa6 q/aQzEZHdbSop3OgGJU9mXvNhysUHIXBywZv6V8HEdKNNcG8eHs39cCHKusXtP9q7XY0 9MtqFS6eEzXPo3BfVC4OVlmqn3xHGwU9y6IumKC+6HALfgq/Gos1yM3Rh7Oomt2wSySX eOGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=ss518xRK604YQrqjf56po7cjZAppoCBEgDcGW4bbvc4=; b=cN+gigWSV7ZwzqYYoSSneKt6ZfG0zqPN3GvkugTc2PRgRkCDmcvrIXc3BVr4s0pjqB LfEWAE/ETRYP/9pPiW3OzBKX2jMBE9B2pY+bY414X7lIUyLu9uItXX/zxCTkoxZweDZU iSaYZpyaBGBF65Ti3DGdS2Rm3KxJgELPXLFU5zkS3Irgy9lNPowTCXTivhRel7xU3L3E 1qR++XYVMhLL9513UIwOSPivEDOdPeYFJMDNSJhnXkUzTGNnL+7bzvpz8E+6bbvLXuyL U+xeiKWqxdotXYen3ufFQdplD7Rsz0ELqw+9r0De5UM5wt+SPUA/sL+hY7NhQ+6FmUNN vbgw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id 203si17427666itw.49.2017.05.22.04.08.02; Mon, 22 May 2017 04:08:03 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id BB0C6609D0; Mon, 22 May 2017 11:08:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 0EE4C60A6F; Mon, 22 May 2017 11:02:49 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 146EA60A56; Mon, 22 May 2017 11:02:14 +0000 (UTC) Received: from forward4h.cmail.yandex.net (forward4h.cmail.yandex.net [87.250.230.101]) by lists.linaro.org (Postfix) with ESMTPS id 9F88F60A4A for ; Mon, 22 May 2017 11:00:45 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward4h.cmail.yandex.net (Yandex) with ESMTP id 3AFC7208F3 for ; Mon, 22 May 2017 14:00:44 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 3A39D294104B for ; Mon, 22 May 2017 14:00:29 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0TpW8WJe; Mon, 22 May 2017 14:00:29 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:57 +0300 Message-Id: <1495450806-27703-8-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 7/16] test: crypto: add tests for NULL cipher X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ test/common_plat/validation/api/crypto/crypto.h | 2 + .../validation/api/crypto/odp_crypto_test_inp.c | 71 ++++++++++++++++++++++ .../validation/api/crypto/test_vectors.h | 12 ++++ .../validation/api/crypto/test_vectors_len.h | 3 + 4 files changed, 88 insertions(+) diff --git a/test/common_plat/validation/api/crypto/crypto.h b/test/common_plat/validation/api/crypto/crypto.h index 4d810f62..2a491c3c 100644 --- a/test/common_plat/validation/api/crypto/crypto.h +++ b/test/common_plat/validation/api/crypto/crypto.h @@ -10,6 +10,8 @@ #include "odp_cunit_common.h" /* test functions: */ +void crypto_test_enc_alg_null(void); +void crypto_test_dec_alg_null(void); void crypto_test_enc_alg_3des_cbc(void); void crypto_test_enc_alg_3des_cbc_ovr_iv(void); void crypto_test_dec_alg_3des_cbc(void); diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index a7d8727b..0eb3d5d9 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -430,6 +430,73 @@ static int check_auth_options(odp_auth_alg_t auth, uint32_t key_len, return 1; } +static int check_alg_null(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); +} + +void crypto_test_enc_alg_null(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv; + unsigned int test_vec_num = (sizeof(null_reference_length) / + sizeof(null_reference_length[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) { + if (!check_cipher_options(ODP_CIPHER_ALG_NULL, + cipher_key.length, iv.length)) + continue; + + alg_test(ODP_CRYPTO_OP_ENCODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + NULL, + cipher_key, + ODP_AUTH_ALG_NULL, + auth_key, + NULL, NULL, + NULL, 0, + null_reference_plaintext[i], + null_reference_length[i], + null_reference_plaintext[i], + null_reference_length[i], NULL, 0); + } +} + +void crypto_test_dec_alg_null(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0 }; + unsigned int test_vec_num = (sizeof(null_reference_length) / + sizeof(null_reference_length[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) { + if (!check_cipher_options(ODP_CIPHER_ALG_NULL, + cipher_key.length, iv.length)) + continue; + + alg_test(ODP_CRYPTO_OP_DECODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + NULL, + cipher_key, + ODP_AUTH_ALG_NULL, + auth_key, + NULL, NULL, + NULL, 0, + null_reference_plaintext[i], + null_reference_length[i], + null_reference_plaintext[i], + null_reference_length[i], NULL, 0); + } +} + static int check_alg_3des_cbc(void) { return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); @@ -1262,6 +1329,10 @@ int crypto_suite_async_init(void) } odp_testinfo_t crypto_suite[] = { + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, + check_alg_null), ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, check_alg_3des_cbc), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, diff --git a/test/common_plat/validation/api/crypto/test_vectors.h b/test/common_plat/validation/api/crypto/test_vectors.h index defbda45..b7efe1de 100644 --- a/test/common_plat/validation/api/crypto/test_vectors.h +++ b/test/common_plat/validation/api/crypto/test_vectors.h @@ -8,6 +8,18 @@ #define _ODP_TEST_CRYPTO_VECTORS_H_ #include "test_vectors_len.h" + +/** length in bytes */ +static uint32_t null_reference_length[] = { 8, 16 }; + +static uint8_t +null_reference_plaintext[][NULL_MAX_DATA_LEN] = { + {0x32, 0x6a, 0x49, 0x4c, 0xd3, 0x3f, 0xe7, 0x56}, + + {0x84, 0x40, 0x1f, 0x78, 0xfe, 0x6c, 0x10, 0x87, 0x6d, 0x8e, 0xa2, 0x30, + 0x94, 0xea, 0x53, 0x09} +}; + /* TDES-CBC reference vectors, according to * "http://csrc.nist.gov/groups/STM/cavp/documents/des/DESMMT.pdf" */ diff --git a/test/common_plat/validation/api/crypto/test_vectors_len.h b/test/common_plat/validation/api/crypto/test_vectors_len.h index 80fd927b..c1521dd7 100644 --- a/test/common_plat/validation/api/crypto/test_vectors_len.h +++ b/test/common_plat/validation/api/crypto/test_vectors_len.h @@ -6,6 +6,9 @@ #ifndef TEST_VECTORS_LEN_ #define TEST_VECTORS_LEN_ +/* NULL */ +#define NULL_MAX_DATA_LEN 16 + /* TDES-CBC */ #define TDES_CBC_KEY_LEN 24 #define TDES_CBC_IV_LEN 8 From patchwork Mon May 22 10:59:58 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100282 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp190374qge; Mon, 22 May 2017 04:11:02 -0700 (PDT) X-Received: by 10.55.33.141 with SMTP id f13mr19611877qki.51.1495451462228; Mon, 22 May 2017 04:11:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451462; cv=none; d=google.com; s=arc-20160816; b=TlB+wrnxTs2eAuMB2MeqKXBZfIKGtwZGSSW2n6gJ/5JPm6huRZqlKRniFX4Rx4xWEj mZpzZ7/pRS35rDpYK9MzOxBbeq4smZK1+T4vWZrxVydA/tbh0/rXCLToPOKt+0hMydR1 lMlEk/xORN84DxafjJ18SUaGT3xmiKEmShQTeIhTi4UP5zkHRMWWejl3pbG2jSlhG3iZ t9UnBsPdOeyQM/MmsrqWZSAl5m7ndcUcDbd8ACK1fEZYrTiuEF8k59qdipGttbF1YDiG YU3fnMxzfRQ3SQARgEy3BdMEGVgHBmA8KXaYX8fPN7pG8fbcyIUqTioSEFc5It+bJTDy g84A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=Lf88IKLGTMSVLjtca2FnbXqOwD/m0i2vu/7pRO9j4Aw=; b=oimrYJx/KbNQMoZkfw/BtE5vyb4gE4yc4r8TEVtjKyz+iX9WypXRN4WLCKZUmxxbrS YZqrz7ja7aCBm2K11Dg1pex3NLriOsaVzLD0mrAI4AAFcAtl7VL0VSk41yl+HfssNcxO 6a7pto3Y0NkGln7Jy2xXK6RZ2EWZAxCXKvnSysW/kcVgQt7RnQs8CdKOjhafyW4NwrvZ 64M1SBMJM45VW2X7/RI3BKH3qXbCffY/sN0OJ1ERnWTE5vy+TW88ysDiyFGXSIw2cx0u E+QxF3H3/CYYrAurhkyk0dN832Sx9r4coIvu3L64TM2HDe6VS/Y+wn/8t4hwTHxx8/7h 0UDQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id r17si18241724qkh.119.2017.05.22.04.11.01; Mon, 22 May 2017 04:11:02 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id C6B1360679; Mon, 22 May 2017 11:11:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 35E5060AD1; Mon, 22 May 2017 11:03:20 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 8DE9160A38; Mon, 22 May 2017 11:02:17 +0000 (UTC) Received: from forward2o.cmail.yandex.net (forward2o.cmail.yandex.net [37.9.109.243]) by lists.linaro.org (Postfix) with ESMTPS id 9EC0160A4D for ; Mon, 22 May 2017 11:00:46 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::27]) by forward2o.cmail.yandex.net (Yandex) with ESMTP id 31B3A20EE0 for ; Mon, 22 May 2017 14:00:45 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 9D5F0294100C for ; Mon, 22 May 2017 14:00:30 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0Upi5Fa6; Mon, 22 May 2017 14:00:30 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:58 +0300 Message-Id: <1495450806-27703-9-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 8/16] linux-generic: crypto: remote extra memcpy in AES-GCM X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov There is no need to memcpy IV if it gets passed to EVP functions. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ platform/linux-generic/odp_crypto.c | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 156aab30..3fc3580d 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -275,7 +275,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, uint32_t plain_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; - unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -286,13 +285,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv_enc, iv_ptr, AES_BLOCK_SIZE); - /* Adjust pointer for beginning of area to cipher/auth */ uint8_t *plaindata = data + param->cipher_range.offset; @@ -300,7 +292,7 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; int cipher_len = 0; - EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); + EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); /* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) @@ -325,7 +317,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, uint32_t cipher_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; - unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -336,20 +327,13 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv_enc, iv_ptr, AES_BLOCK_SIZE); - /* Adjust pointer for beginning of area to cipher/auth */ uint8_t *cipherdata = data + param->cipher_range.offset; /* Encrypt it */ EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; int plain_len = 0; - EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); + EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, session->p.auth_digest_len, tag); From patchwork Mon May 22 10:59:59 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100280 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp189754qge; Mon, 22 May 2017 04:09:29 -0700 (PDT) X-Received: by 10.237.37.209 with SMTP id y17mr23293351qtc.140.1495451369433; Mon, 22 May 2017 04:09:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451369; cv=none; d=google.com; s=arc-20160816; b=rpvZl3/ZqP2tsSGjI4nyDhksxAow3Snn1tySyHktIJlAesgnDdXPH4FXPrHD8rcYTZ U5wMf1HO6btIBweXK1oxCC3Slf5l5NxefVj8cWsJzs5yRP2X809Gssy9xK2IV+/BmScH ICMlzYIuVFQ90t2SKVCAk0hDEc86LAgkuxZ3tGJIyCdz83vW4DOyww6SbMyhdnO50Td4 uSMpSVQFzkspTOr/ObgZNOrOxUhaYghoXpuRAj492flA1XFv7DYlfJBzt/9j8RAU23Ft 6CEBS7yvB8PNVcWRx7cCMw6qaPzhId4PCvePCIe1tXEoZBo7dCaViLZp9HAFzeVkKH6U ABYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=So+KAH2KQcdEyYAenG9C+oBO9oL2njBBWGjWtk9tTCU=; b=woACbxQDSmUVycR55saPVKC6MnaYNhZK5w8RP9fX+7MEb/1IytOBLK/BR4mn3pqj8B +9kZSdTrjM2BTK86N0blqgrlzEiBBCxSjhGWvOSCIbriWS/a7WNmd1SUnT5jBvgMJ7Hi FUSgP+Bk1PSSNLM7fXu8o2YN/lO86EwAZL9F0zw7nOrlx4QUdFt0EUEo61fNzWCkpUI5 tYqwqoKTyBWlYZKEWkDNv9CxdObkYN2Ic7QznneoHjAftefRYvMfSfJWnQa8CFY+mvBP 1YwXJiTQqcOX7E6jRRF5hobyzOEeWeJO9SzMDTlSyJanG5MGcc6CCqoUt0Zj4iIB2sch 0G5A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id a1si14321966qkd.316.2017.05.22.04.09.29; Mon, 22 May 2017 04:09:29 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 0B38960A4A; Mon, 22 May 2017 11:09:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 7791E60A7E; Mon, 22 May 2017 11:03:00 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 6F90A60A4A; Mon, 22 May 2017 11:02:14 +0000 (UTC) Received: from forward2j.cmail.yandex.net (forward2j.cmail.yandex.net [5.255.227.20]) by lists.linaro.org (Postfix) with ESMTPS id 818B160A38 for ; Mon, 22 May 2017 11:00:40 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::27]) by forward2j.cmail.yandex.net (Yandex) with ESMTP id 755CD20767 for ; Mon, 22 May 2017 14:00:39 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id F044F2940F59 for ; Mon, 22 May 2017 14:00:33 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0Vp8sC61; Mon, 22 May 2017 14:00:31 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 13:59:59 +0300 Message-Id: <1495450806-27703-10-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 9/16] linux-generic: crypto: make AES-GCM thread safe X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Using single context for all operations is not thread safe: multiple threads can access the same context in parallel, affecting its internal state. Make AES-GCM functions use local context for en/decryption operations. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ .../linux-generic/include/odp_crypto_internal.h | 2 +- platform/linux-generic/odp_crypto.c | 84 ++++++++++------------ 2 files changed, 38 insertions(+), 48 deletions(-) diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index 515cefaa..d1020dba 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -53,7 +53,7 @@ struct odp_crypto_generic_session { AES_KEY key; } aes; struct { - EVP_CIPHER_CTX *ctx; + uint8_t key[EVP_MAX_KEY_LENGTH]; } aes_gcm; } data; crypto_func_t func; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 3fc3580d..37ce5df7 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -271,11 +271,13 @@ static odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); uint32_t plain_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; void *iv_ptr; + int cipher_len = 0; uint8_t *tag = data + param->hash_result_offset; if (param->override_iv_ptr) @@ -286,12 +288,14 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Adjust pointer for beginning of area to cipher/auth */ - uint8_t *plaindata = data + param->cipher_range.offset; + data += param->cipher_range.offset; /* Encrypt it */ - EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; - int cipher_len = 0; - + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, + session->cipher.data.aes_gcm.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); /* Authenticate header data (if any) without encrypting them */ @@ -299,13 +303,14 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_EncryptUpdate(ctx, NULL, &cipher_len, aad_head, aad_len); - EVP_EncryptUpdate(ctx, plaindata, &cipher_len, - plaindata, plain_len); + EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); - EVP_EncryptFinal_ex(ctx, plaindata + cipher_len, &cipher_len); + EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, session->p.auth_digest_len, tag); + EVP_CIPHER_CTX_free(ctx); + return ODP_CRYPTO_ALG_ERR_NONE; } @@ -313,10 +318,12 @@ static odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); uint32_t cipher_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; + int plain_len = 0; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -328,11 +335,14 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Adjust pointer for beginning of area to cipher/auth */ - uint8_t *cipherdata = data + param->cipher_range.offset; - /* Encrypt it */ - EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; - int plain_len = 0; + data += param->cipher_range.offset; + /* Decrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, + session->cipher.data.aes_gcm.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, @@ -343,12 +353,13 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_DecryptUpdate(ctx, NULL, &plain_len, aad_head, aad_len); - EVP_DecryptUpdate(ctx, cipherdata, &plain_len, - cipherdata, cipher_len); + EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); - if (EVP_DecryptFinal_ex(ctx, cipherdata + plain_len, &plain_len) <= 0) + if (EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len) <= 0) return ODP_CRYPTO_ALG_ERR_ICV_CHECK; + EVP_CIPHER_CTX_free(ctx); + return ODP_CRYPTO_ALG_ERR_NONE; } @@ -358,27 +369,14 @@ static int process_aes_gcm_param(odp_crypto_generic_session_t *session) if (session->p.cipher_key.length != 16) return -1; - /* Set function */ - EVP_CIPHER_CTX *ctx = - session->cipher.data.aes_gcm.ctx = EVP_CIPHER_CTX_new(); + memcpy(session->cipher.data.aes_gcm.key, session->p.cipher_key.data, + session->p.cipher_key.length); - if (ODP_CRYPTO_OP_ENCODE == session->p.op) { + /* Set function */ + if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = aes_gcm_encrypt; - EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL); - } else { + else session->cipher.func = aes_gcm_decrypt; - EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL); - } - - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); - if (ODP_CRYPTO_OP_ENCODE == session->p.op) { - EVP_EncryptInit_ex(ctx, NULL, NULL, - session->p.cipher_key.data, NULL); - } else { - EVP_DecryptInit_ex(ctx, NULL, NULL, - session->p.cipher_key.data, NULL); - } return 0; } @@ -641,17 +639,16 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, /* Copy parameters */ session->p = *param; - /* Copy IV data */ - if (session->p.iv.data) { - if (session->p.iv.length > MAX_IV_LEN) { - ODP_DBG("Maximum IV length exceeded\n"); - free_session(session); - return -1; - } + if (session->p.iv.length > MAX_IV_LEN) { + ODP_DBG("Maximum IV length exceeded\n"); + free_session(session); + return -1; + } + /* Copy IV data */ + if (session->p.iv.data) memcpy(session->cipher.iv_data, session->p.iv.data, session->p.iv.length); - } /* Derive order */ if (ODP_CRYPTO_OP_ENCODE == param->op) @@ -761,15 +758,8 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, int odp_crypto_session_destroy(odp_crypto_session_t session) { odp_crypto_generic_session_t *generic; - int aes_gcm = 0; generic = (odp_crypto_generic_session_t *)(intptr_t)session; -#if ODP_DEPRECATED_API - if (generic->p.cipher_alg == ODP_CIPHER_ALG_AES128_GCM) - aes_gcm = 1; -#endif - if (generic->p.cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) - EVP_CIPHER_CTX_free(generic->cipher.data.aes_gcm.ctx); memset(generic, 0, sizeof(*generic)); free_session(generic); return 0; From patchwork Mon May 22 11:00:00 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100285 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp191443qge; Mon, 22 May 2017 04:13:41 -0700 (PDT) X-Received: by 10.107.191.67 with SMTP id p64mr20293073iof.100.1495451621825; Mon, 22 May 2017 04:13:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451621; cv=none; d=google.com; s=arc-20160816; b=AWfQdIxu3klOxXzgwIlv4IOoSapUpx4KJimeeI0QnP3jYsSxFlDerVFMRcTsXOTVKO nw6JLN3d+dzjTICvq0z9krrZLhNIMAI3pDdz77SGelrK+4JZoUUnpSbQWBiOtltTuGnU PPZ2yA7kID03fAqYr6ux4F21UXjwlWNuwgpzTN4zzNAN/QSYfEGICwYzwyikoCYoOBtZ irLWXzyeSNN3ogcmTP48bwxSC+AzOVSD8ZQoV+7B2C60K8pWieiJ6Edh/hZABCK7c4bT Fabfz7sr979D+tg+gP+1gr9Yn15NyLOFQfIRjJdn3D0V2SiZWw4hMA9PbGJudcjdbJtp 6P1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=+7ynTAVFJ9477IMpsZF/3mbI+97S4rf6hhM8x7kJPCg=; b=I9sqP35WVOGEPPK2OOKM3ed7rKGUXXtzOsWZpXnUb+T1shjb3TTtFAOcXs8gbWZakg LiS9tkgG0VZFympTjkRyB3qv35IyNhNpFF++qhSGQ5Y3uKHomzxS/+Bz2EHGbQkUUtmm 8MvKi1tEu+F7BzOyhGDWmmLYV2e4/yq0Rck2YQj0onJZZ6JxmwuRx2xee88wK9t2/YcF hxPZlJ41oTTNFpLuHmlg5wAFOuqHlh8urcXl+2wZsk396tYIoHHv5RPHle1nEhI9RKfg Nu75obCcj73rTF6A3ThCdZDxrHCA51p4m31IFOkV39F+CX7LElpOgc6u4sIFFCFInr8o Y+Pw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id k76si7420149ita.103.2017.05.22.04.13.41; Mon, 22 May 2017 04:13:41 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 5DA9960A2D; Mon, 22 May 2017 11:13:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 00DA160B04; Mon, 22 May 2017 11:03:46 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 0F76660722; Mon, 22 May 2017 11:03:27 +0000 (UTC) Received: from forward4h.cmail.yandex.net (forward4h.cmail.yandex.net [87.250.230.101]) by lists.linaro.org (Postfix) with ESMTPS id EA07360722 for ; Mon, 22 May 2017 11:00:54 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward4h.cmail.yandex.net (Yandex) with ESMTP id D4306209E6 for ; Mon, 22 May 2017 14:00:53 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 090642941036 for ; Mon, 22 May 2017 14:00:34 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0YpeT4mH; Mon, 22 May 2017 14:00:34 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 14:00:00 +0300 Message-Id: <1495450806-27703-11-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 10/16] linux-generic: crypto: explicitly disable padding for AES-GCM X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ platform/linux-generic/odp_crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 37ce5df7..93837215 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -297,6 +297,7 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, session->p.iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); /* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) @@ -344,6 +345,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, session->p.iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, session->p.auth_digest_len, tag); From patchwork Mon May 22 11:00:01 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100278 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp188651qge; Mon, 22 May 2017 04:06:39 -0700 (PDT) X-Received: by 10.200.36.232 with SMTP id t37mr19678222qtt.264.1495451199797; Mon, 22 May 2017 04:06:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451199; cv=none; d=google.com; s=arc-20160816; b=mRmE3WSld2wNSBRBaIOzqZNZytwRYvq+QmIBixIjQWxU+LA7ZvdBMM9UX7xM7Bqf5h zc72aEhzLckDjTe4vPV4bGvLJeaUVg5gXO9Qh64f9JB+YbibYGpWTA0BEIX7GOTsnp+r omzmsIMIg8hq84oM7Y2oDfDCWm6zIBhMxEkeWHq7YY3CZxVisvIwdf93OJNtu+0c9TGH QgffEUF532sujwru6gBmy7MeTMSsJsmQXfxjnu5i2gAvlZgeGA7pCBZTlTN9xA3P5F1G QmErZsiMOugjRJz1USoGKLxzuOWX16gOAYnBD8xXqEGRBdwQr8qMmWn46jfk02VaxH6M Lplg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=ohUom9Vx3KztycOnkSs7CB9xiS0Df+ExGIvTgsFu5io=; b=eiwje/3hTM+iAiO1ywenIPE3qG919243pt61QO9XBE1w557RHlVLSh52bMNUx+5E/p jcK8wAOLqfwYuxkoOz80fqrzMOpfIugz5BVrImWz6DUBGm2Yn9vSOPFelQGNYqg3Sj+L MlWjl17oGzIwjnalDcT67iZBRaiaqyp/uhL9H99u/luPTVpKNcFVKwLo6lw51vZZQT0A TfG3AHFqC3lYhhEgOmb81E+DaDXuRQrxEwM7yZ7OKYCVsfl2RgVSpLvLu+kiOO1p/AGS X73fDAzTCccox7Qk1ypVTaAK/URMDpy8B0dgDHp81zHJ/kp43BFekGgVND2/qDDZMJAu zXOQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id z57si17987053qtz.205.2017.05.22.04.06.39; Mon, 22 May 2017 04:06:39 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 6D54E60A44; Mon, 22 May 2017 11:06:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id A14A560A4E; Mon, 22 May 2017 11:02:37 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id E109060A57; Mon, 22 May 2017 11:02:11 +0000 (UTC) Received: from forward4p.cmail.yandex.net (forward4p.cmail.yandex.net [77.88.31.19]) by lists.linaro.org (Postfix) with ESMTPS id CE02E60A1B for ; Mon, 22 May 2017 11:00:39 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward4p.cmail.yandex.net (Yandex) with ESMTP id BBF83203BB for ; Mon, 22 May 2017 14:00:38 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 54B952940CE6 for ; Mon, 22 May 2017 14:00:35 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0ZpKkQEb; Mon, 22 May 2017 14:00:35 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 14:00:01 +0300 Message-Id: <1495450806-27703-12-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 11/16] linux-generic: crypto: rewrite AES-CBC support using EVP functions X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Rewrite AES-CBC to use generic EVP interface following AES-GCM implementation. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ .../linux-generic/include/odp_crypto_internal.h | 3 +- platform/linux-generic/odp_crypto.c | 70 ++++++++++++---------- 2 files changed, 39 insertions(+), 34 deletions(-) diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index d1020dba..d6fd0400 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -12,7 +12,6 @@ extern "C" { #endif #include -#include #include #define MAX_IV_LEN 64 @@ -50,7 +49,7 @@ struct odp_crypto_generic_session { DES_key_schedule ks3; } des; struct { - AES_KEY key; + uint8_t key[EVP_MAX_KEY_LENGTH]; } aes; struct { uint8_t key[EVP_MAX_KEY_LENGTH]; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 93837215..a3f22020 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -187,10 +187,11 @@ static odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t len = param->cipher_range.length; - unsigned char iv_enc[AES_BLOCK_SIZE]; + uint32_t plain_len = param->cipher_range.length; void *iv_ptr; + int cipher_len = 0; if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -199,18 +200,21 @@ odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv_enc, iv_ptr, AES_BLOCK_SIZE); - - /* Adjust pointer for beginning of area to cipher */ + /* Adjust pointer for beginning of area to cipher/auth */ data += param->cipher_range.offset; + /* Encrypt it */ - AES_cbc_encrypt(data, data, len, &session->cipher.data.aes.key, - iv_enc, AES_ENCRYPT); + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, + session->cipher.data.aes.key, NULL); + EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); + + EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); + + EVP_CIPHER_CTX_free(ctx); return ODP_CRYPTO_ALG_ERR_NONE; } @@ -219,9 +223,10 @@ static odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t len = param->cipher_range.length; - unsigned char iv_enc[AES_BLOCK_SIZE]; + uint32_t cipher_len = param->cipher_range.length; + int plain_len = 0; void *iv_ptr; if (param->override_iv_ptr) @@ -231,18 +236,21 @@ odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv_enc, iv_ptr, AES_BLOCK_SIZE); - - /* Adjust pointer for beginning of area to cipher */ + /* Adjust pointer for beginning of area to cipher/auth */ data += param->cipher_range.offset; - /* Encrypt it */ - AES_cbc_encrypt(data, data, len, &session->cipher.data.aes.key, - iv_enc, AES_DECRYPT); + + /* Decrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, + session->cipher.data.aes.key, NULL); + EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); + + EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len); + + EVP_CIPHER_CTX_free(ctx); return ODP_CRYPTO_ALG_ERR_NONE; } @@ -253,16 +261,14 @@ static int process_aes_param(odp_crypto_generic_session_t *session) if (!((0 == session->p.iv.length) || (16 == session->p.iv.length))) return -1; + memcpy(session->cipher.data.aes.key, session->p.cipher_key.data, + session->p.cipher_key.length); + /* Set function */ - if (ODP_CRYPTO_OP_ENCODE == session->p.op) { + if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = aes_encrypt; - AES_set_encrypt_key(session->p.cipher_key.data, 128, - &session->cipher.data.aes.key); - } else { + else session->cipher.func = aes_decrypt; - AES_set_decrypt_key(session->p.cipher_key.data, 128, - &session->cipher.data.aes.key); - } return 0; } From patchwork Mon May 22 11:00:02 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100286 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp191621qge; Mon, 22 May 2017 04:14:11 -0700 (PDT) X-Received: by 10.107.18.170 with SMTP id 42mr19592526ios.173.1495451651213; Mon, 22 May 2017 04:14:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451651; cv=none; d=google.com; s=arc-20160816; b=t7pNqFXztqHH5lOiT+bLf8qP2ZvxEJ02ZBkhykZxMZUC1KXEW5l1zLxlfIBNKAeqr8 8fe2WmMMjadcX/b0i+9geRnLAftOb76BaXGX58Zy4Cm25sePOJwpdAMzCrMDvJh3aHjr PtB/PyEgYcE0jpQZBzUA77rKDQ+8UONfBXXbeTPQG5jt/HF/cHuTbdhBEPTyjwmrCcLz 12h2fv6zRO8MOJxkYRME5NeJgjDYXnNCo9BNL9VzlRoLbGWWxibkDUOIdSit43O9fNeV R97r+pioQg+QedMi1pcwFgH5LDl9N0y5RmUQTskOl1itazljD9Jq/EIO6pJ/ilqeZRRN hlqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=hgLl+WWORbok1D09QMAOLhVY+nKO0JNg/jNcilMGCt4=; b=sUgT7FBH2l24vZsJEUmAKp1ib4xL/7vcRYBLORbQJd8eTxbXNcIBcSlHvVfrfrBjXD HifQPcik5JeTYf/wh0WOQC8QwxcGliXUwGobVVS7b4Y1OgeCxlNhmg64VbbAEvtQpHuc fOf7wbrQXLWRQ02VDZRLi4GBl1ZxJNH93LxciIdrMPX8KQe9JLBMxQHUCkYzod7uBSIA YLrPZvA6asuyp69zRm7xAM4jEWky+1GCs7pIYdSvDzqI8T3BHel7YAsvHl3iArEhUwZU bOwQQvJCAHpJBmTukH/Apvrs17iIGH70bK/5QKjAzPy6HdkmNF88RoGwUqDQnvkHbh4K zheA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id d125si18142927ite.89.2017.05.22.04.14.10; Mon, 22 May 2017 04:14:11 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id A4A4760A4A; Mon, 22 May 2017 11:14:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 953E660A52; Mon, 22 May 2017 11:04:27 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 4443160B05; Mon, 22 May 2017 11:03:31 +0000 (UTC) Received: from forward5p.cmail.yandex.net (forward5p.cmail.yandex.net [77.88.31.20]) by lists.linaro.org (Postfix) with ESMTPS id E1119607A3 for ; Mon, 22 May 2017 11:01:04 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::27]) by forward5p.cmail.yandex.net (Yandex) with ESMTP id A7E7A20C6B for ; Mon, 22 May 2017 14:01:02 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 7B43A2940F23 for ; Mon, 22 May 2017 14:00:37 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0bpKCYl9; Mon, 22 May 2017 14:00:37 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 14:00:02 +0300 Message-Id: <1495450806-27703-13-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 12/16] linux-generic: crypto: rewrite 3DES-CBC support using EVP functions X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Rewrite 3DES-CBC to use generic EVP interface following AES-GCM implementation. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ .../linux-generic/include/odp_crypto_internal.h | 5 +- platform/linux-generic/odp_crypto.c | 78 ++++++++++------------ 2 files changed, 35 insertions(+), 48 deletions(-) diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index d6fd0400..f4f1948f 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -11,7 +11,6 @@ extern "C" { #endif -#include #include #define MAX_IV_LEN 64 @@ -44,9 +43,7 @@ struct odp_crypto_generic_session { union { struct { - DES_key_schedule ks1; - DES_key_schedule ks2; - DES_key_schedule ks3; + uint8_t key[EVP_MAX_KEY_LENGTH]; } des; struct { uint8_t key[EVP_MAX_KEY_LENGTH]; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index a3f22020..e09a35d9 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -393,10 +393,11 @@ static odp_crypto_alg_err_t des_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t len = param->cipher_range.length; - DES_cblock iv; + uint32_t plain_len = param->cipher_range.length; void *iv_ptr; + int cipher_len = 0; if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -405,24 +406,21 @@ odp_crypto_alg_err_t des_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv, iv_ptr, sizeof(iv)); - - /* Adjust pointer for beginning of area to cipher */ + /* Adjust pointer for beginning of area to cipher/auth */ data += param->cipher_range.offset; + /* Encrypt it */ - DES_ede3_cbc_encrypt(data, - data, - len, - &session->cipher.data.des.ks1, - &session->cipher.data.des.ks2, - &session->cipher.data.des.ks3, - &iv, - 1); + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, + session->cipher.data.des.key, NULL); + EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); + + EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); + + EVP_CIPHER_CTX_cleanup(ctx); return ODP_CRYPTO_ALG_ERR_NONE; } @@ -431,9 +429,10 @@ static odp_crypto_alg_err_t des_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t len = param->cipher_range.length; - DES_cblock iv; + uint32_t cipher_len = param->cipher_range.length; + int plain_len = 0; void *iv_ptr; if (param->override_iv_ptr) @@ -443,25 +442,21 @@ odp_crypto_alg_err_t des_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv, iv_ptr, sizeof(iv)); - - /* Adjust pointer for beginning of area to cipher */ + /* Adjust pointer for beginning of area to cipher/auth */ data += param->cipher_range.offset; /* Decrypt it */ - DES_ede3_cbc_encrypt(data, - data, - len, - &session->cipher.data.des.ks1, - &session->cipher.data.des.ks2, - &session->cipher.data.des.ks3, - &iv, - 0); + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, + session->cipher.data.des.key, NULL); + EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); + + EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len); + + EVP_CIPHER_CTX_cleanup(ctx); return ODP_CRYPTO_ALG_ERR_NONE; } @@ -472,20 +467,15 @@ static int process_des_param(odp_crypto_generic_session_t *session) if (!((0 == session->p.iv.length) || (8 == session->p.iv.length))) return -1; + memcpy(session->cipher.data.des.key, session->p.cipher_key.data, + session->p.cipher_key.length); + /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = des_encrypt; else session->cipher.func = des_decrypt; - /* Convert keys */ - DES_set_key((DES_cblock *)&session->p.cipher_key.data[0], - &session->cipher.data.des.ks1); - DES_set_key((DES_cblock *)&session->p.cipher_key.data[8], - &session->cipher.data.des.ks2); - DES_set_key((DES_cblock *)&session->p.cipher_key.data[16], - &session->cipher.data.des.ks3); - return 0; } From patchwork Mon May 22 11:00:03 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100289 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp192550qge; Mon, 22 May 2017 04:16:28 -0700 (PDT) X-Received: by 10.200.51.208 with SMTP id d16mr22502333qtb.151.1495451788010; Mon, 22 May 2017 04:16:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451788; cv=none; d=google.com; s=arc-20160816; b=Su6xiowW6PYmtbOdertng/Zw+CCVs7aP7dI+rLfpNU1cjd6Z6ij4gI8S1E5+WNGWoM Gj243DEgu4RUTnNp1DqxVQypfAkA/J7a5LHHjPF3HgEcWs9ZXyp3UoXkbIpjiAg9eIXx /M8KYp6wxOzWsxp2vjQEeB19cQ4pYnkVLcoxJxi4y84SNDb0ezT+WRi2ruQJLHx5j8he td+KEOfJyewNMrJooFLjXJCp3Lsm5LU5gwWybyu4iUbNDqfyYHA62E4UUlN72R/GsfKz WD7fmMxmrGcKnisLElOU14sQFYmfDm2z1JYfllHx0H88/lgbz/7SF8/k0tfeCQ6mFhVZ MexQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=AC1gFmvdN7gSAf8fPFVAEvTVh2w7dyuF11JJJF+LJ9Q=; b=gcwemTLWeLzq1qng2YyS5No6NFXyhUsZIpcRZBgQ1hYG2xMuWbBxs2iTIezu1a5QLV df9QQtyYI5+xpmeebTN8+Soq8X5+WgEuA6it5vGA/pfyEG+1FlldRnY0o7/D5tTeY0f7 JenHRPX/0qGQ11WcYuAG62NiQirjcuNeZTHZnLRy7mZyU+S5pdlQzi3dFK4ip6NouoKh auySglTsdVXbPhZt2hzEEnXRzf7/tjjPjsDrOBnMxMAVbx676z/X0KYEnJQJaxFncdjJ 8gvlmI7k0XUHdtumJ6GBSC3IwfeqhGzDrfyLA4cPL7NxKV/wNgr6BC9GkqwOixH6cGVQ y8iQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id v200si17722298qkb.91.2017.05.22.04.16.27; Mon, 22 May 2017 04:16:27 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id AA48760A51; Mon, 22 May 2017 11:16:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 6E8D160B3F; Mon, 22 May 2017 11:04:50 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 4290E60A51; Mon, 22 May 2017 11:03:40 +0000 (UTC) Received: from forward1o.cmail.yandex.net (forward1o.cmail.yandex.net [37.9.109.84]) by lists.linaro.org (Postfix) with ESMTPS id A22D060A54 for ; Mon, 22 May 2017 11:01:13 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::27]) by forward1o.cmail.yandex.net (Yandex) with ESMTP id 43E86211CD for ; Mon, 22 May 2017 14:01:12 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id C1F78294100F for ; Mon, 22 May 2017 14:00:39 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0cp4aa2Y; Mon, 22 May 2017 14:00:38 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 14:00:03 +0300 Message-Id: <1495450806-27703-14-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 13/16] linux-generic: crypto: merge AES-CBC and 3DES-CBC support X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov There is now nearly no difference between AES-CBC and 3DES-CBC code. Merge it into generic 'cipher' support, easing adding support for other ciphers in future. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ .../linux-generic/include/odp_crypto_internal.h | 14 +- platform/linux-generic/odp_crypto.c | 153 +++++---------------- 2 files changed, 40 insertions(+), 127 deletions(-) diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index f4f1948f..7fe9289b 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -40,18 +40,8 @@ struct odp_crypto_generic_session { struct { /* Copy of session IV data */ uint8_t iv_data[MAX_IV_LEN]; - - union { - struct { - uint8_t key[EVP_MAX_KEY_LENGTH]; - } des; - struct { - uint8_t key[EVP_MAX_KEY_LENGTH]; - } aes; - struct { - uint8_t key[EVP_MAX_KEY_LENGTH]; - } aes_gcm; - } data; + uint8_t key_data[EVP_MAX_KEY_LENGTH]; + const EVP_CIPHER *evp_cipher; crypto_func_t func; } cipher; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index e09a35d9..25f2e231 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -184,8 +184,8 @@ odp_crypto_alg_err_t auth_check(odp_crypto_op_param_t *param, } static -odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t cipher_encrypt(odp_crypto_op_param_t *param, + odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); @@ -205,8 +205,8 @@ odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, /* Encrypt it */ ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, - session->cipher.data.aes.key, NULL); + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); @@ -220,8 +220,8 @@ odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, } static -odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t cipher_decrypt(odp_crypto_op_param_t *param, + odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); @@ -241,8 +241,8 @@ odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, /* Decrypt it */ ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, - session->cipher.data.aes.key, NULL); + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); @@ -255,20 +255,29 @@ odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_NONE; } -static int process_aes_param(odp_crypto_generic_session_t *session) +static int process_cipher_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) { - /* Verify IV len is either 0 or 16 */ - if (!((0 == session->p.iv.length) || (16 == session->p.iv.length))) + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.cipher_key.length) return -1; - memcpy(session->cipher.data.aes.key, session->p.cipher_key.data, + /* Verify IV len is correct */ + if (!((0 == session->p.iv.length) || + ((uint32_t)EVP_CIPHER_iv_length(cipher) == session->p.iv.length))) + return -1; + + session->cipher.evp_cipher = cipher; + + memcpy(session->cipher.key_data, session->p.cipher_key.data, session->p.cipher_key.length); /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->cipher.func = aes_encrypt; + session->cipher.func = cipher_encrypt; else - session->cipher.func = aes_decrypt; + session->cipher.func = cipher_decrypt; return 0; } @@ -298,8 +307,8 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, /* Encrypt it */ ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, - session->cipher.data.aes_gcm.key, NULL); + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, session->p.iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); @@ -346,8 +355,8 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, /* Decrypt it */ ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, - session->cipher.data.aes_gcm.key, NULL); + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, session->p.iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); @@ -371,15 +380,19 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_NONE; } -static int process_aes_gcm_param(odp_crypto_generic_session_t *session) +static int process_aes_gcm_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) { - /* Verify Key len is 16 */ - if (session->p.cipher_key.length != 16) + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.cipher_key.length) return -1; - memcpy(session->cipher.data.aes_gcm.key, session->p.cipher_key.data, + memcpy(session->cipher.key_data, session->p.cipher_key.data, session->p.cipher_key.length); + session->cipher.evp_cipher = cipher; + /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = aes_gcm_encrypt; @@ -389,96 +402,6 @@ static int process_aes_gcm_param(odp_crypto_generic_session_t *session) return 0; } -static -odp_crypto_alg_err_t des_encrypt(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) -{ - EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t plain_len = param->cipher_range.length; - void *iv_ptr; - int cipher_len = 0; - - if (param->override_iv_ptr) - iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) - iv_ptr = session->cipher.iv_data; - else - return ODP_CRYPTO_ALG_ERR_IV_INVALID; - - /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - - /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, - session->cipher.data.des.key, NULL); - EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); - - EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); - - EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); - - EVP_CIPHER_CTX_cleanup(ctx); - - return ODP_CRYPTO_ALG_ERR_NONE; -} - -static -odp_crypto_alg_err_t des_decrypt(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) -{ - EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t cipher_len = param->cipher_range.length; - int plain_len = 0; - void *iv_ptr; - - if (param->override_iv_ptr) - iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) - iv_ptr = session->cipher.iv_data; - else - return ODP_CRYPTO_ALG_ERR_IV_INVALID; - - /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - - /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, - session->cipher.data.des.key, NULL); - EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); - - EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); - - EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len); - - EVP_CIPHER_CTX_cleanup(ctx); - - return ODP_CRYPTO_ALG_ERR_NONE; -} - -static int process_des_param(odp_crypto_generic_session_t *session) -{ - /* Verify IV len is either 0 or 8 */ - if (!((0 == session->p.iv.length) || (8 == session->p.iv.length))) - return -1; - - memcpy(session->cipher.data.des.key, session->p.cipher_key.data, - session->p.cipher_key.length); - - /* Set function */ - if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->cipher.func = des_encrypt; - else - session->cipher.func = des_decrypt; - - return 0; -} - static int process_auth_param(odp_crypto_generic_session_t *session, uint32_t key_length, const EVP_MD *evp_md) @@ -662,13 +585,13 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, break; case ODP_CIPHER_ALG_DES: case ODP_CIPHER_ALG_3DES_CBC: - rc = process_des_param(session); + rc = process_cipher_param(session, EVP_des_ede3_cbc()); break; case ODP_CIPHER_ALG_AES_CBC: #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_CBC: #endif - rc = process_aes_param(session); + rc = process_cipher_param(session, EVP_aes_128_cbc()); break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_GCM: @@ -680,7 +603,7 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, /* AES-GCM requires to do both auth and * cipher at the same time */ if (param->auth_alg == ODP_AUTH_ALG_AES_GCM || aes_gcm) - rc = process_aes_gcm_param(session); + rc = process_aes_gcm_param(session, EVP_aes_128_gcm()); else rc = -1; break; From patchwork Mon May 22 11:00:04 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100281 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp190133qge; Mon, 22 May 2017 04:10:25 -0700 (PDT) X-Received: by 10.200.55.6 with SMTP id o6mr20204148qtb.236.1495451425556; Mon, 22 May 2017 04:10:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451425; cv=none; d=google.com; s=arc-20160816; b=O9c7S07khy8n3eOzQB7SO9Z8yuiMHoxlr8wBbgH48PnILC3KlpQ4GGGIGl51DO3Mrb Ac06nWN+bp5jrPRZj9OggzUdfa5jYwxsnEC5Xieey+DqoZplnvdlylZ5I7h7OGvMtBJF JOV7W1fnwcBhfa6jAf+2qSbswoW0knW1vmn4JufHB+GYnZkutle8OopcA+jm6bhqYa8/ 24znCbPu4eGR6J9poh2+F2OlN1ixvlvgsQezdlc1EO9ArQk4m3fhT5c2TYhvAkHzkEXE trUILgmSCxHrevUuch7Ddsu7/hXjRcketYpyZ35H5F3yBLbo89TC8mAv3eVx0SkjNrRV UCHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=ohQocA+rqYfdxF6eS02v4Ke5wnDIq8jWpvigVWss+yg=; b=seURwYnKqUajqsm8gOXvCoRmjmimTP0gZmywJMkSXXP7VaITiRwuWU4M6m1bUuHJoT P8KaoNEQyM/Z1gHLwwCHTD78X5r44DeE9cfi5k6W9m0wG/N0k52B6XqtF67VUn4+Lpr4 rSVqbID5tBLES+vygJKJvCwJQpOlgiiEB2xrkVvcPoS3FAH1NqZMeKENyh16h26GfQny gAijwSE6FwmZ/e4b1+akWBYGKQQ+indWsWk9FMpJWNPJ2vVxueFPmOYK130o/HibjKPu hJv57QbsgWNeG05dkPOJEVjpFlmuJaoVQFySjrcTHbOGPsOOfUp/XN0tyUJjvb6jmiMj IGnA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id p5si17493141qki.291.2017.05.22.04.10.25; Mon, 22 May 2017 04:10:25 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 3EBF460762; Mon, 22 May 2017 11:10:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id CD19960ACD; Mon, 22 May 2017 11:03:09 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id BA8EB60A38; Mon, 22 May 2017 11:02:14 +0000 (UTC) Received: from forward4o.cmail.yandex.net (forward4o.cmail.yandex.net [37.9.109.248]) by lists.linaro.org (Postfix) with ESMTPS id 8DC2660A45 for ; Mon, 22 May 2017 11:00:45 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward4o.cmail.yandex.net (Yandex) with ESMTP id 0117B20709 for ; Mon, 22 May 2017 14:00:44 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 36D8A2941050 for ; Mon, 22 May 2017 14:00:40 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0dp8Yg3k; Mon, 22 May 2017 14:00:40 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 14:00:04 +0300 Message-Id: <1495450806-27703-15-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 14/16] linux-generic: packet: add functions to optimize memset and memcmp paths X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Add function implementing memset and memcmp on packet object. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ .../linux-generic/include/odp_packet_internal.h | 6 +++ platform/linux-generic/odp_packet.c | 48 ++++++++++++++++++++++ 2 files changed, 54 insertions(+) diff --git a/platform/linux-generic/include/odp_packet_internal.h b/platform/linux-generic/include/odp_packet_internal.h index d0db7008..a480a748 100644 --- a/platform/linux-generic/include/odp_packet_internal.h +++ b/platform/linux-generic/include/odp_packet_internal.h @@ -237,6 +237,12 @@ int packet_parse_common(packet_parser_t *pkt_hdr, const uint8_t *ptr, int _odp_cls_parse(odp_packet_hdr_t *pkt_hdr, const uint8_t *parseptr); +int _odp_packet_set_data(odp_packet_t pkt, uint32_t offset, + uint8_t c, uint32_t len); + +int _odp_packet_cmp_data(odp_packet_t pkt, uint32_t offset, + const void *s, uint32_t len); + #ifdef __cplusplus } #endif diff --git a/platform/linux-generic/odp_packet.c b/platform/linux-generic/odp_packet.c index 9ff642be..6799c6ef 100644 --- a/platform/linux-generic/odp_packet.c +++ b/platform/linux-generic/odp_packet.c @@ -1634,6 +1634,54 @@ int odp_packet_move_data(odp_packet_t pkt, uint32_t dst_offset, pkt, src_offset, len); } +int _odp_packet_set_data(odp_packet_t pkt, uint32_t offset, + uint8_t c, uint32_t len) +{ + void *mapaddr; + uint32_t seglen = 0; /* GCC */ + uint32_t setlen; + odp_packet_hdr_t *pkt_hdr = packet_hdr(pkt); + + if (offset + len > pkt_hdr->frame_len) + return -1; + + while (len > 0) { + mapaddr = packet_map(pkt_hdr, offset, &seglen, NULL); + setlen = len > seglen ? seglen : len; + memset(mapaddr, c, setlen); + offset += setlen; + len -= setlen; + } + + return 0; +} + +int _odp_packet_cmp_data(odp_packet_t pkt, uint32_t offset, + const void *s, uint32_t len) +{ + const uint8_t *ptr = s; + void *mapaddr; + uint32_t seglen = 0; /* GCC */ + uint32_t cmplen; + int ret; + odp_packet_hdr_t *pkt_hdr = packet_hdr(pkt); + + ODP_ASSERT(offset + len <= pkt_hdr->frame_len); + + while (len > 0) { + mapaddr = packet_map(pkt_hdr, offset, &seglen, NULL); + cmplen = len > seglen ? seglen : len; + ret = memcmp(mapaddr, ptr, cmplen); + if (ret != 0) + return ret; + offset += cmplen; + len -= cmplen; + ptr += cmplen; + } + + return 0; +} + /* * * Debugging From patchwork Mon May 22 11:00:05 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100288 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp192281qge; Mon, 22 May 2017 04:15:52 -0700 (PDT) X-Received: by 10.55.50.19 with SMTP id y19mr17768632qky.24.1495451752442; Mon, 22 May 2017 04:15:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451752; cv=none; d=google.com; s=arc-20160816; b=Bu+W90v6gsuAaVqNj027M9B8G23oM8ttdHRwfuHnHQ5ssxxaWxy4EMZEJOc3hIPKOV Xu659sqP1QWWV1aev+YmCqJRK8jDWq6iuvMF920dcNMySFaPRfdiRF2Sby3G0B2HWYVG AEM66omWR54Enw/up5wQcD1gWEq/2NCCsYtkHOlUEp8ycnD87nU9zd5mI+vW5d+1PhnE cWbegu43U2gYhgJit573bB2Cp/Y0iR3HqTb1MrXPwRmCClOJ0dPKi+HfjM2iI0T+/PT5 IoWu3vkAdkLhq7wGUrV1zp3cc77sW2QWnZuyc6jCY6qqrYe9qMqTnNTSd1U7q43ALazV KPDg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=JdNEdPVDt28iPxx6+7yuWS6wp0dQCs+eTFcLQ30i13M=; b=eh0v+LSorjB9k+6djuxmi8CwX0EbnojPBYi4a4eD/HO35zTT9mCFpXPk1BadCNLqyu mgWQSi1ZDbzhiSITuyzBWlhWyIYXeIqYiM3WsZu5AcrivJachfHSOqlIHUUO4Fuqd1n2 +/R/+IssSwZALv4oJtKr47YTANkcNWh8AGKUSm/traHEEVIXweVPfoGnGexQ1O5L0t7O VtmzejNtMnw14wf6OvQCWk/cMipW5ixhY2g0eM3seVP4wBOD8EU7VRh/uRpp7JmmuDti ud3J7M+hNo6spoAh7DALem5tAbHsaTAreRSHf3buej/mXBAOrUUcCbqcxOr2RD3n5T8e Lg4g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id y16si9908950qty.310.2017.05.22.04.15.52; Mon, 22 May 2017 04:15:52 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 21BD560A45; Mon, 22 May 2017 11:15:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 1F3CC60B2D; Mon, 22 May 2017 11:04:49 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 73D8A60AF8; Mon, 22 May 2017 11:03:36 +0000 (UTC) Received: from forward1o.cmail.yandex.net (forward1o.cmail.yandex.net [37.9.109.84]) by lists.linaro.org (Postfix) with ESMTPS id A1EF860A51 for ; Mon, 22 May 2017 11:01:13 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward1o.cmail.yandex.net (Yandex) with ESMTP id 428FC21176 for ; Mon, 22 May 2017 14:01:12 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id C6E8C2940F34 for ; Mon, 22 May 2017 14:00:42 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0fpGKJVd; Mon, 22 May 2017 14:00:41 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 14:00:05 +0300 Message-Id: <1495450806-27703-16-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 15/16] linux-generic: crypto: make HMAC work across segmented packets X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ platform/linux-generic/odp_crypto.c | 78 +++++++++++++++++++++---------------- 1 file changed, 45 insertions(+), 33 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 25f2e231..a147f271 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -118,29 +118,53 @@ null_crypto_routine(odp_crypto_op_param_t *param ODP_UNUSED, } static +void packet_hmac(odp_crypto_op_param_t *param, + odp_crypto_generic_session_t *session, + uint8_t *hash) +{ + odp_packet_t pkt = param->out_pkt; + uint32_t offset = param->auth_range.offset; + uint32_t len = param->auth_range.length; + HMAC_CTX ctx; + + ODP_ASSERT(offset + len <= odp_packet_len(pkt)); + + /* Hash it */ + HMAC_CTX_init(&ctx); + HMAC_Init_ex(&ctx, + session->auth.key, + session->auth.key_length, + session->auth.evp_md, + NULL); + + while (len > 0) { + uint32_t seglen = 0; /* GCC */ + void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL); + uint32_t maclen = len > seglen ? seglen : len; + + HMAC_Update(&ctx, mapaddr, maclen); + offset += maclen; + len -= maclen; + } + + HMAC_Final(&ctx, hash, NULL); + HMAC_CTX_cleanup(&ctx); +} + +static odp_crypto_alg_err_t auth_gen(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { - uint8_t *data = odp_packet_data(param->out_pkt); - uint8_t *icv = data; - uint32_t len = param->auth_range.length; uint8_t hash[EVP_MAX_MD_SIZE]; - /* Adjust pointer for beginning of area to auth */ - data += param->auth_range.offset; - icv += param->hash_result_offset; - /* Hash it */ - HMAC(session->auth.evp_md, - session->auth.key, - session->auth.key_length, - data, - len, - hash, - NULL); + packet_hmac(param, session, hash); /* Copy to the output location */ - memcpy(icv, hash, session->auth.bytes); + odp_packet_copy_from_mem(param->out_pkt, + param->hash_result_offset, + session->auth.bytes, + hash); return ODP_CRYPTO_ALG_ERR_NONE; } @@ -149,31 +173,19 @@ static odp_crypto_alg_err_t auth_check(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { - uint8_t *data = odp_packet_data(param->out_pkt); - uint8_t *icv = data; - uint32_t len = param->auth_range.length; uint32_t bytes = session->auth.bytes; uint8_t hash_in[EVP_MAX_MD_SIZE]; uint8_t hash_out[EVP_MAX_MD_SIZE]; - /* Adjust pointer for beginning of area to auth */ - data += param->auth_range.offset; - icv += param->hash_result_offset; - /* Copy current value out and clear it before authentication */ - memset(hash_in, 0, sizeof(hash_in)); - memcpy(hash_in, icv, bytes); - memset(icv, 0, bytes); - memset(hash_out, 0, sizeof(hash_out)); + odp_packet_copy_to_mem(param->out_pkt, param->hash_result_offset, + bytes, hash_in); + + _odp_packet_set_data(param->out_pkt, param->hash_result_offset, + 0, bytes); /* Hash it */ - HMAC(session->auth.evp_md, - session->auth.key, - session->auth.key_length, - data, - len, - hash_out, - NULL); + packet_hmac(param, session, hash_out); /* Verify match */ if (0 != memcmp(hash_in, hash_out, bytes)) From patchwork Mon May 22 11:00:06 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 100287 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp191940qge; Mon, 22 May 2017 04:15:02 -0700 (PDT) X-Received: by 10.36.87.84 with SMTP id u81mr40904189ita.35.1495451701966; Mon, 22 May 2017 04:15:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1495451701; cv=none; d=google.com; s=arc-20160816; b=o8W1SN0aecGw0o/qKVQG0VDIoiWhREvDq32xUm0nT3ZvB6JCQd3jcDwZJGc0jLl+Om E4T5Wv5kYiRc796czEqcX7OpSTL6S1q462qkY9GpH4YzbUwZL6z2JaQ9sJzSp3sYrwqy XssjMElMS4cJN+0WHLgxEvrqj8yiFd9vCUplmR5k8NedHzFUPUfSgQjBnExIqS3yTnOU cpf8vKFxY0lslsW+NLrfiSiDUKe6WBRkY53gwKIDLGkEGzoa8QTquBH2lVRl333Zwgdq jFdvulTcw0CELhkImBUmZJ5LSGAuT+BdcDNYSsvHiDr473kABMa7n7ZyAKuTvo/RkpiW n0bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=LsUfzXgCsqg83pSLur8sw6njV/R1AMaPUzQ6E/SZJRA=; b=jG2sDo/piqo45YdKzEhzrLy+tTzXkuNH8kKOM3OveuKv99wQAFPAuqp62cmkOG+8ZH jWv22fMZ9oesQvBnfEkfvq6nGNkej6Vp1Cz5/fiUvkgtstV3bdZTGgBKfwmDHIZp22F+ PynpvI2wUtKi5A3MeK5rObfisWWEgJjglj3Sih121U6x1tb1TMFo+I5us6UMZOj6xHLa gcv6hJgSOLWv4km1JC9okf2Dt75sh7/yTHjUmqDLM3c7rN6B16E9SWH3NQDC18/tqGlX XIHu7xkXSaSEQydsbReB5M0O99lL5YNKUVSllhrpZXyy1+Xjev78xeSo05vs6CvFtG4G H3ZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id d80si32090209itc.51.2017.05.22.04.15.01; Mon, 22 May 2017 04:15:01 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 01EA060A4A; Mon, 22 May 2017 11:15:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 3F42560B15; Mon, 22 May 2017 11:04:44 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 0C2D160B04; Mon, 22 May 2017 11:03:32 +0000 (UTC) Received: from forward1m.cmail.yandex.net (forward1m.cmail.yandex.net [5.255.216.2]) by lists.linaro.org (Postfix) with ESMTPS id 50F146079A for ; Mon, 22 May 2017 11:00:55 +0000 (UTC) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [37.140.190.28]) by forward1m.cmail.yandex.net (Yandex) with ESMTP id AAE7420FD1 for ; Mon, 22 May 2017 14:00:53 +0300 (MSK) Received: from smtp3o.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3o.mail.yandex.net (Yandex) with ESMTP id 888A52940EF0 for ; Mon, 22 May 2017 14:00:43 +0300 (MSK) Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id EyK36iliXq-0hp8usqP; Mon, 22 May 2017 14:00:43 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 22 May 2017 14:00:06 +0300 Message-Id: <1495450806-27703-17-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> References: <1495450806-27703-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 34 Subject: [lng-odp] [PATCH API-NEXT v1 16/16] linux-generic: crypto: make en/decryption work across packet segments X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 34 (lumag:crypto-update-main-new) ** https://github.com/Linaro/odp/pull/34 ** Patch: https://github.com/Linaro/odp/pull/34.patch ** Base sha: 826ee894aa0ebd09d42a17e1de077c46bc5b366a ** Merge commit sha: 225ede5cef6eb46fc9e1d1d385ac8be0b57c64f5 **/ platform/linux-generic/odp_crypto.c | 162 ++++++++++++++++++++++++++---------- 1 file changed, 116 insertions(+), 46 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index a147f271..e5468c40 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -195,15 +195,101 @@ odp_crypto_alg_err_t auth_check(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_NONE; } +#define IN_CONSUME(len) \ + in_pos += (len); \ + in_len -= (len); \ + insegaddr += (len); \ + inseglen -= (len); + +static +int internal_encrypt(EVP_CIPHER_CTX *ctx, odp_crypto_op_param_t *param) +{ + odp_packet_t pkt = param->out_pkt; + unsigned in_pos = param->cipher_range.offset; + unsigned out_pos = param->cipher_range.offset; + unsigned in_len = param->cipher_range.length; + uint8_t block[2 * EVP_MAX_BLOCK_LENGTH]; + unsigned block_len = EVP_CIPHER_block_size(EVP_CIPHER_CTX_cipher(ctx)); + int cipher_len; + int ret; + + while (in_len > 0) { + uint32_t seglen = 0; /* GCC */ + uint8_t *insegaddr = odp_packet_offset(pkt, in_pos, &seglen, NULL); + unsigned inseglen = in_len < seglen ? in_len : seglen; + + /* There should be at least 1 additional block in out buffer */ + if (inseglen > block_len) { + unsigned part = inseglen - block_len; + EVP_EncryptUpdate(ctx, insegaddr, &cipher_len, insegaddr, part); + IN_CONSUME(part); + out_pos += cipher_len; + } + + /* Use temporal storage */ + if (inseglen > 0) { + unsigned part = inseglen; + EVP_EncryptUpdate(ctx, block, &cipher_len, insegaddr, part); + IN_CONSUME(part); + odp_packet_copy_from_mem(pkt, out_pos, cipher_len, block); + out_pos += cipher_len; + } + } + + ret = EVP_EncryptFinal_ex(ctx, block, &cipher_len); + odp_packet_copy_from_mem(pkt, out_pos, cipher_len, block); + + return ret; +} + +static +int internal_decrypt(EVP_CIPHER_CTX *ctx, odp_crypto_op_param_t *param) +{ + odp_packet_t pkt = param->out_pkt; + unsigned in_pos = param->cipher_range.offset; + unsigned out_pos = param->cipher_range.offset; + unsigned in_len = param->cipher_range.length; + uint8_t block[2 * EVP_MAX_BLOCK_LENGTH]; + unsigned block_len = EVP_CIPHER_block_size(EVP_CIPHER_CTX_cipher(ctx)); + int cipher_len; + int ret; + + while (in_len > 0) { + uint32_t seglen = 0; /* GCC */ + uint8_t *insegaddr = odp_packet_offset(pkt, in_pos, &seglen, NULL); + unsigned inseglen = in_len < seglen ? in_len : seglen; + + /* There should be at least 1 additional block in out buffer */ + if (inseglen > block_len) { + unsigned part = inseglen - block_len; + EVP_DecryptUpdate(ctx, insegaddr, &cipher_len, insegaddr, part); + IN_CONSUME(part); + out_pos += cipher_len; + } + + /* Use temporal storage */ + if (inseglen > 0) { + unsigned part = inseglen; + EVP_DecryptUpdate(ctx, block, &cipher_len, insegaddr, part); + IN_CONSUME(part); + odp_packet_copy_from_mem(pkt, out_pos, cipher_len, block); + out_pos += cipher_len; + } + } + + ret = EVP_DecryptFinal_ex(ctx, block, &cipher_len); + odp_packet_copy_from_mem(pkt, out_pos, cipher_len, block); + + return ret; +} + static odp_crypto_alg_err_t cipher_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t plain_len = param->cipher_range.length; void *iv_ptr; - int cipher_len = 0; + int ret; if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -212,9 +298,6 @@ odp_crypto_alg_err_t cipher_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - /* Encrypt it */ ctx = EVP_CIPHER_CTX_new(); EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, @@ -222,13 +305,12 @@ odp_crypto_alg_err_t cipher_encrypt(odp_crypto_op_param_t *param, EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); - EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); - - EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); + ret = internal_encrypt(ctx, param); EVP_CIPHER_CTX_free(ctx); - return ODP_CRYPTO_ALG_ERR_NONE; + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; } static @@ -236,10 +318,8 @@ odp_crypto_alg_err_t cipher_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t cipher_len = param->cipher_range.length; - int plain_len = 0; void *iv_ptr; + int ret; if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -248,9 +328,6 @@ odp_crypto_alg_err_t cipher_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - /* Decrypt it */ ctx = EVP_CIPHER_CTX_new(); EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, @@ -258,13 +335,12 @@ odp_crypto_alg_err_t cipher_decrypt(odp_crypto_op_param_t *param, EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); - EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); - - EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len); + ret = internal_decrypt(ctx, param); EVP_CIPHER_CTX_free(ctx); - return ODP_CRYPTO_ALG_ERR_NONE; + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; } static int process_cipher_param(odp_crypto_generic_session_t *session, @@ -299,13 +375,12 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t plain_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; void *iv_ptr; - int cipher_len = 0; - uint8_t *tag = data + param->hash_result_offset; + int dummy_len = 0; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret; if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -314,9 +389,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - /* Encrypt it */ ctx = EVP_CIPHER_CTX_new(); EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, @@ -328,18 +400,20 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, /* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) - EVP_EncryptUpdate(ctx, NULL, &cipher_len, + EVP_EncryptUpdate(ctx, NULL, &dummy_len, aad_head, aad_len); - EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); + ret = internal_encrypt(ctx, param); - EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, - session->p.auth_digest_len, tag); + session->p.auth_digest_len, block); + odp_packet_copy_from_mem(param->out_pkt, param->hash_result_offset, + session->p.auth_digest_len, block); EVP_CIPHER_CTX_free(ctx); - return ODP_CRYPTO_ALG_ERR_NONE; + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; } static @@ -347,13 +421,12 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t cipher_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; - int plain_len = 0; + int dummy_len = 0; void *iv_ptr; - uint8_t *tag = data + param->hash_result_offset; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret; if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -362,9 +435,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - /* Decrypt it */ ctx = EVP_CIPHER_CTX_new(); EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, @@ -374,22 +444,22 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); + odp_packet_copy_to_mem(param->out_pkt, param->hash_result_offset, + session->p.auth_digest_len, block); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, - session->p.auth_digest_len, tag); + session->p.auth_digest_len, block); /* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) - EVP_DecryptUpdate(ctx, NULL, &plain_len, + EVP_DecryptUpdate(ctx, NULL, &dummy_len, aad_head, aad_len); - EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); - - if (EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len) <= 0) - return ODP_CRYPTO_ALG_ERR_ICV_CHECK; + ret = internal_decrypt(ctx, param); EVP_CIPHER_CTX_free(ctx); - return ODP_CRYPTO_ALG_ERR_NONE; + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK: + ODP_CRYPTO_ALG_ERR_NONE; } static int process_aes_gcm_param(odp_crypto_generic_session_t *session,