From patchwork Tue Dec 19 17:00:19 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122394 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4414259qgn; Tue, 19 Dec 2017 09:01:53 -0800 (PST) X-Google-Smtp-Source: ACJfBotQEFSIH5l8o9qJ514OE9UFJEdA/NVH1wWntHXwOWb8s0TlVjUAZJ8pFz6e8RU0UFqvfrim X-Received: by 10.37.31.132 with SMTP id f126mr3224457ybf.236.1513702913502; Tue, 19 Dec 2017 09:01:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513702913; cv=none; d=google.com; s=arc-20160816; b=m05uFDoAihuHQe4dm/MCXOjjMROxP/DvklrDsU6f4iFqBJD9JY2jgcRu35bBVRXFzv dJLEv4akbGmvhwLqgDL4AIEmvLPNEkGFEff0o4CARsfEqIfOj3JdlUUlUHRHjlrsunQL x5vPK52bOKSNQKhElGDDWNCbIy3FPNIic7O2UMqz9PulBWVgpohojfeLzkbzh1/8XokP WUmEGW2yXVnCFB0pD3HygAYRqIMVHOSMaE9YtkUDS0ttWZ1CG9iJRtkFh/Hk08lUak3J epCfJXnyyqR/Z276pQ8vUFbn5mjJnaivXf229ioLRo3k2PbLAaO3HKT6ipQjMTDFEfYC A+3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=hQ9fJ+kQrlc8bGmGpBMDuf4qWqKMAxAeqky9t7dMOFQ=; b=W9VjROFzuA1KOO1e54MihwXP0Ii9ctMOgjrII5rsOlJiFqkrKpHpMV94BcuHwBp2v0 VebmxT8WwZM7wd0Kek/90NNOP2v6FWp8Qbl/ExiWOAE1k5WXiSGAvV3q1PPGml2eouKU WbU4wHO5zRaBj7b5sy5RgFjW3u3J/EdPD9RsS0U/6S9QKhakKGR/jqm6m3xoahDqpFCh NfJVWbNxL3f81zrewD/wdkTmMyh8iwbwF/f0frgTe6NFbk0u39l4rGICkq9XJuLK3uy7 Nv+NGoSlObQaLmK/SIPj30TQhcx/0WzUqu+Xsrze1SAQoiPrxwcoC65SlrvMeZ/Giz28 Toiw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id u36si4223604qta.184.2017.12.19.09.01.47; Tue, 19 Dec 2017 09:01:53 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 379AC608E8; Tue, 19 Dec 2017 17:01:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id D29BC60905; Tue, 19 Dec 2017 17:00:37 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id F3BAB60905; Tue, 19 Dec 2017 17:00:33 +0000 (UTC) Received: from forward104p.mail.yandex.net (forward104p.mail.yandex.net [77.88.28.107]) by lists.linaro.org (Postfix) with ESMTPS id 0C95A608DC for ; Tue, 19 Dec 2017 17:00:26 +0000 (UTC) Received: from mxback4g.mail.yandex.net (mxback4g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:165]) by forward104p.mail.yandex.net (Yandex) with ESMTP id 317BE1844D7 for ; Tue, 19 Dec 2017 20:00:24 +0300 (MSK) Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [2a02:6b8:0:1a2d::28]) by mxback4g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id YjVR0Fy6LH-0Og8bq3M; Tue, 19 Dec 2017 20:00:24 +0300 Received: by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id HFnVNhcljF-0MY0iMql; Tue, 19 Dec 2017 20:00:23 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 19 Dec 2017 20:00:19 +0300 Message-Id: <1513702821-14165-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513702821-14165-1-git-send-email-odpbot@yandex.ru> References: <1513702821-14165-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v1 1/3] api: ipsec: add capabilities for cipher and auth algos X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Currently IPsec uses capabilities from crypto module to report supported key lengths. Crypto capabilities also contain additional data (like digest length, IV len, AAD len, etc. However this data is not relevant for IPsec, as most of such variables are fixed by protocol standards. To simplify application code provide copies of cipher and auth capabilities structures containing only relevant data (key lengths). Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 5ee11c14916c7183b28645df094cf6f6a4f4fab6 **/ include/odp/api/spec/ipsec.h | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/include/odp/api/spec/ipsec.h b/include/odp/api/spec/ipsec.h index 538472a5e..731cd10de 100644 --- a/include/odp/api/spec/ipsec.h +++ b/include/odp/api/spec/ipsec.h @@ -280,6 +280,24 @@ typedef struct odp_ipsec_capability_t { } odp_ipsec_capability_t; +/** + * Cipher algorithm capabilities + */ +typedef struct odp_ipsec_cipher_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_cipher_capability_t; + +/** + * Authentication algorithm capabilities + */ +typedef struct odp_ipsec_auth_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_auth_capability_t; + /** * IPSEC configuration options */ @@ -744,7 +762,7 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa); * @retval <0 on failure */ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num); + odp_ipsec_cipher_capability_t capa[], int num); /** * Query supported IPSEC authentication algorithm capabilities @@ -766,7 +784,7 @@ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, * @retval <0 on failure */ int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num); + odp_ipsec_auth_capability_t capa[], int num); /** * Initialize IPSEC configuration options From patchwork Tue Dec 19 17:00:20 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122393 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4413250qgn; Tue, 19 Dec 2017 09:01:20 -0800 (PST) X-Google-Smtp-Source: ACJfBovBHhjB7cGra9ppzNhytXpFWTih8Dr1H8yrqlB7qHDZ+2vEMKe3V7PyES0X636+thDlgTG2 X-Received: by 10.13.206.66 with SMTP id q63mr2880526ywd.188.1513702880409; Tue, 19 Dec 2017 09:01:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513702880; cv=none; d=google.com; s=arc-20160816; b=zqFvxjJ4rcCYwlYOzggS0/oW3Pxg8cHSX5IokjY8UBe0VbIDUwpIgZFLghHzg21FhJ BIIlsE668PBG11CWsBmwmySYFKVW6ejmERU4FHeiymN7PjMnsapeAbdZTwqoOdEKHeb2 5Sf76pyai/3+Xgi30hz0EvIqN3PGckUMG5xxwzNTMqfzBl4HX3j3GlGegfXA6mOVculR RDhhgzu/9meg6EuMIzo3HnxQbSfuNorA08GSomenWZKcbPDkBjUVkna6z9pbHjf9MeK+ uoNkJ7sDd3f1lSwnrSZudfOoP7Segkv4rWJzR3i3UzMWpka/QollzpTqAMq/QrJkkvLk xZ4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=JJNtojUu4jngwZ9Wgf0pRdNyPmMpB2xx78akQuzK7TQ=; b=Cwtf4WT4u+uBh3PNC7ZnMGmQC7ejhIg4N5iIBF6vURz/fje/oRqym/ZYGqtMdgpw8d Owqy0Cns9zEc5qCAfYJdNi6KQI+ThvtgLVwmJRkKL+NqhmGcH74rT/n1GoW0gb8ippyo HpnOhesE5NElYOJkuM8WnwmsiU0ne4u7jlt/6+j4J3d9fYk5/skgVEgEjq+nZ2oREY1G Wyv5Cs2ekb5RV75oxP6xsZTZ3NrAnkrLTGkAkQU7LEqQnCbN4fJZuqCMqUm+hpZ5vtAg yYb0Gum/1sy6HMNPS1Ux8PWHaSes1LLiLoQg9me+JS9E0tmQ7dO3phTxEbulSzBxxWuZ UEfw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id l57si76488qtk.219.2017.12.19.09.01.18; Tue, 19 Dec 2017 09:01:20 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 83461608E7; Tue, 19 Dec 2017 17:01:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 7CC0F608E8; Tue, 19 Dec 2017 17:00:33 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id DF06F608CE; Tue, 19 Dec 2017 17:00:30 +0000 (UTC) Received: from forward103j.mail.yandex.net (forward103j.mail.yandex.net [5.45.198.246]) by lists.linaro.org (Postfix) with ESMTPS id 240FD60872 for ; Tue, 19 Dec 2017 17:00:29 +0000 (UTC) Received: from mxback10o.mail.yandex.net (mxback10o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::24]) by forward103j.mail.yandex.net (Yandex) with ESMTP id 81EDC34C2F0E for ; Tue, 19 Dec 2017 20:00:27 +0300 (MSK) Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [2a02:6b8:0:1a2d::28]) by mxback10o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id bGBjvIceYl-0RqCGkID; Tue, 19 Dec 2017 20:00:27 +0300 Received: by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id HFnVNhcljF-0OYmxSg7; Tue, 19 Dec 2017 20:00:26 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 19 Dec 2017 20:00:20 +0300 Message-Id: <1513702821-14165-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513702821-14165-1-git-send-email-odpbot@yandex.ru> References: <1513702821-14165-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v1 2/3] validation: ipsec: adapt to crypto capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 5ee11c14916c7183b28645df094cf6f6a4f4fab6 **/ test/validation/api/ipsec/ipsec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 097216730..47170e086 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -126,8 +126,8 @@ int ipsec_check(odp_bool_t ah, uint32_t auth_bits) { odp_ipsec_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + odp_ipsec_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_ipsec_auth_capability_t auth_capa[MAX_ALG_CAPA]; int i, num; odp_bool_t found; From patchwork Tue Dec 19 17:00:21 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122395 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4416225qgn; Tue, 19 Dec 2017 09:02:58 -0800 (PST) X-Google-Smtp-Source: ACJfBoutXYzNUwCszDd6Dkx+CQ42IhnV/yvjpdDO0h7ZKHYDiRHvD3RTfZueDvBic+56Hem7KGVl X-Received: by 10.55.92.65 with SMTP id q62mr5306124qkb.154.1513702978260; Tue, 19 Dec 2017 09:02:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513702978; cv=none; d=google.com; s=arc-20160816; b=qKFs+S4bHKPizfozSSaxxOs1RF7zgKv2DkMSmRJT97TXgKi/M01JNZOxoxzs/AdiES kEkg1ZhMpJVPS/3rHl9vdqlKyssOiNvQsCT+6U77Btiby4fXaCzw9Qdzg+pwasJnWGzw DyEFQi3Ltfq1hvP8DwayHpmxNQ7znCffYTADbZg82xUOr0rgEYQLl+JkaOtF04kj2zSX 7heIqpgShJKTmM7s2he4oDqZKRcEkhyU86PSa4/kYAz26i+0mLt7u/GzKFXzhBebubaE qSCHMJr8UCdA765HJMUuzl8pZpuL7YyfU+dAMYwxxpepc+1rXJDeWy+iYGRSfd7T5w18 KWVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=qUsHVBsCHE7656rmL7IJba9apKrFh9V4zzXAkHGdoVo=; b=rLJIP60LU+vVbHDnaPphAdFbToVOtxSfEH8x6Mgcmbx4zCGNSUq6aZJYKrRG7n7xK8 abqY4tTCMdL6FJMmQl7YEJ4NIk0zINKUmd3ewhmsD/fBs4Hfj+Qdf65UxbUi48FFudg0 t4VnrltuKM6pBOgRDRA81MNsJXS3yXyp2nmgFzv1qJ6thD50yUOPTCtyYeJa0wnm7g3W 4K4wI81I+CQjj7B4yVq4wmshO67R57izSt35EGhTF56UhdxBPuPK+rsj5za+NLzoIaV3 Lqz0W1DH8vPjhLgrAxwa7c1ZQGX5JgkRd3L9IjN7qM+zN++GohCvJv0KTypipqM+jqjx Fzog== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id p34si3427957qtb.271.2017.12.19.09.02.40; Tue, 19 Dec 2017 09:02:58 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 9344860911; Tue, 19 Dec 2017 17:02:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 5738C60A6E; Tue, 19 Dec 2017 17:00:57 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 9C0A160975; Tue, 19 Dec 2017 17:00:52 +0000 (UTC) Received: from forward101j.mail.yandex.net (forward101j.mail.yandex.net [5.45.198.241]) by lists.linaro.org (Postfix) with ESMTPS id 1FC2A608E2 for ; Tue, 19 Dec 2017 17:00:32 +0000 (UTC) Received: from mxback14j.mail.yandex.net (mxback14j.mail.yandex.net [IPv6:2a02:6b8:0:1619::90]) by forward101j.mail.yandex.net (Yandex) with ESMTP id B81011241F52 for ; Tue, 19 Dec 2017 20:00:28 +0300 (MSK) Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [2a02:6b8:0:1a2d::28]) by mxback14j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 4AHHKvVGEA-0S2Ssnco; Tue, 19 Dec 2017 20:00:28 +0300 Received: by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id HFnVNhcljF-0RYm84rN; Tue, 19 Dec 2017 20:00:27 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 19 Dec 2017 20:00:21 +0300 Message-Id: <1513702821-14165-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513702821-14165-1-git-send-email-odpbot@yandex.ru> References: <1513702821-14165-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v1 3/3] linux-gen: ipsec: adapt to capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 5ee11c14916c7183b28645df094cf6f6a4f4fab6 **/ .../linux-generic/include/odp_ipsec_internal.h | 6 ++ platform/linux-generic/odp_ipsec.c | 48 ++++++++++- platform/linux-generic/odp_ipsec_sad.c | 99 ++++++++++++++-------- 3 files changed, 115 insertions(+), 38 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index c6f241fac..70a583c5b 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -206,6 +206,12 @@ typedef struct ODP_PACKED { odp_u32be_t seq_no; /**< Sequence Number */ } ipsec_aad_t; +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher); + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth); + /** * Obtain SA reference */ diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 4f23eb17b..89a05acdb 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -58,15 +58,55 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa) } int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num) + odp_ipsec_cipher_capability_t capa[], int num) { - return odp_crypto_cipher_capability(cipher, capa, num); + int caps = odp_crypto_cipher_capability(cipher, NULL, 0); + odp_crypto_cipher_capability_t crypto_capa[caps]; + uint32_t req_iv_len; + int rc, i, out; + + rc = odp_crypto_cipher_capability(cipher, crypto_capa, caps); + if (rc <= 0) + return rc; + + req_iv_len = _odp_ipsec_cipher_iv_len(cipher); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].iv_len != req_iv_len) + continue; + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out ++; + } + + return out; } int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num) + odp_ipsec_auth_capability_t capa[], int num) { - return odp_crypto_auth_capability(auth, capa, num); + int caps = odp_crypto_auth_capability(auth, NULL, 0); + odp_crypto_auth_capability_t crypto_capa[caps]; + uint32_t req_digest_len; + int rc, i, out; + + rc = odp_crypto_auth_capability(auth, crypto_capa, caps); + if (rc <= 0) + return rc; + + req_digest_len = _odp_ipsec_auth_digest_len(auth); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].digest_len != req_digest_len) + continue; + + /* FIXME: check AAD len for AES_GCM/AES128_GCM */ + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out ++; + } + + return out; } void odp_ipsec_config_init(odp_ipsec_config_t *config) diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 2d6321166..a3c7069a7 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -190,12 +190,66 @@ void odp_ipsec_sa_param_init(odp_ipsec_sa_param_t *param) param->dest_queue = ODP_QUEUE_INVALID; } +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return 0; + case ODP_CIPHER_ALG_DES: + case ODP_CIPHER_ALG_3DES_CBC: + return 8; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_CBC: +#endif + case ODP_CIPHER_ALG_AES_CBC: + case ODP_CIPHER_ALG_AES_CTR: + return 16; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_GCM: +#endif + case ODP_CIPHER_ALG_AES_GCM: + return 12; + default: + return (uint32_t)-1; + } +} + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return 0; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_MD5_96: +#endif + case ODP_AUTH_ALG_MD5_HMAC: + case ODP_AUTH_ALG_SHA1_HMAC: + return 12; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_SHA256_128: +#endif + case ODP_AUTH_ALG_SHA256_HMAC: + return 16; + case ODP_AUTH_ALG_SHA512_HMAC: + return 32; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_AES128_GCM: +#endif + case ODP_AUTH_ALG_AES_GCM: + case ODP_AUTH_ALG_AES_GMAC: + return 16; + default: + return (uint32_t)-1; + } +} + odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) { ipsec_sa_t *ipsec_sa; odp_crypto_session_param_t crypto_param; odp_crypto_ses_create_err_t ses_create_rc; - uint32_t aad_len = 0; ipsec_sa = ipsec_sa_reserve(); if (NULL == ipsec_sa) { @@ -297,17 +351,21 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) crypto_param.auth_alg = param->crypto.auth_alg; crypto_param.auth_key = param->crypto.auth_key; + crypto_param.iv.length = + _odp_ipsec_cipher_iv_len(crypto_param.cipher_alg); + + crypto_param.auth_digest_len = + _odp_ipsec_auth_digest_len(crypto_param.auth_alg); + switch (crypto_param.cipher_alg) { case ODP_CIPHER_ALG_NULL: ipsec_sa->esp_iv_len = 0; ipsec_sa->esp_block_len = 1; - crypto_param.iv.length = 0; break; case ODP_CIPHER_ALG_DES: case ODP_CIPHER_ALG_3DES_CBC: ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 8; - crypto_param.iv.length = 8; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_CBC: @@ -315,14 +373,12 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) case ODP_CIPHER_ALG_AES_CBC: ipsec_sa->esp_iv_len = 16; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; case ODP_CIPHER_ALG_AES_CTR: ipsec_sa->use_counter_iv = 1; ipsec_sa->aes_ctr_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_GCM: @@ -331,40 +387,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 12; break; default: goto error; } switch (crypto_param.auth_alg) { - case ODP_AUTH_ALG_NULL: - ipsec_sa->icv_len = 0; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_MD5_96: -#endif - case ODP_AUTH_ALG_MD5_HMAC: - ipsec_sa->icv_len = 12; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - ipsec_sa->icv_len = 12; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_SHA256_128: -#endif - case ODP_AUTH_ALG_SHA256_HMAC: - ipsec_sa->icv_len = 16; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - ipsec_sa->icv_len = 32; - break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: #endif case ODP_AUTH_ALG_AES_GCM: - ipsec_sa->icv_len = 16; - aad_len = sizeof(ipsec_aad_t); + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); break; case ODP_AUTH_ALG_AES_GMAC: if (ODP_CIPHER_ALG_NULL != crypto_param.cipher_alg) @@ -372,19 +405,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - ipsec_sa->icv_len = 16; crypto_param.iv.length = 12; break; - default: - goto error; + deafult: + break; } if (1 == ipsec_sa->use_counter_iv && ODP_IPSEC_DIR_OUTBOUND == param->dir) odp_atomic_init_u64(&ipsec_sa->out.counter, 1); - crypto_param.auth_digest_len = ipsec_sa->icv_len; - crypto_param.auth_aad_len = aad_len; + ipsec_sa->icv_len = crypto_param.auth_digest_len; if (param->crypto.cipher_key_extra.length) { if (param->crypto.cipher_key_extra.length >