From patchwork Tue Dec 19 23:00:12 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122412 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4792389qgn; Tue, 19 Dec 2017 15:01:47 -0800 (PST) X-Google-Smtp-Source: ACJfBourpL4x1E2egoqFyncv2g3Qrmyl3keujWBuHfmJTTD7ADZHF9YOEZDY6D9iU9Jidj61/bJL X-Received: by 10.55.165.213 with SMTP id o204mr3560464qke.300.1513724507688; Tue, 19 Dec 2017 15:01:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513724507; cv=none; d=google.com; s=arc-20160816; b=07Csauq/167iZrCwkCR/tHDOrhHr3O94G3AByyfJsmoG1qV9MgPKgT+ZxulT5whcEf 4GYVAJMquoU80ZqdGouO8WsR1U8BhJ08UWLvQZjdreMvlWeGPTFNCdNwuaYyF8o3T+EZ kLlNICRXmaHIDL5dgXSEEWiXyY4UphYYIGV0Kh9PSagDpMLIFrNtJXrhaov+BOQsiL0b f4XjWtT0hPwfQaZmWUtgA60TbRBDYbKJsahnT2O654wJnhbODul8PMLb/Pt3b7S3L+Dk zpOaBH1WXTPUCFtTMMcPrEB9c0ems5Ny5tDTCNQ66jMlA6uQ1RU5mcmt8R5nBoI1mIt1 jJ5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=UKu8IB3//OMFdUVa0yOKtczFqtiqS/MssBeghbnKrVw=; b=QYrUeylTi/q0rlaW9sTHVyYfWX2kTurWKh3m09hSTCkOkobxrkW1qNS+2wGZEOPl9I eOYBHdln9bxzZvPQG7UAA9n4dbM4ylTlpqZHNYYnpEwBM0u4FEr4df7K9EtTS3v/s0tH fSsTJENHFVWgRTYsh4ppOV+Z33iuuPZSI9Roj0doD5AIOIutiufgv257cGcIT0LfvcON scHSKlXX8gmE9o88Wy0WU6qOPw5lMH2eHIDY5tp14re+rip0S7gejsuELhOgPxe+C7Qe xowUbv1zoeug0WYdI/Rb85oeVMnDjXeobe0spqD42KP7lWBkE/SDV21CLBO4ex8vsvK4 KP9g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id v14si1064115qka.167.2017.12.19.15.01.47; Tue, 19 Dec 2017 15:01:47 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 538DB608E7; Tue, 19 Dec 2017 23:01:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id EE5F5608DC; Tue, 19 Dec 2017 23:01:01 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id CC103608E7; Tue, 19 Dec 2017 23:00:53 +0000 (UTC) Received: from forward104o.mail.yandex.net (forward104o.mail.yandex.net [37.140.190.179]) by lists.linaro.org (Postfix) with ESMTPS id 596BB608E7 for ; Tue, 19 Dec 2017 23:00:24 +0000 (UTC) Received: from mxback5o.mail.yandex.net (mxback5o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1f]) by forward104o.mail.yandex.net (Yandex) with ESMTP id E0F8F702D1F for ; Wed, 20 Dec 2017 02:00:22 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback5o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 1LF5r3W5Hr-0G50k28G; Wed, 20 Dec 2017 02:00:16 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id U73IVpNz26-0GNG8Hdi; Wed, 20 Dec 2017 02:00:16 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 02:00:12 +0300 Message-Id: <1513724415-24899-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513724415-24899-1-git-send-email-odpbot@yandex.ru> References: <1513724415-24899-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 352 Subject: [lng-odp] [PATCH API-NEXT v1 1/4] linux-gen: crypto: move session type to odp_crypto module X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov There is no point in having odp_crypto_generic_session_t definition in global include file. Move it to odp_crypto module. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: ceb7bff0f74da9fec7efa8d45d3078c2485ca305 **/ platform/linux-generic/Makefile.am | 1 - .../linux-generic/include/odp_crypto_internal.h | 73 ---------------------- platform/linux-generic/odp_crypto.c | 46 +++++++++++++- 3 files changed, 44 insertions(+), 76 deletions(-) delete mode 100644 platform/linux-generic/include/odp_crypto_internal.h diff --git a/platform/linux-generic/Makefile.am b/platform/linux-generic/Makefile.am index 4371e7a99..5f00e3f6e 100644 --- a/platform/linux-generic/Makefile.am +++ b/platform/linux-generic/Makefile.am @@ -138,7 +138,6 @@ noinst_HEADERS = \ include/odp_classification_inlines.h \ include/odp_classification_internal.h \ include/odp_config_internal.h \ - include/odp_crypto_internal.h \ include/odp_debug_internal.h \ include/odp_errno_define.h \ include/odp_forward_typedefs_internal.h \ diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h deleted file mode 100644 index 32178d9de..000000000 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ /dev/null @@ -1,73 +0,0 @@ -/* Copyright (c) 2014, Linaro Limited - * All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef ODP_CRYPTO_INTERNAL_H_ -#define ODP_CRYPTO_INTERNAL_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#define MAX_IV_LEN 64 -#define OP_RESULT_MAGIC 0x91919191 - -/** Forward declaration of session structure */ -typedef struct odp_crypto_generic_session odp_crypto_generic_session_t; - -/** - * Algorithm handler function prototype - */ -typedef -odp_crypto_alg_err_t (*crypto_func_t)(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session); - -/** - * Per crypto session data structure - */ -struct odp_crypto_generic_session { - struct odp_crypto_generic_session *next; - - /* Session creation parameters */ - odp_crypto_session_param_t p; - - odp_bool_t do_cipher_first; - - struct { - /* Copy of session IV data */ - uint8_t iv_data[MAX_IV_LEN]; - uint8_t key_data[EVP_MAX_KEY_LENGTH]; - - const EVP_CIPHER *evp_cipher; - crypto_func_t func; - } cipher; - - struct { - uint8_t key[EVP_MAX_KEY_LENGTH]; - uint32_t key_length; - union { - const EVP_MD *evp_md; - const EVP_CIPHER *evp_cipher; - }; - crypto_func_t func; - } auth; -}; - -/** - * Per session creation operation result - */ -typedef struct odp_crypto_generic_session_result { - odp_crypto_ses_create_err_t rc; - odp_crypto_session_t session; -} odp_crypto_generic_session_result_t; - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index b9cc21a15..811d3fc03 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -15,7 +15,6 @@ #include #include #include -#include #include #include #include @@ -89,6 +88,49 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +/** Forward declaration of session structure */ +typedef struct odp_crypto_generic_session_t odp_crypto_generic_session_t; + +/** + * Algorithm handler function prototype + */ +typedef +odp_crypto_alg_err_t (*crypto_func_t)(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session); + +/** + * Per crypto session data structure + */ +struct odp_crypto_generic_session_t { + odp_crypto_generic_session_t *next; + + /* Session creation parameters */ + odp_crypto_session_param_t p; + + odp_bool_t do_cipher_first; + + struct { + /* Copy of session IV data */ + uint8_t iv_data[EVP_MAX_IV_LENGTH]; + uint8_t key_data[EVP_MAX_KEY_LENGTH]; + + const EVP_CIPHER *evp_cipher; + crypto_func_t func; + } cipher; + + struct { + uint8_t key[EVP_MAX_KEY_LENGTH]; + uint32_t key_length; + uint32_t bytes; + union { + const EVP_MD *evp_md; + const EVP_CIPHER *evp_cipher; + }; + crypto_func_t func; + } auth; +}; + typedef struct odp_crypto_global_s odp_crypto_global_t; struct odp_crypto_global_s { @@ -857,7 +899,7 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, /* Copy parameters */ session->p = *param; - if (session->p.iv.length > MAX_IV_LEN) { + if (session->p.iv.length > EVP_MAX_IV_LENGTH) { ODP_DBG("Maximum IV length exceeded\n"); *status = ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER; goto err; From patchwork Tue Dec 19 23:00:13 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122411 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4791449qgn; Tue, 19 Dec 2017 15:01:05 -0800 (PST) X-Google-Smtp-Source: ACJfBouCfH5zpdZaxVtfNhxpKUzLrxrsyAP6VHgnNjFZ/8tF01gkoh90d5EHne4AEouFqxUYOk2X X-Received: by 10.200.52.146 with SMTP id w18mr7589811qtb.228.1513724465269; Tue, 19 Dec 2017 15:01:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513724465; cv=none; d=google.com; s=arc-20160816; b=bWx5oQTQ4ISx+J7akn3GlEIU1vmIl3j8JgbBBoogZez6FhUzFeaRTQBceCP0A0RG6p 60LAFlECmU1Fzz0dzNQWyjchl2arT8g2beN09gpD+fXc7jrEtnIiPhYARxYAoN5eMRyC OTRfzCAbc/Oy2XnourrG9QCuxI9qddpeOBQVwTunOL0EZd69Lj1rukWe2xoMF1YeXpD9 BWV2EWcMBXHOGUdZgq5UMLDIW+Uc5C+oEntIAoPvq7WlMH2hOBwZkU7aDKDMAy20llMK 7O6OLnKYdNZ5+0t5+UzJwoCBfKewyqXUOzcJS9tQFvbmMx1CaMXqWwqv/HcPNnI7T0/d ODuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=W75If70YfGXJHl+ADwGDP4Mmc8J3pWy//2it59CKxEY=; b=Ppna/7n4axSmaPM99FXoDYqpRbn4bZGn43TG2B5gVfuRfW8ikb+gqS6erxbjhEoeDp GzfNGN9BGn1PfbDAZoBUyBaFrQZMlZvDutAtOSE9NUQE7/YZq2YIuWwP4DfpsR4zkwmg qvrdJehk3l4yzDjt0Jb4OOs1ohSXmxCmM2LEHElS+phMJIZIgT7kVH8IMj8aCbmkAcR8 AwB7Dwz3KMF7VOcekVFYgfGyYn/LvFb+ufaPqkV/hndWS89AeOfFYphjbguQG1gJfb4T PJX/toZARBMnH3bGSBM8lBuyvEnBDfInMOVADw7/pxXW1AGWFQm6MMoA9gcI3OUUHGeo iMfA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id e17si1636851qki.137.2017.12.19.15.01.04; Tue, 19 Dec 2017 15:01:05 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 99CFD60922; Tue, 19 Dec 2017 23:01:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 7B3C2608CC; Tue, 19 Dec 2017 23:00:57 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id DE3B3608EE; Tue, 19 Dec 2017 23:00:52 +0000 (UTC) Received: from forward106p.mail.yandex.net (forward106p.mail.yandex.net [77.88.28.109]) by lists.linaro.org (Postfix) with ESMTPS id F228A608E8 for ; Tue, 19 Dec 2017 23:00:24 +0000 (UTC) Received: from mxback6o.mail.yandex.net (mxback6o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::20]) by forward106p.mail.yandex.net (Yandex) with ESMTP id 77ED72D82710 for ; Wed, 20 Dec 2017 02:00:23 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback6o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id orSZq0A1qk-0ND4Ngpx; Wed, 20 Dec 2017 02:00:23 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id U73IVpNz26-0MNaEsUp; Wed, 20 Dec 2017 02:00:22 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 02:00:13 +0300 Message-Id: <1513724415-24899-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513724415-24899-1-git-send-email-odpbot@yandex.ru> References: <1513724415-24899-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 352 Subject: [lng-odp] [PATCH API-NEXT v1 2/4] api: crypto: add separate auth IV X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov GMAC auth algorithm requires IV to work. Instead of hacking the ODP_CIPHER_ALG_NULL iv to include value for ODP_AUTH_ALG_GMAC, provide separate iv (in auth capability, session params and operation params). Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: ceb7bff0f74da9fec7efa8d45d3078c2485ca305 **/ include/odp/api/spec/crypto.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 293c15c6e..45cd9c37e 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -327,6 +327,9 @@ typedef struct odp_crypto_session_param_t { */ odp_crypto_key_t auth_key; + /** Authentication Initialization Vector (IV) */ + odp_crypto_iv_t auth_iv; + /** Authentication digest length in bytes * * Use odp_crypto_auth_capability() for supported digest lengths. @@ -397,6 +400,9 @@ typedef struct odp_crypto_op_param_t { /** Override session IV pointer */ uint8_t *override_iv_ptr; + /** Override session authentication IV pointer */ + uint8_t *override_auth_iv_ptr; + /** Offset from start of packet for hash result * * Specifies the offset where the hash result is to be stored. In case @@ -437,6 +443,9 @@ typedef struct odp_crypto_packet_op_param_t { /** Override session IV pointer */ uint8_t *override_iv_ptr; + /** Override session authentication IV pointer */ + uint8_t *override_auth_iv_ptr; + /** Offset from start of packet for hash result * * Specifies the offset where the hash result is to be stored. In case @@ -606,6 +615,9 @@ typedef struct odp_crypto_auth_capability_t { /** Key length in bytes */ uint32_t key_len; + /** IV length in bytes */ + uint32_t iv_len; + /** Additional Authenticated Data (AAD) lengths */ struct { /** Minimum AAD length in bytes */ From patchwork Tue Dec 19 23:00:14 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122413 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4793277qgn; Tue, 19 Dec 2017 15:02:28 -0800 (PST) X-Google-Smtp-Source: ACJfBouL6zGDUoL9+XXTM6S2xJ5wWrWz+qhVpBCoYWKPLOzl9tgw3dblm+WWF53wsNtcS7sye4UY X-Received: by 10.55.197.6 with SMTP id p6mr6887903qki.223.1513724548120; Tue, 19 Dec 2017 15:02:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513724548; cv=none; d=google.com; s=arc-20160816; b=upAV8drGVOpPsv/9ZqN8iM17so+Hi1P8WNCoERZfEw6vikBblpQPPZeTahhz4/zcaB wWuOpzB22Hi9bELuxNJll0K0iI3gn9l9/9bc0grNKu2k47iESU1btig3oJ2KheXK+OjP xFbgbTTz99qQalR87i5CSjETRC/9DVj39n5GriaN5GxK0e7RTIFeLyVn58vBEeygTQ7g 3bWLdOC9TRH2uYZyLNH9ms/yFMU8j1CNi0JtAQEM5SKdf3N0RA/QCFEU42VDWH1Sg/y7 mw6e3V0Zt//NYDskJEfKfqskVs6c6M84w4HL5dUDb5mzPKENgYiCrO8a4V/8Cdyk9hq8 48CQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=K2XGw7uSs/L5/LW6chulgvy6wsshCUYRfPzQsM3otzs=; b=xnSPA3MtTWr2AisOQB30EJFPfumkIUuXQMHFb57UXsWh1bLzZ+kQBWut4tKvHIm/SM Svue03iuglZ/1cKKkakgUYPWIJstZzfqLGSR3W2RrUvCfmyiiV0J40WDjDolZ/MGirON Y11niT98sjhxtV/XN4krCDkv0z+TgVaK9E8SDdtNVFydqcmpWZ+HVF+V9tCxtr7wsF6/ pQvtfTH/alTo9YfiYD1+bM/fLN+pVzK9WAWiYUboQlbeksoFrRPXLP2J0FdnJElPJSl9 3B8oGsUoLDkxIOOPBempp9l1DJAORnz3zMFuepkRqIvIdqpulo5nJoWaAiCr9jEwgDrr Ck4g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id t69si8741444qka.467.2017.12.19.15.02.27; Tue, 19 Dec 2017 15:02:28 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id C24DB608FD; Tue, 19 Dec 2017 23:02:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 5DC4B60911; Tue, 19 Dec 2017 23:01:05 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 40CCD608E7; Tue, 19 Dec 2017 23:00:54 +0000 (UTC) Received: from forward101o.mail.yandex.net (forward101o.mail.yandex.net [37.140.190.181]) by lists.linaro.org (Postfix) with ESMTPS id 391DB608FD for ; Tue, 19 Dec 2017 23:00:25 +0000 (UTC) Received: from mxback6j.mail.yandex.net (mxback6j.mail.yandex.net [IPv6:2a02:6b8:0:1619::10f]) by forward101o.mail.yandex.net (Yandex) with ESMTP id E4EBA1341A0E for ; Wed, 20 Dec 2017 02:00:23 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback6j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id gVFyQElq36-0NTKQHq6; Wed, 20 Dec 2017 02:00:23 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id U73IVpNz26-0NNGxh8u; Wed, 20 Dec 2017 02:00:23 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 02:00:14 +0300 Message-Id: <1513724415-24899-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513724415-24899-1-git-send-email-odpbot@yandex.ru> References: <1513724415-24899-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 352 Subject: [lng-odp] [PATCH API-NEXT v1 3/4] validation: crypto: use auth IV for GMAC test case X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Change GMAC testing code to use new auth IV fields. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: ceb7bff0f74da9fec7efa8d45d3078c2485ca305 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 11 +++++++++-- test/validation/api/crypto/test_vectors.h | 8 +++++--- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index cba472ded..9c2303ac5 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -314,6 +314,10 @@ static void alg_test(odp_crypto_op_t op, .data = ovr_iv ? NULL : ref->iv, .length = ref->iv_length }; + odp_crypto_iv_t auth_iv = { + .data = ovr_iv ? NULL : ref->auth_iv, + .length = ref->auth_iv_length + }; int num, i; int found; @@ -407,6 +411,7 @@ static void alg_test(odp_crypto_op_t op, /* Search for the test case */ for (i = 0; i < num; i++) { if (auth_capa[i].digest_len == ref->digest_length && + auth_capa[i].iv_len == auth_iv.length && auth_capa[i].key_len == auth_key.length) { found = 1; break; @@ -415,8 +420,9 @@ static void alg_test(odp_crypto_op_t op, if (!found) { printf("\n Unsupported: alg=%s, key_len=%" PRIu32 ", " - "digest_len=%" PRIu32 "\n", auth_alg_name(auth_alg), - auth_key.length, ref->digest_length); + "digest_len=%" PRIu32 ", iv_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), auth_key.length, + ref->digest_length, auth_iv.length); return; } @@ -432,6 +438,7 @@ static void alg_test(odp_crypto_op_t op, ses_params.output_pool = suite_context.pool; ses_params.cipher_key = cipher_key; ses_params.iv = iv; + ses_params.auth_iv = auth_iv; ses_params.auth_key = auth_key; ses_params.auth_digest_len = ref->digest_length; ses_params.auth_aad_len = ref->aad_length; diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index f2ce9eb2f..90b020356 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -16,6 +16,8 @@ typedef struct crypto_test_reference_s { uint8_t auth_key[MAX_KEY_LEN]; uint32_t iv_length; uint8_t iv[MAX_IV_LEN]; + uint32_t auth_iv_length; + uint8_t auth_iv[MAX_IV_LEN]; uint32_t length; uint8_t plaintext[MAX_DATA_LEN]; uint8_t ciphertext[MAX_DATA_LEN]; @@ -447,9 +449,9 @@ static crypto_test_reference_t aes_gmac_reference[] = { .auth_key_length = AES128_GCM_KEY_LEN, .auth_key = { 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34}, - .iv_length = AES_GCM_IV_LEN, - .iv = { 0x22, 0x43, 0x3c, 0x64, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }, + .auth_iv_length = AES_GCM_IV_LEN, + .auth_iv = { 0x22, 0x43, 0x3c, 0x64, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, .length = 68, .plaintext = { 0x00, 0x00, 0x43, 0x21, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, From patchwork Tue Dec 19 23:00:15 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122414 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4794891qgn; Tue, 19 Dec 2017 15:03:46 -0800 (PST) X-Google-Smtp-Source: ACJfBovSYIEOzrmMEwJtUbgTufkGnfagaDqB+rE73OO2DsvWc90fxxRf/X7rHNKsRRzdK7KBtstA X-Received: by 10.55.72.66 with SMTP id v63mr7326240qka.92.1513724626699; Tue, 19 Dec 2017 15:03:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513724626; cv=none; d=google.com; s=arc-20160816; b=JAtkwDNyV3NbSp21PRo9gyU6/Z7v3bZ21SHMb9ZFp3v57gjK3b8PMUNtzmF3VV9BEA CbnEMrWrFq0xn0Vr1g0aAKtOmSQRkBZvBc7hYCYXOjg7/yTtXh4jlduTh+6TxvYfG5Mq Iiiwmuwr8VGrwnkxsWfCaQc702WphLXIj+Vx6iZSi0ypP44+rcl/b73CWOmJtdKV562W CukKHYzDtGApEafQQe5G+k9hI6HdvjtX2tqa1cQhhv8/eEjTRQUz/4bZ/isV1l3vQ85J 2RDLFW/GOJMFWW5XFoSwP5bk0bAx73fdg8wR3vJXfFKXrTAoL/Rk9bD+LQ4wrAZhBEU0 11Bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=EAwkUQLZr1Cq56WopNSg01bzO+3VR/DUsXy2ELE2biw=; b=wCUdaVQRPeRlJi6wWoZBZ15444IdZEBuUeD+E4JdMqtNNZhAITVyA87BbQrc+42eqw tFrju65IuE4+yhii261Uc4+qDW/jfdW9gMEm96Hu+ClCRg8Z92C0XnK5GYydpl6GMtyz i1+yg3N+btOi6QsyRmQNia0jBhLrXr5G7fw9fU9bVNqRFKTCTRK5D+K0D/d+4gJ8yxEr jS/DePqbV2X4TPj8MvVTF7IPuInfPo/r84TclDi138E9XLZ6PLxd6NomrPlP64CI2PZT h/atZVcAlc5g11sLCdxsE7xTW5iIv5XWbIAVk1Zi4ZKEUCEJPdwgut1xS7XomR779KiX 28eQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id q73si137918qkq.4.2017.12.19.15.03.46; Tue, 19 Dec 2017 15:03:46 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 639466096B; Tue, 19 Dec 2017 23:03:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id F2CB060B0E; Tue, 19 Dec 2017 23:01:15 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 21EDF608E7; Tue, 19 Dec 2017 23:00:56 +0000 (UTC) Received: from forward106j.mail.yandex.net (forward106j.mail.yandex.net [5.45.198.249]) by lists.linaro.org (Postfix) with ESMTPS id 469B260859 for ; Tue, 19 Dec 2017 23:00:28 +0000 (UTC) Received: from mxback7o.mail.yandex.net (mxback7o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::21]) by forward106j.mail.yandex.net (Yandex) with ESMTP id 925CF18029AF for ; Wed, 20 Dec 2017 02:00:24 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback7o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id YYIhmFWce5-0OFOrhNq; Wed, 20 Dec 2017 02:00:24 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id U73IVpNz26-0NNG30ew; Wed, 20 Dec 2017 02:00:23 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 02:00:15 +0300 Message-Id: <1513724415-24899-5-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513724415-24899-1-git-send-email-odpbot@yandex.ru> References: <1513724415-24899-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 352 Subject: [lng-odp] [PATCH API-NEXT v1 4/4] linux-generic: crypto, ipsec: use auth_iv. X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Separate handling of authentication IV data. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: ceb7bff0f74da9fec7efa8d45d3078c2485ca305 **/ platform/linux-generic/odp_crypto.c | 35 ++++++++++++++++++++++------------ platform/linux-generic/odp_ipsec.c | 6 ++++-- platform/linux-generic/odp_ipsec_sad.c | 2 +- 3 files changed, 28 insertions(+), 15 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 811d3fc03..67f3a5787 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -36,9 +36,7 @@ * Keep sorted: first by key length, then by IV length */ static const odp_crypto_cipher_capability_t cipher_capa_null[] = { -{.key_len = 0, .iv_len = 0}, -/* Special case for GMAC */ -{.key_len = 0, .iv_len = 12} }; +{.key_len = 0, .iv_len = 0} }; static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = { {.key_len = 24, .iv_len = 8} }; @@ -86,7 +84,8 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { -{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, + .iv_len = 12 } }; /** Forward declaration of session structure */ typedef struct odp_crypto_generic_session_t odp_crypto_generic_session_t; @@ -121,6 +120,7 @@ struct odp_crypto_generic_session_t { struct { uint8_t key[EVP_MAX_KEY_LENGTH]; + uint8_t iv_data[EVP_MAX_IV_LENGTH]; uint32_t key_length; uint32_t bytes; union { @@ -640,10 +640,10 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, uint8_t block[EVP_MAX_MD_SIZE]; int ret; - if (param->override_iv_ptr) - iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) - iv_ptr = session->cipher.iv_data; + if (param->override_auth_iv_ptr) + iv_ptr = param->override_auth_iv_ptr; + else if (session->p.auth_iv.data) + iv_ptr = session->auth.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -679,10 +679,10 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, uint8_t block[EVP_MAX_MD_SIZE]; int ret; - if (param->override_iv_ptr) - iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) - iv_ptr = session->cipher.iv_data; + if (param->override_auth_iv_ptr) + iv_ptr = param->override_auth_iv_ptr; + else if (session->p.auth_iv.data) + iv_ptr = session->auth.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -905,11 +905,21 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, goto err; } + if (session->p.auth_iv.length > EVP_MAX_IV_LENGTH) { + ODP_DBG("Maximum auth IV length exceeded\n"); + *status = ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER; + goto err; + } + /* Copy IV data */ if (session->p.iv.data) memcpy(session->cipher.iv_data, session->p.iv.data, session->p.iv.length); + if (session->p.auth_iv.data) + memcpy(session->auth.iv_data, session->p.auth_iv.data, + session->p.auth_iv.length); + /* Derive order */ if (ODP_CRYPTO_OP_ENCODE == param->op) session->do_cipher_first = param->auth_cipher_text; @@ -1098,6 +1108,7 @@ odp_crypto_operation(odp_crypto_op_param_t *param, packet_param.session = param->session; packet_param.override_iv_ptr = param->override_iv_ptr; + packet_param.override_auth_iv_ptr = param->override_auth_iv_ptr; packet_param.hash_result_offset = param->hash_result_offset; packet_param.aad.ptr = param->aad.ptr; packet_param.cipher_range = param->cipher_range; diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 4f23eb17b..544dbf17c 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -419,6 +419,7 @@ static int ipsec_in_esp(odp_packet_t *pkt, state->in.hdr_len - ipsec_sa->icv_len; param->override_iv_ptr = state->iv; + param->override_auth_iv_ptr = state->iv; state->esp.aad.spi = esp.spi; state->esp.aad.seq_no = esp.seq_no; @@ -501,7 +502,7 @@ static int ipsec_in_ah(odp_packet_t *pkt, return -1; } - param->override_iv_ptr = state->iv; + param->override_auth_iv_ptr = state->iv; state->in.hdr_len = (ah.ah_len + 2) * 4; state->in.trl_len = 0; @@ -1021,6 +1022,7 @@ static int ipsec_out_esp(odp_packet_t *pkt, } param->override_iv_ptr = state->iv; + param->override_auth_iv_ptr = state->iv; memset(&esp, 0, sizeof(esp)); esp.spi = odp_cpu_to_be_32(ipsec_sa->spi); @@ -1170,7 +1172,7 @@ static int ipsec_out_ah(odp_packet_t *pkt, return -1; } - param->override_iv_ptr = state->iv; + param->override_auth_iv_ptr = state->iv; if (odp_packet_extend_head(pkt, hdr_len, NULL, NULL) < 0) { status->error.alg = 1; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 2d6321166..e165e7437 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -373,7 +373,7 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; ipsec_sa->icv_len = 16; - crypto_param.iv.length = 12; + crypto_param.auth_iv.length = 12; break; default: goto error;