From patchwork Fri Jan 26 14:00:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125987 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp355958ljd; Fri, 26 Jan 2018 06:02:24 -0800 (PST) X-Google-Smtp-Source: AH8x224drLRYSSYdTL2b8iXZnc0w08SHUNWq0OkwiuPoCreYdyv7qeSeJI63v+C68EhNq0XMFygv X-Received: by 10.55.40.41 with SMTP id o41mr20769168qkh.176.1516975344018; Fri, 26 Jan 2018 06:02:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516975344; cv=none; d=google.com; s=arc-20160816; b=fjP5DtTJYEk6toYatBRkGg5A/PmiGulU0TnrIkM7llk64uDhd0lLMIsT/hCpcL0Spd l8kJ8FpnbcamOujk/KxndLwmCbcve8WFSUGnCjMl67rzntT5mRtRQ7mYENT0KXRcXaTt PBZKQqnikYFYf4hsGRWQg4Vxvab20VPKHA/ykwFgwXc/OHVZXHde/f7FfQ7A39bTYXbB /LqYLF/xccZw8ZfTqjSrdFWMtXh1npxi5a59i+eluNLoxEsvdFWKWMLh0WrUV8Jhqv5Z d9xpTeC8NiYPDdPRsD20aOb6UOUM1/aH24uBgunHHXDBPyquVr2QgBGa16TdsQtgBMSr JI6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=npM62i4khL54ShuQyl6jhyRL/NrrVnihCNIoJhlyYn0=; b=fMno74SuDD5sg02hsLaxApuBy3ruvUESMC5j/iAMLvif35yhLZYgMN4togWagOoaD1 tRLf1Wts0zvL+1hPsooplHfsMGZju7YTMSbcMa5FyOaqPT5VqycE5EP5VgCXqwKDVG8b puTKTilvBO6r0S2RH7sdQg0Tk6HmQDWjfKwwc0p8Utz3FvIhV8dlSn1mbTvd8E3J08Pm r17tWouIqjQLW5ZNebFQT1sldTyHFjdwSRBH5iypzoQLnut+r2fkTFMGIwa8wmOG7uBr gqLJY0TgTyRPFiIjKCni8A2F3vraw84894Z8Ng/K4PEE+uGG61Yui0NlMDSXRqfYLJfJ 5XTw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id p18si546928qtk.356.2018.01.26.06.02.21; Fri, 26 Jan 2018 06:02:24 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id A7BDD61801; Fri, 26 Jan 2018 14:02:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 27CBF61777; Fri, 26 Jan 2018 14:00:35 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 60376617C1; Fri, 26 Jan 2018 14:00:22 +0000 (UTC) Received: from forward101j.mail.yandex.net (forward101j.mail.yandex.net [5.45.198.241]) by lists.linaro.org (Postfix) with ESMTPS id 2DC6E60940 for ; Fri, 26 Jan 2018 14:00:17 +0000 (UTC) Received: from mxback8j.mail.yandex.net (mxback8j.mail.yandex.net [IPv6:2a02:6b8:0:1619::111]) by forward101j.mail.yandex.net (Yandex) with ESMTP id AE7791241AF6 for ; Fri, 26 Jan 2018 17:00:15 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback8j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 7PFfBVyNzK-0FRixINC; Fri, 26 Jan 2018 17:00:15 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eWPAvjBUnV-0F1GuEpj; Fri, 26 Jan 2018 17:00:15 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 26 Jan 2018 17:00:09 +0300 Message-Id: <1516975214-22205-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> References: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v5 1/6] api: crypto: add ChaCha20-Poly1305 support X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov ChaCha20-Poly1305 is a promising AEAD algorithm. Add decarations to support it. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 2e711497bfd4fd2a2ca2c0882de3d93ae7d567af **/ include/odp/api/spec/crypto.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 77ea317b8..ef0b267fa 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -89,6 +89,12 @@ typedef enum { */ ODP_CIPHER_ALG_AES_GCM, + /** ChaCha20-Poly1305 AEAD + * + * @note Must be paired with ODP_AUTH_ALG_CHACHA20_POLY1305 + */ + ODP_CIPHER_ALG_CHACHA20_POLY1305, + /** @deprecated Use ODP_CIPHER_ALG_AES_CBC instead */ ODP_DEPRECATE(ODP_CIPHER_ALG_AES128_CBC), @@ -148,6 +154,12 @@ typedef enum { */ ODP_AUTH_ALG_AES_GMAC, + /** ChaCha20-Poly1305 AEAD + * + * @note Must be paired with ODP_CIPHER_ALG_CHACHA20_POLY1305 + */ + ODP_AUTH_ALG_CHACHA20_POLY1305, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96), @@ -183,6 +195,9 @@ typedef union odp_crypto_cipher_algos_t { /** ODP_CIPHER_ALG_AES_GCM */ uint32_t aes_gcm : 1; + /** ODP_CIPHER_ALG_CHACHA20_POLY1305 */ + uint32_t chacha20_poly1305 : 1; + /** @deprecated Use aes_cbc instead */ uint32_t ODP_DEPRECATE(aes128_cbc) : 1; @@ -225,6 +240,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_GMAC*/ uint32_t aes_gmac : 1; + /** ODP_AUTH_ALG_CHACHA20_POLY1305 */ + uint32_t chacha20_poly1305 : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1; From patchwork Fri Jan 26 14:00:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125990 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp359585ljd; Fri, 26 Jan 2018 06:06:43 -0800 (PST) X-Google-Smtp-Source: AH8x22560JPQ+Iv21hwoOCEH7KKzT5bhcTqeLgX1cw8iUze0jkntaPTISpNRlHvouPMAhW5j7NGU X-Received: by 10.200.58.230 with SMTP id x93mr5100028qte.40.1516975602923; Fri, 26 Jan 2018 06:06:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516975602; cv=none; d=google.com; s=arc-20160816; b=qohdiWJY6YrAEiY3vhFMiPm4dds7FzAAXd8D8qPvi+ZHiLUoFB0R5q2gY+Njvkc8hW vzfx/DCANntz0QAto4y3OTOKNruCikLScCMBSB8Jymng12NJJ1sPJTWZA+M+XB1egLcw +EVoQsDqIJhBGjxPMwz2yoWnL/2Fb5BSqOHKY9/V3BkAOdWz0R1jRS4GaJeJZTTGocjq jDzl8WAiAMzOyUAhwR+KuoasasaWqugH4ujG3sh5GrSO96ogwUmAVPZErNvm/NI4zYip uzAiPfUtabR5pVaLpnIM/2CIOzce6AFfE4PYdncUefcIQurKiKM3zWa+k1CNyC1D0Ngj 7UfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=gMS5/FgmYH5qJ26iSoHlX+NhQeOtC63f+Qk0mBNG9gk=; b=oIwysYQCR68/UqffANVjINFUq5xB7TiC/inwZgO4sEMZlBpLDhVqIKoTNy24RnYNVr sihQp+IaKijzIktAkKqwKMRhS/csz5E7TDE/iRZfCv+byZ5dypC+fkUupC7Ap3d5IPs9 5QqaP8ToTqbF05gWtxf1PRwthP01+xLdbWGgyiXvg3f4QidfojxBAX00MskakYoNSUGp 7HYiKUY8HpXh3R/o7UwBWQlhLtDSFqFl+QeW2JQIDg54dTJkobDMemoCPemns0Hbwj4C mEQt9//QUep4JmNQkDBaa3xeNSxbaBKXMnXLiKdnllyqxa/OXelCL7+nk5fpu4OoHXSx hf1g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id i10si3679330qkh.173.2018.01.26.06.06.42; Fri, 26 Jan 2018 06:06:42 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 654AF617A3; Fri, 26 Jan 2018 14:06:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 405EB617EE; Fri, 26 Jan 2018 14:01:10 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 8B652617E2; Fri, 26 Jan 2018 14:00:41 +0000 (UTC) Received: from forward100o.mail.yandex.net (forward100o.mail.yandex.net [37.140.190.180]) by lists.linaro.org (Postfix) with ESMTPS id 499B460CA0 for ; Fri, 26 Jan 2018 14:00:18 +0000 (UTC) Received: from mxback4o.mail.yandex.net (mxback4o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1e]) by forward100o.mail.yandex.net (Yandex) with ESMTP id 045DA2A24906 for ; Fri, 26 Jan 2018 17:00:17 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback4o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id WtpOpZY4tv-0GHe5qNl; Fri, 26 Jan 2018 17:00:16 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eWPAvjBUnV-0F1WZGxj; Fri, 26 Jan 2018 17:00:15 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 26 Jan 2018 17:00:10 +0300 Message-Id: <1516975214-22205-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> References: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v5 2/6] validation: crypto: use unix file format X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Merge f925f103c90591776f73863d30159357b08bf71e changed EOL to DOS convention in this file. Change it back. Fixes: f925f103c90591776f73863d30159357b08bf71e Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 2e711497bfd4fd2a2ca2c0882de3d93ae7d567af **/ test/validation/api/crypto/odp_crypto_test_inp.c | 2592 +++++++++++----------- 1 file changed, 1296 insertions(+), 1296 deletions(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 1d92c6568..2b0ba1cd9 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -1,1296 +1,1296 @@ -/* Copyright (c) 2014-2018, Linaro Limited - * All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include "config.h" - -#include -#include -#include -#include "test_vectors.h" -#include "odp_crypto_test_inp.h" -#include "crypto.h" - -#define MAX_ALG_CAPA 32 - -struct suite_context_s { - odp_bool_t packet; - odp_crypto_op_mode_t op_mode; - odp_crypto_op_mode_t pref_mode; - odp_pool_t pool; - odp_queue_t queue; -}; - -static struct suite_context_s suite_context; - -static int packet_cmp_mem(odp_packet_t pkt, uint32_t offset, - void *s, uint32_t len) -{ - uint8_t buf[len]; - - odp_packet_copy_to_mem(pkt, offset, len, buf); - - return memcmp(buf, s, len); -} - -static const char *auth_alg_name(odp_auth_alg_t auth) -{ - switch (auth) { - case ODP_AUTH_ALG_NULL: - return "ODP_AUTH_ALG_NULL"; - case ODP_AUTH_ALG_MD5_HMAC: - return "ODP_AUTH_ALG_MD5_HMAC"; - case ODP_AUTH_ALG_SHA1_HMAC: - return "ODP_AUTH_ALG_SHA1_HMAC"; - case ODP_AUTH_ALG_SHA256_HMAC: - return "ODP_AUTH_ALG_SHA256_HMAC"; - case ODP_AUTH_ALG_SHA512_HMAC: - return "ODP_AUTH_ALG_SHA512_HMAC"; - case ODP_AUTH_ALG_AES_GCM: - return "ODP_AUTH_ALG_AES_GCM"; - case ODP_AUTH_ALG_AES_GMAC: - return "ODP_AUTH_ALG_AES_GMAC"; - default: - return "Unknown"; - } -} - -static const char *cipher_alg_name(odp_cipher_alg_t cipher) -{ - switch (cipher) { - case ODP_CIPHER_ALG_NULL: - return "ODP_CIPHER_ALG_NULL"; - case ODP_CIPHER_ALG_DES: - return "ODP_CIPHER_ALG_DES"; - case ODP_CIPHER_ALG_3DES_CBC: - return "ODP_CIPHER_ALG_3DES_CBC"; - case ODP_CIPHER_ALG_AES_CBC: - return "ODP_CIPHER_ALG_AES_CBC"; - case ODP_CIPHER_ALG_AES_GCM: - return "ODP_CIPHER_ALG_AES_GCM"; - default: - return "Unknown"; - } -} - -static int alg_op(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_crypto_op_result_t result; - odp_crypto_op_param_t op_params; - odp_bool_t posted; - odp_event_subtype_t subtype; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - op_params.pkt = pkt; - op_params.out_pkt = pkt; - op_params.ctx = (void *)0xdeadbeef; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_operation(&op_params, &posted, &result); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_operation()"); - return rc; - } - - if (posted) { - odp_event_t event; - odp_crypto_compl_t compl_event; - - /* Poll completion queue for results */ - do { - event = odp_queue_deq(suite_context.queue); - } while (event == ODP_EVENT_INVALID); - - CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == odp_event_type(event)); - CU_ASSERT(ODP_EVENT_NO_SUBTYPE == odp_event_subtype(event)); - CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == - odp_event_types(event, &subtype)); - CU_ASSERT(ODP_EVENT_NO_SUBTYPE == subtype); - - compl_event = odp_crypto_compl_from_event(event); - CU_ASSERT(odp_crypto_compl_to_u64(compl_event) == - odp_crypto_compl_to_u64( - odp_crypto_compl_from_event(event))); - odp_crypto_compl_result(compl_event, &result); - odp_crypto_compl_free(compl_event); - } - - CU_ASSERT(result.pkt == pkt); - CU_ASSERT(result.ctx == (void *)0xdeadbeef); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(result.pkt))); - CU_ASSERT(ODP_EVENT_PACKET_BASIC == - odp_event_subtype(odp_packet_to_event(result.pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(result.pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_BASIC == subtype); - - *ok = result.ok; - - return 0; -} - -static int alg_packet_op(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_crypto_packet_result_t result; - odp_crypto_packet_op_param_t op_params; - odp_event_subtype_t subtype; - odp_packet_t out_pkt = pkt; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_op(&pkt, &out_pkt, &op_params, 1); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_op()"); - return rc; - } - - CU_ASSERT(out_pkt == pkt); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == - odp_event_subtype(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - rc = odp_crypto_result(&result, pkt); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_result()"); - return rc; - } - - if (!result.ok) - CU_ASSERT(odp_packet_has_error(pkt)); - - *ok = result.ok; - - return 0; -} - -static int alg_packet_op_enq(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_event_t event; - odp_crypto_packet_result_t result; - odp_crypto_packet_op_param_t op_params; - odp_event_subtype_t subtype; - odp_packet_t out_pkt = pkt; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_op_enq(&pkt, &pkt, &op_params, 1); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_op_enq()"); - return rc; - } - - /* Poll completion queue for results */ - do { - event = odp_queue_deq(suite_context.queue); - } while (event == ODP_EVENT_INVALID); - - CU_ASSERT(ODP_EVENT_PACKET == odp_event_type(event)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == odp_event_subtype(event)); - CU_ASSERT(ODP_EVENT_PACKET == odp_event_types(event, &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - pkt = odp_crypto_packet_from_event(event); - - CU_ASSERT(out_pkt == pkt); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == - odp_event_subtype(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - rc = odp_crypto_result(&result, pkt); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_result()"); - return rc; - } - - CU_ASSERT((!odp_packet_has_error(pkt)) == result.ok); - - *ok = result.ok; - - return 0; -} - -typedef enum crypto_test { - NORMAL_TEST = 0, /**< Plain execution */ - REPEAT_TEST, /**< Rerun without reinitializing the session */ - WRONG_DIGEST_TEST, /**< Check against wrong digest */ - MAX_TEST, /**< Final mark */ -} crypto_test; - -/* Basic algorithm run function for async inplace mode. - * Creates a session from input parameters and runs one operation - * on input_vec. Checks the output of the crypto operation against - * output_vec. Operation completion event is dequeued polling the - * session output queue. Completion context pointer is retrieved - * and checked against the one set before the operation. - * Completion event can be a separate buffer or the input packet - * buffer can be used. - * */ -static void alg_test(odp_crypto_op_t op, - odp_cipher_alg_t cipher_alg, - odp_auth_alg_t auth_alg, - crypto_test_reference_t *ref, - odp_bool_t ovr_iv) -{ - odp_crypto_session_t session; - int rc; - odp_crypto_ses_create_err_t status; - odp_bool_t ok = false; - int iteration; - odp_crypto_session_param_t ses_params; - odp_packet_data_range_t cipher_range; - odp_packet_data_range_t auth_range; - odp_crypto_key_t cipher_key = { - .data = ref->cipher_key, - .length = ref->cipher_key_length - }; - odp_crypto_key_t auth_key = { - .data = ref->auth_key, - .length = ref->auth_key_length - }; - odp_crypto_iv_t cipher_iv = { - .data = ovr_iv ? NULL : ref->cipher_iv, - .length = ref->cipher_iv_length - }; - odp_crypto_iv_t auth_iv = { - .data = ovr_iv ? NULL : ref->auth_iv, - .length = ref->auth_iv_length - }; - - /* Create a crypto session */ - odp_crypto_session_param_init(&ses_params); - ses_params.op = op; - ses_params.auth_cipher_text = false; - ses_params.op_mode = suite_context.op_mode; - ses_params.pref_mode = suite_context.pref_mode; - ses_params.cipher_alg = cipher_alg; - ses_params.auth_alg = auth_alg; - ses_params.compl_queue = suite_context.queue; - ses_params.output_pool = suite_context.pool; - ses_params.cipher_key = cipher_key; - ses_params.cipher_iv = cipher_iv; - ses_params.auth_iv = auth_iv; - ses_params.auth_key = auth_key; - ses_params.auth_digest_len = ref->digest_length; - ses_params.auth_aad_len = ref->aad_length; - - rc = odp_crypto_session_create(&ses_params, &session, &status); - CU_ASSERT_FATAL(!rc); - CU_ASSERT(status == ODP_CRYPTO_SES_CREATE_ERR_NONE); - CU_ASSERT(odp_crypto_session_to_u64(session) != - odp_crypto_session_to_u64(ODP_CRYPTO_SESSION_INVALID)); - - cipher_range.offset = 0; - cipher_range.length = ref->length; - auth_range.offset = 0; - auth_range.length = ref->length; - - /* Prepare input data */ - odp_packet_t pkt = odp_packet_alloc(suite_context.pool, - ref->length + ref->digest_length); - CU_ASSERT(pkt != ODP_PACKET_INVALID); - if (pkt == ODP_PACKET_INVALID) - goto cleanup; - - for (iteration = NORMAL_TEST; iteration < MAX_TEST; iteration++) { - /* checking against wrong digest is meaningless for NULL digest - * or when generating digest */ - if (iteration == WRONG_DIGEST_TEST && - (auth_alg == ODP_AUTH_ALG_NULL || - op == ODP_CRYPTO_OP_ENCODE)) - continue; - - if (op == ODP_CRYPTO_OP_ENCODE) { - odp_packet_copy_from_mem(pkt, 0, ref->length, - ref->plaintext); - } else { - odp_packet_copy_from_mem(pkt, 0, ref->length, - ref->ciphertext); - odp_packet_copy_from_mem(pkt, ref->length, - ref->digest_length, - ref->digest); - if (iteration == WRONG_DIGEST_TEST) { - uint8_t byte = ~ref->digest[0]; - - odp_packet_copy_from_mem(pkt, ref->length, - 1, &byte); - } - } - - if (!suite_context.packet) - rc = alg_op(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - else if (ODP_CRYPTO_ASYNC == suite_context.op_mode) - rc = alg_packet_op_enq(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - else - rc = alg_packet_op(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - if (rc < 0) - break; - - if (iteration == WRONG_DIGEST_TEST) { - CU_ASSERT(!ok); - continue; - } - - CU_ASSERT(ok); - - if (op == ODP_CRYPTO_OP_ENCODE) { - CU_ASSERT(!packet_cmp_mem(pkt, 0, - ref->ciphertext, - ref->length)); - CU_ASSERT(!packet_cmp_mem(pkt, ref->length, - ref->digest, - ref->digest_length)); - } else { - CU_ASSERT(!packet_cmp_mem(pkt, 0, - ref->plaintext, - ref->length)); - } - } - - odp_packet_free(pkt); - -cleanup: - rc = odp_crypto_session_destroy(session); - CU_ASSERT(!rc); -} - -static void check_alg(odp_crypto_op_t op, - odp_cipher_alg_t cipher_alg, - odp_auth_alg_t auth_alg, - crypto_test_reference_t *ref, - size_t count, - odp_bool_t ovr_iv) -{ - odp_crypto_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; - int rc, cipher_num, auth_num, i; - odp_bool_t cipher_tested[MAX_ALG_CAPA]; - odp_bool_t auth_tested[MAX_ALG_CAPA]; - odp_bool_t cipher_ok = false; - odp_bool_t auth_ok = false; - size_t idx; - - rc = odp_crypto_capability(&capa); - CU_ASSERT(!rc); - - if (cipher_alg == ODP_CIPHER_ALG_3DES_CBC && - !(capa.ciphers.bit.trides_cbc)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_CBC && - !(capa.ciphers.bit.aes_cbc)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_CTR && - !(capa.ciphers.bit.aes_ctr)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && - !(capa.ciphers.bit.aes_gcm)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_DES && - !(capa.ciphers.bit.des)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_NULL && - !(capa.ciphers.bit.null)) - rc = -1; - - CU_ASSERT(!rc); - CU_ASSERT((~capa.ciphers.all_bits & capa.hw_ciphers.all_bits) == 0); - - if (auth_alg == ODP_AUTH_ALG_AES_GCM && - !(capa.auths.bit.aes_gcm)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_AES_GMAC && - !(capa.auths.bit.aes_gmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && - !(capa.auths.bit.md5_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_NULL && - !(capa.auths.bit.null)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && - !(capa.auths.bit.sha1_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && - !(capa.auths.bit.sha256_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && - !(capa.auths.bit.sha512_hmac)) - rc = -1; - - CU_ASSERT(!rc); - CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); - - cipher_num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, - MAX_ALG_CAPA); - - CU_ASSERT(cipher_num > 0); - CU_ASSERT(cipher_num <= MAX_ALG_CAPA); - if (cipher_num > MAX_ALG_CAPA) - cipher_num = MAX_ALG_CAPA; - - auth_num = odp_crypto_auth_capability(auth_alg, auth_capa, - MAX_ALG_CAPA); - - CU_ASSERT(auth_num > 0); - CU_ASSERT(auth_num <= MAX_ALG_CAPA); - if (auth_num > MAX_ALG_CAPA) - auth_num = MAX_ALG_CAPA; - - memset(cipher_tested, 0, sizeof(cipher_tested)); - memset(auth_tested, 0, sizeof(auth_tested)); - - for (idx = 0; idx < count; idx++) { - int cipher_idx = -1, auth_idx = -1; - - for (i = 0; i < cipher_num; i++) { - if (cipher_capa[i].key_len == - ref[idx].cipher_key_length && - cipher_capa[i].iv_len == - ref[idx].cipher_iv_length) { - cipher_idx = i; - break; - } - } - - if (cipher_idx < 0) { - printf("\n Unsupported: alg=%s, key_len=%" PRIu32 - ", iv_len=%" PRIu32 "\n", - cipher_alg_name(cipher_alg), - ref[idx].cipher_key_length, - ref[idx].cipher_iv_length); - continue; - } - - for (i = 0; i < auth_num; i++) { - if (auth_capa[i].digest_len == - ref[idx].digest_length && - auth_capa[i].iv_len == - ref[idx].auth_iv_length && - auth_capa[i].key_len == - ref[idx].auth_key_length) { - auth_idx = i; - break; - } - } - - if (auth_idx < 0) { - printf("\n Unsupported: alg=%s, key_len=%" PRIu32 - ", iv_len=%" PRIu32 ", digest_len=%" PRIu32 "\n", - auth_alg_name(auth_alg), - ref[idx].auth_key_length, - ref[idx].auth_iv_length, - ref[idx].digest_length); - continue; - } - - alg_test(op, cipher_alg, auth_alg, &ref[idx], ovr_iv); - - cipher_tested[cipher_idx] = true; - auth_tested[auth_idx] = true; - } - - for (i = 0; i < cipher_num; i++) { - cipher_ok |= cipher_tested[i]; - if (!cipher_tested[i]) { - /* GMAC-related hacks */ - if (cipher_alg == ODP_CIPHER_ALG_NULL) - continue; - printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " - "iv_len=%" PRIu32 "\n", - cipher_alg_name(cipher_alg), - cipher_capa[i].key_len, - cipher_capa[i].iv_len); - } - } - - for (i = 0; i < auth_num; i++) { - auth_ok |= auth_tested[i]; - if (!auth_tested[i]) - printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " - "digest_len=%" PRIu32 "\n", - auth_alg_name(auth_alg), - auth_capa[i].key_len, - auth_capa[i].digest_len); - } - - /* Verify that we were able to run at least several tests */ - CU_ASSERT(cipher_ok); - CU_ASSERT(auth_ok); -} - -/** - * Check if given cipher and authentication algorithms are supported - * - * @param cipher Cipher algorithm - * @param auth Authentication algorithm - * - * @retval ODP_TEST_ACTIVE when both algorithms are supported - * @retval ODP_TEST_INACTIVE when either algorithm is not supported - */ -static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) -{ - odp_crypto_capability_t capability; - - if (odp_crypto_capability(&capability)) - return ODP_TEST_INACTIVE; - - if (suite_context.packet) { - if (suite_context.op_mode == ODP_CRYPTO_SYNC && - capability.sync_mode == ODP_SUPPORT_NO) - return ODP_TEST_INACTIVE; - if (suite_context.op_mode == ODP_CRYPTO_ASYNC && - capability.async_mode == ODP_SUPPORT_NO) - return ODP_TEST_INACTIVE; - } - - /* Cipher algorithms */ - switch (cipher) { - case ODP_CIPHER_ALG_NULL: - if (!capability.ciphers.bit.null) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_DES: - if (!capability.ciphers.bit.des) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_3DES_CBC: - if (!capability.ciphers.bit.trides_cbc) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_CBC: - if (!capability.ciphers.bit.aes_cbc) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_CTR: - if (!capability.ciphers.bit.aes_ctr) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_GCM: - if (!capability.ciphers.bit.aes_gcm) - return ODP_TEST_INACTIVE; - break; - default: - fprintf(stderr, "Unsupported cipher algorithm\n"); - return ODP_TEST_INACTIVE; - } - - /* Authentication algorithms */ - switch (auth) { - case ODP_AUTH_ALG_NULL: - if (!capability.auths.bit.null) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_MD5_HMAC: - if (!capability.auths.bit.md5_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - if (!capability.auths.bit.sha1_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA256_HMAC: - if (!capability.auths.bit.sha256_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - if (!capability.auths.bit.sha512_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_AES_GCM: - if (!capability.auths.bit.aes_gcm) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_AES_GMAC: - if (!capability.auths.bit.aes_gmac) - return ODP_TEST_INACTIVE; - break; - default: - fprintf(stderr, "Unsupported authentication algorithm\n"); - return ODP_TEST_INACTIVE; - } - - return ODP_TEST_ACTIVE; -} - -static int check_alg_null(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); -} - -#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) -static void crypto_test_enc_alg_null(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_NULL, - null_reference, - ARRAY_SIZE(null_reference), - false); -} - -static void crypto_test_dec_alg_null(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_NULL, - null_reference, - ARRAY_SIZE(null_reference), - false); -} - -static int check_alg_3des_cbc(void) -{ - return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_3des_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for 3DES_CBC algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_3des_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_3des_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - true); -} - -static int check_alg_aes_gcm(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_GCM algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_gcm(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_GCM algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_gcm_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_gcm(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - true); -} - -static int check_alg_aes_cbc(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CBC algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_aes_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - true); -} - -static int check_alg_aes_ctr(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_CTR, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_ctr(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CTR algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_aes_ctr_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_ctr(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_ctr_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - true); -} - -static int check_alg_hmac_md5(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_MD5_HMAC); -} - -/* This test verifies the correctness of HMAC_MD5 digest operation. - * The output check length is truncated to 12 bytes (96 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_md5(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_MD5_HMAC, - hmac_md5_reference, - ARRAY_SIZE(hmac_md5_reference), - false); -} - -static void crypto_test_check_alg_hmac_md5(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_MD5_HMAC, - hmac_md5_reference, - ARRAY_SIZE(hmac_md5_reference), - false); -} - -static int check_alg_hmac_sha1(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA1 digest operation. - * The output check length is truncated to 12 bytes (96 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha1(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA1_HMAC, - hmac_sha1_reference, - ARRAY_SIZE(hmac_sha1_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha1(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA1_HMAC, - hmac_sha1_reference, - ARRAY_SIZE(hmac_sha1_reference), - false); -} - -static int check_alg_hmac_sha256(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA256 digest operation. - * The output check length is truncated to 16 bytes (128 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha256(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA256_HMAC, - hmac_sha256_reference, - ARRAY_SIZE(hmac_sha256_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha256(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA256_HMAC, - hmac_sha256_reference, - ARRAY_SIZE(hmac_sha256_reference), - false); -} - -static int check_alg_hmac_sha512(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA512 digest operation. - * The output check length is truncated to 32 bytes (256 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha512(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA512_HMAC, - hmac_sha512_reference, - ARRAY_SIZE(hmac_sha512_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha512(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA512_HMAC, - hmac_sha512_reference, - ARRAY_SIZE(hmac_sha512_reference), - false); -} - -static int check_alg_aes_gmac(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC); -} - -static void crypto_test_gen_alg_aes_gmac(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - aes_gmac_reference, - ARRAY_SIZE(aes_gmac_reference), - false); -} - -static void crypto_test_gen_alg_aes_gmac_ovr_iv(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - alg_test(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - &aes_gmac_reference[i], - true); -} - -static void crypto_test_check_alg_aes_gmac(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - aes_gmac_reference, - ARRAY_SIZE(aes_gmac_reference), - false); -} - -static void crypto_test_check_alg_aes_gmac_ovr_iv(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - alg_test(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - &aes_gmac_reference[i], - true); -} - -int crypto_suite_sync_init(void) -{ - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = ODP_QUEUE_INVALID; - suite_context.pref_mode = ODP_CRYPTO_SYNC; - return 0; -} - -int crypto_suite_async_init(void) -{ - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - suite_context.queue = odp_queue_lookup("crypto-out"); - if (suite_context.queue == ODP_QUEUE_INVALID) - return -1; - - suite_context.pref_mode = ODP_CRYPTO_ASYNC; - return 0; -} - -int crypto_suite_packet_sync_init(void) -{ - suite_context.packet = true; - suite_context.op_mode = ODP_CRYPTO_SYNC; - - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = ODP_QUEUE_INVALID; - return 0; -} - -int crypto_suite_packet_async_init(void) -{ - suite_context.packet = true; - suite_context.op_mode = ODP_CRYPTO_ASYNC; - - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = odp_queue_lookup("crypto-out"); - if (suite_context.queue == ODP_QUEUE_INVALID) - return -1; - return 0; -} - -odp_testinfo_t crypto_suite[] = { - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, - check_alg_null), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, - check_alg_null), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc_ovr_iv, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc_ovr_iv, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc_ovr_iv, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc_ovr_iv, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr_ovr_iv, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr_ovr_iv, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm_ovr_iv, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, - check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, - check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, - check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, - check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, - check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, - check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, - check_alg_hmac_sha512), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, - check_alg_hmac_sha512), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac_ovr_iv, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, - check_alg_aes_gmac), - ODP_TEST_INFO_NULL, -}; - -int crypto_suite_term(void) -{ - int i; - int first = 1; - - for (i = 0; crypto_suite[i].pName; i++) { - if (crypto_suite[i].check_active && - crypto_suite[i].check_active() == ODP_TEST_INACTIVE) { - if (first) { - first = 0; - printf("\n\n Inactive tests:\n"); - } - printf(" %s\n", crypto_suite[i].pName); - } - } - return 0; -} +/* Copyright (c) 2014-2018, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include "config.h" + +#include +#include +#include +#include "test_vectors.h" +#include "odp_crypto_test_inp.h" +#include "crypto.h" + +#define MAX_ALG_CAPA 32 + +struct suite_context_s { + odp_bool_t packet; + odp_crypto_op_mode_t op_mode; + odp_crypto_op_mode_t pref_mode; + odp_pool_t pool; + odp_queue_t queue; +}; + +static struct suite_context_s suite_context; + +static int packet_cmp_mem(odp_packet_t pkt, uint32_t offset, + void *s, uint32_t len) +{ + uint8_t buf[len]; + + odp_packet_copy_to_mem(pkt, offset, len, buf); + + return memcmp(buf, s, len); +} + +static const char *auth_alg_name(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return "ODP_AUTH_ALG_NULL"; + case ODP_AUTH_ALG_MD5_HMAC: + return "ODP_AUTH_ALG_MD5_HMAC"; + case ODP_AUTH_ALG_SHA1_HMAC: + return "ODP_AUTH_ALG_SHA1_HMAC"; + case ODP_AUTH_ALG_SHA256_HMAC: + return "ODP_AUTH_ALG_SHA256_HMAC"; + case ODP_AUTH_ALG_SHA512_HMAC: + return "ODP_AUTH_ALG_SHA512_HMAC"; + case ODP_AUTH_ALG_AES_GCM: + return "ODP_AUTH_ALG_AES_GCM"; + case ODP_AUTH_ALG_AES_GMAC: + return "ODP_AUTH_ALG_AES_GMAC"; + default: + return "Unknown"; + } +} + +static const char *cipher_alg_name(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return "ODP_CIPHER_ALG_NULL"; + case ODP_CIPHER_ALG_DES: + return "ODP_CIPHER_ALG_DES"; + case ODP_CIPHER_ALG_3DES_CBC: + return "ODP_CIPHER_ALG_3DES_CBC"; + case ODP_CIPHER_ALG_AES_CBC: + return "ODP_CIPHER_ALG_AES_CBC"; + case ODP_CIPHER_ALG_AES_GCM: + return "ODP_CIPHER_ALG_AES_GCM"; + default: + return "Unknown"; + } +} + +static int alg_op(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_crypto_op_result_t result; + odp_crypto_op_param_t op_params; + odp_bool_t posted; + odp_event_subtype_t subtype; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + op_params.pkt = pkt; + op_params.out_pkt = pkt; + op_params.ctx = (void *)0xdeadbeef; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_operation(&op_params, &posted, &result); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_operation()"); + return rc; + } + + if (posted) { + odp_event_t event; + odp_crypto_compl_t compl_event; + + /* Poll completion queue for results */ + do { + event = odp_queue_deq(suite_context.queue); + } while (event == ODP_EVENT_INVALID); + + CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == odp_event_type(event)); + CU_ASSERT(ODP_EVENT_NO_SUBTYPE == odp_event_subtype(event)); + CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == + odp_event_types(event, &subtype)); + CU_ASSERT(ODP_EVENT_NO_SUBTYPE == subtype); + + compl_event = odp_crypto_compl_from_event(event); + CU_ASSERT(odp_crypto_compl_to_u64(compl_event) == + odp_crypto_compl_to_u64( + odp_crypto_compl_from_event(event))); + odp_crypto_compl_result(compl_event, &result); + odp_crypto_compl_free(compl_event); + } + + CU_ASSERT(result.pkt == pkt); + CU_ASSERT(result.ctx == (void *)0xdeadbeef); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(result.pkt))); + CU_ASSERT(ODP_EVENT_PACKET_BASIC == + odp_event_subtype(odp_packet_to_event(result.pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(result.pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_BASIC == subtype); + + *ok = result.ok; + + return 0; +} + +static int alg_packet_op(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_crypto_packet_result_t result; + odp_crypto_packet_op_param_t op_params; + odp_event_subtype_t subtype; + odp_packet_t out_pkt = pkt; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_op(&pkt, &out_pkt, &op_params, 1); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_op()"); + return rc; + } + + CU_ASSERT(out_pkt == pkt); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == + odp_event_subtype(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + rc = odp_crypto_result(&result, pkt); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_result()"); + return rc; + } + + if (!result.ok) + CU_ASSERT(odp_packet_has_error(pkt)); + + *ok = result.ok; + + return 0; +} + +static int alg_packet_op_enq(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_event_t event; + odp_crypto_packet_result_t result; + odp_crypto_packet_op_param_t op_params; + odp_event_subtype_t subtype; + odp_packet_t out_pkt = pkt; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_op_enq(&pkt, &pkt, &op_params, 1); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_op_enq()"); + return rc; + } + + /* Poll completion queue for results */ + do { + event = odp_queue_deq(suite_context.queue); + } while (event == ODP_EVENT_INVALID); + + CU_ASSERT(ODP_EVENT_PACKET == odp_event_type(event)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == odp_event_subtype(event)); + CU_ASSERT(ODP_EVENT_PACKET == odp_event_types(event, &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + pkt = odp_crypto_packet_from_event(event); + + CU_ASSERT(out_pkt == pkt); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == + odp_event_subtype(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + rc = odp_crypto_result(&result, pkt); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_result()"); + return rc; + } + + CU_ASSERT((!odp_packet_has_error(pkt)) == result.ok); + + *ok = result.ok; + + return 0; +} + +typedef enum crypto_test { + NORMAL_TEST = 0, /**< Plain execution */ + REPEAT_TEST, /**< Rerun without reinitializing the session */ + WRONG_DIGEST_TEST, /**< Check against wrong digest */ + MAX_TEST, /**< Final mark */ +} crypto_test; + +/* Basic algorithm run function for async inplace mode. + * Creates a session from input parameters and runs one operation + * on input_vec. Checks the output of the crypto operation against + * output_vec. Operation completion event is dequeued polling the + * session output queue. Completion context pointer is retrieved + * and checked against the one set before the operation. + * Completion event can be a separate buffer or the input packet + * buffer can be used. + * */ +static void alg_test(odp_crypto_op_t op, + odp_cipher_alg_t cipher_alg, + odp_auth_alg_t auth_alg, + crypto_test_reference_t *ref, + odp_bool_t ovr_iv) +{ + odp_crypto_session_t session; + int rc; + odp_crypto_ses_create_err_t status; + odp_bool_t ok = false; + int iteration; + odp_crypto_session_param_t ses_params; + odp_packet_data_range_t cipher_range; + odp_packet_data_range_t auth_range; + odp_crypto_key_t cipher_key = { + .data = ref->cipher_key, + .length = ref->cipher_key_length + }; + odp_crypto_key_t auth_key = { + .data = ref->auth_key, + .length = ref->auth_key_length + }; + odp_crypto_iv_t cipher_iv = { + .data = ovr_iv ? NULL : ref->cipher_iv, + .length = ref->cipher_iv_length + }; + odp_crypto_iv_t auth_iv = { + .data = ovr_iv ? NULL : ref->auth_iv, + .length = ref->auth_iv_length + }; + + /* Create a crypto session */ + odp_crypto_session_param_init(&ses_params); + ses_params.op = op; + ses_params.auth_cipher_text = false; + ses_params.op_mode = suite_context.op_mode; + ses_params.pref_mode = suite_context.pref_mode; + ses_params.cipher_alg = cipher_alg; + ses_params.auth_alg = auth_alg; + ses_params.compl_queue = suite_context.queue; + ses_params.output_pool = suite_context.pool; + ses_params.cipher_key = cipher_key; + ses_params.cipher_iv = cipher_iv; + ses_params.auth_iv = auth_iv; + ses_params.auth_key = auth_key; + ses_params.auth_digest_len = ref->digest_length; + ses_params.auth_aad_len = ref->aad_length; + + rc = odp_crypto_session_create(&ses_params, &session, &status); + CU_ASSERT_FATAL(!rc); + CU_ASSERT(status == ODP_CRYPTO_SES_CREATE_ERR_NONE); + CU_ASSERT(odp_crypto_session_to_u64(session) != + odp_crypto_session_to_u64(ODP_CRYPTO_SESSION_INVALID)); + + cipher_range.offset = 0; + cipher_range.length = ref->length; + auth_range.offset = 0; + auth_range.length = ref->length; + + /* Prepare input data */ + odp_packet_t pkt = odp_packet_alloc(suite_context.pool, + ref->length + ref->digest_length); + CU_ASSERT(pkt != ODP_PACKET_INVALID); + if (pkt == ODP_PACKET_INVALID) + goto cleanup; + + for (iteration = NORMAL_TEST; iteration < MAX_TEST; iteration++) { + /* checking against wrong digest is meaningless for NULL digest + * or when generating digest */ + if (iteration == WRONG_DIGEST_TEST && + (auth_alg == ODP_AUTH_ALG_NULL || + op == ODP_CRYPTO_OP_ENCODE)) + continue; + + if (op == ODP_CRYPTO_OP_ENCODE) { + odp_packet_copy_from_mem(pkt, 0, ref->length, + ref->plaintext); + } else { + odp_packet_copy_from_mem(pkt, 0, ref->length, + ref->ciphertext); + odp_packet_copy_from_mem(pkt, ref->length, + ref->digest_length, + ref->digest); + if (iteration == WRONG_DIGEST_TEST) { + uint8_t byte = ~ref->digest[0]; + + odp_packet_copy_from_mem(pkt, ref->length, + 1, &byte); + } + } + + if (!suite_context.packet) + rc = alg_op(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + else if (ODP_CRYPTO_ASYNC == suite_context.op_mode) + rc = alg_packet_op_enq(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + else + rc = alg_packet_op(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + if (rc < 0) + break; + + if (iteration == WRONG_DIGEST_TEST) { + CU_ASSERT(!ok); + continue; + } + + CU_ASSERT(ok); + + if (op == ODP_CRYPTO_OP_ENCODE) { + CU_ASSERT(!packet_cmp_mem(pkt, 0, + ref->ciphertext, + ref->length)); + CU_ASSERT(!packet_cmp_mem(pkt, ref->length, + ref->digest, + ref->digest_length)); + } else { + CU_ASSERT(!packet_cmp_mem(pkt, 0, + ref->plaintext, + ref->length)); + } + } + + odp_packet_free(pkt); + +cleanup: + rc = odp_crypto_session_destroy(session); + CU_ASSERT(!rc); +} + +static void check_alg(odp_crypto_op_t op, + odp_cipher_alg_t cipher_alg, + odp_auth_alg_t auth_alg, + crypto_test_reference_t *ref, + size_t count, + odp_bool_t ovr_iv) +{ + odp_crypto_capability_t capa; + odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + int rc, cipher_num, auth_num, i; + odp_bool_t cipher_tested[MAX_ALG_CAPA]; + odp_bool_t auth_tested[MAX_ALG_CAPA]; + odp_bool_t cipher_ok = false; + odp_bool_t auth_ok = false; + size_t idx; + + rc = odp_crypto_capability(&capa); + CU_ASSERT(!rc); + + if (cipher_alg == ODP_CIPHER_ALG_3DES_CBC && + !(capa.ciphers.bit.trides_cbc)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CBC && + !(capa.ciphers.bit.aes_cbc)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CTR && + !(capa.ciphers.bit.aes_ctr)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && + !(capa.ciphers.bit.aes_gcm)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_DES && + !(capa.ciphers.bit.des)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_NULL && + !(capa.ciphers.bit.null)) + rc = -1; + + CU_ASSERT(!rc); + CU_ASSERT((~capa.ciphers.all_bits & capa.hw_ciphers.all_bits) == 0); + + if (auth_alg == ODP_AUTH_ALG_AES_GCM && + !(capa.auths.bit.aes_gcm)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_GMAC && + !(capa.auths.bit.aes_gmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && + !(capa.auths.bit.md5_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_NULL && + !(capa.auths.bit.null)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && + !(capa.auths.bit.sha1_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && + !(capa.auths.bit.sha256_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && + !(capa.auths.bit.sha512_hmac)) + rc = -1; + + CU_ASSERT(!rc); + CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); + + cipher_num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, + MAX_ALG_CAPA); + + CU_ASSERT(cipher_num > 0); + CU_ASSERT(cipher_num <= MAX_ALG_CAPA); + if (cipher_num > MAX_ALG_CAPA) + cipher_num = MAX_ALG_CAPA; + + auth_num = odp_crypto_auth_capability(auth_alg, auth_capa, + MAX_ALG_CAPA); + + CU_ASSERT(auth_num > 0); + CU_ASSERT(auth_num <= MAX_ALG_CAPA); + if (auth_num > MAX_ALG_CAPA) + auth_num = MAX_ALG_CAPA; + + memset(cipher_tested, 0, sizeof(cipher_tested)); + memset(auth_tested, 0, sizeof(auth_tested)); + + for (idx = 0; idx < count; idx++) { + int cipher_idx = -1, auth_idx = -1; + + for (i = 0; i < cipher_num; i++) { + if (cipher_capa[i].key_len == + ref[idx].cipher_key_length && + cipher_capa[i].iv_len == + ref[idx].cipher_iv_length) { + cipher_idx = i; + break; + } + } + + if (cipher_idx < 0) { + printf("\n Unsupported: alg=%s, key_len=%" PRIu32 + ", iv_len=%" PRIu32 "\n", + cipher_alg_name(cipher_alg), + ref[idx].cipher_key_length, + ref[idx].cipher_iv_length); + continue; + } + + for (i = 0; i < auth_num; i++) { + if (auth_capa[i].digest_len == + ref[idx].digest_length && + auth_capa[i].iv_len == + ref[idx].auth_iv_length && + auth_capa[i].key_len == + ref[idx].auth_key_length) { + auth_idx = i; + break; + } + } + + if (auth_idx < 0) { + printf("\n Unsupported: alg=%s, key_len=%" PRIu32 + ", iv_len=%" PRIu32 ", digest_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), + ref[idx].auth_key_length, + ref[idx].auth_iv_length, + ref[idx].digest_length); + continue; + } + + alg_test(op, cipher_alg, auth_alg, &ref[idx], ovr_iv); + + cipher_tested[cipher_idx] = true; + auth_tested[auth_idx] = true; + } + + for (i = 0; i < cipher_num; i++) { + cipher_ok |= cipher_tested[i]; + if (!cipher_tested[i]) { + /* GMAC-related hacks */ + if (cipher_alg == ODP_CIPHER_ALG_NULL) + continue; + printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " + "iv_len=%" PRIu32 "\n", + cipher_alg_name(cipher_alg), + cipher_capa[i].key_len, + cipher_capa[i].iv_len); + } + } + + for (i = 0; i < auth_num; i++) { + auth_ok |= auth_tested[i]; + if (!auth_tested[i]) + printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " + "digest_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), + auth_capa[i].key_len, + auth_capa[i].digest_len); + } + + /* Verify that we were able to run at least several tests */ + CU_ASSERT(cipher_ok); + CU_ASSERT(auth_ok); +} + +/** + * Check if given cipher and authentication algorithms are supported + * + * @param cipher Cipher algorithm + * @param auth Authentication algorithm + * + * @retval ODP_TEST_ACTIVE when both algorithms are supported + * @retval ODP_TEST_INACTIVE when either algorithm is not supported + */ +static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) +{ + odp_crypto_capability_t capability; + + if (odp_crypto_capability(&capability)) + return ODP_TEST_INACTIVE; + + if (suite_context.packet) { + if (suite_context.op_mode == ODP_CRYPTO_SYNC && + capability.sync_mode == ODP_SUPPORT_NO) + return ODP_TEST_INACTIVE; + if (suite_context.op_mode == ODP_CRYPTO_ASYNC && + capability.async_mode == ODP_SUPPORT_NO) + return ODP_TEST_INACTIVE; + } + + /* Cipher algorithms */ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + if (!capability.ciphers.bit.null) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_DES: + if (!capability.ciphers.bit.des) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_3DES_CBC: + if (!capability.ciphers.bit.trides_cbc) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_CBC: + if (!capability.ciphers.bit.aes_cbc) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_CTR: + if (!capability.ciphers.bit.aes_ctr) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_GCM: + if (!capability.ciphers.bit.aes_gcm) + return ODP_TEST_INACTIVE; + break; + default: + fprintf(stderr, "Unsupported cipher algorithm\n"); + return ODP_TEST_INACTIVE; + } + + /* Authentication algorithms */ + switch (auth) { + case ODP_AUTH_ALG_NULL: + if (!capability.auths.bit.null) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_MD5_HMAC: + if (!capability.auths.bit.md5_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA1_HMAC: + if (!capability.auths.bit.sha1_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA256_HMAC: + if (!capability.auths.bit.sha256_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA512_HMAC: + if (!capability.auths.bit.sha512_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_AES_GCM: + if (!capability.auths.bit.aes_gcm) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_AES_GMAC: + if (!capability.auths.bit.aes_gmac) + return ODP_TEST_INACTIVE; + break; + default: + fprintf(stderr, "Unsupported authentication algorithm\n"); + return ODP_TEST_INACTIVE; + } + + return ODP_TEST_ACTIVE; +} + +static int check_alg_null(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); +} + +#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) +static void crypto_test_enc_alg_null(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_NULL, + null_reference, + ARRAY_SIZE(null_reference), + false); +} + +static void crypto_test_dec_alg_null(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_NULL, + null_reference, + ARRAY_SIZE(null_reference), + false); +} + +static int check_alg_3des_cbc(void) +{ + return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_3des_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for 3DES_CBC algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_3des_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_3des_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + true); +} + +static int check_alg_aes_gcm(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_GCM algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_gcm(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_GCM algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_gcm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_gcm(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + true); +} + +static int check_alg_aes_cbc(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CBC algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_aes_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + true); +} + +static int check_alg_aes_ctr(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CTR, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_ctr(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CTR algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_aes_ctr_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_ctr(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_ctr_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + true); +} + +static int check_alg_hmac_md5(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_MD5_HMAC); +} + +/* This test verifies the correctness of HMAC_MD5 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_md5(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_MD5_HMAC, + hmac_md5_reference, + ARRAY_SIZE(hmac_md5_reference), + false); +} + +static void crypto_test_check_alg_hmac_md5(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_MD5_HMAC, + hmac_md5_reference, + ARRAY_SIZE(hmac_md5_reference), + false); +} + +static int check_alg_hmac_sha1(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA1 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha1(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA1_HMAC, + hmac_sha1_reference, + ARRAY_SIZE(hmac_sha1_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha1(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA1_HMAC, + hmac_sha1_reference, + ARRAY_SIZE(hmac_sha1_reference), + false); +} + +static int check_alg_hmac_sha256(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA256 digest operation. + * The output check length is truncated to 16 bytes (128 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha256(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA256_HMAC, + hmac_sha256_reference, + ARRAY_SIZE(hmac_sha256_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha256(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA256_HMAC, + hmac_sha256_reference, + ARRAY_SIZE(hmac_sha256_reference), + false); +} + +static int check_alg_hmac_sha512(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA512 digest operation. + * The output check length is truncated to 32 bytes (256 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha512(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA512_HMAC, + hmac_sha512_reference, + ARRAY_SIZE(hmac_sha512_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha512(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA512_HMAC, + hmac_sha512_reference, + ARRAY_SIZE(hmac_sha512_reference), + false); +} + +static int check_alg_aes_gmac(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC); +} + +static void crypto_test_gen_alg_aes_gmac(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + aes_gmac_reference, + ARRAY_SIZE(aes_gmac_reference), + false); +} + +static void crypto_test_gen_alg_aes_gmac_ovr_iv(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + alg_test(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + &aes_gmac_reference[i], + true); +} + +static void crypto_test_check_alg_aes_gmac(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + aes_gmac_reference, + ARRAY_SIZE(aes_gmac_reference), + false); +} + +static void crypto_test_check_alg_aes_gmac_ovr_iv(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + alg_test(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + &aes_gmac_reference[i], + true); +} + +int crypto_suite_sync_init(void) +{ + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = ODP_QUEUE_INVALID; + suite_context.pref_mode = ODP_CRYPTO_SYNC; + return 0; +} + +int crypto_suite_async_init(void) +{ + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + suite_context.queue = odp_queue_lookup("crypto-out"); + if (suite_context.queue == ODP_QUEUE_INVALID) + return -1; + + suite_context.pref_mode = ODP_CRYPTO_ASYNC; + return 0; +} + +int crypto_suite_packet_sync_init(void) +{ + suite_context.packet = true; + suite_context.op_mode = ODP_CRYPTO_SYNC; + + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = ODP_QUEUE_INVALID; + return 0; +} + +int crypto_suite_packet_async_init(void) +{ + suite_context.packet = true; + suite_context.op_mode = ODP_CRYPTO_ASYNC; + + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = odp_queue_lookup("crypto-out"); + if (suite_context.queue == ODP_QUEUE_INVALID) + return -1; + return 0; +} + +odp_testinfo_t crypto_suite[] = { + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc_ovr_iv, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc_ovr_iv, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc_ovr_iv, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc_ovr_iv, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr_ovr_iv, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr_ovr_iv, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm_ovr_iv, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac_ovr_iv, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, + check_alg_aes_gmac), + ODP_TEST_INFO_NULL, +}; + +int crypto_suite_term(void) +{ + int i; + int first = 1; + + for (i = 0; crypto_suite[i].pName; i++) { + if (crypto_suite[i].check_active && + crypto_suite[i].check_active() == ODP_TEST_INACTIVE) { + if (first) { + first = 0; + printf("\n\n Inactive tests:\n"); + } + printf(" %s\n", crypto_suite[i].pName); + } + } + return 0; +} From patchwork Fri Jan 26 14:00:11 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125989 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp358007ljd; Fri, 26 Jan 2018 06:04:41 -0800 (PST) X-Google-Smtp-Source: AH8x2275WqJOTVxJLSHIxQ+taQeIK8E6vlowOTFPouNhIf9ETU6yn4tIoq6GB5rpLx4TbpUg9pJf X-Received: by 10.37.66.66 with SMTP id p63mr11383238yba.27.1516975481213; Fri, 26 Jan 2018 06:04:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516975481; cv=none; d=google.com; s=arc-20160816; b=eWC6VWEUO1iOQnAW96K+V8DMxEt2Q5xBWjiYrsJf0BeaU39Jvtlih0kEHFVOKhVR6/ vOGkhtK5My3giqPybLcoz2/qdNzPAET3fWh1S4Bqw+Z4OF0KsMKquOjGEUU9h/HFXcmk OWBCncGQKuWyLlNzoCMtYliNZLoWAf8pE53m4AF6pbUg/q2dp+Tx5/WQk5s8YyXiHAk2 HHrYXoZkpyCXX0tx3WVL57UwcVTot+m5brFx6f0VSnnzY9jChK9otId7bCAJomN7fM/s 9cvjUjXW1ZSqmmvSTOW/kiU+DzYCOxrKPnOZuWFGEBeqxoQs3yUm3E4E5/RI0+f2Xe1W Ic7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=PUU1A/0mYjH8UDedJO3QbLY8vB8OCzQvvrRAFU6qLag=; b=pJsYaq2JNW3HNAvM9W9efQ/X6VrksuyE4S9ydS6hhwmXQ3ymDeShIsevjhVPTqAgPq EFIUPcQVpHOo2pHzsOD/LIGb6/H9puMsfql6q9xZDLv9pdgghFnswPEPNRy6cavscLq3 xY+NjG8BHUpMtpvw6SSo7EW5M06gPrcy/pZFhoXRDS6FLJyn4xVQ+MY/3qaYaKGg56ul XHYSg72o3Y3Vfb5/rZQw3HF/345mpHlyhOxDUQwAb70C88j/P+kCAAYICzwDy7iBZylO 8u1KkwB0ELGHh31t2zQ8twpSXmgCz4VMSv52gU7xhwQ/eVi45kQb/VWvepokfjC+uLgh y35g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id x28si4927375qtc.224.2018.01.26.06.04.40; Fri, 26 Jan 2018 06:04:41 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id DDBB2617E4; Fri, 26 Jan 2018 14:04:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id F2083617E2; Fri, 26 Jan 2018 14:00:54 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 803BB617D6; Fri, 26 Jan 2018 14:00:31 +0000 (UTC) Received: from forward105j.mail.yandex.net (forward105j.mail.yandex.net [5.45.198.248]) by lists.linaro.org (Postfix) with ESMTPS id A57C061508 for ; Fri, 26 Jan 2018 14:00:19 +0000 (UTC) Received: from mxback3g.mail.yandex.net (mxback3g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:164]) by forward105j.mail.yandex.net (Yandex) with ESMTP id EBAF318387B for ; Fri, 26 Jan 2018 17:00:17 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback3g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 2o8PCcWbsm-0HDunq5b; Fri, 26 Jan 2018 17:00:17 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eWPAvjBUnV-0H1G6wRU; Fri, 26 Jan 2018 17:00:17 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 26 Jan 2018 17:00:11 +0300 Message-Id: <1516975214-22205-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> References: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v5 3/6] validation: crypto: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 2e711497bfd4fd2a2ca2c0882de3d93ae7d567af **/ test/validation/api/crypto/odp_crypto_test_inp.c | 72 ++++++++++++ test/validation/api/crypto/test_vectors.h | 140 +++++++++++++++++++++++ test/validation/api/crypto/test_vectors_len.h | 7 +- 3 files changed, 218 insertions(+), 1 deletion(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 2b0ba1cd9..dfcd4793b 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -52,6 +52,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GCM"; case ODP_AUTH_ALG_AES_GMAC: return "ODP_AUTH_ALG_AES_GMAC"; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: return "Unknown"; } @@ -70,6 +72,8 @@ static const char *cipher_alg_name(odp_cipher_alg_t cipher) return "ODP_CIPHER_ALG_AES_CBC"; case ODP_CIPHER_ALG_AES_GCM: return "ODP_CIPHER_ALG_AES_GCM"; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + return "ODP_CIPHER_ALG_CHACHA20_POLY1305"; default: return "Unknown"; } @@ -473,6 +477,9 @@ static void check_alg(odp_crypto_op_t op, if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && !(capa.ciphers.bit.aes_gcm)) rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305 && + !(capa.ciphers.bit.chacha20_poly1305)) + rc = -1; if (cipher_alg == ODP_CIPHER_ALG_DES && !(capa.ciphers.bit.des)) rc = -1; @@ -489,6 +496,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_CHACHA20_POLY1305 && + !(capa.auths.bit.chacha20_poly1305)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && !(capa.auths.bit.md5_hmac)) rc = -1; @@ -657,6 +667,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capability.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -692,6 +706,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capability.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -788,6 +806,52 @@ static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) true); } +static int check_alg_chacha20_poly1305(void) +{ + return check_alg_support(ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305); +} + +static void crypto_test_enc_alg_chacha20_poly1305(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + false); +} + +static void crypto_test_enc_alg_chacha20_poly1305_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + true); +} + +static void crypto_test_dec_alg_chacha20_poly1305(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + false); +} + +static void crypto_test_dec_alg_chacha20_poly1305_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + true); +} + static int check_alg_aes_gcm(void) { return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); @@ -1250,6 +1314,14 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gcm), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305_ovr_iv, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_chacha20_poly1305, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_chacha20_poly1305_ovr_iv, + check_alg_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, check_alg_hmac_md5), ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 9c0b844d1..3228c0dad 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -477,6 +477,146 @@ static crypto_test_reference_t aes_gmac_reference[] = { }, }; +/* + * Test vector from RFC 7539, sections 2.8.2, A.5: + * https://tools.ietf.org/html/rfc7539#section-2.8.2 + * https://tools.ietf.org/html/rfc7539#appendix-A.5 + */ +static crypto_test_reference_t chacha20_poly1305_reference[] = { + { + .cipher_key_length = CHACHA20_POLY1305_KEY_LEN, + .cipher_key = { 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f}, + .cipher_iv_length = CHACHA20_POLY1305_IV_LEN, + .cipher_iv = { 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47 }, + .length = 114, + .plaintext = { 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, + 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, + 0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73, + 0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39, + 0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63, + 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66, + 0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f, + 0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20, + 0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75, + 0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73, + 0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, + 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, + 0x74, 0x2e }, + .ciphertext = { 0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb, + 0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2, + 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe, + 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6, + 0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12, + 0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b, + 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29, + 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36, + 0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c, + 0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58, + 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94, + 0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc, + 0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d, + 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b, + 0x61, 0x16 }, + .aad_length = 12, + .aad = { 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, + 0xc5, 0xc6, 0xc7 }, + .digest_length = 16, + .digest = { 0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a, + 0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91 } + }, + { + .cipher_key_length = CHACHA20_POLY1305_KEY_LEN, + .cipher_key = { 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a, + 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0, + 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09, + 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0}, + .cipher_iv_length = CHACHA20_POLY1305_IV_LEN, + .cipher_iv = { 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08 }, + .length = 265, + .plaintext = { 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, + 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x73, 0x20, + 0x61, 0x72, 0x65, 0x20, 0x64, 0x72, 0x61, 0x66, + 0x74, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, + 0x6e, 0x74, 0x73, 0x20, 0x76, 0x61, 0x6c, 0x69, + 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x61, 0x20, + 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x20, + 0x6f, 0x66, 0x20, 0x73, 0x69, 0x78, 0x20, 0x6d, + 0x6f, 0x6e, 0x74, 0x68, 0x73, 0x20, 0x61, 0x6e, + 0x64, 0x20, 0x6d, 0x61, 0x79, 0x20, 0x62, 0x65, + 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, + 0x2c, 0x20, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, + 0x65, 0x64, 0x2c, 0x20, 0x6f, 0x72, 0x20, 0x6f, + 0x62, 0x73, 0x6f, 0x6c, 0x65, 0x74, 0x65, 0x64, + 0x20, 0x62, 0x79, 0x20, 0x6f, 0x74, 0x68, 0x65, + 0x72, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, + 0x6e, 0x74, 0x73, 0x20, 0x61, 0x74, 0x20, 0x61, + 0x6e, 0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x2e, + 0x20, 0x49, 0x74, 0x20, 0x69, 0x73, 0x20, 0x69, + 0x6e, 0x61, 0x70, 0x70, 0x72, 0x6f, 0x70, 0x72, + 0x69, 0x61, 0x74, 0x65, 0x20, 0x74, 0x6f, 0x20, + 0x75, 0x73, 0x65, 0x20, 0x49, 0x6e, 0x74, 0x65, + 0x72, 0x6e, 0x65, 0x74, 0x2d, 0x44, 0x72, 0x61, + 0x66, 0x74, 0x73, 0x20, 0x61, 0x73, 0x20, 0x72, + 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, + 0x20, 0x6d, 0x61, 0x74, 0x65, 0x72, 0x69, 0x61, + 0x6c, 0x20, 0x6f, 0x72, 0x20, 0x74, 0x6f, 0x20, + 0x63, 0x69, 0x74, 0x65, 0x20, 0x74, 0x68, 0x65, + 0x6d, 0x20, 0x6f, 0x74, 0x68, 0x65, 0x72, 0x20, + 0x74, 0x68, 0x61, 0x6e, 0x20, 0x61, 0x73, 0x20, + 0x2f, 0xe2, 0x80, 0x9c, 0x77, 0x6f, 0x72, 0x6b, + 0x20, 0x69, 0x6e, 0x20, 0x70, 0x72, 0x6f, 0x67, + 0x72, 0x65, 0x73, 0x73, 0x2e, 0x2f, 0xe2, 0x80, + 0x9d }, + .ciphertext = { 0x64, 0xa0, 0x86, 0x15, 0x75, 0x86, 0x1a, 0xf4, + 0x60, 0xf0, 0x62, 0xc7, 0x9b, 0xe6, 0x43, 0xbd, + 0x5e, 0x80, 0x5c, 0xfd, 0x34, 0x5c, 0xf3, 0x89, + 0xf1, 0x08, 0x67, 0x0a, 0xc7, 0x6c, 0x8c, 0xb2, + 0x4c, 0x6c, 0xfc, 0x18, 0x75, 0x5d, 0x43, 0xee, + 0xa0, 0x9e, 0xe9, 0x4e, 0x38, 0x2d, 0x26, 0xb0, + 0xbd, 0xb7, 0xb7, 0x3c, 0x32, 0x1b, 0x01, 0x00, + 0xd4, 0xf0, 0x3b, 0x7f, 0x35, 0x58, 0x94, 0xcf, + 0x33, 0x2f, 0x83, 0x0e, 0x71, 0x0b, 0x97, 0xce, + 0x98, 0xc8, 0xa8, 0x4a, 0xbd, 0x0b, 0x94, 0x81, + 0x14, 0xad, 0x17, 0x6e, 0x00, 0x8d, 0x33, 0xbd, + 0x60, 0xf9, 0x82, 0xb1, 0xff, 0x37, 0xc8, 0x55, + 0x97, 0x97, 0xa0, 0x6e, 0xf4, 0xf0, 0xef, 0x61, + 0xc1, 0x86, 0x32, 0x4e, 0x2b, 0x35, 0x06, 0x38, + 0x36, 0x06, 0x90, 0x7b, 0x6a, 0x7c, 0x02, 0xb0, + 0xf9, 0xf6, 0x15, 0x7b, 0x53, 0xc8, 0x67, 0xe4, + 0xb9, 0x16, 0x6c, 0x76, 0x7b, 0x80, 0x4d, 0x46, + 0xa5, 0x9b, 0x52, 0x16, 0xcd, 0xe7, 0xa4, 0xe9, + 0x90, 0x40, 0xc5, 0xa4, 0x04, 0x33, 0x22, 0x5e, + 0xe2, 0x82, 0xa1, 0xb0, 0xa0, 0x6c, 0x52, 0x3e, + 0xaf, 0x45, 0x34, 0xd7, 0xf8, 0x3f, 0xa1, 0x15, + 0x5b, 0x00, 0x47, 0x71, 0x8c, 0xbc, 0x54, 0x6a, + 0x0d, 0x07, 0x2b, 0x04, 0xb3, 0x56, 0x4e, 0xea, + 0x1b, 0x42, 0x22, 0x73, 0xf5, 0x48, 0x27, 0x1a, + 0x0b, 0xb2, 0x31, 0x60, 0x53, 0xfa, 0x76, 0x99, + 0x19, 0x55, 0xeb, 0xd6, 0x31, 0x59, 0x43, 0x4e, + 0xce, 0xbb, 0x4e, 0x46, 0x6d, 0xae, 0x5a, 0x10, + 0x73, 0xa6, 0x72, 0x76, 0x27, 0x09, 0x7a, 0x10, + 0x49, 0xe6, 0x17, 0xd9, 0x1d, 0x36, 0x10, 0x94, + 0xfa, 0x68, 0xf0, 0xff, 0x77, 0x98, 0x71, 0x30, + 0x30, 0x5b, 0xea, 0xba, 0x2e, 0xda, 0x04, 0xdf, + 0x99, 0x7b, 0x71, 0x4d, 0x6c, 0x6f, 0x2c, 0x29, + 0xa6, 0xad, 0x5c, 0xb4, 0x02, 0x2b, 0x02, 0x70, + 0x9b }, + .aad_length = 12, + .aad = { 0xf3, 0x33, 0x88, 0x86, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x4e, 0x91 }, + .digest_length = CHACHA20_POLY1305_CHECK_LEN, + .digest = { 0xee, 0xad, 0x9d, 0x67, 0x89, 0x0c, 0xbb, 0x22, + 0x39, 0x23, 0x36, 0xfe, 0xa1, 0x85, 0x1f, 0x38 } + }, +}; + static crypto_test_reference_t hmac_md5_reference[] = { { .auth_key_length = HMAC_MD5_KEY_LEN, diff --git a/test/validation/api/crypto/test_vectors_len.h b/test/validation/api/crypto/test_vectors_len.h index 2551b054c..d41c7b286 100644 --- a/test/validation/api/crypto/test_vectors_len.h +++ b/test/validation/api/crypto/test_vectors_len.h @@ -9,7 +9,7 @@ /* Maximum */ #define MAX_KEY_LEN 64 #define MAX_IV_LEN 16 -#define MAX_DATA_LEN 128 +#define MAX_DATA_LEN 270 #define MAX_AAD_LEN 12 #define MAX_DIGEST_LEN 64 @@ -74,4 +74,9 @@ #define HMAC_SHA512_256_CHECK_LEN 32 #define HMAC_SHA512_CHECK_LEN 64 +/* ChaCha20-Poly1305 */ +#define CHACHA20_POLY1305_KEY_LEN 32 +#define CHACHA20_POLY1305_IV_LEN 12 +#define CHACHA20_POLY1305_CHECK_LEN 16 + #endif From patchwork Fri Jan 26 14:00:12 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125988 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp356349ljd; Fri, 26 Jan 2018 06:02:44 -0800 (PST) X-Google-Smtp-Source: AH8x226xbMrLmmvlLdkAN9G2dPVXuWMZP+cJq5a5LCPU1U11dNjKiEJr8fImfUVHnEIpufBoemwi X-Received: by 10.13.214.80 with SMTP id y77mr7695198ywd.103.1516975363811; Fri, 26 Jan 2018 06:02:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516975363; cv=none; d=google.com; s=arc-20160816; b=PJOODq7rdwpMQavv4SLKOctGzalcaLFgK0jWHcPuqYkXmSLd2JzSH2mQqB/NcIuc+A gohTB+bIxQP2M+9ke3H8ySnDIYdQ8B+5VKwlTIF/B9tyWCa+wPCEctLFJTxm3XfvJyEs SQkvNh5WSW46m5piN3HNpq2NML65RursPjZPcg6XkgLN/p3sAar/B4Rzvee+eci6f38s DuFRsHZQnzUnwoPEn2kQFVVLgIs0mNIfpwcCo29/mPlH1WZ1qJbVSvv0ZQCXV3eRG+UB p+C/IwwQCThssUQe+XMkpUL1D2K0HCxePaAxgPzljefH1pfR2v+hFTrwBf5jTRmlTStg p3CA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=/8euoL8BOU7dgWvE0qZb4Y0m5zEvXYeEnt47Q4FeR9A=; b=k6Mpbs/blvoLBphs3y5y9mmoTvzczMAuJa+JFZmfo90dDE62So7VNplbd176GzmRDh YajwctXa7WpeocEHIyx8ER/hgJ+i3o78jBtujqM3Lt8GIexaQSWPHGlIEKObx9vVEgYt dJd2DRvRSRTPIMEcg5XQxh/lzuWzhwoZFo987f0xwx7wYDy+9S0COxWogqNA4cHpkL7q MIz0M2kdWoZIrC6yI3TEZS0BZJ7TSKoI4hyuYQsQFcFxUTC6OP+NoDqeNpVUaXhiqjjc d0fwaVLab5Ab+773sl4Ugv+tkj+BL3DthDMDGNvjrfui2//4P5pvJdZwxCoPy7yrkWAT 8QXA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id v4si920535ywf.683.2018.01.26.06.02.43; Fri, 26 Jan 2018 06:02:43 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 5288F617CA; Fri, 26 Jan 2018 14:02:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 71175617B3; Fri, 26 Jan 2018 14:00:42 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 693F7617D3; Fri, 26 Jan 2018 14:00:26 +0000 (UTC) Received: from forward100o.mail.yandex.net (forward100o.mail.yandex.net [37.140.190.180]) by lists.linaro.org (Postfix) with ESMTPS id D761161777 for ; Fri, 26 Jan 2018 14:00:20 +0000 (UTC) Received: from mxback9o.mail.yandex.net (mxback9o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::23]) by forward100o.mail.yandex.net (Yandex) with ESMTP id A10F82A2214D for ; Fri, 26 Jan 2018 17:00:19 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback9o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id bsBTrWL4N1-0IGCvoXr; Fri, 26 Jan 2018 17:00:19 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eWPAvjBUnV-0H1G6BT6; Fri, 26 Jan 2018 17:00:18 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 26 Jan 2018 17:00:12 +0300 Message-Id: <1516975214-22205-5-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> References: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v5 4/6] linux-gen: crypto: support ChaCha20-Poly1305 X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov OpenSSL >= 1.1.0 supports ChaCha20-Poly1305 AEAD cipher, so let's support it in linux-generic. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 2e711497bfd4fd2a2ca2c0882de3d93ae7d567af **/ platform/linux-generic/odp_crypto.c | 57 +++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index e1d1c84b2..574671e07 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -28,6 +28,12 @@ #include #include +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_POLY1305) +#define _ODP_HAVE_CHACHA20_POLY1305 1 +#else +#define _ODP_HAVE_CHACHA20_POLY1305 0 +#endif + #define MAX_SESSIONS 32 /* @@ -56,6 +62,11 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { {.key_len = 24, .iv_len = 12}, {.key_len = 32, .iv_len = 12} }; +#if _ODP_HAVE_CHACHA20_POLY1305 +static const odp_crypto_cipher_capability_t cipher_capa_chacha20_poly1305[] = { +{.key_len = 32, .iv_len = 12} }; +#endif + /* * Authentication algorithm capabilities * @@ -87,6 +98,11 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, .iv_len = 12 } }; +#if _ODP_HAVE_CHACHA20_POLY1305 +static const odp_crypto_auth_capability_t auth_capa_chacha20_poly1305[] = { +{.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; +#endif + /** Forward declaration of session structure */ typedef struct odp_crypto_generic_session_t odp_crypto_generic_session_t; @@ -773,6 +789,9 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->ciphers.bit.aes_cbc = 1; capa->ciphers.bit.aes_ctr = 1; capa->ciphers.bit.aes_gcm = 1; +#if _ODP_HAVE_CHACHA20_POLY1305 + capa->ciphers.bit.chacha20_poly1305 = 1; +#endif capa->auths.bit.null = 1; capa->auths.bit.md5_hmac = 1; @@ -781,6 +800,9 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.sha512_hmac = 1; capa->auths.bit.aes_gcm = 1; capa->auths.bit.aes_gmac = 1; +#if _ODP_HAVE_CHACHA20_POLY1305 + capa->auths.bit.chacha20_poly1305 = 1; +#endif #if ODP_DEPRECATED_API capa->ciphers.bit.aes128_cbc = 1; @@ -824,6 +846,12 @@ int odp_crypto_cipher_capability(odp_cipher_alg_t cipher, src = cipher_capa_aes_gcm; num = sizeof(cipher_capa_aes_gcm) / size; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + src = cipher_capa_chacha20_poly1305; + num = sizeof(cipher_capa_chacha20_poly1305) / size; + break; +#endif default: return -1; } @@ -872,6 +900,12 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_aes_gmac; num = sizeof(auth_capa_aes_gmac) / size; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_AUTH_ALG_CHACHA20_POLY1305: + src = auth_capa_chacha20_poly1305; + num = sizeof(auth_capa_chacha20_poly1305) / size; + break; +#endif default: return -1; } @@ -993,6 +1027,17 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + /* ChaCha20_Poly1305 requires to do both auth and + * cipher at the same time */ + if (param->auth_alg != ODP_AUTH_ALG_CHACHA20_POLY1305) + rc = -1; + else + rc = process_aes_gcm_param(session, + EVP_chacha20_poly1305()); + break; +#endif default: rc = -1; } @@ -1063,6 +1108,18 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_AUTH_ALG_CHACHA20_POLY1305: + /* ChaCha20_Poly1305 requires to do both auth and + * cipher at the same time */ + if (param->cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305) { + session->auth.func = null_crypto_routine; + rc = 0; + } else { + rc = -1; + } + break; +#endif default: rc = -1; } From patchwork Fri Jan 26 14:00:13 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125991 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp364203ljd; Fri, 26 Jan 2018 06:13:11 -0800 (PST) X-Google-Smtp-Source: AH8x2271TBQW6qfmqMMiBLzkCzwjPGmsqKOJZrbnk7+3YM8Zb1e5MuwZpPWrPMDi8iUDEWRQOhr4 X-Received: by 10.55.104.17 with SMTP id d17mr20146213qkc.306.1516975991406; Fri, 26 Jan 2018 06:13:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516975991; cv=none; d=google.com; s=arc-20160816; b=LIstYkLm5804b6KNJOHbl9dmHyQifYCcQctY6A/ABuM7a1r/BpwLV77W961I7bNEvr Fx2SZJTA+EE5dwe1ZejJIgsN1XhGBasC7ZvoUz0H9FrF1pxWObJEeeY/tcwa0Zu73sW+ uSjL8sfyysSx/AuKTyLuwUAnKtU3e+ceyswWsm6K2aU1HP4cecq8UTXHT0ZOgD95S6wj ZeICKlmuYSDm+vBmgmzumVvuGsiC1e7aRi5GOgPIgVya2E9JXxnLXAQXMFd/XcydaGr9 tTU1rQ8qUHRIPcgBUQZDmipffR8gKgZc6ZvBiCzfADvdbfteakCoZJbOLN0iF0CY2G7O gKEw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=4iljWUTqR+VgKyMojeZEjYjULQ3Bwrdn4HOB4SpZ85s=; b=o57eJuhGF6XG2LTA3VVYFBbjjCU3R7VZeoOl1VKtc1Z1KnpvJpD1EKW+vgELjtqgHv STwC94Fl1Qs4njxlyiV4X0Nw3FP6Dq6kMaMOCFfXjbJAzqpjHey1qhB8mvrRZ4EeE1X4 S0q0EshsTVpPI00OFMuBgImPVOMA7Asw1UTteXfQG8WoCtmjWlDUCdphunOHzwhTN5v2 dk1TBnbPKTR0lF4lKF2+RUPiZfibW4kax2wcLmSaxwJf0mG6U+rSrPQMq0Ts8wDzuSO0 VVGytm0pCHnrwkqRYJejFuONHGGIBcaOE1hu1e+s8fQYqOGstYV2o4IIGzFWeWIc0Wm5 3N2w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id x78si5211963qkx.129.2018.01.26.06.13.10; Fri, 26 Jan 2018 06:13:11 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id BB150617EB; Fri, 26 Jan 2018 14:13:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 18346617BA; Fri, 26 Jan 2018 14:01:36 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 99990617FD; Fri, 26 Jan 2018 14:01:29 +0000 (UTC) Received: from forward103p.mail.yandex.net (forward103p.mail.yandex.net [77.88.28.106]) by lists.linaro.org (Postfix) with ESMTPS id E05BF617BA for ; Fri, 26 Jan 2018 14:00:21 +0000 (UTC) Received: from mxback11g.mail.yandex.net (mxback11g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:90]) by forward103p.mail.yandex.net (Yandex) with ESMTP id 64ACF2184F41 for ; Fri, 26 Jan 2018 17:00:20 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback11g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id eTKpe1TPqA-0KJCmJ1O; Fri, 26 Jan 2018 17:00:20 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eWPAvjBUnV-0J1SmFQm; Fri, 26 Jan 2018 17:00:19 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 26 Jan 2018 17:00:13 +0300 Message-Id: <1516975214-22205-6-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> References: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v5 5/6] validation: ipsec: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 2e711497bfd4fd2a2ca2c0882de3d93ae7d567af **/ test/validation/api/ipsec/ipsec.c | 14 +++++++ test/validation/api/ipsec/ipsec.h | 1 + test/validation/api/ipsec/ipsec_test_in.c | 33 +++++++++++++++ test/validation/api/ipsec/ipsec_test_out.c | 44 ++++++++++++++++++++ test/validation/api/ipsec/test_vectors.h | 66 ++++++++++++++++++++++++++++++ 5 files changed, 158 insertions(+) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 5d3112a27..31bd557fe 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -177,6 +177,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capa.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -212,6 +216,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capa.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -313,6 +321,12 @@ int ipsec_check_esp_null_aes_gmac_128(void) ODP_AUTH_ALG_AES_GMAC, 128); } +int ipsec_check_esp_chacha20_poly1305(void) +{ + return ipsec_check_esp(ODP_CIPHER_ALG_CHACHA20_POLY1305, 256, + ODP_AUTH_ALG_CHACHA20_POLY1305, 0); +} + void ipsec_sa_param_fill(odp_ipsec_sa_param_t *param, odp_bool_t in, odp_bool_t ah, diff --git a/test/validation/api/ipsec/ipsec.h b/test/validation/api/ipsec/ipsec.h index 31ebed789..7ba9ef10e 100644 --- a/test/validation/api/ipsec/ipsec.h +++ b/test/validation/api/ipsec/ipsec.h @@ -91,5 +91,6 @@ int ipsec_check_esp_aes_gcm_128(void); int ipsec_check_esp_aes_gcm_256(void); int ipsec_check_ah_aes_gmac_128(void); int ipsec_check_esp_null_aes_gmac_128(void); +int ipsec_check_esp_chacha20_poly1305(void); #endif diff --git a/test/validation/api/ipsec/ipsec_test_in.c b/test/validation/api/ipsec/ipsec_test_in.c index 8a82abe49..8138defb5 100644 --- a/test/validation/api/ipsec/ipsec_test_in.c +++ b/test/validation/api/ipsec/ipsec_test_in.c @@ -1136,6 +1136,37 @@ static void test_in_ipv4_mcgrew_gcm_15_esp(void) ipsec_sa_destroy(sa); } +static void test_in_ipv4_rfc7634_chacha(void) +{ + odp_ipsec_tunnel_param_t tunnel = {}; + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + + ipsec_sa_param_fill(¶m, + true, false, 0x01020304, &tunnel, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_rfc7634_esp, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_rfc7634}, + }, + }; + + ipsec_check_in_one(&test, sa); + + ipsec_sa_destroy(sa); +} + static void test_in_ipv4_ah_aes_gmac_128(void) { odp_ipsec_sa_param_t param; @@ -1474,6 +1505,8 @@ odp_testinfo_t ipsec_in_suite[] = { #endif ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_mcgrew_gcm_15_esp, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_rfc7634_chacha, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256_tun_ipv4, diff --git a/test/validation/api/ipsec/ipsec_test_out.c b/test/validation/api/ipsec/ipsec_test_out.c index 971fbbf8d..0f49c7e1f 100644 --- a/test/validation/api/ipsec/ipsec_test_out.c +++ b/test/validation/api/ipsec/ipsec_test_out.c @@ -500,6 +500,48 @@ static void test_out_ipv4_esp_null_aes_gmac_128(void) ipsec_sa_destroy(sa); } +static void test_out_ipv4_esp_chacha20_poly1305(void) +{ + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + odp_ipsec_sa_t sa2; + + ipsec_sa_param_fill(¶m, + false, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_sa_param_fill(¶m, + true, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa2 = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_icmp_0, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_icmp_0 }, + }, + }; + + ipsec_check_out_in_one(&test, sa, sa2); + + ipsec_sa_destroy(sa2); + ipsec_sa_destroy(sa); +} + static void test_out_ipv4_ah_sha256_frag_check(void) { odp_ipsec_sa_param_t param; @@ -978,6 +1020,8 @@ odp_testinfo_t ipsec_out_suite[] = { ipsec_check_ah_aes_gmac_128), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_null_aes_gmac_128, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_chacha20_poly1305, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check_2, diff --git a/test/validation/api/ipsec/test_vectors.h b/test/validation/api/ipsec/test_vectors.h index 4732d6ca5..f14fdb2b3 100644 --- a/test/validation/api/ipsec/test_vectors.h +++ b/test/validation/api/ipsec/test_vectors.h @@ -48,6 +48,11 @@ KEY(key_mcgrew_gcm_salt_12, 0xd9, 0x66, 0x42, 0x67); KEY(key_mcgrew_gcm_15, 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34); KEY(key_mcgrew_gcm_salt_15, 0x22, 0x43, 0x3c, 0x64); +KEY(key_rfc7634, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f); +KEY(key_rfc7634_salt, 0xa0, 0xa1, 0xa2, 0xa3); static const ODP_UNUSED ipsec_test_packet pkt_ipv4_icmp_0 = { .len = 142, @@ -1730,6 +1735,67 @@ static const ipsec_test_packet pkt_mcgrew_gcm_test_15_esp = { }, }; +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634 = { + .len = 98, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x54, 0xa6, 0xf2, 0x00, 0x00, + 0x40, 0x01, 0xe7, 0x78, 0xc6, 0x33, 0x64, 0x05, + 0xc0, 0x00, 0x02, 0x05, + + /* ICMP */ + 0x08, 0x00, 0x5b, 0x7a, 0x3a, 0x08, 0x00, 0x00, + 0x55, 0x3b, 0xec, 0x10, 0x00, 0x07, 0x36, 0x27, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, +}; + +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634_esp = { + .len = 154, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x8c, 0x23, 0x45, 0x00, 0x00, + 0x40, 0x32, 0xde, 0x5b, 0xcb, 0x00, 0x71, 0x99, + 0xcb, 0x00, 0x71, 0x05, + + /* ESP */ + 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x05, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x24, 0x03, 0x94, 0x28, 0xb9, 0x7f, 0x41, 0x7e, + 0x3c, 0x13, 0x75, 0x3a, 0x4f, 0x05, 0x08, 0x7b, + 0x67, 0xc3, 0x52, 0xe6, 0xa7, 0xfa, 0xb1, 0xb9, + 0x82, 0xd4, 0x66, 0xef, 0x40, 0x7a, 0xe5, 0xc6, + 0x14, 0xee, 0x80, 0x99, 0xd5, 0x28, 0x44, 0xeb, + 0x61, 0xaa, 0x95, 0xdf, 0xab, 0x4c, 0x02, 0xf7, + 0x2a, 0xa7, 0x1e, 0x7c, 0x4c, 0x4f, 0x64, 0xc9, + 0xbe, 0xfe, 0x2f, 0xac, 0xc6, 0x38, 0xe8, 0xf3, + 0xcb, 0xec, 0x16, 0x3f, 0xac, 0x46, 0x9b, 0x50, + 0x27, 0x73, 0xf6, 0xfb, 0x94, 0xe6, 0x64, 0xda, + 0x91, 0x65, 0xb8, 0x28, 0x29, 0xf6, 0x41, 0xe0, + 0x76, 0xaa, 0xa8, 0x26, 0x6b, 0x7f, 0xb0, 0xf7, + 0xb1, 0x1b, 0x36, 0x99, 0x07, 0xe1, 0xad, 0x43, + }, +}; + static const ODP_UNUSED ipsec_test_packet pkt_ipv6_icmp_0_esp_udp_null_sha256_1 = { .len = 206, From patchwork Fri Jan 26 14:00:14 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 125992 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp364264ljd; Fri, 26 Jan 2018 06:13:18 -0800 (PST) X-Google-Smtp-Source: AH8x224cNoh8s8y7Z1vrJTEZFf7LQTcgXzlmlc5Jqyn0xCMOGQ5ViCS7uL0rtO5rpWOejCAoLmTR X-Received: by 10.37.172.79 with SMTP id r15mr2220660ybd.386.1516975998292; Fri, 26 Jan 2018 06:13:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516975998; cv=none; d=google.com; s=arc-20160816; b=to69uz1ymko7GHtRWNtnFttA6k2vkbiPTyoOldYPsGpXrjOGiWVmjSM2ydEZoFdFMY W6VV5kQi0p5xEXqMpeUUf3mzSQN7RklrLf6iyi8gDseV/oglv2caB3xKF63xn9kBzwkX 8LTDweE/SqdgpFRiJ66EyIPPJnhSTLi1AdCSr08scF+2sOVqVXGQsS61Qt+1Bandnujq 8UYm1ohPsazfh0DiONbts4vHO4LjEjqOuFjvQ0nGm1/8iz4gFBk2I8l0l0ikw3D8M5hK lfcF92MRTFcjVbbKBhLID2IA5sZbdkvlVnBkYeWOcLDzHlSAHIBO6m9vSJs+9cG6+xsO j1AQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=3JO68HgeJVu+Z5oRZmobm7DqSB7j9A3mZTX/fDBCYKo=; b=VqQzfu+m44HopED0DOXzNLzy4m5V/8TvAyvKhaWIhasRWOcziynPuegqXsojQvR+lK JSjXV1SLEzwXmk1GVF0zMNWa2c3Jjws9jQwV4UKCrsaqe3EvNNqplIXna74gsC8oT5YA Ngp5cZy3N/+a4WKK/pDPXJ5c2+ycASIIjEH/3ujCjgplU6rYWUDI33gTU5QhqtGMl3GP egmdxFJklhsLJakt2DEYvv3uJPQjn6FXf6DkJWfgchTR6lnCVy+tC/xHPuFtE4qg/TOV 0Lcy50JHb49aF6s08S+NdrzYJwhcHHrxZ4kOdVrlZe/a199wMMTmOTVkQ78Vy7CIKLSG kc8g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id c8si4241160qtn.103.2018.01.26.06.13.18; Fri, 26 Jan 2018 06:13:18 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id F2DBC617E7; Fri, 26 Jan 2018 14:13:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 78C0A617F4; Fri, 26 Jan 2018 14:01:42 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 17E90617BA; Fri, 26 Jan 2018 14:01:34 +0000 (UTC) Received: from forward102p.mail.yandex.net (forward102p.mail.yandex.net [77.88.28.102]) by lists.linaro.org (Postfix) with ESMTPS id 9C87960940 for ; Fri, 26 Jan 2018 14:00:22 +0000 (UTC) Received: from mxback17j.mail.yandex.net (mxback17j.mail.yandex.net [IPv6:2a02:6b8:0:1619::93]) by forward102p.mail.yandex.net (Yandex) with ESMTP id E9C754303508 for ; Fri, 26 Jan 2018 17:00:20 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback17j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id AcZbvYD3Bv-0KqO0IaU; Fri, 26 Jan 2018 17:00:20 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id eWPAvjBUnV-0K1SmdRE; Fri, 26 Jan 2018 17:00:20 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 26 Jan 2018 17:00:14 +0300 Message-Id: <1516975214-22205-7-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> References: <1516975214-22205-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 428 Subject: [lng-odp] [PATCH API-NEXT v5 6/6] linux-gen: ipsec: support ChaCha20-Poly1305 X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Support IPsec ChaCha20-Poly1305 on top of linux-generic's crypto support. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 428 (lumag:chacha-poly1305) ** https://github.com/Linaro/odp/pull/428 ** Patch: https://github.com/Linaro/odp/pull/428.patch ** Base sha: 44974a09b01c79adb9637a5dff38539598a76737 ** Merge commit sha: 2e711497bfd4fd2a2ca2c0882de3d93ae7d567af **/ platform/linux-generic/odp_ipsec.c | 1 + platform/linux-generic/odp_ipsec_sad.c | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index b6192377e..43d7b9f52 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -112,6 +112,7 @@ int odp_ipsec_auth_capability(odp_auth_alg_t auth, continue; if (ODP_AUTH_ALG_AES_GCM == auth || + ODP_AUTH_ALG_CHACHA20_POLY1305 == auth || ODP_DEPRECATE(ODP_AUTH_ALG_AES128_GCM) == auth) { uint8_t aad_len = 12; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 031adef65..d97735408 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -210,6 +210,8 @@ uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) #endif case ODP_CIPHER_ALG_AES_GCM: return 12; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + return 12; default: return (uint32_t)-1; } @@ -240,6 +242,8 @@ uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) case ODP_AUTH_ALG_AES_GCM: case ODP_AUTH_ALG_AES_GMAC: return 16; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + return 16; default: return (uint32_t)-1; } @@ -392,6 +396,11 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + ipsec_sa->use_counter_iv = 1; + ipsec_sa->esp_iv_len = 8; + ipsec_sa->esp_block_len = 1; + break; default: goto error; } @@ -411,6 +420,9 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_block_len = 16; crypto_param.auth_iv.length = 12; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); + break; default: break; }