From patchwork Wed Jul 9 18:41:58 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Bill Fischofer X-Patchwork-Id: 33346 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-vc0-f200.google.com (mail-vc0-f200.google.com [209.85.220.200]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id E1EEA208CF for ; Wed, 9 Jul 2014 18:42:22 +0000 (UTC) Received: by mail-vc0-f200.google.com with SMTP id id10sf25532659vcb.11 for ; Wed, 09 Jul 2014 11:42:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id :mime-version:subject:precedence:list-id:list-unsubscribe :list-archive:list-post:list-help:list-subscribe:errors-to:sender :x-original-sender:x-original-authentication-results:mailing-list :content-type:content-transfer-encoding; bh=7L40VrTR0pzsKHGWqym0b9/eLEuvIR/X0/1oA0+DcJo=; b=LA4i3kSFdSK3MrB+8M6Rrj4ErD65Z5Ws2je74pwm/1h9GuN3mPIJnHs66iP7CwUIn3 V0kUHbYyBd6ye8YFvPHHuEHnHU8GpIJjdOQC7be1IyrGa6JOzDtMaSy/fkUpW22AfKkM +5/MNVHIlgsOby1Kc2PIquefRCswQ94LSnzL5+pJIXIaohKyyEYsgLXLZN9wQK9PPiYm Jz2lreZbXR7Eofp20sVdfJOBPHBQrxXu8KG8i6Qj0LQUFtJHYY2R7azroLTVaPjQ1tOx E/EU52hNa3j9K7Grj4OdndkSuF14fHUrSwjwxIIl3FY02aXlJ0XPsRLGw/gDUcLpG/mg 4X6w== X-Gm-Message-State: ALoCoQng0ScxflhuukDVNAvEMUl7BW8No7DO/QfoK1VNo+FQ+4xsjOrkP/6fa5/Xr30xb/YNEeAq X-Received: by 10.236.23.230 with SMTP id v66mr18560581yhv.53.1404931342652; Wed, 09 Jul 2014 11:42:22 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.42.76 with SMTP id b70ls2459637qga.19.gmail; Wed, 09 Jul 2014 11:42:22 -0700 (PDT) X-Received: by 10.52.133.202 with SMTP id pe10mr1288978vdb.78.1404931342476; Wed, 09 Jul 2014 11:42:22 -0700 (PDT) Received: from mail-vc0-f180.google.com (mail-vc0-f180.google.com [209.85.220.180]) by mx.google.com with ESMTPS id r4si11025967vdr.12.2014.07.09.11.42.22 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 09 Jul 2014 11:42:22 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.180 as permitted sender) client-ip=209.85.220.180; Received: by mail-vc0-f180.google.com with SMTP id im17so7738192vcb.25 for ; Wed, 09 Jul 2014 11:42:22 -0700 (PDT) X-Received: by 10.221.26.10 with SMTP id rk10mr41153497vcb.0.1404931342290; Wed, 09 Jul 2014 11:42:22 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.221.37.5 with SMTP id tc5csp70250vcb; Wed, 9 Jul 2014 11:42:21 -0700 (PDT) X-Received: by 10.224.137.135 with SMTP id w7mr72239545qat.52.1404931341315; Wed, 09 Jul 2014 11:42:21 -0700 (PDT) Received: from ip-10-141-164-156.ec2.internal (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTPS id e1si60922060qag.55.2014.07.09.11.42.20 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 09 Jul 2014 11:42:21 -0700 (PDT) Received-SPF: none (google.com: lng-odp-bounces@lists.linaro.org does not designate permitted sender hosts) client-ip=54.225.227.206; Received: from localhost ([127.0.0.1] helo=ip-10-141-164-156.ec2.internal) by ip-10-141-164-156.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1X4wmi-0007rK-82; Wed, 09 Jul 2014 18:40:04 +0000 Received: from mail-ob0-f176.google.com ([209.85.214.176]) by ip-10-141-164-156.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1X4wma-0007pN-7Q for lng-odp@lists.linaro.org; Wed, 09 Jul 2014 18:39:56 +0000 Received: by mail-ob0-f176.google.com with SMTP id wo20so833619obc.35 for ; Wed, 09 Jul 2014 11:42:06 -0700 (PDT) X-Received: by 10.60.115.67 with SMTP id jm3mr49065254oeb.8.1404931326824; Wed, 09 Jul 2014 11:42:06 -0700 (PDT) Received: from localhost.localdomain (cpe-24-28-70-239.austin.res.rr.com. [24.28.70.239]) by mx.google.com with ESMTPSA id w2sm182279121oec.11.2014.07.09.11.42.05 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 09 Jul 2014 11:42:06 -0700 (PDT) From: Bill Fischofer To: lng-odp@lists.linaro.org Date: Wed, 9 Jul 2014 13:41:58 -0500 Message-Id: <1404931318-17565-1-git-send-email-bill.fischofer@linaro.org> X-Mailer: git-send-email 1.8.3.2 MIME-Version: 1.0 X-Topics: Architecture crypto patch Subject: [lng-odp] [PATCH ARCH] Add crypto design doc - V3 X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: lng-odp-bounces@lists.linaro.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: bill.fischofer@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.180 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Signed-off-by: Bill Fischofer --- crypto_design.dox | 556 ++++++++++++++++++++++++++++++++++++++++++++++++++ images/syncmodels.png | Bin 0 -> 17179 bytes 2 files changed, 556 insertions(+) create mode 100644 crypto_design.dox create mode 100644 images/syncmodels.png \ No newline at end of file diff --git a/images/syncmodels.png b/images/syncmodels.png new file mode 100644 index 0000000000000000000000000000000000000000..44e4c551bd803b7dd4320875699828d7f20d2044 GIT binary patch literal 17179 zcmch;XH?Tcv@Z$>iXhSqNDxrER8c~aDjh?WUL(Et-Vx~th$xXJz4smxnsljBLkDS* z-U&T7c+PqEth3g=pWb`(A^(+`Ju`dSo?U(urKTcJLIfnj!NDO>RFHXxgM;UcgM-UP zco&=V+&Rz%2S;jIQRa=N_smYZm=g1R%A)G;H}~-I@#)CiCI2J+roi>GZf!`WZf2C^ z)RvpX$JcFtiQ5qoYL6FkUycg*4Vd+@&4{rjkG>nkclWe8rfD1Kcc1XHC~lIRaY%yb z&#AzVI)|_y#V9pZhT`)S%d?B?+??Iw*B&jKn(0AesGPJrSZ@CB2`0NB4)JL96L+p} z2EA*#7UJYgNNv7slHc$~o1KpsjkR7Barezu`JrcdID~L;+5)WX%*UJQ&Yi``U%4(X zh-E}#FgHFdGdD9&|LPB(lF}u>&RE{s?M=6MF^#D=F|5EA(#mwgCLf6u_Q?2KQ*N}ioKasK+MwbOk$c3&Z~KIZ=mPa zLC?i`823#_G-G7OIGO%Zt?-*4ASFD1bOllAd=>Z=)0y0vs(aX((aGyG^fp5mz!EEf zF>d?iB8)~$oLa4x=o~?8D}fg;$+MVIVN%ak%xZb5y40sy{T31f2D7)Al2jElI=#fN zx)0-4Uf!(2BHt@6HeOe~;Bhg-@+!)V3ysYAsLS76mS&4ywdoKNCNv1JuK7MGSR~?}M)kid{}5SM^TJ#tde-1^ zqHAH7)P6A@4^IsHUVRggU`~aL0v88o>F0e|d~9In=Gaqy9!h71JGknx1kk5a>{LRn zJ7WiSU7d^tmr_kniLBtPMh%Gv_z#>Ks~I~B1j#>TDETJt+oLT^>%d$VrsQ^(^G805 zKs`qV`Q@O}XIF0R3S5rE1tG5KaReyD%~0XZj&qBhgXJ-OXdPjX%P#o z=imy!?b@^Bdbyh91U3fS1-8WVR+)p~rF@V<{4{`?m9{iM{V>%%rk<_FJQmO&;nng$ zrTh`()rUt!GGJ4Hs6_n$G;B|fguqa@K59S3=7BW#S1Y_73S6kJOv%g%BFORd1>Wru z!u2w4OV|4}Q}I>YDXg!02-Nv(Wm^-*Y!s7WMx3ro>HuA`z}u}pb7Wlla_sN$xCfeh z-W5g#rF8z`UH#Tx?|Sq_6f-@-8m^0-NE}>f=?0ZSkg?(OfT*s& zb{*dZs*0x%Ty1n#a>?cGHq3Fy=zNod!EhM~!B6L4R*B;U-8PoMFD@Qd*}L}J^ON5Q z3}1fu1ADd?Xm4aDO1ti>l2Ox^PN%VDw89)IJsE-(Op9QVU9&yPO_e*?h!qR&iJt;nIH)t~yf8;2sQj@A-&iD=n^v7>7X zc;w7TG_d4bWf^7^5ZGMr?sur<9VshcD!Ne3bXi7tV9IfIr74>H=iHEynQ_Er1O;1W zk>I$rnyotFAW|IyP#dhiq{>i+Ye7KUVEDs=;cp-67Si*Csi1BoR21Ne1U9ee<(e z{&18JjB@`B48?@mEPm@A`T+R6^(hEDWx-U@F$ouS;wIldeGtiCDpzj zfdKa#|H%{VV1xHqm!f}G#o(t=TSQ#U=4JOAti>7GRvj)oi$!`#5kRe^uSsCFF}1s+ zJO;GkMoocZc}bvxWu8aQ29|!{E@UXVi7X)9f{Brr!dd(}=7S_1aVRHtJd)rk(t1@V z_N8K;I_(qqxGySwr|%Ibvg84-6||UwIHlq5w^uTndMghI=He7JUg7GHT&bqI`+i_= ztxz_uU|I?dAsW3?e0v4f0-c^yxG4}l*v)G!R1y-@_VPa|sz zd)68tM(n|97s8&g+Lg$ZdS#~UhlVpA!Z{m#C2DhxGHrvl-+h$*8loFiH0};{B3IsR zWdodZ^gZc(9iidRH=J@(u!2C6lbpPcsxgI#ol`*OfkRPcvZng7?3Y)UO(3N-jH71- zQHldV@tK9#seT88b5Y(PlZhTUoe=gMVBsb=MPj4-5$>dNbTpF=S>#Mi|Gf{-k=J+&17tFy}ii>>nI7^tUSt%8z@- z+R0@A&uhTt>pE=^DwFjfJ$F;C=1~{aBE?cUaxj~R#~ufOThGm7I-oRst+i^U3XrR~ zoAQOFs|mk%yPn;YSh}`vkQG zEgbtJ3*baF?13RfJ+KUU)K6GL)IHtt8xfhpb*(}HE~TMDw1h52p@D?H|eLY&## zwR@Cp3Ii!e(CH?Hd^ztnl+@B^lnk5pAlxr2g97Au9vchAyYrrSbR|XZP|rvM+DsfOQHM zyimvyjSUhMntY}K6W(>=TA9MA`@ z3mUA+4I9pd?s=^yKf2!-gq^UX@ydJNsxb38gCvD&hO!d|7zyHf8zoz9Ii6N{R#Z}` z=adl4nYynyL?zQ4DpR1pQxkl&-Ya=d!^zt zpc*b;86HysqgiW|_ZK(6;~*U}&tIUxoHAu@pGAGW>h3nWdmFt)S|z0i^eJvlAij!a z8?AyVf2p#(`bQIaWP|G#;dX$a|139C&QVr4TPUGI4g374q!V*W0L|} zV>7MHT+>F1HV~LP&4YNDUS?f-DFK(NTCN$Fa2%Z%$8T)B1JUu=&5HAM35Wi70Mp04 z${R7~eKD4{v3FhlfAKUanj>s! zkJTIGY&t**PW-Bnj@BmYuLh4AIz^&_@8ASSurGx(qG#+IWXm5ls>~-16Q0PHLokAr z&h7W!(v~X@=1ng0lm*>chn4v)cQZEFY+89e-96l_(1`!l;^|R6Z+GQobA=rgj<++O z3+sMC2I#ZL-G!V4_u)<3@8* zQOwK0I1|UzutGtcF+L$y)eDAKto*5GMHZ9@% z_;a6cc#G9IQ!oT&kO@|l0j}5TyO@JeqBjM+k41i-6Wq>$s5x$fV`y@ZfkY<}ng;h? z1J_dY1!QyNUYXrOoso3g#Nf?+u|cpS zwUgKR2k39lxb#}H&4*Kefe=CB7U%wrsy2{*0jr2D?B6aPOaoWPWrO*y4Sv^5{oWVH zd;x&><&5=iiNuB_-2}$(jaga_wwZ03k<)IFeuuGjddUVKYSbkqP;@<)sF~X%02mJN z$>E^`{FzNt;a9o4 z2bl4j-Z#0+VMv{<2ltkD;kEmZ<@k)%b74-{dpVpi_!4_J{MXky66fE4?Dw`9=Rd#L z;{O}@k~kBC=3czvFBS&#Ai_C)vp3TCZ2@<1oEH0XIU&2_ER*%>*Sy(|ugRPb)gWVT@dYvB9aMN3!;lEn1ziTobeX#B~@}l1Ey1GKFui z12Iv^tWUk#rOs_{d&5z7wdH!as4|GdCU1dhQ8sFu2E$nV7T#KZdC0LX%DB*8u1IdN zV~K!t9F`Wcr)gBJ^V1o(MNOru|Ag%V%c2BLy-m=(xqR(^oT(9q{b-Sd$jjHFt(TB~ zVuZwj5CP6v;P}f@Q{y&06CJHTo~3wwM4$rgMzuB%SaZ4kMy{3csPyS->6CRTsykmL93Pg<4I9h)QWljA_45*zYK z%_U)Fc{b>yCC`Lsch|yZ$l6J8mK@26=aOFYR$6LF>WRa1W5$SuHl)5Ol8Ka$M5Fsy zR!}oqj~olnQu-nhOJB-W@0%&1No@7&Pg<>1I%vj@g#qp*970HtICfX!sAYNB*T0Z#bms3Us(7dL!PoabUw_<=(v0rRmQTK?wjJ-y}Wa z0lFmk`2k{Zr9qY;iiHjHp>Yr~juJHcH|J?Z7CR zQTHZp?Ygprh4CN@7Aoyn(@neMOOE<#AL6t~(W<`trf*_o(}-I8@za#7y+vHfh#Q%e z0}fo0w{OK04h~kF!uo7pa=M!{U0gpQe$Cq=CF8DF1&Ar?bCIUDp^DOSIe-ore*8cPk8oj>IDszVt z!#efRTC!`3Iey|{|2pgi-my|Fb-i~G8Y1KWjR)Y2bv9APh*f3#fPb7dMhAmg)gyyx z5l@x>bEHPjSJI-pJNAgf<#)I!g5-wPu0)D#=kkRxUvGgZynjpLY=n#U2W{N_Mi9hl zH-d?W62W9L0~9R_v@KU?3P)LdEpT;cqS@Z{rnvv&LQcSlk*fKUZP;~gOO)$wG8#8} zuFbze6l)bOp7FN3P}X#asYY{Aj6uT7crI37FREww*S3085AVaYPbCKKLDyzho5)a_ z0-(zG}sRlg}H|r;94{L@AFtg+F1(`Rz6fupGZENm924uUkHm4ix zhU)vZ7KE8iyZwUXN#{$texK`yi2Gib__y!d2a3Gvo9H$<8oR;Y@_7aed>41Ee5JB^ z@T_dMofuuq{k{1@3cE|tp~K2RR&q~~gxOIDIeA|1&X#zUb5xxQ)xpBp&V*zq*JjmV zZ-8?Vs6RSNc1)q~B2J4WNI;rP@re_^n0TDyJY-_=Et$OHSY??_24C!PT>ehZMGeVW z5k0M%I-=rycC0oMlae%c4?sBD8#Ge;0N;mmBQT?$P7KmH9=)!2*h;nPHzSG*MqZuf<6Dfk_xPM`WpWd zKTXw5-g(X-JMLv)TmHe+82}dqJo^@4MzhhP&=#B0^yItSL!%smYNTNdoF09?J0WBl z+bgD(rA{KFXmsremy1DZP&+%wUHKh|d~=Cg)R_#3;TXMcUaF8zI?=u2E@?w+?~2b0 zK5i2A24}RgB^lWQg0grGWAYv2N-}PX08cUd-lr z*ns1GBslX$vD-;xpJnBz1i5ZV6Im5wr;&Oai1I~NFeUoUwPx&8jm`JINV7$dXY6&# zv!!Ah)UOsKM@uo35LUrzq~)NCs3kv&#dLxQ3`e#l?zfX7gyQ+dt6CyistjcFh9dwt zen3xHYq^xmVbtW2C7#OWO>OkmJ7+dY|1vog1@hRjqDzs6!Ohah`+IO(LuGta7QpB&)qrcoI2||6j>pjSytw#lO z9D8icx^xN}vRuiOA~qBf->D;)F8L7LPYdp@uKHnqAC^sSHt3z#?jY4MJszOaflkU1 zV0v4PZ&=Yi5fg0pSIR+Kz8XKRRlZ4$7KHu`Q+?Cq_A@4edS2S{Qj*|zEx0WIPmJVb zpdAg5`8bo4L(L83?@e*OgX9WBUvE&&W$yygI5TN}tacj@XO6~*!?MZG0+hPWb-*_em`{hVk zkEJ&(hcT99yPO?+*nLFxtm=_p=?~MrjNPmU_n^Z}{K(gPsvIm0nSOQXh!tpHF8LJb zQUWtb7eR<0&z4@-{SM;vF5H)2;FYv4>arT_OWSqH zt{dJXLl4M7vodYz-?yelWZJ@#4xS}yGw8%84cg7$c$46wy7ujmLikvj)av(>Fk5LTUdtkghuHkOqR@GJthOSV|0MMVq_C9- zsy|P(88q{C1MVjpV|;sm8b(8qmE2^``!XA9fB@Q+C)HG)S5#McF|ud}BSNo1jtQ(I zyFAMMjSBu{K6_F@)OWeO;dxc3JtvnlQ;u)R0%e=7l^TDo9G_}h?J71Nb>rj2hmXD! zL)({6sw(36Gu+jzJ#TRq39d)x*$Jo5=kQedpXR#$t~u0Kf#e@|M`Ho3AUHNT(?VBKN+u4>28UWt%l|9t<< zaK}+yg?fO*nX=}vH=byVm7Y)0DN~*cT66xq#T^AimQ@koOvHXG%AIBLD4_Xc-*}w( zgsmK8HmSnD04M6Xc}mClW!p4Nz(E!XTe5zI>$Ul=WVJN9>We-(X~=QYeJ;1154~Ss zK(-n^cb>L-4yAOfzx(OMoyD0QEVpuVtLI}L3)&tbB%pgR^_Yd+qYh#OLi8qc;sNgj z@i3KbQ1m9UHGWG^6TNq3VNrBi;d8fcUrzwjgN~A1ysj}cv%Q`-X%%}M&CFYWDEC?S z=d0qRock+Wt~XZDI2{qsvU4u5^#@LiT&9BTe&TUe4W!7CO7 zI5_kgIo;oa3p9~FdRXlctLl2tVQuem>+xW?iV;@%2ZDg0%pdAVT%2Gzl3+OYX!G0h z+e#W0lw)NeBZCI5qb6ldIH^ED36@4}HnT#xkssDaJHN)BvGgT2ot()E1F`zFNgvYhP3WHsOEbN$a=z(D<1 z2c1SPv`o2qeauhK-r{fq9CX^Q!9$4((ofDJ1*BA}u$`Cn3P16SMTr zIdVpgucZ_0?9_E@61KcE@pfAu@^0_Sort5c-NliMyrXX21bO%xsq!?Q-kigcovJ&u zKYmU~MsmwJN_FXo?Ke2pL$xA}L54W6f;6nA%@Xi5boTHm#vCZ<^Y;qa=y_Br3X@-} zohc5MOWNES{VtZecm)cH^(z#yZ|3fEY<>5V(Xt%E~0`f`IE4#FLMjJshz)?ZI> zZD@ZPC+@x(`%A6l>!;k(bAmfy-VLyet+%C1lL9sp}MGCw@&E3^Zg=)5?wpBb-sR%S*pFPM9RToe&@ z*k%Q#XH9Whd*6|3TT^Ogc!6GFqm(o5x9Xn1v$eV}wX@fPj_D%>OL+CiynE!eM!V?? ztuk&NITRn=(eb5g3bq@&ct?t_9YIu_ZCBe}Z#Q+vw^^W$J~{(bhEjoOufHtMq1KMs z+>~o`ur}hfg+pw_5`{=#9s1;Y6hdSz6oHI&UzbfxOI{EM-*9pQ&6I;C(&Q2hB73xz`x^>5r+glgDL~^9r z@plrI1lpAzQ=qrIXn0AVFK&#{ZZ0Doj22gN+w^+d@%JIVVU~wBY(`=}?8E`PQ`{yC zH}=FRoOQ}LS9A(F@A(=}=qhjO^X4DxGZbe61xYmHchTD6A>j?SoBHaq$dp~$ad>rs z4FlfV%g$?zV0t?Ichw0)YvtnH{ZmOB+lt@J!m<4V_Hi`L9 z-G{b64IoLusS`(UeTQ7+a{R3ww~KAQ63^hQ4R-8LHIc8s1X_qpp~pp=1dg-nvPtPN zr~cS*gtfo;C$RwM@~w`F9K{6#^KVnvF$nANK4Jtz_T8Nzaf8C^XB3~${aBYA^>qy8 zjFS12;z;usP9NJ%=L`1;diUo)oQ4ZL=Kq>_fv3i=jaX?rd`~bJPHrhK22#$LN2TOC z4R=nIo3yytcxma%izp{kWz2k3?uN>tr!q1IkvFm9M^4^)K4rtgLDxwh2r9xITy9h< z5lnSG8Cl`6mF;%x2>yM!96JdPYHjjF^)vuNQ1zr<=+zCR9gFI<;7W_rS7<3)WAZ#j@s%D}TPQ zEJb&>n;?|jW`Zvr!wkrsy(TNU$8Suqk(OgIN+)CyCue@SX1SWq;rhk&-5QF}JqX$4 z%hG$T=Hnm+x%npDV_RQ=SNMjYm6np?46Ybi?>JIB&907IeM+{Mn}195P1^J3->crO zvX|$5F3nxMa;S7^-`ALHYS$gPLD_ujCKowt71!{WikHkemE+;Ho7Xliep8G~M@ne}4>XarMZL|aq1@hX<#ocdLjQDOb>h%H#;uY4g}*2Cns#!7 z<8>jEIrJxER$MMS%J^ola2qN-CcTgmRJEktGpEAdioa~6B}{fz8G@9zTo8>;e=Ju| zrbkSSJyC`$&e6DKZqoVUNy?4rje~t)JffCXU~g2B@>JHlSP|a$(}TOQn?CUkG>-D5 zCsmo}@3^RPu>?kGd*pZ^*%gGqx-+Uq>KYFT9m}@{_n1HTF~2erR2sQ6!AV2e zpR0mCe@-rGp)roo^4w^D@Gft_}Inp=g6qXJ$IRj$0Sx zE(oi((o=}iN!jfL$dsD3_|?pV%7w8Wq>p|84RNVtRqdG0!h8Lg22&szUq|NntEE8z|+OQ1p5 zzudZ6FOXVqDNA^_D(3{E!@~5)y7;`aG8(>7@6N}s`9bo(#4k!zi1u9^o}Syfm-)i5 zz(X8IFj+J0w6l}^!*MMplM%m`H*xWFEPE0xdx__S-@Rr=QF88hc)U3 zv6=K|9P8O;BI-BMXz5k|h(kCS7kzrpDu~4!NN&+i7b!^k#}Z5-P?S|`n>z~JuB`&P z;WrmOLsN@bXR^fXKfkg#=jrapU`o5p$iC0FUfCH83zZk+Dw%Ub%s6q8ylEa*fecOp zRd&HX1PE4tf3_`YVni`aJm>RP4S{G2+S)8w)oReJbE)G@Xe@=k6i*`=?M`k94SLPqW-;=231 z9$9dppCupFc4K58vHF}niZS4vTNYKAIyi{8GCRv{T8Q12?U_`f(OhvG zb(g>7G;>K4;C`p#qCZ^zrtHnrzWT2xhy(|*n=Rpfv$WQ}s{1RMBiR@JVxF;U-tJT? zhE%QrD@_4$!%oKtfPoiwOqmvVj<4#qK{cn$MkQla>|b15tGQbjmJ=hR-LdyqjI73^ zh)?pA>J(mMzz-}^-8~6}>1(;y4CBJ*AoQ=Js&xp8{qJD3RQ9ffV z28NpZ8)xK~2-Xwkn>ut8_Kno=`}UigPSZx0sYSiNcucsa>N3L|@6uR=^R{oxj%#Vv zaHBr1D{rIaG+XUdQ4gHbRQdHV;YFT*-t3gI>hm0#tHEv)whe`TIo8MC>TD+6fu=53 z2TJ2?8zpzMw^s++X<~YHKeJ9EoTcPUcSM&hu`0fGa&Qdo88MvE3>QVax#g9`n$1Y= zoyDRgqe8U-gJ&NgT#UU16unIEU;36KUQ|5}6k;oG%Ht$|1sP_w;*b7Z7tZHls^x3o zGp5Ev62kdo;9$c2JTNj$$&*IsRjGCaiBX#i{D&&R`E=aaNF^_o2ezJ5CsOe3WimVU z0Xy>e9G3Lc);^%0BZ#*Wi;_Ed+}CF_R=#2$e)wDv8~c_liIkP3Bu?9lKAuk&BzIm& zc@$lgD{?SJ_@nBTI_rkbBWE^Lca0JM-64asA>zCa-2nwy6s;(7B1JbQFt(%qvRO-2 z#@N*7s!NwFpz&);5|}ZCm50pv#I5}`*3iAOT%*WmdBCOwP7)H|Lz&`2zxKp=inR(i z*eke-1+M*@BtX>rU-WlS1aW(=O;N!jHG~8oXIEUbIG!ZxRc5S&8<$G7luQx{Z3r}1 z2agHu=vKbk(to6#bLncSXh-(OG&ve!z^1H6*R!F}eJ4K&Q9=Z>ymRivvovII($qB; zzk^U}v(P(u$2mWNZy#&Nd zUs4fot9e5aJ=vdtGycg&RHW_S#Nda<%CoXY{w1d- zE@f{Ph;z&4H|8-H13a(Rlz+hq0z8hX@>aBbU!JC1*}HkDL?z@{yQ;X*v0u~Ig?gqp zgS}LBb&aC{b^_nSQqlvH`L+n&+tWNqQn}xuh<|w@jGMwW_D;1=$gFf>dU=SEDo4nS zuiT}JN@If}erqVTdriX>yvrMZs$qg1#_zXpimCV!Niz*!+^++h1R>7egv^tO;bb!| z>^{K(c4^z63p;G|Y>$=CF%tO8wjYFGvvH`2%NI}64Mvw!I~6Pdj64#@b_^e;xUGb55){5Lf>nlWA;Cr z5FMU329QWog`aK_mH%ylU(_5plziX*9Y7J05!+lISp3HK^@->KXGR9+<_-6W-}|A2 z`$~2|OiQ$O6nIiabmB#mw{ITGamz=12PD>-d%0k}ApH|mcC)3ga-E-M3oK~x^-O)K zM}nWm<-u=Jo~nw7+%rD$DqXvEjmAGF=MQ{2T$Z?+!cxh4& z%yQ3O9*Fr&L*gWluG=^O0sK@5Ceor4L6lYz(V3+*s}3nt1ug@RaaWP0qMBKPmYs&F z7dBqgR6>}tbvkAA`_-%V*&SfM#>h8|W<&mLTgfo!aEwNl9_ca}TnU)3rQn;O^U4PE ze)%UJ)^)RwPv)}9ZAAc}Tv&EneaD%!4-O9|?ov@lfBPgf{VFj0_$-v@A=ro@3zM$# zp}MF&f0*!FfLCCtu`$7Ncz2`q=-Tve{xH*ma+{&PL;!*X0B7@6nU5^;RWs(1)?HKj z{^dpx=qSb{9bplO*lEiJ;qLdoMNcDg#`&MT}x)Pe;l zofm-YMqQ(HcHB|IOiSjFg6EVO;cuY&A`ynRxU~a~wJ`u}xAelC9Pe{yHM(PbVx~V6 z5jh5Vb-5>W~Y0LUtlWB&m=S{b%)nE_qtq{MY$-S}qExI9{_fF>Yiuti2*0D_KE=8xr>#$F5Z#it?ACF$+nXp8z**u-fKn8SuI)e|k zh$F3&xB3YC>9@Q#V4_*C2qmaH7Zb_loD$sv(u89RhC_9nr_GN1k(L?Yp1S)EDaiUv z{{VW|H$c~)n7~9GRVT9B$h>5J@W&Vvdu+H5XO6a$Xk3oZFgl%%7#qKQuqb;gk(?dO zAA}Cb0Gq=a#P2(0cm3%LHWp#Ifv*U5??wTh+Wiw-!Qcd0W(%q>N?EPeVJA-H1{p?n zJ#PGz;(;$}09JungDN%LH9zkj2QB2qm=O`IR1AV1`air!6ww>J@4cmOAUvDg`EBf%h+{S1?EX?E=Cg_k65=8`XyYge-Xa!(H&X` zeYU({?Q<@x664!Kxa`36smBPO)^;y3UdMO0_##5S^VUBjfwj#|ytA|$d2KERM;S1# z-Ywdk!+VYohg&PUcP$*$=W3vcS8HKt%BT{O>lkR=sMEUbomRb>=h3u!#SIbXv_BTF z&&AhBahCXAEsfTNay4_jgipj1#x{YGtP~>}FBl8w^A=faA1R%=8e0()r0qxzmi&EQ z;+!%_=IxoFf;b(O#T%-KWi}nGu;p>=2gMm}X^&WwKRazt3n~sl20FROt!(^0JovMR z*sjY;VI)E6F?~X0>{{%g6kY_xmQMuwn4k+p>QmNa)n*)chr&^wmok-6M~seG`}-@k zmpc6)?5V>ylxKY6)z0o)Z&71h9LEFU1#F0`#0@#_TlaTV^)DgBeK9+n z(lb$|#Es|r#~%m1rK@bHxR^A@W3RdM;Z;Mew(~0mp$z4zm=A3njYlPE5yXk~@NU(I z)BeXBfwX}iHqX5u8y8bEnjBe?OENmj;LO|j8tT6-4+FM{%wyM&)9?4YBxGS zdEmlJqZ9r2QV4~3w`Y{6l0xXw8L*9aKjBZFpe;7aytaU<2znwlKvN5!?*#%WXR6*eZeqoIY%v@8#o?z&)|tY-oU=g4`7Wy{HoeTo*`XsJ!a z%@y(BmHvHF|8($6{>FOFSl<{KVw*Wi^Z59{ghnJ>0o8k$jOYnXJ{gCyIYEn!J<$ejOyK5iZF*z|Pi_V@pd zyiUr0&q;9pfklFYrEj4h*yjI<=Uc2NHsL?{Pm+j#D3yQckpD*V9~}J;lK*1*wmzZI zf05jFvae|!V<=DDz7cD$q6Ii5*4im2?mq+S{?OCL6mxoR$Ry2b5X+h?6d{0Y-% zQIsxg=f+O!{yv$@>08->&|MLiD3+4K5C;OMnxMW_WN79vFYFr+4ks z88N~k-q6-(OJig$?ESB_hVSGz@=$&99{!yl0%A@^n2Z#6`-QMz&eqbwu9c;h20y(^ zY&hT)MBx-feZN<<0oz|27A`(z1#pLGKJ|f4X!)21y3w?AfZG6CnLc;t&kyX_-lW7; zurCq)Y^)9fcUdZT8EU16BAl)k6sb3jo+h%&z;2@q4PH+dho+`yK>9&WQnU?w z&6zt1M#Px8Ew9)P@GfvecFNPnsa-?f_!#m0u6OitO2l5#O?2<(=(VuNAikkd*!N0o zQ2#|n}HJXD#Nt0Ak{r{tBJR#kb#I(q*(q0mM- zH}813qdIJ@ZlHwY`wpzf1u*F5doBCD)dg)v@s`Ir(`(>Vnv%I>_o^~Y#09(?{XB8}lSRtD zD@{ibZ%5&}%$%^g>0*8i6Zpx%s7sG$rOa!%)2ZtRLokHz;27a9y6|~jx_!ZUrZMzwW0QbMCOU@Q)%ufFZ_yo z3bdwtw!#65^Bj0+!`Iq;6&Sls_<(ft?&y8)tYFR*Gh@wT+mBU6Qj3D7;$lupW;^`N z1;Fml0);B?ry)jfzfv2sI2Y0Ff)6`Xrc09SW!)B`nMrV-N zAT=5dG0Zu+X(58)LRFSF$1nbJp8^IE6`Xf`jb`rf8SwKqX^F{i_TM|gNDia_kfuP5 zz!hLNqq>cA<@gMRBpnIBiD0gWJ9ujpzKiBPZkEFjQX3I4Sw6x@*ck$jzP!k?`8yU6AX<)# zHJbE6IaNhgy1!C9J}@LVShns$79#5v1B5QS>omIh)Wd^Ik}Cyj57;+4S~G2ColJ#a z|57kW1+y)=H@dsV)`?F{Kr#gURnX0&{x~%62_YgJpBMY|4rcpVkzR2FD zb*I_f;T|1+pB?vDGgU#*o-j0ymqa#(T1zCQKBQ{0v;@=R&zM`Akl zp!!1$(FBglN9R)LZznUVg_pUP4O%i@=Ho@CiIvr2G3nCa)m5hL6m+S*20B2guSygKT{^e9j=RpnnSy`71ImM}SsN`siWm=@*&U_XHPc^b zS!v1)%*t*=0rAQoMSgylxL;GQt}Y8ZnaxMqcSORsh=lya7Qa{C!@}gs?p(^X`Mmi? zEHjZg`Elga#R~G`_~1P1z7bCyzeqFvt96TkZZC@Q=4@lASgcoqJP1dU$*9~#u3E!x zU>iVSXt19zUQD|4EMR{`cp~K9RTdJGJ!zPfp_c=UAuh+iefiypYm68v9~-pHJq{7 zLg?^PM5B$`gzGw^$o{&=YL5pp4K+)iYEL+nu~k$&Tk@ahx%)?u6T!r^aH*V3Y7Hb+ zrdI*^x6-4E9g(SoFdnhiOw_UEoN56uC_@-Y#NoupY4_Mz*E8jCXQX!6R`2`|-h9ek z3BT))3kJ>WYk6oQyxnhA+u!C-*n+Un9DH-%6xv9m^%-t82U~ZM^vzSQz5i ze>OjIrhSq{M+B1vc#4B-W^8@odvaDEE>f_Op(fG4IV|YQYd9l|eYbkFvbpISJM*&hXHxeb_mf1p(_Efe z>fxrBHf;}|#-#D8`$pg*i;!9Q*pKxRG(8dp&FVSpDQq$yY%KiRstFgVKmeRlo z&G)=Vg?Dj;;u#D@A2n@wrgm2@0j&nk<+ut^v50OLj%yBlqHd?uU0P=wL1@4Ad)7}D z?cHm5TiuyptKO4)f!m*8B+zRI2(K|mxl6v0)BF1acHU-hQeuE|5HfTqx!8`c<8)+b z*3(jYXdJk|Z!3Y^fs+RBC-1Ttx#7oWg9ZiDi&;q97b|ejWQ-V%NA`OzmHij@Ar!lu z_w>=x9Q*4q_gh!3b^P!d^Q|7L&sJ^z{X>RL%X~X^ z%@;577#dAk&Nw8B-g#-;_2iw)^Gemc~?#7kQD|}4A9>6OwMC}&{!}Cvbog+(D zOgqWDE3u**ip(c>foSgk`c0Hv$^6P8k66GiT?XsB#cQA=e1j8Qa?miOb@NE`19`~jyz<$i>E;x z*P|REM!DW9VabrROJ?b|bJc=#RigSaAa*3VmS3fq7j7O!HDJ^v7QYcRwEe@6WSycr zc(fWL;fuQx0p1eiEhXiSu7S{^+&j;A{5?TNBOHJ!8 zVcWpb59X5MPU26FTx#8aD%BsfSz>>sat{?9)H-A;l%zuS^K`ysZ1)eB$gNM{|CrFx Z7*dM{yQhj}4sy3din1y) +ParameterMeaning +sessionSession to perform the operation +pktPacket / buffer to be processed +out_pktHandle of an output packet / buffer to be returned as the result of the operation. +There are three different ways this parameter is used, depending on the mode of operation requested by the caller and the capabilities of the underlying implementation:\n\n + +-# If out_pkt is the same as pkt this indicates that the operation should be performed in place.\n\n +-# If out_pkt is different from pkt this indicates that output should be placed in the buffer supplied by the caller.\n\n +-# If out_pkt is omitted (a null/invalid value supplied on input) this indicates that an output buffer should be allocated by the operation and returned as part of the completion event associated with the operation.\n\n + +Note that not every implementation will support all of these modes and MAY require that one mode be used in preference to others. +Any such implementation restrictions are communicated as output from session creation. +override_iv_ptrOptional IV to use for this request +hash_result_offsetOffset into the output packet where the hash result should be stored. +cipher_rangeThe byte range (offset:length) of the data to be processed for ciphering. +auth_rangeThe byte range (offset:length) of the data to be processed for authentication. + + +The crypto operation is initiated with a single call that passes the parameters for the operation and an event (for asynchronous completion). +@code +int odp_crypto_operation( + struct odp_crypto_op_params *params, + odp_buffer_t completion_event); +@endcode + +Parameter | Meaning +----------|-------- +params | The parameter structure describing the crypto operation to be performed. +completion_event | The event delivered on completion. +It provides information about the status of the operation, result and request context. +In synchronous mode the event is available upon function call return. +In asynchronous mode, the event is placed on the session / operation completion queue when the operation finished. + +Upon return the return code indicates whether the operation was synchronous or asynchronous, or if an error occurred that prevented the operation from being performed. + +Get session operation : +@code +odp_crypto_op_t odp_crypto_session_get_op(odp_crypto_session_t ses); +@endcode + +Get session cipher information : +@code +odp_cipher_alg odp_cipher_session_get_cipher_alg(odp_crypto_session_t ses); +@endcode + +Get session authentication information : +@code +odp_auth_alg odp_crypto_session_get_auth_alg(odp_crypto_session_t ses); +@endcode + +Change session IV : +@code +int odp_crypto_session_iv_set(odp_crypto_session_t ses, uint8_t *iv); +@emdcode + +Change cipher or/and hash keys: +@code +int odp_crypto_session_key_set(odp_crypto_session_t ses, odp_key_t *key); +@endcode + +Destroy crypto session. +All pending operations are cancelled. +@code +int odp_crypto_session_destroy(odp_crypto_session_t ses); +@endcode + +Get completion event information - algorithm error, output and context. +Note that implementations MAY define their own specific error codes that have meaning in that context. +For application portability it is sufficient to know whether an operation completed successfully or experienced an error of some sort. +@code +enum crypto_alg_err { + ODP_CRYPTO_ALG_ERR_NONE, + ODP_CRYPTO_ALG_ERR_MODE, + ODP_CRYPTO_ALG_ERR_DATA_SIZE, + ODP_CRYPTO_ALG_ERR_KEY_SIZE, + ODP_CRYPTO_ALG_ERR_ICV_CHECK, + ODP_CRYPTO_ALG_ERR_AAD_SIZE, +}; + +enum crypto_hw_err { + ODP_CRYPTO_HW_ERR_NONE, + ODP_CRYPTO_HW_ERR_DMA, + ODP_CRYPTO_HW_ERR_BP_DEPLETED, +}; + +struct odp_crypto_compl_status { + odp_crypto_alg_t alg; + enum crypto_alg_err alg_err; + enum crypto_hw_err hw_err; +}; + +void +odp_crypto_get_compl_status(odp_buffer_t completion_event, + struct odp_crypto_compl_status *auth, + struct odp_crypto_compl_status *cipher); +@endcode + +Returns the output packet handle associated with the completion event : +@code +odp_packet_t odp_crypto_get_out_pkt(odp_buffer_t completion_event); +@endcode + +Sets a context handle to be returned with the completion event : +@code +void odp_crypto_set_compl_ctx(odp_buffer_t completion_event, odp_compl_ctx_t *ctx); +@endcode + +Returns the context associated with the completion event : +@code +odp_compl_ctx_t odp_crypto_get_compl_ctx(odp_buffer_t completion_event); +@endcode + +This section describes the API/Interface being defined at a functional level in technical detail. +Sub-sections include header file names, where implementation files are expected to reside in the ODP git tree, as well as the name, parameters, abstract data types, functionality, return codes, and exception conditions of each function call defined by the API/Interface. +Appropriate diagrams, tables, etc. should be used to allow the programmer tasked with implementing the API/Interface to understand the function to be implemented as well as error conditions, corner cases, performance requirements, etc. needed to implement the described API/Interface in a functionally correct and efficient manner.   + +@subsubsection random_number_functions Random Number Functions +As noted earlier, random number support consists of two functions: +@code +int odp_hw_random_get (uint8_t *buf, uint32_t *len, bool use_entropy); + +int odp_drgb_random_get (uint8_t *buf, uint32_t *len); +@endcode + +The difference is that the first provides access to hardware random number functions that return true random data. +This is typically used for seed values. +The second provides a deterministic random bit generator conforming to NIST standards and is used by various crypto protocols and algorithms. +The use_entropy parameter on odp_hw_random_get is used to disable any hardware pre-processing normally provided by the function and is mainly intended to be used for testing/validation purposes. + +@subsubsection buffer_pool_extensions Buffer Pool Extensions +To support zeroization a buffer may be allocated with an ODP_CLEAR_ON_FREE attribute that specifies that this buffer should be zeroized upon free. +Alternately, a new type (ODP_CLEAR_ON_FREE) is added to odp_buffer_pool_create() that specifies that all buffers allocated from this pool must be zeroized upon free. +Essentially, the buffer security attribute is set by default from the attributes of the buffer pool that it is allocated from. + +@subsubsection capability_inquiry Capability Inquiry +To enable applications to determine crypto capabilities. +@code +int odp_crypto_inquire (enum odp_cipher_alg, enum odp_auth_alg); +@endcode + +Inquires whether the specified crypto and auth algorithms are supported. +Responses include: +- ODP_HW_SYNC_SUPPORT +- ODP_HW_ASYNC_SUPPORT +- ODP_SW_SYNC_SUPPORT +- ODP_SW_ASYNC_SUPPORT +- ODP_NO_SUPPORT + +HW support means the combination is supported in hardware, SW support means the combination is supported in software by the implementation. +No support means the combination is not supported by the implementation. +The SYNC and ASYNC return options can help the application decide how to invoke these functions, or it can just check whether or not the response is ODP_NO_SUPPORT. + +@section implementation_considerations Implementation Considerations +One of the main purposes for the ODP crypto APIs is to provide portable access across different SoCs whose hardware crypto capabilities largely overlap but vary in terms of their implementation details. +As a result, implementations need not provide software fill-ins for specific cryptographic features that are not available as hardware features on that platform. +Presumably applications needing specific features will select platforms on which these features are present. +Therefore, while all APIs specified here MUST exist in each conforming ODP implementation, it is acceptable for these APIs to return ODP_RC_FEATURE_NOT_PRESENT in response to calls requesting crypto features not present on that platform. + +For example, the linux-generic ODP implementation may only implement the null cipher suite (ODP_CIPHER_ALG_NULL) and return a feature not present error code for any other cipher. +This indication will also be returned on that platform in response to odp_crypto_inquire calls for non-null cipher algorithms. + +@section verification Verification/Testing +This section describes the verification/test cases needed to ensure that the defined functionality is implemented correctly and performs adequately. +This should be at a level of detail such that the programmer tasked with writing test scripts/programs to verify the implementation(s) of the defined functions can be written to ensure that all relevant functional variants and error/exception cases are properly tested. + +This section needs to be completed before API testing begins. + +*/