From patchwork Thu Aug 21 12:30:31 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Robbie King X-Patchwork-Id: 35758 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-ie0-f198.google.com (mail-ie0-f198.google.com [209.85.223.198]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 319F52055D for ; Thu, 21 Aug 2014 12:31:29 +0000 (UTC) Received: by mail-ie0-f198.google.com with SMTP id rl12sf17625272iec.1 for ; Thu, 21 Aug 2014 05:31:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:subject:precedence:list-id:list-unsubscribe:list-archive :list-post:list-help:list-subscribe:mime-version:errors-to:sender :x-original-sender:x-original-authentication-results:mailing-list :content-type:content-transfer-encoding; bh=gLP0bKhC34SLQoefGOosCftWTU5wKQ3JdI92yzeJoeA=; b=Uji/yf2wMsqrybEPWvNUHf9Vmq8tmU1oKlA6+YB7iOQhTLhouTzArg5AiO0pLF/rqD VklS9b9X7Vn5VVns51KrRCoaUGEEpNoNTeVSV8DZEIi5MLemXt4t76qlGVNBYnkdLbq1 kndkH61RfVBZRwK9JQL9AkrSAHuzMWypuOFhV9Tk3oPWuvkEdEz5UkyvD1hWr0aJ0NzT OpNxNOPRcQziueB91A3ngJj/Z8KtISPxl7Y9fUH2hhnxB8Zrgg6u6NYM2DV1XgBFuXNk iXweib53m2gl/6cVzCf11zgInl6RFmBhHr1DegaplTkIRwpJ3fp8z5SCo4+dGti8uNms syfw== X-Gm-Message-State: ALoCoQkV4xAbsGmKqQCKqHG1o656TEb6YT08InaHn0vYRyMy/EKs1iLDypyUA4eHY4LrMvojvQMk X-Received: by 10.182.126.198 with SMTP id na6mr29141344obb.4.1408624288700; Thu, 21 Aug 2014 05:31:28 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.31.164 with SMTP id f33ls661409qgf.34.gmail; Thu, 21 Aug 2014 05:31:28 -0700 (PDT) X-Received: by 10.52.246.198 with SMTP id xy6mr3417074vdc.7.1408624288549; Thu, 21 Aug 2014 05:31:28 -0700 (PDT) Received: from mail-vc0-x22e.google.com (mail-vc0-x22e.google.com [2607:f8b0:400c:c03::22e]) by mx.google.com with ESMTPS id vt2si12242168vdb.99.2014.08.21.05.31.28 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 21 Aug 2014 05:31:28 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 2607:f8b0:400c:c03::22e as permitted sender) client-ip=2607:f8b0:400c:c03::22e; Received: by mail-vc0-f174.google.com with SMTP id la4so10474013vcb.5 for ; Thu, 21 Aug 2014 05:31:28 -0700 (PDT) X-Received: by 10.221.68.66 with SMTP id xx2mr41460099vcb.1.1408624288464; Thu, 21 Aug 2014 05:31:28 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.221.45.67 with SMTP id uj3csp131510vcb; Thu, 21 Aug 2014 05:31:28 -0700 (PDT) X-Received: by 10.229.131.5 with SMTP id v5mr82942223qcs.21.1408624287867; Thu, 21 Aug 2014 05:31:27 -0700 (PDT) Received: from ip-10-141-164-156.ec2.internal (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTPS id n93si38403514qgd.103.2014.08.21.05.31.27 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 21 Aug 2014 05:31:27 -0700 (PDT) Received-SPF: none (google.com: lng-odp-bounces@lists.linaro.org does not designate permitted sender hosts) client-ip=54.225.227.206; Received: from localhost ([127.0.0.1] helo=ip-10-141-164-156.ec2.internal) by ip-10-141-164-156.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1XKRWY-0004cB-T7; Thu, 21 Aug 2014 12:31:26 +0000 Received: from rcdn-iport-4.cisco.com ([173.37.86.75]) by ip-10-141-164-156.ec2.internal with esmtp (Exim 4.76) (envelope-from ) id 1XKRVu-0004YZ-Iu for lng-odp@lists.linaro.org; Thu, 21 Aug 2014 12:30:46 +0000 X-IronPort-AV: E=Sophos;i="5.01,909,1400025600"; d="scan'208";a="349300529" Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-4.cisco.com with ESMTP; 21 Aug 2014 12:30:41 +0000 Received: from cpp-rtpbld-55.cisco.com (cpp-rtpbld-55.cisco.com [172.18.5.199]) by rcdn-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id s7LCUeLh015413 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 21 Aug 2014 12:30:41 GMT Received: from cpp-rtpbld-55.cisco.com (localhost.localdomain [127.0.0.1]) by cpp-rtpbld-55.cisco.com (8.13.8/8.13.8) with ESMTP id s7LCUehl012512; Thu, 21 Aug 2014 08:30:40 -0400 Received: (from robking@localhost) by cpp-rtpbld-55.cisco.com (8.13.8/8.13.8/Submit) id s7LCUeWn012511; Thu, 21 Aug 2014 08:30:40 -0400 From: Robbie King To: lng-odp@lists.linaro.org Date: Thu, 21 Aug 2014 08:30:31 -0400 Message-Id: <1408624238-12430-7-git-send-email-robking@cisco.com> X-Mailer: git-send-email 1.9.2 In-Reply-To: <1408624238-12430-1-git-send-email-robking@cisco.com> References: <1408624238-12430-1-git-send-email-robking@cisco.com> X-Topics: patch Subject: [lng-odp] [PATCH 06/13] IPsec example app support routines X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Errors-To: lng-odp-bounces@lists.linaro.org Sender: lng-odp-bounces@lists.linaro.org X-Original-Sender: robking@cisco.com X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 2607:f8b0:400c:c03::22e as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org; dkim=fail header.i=@cisco.com Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Signed-off-by: Robbie King --- example/ipsec/odp_ipsec_misc.h | 321 ++++++++++++++++++++++++++++++++++++++++ 1 files changed, 321 insertions(+), 0 deletions(-) create mode 100644 example/ipsec/odp_ipsec_misc.h diff --git a/example/ipsec/odp_ipsec_misc.h b/example/ipsec/odp_ipsec_misc.h new file mode 100644 index 0000000..e5db950 --- /dev/null +++ b/example/ipsec/odp_ipsec_misc.h @@ -0,0 +1,321 @@ +/* Copyright (c) 2014, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef ODP_IPSEC_MISC_H_ +#define ODP_IPSEC_MISC_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include +#include + +#define TRUE 1 +#define FALSE 0 + +#define MAX_DB 32 /**< maximum number of data base entries */ +#define MAX_LOOPBACK 10 /**< maximum number of loop back interfaces */ + +/** IPv4 helpers for data length and uint8t pointer */ +#define ipv4_data_len(ip) (odp_be_to_cpu_16(ip->tot_len) - sizeof(odp_ipv4hdr_t)) +#define ipv4_data_p(ip) ((uint8_t *)((odp_ipv4hdr_t *)ip + 1)) + +/** Helper for calculating encode length using data length and block size */ +#define ESP_ENCODE_LEN(x, b) ((((x) + (b - 1)) / b) * b) + +/** Get rid of path in filename - only for unix-type paths using '/' */ +#define NO_PATH(file_name) (strrchr((file_name), '/') ? \ + strrchr((file_name), '/') + 1 : (file_name)) + +/** + * IPsec key + */ +typedef struct { + uint8_t data[32]; /**< Key data */ + uint8_t length; /**< Key length */ +} ipsec_key_t; + +/** + * IPsec algorithm + */ +typedef struct { + bool cipher; + union { + enum odp_cipher_alg cipher; + enum odp_auth_alg auth; + } u; +} ipsec_alg_t; + +/** + * IP address range (subnet) + */ +typedef struct ip_addr_range_s { + uint32_t addr; /**< IP address */ + uint32_t mask; /**< mask, 1 indicates bits are valid */ +} ip_addr_range_t; + +/** + * Parse text string representing a key into ODP key structure + * + * @param keystring Pointer to key string to convert + * @param key Pointer to ODP key structure to populate + * @param alg Cipher/authentication algorithm associated with the key + * + * @return 0 if successful else -1 + */ +static inline +int parse_key_string(char *keystring, + ipsec_key_t *key, + ipsec_alg_t *alg) +{ + int idx; + char temp[3]; + + if (alg->cipher && (alg->u.cipher == ODP_CIPHER_ALG_3DES_CBC)) + if (48 == strlen(keystring)) + key->length = 24; + + if (!alg->cipher && (alg->u.auth == ODP_AUTH_ALG_MD5_96)) + if (32 == strlen(keystring)) + key->length = 16; + + for (idx = 0; idx < key->length; idx++) { + temp[0] = *keystring++; + temp[1] = *keystring++; + temp[2] = 0; + key->data[idx] = strtol(temp, NULL, 16); + } + + return key->length ? 0 : -1; +} + +/** + * Check IPv4 address against a range/subnet + * + * @param addr IPv4 address to check + * @param range Pointer to address range to check against + * + * @return 1 if match else 0 + */ +static inline +int match_ip_range(uint32_t addr, ip_addr_range_t *range) +{ + return (range->addr == (addr & range->mask)); +} + +/** + * Generate text string representing IPv4 address + * + * @param b Pointer to buffer to store string + * @param addr IPv4 address + * + * @return Pointer to supplied buffer + */ +static inline +char *ipv4_addr_str(char *b, uint32_t addr) +{ + sprintf(b, "%03d.%03d.%03d.%03d", + 0xFF & ((addr) >> 24), + 0xFF & ((addr) >> 16), + 0xFF & ((addr) >> 8), + 0xFF & ((addr) >> 0)); + return b; +} + +/** + * Parse text string representing an IPv4 address or subnet + * + * String is of the format "XXX.XXX.XXX.XXX(/W)" where + * "XXX" is decimal value and "/W" is optional subnet length + * + * @param ipaddress Pointer to IP address/subnet string to convert + * @param addr Pointer to return IPv4 address + * @param mask Pointer (optional) to return IPv4 mask + * + * @return 0 if successful else -1 + */ +static inline +int parse_ipv4_string(char *ipaddress, uint32_t *addr, uint32_t *mask) +{ + int b[4]; + int qualifier = 32; + int converted; + + if (strchr(ipaddress, '/')) { + converted = sscanf(ipaddress, "%d.%d.%d.%d/%d", + &b[3], &b[2], &b[1], &b[0], + &qualifier); + if (5 != converted) + return -1; + } else { + converted = sscanf(ipaddress, "%d.%d.%d.%d", + &b[3], &b[2], &b[1], &b[0]); + if (4 != converted) + return -1; + } + + if ((b[0] > 255) || (b[1] > 255) || (b[2] > 255) || (b[3] > 255)) + return -1; + if (!qualifier || (qualifier > 32)) + return -1; + + *addr = b[0] | b[1] << 8 | b[2] << 16 | b[3] << 24; + if (mask) + *mask = ~(0xFFFFFFFF & ((1ULL << (32 - qualifier)) - 1)); + + return 0; +} + +/** + * Generate text string representing IPv4 range/subnet, output + * in "XXX.XXX.XXX.XXX/W" format + * + * @param b Pointer to buffer to store string + * @param range Pointer to IPv4 address range + * + * @return Pointer to supplied buffer + */ +static inline +char *ipv4_subnet_str(char *b, ip_addr_range_t *range) +{ + int idx; + int len; + + for (idx = 0; idx < 32; idx++) + if (range->mask & (1 << idx)) + break; + len = 32 - idx; + + sprintf(b, "%03d.%03d.%03d.%03d/%d", + 0xFF & ((range->addr) >> 24), + 0xFF & ((range->addr) >> 16), + 0xFF & ((range->addr) >> 8), + 0xFF & ((range->addr) >> 0), + len); + return b; +} + +/** + * Generate text string representing MAC address + * + * @param b Pointer to buffer to store string + * @param mac Pointer to MAC address + * + * @return Pointer to supplied buffer + */ +static inline +char *mac_addr_str(char *b, uint8_t *mac) +{ + sprintf(b, "%02X.%02X.%02X.%02X.%02X.%02X", + mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]); + return b; +} + +/** + * Parse text string representing a MAC address into byte araray + * + * String is of the format "XX.XX.XX.XX.XX.XX" where XX is hexadecimal + * + * @param macaddress Pointer to MAC address string to convert + * @param mac Pointer to MAC address byte array to populate + * + * @return 0 if successful else -1 + */ +static inline +int parse_mac_string(char *macaddress, uint8_t *mac) +{ + int macwords[6]; + int converted; + + converted = sscanf(macaddress, + "%x.%x.%x.%x.%x.%x", + &macwords[0], &macwords[1], &macwords[2], + &macwords[3], &macwords[4], &macwords[5]); + if (6 != converted) + return -1; + + mac[0] = macwords[0]; + mac[1] = macwords[1]; + mac[2] = macwords[2]; + mac[3] = macwords[3]; + mac[4] = macwords[4]; + mac[5] = macwords[5]; + + return 0; +} + +/** + * Locate IPsec headers (AH and/or ESP) in packet + * + * @param ip Pointer to packets IPv4 header + * @param ah_p Pointer to location to return AH header pointer + * @param esp_p Pointer to location to return ESP header pointer + * + * @return length of IPsec headers found + */ +static inline +int locate_ipsec_headers(odp_ipv4hdr_t *ip, + odp_ahhdr_t **ah_p, + odp_esphdr_t **esp_p) +{ + uint8_t *in = ipv4_data_p(ip); + odp_ahhdr_t *ah = NULL; + odp_esphdr_t *esp = NULL; + + if (ODP_IPPROTO_AH == ip->proto) { + ah = (odp_ahhdr_t *)in; + in += ((ah)->ah_len + 2) * 4; + if (ODP_IPPROTO_ESP == ah->next_header) { + esp = (odp_esphdr_t *)in; + in += sizeof(odp_esphdr_t); + } + } else if (ODP_IPPROTO_ESP == ip->proto) { + esp = (odp_esphdr_t *)in; + in += sizeof(odp_esphdr_t); + } + + *ah_p = ah; + *esp_p = esp; + return in - (ipv4_data_p(ip)); +} + +/** + * Adjust IPv4 length + * + * @param ip Pointer to IPv4 header + * @param adj Signed adjustment value + */ +static inline +void ipv4_adjust_len(odp_ipv4hdr_t *ip, int adj) +{ + ip->tot_len = odp_cpu_to_be_16(odp_be_to_cpu_16(ip->tot_len) + adj); +} + +/** + * Verify crypto operation completed successfully + * + * @param status Pointer to cryto completion structure + * + * @return TRUE if all OK else FALSE + */ +static inline +bool is_crypto_compl_status_ok(odp_crypto_compl_status_t *status) +{ + if (status->alg_err != ODP_CRYPTO_ALG_ERR_NONE) + return FALSE; + if (status->hw_err != ODP_CRYPTO_HW_ERR_NONE) + return FALSE; + return TRUE; +} + + +#ifdef __cplusplus +} +#endif + +#endif