| Message ID | 1422971062-32528-2-git-send-email-petri.savolainen@linaro.org |
|---|---|
| State | Accepted |
| Commit | 35da45db38e99c089459c0abcc8f2c72c26c7c79 |
| Headers | show |
On 3 February 2015 at 14:44, Petri Savolainen <petri.savolainen@linaro.org> wrote: > Renamed odp_hw_random_get() to odp_random_data(). Random > number API is now separated from crypto API. Why is this separation desired? Cryptographically strong random number generation can be considered a natural part of the cryptography API. Applications are supposed to include odp.h and will get all ODP definitions regardless. Who benefits? -- Ola > > Signed-off-by: Petri Savolainen <petri.savolainen@linaro.org> > --- > example/ipsec/odp_ipsec_cache.c | 2 +- > include/odp/api/crypto.h | 14 -------------- > platform/linux-generic/odp_crypto.c | 3 ++- > test/validation/crypto/odp_crypto_test_rng.c | 2 +- > 4 files changed, 4 insertions(+), 17 deletions(-) > > diff --git a/example/ipsec/odp_ipsec_cache.c b/example/ipsec/odp_ipsec_cache.c > index 904e7b6..5e128c5 100644 > --- a/example/ipsec/odp_ipsec_cache.c > +++ b/example/ipsec/odp_ipsec_cache.c > @@ -98,7 +98,7 @@ int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa, > if (params.iv.length) { > size_t size = params.iv.length; > > - odp_hw_random_get(params.iv.data, &size, 1); > + odp_random_data(params.iv.data, &size, 1); > } > > /* Synchronous session create for now */ > diff --git a/include/odp/api/crypto.h b/include/odp/api/crypto.h > index 545c1a5..aad6bd9 100644 > --- a/include/odp/api/crypto.h > +++ b/include/odp/api/crypto.h > @@ -330,20 +330,6 @@ odp_crypto_compl_result(odp_crypto_compl_t completion_event, > odp_crypto_op_result_t *result); > > /** > - * Generate random byte string > - * > - * @param buf Pointer to store result > - * @param len Pointer to input length value as well as return value > - * @param use_entropy Use entropy > - * > - * @todo Define the implication of the use_entropy parameter > - * > - * @return 0 if succesful > - */ > -int > -odp_hw_random_get(uint8_t *buf, size_t *len, odp_bool_t use_entropy); > - > -/** > * @} > */ > > diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c > index 46766fa..de60157 100644 > --- a/platform/linux-generic/odp_crypto.c > +++ b/platform/linux-generic/odp_crypto.c > @@ -15,6 +15,7 @@ > #include <odp_crypto_internal.h> > #include <odp_debug_internal.h> > #include <odp/hints.h> > +#include <odp/random.h> > #include <odp_packet_internal.h> > > #include <string.h> > @@ -447,7 +448,7 @@ odp_crypto_init_global(void) > } > > int > -odp_hw_random_get(uint8_t *buf, size_t *len, odp_bool_t use_entropy ODP_UNUSED) > +odp_random_data(uint8_t *buf, size_t *len, odp_bool_t use_entropy ODP_UNUSED) > { > int rc; > rc = RAND_bytes(buf, *len); > diff --git a/test/validation/crypto/odp_crypto_test_rng.c b/test/validation/crypto/odp_crypto_test_rng.c > index 458f908..b6313f0 100644 > --- a/test/validation/crypto/odp_crypto_test_rng.c > +++ b/test/validation/crypto/odp_crypto_test_rng.c > @@ -19,7 +19,7 @@ static void rng_get_size(void) > size_t len = TDES_CBC_IV_LEN; > uint8_t buf[TDES_CBC_IV_LEN]; > > - ret = odp_hw_random_get(buf, &len, false); > + ret = odp_random_data(buf, &len, false); > CU_ASSERT(!ret); > CU_ASSERT(len == TDES_CBC_IV_LEN); > } > -- > 2.2.2 > > > _______________________________________________ > lng-odp mailing list > lng-odp@lists.linaro.org > http://lists.linaro.org/mailman/listinfo/lng-odp
This patch should require Robbie's review since these APIs originated from the crypto design sprint. I agree with Ola that it is unnecessary. The reason hw is specified here is that cryptographically you have two different types of randoms. HW randoms are used for seed values which is why in the original spec we called out two different random number functions: odp_hw_random_get() - Gets "true randoms" for seed values odp_drbg_random_get() - Deterministic Random Bit Generator needed for NIST compliance The latter isn't part of ODP v1.0 but probably should be part of v1.1. On Tue, Feb 3, 2015 at 8:12 AM, Ola Liljedahl <ola.liljedahl@linaro.org> wrote: > On 3 February 2015 at 14:44, Petri Savolainen > <petri.savolainen@linaro.org> wrote: > > Renamed odp_hw_random_get() to odp_random_data(). Random > > number API is now separated from crypto API. > Why is this separation desired? > Cryptographically strong random number generation can be considered a > natural part of the cryptography API. > > Applications are supposed to include odp.h and will get all ODP > definitions regardless. > > Who benefits? > > -- Ola > > > > > Signed-off-by: Petri Savolainen <petri.savolainen@linaro.org> > > --- > > example/ipsec/odp_ipsec_cache.c | 2 +- > > include/odp/api/crypto.h | 14 -------------- > > platform/linux-generic/odp_crypto.c | 3 ++- > > test/validation/crypto/odp_crypto_test_rng.c | 2 +- > > 4 files changed, 4 insertions(+), 17 deletions(-) > > > > diff --git a/example/ipsec/odp_ipsec_cache.c > b/example/ipsec/odp_ipsec_cache.c > > index 904e7b6..5e128c5 100644 > > --- a/example/ipsec/odp_ipsec_cache.c > > +++ b/example/ipsec/odp_ipsec_cache.c > > @@ -98,7 +98,7 @@ int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa, > > if (params.iv.length) { > > size_t size = params.iv.length; > > > > - odp_hw_random_get(params.iv.data, &size, 1); > > + odp_random_data(params.iv.data, &size, 1); > > } > > > > /* Synchronous session create for now */ > > diff --git a/include/odp/api/crypto.h b/include/odp/api/crypto.h > > index 545c1a5..aad6bd9 100644 > > --- a/include/odp/api/crypto.h > > +++ b/include/odp/api/crypto.h > > @@ -330,20 +330,6 @@ odp_crypto_compl_result(odp_crypto_compl_t > completion_event, > > odp_crypto_op_result_t *result); > > > > /** > > - * Generate random byte string > > - * > > - * @param buf Pointer to store result > > - * @param len Pointer to input length value as well as return > value > > - * @param use_entropy Use entropy > > - * > > - * @todo Define the implication of the use_entropy parameter > > - * > > - * @return 0 if succesful > > - */ > > -int > > -odp_hw_random_get(uint8_t *buf, size_t *len, odp_bool_t use_entropy); > > - > > -/** > > * @} > > */ > > > > diff --git a/platform/linux-generic/odp_crypto.c > b/platform/linux-generic/odp_crypto.c > > index 46766fa..de60157 100644 > > --- a/platform/linux-generic/odp_crypto.c > > +++ b/platform/linux-generic/odp_crypto.c > > @@ -15,6 +15,7 @@ > > #include <odp_crypto_internal.h> > > #include <odp_debug_internal.h> > > #include <odp/hints.h> > > +#include <odp/random.h> > > #include <odp_packet_internal.h> > > > > #include <string.h> > > @@ -447,7 +448,7 @@ odp_crypto_init_global(void) > > } > > > > int > > -odp_hw_random_get(uint8_t *buf, size_t *len, odp_bool_t use_entropy > ODP_UNUSED) > > +odp_random_data(uint8_t *buf, size_t *len, odp_bool_t use_entropy > ODP_UNUSED) > > { > > int rc; > > rc = RAND_bytes(buf, *len); > > diff --git a/test/validation/crypto/odp_crypto_test_rng.c > b/test/validation/crypto/odp_crypto_test_rng.c > > index 458f908..b6313f0 100644 > > --- a/test/validation/crypto/odp_crypto_test_rng.c > > +++ b/test/validation/crypto/odp_crypto_test_rng.c > > @@ -19,7 +19,7 @@ static void rng_get_size(void) > > size_t len = TDES_CBC_IV_LEN; > > uint8_t buf[TDES_CBC_IV_LEN]; > > > > - ret = odp_hw_random_get(buf, &len, false); > > + ret = odp_random_data(buf, &len, false); > > CU_ASSERT(!ret); > > CU_ASSERT(len == TDES_CBC_IV_LEN); > > } > > -- > > 2.2.2 > > > > > > _______________________________________________ > > lng-odp mailing list > > lng-odp@lists.linaro.org > > http://lists.linaro.org/mailman/listinfo/lng-odp > > _______________________________________________ > lng-odp mailing list > lng-odp@lists.linaro.org > http://lists.linaro.org/mailman/listinfo/lng-odp >
diff --git a/example/ipsec/odp_ipsec_cache.c b/example/ipsec/odp_ipsec_cache.c index 904e7b6..5e128c5 100644 --- a/example/ipsec/odp_ipsec_cache.c +++ b/example/ipsec/odp_ipsec_cache.c @@ -98,7 +98,7 @@ int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa, if (params.iv.length) { size_t size = params.iv.length; - odp_hw_random_get(params.iv.data, &size, 1); + odp_random_data(params.iv.data, &size, 1); } /* Synchronous session create for now */ diff --git a/include/odp/api/crypto.h b/include/odp/api/crypto.h index 545c1a5..aad6bd9 100644 --- a/include/odp/api/crypto.h +++ b/include/odp/api/crypto.h @@ -330,20 +330,6 @@ odp_crypto_compl_result(odp_crypto_compl_t completion_event, odp_crypto_op_result_t *result); /** - * Generate random byte string - * - * @param buf Pointer to store result - * @param len Pointer to input length value as well as return value - * @param use_entropy Use entropy - * - * @todo Define the implication of the use_entropy parameter - * - * @return 0 if succesful - */ -int -odp_hw_random_get(uint8_t *buf, size_t *len, odp_bool_t use_entropy); - -/** * @} */ diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 46766fa..de60157 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -15,6 +15,7 @@ #include <odp_crypto_internal.h> #include <odp_debug_internal.h> #include <odp/hints.h> +#include <odp/random.h> #include <odp_packet_internal.h> #include <string.h> @@ -447,7 +448,7 @@ odp_crypto_init_global(void) } int -odp_hw_random_get(uint8_t *buf, size_t *len, odp_bool_t use_entropy ODP_UNUSED) +odp_random_data(uint8_t *buf, size_t *len, odp_bool_t use_entropy ODP_UNUSED) { int rc; rc = RAND_bytes(buf, *len); diff --git a/test/validation/crypto/odp_crypto_test_rng.c b/test/validation/crypto/odp_crypto_test_rng.c index 458f908..b6313f0 100644 --- a/test/validation/crypto/odp_crypto_test_rng.c +++ b/test/validation/crypto/odp_crypto_test_rng.c @@ -19,7 +19,7 @@ static void rng_get_size(void) size_t len = TDES_CBC_IV_LEN; uint8_t buf[TDES_CBC_IV_LEN]; - ret = odp_hw_random_get(buf, &len, false); + ret = odp_random_data(buf, &len, false); CU_ASSERT(!ret); CU_ASSERT(len == TDES_CBC_IV_LEN); }
Renamed odp_hw_random_get() to odp_random_data(). Random number API is now separated from crypto API. Signed-off-by: Petri Savolainen <petri.savolainen@linaro.org> --- example/ipsec/odp_ipsec_cache.c | 2 +- include/odp/api/crypto.h | 14 -------------- platform/linux-generic/odp_crypto.c | 3 ++- test/validation/crypto/odp_crypto_test_rng.c | 2 +- 4 files changed, 4 insertions(+), 17 deletions(-)