From patchwork Tue Nov 14 20:00:04 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 118882 Delivered-To: patch@linaro.org Received: by 10.140.22.164 with SMTP id 33csp3459560qgn; Tue, 14 Nov 2017 12:01:12 -0800 (PST) X-Google-Smtp-Source: AGs4zMZ3Y3HBDNOxj2iXlcX9YZ0VkMu438/+qG27wCR/fLtMz6gYinSrax2lPUvb7vSGACaNXKGy X-Received: by 10.237.53.200 with SMTP id d8mr1799930qte.32.1510689672775; Tue, 14 Nov 2017 12:01:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1510689672; cv=none; d=google.com; s=arc-20160816; b=kSAowcGdw+i92/0ZW4Xt1+AtOWYl7DQnAFr8z554gkhdC5mdGpDA3iVpQX/8WZDB7h Bet0yJu2/7AYjn510wYvKXOLV414wcjN7+SGtDEbPq+1lt0wT6GU3Tpos195ZNqvdNRV QzG1dulH2JcHzfuUjAXTxjv2LOzpKdkTP14HbrYnHLccYiu3PHvRXmp9FFA6HoUGtUA5 JKE4JR3tSajtF5ZMDjxDOlDZZWwdom50R8OQD2WB6HfF1FbIjzE753L3IMsw1TLvM4iu Fh7Wh9EJEcSV/+2TgRuliVYoUhGmTxmR+m8erUO/v5HGZpAZikpqw3HJuvax6aeN+fho 30dg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=D/D4YwlNSNpbT58+DrE8m8ZC07OudGWu/t55Wudmc1c=; b=I7CiedKPcpvYJLfFJ8CF3jGzfti2Ko+nQdZxrWpNZRNmk991E+PzzOHKtfYAm1jlG5 2d87rtNqWKW/XUR6FyXOecaW2YDm96+PdZXZLEHwoCSLbHT5yu+bxwMAzOXlEA6/QeIU Rke9wc5miDeHAIzGz8B0bDEB22kKwcKQLGHsx6QGtXkLtFnaLr+MxZ0f3GICUrmVcOqY L1463IkAV/Gd6CR5AuHjLINEu5WrcqR3xSzMktLvwj+lgkfSdBZKzT72+TUrMRycAMD1 t97b4tD09raCzyGy/exz9Yhiv6dBU8SIQPeCIEtwcediey3LZJUlzgo6z93j8ukAGKn4 mfAQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id c188si1718060qkd.228.2017.11.14.12.01.12; Tue, 14 Nov 2017 12:01:12 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 6029060812; Tue, 14 Nov 2017 20:01:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id A39E160606; Tue, 14 Nov 2017 20:00:26 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id EEDEB60639; Tue, 14 Nov 2017 20:00:18 +0000 (UTC) Received: from forward106o.mail.yandex.net (forward106o.mail.yandex.net [37.140.190.187]) by lists.linaro.org (Postfix) with ESMTPS id 137CB60639 for ; Tue, 14 Nov 2017 20:00:15 +0000 (UTC) Received: from mxback9g.mail.yandex.net (mxback9g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:170]) by forward106o.mail.yandex.net (Yandex) with ESMTP id BADB2783DBA for ; Tue, 14 Nov 2017 23:00:13 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback9g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id AtbpJE8aui-0DgSZh5i; Tue, 14 Nov 2017 23:00:13 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id ZsDLds7hfB-0DpGFHYQ; Tue, 14 Nov 2017 23:00:13 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 14 Nov 2017 23:00:04 +0300 Message-Id: <1510689611-17861-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1510689611-17861-1-git-send-email-odpbot@yandex.ru> References: <1510689611-17861-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 288 Subject: [lng-odp] [PATCH API-NEXT v8 3/10] linux-gen: crypto: add AES-GMAC implementation X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Implement AES-GMAC on top of OpenSSL AES-GCM with all text going into AAD part. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 288 (lumag:gmac) ** https://github.com/Linaro/odp/pull/288 ** Patch: https://github.com/Linaro/odp/pull/288.patch ** Base sha: ba93e355ddf151215aa18b59cbfca08fe175fe65 ** Merge commit sha: 8363c3a4073075d0f3dd68864b9a33819005aab4 **/ .../linux-generic/include/odp_crypto_internal.h | 5 +- platform/linux-generic/odp_crypto.c | 151 ++++++++++++++++++++- 2 files changed, 154 insertions(+), 2 deletions(-) diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index 12d1720b7..21174daa4 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -51,7 +51,10 @@ struct odp_crypto_generic_session { uint8_t key[EVP_MAX_KEY_LENGTH]; uint32_t key_length; uint32_t bytes; - const EVP_MD *evp_md; + union { + const EVP_MD *evp_md; + const EVP_CIPHER *evp_cipher; + }; crypto_func_t func; } auth; }; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index f34863bf2..1cc2d7018 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -37,7 +37,9 @@ * Keep sorted: first by key length, then by IV length */ static const odp_crypto_cipher_capability_t cipher_capa_null[] = { -{.key_len = 0, .iv_len = 0} }; +{.key_len = 0, .iv_len = 0}, +/* Special case for GMAC */ +{.key_len = 0, .iv_len = 12} }; static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = { {.key_len = 24, .iv_len = 8} }; @@ -84,6 +86,9 @@ static const odp_crypto_auth_capability_t auth_capa_sha512_hmac[] = { static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; +static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { +{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; + typedef struct odp_crypto_global_s odp_crypto_global_t; struct odp_crypto_global_s { @@ -236,6 +241,33 @@ odp_crypto_alg_err_t auth_check(odp_packet_t pkt, } static +int internal_aad(EVP_CIPHER_CTX *ctx, + odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param) +{ + uint32_t offset = param->auth_range.offset; + uint32_t len = param->auth_range.length; + int dummy_len; + int ret; + + ODP_ASSERT(offset + len <= odp_packet_len(pkt)); + + while (len > 0) { + uint32_t seglen = 0; /* GCC */ + void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL); + uint32_t maclen = len > seglen ? seglen : len; + + EVP_EncryptUpdate(ctx, NULL, &dummy_len, mapaddr, maclen); + offset += maclen; + len -= maclen; + } + + ret = EVP_EncryptFinal_ex(ctx, NULL, &dummy_len); + + return ret; +} + +static int internal_encrypt(EVP_CIPHER_CTX *ctx, odp_packet_t pkt, const odp_crypto_packet_op_param_t *param) @@ -556,6 +588,108 @@ static int process_aes_gcm_param(odp_crypto_generic_session_t *session, return 0; } +static +odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + EVP_CIPHER_CTX *ctx; + void *iv_ptr; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret; + + if (param->override_iv_ptr) + iv_ptr = param->override_iv_ptr; + else if (session->p.iv.data) + iv_ptr = session->cipher.iv_data; + else + return ODP_CRYPTO_ALG_ERR_IV_INVALID; + + /* Encrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL, + session->auth.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + ret = internal_aad(ctx, pkt, param); + + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, + session->p.auth_digest_len, block); + odp_packet_copy_from_mem(pkt, param->hash_result_offset, + session->p.auth_digest_len, block); + + EVP_CIPHER_CTX_free(ctx); + + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; +} + +static +odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + EVP_CIPHER_CTX *ctx; + void *iv_ptr; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret; + + if (param->override_iv_ptr) + iv_ptr = param->override_iv_ptr; + else if (session->p.iv.data) + iv_ptr = session->cipher.iv_data; + else + return ODP_CRYPTO_ALG_ERR_IV_INVALID; + + /* Decrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, session->auth.evp_cipher, NULL, + session->auth.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + odp_packet_copy_to_mem(pkt, param->hash_result_offset, + session->p.auth_digest_len, block); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, + session->p.auth_digest_len, block); + _odp_packet_set_data(pkt, param->hash_result_offset, + 0, session->p.auth_digest_len); + + ret = internal_aad(ctx, pkt, param); + + EVP_CIPHER_CTX_free(ctx); + + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : + ODP_CRYPTO_ALG_ERR_NONE; +} + +static int process_aes_gmac_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) +{ + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.auth_key.length) + return -1; + + memcpy(session->auth.key, session->p.auth_key.data, + session->p.auth_key.length); + + session->auth.evp_cipher = cipher; + + /* Set function */ + if (ODP_CRYPTO_OP_ENCODE == session->p.op) + session->auth.func = aes_gmac_gen; + else + session->auth.func = aes_gmac_check; + + return 0; +} + static int process_auth_param(odp_crypto_generic_session_t *session, uint32_t key_length, const EVP_MD *evp_md) @@ -601,6 +735,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.sha256_hmac = 1; capa->auths.bit.sha512_hmac = 1; capa->auths.bit.aes_gcm = 1; + capa->auths.bit.aes_gmac = 1; #if ODP_DEPRECATED_API capa->ciphers.bit.aes128_cbc = 1; @@ -688,6 +823,10 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_aes_gcm; num = sizeof(auth_capa_aes_gcm) / size; break; + case ODP_AUTH_ALG_AES_GMAC: + src = auth_capa_aes_gmac; + num = sizeof(auth_capa_aes_gmac) / size; + break; default: return -1; } @@ -859,6 +998,16 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, rc = -1; } break; + case ODP_AUTH_ALG_AES_GMAC: + if (param->auth_key.length == 16) + rc = process_aes_gmac_param(session, EVP_aes_128_gcm()); + else if (param->auth_key.length == 24) + rc = process_aes_gmac_param(session, EVP_aes_192_gcm()); + else if (param->auth_key.length == 32) + rc = process_aes_gmac_param(session, EVP_aes_256_gcm()); + else + rc = -1; + break; default: rc = -1; }