From patchwork Fri May 5 03:00:05 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 98596 Delivered-To: patch@linaro.org Received: by 10.140.89.200 with SMTP id v66csp79996qgd; Thu, 4 May 2017 20:04:38 -0700 (PDT) X-Received: by 10.200.51.70 with SMTP id u6mr39140842qta.122.1493953478729; Thu, 04 May 2017 20:04:38 -0700 (PDT) Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id x198si3288262qkb.117.2017.05.04.20.04.38; Thu, 04 May 2017 20:04:38 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 64F4160A02; Fri, 5 May 2017 03:04:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 80AAB60A45; Fri, 5 May 2017 03:01:39 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 906F760A08; Fri, 5 May 2017 03:01:31 +0000 (UTC) Received: from forward3h.cmail.yandex.net (forward3h.cmail.yandex.net [87.250.230.18]) by lists.linaro.org (Postfix) with ESMTPS id D4DDA60958 for ; Fri, 5 May 2017 03:00:31 +0000 (UTC) Received: from smtp1h.mail.yandex.net (smtp1h.mail.yandex.net [84.201.187.144]) by forward3h.cmail.yandex.net (Yandex) with ESMTP id 13E8320EE0 for ; Fri, 5 May 2017 06:00:30 +0300 (MSK) Received: from smtp1h.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp1h.mail.yandex.net (Yandex) with ESMTP id B655D8C0413 for ; Fri, 5 May 2017 06:00:29 +0300 (MSK) Received: by smtp1h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id KREUQHFfBO-0SiOd0vx; Fri, 05 May 2017 06:00:28 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 5 May 2017 06:00:05 +0300 Message-Id: <1493953207-9115-6-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> References: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 24 Subject: [lng-odp] [PATCH API-NEXT v1 1/7] linux: crypto: use auth_digest_len when calculating HMACs X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 24 (lumag:crypto-dal) ** https://github.com/Linaro/odp/pull/24 ** Patch: https://github.com/Linaro/odp/pull/24.patch ** Base sha: 540490ddf3a1b3da4b80ed15fc874ccdfc49b60c ** Merge commit sha: d097dfa56ce6abf579ef39d07f3ac39d6badbc92 **/ platform/linux-generic/odp_crypto.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 78c3ac2..8be217c 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -522,7 +522,6 @@ static int process_des_param(odp_crypto_generic_session_t *session) } static int process_auth_param(odp_crypto_generic_session_t *session, - uint32_t bits, uint32_t key_length, const EVP_MD *evp_md) { @@ -535,7 +534,9 @@ static int process_auth_param(odp_crypto_generic_session_t *session, session->auth.evp_md = evp_md; /* Number of valid bytes */ - session->auth.bytes = bits / 8; + session->auth.bytes = session->p.auth_digest_len; + if (session->auth.bytes < (unsigned)EVP_MD_size(evp_md) / 2) + return -1; /* Convert keys */ session->auth.key_length = key_length; @@ -743,17 +744,19 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, session->auth.func = null_crypto_routine; rc = 0; break; - case ODP_AUTH_ALG_MD5_HMAC: #if ODP_DEPRECATED_API case ODP_AUTH_ALG_MD5_96: + session->p.auth_digest_len = 96 / 8; #endif - rc = process_auth_param(session, 96, 16, EVP_md5()); + case ODP_AUTH_ALG_MD5_HMAC: + rc = process_auth_param(session, 16, EVP_md5()); break; - case ODP_AUTH_ALG_SHA256_HMAC: #if ODP_DEPRECATED_API case ODP_AUTH_ALG_SHA256_128: + session->p.auth_digest_len = 128 / 8; #endif - rc = process_auth_param(session, 128, 32, EVP_sha256()); + case ODP_AUTH_ALG_SHA256_HMAC: + rc = process_auth_param(session, 32, EVP_sha256()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: From patchwork Fri May 5 03:00:02 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 98593 Delivered-To: patch@linaro.org Received: by 10.140.89.200 with SMTP id v66csp79132qgd; Thu, 4 May 2017 20:01:44 -0700 (PDT) X-Received: by 10.55.168.86 with SMTP id r83mr10134764qke.97.1493953304790; Thu, 04 May 2017 20:01:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1493953304; cv=none; d=google.com; s=arc-20160816; b=ZSRtifH9dThgnSQ2TseSgREUNWmJN9Doz9TEOFv0jHCWMIefwJAeUrjxklaJDWv20C 1mcu/Mh6tDwbAC/L3VCbaQ5HAYhdtDXLKGEZGKrFLFAojrzkc7shgjpP2NwP19B+XfVt SxKdAtUcZcSsr1IdIaVFaTPlBAb3MqXfQSlaMAoBhh3a/feWOo9+b9xDJ8sHt+PJuAo5 9SzWwkjtBCpfHpUeMUKoiyRIDyW95tEHmczvc+NvTmUpSvRxqqG4W3cgKVSsdRjNcOaX cTb/OHp2BlXgSssDn1b78764N2dZUpigcx6ysYkOSQPdickirbEEgaqceBFFCIBrxRs9 p/fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=NuKqQrcUZBhTJBgUxY5XxGE2v7SXf87zdP7z9nWVAlA=; b=CNGiNcZSnOZoYMvPVIhUbDzCyP0YtV8eslah2ZzPUcFAwnvKvzEeeIFpSk9164JINe 84ubRqoQeI4J1m4MgUL+Q0FHoL5u1vqq3VeLIz+2n/1048O3tobAgQDeA08VOpv2W50b kO1nWBSrOTZpaK482asYYe9m3BhOMeKotwbs9KPej/7xBSpKOVjAkbOzgow6hUY46Jpw 5D76ECim71J9Uy6hgxFZgkzIn3jBdI+CLw/JMBvmDCDU8yFtzXrVaQwSwnfK8MSeHaX/ T0dFxCgUM+DBCgm/5GALdESH2mwWqAPZYK7EQ+Ck1DgZy07AIw0Qs2t0DBH2ubw4UMnJ lqFQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id q20si3244857qka.137.2017.05.04.20.01.44; Thu, 04 May 2017 20:01:44 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 6A8C860AD3; Fri, 5 May 2017 03:01:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id EB7A160656; Fri, 5 May 2017 03:00:35 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 86D9560A0A; Fri, 5 May 2017 03:00:29 +0000 (UTC) Received: from forward1j.cmail.yandex.net (forward1j.cmail.yandex.net [5.255.227.19]) by lists.linaro.org (Postfix) with ESMTPS id B46C1608E2 for ; Fri, 5 May 2017 03:00:27 +0000 (UTC) Received: from smtp1h.mail.yandex.net (smtp1h.mail.yandex.net [84.201.187.144]) by forward1j.cmail.yandex.net (Yandex) with ESMTP id 3671020EB8 for ; Fri, 5 May 2017 06:00:26 +0300 (MSK) Received: from smtp1h.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp1h.mail.yandex.net (Yandex) with ESMTP id 079E68C0ED5 for ; Fri, 5 May 2017 06:00:25 +0300 (MSK) Received: by smtp1h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id KREUQHFfBO-0OiqFuLn; Fri, 05 May 2017 06:00:24 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 5 May 2017 06:00:02 +0300 Message-Id: <1493953207-9115-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> References: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 24 Subject: [lng-odp] [PATCH API-NEXT v1 2/7] linux: crypto: fix checking of GCM tags X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Currently odp_crypto code will happily accept wrong tags, because the check for EVP_DecryptFinal_ex return code is incorrect. This function returns 0 if tag is incorrect, not < 0. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 24 (lumag:crypto-dal) ** https://github.com/Linaro/odp/pull/24 ** Patch: https://github.com/Linaro/odp/pull/24.patch ** Base sha: 540490ddf3a1b3da4b80ed15fc874ccdfc49b60c ** Merge commit sha: d097dfa56ce6abf579ef39d07f3ac39d6badbc92 **/ platform/linux-generic/odp_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index a0f3f7e..78c3ac2 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -384,7 +384,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, auth_len - (aad_tail - aad_head)); } - if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) < 0) + if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) <= 0) return ODP_CRYPTO_ALG_ERR_ICV_CHECK; return ODP_CRYPTO_ALG_ERR_NONE; From patchwork Fri May 5 03:00:01 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 98592 Delivered-To: patch@linaro.org Received: by 10.140.89.200 with SMTP id v66csp78960qgd; Thu, 4 May 2017 20:01:09 -0700 (PDT) X-Received: by 10.237.59.8 with SMTP id p8mr40023561qte.270.1493953269861; Thu, 04 May 2017 20:01:09 -0700 (PDT) Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id u67si3217687qkh.159.2017.05.04.20.01.09; Thu, 04 May 2017 20:01:09 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 656BC609BE; Fri, 5 May 2017 03:01:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 974EA60A08; Fri, 5 May 2017 03:00:30 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 43DDE6092C; Fri, 5 May 2017 03:00:27 +0000 (UTC) Received: from forward4m.cmail.yandex.net (forward4m.cmail.yandex.net [5.255.216.22]) by lists.linaro.org (Postfix) with ESMTPS id E47C7608E2 for ; Fri, 5 May 2017 03:00:25 +0000 (UTC) Received: from smtp1h.mail.yandex.net (smtp1h.mail.yandex.net [IPv6:2a02:6b8:0:f05::115]) by forward4m.cmail.yandex.net (Yandex) with ESMTP id 491EA21633 for ; Fri, 5 May 2017 06:00:24 +0300 (MSK) Received: from smtp1h.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp1h.mail.yandex.net (Yandex) with ESMTP id 208618C0413 for ; Fri, 5 May 2017 06:00:23 +0300 (MSK) Received: by smtp1h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id KREUQHFfBO-0MiO9P72; Fri, 05 May 2017 06:00:22 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 5 May 2017 06:00:01 +0300 Message-Id: <1493953207-9115-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> References: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 24 Subject: [lng-odp] [PATCH API-NEXT v1 3/7] test: crypto: add AES-GCM tests with wrong tag value X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 24 (lumag:crypto-dal) ** https://github.com/Linaro/odp/pull/24 ** Patch: https://github.com/Linaro/odp/pull/24.patch ** Base sha: 540490ddf3a1b3da4b80ed15fc874ccdfc49b60c ** Merge commit sha: d097dfa56ce6abf579ef39d07f3ac39d6badbc92 **/ .../validation/api/crypto/odp_crypto_test_inp.c | 40 ++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index db380c2..de48ac0 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -697,10 +697,13 @@ void crypto_test_dec_alg_aes128_gcm(void) odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, auth_key = { .data = NULL, .length = 0 }; odp_crypto_iv_t iv = { .data = NULL, .length = AES128_GCM_IV_LEN }; + uint8_t wrong_digest[AES128_GCM_DIGEST_LEN]; unsigned int test_vec_num = (sizeof(aes128_gcm_reference_length) / sizeof(aes128_gcm_reference_length[0])); unsigned int i; + memset(wrong_digest, 0xa5, sizeof(wrong_digest)); + for (i = 0; i < test_vec_num; i++) { cipher_key.data = aes128_gcm_reference_key[i]; cipher_key.length = sizeof(aes128_gcm_reference_key[i]); @@ -731,6 +734,23 @@ void crypto_test_dec_alg_aes128_gcm(void) aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], AES128_GCM_CHECK_LEN); + + alg_test(ODP_CRYPTO_OP_DECODE, + 1, + ODP_CIPHER_ALG_AES_GCM, + iv, + NULL, + cipher_key, + ODP_AUTH_ALG_AES_GCM, + auth_key, + &aes128_gcm_cipher_range[i], + &aes128_gcm_auth_range[i], + aes128_gcm_reference_ciphertext[i], + aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_plaintext[i], + aes128_gcm_reference_length[i], + wrong_digest, + AES128_GCM_CHECK_LEN); } } @@ -744,10 +764,13 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, auth_key = { .data = NULL, .length = 0 }; odp_crypto_iv_t iv = { .data = NULL, .length = AES128_GCM_IV_LEN }; + uint8_t wrong_digest[AES128_GCM_DIGEST_LEN]; unsigned int test_vec_num = (sizeof(aes128_gcm_reference_length) / sizeof(aes128_gcm_reference_length[0])); unsigned int i; + memset(wrong_digest, 0xa5, sizeof(wrong_digest)); + for (i = 0; i < test_vec_num; i++) { cipher_key.data = aes128_gcm_reference_key[i]; cipher_key.length = sizeof(aes128_gcm_reference_key[i]); @@ -776,6 +799,23 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], AES128_GCM_CHECK_LEN); + + alg_test(ODP_CRYPTO_OP_DECODE, + 1, + ODP_CIPHER_ALG_AES_GCM, + iv, + aes128_gcm_reference_iv[i], + cipher_key, + ODP_AUTH_ALG_AES_GCM, + auth_key, + &aes128_gcm_cipher_range[i], + &aes128_gcm_auth_range[i], + aes128_gcm_reference_ciphertext[i], + aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_plaintext[i], + aes128_gcm_reference_length[i], + wrong_digest, + AES128_GCM_CHECK_LEN); } } From patchwork Fri May 5 03:00:03 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 98594 Delivered-To: patch@linaro.org Received: by 10.140.89.200 with SMTP id v66csp79316qgd; Thu, 4 May 2017 20:02:17 -0700 (PDT) X-Received: by 10.200.38.251 with SMTP id 56mr106148qtp.244.1493953337715; Thu, 04 May 2017 20:02:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1493953337; cv=none; d=google.com; s=arc-20160816; b=QPADYdmFAKpiP7BR99pItBicvAfVTpnmyPiZN5O5asjklrhtTd3XoDsqSvcM0mYtlx 5SRhYtc8uNAi9DZieiG1cnNARMyEiQEuaimzgo/ALFTQb1lneBHrtZWtEgys+GDrZQ4E gllWNj5SbtfUYr8Gkk8WyzGf9kZObMvABG/Hq8mqzlCjcOa1Esa5sr02rRdtITtKKl1E TB5k+zAsQIdZVGiAmBy16No6ufm5/Eey4d2mcyeWXYAWMEVorQVzl2p/3DwRds1JcRGX TkXJ6/bjypruwjLAoAf1OFvGZ+WtteSoonYdLpqrz/t8s2Kt8P+p0nysGgo/UMz1rBqo 4SGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=QQuWYVElyw09K1SOBTDzpqEqCYFTrvnLp3wMZ8vOYXk=; b=GpNfaWHLL0AE2A7a5LZUDOIB2jh4S4qMZTXPcvITNLU9hTEPB1r1wrj/oCPNT4CMpF b5Dip1ozO0jd2w2DhZ+QI5ywKIBKI/Im0R2rR74Ya13D133Aeb3ulUugVWN4QGio617A MNrHvIgE0HZo7NuOtTrwvhSETzibPXht9gQz4NlWZTumfCpuboQRJVq3ln1WLJQbjnaW DrX/9THVR27qEC6FreP3V5GzBgo+cjdaUV+0MLR8Sz6kg5k5XiOYSKT5lQMvH8pJe6OI PWIO1tK1tZnAirsMI5FpM4h0ecC/nwmfVCGH3q0R8Ng24hGGzbyb5aE/7DRtlccBNf2s 1ZIg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id m53si3457049qtf.77.2017.05.04.20.02.17; Thu, 04 May 2017 20:02:17 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 7163660A35; Fri, 5 May 2017 03:02:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 650B660948; Fri, 5 May 2017 03:01:12 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id B209960A3C; Fri, 5 May 2017 03:01:06 +0000 (UTC) Received: from forward2j.cmail.yandex.net (forward2j.cmail.yandex.net [5.255.227.20]) by lists.linaro.org (Postfix) with ESMTPS id 0FB6360A02 for ; Fri, 5 May 2017 03:00:29 +0000 (UTC) Received: from smtp1h.mail.yandex.net (smtp1h.mail.yandex.net [IPv6:2a02:6b8:0:f05::115]) by forward2j.cmail.yandex.net (Yandex) with ESMTP id 83468212E0 for ; Fri, 5 May 2017 06:00:27 +0300 (MSK) Received: from smtp1h.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp1h.mail.yandex.net (Yandex) with ESMTP id 5A1B98C0DF8 for ; Fri, 5 May 2017 06:00:26 +0300 (MSK) Received: by smtp1h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id KREUQHFfBO-0Qi4JrvC; Fri, 05 May 2017 06:00:26 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 5 May 2017 06:00:03 +0300 Message-Id: <1493953207-9115-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> References: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 24 Subject: [lng-odp] [PATCH API-NEXT v1 4/7] test: crypto: explicitly pass auth_digest_len to crypto subsystem X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 24 (lumag:crypto-dal) ** https://github.com/Linaro/odp/pull/24 ** Patch: https://github.com/Linaro/odp/pull/24.patch ** Base sha: 540490ddf3a1b3da4b80ed15fc874ccdfc49b60c ** Merge commit sha: d097dfa56ce6abf579ef39d07f3ac39d6badbc92 **/ .../validation/api/crypto/odp_crypto_test_inp.c | 49 +++++++++++----------- .../validation/api/crypto/test_vectors.h | 10 +++++ .../validation/api/crypto/test_vectors_len.h | 3 -- 3 files changed, 35 insertions(+), 27 deletions(-) diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index de48ac0..16c2efa 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -201,6 +201,7 @@ static void alg_test(odp_crypto_op_t op, ses_params.cipher_key = cipher_key; ses_params.iv = ses_iv; ses_params.auth_key = auth_key; + ses_params.auth_digest_len = digest_len; rc = odp_crypto_session_create(&ses_params, &session, &status); CU_ASSERT_FATAL(!rc); @@ -620,7 +621,7 @@ void crypto_test_enc_alg_aes128_gcm(void) cipher_key.length, iv.length)) continue; if (!check_auth_options(ODP_AUTH_ALG_AES_GCM, - auth_key.length, AES128_GCM_CHECK_LEN)) + auth_key.length, aes128_gcm_reference_tag_length[i])) continue; alg_test(ODP_CRYPTO_OP_ENCODE, @@ -639,7 +640,7 @@ void crypto_test_enc_alg_aes128_gcm(void) aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); } } @@ -664,7 +665,7 @@ void crypto_test_enc_alg_aes128_gcm_ovr_iv(void) cipher_key.length, iv.length)) continue; if (!check_auth_options(ODP_AUTH_ALG_AES_GCM, - auth_key.length, AES128_GCM_CHECK_LEN)) + auth_key.length, aes128_gcm_reference_tag_length[i])) continue; alg_test(ODP_CRYPTO_OP_ENCODE, @@ -683,7 +684,7 @@ void crypto_test_enc_alg_aes128_gcm_ovr_iv(void) aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); } } @@ -714,7 +715,7 @@ void crypto_test_dec_alg_aes128_gcm(void) cipher_key.length, iv.length)) continue; if (!check_auth_options(ODP_AUTH_ALG_AES_GCM, - auth_key.length, AES128_GCM_CHECK_LEN)) + auth_key.length, aes128_gcm_reference_tag_length[i])) continue; alg_test(ODP_CRYPTO_OP_DECODE, @@ -728,12 +729,12 @@ void crypto_test_dec_alg_aes128_gcm(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_ciphertext[i], - aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); alg_test(ODP_CRYPTO_OP_DECODE, 1, @@ -746,11 +747,11 @@ void crypto_test_dec_alg_aes128_gcm(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_ciphertext[i], - aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], wrong_digest, - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); } } @@ -779,7 +780,7 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) cipher_key.length, iv.length)) continue; if (!check_auth_options(ODP_AUTH_ALG_AES_GCM, - auth_key.length, AES128_GCM_CHECK_LEN)) + auth_key.length, aes128_gcm_reference_tag_length[i])) continue; alg_test(ODP_CRYPTO_OP_DECODE, @@ -793,12 +794,12 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_ciphertext[i], - aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i] + aes128_gcm_reference_length[i], - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); alg_test(ODP_CRYPTO_OP_DECODE, 1, @@ -811,11 +812,11 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_ciphertext[i], - aes128_gcm_reference_length[i] + AES128_GCM_CHECK_LEN, + aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], wrong_digest, - AES128_GCM_CHECK_LEN); + aes128_gcm_reference_tag_length[i]); } } @@ -1004,7 +1005,7 @@ void crypto_test_gen_alg_hmac_md5(void) auth_key.length = sizeof(hmac_md5_reference_key[i]); if (!check_auth_options(ODP_AUTH_ALG_MD5_HMAC, auth_key.length, - HMAC_MD5_96_CHECK_LEN)) + hmac_md5_reference_digest_length[i])) continue; alg_test(ODP_CRYPTO_OP_ENCODE, @@ -1020,7 +1021,7 @@ void crypto_test_gen_alg_hmac_md5(void) hmac_md5_reference_length[i], NULL, 0, hmac_md5_reference_digest[i], - HMAC_MD5_96_CHECK_LEN); + hmac_md5_reference_digest_length[i]); } } @@ -1042,7 +1043,7 @@ void crypto_test_check_alg_hmac_md5(void) auth_key.length = sizeof(hmac_md5_reference_key[i]); if (!check_auth_options(ODP_AUTH_ALG_MD5_HMAC, auth_key.length, - HMAC_MD5_96_CHECK_LEN)) + hmac_md5_reference_digest_length[i])) continue; alg_test(ODP_CRYPTO_OP_DECODE, @@ -1058,7 +1059,7 @@ void crypto_test_check_alg_hmac_md5(void) hmac_md5_reference_length[i], NULL, 0, hmac_md5_reference_digest[i], - HMAC_MD5_96_CHECK_LEN); + hmac_md5_reference_digest_length[i]); alg_test(ODP_CRYPTO_OP_DECODE, 1, @@ -1073,7 +1074,7 @@ void crypto_test_check_alg_hmac_md5(void) hmac_md5_reference_length[i], NULL, 0, wrong_digest, - HMAC_MD5_96_CHECK_LEN); + hmac_md5_reference_digest_length[i]); } } @@ -1106,7 +1107,7 @@ void crypto_test_gen_alg_hmac_sha256(void) if (!check_auth_options(ODP_AUTH_ALG_SHA256_HMAC, auth_key.length, - HMAC_SHA256_128_CHECK_LEN)) + hmac_sha256_reference_digest_length[i])) continue; alg_test(ODP_CRYPTO_OP_ENCODE, @@ -1122,7 +1123,7 @@ void crypto_test_gen_alg_hmac_sha256(void) hmac_sha256_reference_length[i], NULL, 0, hmac_sha256_reference_digest[i], - HMAC_SHA256_128_CHECK_LEN); + hmac_sha256_reference_digest_length[i]); } } @@ -1146,7 +1147,7 @@ void crypto_test_check_alg_hmac_sha256(void) if (!check_auth_options(ODP_AUTH_ALG_SHA256_HMAC, auth_key.length, - HMAC_SHA256_128_CHECK_LEN)) + hmac_sha256_reference_digest_length[i])) continue; alg_test(ODP_CRYPTO_OP_DECODE, @@ -1162,7 +1163,7 @@ void crypto_test_check_alg_hmac_sha256(void) hmac_sha256_reference_length[i], NULL, 0, hmac_sha256_reference_digest[i], - HMAC_SHA256_128_CHECK_LEN); + hmac_sha256_reference_digest_length[i]); alg_test(ODP_CRYPTO_OP_DECODE, 1, @@ -1177,7 +1178,7 @@ void crypto_test_check_alg_hmac_sha256(void) hmac_sha256_reference_length[i], NULL, 0, wrong_digest, - HMAC_SHA256_128_CHECK_LEN); + hmac_sha256_reference_digest_length[i]); } } diff --git a/test/common_plat/validation/api/crypto/test_vectors.h b/test/common_plat/validation/api/crypto/test_vectors.h index da4610f..f6965b0 100644 --- a/test/common_plat/validation/api/crypto/test_vectors.h +++ b/test/common_plat/validation/api/crypto/test_vectors.h @@ -139,6 +139,8 @@ static uint8_t aes128_gcm_reference_iv[][AES128_GCM_IV_LEN] = { static uint32_t aes128_gcm_reference_length[] = { 84, 72, 72, 40}; +static uint32_t aes128_gcm_reference_tag_length[] = { 16, 16, 16, 16}; + static odp_crypto_data_range_t aes128_gcm_cipher_range[] = { { .offset = 12, .length = 72 }, { .offset = 8, .length = 64 }, @@ -306,6 +308,10 @@ static uint8_t hmac_md5_reference_digest[][HMAC_MD5_DIGEST_LEN] = { 0xdb, 0xb8, 0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6 } }; +static uint32_t hmac_md5_reference_digest_length[] = { + 12, 12, 12 +}; + static uint8_t hmac_sha256_reference_key[][HMAC_SHA256_KEY_LEN] = { { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, @@ -350,4 +356,8 @@ static uint8_t hmac_sha256_reference_digest[][HMAC_SHA256_DIGEST_LEN] = { 0x85, 0x4d, 0xb8, 0xeb, 0xd0, 0x91, 0x81, 0xa7 } }; +static uint32_t hmac_sha256_reference_digest_length[] = { + 16, 16, 16 +}; + #endif diff --git a/test/common_plat/validation/api/crypto/test_vectors_len.h b/test/common_plat/validation/api/crypto/test_vectors_len.h index 4fbb5cd..80fd927 100644 --- a/test/common_plat/validation/api/crypto/test_vectors_len.h +++ b/test/common_plat/validation/api/crypto/test_vectors_len.h @@ -21,18 +21,15 @@ #define AES128_GCM_IV_LEN 12 #define AES128_GCM_MAX_DATA_LEN 106 #define AES128_GCM_DIGEST_LEN 16 -#define AES128_GCM_CHECK_LEN 16 /* HMAC-MD5 */ #define HMAC_MD5_KEY_LEN 16 #define HMAC_MD5_MAX_DATA_LEN 128 #define HMAC_MD5_DIGEST_LEN 16 -#define HMAC_MD5_96_CHECK_LEN 12 /* HMAC-SHA256 */ #define HMAC_SHA256_KEY_LEN 32 #define HMAC_SHA256_MAX_DATA_LEN 128 #define HMAC_SHA256_DIGEST_LEN 32 -#define HMAC_SHA256_128_CHECK_LEN 16 #endif From patchwork Fri May 5 03:00:06 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 98597 Delivered-To: patch@linaro.org Received: by 10.140.89.200 with SMTP id v66csp80124qgd; Thu, 4 May 2017 20:05:07 -0700 (PDT) X-Received: by 10.55.214.7 with SMTP id t7mr10144196qki.170.1493953506981; Thu, 04 May 2017 20:05:06 -0700 (PDT) Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id k90si3462275qkl.136.2017.05.04.20.05.06; Thu, 04 May 2017 20:05:06 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 6C62C609BE; Fri, 5 May 2017 03:05:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id CC16860AC8; Fri, 5 May 2017 03:01:42 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id AD2CB60A2E; Fri, 5 May 2017 03:01:35 +0000 (UTC) Received: from forward3j.cmail.yandex.net (forward3j.cmail.yandex.net [5.255.227.21]) by lists.linaro.org (Postfix) with ESMTPS id D4DD460A31 for ; Fri, 5 May 2017 03:00:32 +0000 (UTC) Received: from smtp1h.mail.yandex.net (smtp1h.mail.yandex.net [IPv6:2a02:6b8:0:f05::115]) by forward3j.cmail.yandex.net (Yandex) with ESMTP id 7A23D20C46 for ; Fri, 5 May 2017 06:00:31 +0300 (MSK) Received: from smtp1h.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp1h.mail.yandex.net (Yandex) with ESMTP id 29E458C0E4B for ; Fri, 5 May 2017 06:00:30 +0300 (MSK) Received: by smtp1h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id KREUQHFfBO-0Tiqasqk; Fri, 05 May 2017 06:00:30 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 5 May 2017 06:00:06 +0300 Message-Id: <1493953207-9115-7-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> References: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 24 Subject: [lng-odp] [PATCH API-NEXT v1 5/7] linux: crypto: add SHA* capabilities for full length digests X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov In addition to truncated digests (used by IPsec) add full-length capabilities to SHA* algos. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 24 (lumag:crypto-dal) ** https://github.com/Linaro/odp/pull/24 ** Patch: https://github.com/Linaro/odp/pull/24.patch ** Base sha: 540490ddf3a1b3da4b80ed15fc874ccdfc49b60c ** Merge commit sha: d097dfa56ce6abf579ef39d07f3ac39d6badbc92 **/ platform/linux-generic/odp_crypto.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 8be217c..bd089c7 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -52,10 +52,12 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { * Keep sorted: first by digest length, then by key length */ static const odp_crypto_auth_capability_t auth_capa_md5_hmac[] = { -{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; static const odp_crypto_auth_capability_t auth_capa_sha256_hmac[] = { -{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 32, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; From patchwork Fri May 5 03:00:07 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 98598 Delivered-To: patch@linaro.org Received: by 10.140.89.200 with SMTP id v66csp80239qgd; Thu, 4 May 2017 20:05:35 -0700 (PDT) X-Received: by 10.200.1.26 with SMTP id e26mr14817942qtg.75.1493953535520; Thu, 04 May 2017 20:05:35 -0700 (PDT) Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id f90si3215919qtd.32.2017.05.04.20.05.35; Thu, 04 May 2017 20:05:35 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 32B7860747; Fri, 5 May 2017 03:05:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 206CE60A3C; Fri, 5 May 2017 03:01:46 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id E8C8560A2E; Fri, 5 May 2017 03:01:35 +0000 (UTC) Received: from forward4o.cmail.yandex.net (forward4o.cmail.yandex.net [37.9.109.248]) by lists.linaro.org (Postfix) with ESMTPS id C2E68604A1 for ; Fri, 5 May 2017 03:00:34 +0000 (UTC) Received: from smtp1h.mail.yandex.net (smtp1h.mail.yandex.net [84.201.187.144]) by forward4o.cmail.yandex.net (Yandex) with ESMTP id A35A820EE0 for ; Fri, 5 May 2017 06:00:33 +0300 (MSK) Received: from smtp1h.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp1h.mail.yandex.net (Yandex) with ESMTP id 736238C0413 for ; Fri, 5 May 2017 06:00:31 +0300 (MSK) Received: by smtp1h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id KREUQHFfBO-0VieVtif; Fri, 05 May 2017 06:00:31 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 5 May 2017 06:00:07 +0300 Message-Id: <1493953207-9115-8-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> References: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 24 Subject: [lng-odp] [PATCH API-NEXT v1 6/7] linux: crypto: update AES-GCM support to reflect aad and auth_digest_len X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Make AES-GCM use recently introduced aad and auth_digest_len fields. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 24 (lumag:crypto-dal) ** https://github.com/Linaro/odp/pull/24 ** Patch: https://github.com/Linaro/odp/pull/24.patch ** Base sha: 540490ddf3a1b3da4b80ed15fc874ccdfc49b60c ** Merge commit sha: d097dfa56ce6abf579ef39d07f3ac39d6badbc92 **/ platform/linux-generic/odp_crypto.c | 58 +++++++++---------------------------- 1 file changed, 14 insertions(+), 44 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index bd089c7..95410e3 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -267,10 +267,8 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, { uint8_t *data = odp_packet_data(param->out_pkt); uint32_t plain_len = param->cipher_range.length; - uint8_t *aad_head = data + param->auth_range.offset; - uint8_t *aad_tail = data + param->cipher_range.offset + - param->cipher_range.length; - uint32_t auth_len = param->auth_range.length; + const uint8_t *aad_head = param->aad.ptr; + uint32_t aad_len = param->aad.length; unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -282,12 +280,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* All cipher data must be part of the authentication */ - if (param->auth_range.offset > param->cipher_range.offset || - param->auth_range.offset + auth_len < - param->cipher_range.offset + plain_len) - return ODP_CRYPTO_ALG_ERR_DATA_SIZE; - /* * Create a copy of the IV. The DES library modifies IV * and if we are processing packets on parallel threads @@ -305,23 +297,15 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); /* Authenticate header data (if any) without encrypting them */ - if (aad_head < plaindata) { + if (aad_len > 0) EVP_EncryptUpdate(ctx, NULL, &cipher_len, - aad_head, plaindata - aad_head); - } + aad_head, aad_len); EVP_EncryptUpdate(ctx, plaindata, &cipher_len, plaindata, plain_len); - cipher_len = plain_len; - - /* Authenticate footer data (if any) without encrypting them */ - if (aad_head + auth_len > plaindata + plain_len) { - EVP_EncryptUpdate(ctx, NULL, NULL, aad_tail, - auth_len - (aad_tail - aad_head)); - } EVP_EncryptFinal_ex(ctx, plaindata + cipher_len, &cipher_len); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, session->p.auth_digest_len, tag); return ODP_CRYPTO_ALG_ERR_NONE; } @@ -332,10 +316,8 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, { uint8_t *data = odp_packet_data(param->out_pkt); uint32_t cipher_len = param->cipher_range.length; - uint8_t *aad_head = data + param->auth_range.offset; - uint8_t *aad_tail = data + param->cipher_range.offset + - param->cipher_range.length; - uint32_t auth_len = param->auth_range.length; + const uint8_t *aad_head = param->aad.ptr; + uint32_t aad_len = param->aad.length; unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -347,12 +329,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID; - /* All cipher data must be part of the authentication */ - if (param->auth_range.offset > param->cipher_range.offset || - param->auth_range.offset + auth_len < - param->cipher_range.offset + cipher_len) - return ODP_CRYPTO_ALG_ERR_DATA_SIZE; - /* * Create a copy of the IV. The DES library modifies IV * and if we are processing packets on parallel threads @@ -368,25 +344,17 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, session->p.auth_digest_len, tag); /* Authenticate header data (if any) without encrypting them */ - if (aad_head < cipherdata) { + if (aad_len > 0) EVP_DecryptUpdate(ctx, NULL, &plain_len, - aad_head, cipherdata - aad_head); - } + aad_head, aad_len); EVP_DecryptUpdate(ctx, cipherdata, &plain_len, cipherdata, cipher_len); - plain_len = cipher_len; - - /* Authenticate footer data (if any) without encrypting them */ - if (aad_head + auth_len > cipherdata + cipher_len) { - EVP_DecryptUpdate(ctx, NULL, NULL, aad_tail, - auth_len - (aad_tail - aad_head)); - } - if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) <= 0) + if (EVP_DecryptFinal_ex(ctx, cipherdata + plain_len, &plain_len) <= 0) return ODP_CRYPTO_ALG_ERR_ICV_CHECK; return ODP_CRYPTO_ALG_ERR_NONE; @@ -764,12 +732,14 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, case ODP_AUTH_ALG_AES128_GCM: if (param->cipher_alg == ODP_CIPHER_ALG_AES128_GCM) aes_gcm = 1; + session->p.auth_digest_len = 128 / 8; /* Fallthrough */ #endif case ODP_AUTH_ALG_AES_GCM: /* AES-GCM requires to do both auth and * cipher at the same time */ - if (param->cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) { + if ((param->cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) && + session->p.auth_digest_len == 128 / 8) { session->auth.func = null_crypto_routine; rc = 0; } else { From patchwork Fri May 5 03:00:04 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 98595 Delivered-To: patch@linaro.org Received: by 10.140.89.200 with SMTP id v66csp79792qgd; Thu, 4 May 2017 20:03:53 -0700 (PDT) X-Received: by 10.200.3.103 with SMTP id w39mr40021617qtg.6.1493953433730; Thu, 04 May 2017 20:03:53 -0700 (PDT) Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id b16si3393546qkj.311.2017.05.04.20.03.53; Thu, 04 May 2017 20:03:53 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 4893260958; Fri, 5 May 2017 03:03:53 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 3FA5E608E2; Fri, 5 May 2017 03:01:36 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 69EEB60A77; Fri, 5 May 2017 03:01:28 +0000 (UTC) Received: from forward4o.cmail.yandex.net (forward4o.cmail.yandex.net [37.9.109.248]) by lists.linaro.org (Postfix) with ESMTPS id 8B8AB608E2 for ; Fri, 5 May 2017 03:00:30 +0000 (UTC) Received: from smtp1h.mail.yandex.net (smtp1h.mail.yandex.net [IPv6:2a02:6b8:0:f05::115]) by forward4o.cmail.yandex.net (Yandex) with ESMTP id BE8C220DB1 for ; Fri, 5 May 2017 06:00:28 +0300 (MSK) Received: from smtp1h.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp1h.mail.yandex.net (Yandex) with ESMTP id 93FA98C0DF8 for ; Fri, 5 May 2017 06:00:28 +0300 (MSK) Received: by smtp1h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id KREUQHFfBO-0RiqWAd3; Fri, 05 May 2017 06:00:27 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 5 May 2017 06:00:04 +0300 Message-Id: <1493953207-9115-5-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> References: <1493953207-9115-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 24 Subject: [lng-odp] [PATCH API-NEXT v1 7/7] test: crypto: explicitly pass AAD to crypto subsystem X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 24 (lumag:crypto-dal) ** https://github.com/Linaro/odp/pull/24 ** Patch: https://github.com/Linaro/odp/pull/24.patch ** Base sha: 540490ddf3a1b3da4b80ed15fc874ccdfc49b60c ** Merge commit sha: d097dfa56ce6abf579ef39d07f3ac39d6badbc92 **/ .../validation/api/crypto/odp_crypto_test_inp.c | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index 16c2efa..5c36f87 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -74,6 +74,8 @@ static void alg_test(odp_crypto_op_t op, odp_crypto_key_t auth_key, odp_crypto_data_range_t *cipher_range, odp_crypto_data_range_t *auth_range, + uint8_t *aad, + uint32_t aad_len, const uint8_t *plaintext, unsigned int plaintext_len, const uint8_t *ciphertext, @@ -240,6 +242,9 @@ static void alg_test(odp_crypto_op_t op, if (op_iv_ptr) op_params.override_iv_ptr = op_iv_ptr; + op_params.aad.ptr = aad; + op_params.aad.length = aad_len; + op_params.hash_result_offset = plaintext_len; if (0 != digest_len) { memcpy(data_addr + op_params.hash_result_offset, @@ -472,6 +477,7 @@ void crypto_test_enc_alg_3des_cbc(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, tdes_cbc_reference_plaintext[i], tdes_cbc_reference_length[i], tdes_cbc_reference_ciphertext[i], @@ -508,6 +514,7 @@ void crypto_test_enc_alg_3des_cbc_ovr_iv(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, tdes_cbc_reference_plaintext[i], tdes_cbc_reference_length[i], tdes_cbc_reference_ciphertext[i], @@ -548,6 +555,7 @@ void crypto_test_dec_alg_3des_cbc(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, tdes_cbc_reference_ciphertext[i], tdes_cbc_reference_length[i], tdes_cbc_reference_plaintext[i], @@ -586,6 +594,7 @@ void crypto_test_dec_alg_3des_cbc_ovr_iv(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, tdes_cbc_reference_ciphertext[i], tdes_cbc_reference_length[i], tdes_cbc_reference_plaintext[i], @@ -635,6 +644,9 @@ void crypto_test_enc_alg_aes128_gcm(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, + aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i], @@ -679,6 +691,9 @@ void crypto_test_enc_alg_aes128_gcm_ovr_iv(void) &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, + aes128_gcm_reference_plaintext[i], aes128_gcm_reference_length[i], aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i], @@ -728,6 +743,9 @@ void crypto_test_dec_alg_aes128_gcm(void) auth_key, &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], + aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], @@ -746,6 +764,9 @@ void crypto_test_dec_alg_aes128_gcm(void) auth_key, &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], + aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], @@ -793,6 +814,9 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) auth_key, &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], + aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], @@ -811,6 +835,9 @@ void crypto_test_dec_alg_aes128_gcm_ovr_iv(void) auth_key, &aes128_gcm_cipher_range[i], &aes128_gcm_auth_range[i], + aes128_gcm_reference_plaintext[i], + aes128_gcm_cipher_range[i].offset - + aes128_gcm_auth_range[i].offset, aes128_gcm_reference_ciphertext[i], aes128_gcm_reference_length[i] + aes128_gcm_reference_tag_length[i], aes128_gcm_reference_plaintext[i], @@ -857,6 +884,7 @@ void crypto_test_enc_alg_aes128_cbc(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, aes128_cbc_reference_plaintext[i], aes128_cbc_reference_length[i], aes128_cbc_reference_ciphertext[i], @@ -893,6 +921,7 @@ void crypto_test_enc_alg_aes128_cbc_ovr_iv(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, aes128_cbc_reference_plaintext[i], aes128_cbc_reference_length[i], aes128_cbc_reference_ciphertext[i], @@ -933,6 +962,7 @@ void crypto_test_dec_alg_aes128_cbc(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, aes128_cbc_reference_ciphertext[i], aes128_cbc_reference_length[i], aes128_cbc_reference_plaintext[i], @@ -971,6 +1001,7 @@ void crypto_test_dec_alg_aes128_cbc_ovr_iv(void) ODP_AUTH_ALG_NULL, auth_key, NULL, NULL, + NULL, 0, aes128_cbc_reference_ciphertext[i], aes128_cbc_reference_length[i], aes128_cbc_reference_plaintext[i], @@ -1017,6 +1048,7 @@ void crypto_test_gen_alg_hmac_md5(void) ODP_AUTH_ALG_MD5_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_md5_reference_plaintext[i], hmac_md5_reference_length[i], NULL, 0, @@ -1055,6 +1087,7 @@ void crypto_test_check_alg_hmac_md5(void) ODP_AUTH_ALG_MD5_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_md5_reference_plaintext[i], hmac_md5_reference_length[i], NULL, 0, @@ -1070,6 +1103,7 @@ void crypto_test_check_alg_hmac_md5(void) ODP_AUTH_ALG_MD5_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_md5_reference_plaintext[i], hmac_md5_reference_length[i], NULL, 0, @@ -1119,6 +1153,7 @@ void crypto_test_gen_alg_hmac_sha256(void) ODP_AUTH_ALG_SHA256_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_sha256_reference_plaintext[i], hmac_sha256_reference_length[i], NULL, 0, @@ -1159,6 +1194,7 @@ void crypto_test_check_alg_hmac_sha256(void) ODP_AUTH_ALG_SHA256_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_sha256_reference_plaintext[i], hmac_sha256_reference_length[i], NULL, 0, @@ -1174,6 +1210,7 @@ void crypto_test_check_alg_hmac_sha256(void) ODP_AUTH_ALG_SHA256_HMAC, auth_key, NULL, NULL, + NULL, 0, hmac_sha256_reference_plaintext[i], hmac_sha256_reference_length[i], NULL, 0,