From patchwork Tue Dec 19 18:00:09 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122404 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4486819qgn; Tue, 19 Dec 2017 10:03:01 -0800 (PST) X-Google-Smtp-Source: ACJfBou/xi7Stguo5EfIX3WW0i6AJyjhlNtsV9ddiJR638umP6DWBF8AEI9JA76CJGgjQDJXe5ZB X-Received: by 10.55.149.4 with SMTP id x4mr5182580qkd.69.1513706581214; Tue, 19 Dec 2017 10:03:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513706581; cv=none; d=google.com; s=arc-20160816; b=LAbXuLzQL0t5Xwdv9nqBJoUfzbU/z2jyYkvYwvJ97eyRf4ydAx0yC+ZHLlfbIvSZ4D c4r01AKt3H/leMOZRLybShko5Tnf7EG8YXSVyIiOMIpHaWuUgYOllj7E/ycg5QoSXadq zXnlJEDzKWQbTxaAegmaO07/BBdevEXwLDxCVwL5CPucR+lSu6Kl1hy4bXayL3byZ6Wk 4g2aMcswEAKyhPDHViQJ4pgDFsybnkukDbqh4x3WZBsXAOEWunAMnBpe0H2bhBIdAz/C Id3pNVNZAV3XV8T5Pf0lQoDS63T8f2bvBpU8BxlVnwJvhf3/iulZ0vf48pRg/yt8vsWQ KPzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=44njL9BdunluQ29vP4t+Kpn5GbA8+9lGl4yXm6oIR0k=; b=mJQePJzOvzUGls5MK2D6cjBYewrCC3c0YHXrAGOHWJrS0oCIHZJ/j0vOTQNBBpcph9 pgIx+d1N+f8F95vKGoZHTBS0AvxcTJ5gRx+7EyfAF9kXc6aJZzFltIsCdDRIqqPpw41R gpo82v3WaX6SDMlPrXkaow7HnKrPnVDGFiA4HZRT7uACC+Qf72tKniYwZ1/dBi490qNH hsyNFa6EsgS2FBDFe/nywGU6/nrlkc3bFeM1zAaTVvSAWEeU87bo8yFAegypfz4E5W2n BnPHmWZfabOhWSNDIp0mSevDT5XYOEzLJfcWxgflY/ge2F7MOnGQGVHHv4ssGo53vDPw gQ/w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id w53si16534512qth.77.2017.12.19.10.02.58; Tue, 19 Dec 2017 10:03:01 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id A933160975; Tue, 19 Dec 2017 18:02:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id BCEA460956; Tue, 19 Dec 2017 18:01:46 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id A92BF608DC; Tue, 19 Dec 2017 18:01:30 +0000 (UTC) Received: from forward104p.mail.yandex.net (forward104p.mail.yandex.net [77.88.28.107]) by lists.linaro.org (Postfix) with ESMTPS id 5B33D60922 for ; Tue, 19 Dec 2017 18:01:07 +0000 (UTC) Received: from mxback2g.mail.yandex.net (mxback2g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:163]) by forward104p.mail.yandex.net (Yandex) with ESMTP id C530B182D8D for ; Tue, 19 Dec 2017 21:01:05 +0300 (MSK) Received: from smtp2p.mail.yandex.net (smtp2p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:7]) by mxback2g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id nduZg8jXba-15NOuE5E; Tue, 19 Dec 2017 21:01:05 +0300 Received: by smtp2p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id 0LSLb99cI8-0gSOx05F; Tue, 19 Dec 2017 21:00:42 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 19 Dec 2017 21:00:09 +0300 Message-Id: <1513706411-15615-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513706411-15615-1-git-send-email-odpbot@yandex.ru> References: <1513706411-15615-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v2 1/3] api: ipsec: add capabilities for cipher and auth algos X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Currently IPsec uses capabilities from crypto module to report supported key lengths. Crypto capabilities also contain additional data (like digest length, IV len, AAD len, etc. However this data is not relevant for IPsec, as most of such variables are fixed by protocol standards. To simplify application code provide copies of cipher and auth capabilities structures containing only relevant data (key lengths). Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 178b98f2e440762b31d9e91d85aafbe82829c231 **/ include/odp/api/spec/ipsec.h | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/include/odp/api/spec/ipsec.h b/include/odp/api/spec/ipsec.h index 538472a5e..731cd10de 100644 --- a/include/odp/api/spec/ipsec.h +++ b/include/odp/api/spec/ipsec.h @@ -280,6 +280,24 @@ typedef struct odp_ipsec_capability_t { } odp_ipsec_capability_t; +/** + * Cipher algorithm capabilities + */ +typedef struct odp_ipsec_cipher_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_cipher_capability_t; + +/** + * Authentication algorithm capabilities + */ +typedef struct odp_ipsec_auth_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_auth_capability_t; + /** * IPSEC configuration options */ @@ -744,7 +762,7 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa); * @retval <0 on failure */ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num); + odp_ipsec_cipher_capability_t capa[], int num); /** * Query supported IPSEC authentication algorithm capabilities @@ -766,7 +784,7 @@ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, * @retval <0 on failure */ int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num); + odp_ipsec_auth_capability_t capa[], int num); /** * Initialize IPSEC configuration options From patchwork Tue Dec 19 18:00:10 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122403 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4485862qgn; Tue, 19 Dec 2017 10:02:26 -0800 (PST) X-Google-Smtp-Source: ACJfBoshnVDAvKp6Xu910QQ5ly5f78WA8ZUG1ZOFvilzMPHYGVAHHkwYqnRI1LvVwoS2bKhx5M0G X-Received: by 10.37.195.66 with SMTP id t63mr2613154ybf.317.1513706546607; Tue, 19 Dec 2017 10:02:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513706546; cv=none; d=google.com; s=arc-20160816; b=jnEeEFIa4pHfx6eQbyBxPprLq69nt7ZbNn+l/Thi416rvJm2ifTWkPc3pcElLVfHTB Jb3q3QOGtXtqEVESCCotdgbGW0xT3O5PK/Re5uW0Tj1v9uiabT857+vX3pLMcvge92rh zSRfeYJIZKd94AwIyH6mfxUtBbqrOL147rFcngra3R4V3UHFdHWGc/y8Mh8LE6CxS8Pm 2W0RCTJNY3R7Mc0Fr0ax42xhOKPNI+VEuOpa0rV9950Gv3RL+Vj1/gSKqSy8Agadv4WR yoUUo2GzBoHYJPGqm2v+8XKi2mUsGP6AarwizfFwJk9sM/mtATKS4aDgWR0wv+QDSPoJ zO6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=oneqHt5IVu8vReorBfrdht/E/XCkNL6u2R2ZWSfLSPY=; b=EX414z5nNXkIgoQ0U+NMBbe4/RZKpQWVh6yfchNG5j2LTbt/R26yuNtgo2y/KeFK9y 01ZpfZFA2Zj64waqK5b2wtktuKtDln34wdaBlgHYEDyAmMmIOXRPhHPoafHhCNxwHHvn Jvb0U1QkTOlD8IySz7rRzAolayQEu/yvjN6Np6nDiQJ5krc974P7WZNks/LoxFpiiuYp JE9qGXjW9W2+GH2NGgIZJ3g614xYeJYgLPm4GarFM5PMZu1jZCLboZN8Z8fWyaR/a4sK 736vUIzDjreNPboSixlXlPE398fW0Q1EJwLIO6fTelFE1gydAjEtQMK7Fr0futWdCQps hoxg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id p25si10379184qki.168.2017.12.19.10.02.26; Tue, 19 Dec 2017 10:02:26 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 4AA16608EE; Tue, 19 Dec 2017 18:02:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 6EC6560905; Tue, 19 Dec 2017 18:01:38 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 6DB90608E7; Tue, 19 Dec 2017 18:01:29 +0000 (UTC) Received: from forward104j.mail.yandex.net (forward104j.mail.yandex.net [5.45.198.247]) by lists.linaro.org (Postfix) with ESMTPS id D58AD60905 for ; Tue, 19 Dec 2017 18:01:14 +0000 (UTC) Received: from mxback2o.mail.yandex.net (mxback2o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1c]) by forward104j.mail.yandex.net (Yandex) with ESMTP id C660C43821 for ; Tue, 19 Dec 2017 21:01:12 +0300 (MSK) Received: from smtp2p.mail.yandex.net (smtp2p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:7]) by mxback2o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id bvluhrzQJX-1CkCpg9E; Tue, 19 Dec 2017 21:01:12 +0300 Received: by smtp2p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id 0LSLb99cI8-15Su3Wk7; Tue, 19 Dec 2017 21:01:06 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 19 Dec 2017 21:00:10 +0300 Message-Id: <1513706411-15615-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513706411-15615-1-git-send-email-odpbot@yandex.ru> References: <1513706411-15615-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v2 2/3] validation: ipsec: adapt to crypto capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 178b98f2e440762b31d9e91d85aafbe82829c231 **/ test/validation/api/ipsec/ipsec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 097216730..47170e086 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -126,8 +126,8 @@ int ipsec_check(odp_bool_t ah, uint32_t auth_bits) { odp_ipsec_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + odp_ipsec_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_ipsec_auth_capability_t auth_capa[MAX_ALG_CAPA]; int i, num; odp_bool_t found; From patchwork Tue Dec 19 18:00:11 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122402 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4484729qgn; Tue, 19 Dec 2017 10:01:41 -0800 (PST) X-Google-Smtp-Source: ACJfBotrcQpLVjJypUmnZEc6k1xIoi0qOFJF78WUCo5vf/mkbPKA+4aX+ZoMf/uDzM4iFlG+bxW+ X-Received: by 10.55.91.70 with SMTP id p67mr6256357qkb.74.1513706501753; Tue, 19 Dec 2017 10:01:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513706501; cv=none; d=google.com; s=arc-20160816; b=uSlRyJkgNA1BhqgTyZPTUqZS2MdTCHYGrixuvpxINvLhGNd88NAI+GIaKCSS+MUr/l 5Pez6gJAf7r2f7wav6WDSbLdTZoBuE8tS+ZfFybOmNnXkmCIHsm48pAFyF6kxoinhTb/ TcBRCRoXGnG75IyvPT5F4JgQVEF3z39V3uycLcVgn85205ydqs7il0vNu2IfTMg612gE dA48+CJrqAOiU1WZW5V7ggXmponliqGAcFB94pRc3fqPmmghASLfuC2R8V+9/m8+yYL9 Bof2Y+fFkF1TKywQbs+U8lqb2X7+UL4aVg63Gv/NwF0zectisbmJBnfHPGXEn68GDRgU Gepg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=u7Sjg9s6DXDCazM8J2jWpTZp31f7WEsj06KSIJXyKIw=; b=FWXhmkLAOKqeht7ZDU9l6o2MiyrBSzlKw5KkDpEmajrhJq6V7bQPaIy9clcEmXkXQf V3mN1VRgd6gYzJ5jmd5jXhv/wIvCzq9lQzPqn0t8CeYXFeypgN8sVo99F1jYuR9RNG4w WqxYJH2Ohr0MRtoiZlhNseyRvwrtPOexsvQg7n46el1m4zZ4nLXt7JaHAm6Pa1jHmEg2 oXaOR08z3XWjWFEgKG00KdRUMIo7L3Ezo1pBEb4qT2Iy8XnMgZ12XT7hoG9X1ankXrUV t69qy9WKPW+dKzOcshhZmNpR8qoP3o/PwhP8TNaVkSbkTCp2hki5rxy6pA1ZT3qAekA7 enOg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id u23si7942706qtu.56.2017.12.19.10.01.41; Tue, 19 Dec 2017 10:01:41 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 5E5C16096B; Tue, 19 Dec 2017 18:01:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 02E17608DC; Tue, 19 Dec 2017 18:01:32 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id A9C7360907; Tue, 19 Dec 2017 18:01:27 +0000 (UTC) Received: from forward101p.mail.yandex.net (forward101p.mail.yandex.net [77.88.28.101]) by lists.linaro.org (Postfix) with ESMTPS id 17515608E8 for ; Tue, 19 Dec 2017 18:01:21 +0000 (UTC) Received: from mxback11g.mail.yandex.net (mxback11g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:90]) by forward101p.mail.yandex.net (Yandex) with ESMTP id 7649C6A823A1 for ; Tue, 19 Dec 2017 21:01:19 +0300 (MSK) Received: from smtp2p.mail.yandex.net (smtp2p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:7]) by mxback11g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id qXOJ0Eiznr-1JZ4G2b6; Tue, 19 Dec 2017 21:01:19 +0300 Received: by smtp2p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id 0LSLb99cI8-1CSOmRRE; Tue, 19 Dec 2017 21:01:12 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 19 Dec 2017 21:00:11 +0300 Message-Id: <1513706411-15615-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513706411-15615-1-git-send-email-odpbot@yandex.ru> References: <1513706411-15615-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v2 3/3] linux-gen: ipsec: adapt to capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 178b98f2e440762b31d9e91d85aafbe82829c231 **/ .../linux-generic/include/odp_ipsec_internal.h | 6 ++ platform/linux-generic/odp_ipsec.c | 48 ++++++++++- platform/linux-generic/odp_ipsec_sad.c | 97 ++++++++++++++-------- 3 files changed, 114 insertions(+), 37 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index c6f241fac..70a583c5b 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -206,6 +206,12 @@ typedef struct ODP_PACKED { odp_u32be_t seq_no; /**< Sequence Number */ } ipsec_aad_t; +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher); + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth); + /** * Obtain SA reference */ diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 4f23eb17b..89a05acdb 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -58,15 +58,55 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa) } int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num) + odp_ipsec_cipher_capability_t capa[], int num) { - return odp_crypto_cipher_capability(cipher, capa, num); + int caps = odp_crypto_cipher_capability(cipher, NULL, 0); + odp_crypto_cipher_capability_t crypto_capa[caps]; + uint32_t req_iv_len; + int rc, i, out; + + rc = odp_crypto_cipher_capability(cipher, crypto_capa, caps); + if (rc <= 0) + return rc; + + req_iv_len = _odp_ipsec_cipher_iv_len(cipher); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].iv_len != req_iv_len) + continue; + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out ++; + } + + return out; } int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num) + odp_ipsec_auth_capability_t capa[], int num) { - return odp_crypto_auth_capability(auth, capa, num); + int caps = odp_crypto_auth_capability(auth, NULL, 0); + odp_crypto_auth_capability_t crypto_capa[caps]; + uint32_t req_digest_len; + int rc, i, out; + + rc = odp_crypto_auth_capability(auth, crypto_capa, caps); + if (rc <= 0) + return rc; + + req_digest_len = _odp_ipsec_auth_digest_len(auth); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].digest_len != req_digest_len) + continue; + + /* FIXME: check AAD len for AES_GCM/AES128_GCM */ + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out ++; + } + + return out; } void odp_ipsec_config_init(odp_ipsec_config_t *config) diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 2d6321166..1dbfc5444 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -190,12 +190,66 @@ void odp_ipsec_sa_param_init(odp_ipsec_sa_param_t *param) param->dest_queue = ODP_QUEUE_INVALID; } +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return 0; + case ODP_CIPHER_ALG_DES: + case ODP_CIPHER_ALG_3DES_CBC: + return 8; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_CBC: +#endif + case ODP_CIPHER_ALG_AES_CBC: + case ODP_CIPHER_ALG_AES_CTR: + return 16; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_GCM: +#endif + case ODP_CIPHER_ALG_AES_GCM: + return 12; + default: + return (uint32_t)-1; + } +} + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return 0; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_MD5_96: +#endif + case ODP_AUTH_ALG_MD5_HMAC: + case ODP_AUTH_ALG_SHA1_HMAC: + return 12; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_SHA256_128: +#endif + case ODP_AUTH_ALG_SHA256_HMAC: + return 16; + case ODP_AUTH_ALG_SHA512_HMAC: + return 32; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_AES128_GCM: +#endif + case ODP_AUTH_ALG_AES_GCM: + case ODP_AUTH_ALG_AES_GMAC: + return 16; + default: + return (uint32_t)-1; + } +} + odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) { ipsec_sa_t *ipsec_sa; odp_crypto_session_param_t crypto_param; odp_crypto_ses_create_err_t ses_create_rc; - uint32_t aad_len = 0; ipsec_sa = ipsec_sa_reserve(); if (NULL == ipsec_sa) { @@ -297,17 +351,21 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) crypto_param.auth_alg = param->crypto.auth_alg; crypto_param.auth_key = param->crypto.auth_key; + crypto_param.iv.length = + _odp_ipsec_cipher_iv_len(crypto_param.cipher_alg); + + crypto_param.auth_digest_len = + _odp_ipsec_auth_digest_len(crypto_param.auth_alg); + switch (crypto_param.cipher_alg) { case ODP_CIPHER_ALG_NULL: ipsec_sa->esp_iv_len = 0; ipsec_sa->esp_block_len = 1; - crypto_param.iv.length = 0; break; case ODP_CIPHER_ALG_DES: case ODP_CIPHER_ALG_3DES_CBC: ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 8; - crypto_param.iv.length = 8; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_CBC: @@ -315,14 +373,12 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) case ODP_CIPHER_ALG_AES_CBC: ipsec_sa->esp_iv_len = 16; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; case ODP_CIPHER_ALG_AES_CTR: ipsec_sa->use_counter_iv = 1; ipsec_sa->aes_ctr_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_GCM: @@ -331,40 +387,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 12; break; default: goto error; } switch (crypto_param.auth_alg) { - case ODP_AUTH_ALG_NULL: - ipsec_sa->icv_len = 0; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_MD5_96: -#endif - case ODP_AUTH_ALG_MD5_HMAC: - ipsec_sa->icv_len = 12; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - ipsec_sa->icv_len = 12; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_SHA256_128: -#endif - case ODP_AUTH_ALG_SHA256_HMAC: - ipsec_sa->icv_len = 16; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - ipsec_sa->icv_len = 32; - break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: #endif case ODP_AUTH_ALG_AES_GCM: - ipsec_sa->icv_len = 16; - aad_len = sizeof(ipsec_aad_t); + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); break; case ODP_AUTH_ALG_AES_GMAC: if (ODP_CIPHER_ALG_NULL != crypto_param.cipher_alg) @@ -372,19 +405,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - ipsec_sa->icv_len = 16; crypto_param.iv.length = 12; break; default: - goto error; + break; } if (1 == ipsec_sa->use_counter_iv && ODP_IPSEC_DIR_OUTBOUND == param->dir) odp_atomic_init_u64(&ipsec_sa->out.counter, 1); - crypto_param.auth_digest_len = ipsec_sa->icv_len; - crypto_param.auth_aad_len = aad_len; + ipsec_sa->icv_len = crypto_param.auth_digest_len; if (param->crypto.cipher_key_extra.length) { if (param->crypto.cipher_key_extra.length >