From patchwork Tue Dec 19 23:00:25 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122416 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4796306qgn; Tue, 19 Dec 2017 15:05:10 -0800 (PST) X-Google-Smtp-Source: ACJfBovec96uHIXXHKS5YHyK8Aph9hDOEtsw9Lk7OfbtgERWeUFsp0UGnIe2WJwQOH0IrR4D1wsI X-Received: by 10.55.103.198 with SMTP id b189mr4302940qkc.50.1513724710720; Tue, 19 Dec 2017 15:05:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513724710; cv=none; d=google.com; s=arc-20160816; b=aerXjwBvP1LDxzeq36DOVQvDCOgW8ig+ZLGwifOKNss0JiyQMbe89hhoFydnzA+vNh VD5jqEEVVECiswQmXuypLNyya6kd2BYK25lDvVlozMvLf+Xe1ktOAF8XpSg4VfrFXgj9 SxtElYfPNnetQRrwFfHyWfqgT7/Ymbt/AlIxoALKbsc+AYAMwoQXWSB6HYyDuGHAhTKv 0bDqaGQl9/v50r+jj6qWAHHJhwyJ8hrGd/u89twgNQiztJOjVbV//eQ5NzOp8CJrWmzk RDjk2NDgQW4VzipKHgFCYkmKhKl2zM8rie25aU8FNnQ/E4h+YTiiFqI6bNSR0/k72HG2 1Rtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=YFR/fVhT5zeHtMzrQ5bb24KnPXWOd4KOSXxTj3oZwoI=; b=EQQceq701F4qtDd6zq0LtxfxMPCQk45YwSW1WHv0eIH4RQLhTEzpLqF9vuNI/GUoMs T0QpEj9GhUFCm9y5JJvc+hAMBlQJw9MaRGMFehQu8ScuCWV8ac55fjm6+k2sdtqB56WO 4135GViCJgv7aEAb0BF/PwROoHlA47QsM2/73cIarLVd8qjQc52P9F19pAe89jnJ5LJ/ RhjsVPIwpjw0ppebBLAd8r7YuAwHoaRNMb9G32CorhZ7ZJiMywEysKG0hcH7MwlS68ul ONejq3wRs7khDH8oWhF5fd+MZcDVdYM93GRqoFaTohUDlZeumCJIUbKU3qvNrnKTPURb NVjw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id e37si13256786qtk.61.2017.12.19.15.05.10; Tue, 19 Dec 2017 15:05:10 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 62D0061506; Tue, 19 Dec 2017 23:05:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 4BEE360C4C; Tue, 19 Dec 2017 23:01:33 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id C5307608E8; Tue, 19 Dec 2017 23:00:56 +0000 (UTC) Received: from forward103p.mail.yandex.net (forward103p.mail.yandex.net [77.88.28.106]) by lists.linaro.org (Postfix) with ESMTPS id CC8206095F for ; Tue, 19 Dec 2017 23:00:29 +0000 (UTC) Received: from mxback4o.mail.yandex.net (mxback4o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1e]) by forward103p.mail.yandex.net (Yandex) with ESMTP id A26122184877 for ; Wed, 20 Dec 2017 02:00:28 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback4o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id UqzGJcvLyC-0SHWCabI; Wed, 20 Dec 2017 02:00:28 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id SMdPpP3LSt-0SAWJTsF; Wed, 20 Dec 2017 02:00:28 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 02:00:25 +0300 Message-Id: <1513724427-24983-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513724427-24983-1-git-send-email-odpbot@yandex.ru> References: <1513724427-24983-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v3 1/3] api: ipsec: add capabilities for cipher and auth algos X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Currently IPsec uses capabilities from crypto module to report supported key lengths. Crypto capabilities also contain additional data (like digest length, IV len, AAD len, etc. However this data is not relevant for IPsec, as most of such variables are fixed by protocol standards. To simplify application code provide copies of cipher and auth capabilities structures containing only relevant data (key lengths). Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 6419dd354933e49d19e8a051fb728c9a588790bf **/ include/odp/api/spec/ipsec.h | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/include/odp/api/spec/ipsec.h b/include/odp/api/spec/ipsec.h index 538472a5e..731cd10de 100644 --- a/include/odp/api/spec/ipsec.h +++ b/include/odp/api/spec/ipsec.h @@ -280,6 +280,24 @@ typedef struct odp_ipsec_capability_t { } odp_ipsec_capability_t; +/** + * Cipher algorithm capabilities + */ +typedef struct odp_ipsec_cipher_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_cipher_capability_t; + +/** + * Authentication algorithm capabilities + */ +typedef struct odp_ipsec_auth_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_auth_capability_t; + /** * IPSEC configuration options */ @@ -744,7 +762,7 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa); * @retval <0 on failure */ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num); + odp_ipsec_cipher_capability_t capa[], int num); /** * Query supported IPSEC authentication algorithm capabilities @@ -766,7 +784,7 @@ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, * @retval <0 on failure */ int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num); + odp_ipsec_auth_capability_t capa[], int num); /** * Initialize IPSEC configuration options From patchwork Tue Dec 19 23:00:26 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122415 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4796156qgn; Tue, 19 Dec 2017 15:05:02 -0800 (PST) X-Google-Smtp-Source: ACJfBottN1gx5WPMxNh7eROFLmKqIlmm479UyX7e4ChbfsGIhUCF/pE7y5LOK/VtwC2XTBGfG2Xw X-Received: by 10.55.72.66 with SMTP id v63mr7331333qka.92.1513724702003; Tue, 19 Dec 2017 15:05:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513724701; cv=none; d=google.com; s=arc-20160816; b=vghXVjV32P0KvUe4p4SvRBTM89aWAT0Wf8c4Sah2gOsGCTkJ5NLgOSFb43pXZtJktk 99IY4DfSHhmZ3OYzYu3hgT9ouy4w9aH7sh0HQntYrWefTl8gFv65v/XePqxvgSDHSc5Q hGSALKYkzx3Kx24pxMIULXFM4qTsH7Wc4TTJk4sWcGbKinT08WMLOxuK4oditYenkfS2 yrSZuUivRWhGfHVTksrfRfi42L85t3C+7g4DQuiYwH6t3dS8kP2N4BNTZ4fReJ0WHJd5 cE84pwhOBAKX5uxMQOkGVtxJoQrf9e39K1D969/5wPkgSKxbpaXb4GBQgog5LeL7puKc 0r7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=EvnWSUtnjth8FBGKCsFD1elnuZWywq+dtTG5p6gLmoY=; b=g00EhQUfC3hWa9Ig+F/eHIDsQ2kKkDTMiyga78x8aD52+ej6DbMtmxgTmbMgD3DkcD wTN6v7SVeg9LpZnCS5trlTO7+0vcEeOLffk49h4WduyZnzA/ChdQVdZiIi2UNJ7Y9w24 439Zdj+LwiO2oY2gmFIcZ0dlw0LxCuzQkLIHoMWDXYvQO+KbPAavPS/Jy0MpbHSmnbhn C5VxrLmTlKBDMWTyuaxR+Pv29c48yvUmuS2bN3M2wu1lNEzyvx8MD4TrNpeB5PS30NTr NHC8mArv1rIFjEA0Pu0tF9c2yArRpTTzBkvXEoyOSquZ7p3s4coUSmV6yK4VwSxY2XU0 qdnA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id u19si2175516qka.61.2017.12.19.15.05.01; Tue, 19 Dec 2017 15:05:01 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id A9EB160B0E; Tue, 19 Dec 2017 23:05:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id AD9E56150F; Tue, 19 Dec 2017 23:01:19 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 8C8AD608E7; Tue, 19 Dec 2017 23:00:56 +0000 (UTC) Received: from forward105j.mail.yandex.net (forward105j.mail.yandex.net [5.45.198.248]) by lists.linaro.org (Postfix) with ESMTPS id 570F06096B for ; Tue, 19 Dec 2017 23:00:30 +0000 (UTC) Received: from mxback3o.mail.yandex.net (mxback3o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1d]) by forward105j.mail.yandex.net (Yandex) with ESMTP id 2619218425F for ; Wed, 20 Dec 2017 02:00:29 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback3o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id ufYOpy3QUY-0TYGPWoG; Wed, 20 Dec 2017 02:00:29 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id SMdPpP3LSt-0SAeepjT; Wed, 20 Dec 2017 02:00:28 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 02:00:26 +0300 Message-Id: <1513724427-24983-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513724427-24983-1-git-send-email-odpbot@yandex.ru> References: <1513724427-24983-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v3 2/3] validation: ipsec: adapt to crypto capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 6419dd354933e49d19e8a051fb728c9a588790bf **/ test/validation/api/ipsec/ipsec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 097216730..47170e086 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -126,8 +126,8 @@ int ipsec_check(odp_bool_t ah, uint32_t auth_bits) { odp_ipsec_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + odp_ipsec_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_ipsec_auth_capability_t auth_capa[MAX_ALG_CAPA]; int i, num; odp_bool_t found; From patchwork Tue Dec 19 23:00:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122417 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4796765qgn; Tue, 19 Dec 2017 15:05:38 -0800 (PST) X-Google-Smtp-Source: ACJfBovf/6LCVxPMjwZq0DSbg8F+B5Qeps39R/G5OaaagXbjjyzjH3+ydDSKT0L364yt0Aay5y1u X-Received: by 10.55.115.193 with SMTP id o184mr6713013qkc.171.1513724738689; Tue, 19 Dec 2017 15:05:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513724738; cv=none; d=google.com; s=arc-20160816; b=RBhGfVjbDGtKyRGUgUb0FLUDvZgQoGLZoI/LGtTHMv8GhXTfMAtiCmIz6/UgS3AWNm DQTKKBeeyudbZV93ESGi306sVE0N/mVYF2ptCZs5DofMAEt0A9V3iOSizpzUpekcoTUN VdmSzIPvw5RubJQZ+yPqrCvrqfkdjjl7qbSKTFMR78VDxNGgKycQOAP/GwpLC/1GmWog hH7OWd1sge9EeoR9ihP0c3bMw/A/doSyEd8E27QrtiuPMdDvImyE3M0FOoToHPB4kI6G AKa0R4WwRXfZTmVgkD4BzQ5IBhnnWHd0HPSd1VlPBc/104jHaots+iAVMGexVD24GVAT o4dA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=NDSpOAiSHf0qdfLSqhzngf8IIsl6z9Oau12lpAXnJd8=; b=VDPCWLKfk+ODXvwqJ+Vp8kjym1gPkGR7nMp80irh6eb06PF644YrLK1gO48vyBaRB1 CummcmL4pP2CrhcVG3dlcxOTb16YE4+kGdtstogYupKs3VU9POgOh+I8jIc299g0wJtC ZkGNduMLQC2TAgH0SZUuaKbteGggU011zsr4q4t7yRhqVmzxbvzVDxFzZRrHir4HNqOF ftlMCOL22lMpJ+ikCfCkGhtSy3RvMj/oJoKEYyT4jkvONlHtbPcV7sVjjh5HnxPw05RG KKooagIcDjPtQw9WBywo1e6uhMmoEP7LOsgtXWFEDm1opYw2C+02djgacn6gpGofyhbK UBEQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id e44si5885379qtf.10.2017.12.19.15.05.38; Tue, 19 Dec 2017 15:05:38 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 5E8116150F; Tue, 19 Dec 2017 23:05:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 8AC3E61507; Tue, 19 Dec 2017 23:01:37 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id D202E608AA; Tue, 19 Dec 2017 23:01:01 +0000 (UTC) Received: from forward106o.mail.yandex.net (forward106o.mail.yandex.net [37.140.190.187]) by lists.linaro.org (Postfix) with ESMTPS id DAAFD60974 for ; Tue, 19 Dec 2017 23:00:30 +0000 (UTC) Received: from mxback9j.mail.yandex.net (mxback9j.mail.yandex.net [IPv6:2a02:6b8:0:1619::112]) by forward106o.mail.yandex.net (Yandex) with ESMTP id 98904782ADA for ; Wed, 20 Dec 2017 02:00:29 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback9j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id ZKBcMI5tyM-0Txic9mv; Wed, 20 Dec 2017 02:00:29 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id SMdPpP3LSt-0TA4sn27; Wed, 20 Dec 2017 02:00:29 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 02:00:27 +0300 Message-Id: <1513724427-24983-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513724427-24983-1-git-send-email-odpbot@yandex.ru> References: <1513724427-24983-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v3 3/3] linux-gen: ipsec: adapt to capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: 6419dd354933e49d19e8a051fb728c9a588790bf **/ .../linux-generic/include/odp_ipsec_internal.h | 6 ++ platform/linux-generic/odp_ipsec.c | 57 ++++++++++++- platform/linux-generic/odp_ipsec_sad.c | 97 ++++++++++++++-------- 3 files changed, 123 insertions(+), 37 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index c6f241fac..70a583c5b 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -206,6 +206,12 @@ typedef struct ODP_PACKED { odp_u32be_t seq_no; /**< Sequence Number */ } ipsec_aad_t; +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher); + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth); + /** * Obtain SA reference */ diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 4f23eb17b..13d006014 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -58,15 +58,64 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa) } int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num) + odp_ipsec_cipher_capability_t capa[], int num) { - return odp_crypto_cipher_capability(cipher, capa, num); + int caps = odp_crypto_cipher_capability(cipher, NULL, 0); + odp_crypto_cipher_capability_t crypto_capa[caps]; + uint32_t req_iv_len; + int rc, i, out; + + rc = odp_crypto_cipher_capability(cipher, crypto_capa, caps); + if (rc <= 0) + return rc; + + req_iv_len = _odp_ipsec_cipher_iv_len(cipher); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].iv_len != req_iv_len) + continue; + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out++; + } + + return out; } int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num) + odp_ipsec_auth_capability_t capa[], int num) { - return odp_crypto_auth_capability(auth, capa, num); + int caps = odp_crypto_auth_capability(auth, NULL, 0); + odp_crypto_auth_capability_t crypto_capa[caps]; + uint32_t req_digest_len; + int rc, i, out; + + rc = odp_crypto_auth_capability(auth, crypto_capa, caps); + if (rc <= 0) + return rc; + + req_digest_len = _odp_ipsec_auth_digest_len(auth); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].digest_len != req_digest_len) + continue; + + if (ODP_AUTH_ALG_AES_GCM == auth || + ODP_DEPRECATE(ODP_AUTH_ALG_AES128_GCM) == auth) { + uint8_t aad_len = 12; + + if (aad_len < crypto_capa[i].aad_len.min || + aad_len > crypto_capa[i].aad_len.max || + 0 != (aad_len - crypto_capa[i].aad_len.min) % + crypto_capa[i].aad_len.inc) + continue; + } + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out++; + } + + return out; } void odp_ipsec_config_init(odp_ipsec_config_t *config) diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 2d6321166..1dbfc5444 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -190,12 +190,66 @@ void odp_ipsec_sa_param_init(odp_ipsec_sa_param_t *param) param->dest_queue = ODP_QUEUE_INVALID; } +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return 0; + case ODP_CIPHER_ALG_DES: + case ODP_CIPHER_ALG_3DES_CBC: + return 8; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_CBC: +#endif + case ODP_CIPHER_ALG_AES_CBC: + case ODP_CIPHER_ALG_AES_CTR: + return 16; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_GCM: +#endif + case ODP_CIPHER_ALG_AES_GCM: + return 12; + default: + return (uint32_t)-1; + } +} + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return 0; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_MD5_96: +#endif + case ODP_AUTH_ALG_MD5_HMAC: + case ODP_AUTH_ALG_SHA1_HMAC: + return 12; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_SHA256_128: +#endif + case ODP_AUTH_ALG_SHA256_HMAC: + return 16; + case ODP_AUTH_ALG_SHA512_HMAC: + return 32; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_AES128_GCM: +#endif + case ODP_AUTH_ALG_AES_GCM: + case ODP_AUTH_ALG_AES_GMAC: + return 16; + default: + return (uint32_t)-1; + } +} + odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) { ipsec_sa_t *ipsec_sa; odp_crypto_session_param_t crypto_param; odp_crypto_ses_create_err_t ses_create_rc; - uint32_t aad_len = 0; ipsec_sa = ipsec_sa_reserve(); if (NULL == ipsec_sa) { @@ -297,17 +351,21 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) crypto_param.auth_alg = param->crypto.auth_alg; crypto_param.auth_key = param->crypto.auth_key; + crypto_param.iv.length = + _odp_ipsec_cipher_iv_len(crypto_param.cipher_alg); + + crypto_param.auth_digest_len = + _odp_ipsec_auth_digest_len(crypto_param.auth_alg); + switch (crypto_param.cipher_alg) { case ODP_CIPHER_ALG_NULL: ipsec_sa->esp_iv_len = 0; ipsec_sa->esp_block_len = 1; - crypto_param.iv.length = 0; break; case ODP_CIPHER_ALG_DES: case ODP_CIPHER_ALG_3DES_CBC: ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 8; - crypto_param.iv.length = 8; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_CBC: @@ -315,14 +373,12 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) case ODP_CIPHER_ALG_AES_CBC: ipsec_sa->esp_iv_len = 16; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; case ODP_CIPHER_ALG_AES_CTR: ipsec_sa->use_counter_iv = 1; ipsec_sa->aes_ctr_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_GCM: @@ -331,40 +387,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 12; break; default: goto error; } switch (crypto_param.auth_alg) { - case ODP_AUTH_ALG_NULL: - ipsec_sa->icv_len = 0; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_MD5_96: -#endif - case ODP_AUTH_ALG_MD5_HMAC: - ipsec_sa->icv_len = 12; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - ipsec_sa->icv_len = 12; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_SHA256_128: -#endif - case ODP_AUTH_ALG_SHA256_HMAC: - ipsec_sa->icv_len = 16; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - ipsec_sa->icv_len = 32; - break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: #endif case ODP_AUTH_ALG_AES_GCM: - ipsec_sa->icv_len = 16; - aad_len = sizeof(ipsec_aad_t); + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); break; case ODP_AUTH_ALG_AES_GMAC: if (ODP_CIPHER_ALG_NULL != crypto_param.cipher_alg) @@ -372,19 +405,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - ipsec_sa->icv_len = 16; crypto_param.iv.length = 12; break; default: - goto error; + break; } if (1 == ipsec_sa->use_counter_iv && ODP_IPSEC_DIR_OUTBOUND == param->dir) odp_atomic_init_u64(&ipsec_sa->out.counter, 1); - crypto_param.auth_digest_len = ipsec_sa->icv_len; - crypto_param.auth_aad_len = aad_len; + ipsec_sa->icv_len = crypto_param.auth_digest_len; if (param->crypto.cipher_key_extra.length) { if (param->crypto.cipher_key_extra.length >