From patchwork Wed Dec 20 02:00:10 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122422 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4950727qgn; Tue, 19 Dec 2017 18:01:24 -0800 (PST) X-Google-Smtp-Source: ACJfBouHtLk0/b7KiDy57VTx5RcruDuWdSHwhGCKDBr0SD/os1H/yJw3y6Ma+gIorjSQNE7aXX1F X-Received: by 10.55.74.144 with SMTP id x138mr7229674qka.239.1513735284727; Tue, 19 Dec 2017 18:01:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513735284; cv=none; d=google.com; s=arc-20160816; b=ym1azTy7JeWOlamhqcWDyiH1amWq7NnrTOWt3pjkSZxmjzdnOrrdzskm5j2SM1t6Xd dDJDajuB7ORRmOXin4XaW3WdtrQblx5Xta7qgDqwI4XYnWRwE3oom7G6+G38Ln8VRDrP hTODIpRQNqUFLrs/4WY++Gx0b6jhxCJ0X4q9wzjxw1Q1kazHt9Dv1M1/rsIc8G2RMdyV Krrxu5tI/pso1GCWTYbUw0EKtcwWYHRK+5woGD8S5sSRGhxD1LAUHcxNR5UsDgDcLqVU i/ZkBk8TRe5PsOMJbH8JY8MeVXErPVHTheSLBjhPdfUx5piK4hbWgkFcCvNDJ6j7aF91 Z3kQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=BZNru+hYbhJ3HbJKA2PA4JuAUSsRLqdVc8PiJ5H3360=; b=a3G+CWuXt+M3LDtEZUzYd26nCKAIYxSS5Zg4zgcZDWOeDZu0nJVnNC4Udt5x/XmdMK 7XreSlrwUDbazxSPAwTk3Ezq9+o9s6tAuI4uEAe20olTdjBFwd4wvZketk75owHC07qy LrDsI0osywCrpkkMv23zUbfyDpWDCzLBddzUnnIkEb/NmoluizktPJ+NKWcQS0oJKluE nbzmGR1oEVr9KoK6Pe1B5oumvcju4WFa8PRGAOBWjxe2n6zkQECXWBw4QEmH1uAXYyrS mUr0iANb8uocrKVy6s6/doOLV+Yhe7Yp50WxvSV7qCsfrWupFAS0R0H9p2gixTZ6WugW YLdw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id x17si12176911qkx.216.2017.12.19.18.01.24; Tue, 19 Dec 2017 18:01:24 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 5AABA60997; Wed, 20 Dec 2017 02:01:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 302CB608ED; Wed, 20 Dec 2017 02:00:26 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id D1D8D608AA; Wed, 20 Dec 2017 02:00:17 +0000 (UTC) Received: from forward104j.mail.yandex.net (forward104j.mail.yandex.net [5.45.198.247]) by lists.linaro.org (Postfix) with ESMTPS id 30800608A7 for ; Wed, 20 Dec 2017 02:00:16 +0000 (UTC) Received: from mxback15j.mail.yandex.net (mxback15j.mail.yandex.net [IPv6:2a02:6b8:0:1619::91]) by forward104j.mail.yandex.net (Yandex) with ESMTP id BD92143314 for ; Wed, 20 Dec 2017 05:00:13 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback15j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id Yd1X5EhjxH-0D2StkLm; Wed, 20 Dec 2017 05:00:13 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id 4luweGfeEM-0D5aM4PO; Wed, 20 Dec 2017 05:00:13 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 05:00:10 +0300 Message-Id: <1513735212-32606-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513735212-32606-1-git-send-email-odpbot@yandex.ru> References: <1513735212-32606-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v4 1/3] api: ipsec: add capabilities for cipher and auth algos X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Currently IPsec uses capabilities from crypto module to report supported key lengths. Crypto capabilities also contain additional data (like digest length, IV len, AAD len, etc. However this data is not relevant for IPsec, as most of such variables are fixed by protocol standards. To simplify application code provide copies of cipher and auth capabilities structures containing only relevant data (key lengths). Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: ba5f93d7379836dc97d5a6688febb81dcd7694b6 **/ include/odp/api/spec/ipsec.h | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/include/odp/api/spec/ipsec.h b/include/odp/api/spec/ipsec.h index 538472a5e..731cd10de 100644 --- a/include/odp/api/spec/ipsec.h +++ b/include/odp/api/spec/ipsec.h @@ -280,6 +280,24 @@ typedef struct odp_ipsec_capability_t { } odp_ipsec_capability_t; +/** + * Cipher algorithm capabilities + */ +typedef struct odp_ipsec_cipher_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_cipher_capability_t; + +/** + * Authentication algorithm capabilities + */ +typedef struct odp_ipsec_auth_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_auth_capability_t; + /** * IPSEC configuration options */ @@ -744,7 +762,7 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa); * @retval <0 on failure */ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num); + odp_ipsec_cipher_capability_t capa[], int num); /** * Query supported IPSEC authentication algorithm capabilities @@ -766,7 +784,7 @@ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, * @retval <0 on failure */ int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num); + odp_ipsec_auth_capability_t capa[], int num); /** * Initialize IPSEC configuration options From patchwork Wed Dec 20 02:00:11 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122421 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4950278qgn; Tue, 19 Dec 2017 18:00:56 -0800 (PST) X-Google-Smtp-Source: ACJfBovvKxTSd8gp7busVCJ2QnGJFLufwonyxkFTQ7+up8pwzVb2rs6jtVCIfnQb9sGFyu/E+e8A X-Received: by 10.55.25.88 with SMTP id k85mr7282713qkh.257.1513735256363; Tue, 19 Dec 2017 18:00:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513735256; cv=none; d=google.com; s=arc-20160816; b=iHngL2E9q5lUXSLq/5fLvqMkS6aQvPeg7NE3xiXinB3YybfhKK5yp34OntrgFBctXo ToU8xDjOMrcx0iwwGjIb81fJBXSxFn+PWKSmmjQ2N2wE2k6YpfErE84neVZfYMFbAbpg VGOTjMskJWeMg8lmmldiLQROr1pJjOl9gIAeNVhMJJZhugIkFfsogkoWu9c6uYYETPkN 71QIBhNn+dngdxKi7WIp5hY3QgvzTImLeKk4TXa2ueboeYQfV01lvvfaKZLFJx+Os4Bb yLJJupc4qBZSJKd49GMgeoEiqjv92I/+VHgLCK36hvnjti3RGyAd7vvzmwZNzsfG/Vy4 V8qQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=XJBqb0E/toonUi4b0qM4WKauUbvsuDCHhzrgsGid1u8=; b=geOKr3mrLZPLQj9Wstk85WafUwAMWdY+XeRS17JkTmjfcOkOsx4abH31LwuHPYGyqU 0kjxhHO+Pp9AmOZnGjo99137SRX7olZtd62g6zX5AL+U1TMdO1fSgjSEy/V456OdTA4d iFinyB4H4TYWX9ZSPJVjj/Xsy+ALnoOELd751z3G2wOgkWgQmYWkItw5m7kwqgrqCblE xI1Yy/5FBHrs+DJ8dYAf0Op8x480J4jFY4Mf0qALQLIkNCBLWeEcur1Rrrw0klFrjj5P VnJFABnDp+1PSBQ8I/bREsG7qPbRWadtFlkzzLzz/4arv6wKa3SiiZ+MyKZk049hGwOf B/lw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id b44si2060471qte.322.2017.12.19.18.00.56; Tue, 19 Dec 2017 18:00:56 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 12BE0608CC; Wed, 20 Dec 2017 02:00:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id CF52A608E7; Wed, 20 Dec 2017 02:00:22 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 141F860859; Wed, 20 Dec 2017 02:00:17 +0000 (UTC) Received: from forward100o.mail.yandex.net (forward100o.mail.yandex.net [37.140.190.180]) by lists.linaro.org (Postfix) with ESMTPS id D52B060859 for ; Wed, 20 Dec 2017 02:00:15 +0000 (UTC) Received: from mxback2g.mail.yandex.net (mxback2g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:163]) by forward100o.mail.yandex.net (Yandex) with ESMTP id 30D8B2A23D1C for ; Wed, 20 Dec 2017 05:00:14 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback2g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 0Jkjpwwwle-0ENOeG7l; Wed, 20 Dec 2017 05:00:14 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id 4luweGfeEM-0D5K2xYJ; Wed, 20 Dec 2017 05:00:13 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 05:00:11 +0300 Message-Id: <1513735212-32606-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513735212-32606-1-git-send-email-odpbot@yandex.ru> References: <1513735212-32606-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v4 2/3] validation: ipsec: adapt to crypto capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: ba5f93d7379836dc97d5a6688febb81dcd7694b6 **/ test/validation/api/ipsec/ipsec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 097216730..47170e086 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -126,8 +126,8 @@ int ipsec_check(odp_bool_t ah, uint32_t auth_bits) { odp_ipsec_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + odp_ipsec_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_ipsec_auth_capability_t auth_capa[MAX_ALG_CAPA]; int i, num; odp_bool_t found; From patchwork Wed Dec 20 02:00:12 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122423 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp4951423qgn; Tue, 19 Dec 2017 18:02:04 -0800 (PST) X-Google-Smtp-Source: ACJfBosbqS3CuYlgjnDaff1MrSGHLDdFR+jG54wruLmrLYQojQYiYP+yjhUSHP7UsA/xSeNURBdo X-Received: by 10.55.109.194 with SMTP id i185mr7877543qkc.73.1513735324433; Tue, 19 Dec 2017 18:02:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513735324; cv=none; d=google.com; s=arc-20160816; b=qSeY/XNiWrIkB+lzlX9hYnWiCsNCPlV9Ee1jCtO9p0VigskfD720uui3xAVU9uS10Y uoKMsFg6S3vYH4yYsugVOsqrsjSG81iZrlvPfjWbzVAYt6l144NzMYFpvr+FfqGUg0ZG Xfuo1cDqCk++DvazEaNVXQzR4oE08Sfq0T2O3TUuw8cmFTOdQHai3TcFMAyxqSKZKLlK tmWuqnHoLrfVIpQn86klneHd5iLp4xaU7wLPNl9Fitu32fPCQDqClYT2iL7PnIIo5rB3 9bWlEuAvs3cqj5zbI8woXWqqaqromuDkp2ADUxb++8PCuUjyZBcrwfezwn0mP/3jTayA Y2sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=wtCLJmaUG0Qfi6VDhpkhqiw7Qp4SvtxEGo9+/c0a0W4=; b=U4S4wgdSKvkD5xxILlohCM5EkptMd3rG7EabZe+6kVmUULYVndY+q35SJhlnSVeVjK hiFgdkh/DJveesZftOaixKkEgZX9oJsrqmfca3XYK8FZIoDM2Q9aJAcjETUkoHlh591Z sVevALkF9Ws7xZ+BeURR8IFMlEwdZfH64sKquslnp+oUXFWElGg02NZaM7mg4UEaYV6f AwN2ZN9t4FdCyEsIMQzpimcKwcFGBYjVfF2pehS8eqNzoaeovybeZn5KQPPQkXkSxOJI fU3f7Si3W8oNJSNsHGawrwTEuQDDYqGQXAJ8sllMNhkacNpDEp/bogeKkRT2/7s4HbOQ PfgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id c14si1732039qtd.55.2017.12.19.18.02.04; Tue, 19 Dec 2017 18:02:04 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 15A7F60C31; Wed, 20 Dec 2017 02:02:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id A325560940; Wed, 20 Dec 2017 02:00:38 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 489EB608E2; Wed, 20 Dec 2017 02:00:20 +0000 (UTC) Received: from forward103p.mail.yandex.net (forward103p.mail.yandex.net [77.88.28.106]) by lists.linaro.org (Postfix) with ESMTPS id CBC4760389 for ; Wed, 20 Dec 2017 02:00:16 +0000 (UTC) Received: from mxback6o.mail.yandex.net (mxback6o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::20]) by forward103p.mail.yandex.net (Yandex) with ESMTP id A80AE21845D2 for ; Wed, 20 Dec 2017 05:00:14 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback6o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id c1wYwlaUkV-0EKataAq; Wed, 20 Dec 2017 05:00:14 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id 4luweGfeEM-0E5u8HZM; Wed, 20 Dec 2017 05:00:14 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 05:00:12 +0300 Message-Id: <1513735212-32606-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513735212-32606-1-git-send-email-odpbot@yandex.ru> References: <1513735212-32606-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v4 3/3] linux-gen: ipsec: adapt to capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 12fd3a9224a856271934986a1bad981843915d68 ** Merge commit sha: ba5f93d7379836dc97d5a6688febb81dcd7694b6 **/ .../linux-generic/include/odp_ipsec_internal.h | 6 ++ platform/linux-generic/odp_ipsec.c | 57 ++++++++++++- platform/linux-generic/odp_ipsec_sad.c | 97 ++++++++++++++-------- 3 files changed, 123 insertions(+), 37 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index c6f241fac..70a583c5b 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -206,6 +206,12 @@ typedef struct ODP_PACKED { odp_u32be_t seq_no; /**< Sequence Number */ } ipsec_aad_t; +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher); + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth); + /** * Obtain SA reference */ diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 4f23eb17b..d7a586d7f 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -58,15 +58,64 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa) } int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num) + odp_ipsec_cipher_capability_t capa[], int num) { - return odp_crypto_cipher_capability(cipher, capa, num); + int caps = odp_crypto_cipher_capability(cipher, NULL, 0); + odp_crypto_cipher_capability_t crypto_capa[caps]; + uint32_t req_iv_len; + int rc, i, out; + + rc = odp_crypto_cipher_capability(cipher, crypto_capa, caps); + if (rc <= 0) + return rc; + + req_iv_len = _odp_ipsec_cipher_iv_len(cipher); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].iv_len != req_iv_len) + continue; + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out++; + } + + return out; } int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num) + odp_ipsec_auth_capability_t capa[], int num) { - return odp_crypto_auth_capability(auth, capa, num); + int caps = odp_crypto_auth_capability(auth, NULL, 0); + odp_crypto_auth_capability_t crypto_capa[caps]; + uint32_t req_digest_len; + int rc, i, out; + + rc = odp_crypto_auth_capability(auth, crypto_capa, caps); + if (rc <= 0) + return rc; + + req_digest_len = _odp_ipsec_auth_digest_len(auth); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].digest_len != req_digest_len) + continue; + + if (ODP_AUTH_ALG_AES_GCM == auth || + ODP_DEPRECATE(ODP_AUTH_ALG_AES128_GCM) == auth) { + uint8_t aad_len = 12; + + if (aad_len < crypto_capa[i].aad_len.min || + aad_len > crypto_capa[i].aad_len.max || + 0 != (aad_len - crypto_capa[i].aad_len.min) % + crypto_capa[i].aad_len.inc) + continue; + } + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out++; + } + + return out; } void odp_ipsec_config_init(odp_ipsec_config_t *config) diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 2d6321166..1dbfc5444 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -190,12 +190,66 @@ void odp_ipsec_sa_param_init(odp_ipsec_sa_param_t *param) param->dest_queue = ODP_QUEUE_INVALID; } +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return 0; + case ODP_CIPHER_ALG_DES: + case ODP_CIPHER_ALG_3DES_CBC: + return 8; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_CBC: +#endif + case ODP_CIPHER_ALG_AES_CBC: + case ODP_CIPHER_ALG_AES_CTR: + return 16; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_GCM: +#endif + case ODP_CIPHER_ALG_AES_GCM: + return 12; + default: + return (uint32_t)-1; + } +} + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return 0; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_MD5_96: +#endif + case ODP_AUTH_ALG_MD5_HMAC: + case ODP_AUTH_ALG_SHA1_HMAC: + return 12; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_SHA256_128: +#endif + case ODP_AUTH_ALG_SHA256_HMAC: + return 16; + case ODP_AUTH_ALG_SHA512_HMAC: + return 32; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_AES128_GCM: +#endif + case ODP_AUTH_ALG_AES_GCM: + case ODP_AUTH_ALG_AES_GMAC: + return 16; + default: + return (uint32_t)-1; + } +} + odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) { ipsec_sa_t *ipsec_sa; odp_crypto_session_param_t crypto_param; odp_crypto_ses_create_err_t ses_create_rc; - uint32_t aad_len = 0; ipsec_sa = ipsec_sa_reserve(); if (NULL == ipsec_sa) { @@ -297,17 +351,21 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) crypto_param.auth_alg = param->crypto.auth_alg; crypto_param.auth_key = param->crypto.auth_key; + crypto_param.iv.length = + _odp_ipsec_cipher_iv_len(crypto_param.cipher_alg); + + crypto_param.auth_digest_len = + _odp_ipsec_auth_digest_len(crypto_param.auth_alg); + switch (crypto_param.cipher_alg) { case ODP_CIPHER_ALG_NULL: ipsec_sa->esp_iv_len = 0; ipsec_sa->esp_block_len = 1; - crypto_param.iv.length = 0; break; case ODP_CIPHER_ALG_DES: case ODP_CIPHER_ALG_3DES_CBC: ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 8; - crypto_param.iv.length = 8; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_CBC: @@ -315,14 +373,12 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) case ODP_CIPHER_ALG_AES_CBC: ipsec_sa->esp_iv_len = 16; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; case ODP_CIPHER_ALG_AES_CTR: ipsec_sa->use_counter_iv = 1; ipsec_sa->aes_ctr_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_GCM: @@ -331,40 +387,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 12; break; default: goto error; } switch (crypto_param.auth_alg) { - case ODP_AUTH_ALG_NULL: - ipsec_sa->icv_len = 0; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_MD5_96: -#endif - case ODP_AUTH_ALG_MD5_HMAC: - ipsec_sa->icv_len = 12; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - ipsec_sa->icv_len = 12; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_SHA256_128: -#endif - case ODP_AUTH_ALG_SHA256_HMAC: - ipsec_sa->icv_len = 16; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - ipsec_sa->icv_len = 32; - break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: #endif case ODP_AUTH_ALG_AES_GCM: - ipsec_sa->icv_len = 16; - aad_len = sizeof(ipsec_aad_t); + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); break; case ODP_AUTH_ALG_AES_GMAC: if (ODP_CIPHER_ALG_NULL != crypto_param.cipher_alg) @@ -372,19 +405,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - ipsec_sa->icv_len = 16; crypto_param.iv.length = 12; break; default: - goto error; + break; } if (1 == ipsec_sa->use_counter_iv && ODP_IPSEC_DIR_OUTBOUND == param->dir) odp_atomic_init_u64(&ipsec_sa->out.counter, 1); - crypto_param.auth_digest_len = ipsec_sa->icv_len; - crypto_param.auth_aad_len = aad_len; + ipsec_sa->icv_len = crypto_param.auth_digest_len; if (param->crypto.cipher_key_extra.length) { if (param->crypto.cipher_key_extra.length >