From patchwork Wed Dec 20 20:00:09 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122495 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp6031506qgn; Wed, 20 Dec 2017 12:00:28 -0800 (PST) X-Google-Smtp-Source: ACJfBou2IUCwM5STFTNlLEFrUjzuwO2+/MiFXyHKvg0ha3Z6wKxZLA2B6G4KFXOY0ZFQL+0H7tmH X-Received: by 10.55.17.211 with SMTP id 80mr10599392qkr.120.1513800028282; Wed, 20 Dec 2017 12:00:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513800028; cv=none; d=google.com; s=arc-20160816; b=nVXUntMhDK89a+lJU+Ma0ht2fGSZT7ugspXkwCkfStpPBmeMKDR6wGnv+TFc0jNR9v b0kG5GsEEPsXDRYv0s2H3irIH0RDt3BHkvl0FdQvPikD+JQt/aCy7Thv/v/3GASlECBm 1kLVREMpUdnyxNiXh/JzAqikic4EiIh5ytzenlRee42/gBwOm2SgSX1LO72nF+2yrjlU vMokBdUBRgBDFrWjPBrL4QeBCdHGfOzIkyUWuxVV5NvwIMcRpKBQ1XJAoakPM7+fKl0x zeb41+jfMB8OcPqmgzoCfiGmSKxQ+r5Gu2b/qoRs84kPiH+uzyP0P/eO7EH6dbTcilwt G2yw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=rApPqEz1tNY3GuV0aVGt0bqI+t5vTVI9WozkHBwhk88=; b=as3ALDiYYNKxodzSUnrzkj2aAUml0chV4LbrUnLmVYhlpwopYXKfOd6IayfpSF5OdC QuZMUvpfMC3XQyjLQ2yT8Qz++E9MXiGMm6fgwE38r29eqF4pCfcn2SdPQB3QbGk5lyRv NzIe8TlUt8KOy8IRp6hfWJr129N4YY7dM93Q2eLl/IvBR0Yuu7Ui7hgJn15rdKAsRUDU tgYMr7uobNLN3/LXLSWm35z23M4PawIG28KiaRIBOBszc2Bq7MnxuHgzMt/4Kf/Gpi2o tUXVMnBAliwW+nypgXc5ddGtrnIOkz+reKRQlMHLvKH0Le3Txk+4YN6DN3x5Yhj+Z61A JhWg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id u48si14546181qtj.309.2017.12.20.12.00.27; Wed, 20 Dec 2017 12:00:28 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id D780360953; Wed, 20 Dec 2017 20:00:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 9A898608EE; Wed, 20 Dec 2017 20:00:20 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id D0BD5608FD; Wed, 20 Dec 2017 20:00:16 +0000 (UTC) Received: from forward105p.mail.yandex.net (forward105p.mail.yandex.net [77.88.28.108]) by lists.linaro.org (Postfix) with ESMTPS id 81CB2608EE for ; Wed, 20 Dec 2017 20:00:15 +0000 (UTC) Received: from mxback14g.mail.yandex.net (mxback14g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:93]) by forward105p.mail.yandex.net (Yandex) with ESMTP id C3CED4082C0A for ; Wed, 20 Dec 2017 23:00:13 +0300 (MSK) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [2a02:6b8:0:1a2d::27]) by mxback14g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id y34Q2uuGmq-0D0WNR5r; Wed, 20 Dec 2017 23:00:13 +0300 Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id xnVhh3DIik-0DBGCjl6; Wed, 20 Dec 2017 23:00:13 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 23:00:09 +0300 Message-Id: <1513800011-1560-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513800011-1560-1-git-send-email-odpbot@yandex.ru> References: <1513800011-1560-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v5 1/3] api: ipsec: add capabilities for cipher and auth algos X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Currently IPsec uses capabilities from crypto module to report supported key lengths. Crypto capabilities also contain additional data (like digest length, IV len, AAD len, etc. However this data is not relevant for IPsec, as most of such variables are fixed by protocol standards. To simplify application code provide copies of cipher and auth capabilities structures containing only relevant data (key lengths). Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 9e35c84dea1b66bae27a35dfc71018a0bb455950 ** Merge commit sha: 051f69796bfb3ee5c82407da77df8fdb76fcffcc **/ include/odp/api/spec/ipsec.h | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/include/odp/api/spec/ipsec.h b/include/odp/api/spec/ipsec.h index 538472a5e..731cd10de 100644 --- a/include/odp/api/spec/ipsec.h +++ b/include/odp/api/spec/ipsec.h @@ -280,6 +280,24 @@ typedef struct odp_ipsec_capability_t { } odp_ipsec_capability_t; +/** + * Cipher algorithm capabilities + */ +typedef struct odp_ipsec_cipher_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_cipher_capability_t; + +/** + * Authentication algorithm capabilities + */ +typedef struct odp_ipsec_auth_capability_t { + /** Key length in bytes */ + uint32_t key_len; + +} odp_ipsec_auth_capability_t; + /** * IPSEC configuration options */ @@ -744,7 +762,7 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa); * @retval <0 on failure */ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num); + odp_ipsec_cipher_capability_t capa[], int num); /** * Query supported IPSEC authentication algorithm capabilities @@ -766,7 +784,7 @@ int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, * @retval <0 on failure */ int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num); + odp_ipsec_auth_capability_t capa[], int num); /** * Initialize IPSEC configuration options From patchwork Wed Dec 20 20:00:10 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122496 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp6032969qgn; Wed, 20 Dec 2017 12:01:26 -0800 (PST) X-Google-Smtp-Source: ACJfBoutXUQSvQrlyJnlhtdyXveTig8Z3CLkVE4Sq81kdb/Ytj2k0b7Bp65r8sye9f/ZLPQxFapo X-Received: by 10.200.50.61 with SMTP id x58mr12149546qta.117.1513800086002; Wed, 20 Dec 2017 12:01:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513800085; cv=none; d=google.com; s=arc-20160816; b=gb7uADAk7txQ/R0c1m4M/aJE/MNLDJ4OqDvhukjqZXjS0s/NCqOwvKYC8/7OiUvjtB 6TabH25qjdfQLHh29i/exbrmttwrBH6T3AfwjE9BwsO6R8Ncq48XOB+te7kn2KY89m4l SrwDt7V6EAZ1P4S0Rm9k7n+G0MyRGlcz3tHK1u4qhM19Gok7MemStRBLysz654hmQHkY lNuts7t8eezyqC6ejIEAt/zHsTAALn8B21ASKGAGCq7VxWeRaFC33VDRL7XXWkERXyp0 ZYyvFSPpl/aHoF26Mt+OFy7/dUXKSW/IfgwpJ1F/sRWMUCNxIdUTFIcbxueZzbOEtolc wWHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=UfsXqY7HlQ25s/ASZpLw2m18Ve3rVmzRSLh1G+bYb48=; b=WYCUJfikWIUzAi5ASeB3A0yaMrE0Md9x4YaJx3tZNlJRW/Rncif5/TwGgfZA4LTd8C A2q92mxyZ4ZX96xV8VGTdUDQHiAEi3mMEkrBLb9mUDmmehgwql7jKfN08ZSTT+4PgU8i eFv15tku/bP1Zdjmr/F/s+/tAWQBOT4D+Iwy4+Dc1UUUW4vVWK9FYLHzMIf9PeGJqNTQ sfOZeScf+9WTNHtjSGRQbq56aFYh73j8nMpWT0zeQOHJ54nezFzn25qfhS6Yl/N+rI5D +Ek9C/CgO0QyDuDCbEnZmeWvTXhrh9tih4Eze1bFfjwLofuQyF1RkaRVMVE0sA9k17f5 2LWA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id y67si5412584qke.457.2017.12.20.12.01.25; Wed, 20 Dec 2017 12:01:25 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id B3C60608FD; Wed, 20 Dec 2017 20:01:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 9332760922; Wed, 20 Dec 2017 20:00:24 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 65E4E608EE; Wed, 20 Dec 2017 20:00:18 +0000 (UTC) Received: from forward105o.mail.yandex.net (forward105o.mail.yandex.net [37.140.190.183]) by lists.linaro.org (Postfix) with ESMTPS id 3F227608F6 for ; Wed, 20 Dec 2017 20:00:16 +0000 (UTC) Received: from mxback5g.mail.yandex.net (mxback5g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:166]) by forward105o.mail.yandex.net (Yandex) with ESMTP id 5DCFE444286C for ; Wed, 20 Dec 2017 23:00:14 +0300 (MSK) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [2a02:6b8:0:1a2d::27]) by mxback5g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id PUALTtBWEO-0EMGdPiH; Wed, 20 Dec 2017 23:00:14 +0300 Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id xnVhh3DIik-0DB4e6vp; Wed, 20 Dec 2017 23:00:13 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 23:00:10 +0300 Message-Id: <1513800011-1560-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513800011-1560-1-git-send-email-odpbot@yandex.ru> References: <1513800011-1560-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v5 2/3] validation: ipsec: adapt to crypto capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 9e35c84dea1b66bae27a35dfc71018a0bb455950 ** Merge commit sha: 051f69796bfb3ee5c82407da77df8fdb76fcffcc **/ test/validation/api/ipsec/ipsec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 097216730..47170e086 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -126,8 +126,8 @@ int ipsec_check(odp_bool_t ah, uint32_t auth_bits) { odp_ipsec_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + odp_ipsec_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_ipsec_auth_capability_t auth_capa[MAX_ALG_CAPA]; int i, num; odp_bool_t found; From patchwork Wed Dec 20 20:00:11 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122497 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp6033932qgn; Wed, 20 Dec 2017 12:02:03 -0800 (PST) X-Google-Smtp-Source: ACJfBosbhSkb+EKyHwCe00vn8D28XfxRqyM1szkfa0qEePgCUx9PP6Cemob82RgHEgMyBj+DB9U1 X-Received: by 10.200.26.234 with SMTP id h39mr11757133qtk.135.1513800123111; Wed, 20 Dec 2017 12:02:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513800123; cv=none; d=google.com; s=arc-20160816; b=Vh9dTNBH45Ou+p4M6pNzLW9ynNIkxdvxzCpQxKBFMACSY9H5l85LxBCP1pJuF4f9uY vk8W0Pa0LG/gfRf//2tmFm18sgcY+MmoMxH8rhKs4ttF5tYbwl4uMO1k9ooO0m3U0OtV 7NCjWM4H06nKibMa4+JNh93WQKZ8GJDBMVlCTr7ELZoFkxzrMRf46RE4IOID4lf9TnfX THtPRE9nQ2EKZtzbnbDBfYAM4Ea93Sz/kdFwKUFm4nXphm0RuzqK0GEnigVhqyJU3Y5V gpA7+ASRgZVWUk8bq+NO4zgeguSQV1DBCq/kn7U9sFnGxeWC8BTbYYS5W4MVqj1rfPHm 2RcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=lbBiX+PNKvJRdoaviPail/xVoGWKj4El2OkS4gTC5ZA=; b=Hl1RVzgLtaE004KHwXzNji/MLUuhlV7cQjTGuQQxQnISqCFZsUVC0RUUXzlwHHbvw4 u/6zmIakhl42Wbt9EL++krC0KsQ0VlfixqoWhP/By4ORLyZMPShUMblHPIE8XqmYB4Nm 4fSlICKbIdPIl7jnx797npnWSd/2kxteWblQRTjKuUg0oaE5IU315uxXEio/WI484ShR z+msR8kzZWhGAIuCO42QSXZKkbl7FwnzB2WDl4MzuUDlF5bn1stVtzm9BLUtVuMh/GjJ Q/IsXu5jYvyI2qso17+6az4jlLU8UNRurfMQrq3j7dVLq/u+T+AB3mgRbNVF0Uv8L++U jj7Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id o63si3176731qkf.281.2017.12.20.12.02.02; Wed, 20 Dec 2017 12:02:03 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 15AB060956; Wed, 20 Dec 2017 20:02:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id E50CD60912; Wed, 20 Dec 2017 20:00:28 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 72E00608EE; Wed, 20 Dec 2017 20:00:19 +0000 (UTC) Received: from forward104p.mail.yandex.net (forward104p.mail.yandex.net [77.88.28.107]) by lists.linaro.org (Postfix) with ESMTPS id 61367608F8 for ; Wed, 20 Dec 2017 20:00:16 +0000 (UTC) Received: from mxback2j.mail.yandex.net (mxback2j.mail.yandex.net [IPv6:2a02:6b8:0:1619::10b]) by forward104p.mail.yandex.net (Yandex) with ESMTP id 29101183620 for ; Wed, 20 Dec 2017 23:00:15 +0300 (MSK) Received: from smtp3o.mail.yandex.net (smtp3o.mail.yandex.net [2a02:6b8:0:1a2d::27]) by mxback2j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id ML2riFfynD-0Fc0NcRu; Wed, 20 Dec 2017 23:00:15 +0300 Received: by smtp3o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id xnVhh3DIik-0EBSvNCi; Wed, 20 Dec 2017 23:00:14 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Wed, 20 Dec 2017 23:00:11 +0300 Message-Id: <1513800011-1560-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513800011-1560-1-git-send-email-odpbot@yandex.ru> References: <1513800011-1560-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 351 Subject: [lng-odp] [PATCH API-NEXT v5 3/3] linux-gen: ipsec: adapt to capability changes X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 351 (lumag:ipsec_crypto_caps) ** https://github.com/Linaro/odp/pull/351 ** Patch: https://github.com/Linaro/odp/pull/351.patch ** Base sha: 9e35c84dea1b66bae27a35dfc71018a0bb455950 ** Merge commit sha: 051f69796bfb3ee5c82407da77df8fdb76fcffcc **/ .../linux-generic/include/odp_ipsec_internal.h | 6 ++ platform/linux-generic/odp_ipsec.c | 67 +++++++++++++- platform/linux-generic/odp_ipsec_sad.c | 101 ++++++++++++++------- 3 files changed, 137 insertions(+), 37 deletions(-) diff --git a/platform/linux-generic/include/odp_ipsec_internal.h b/platform/linux-generic/include/odp_ipsec_internal.h index c6f241fac..70a583c5b 100644 --- a/platform/linux-generic/include/odp_ipsec_internal.h +++ b/platform/linux-generic/include/odp_ipsec_internal.h @@ -206,6 +206,12 @@ typedef struct ODP_PACKED { odp_u32be_t seq_no; /**< Sequence Number */ } ipsec_aad_t; +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher); + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth); + /** * Obtain SA reference */ diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index 4f23eb17b..f9ba4a165 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -57,16 +57,75 @@ int odp_ipsec_capability(odp_ipsec_capability_t *capa) return 0; } +/* This should be enough for all ciphers and auths. Currently used maximum is 3 + * capabilities */ +#define MAX_CAPS 10 + int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher, - odp_crypto_cipher_capability_t capa[], int num) + odp_ipsec_cipher_capability_t capa[], int num) { - return odp_crypto_cipher_capability(cipher, capa, num); + odp_crypto_cipher_capability_t crypto_capa[MAX_CAPS]; + uint32_t req_iv_len; + int rc, i, out; + + rc = odp_crypto_cipher_capability(cipher, crypto_capa, MAX_CAPS); + if (rc <= 0) + return rc; + + ODP_ASSERT(rc <= MAX_CAPS); + if (rc > MAX_CAPS) + rc = MAX_CAPS; + + req_iv_len = _odp_ipsec_cipher_iv_len(cipher); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].iv_len != req_iv_len) + continue; + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out++; + } + + return out; } int odp_ipsec_auth_capability(odp_auth_alg_t auth, - odp_crypto_auth_capability_t capa[], int num) + odp_ipsec_auth_capability_t capa[], int num) { - return odp_crypto_auth_capability(auth, capa, num); + odp_crypto_auth_capability_t crypto_capa[MAX_CAPS]; + uint32_t req_digest_len; + int rc, i, out; + + rc = odp_crypto_auth_capability(auth, crypto_capa, MAX_CAPS); + if (rc <= 0) + return rc; + + ODP_ASSERT(rc <= MAX_CAPS); + if (rc > MAX_CAPS) + rc = MAX_CAPS; + + req_digest_len = _odp_ipsec_auth_digest_len(auth); + for (i = 0, out = 0; i < rc; i++) { + if (crypto_capa[i].digest_len != req_digest_len) + continue; + + if (ODP_AUTH_ALG_AES_GCM == auth || + ODP_DEPRECATE(ODP_AUTH_ALG_AES128_GCM) == auth) { + uint8_t aad_len = 12; + + if (aad_len < crypto_capa[i].aad_len.min || + aad_len > crypto_capa[i].aad_len.max || + 0 != (aad_len - crypto_capa[i].aad_len.min) % + crypto_capa[i].aad_len.inc) + continue; + } + + if (out < num) + capa[out].key_len = crypto_capa[i].key_len; + out++; + } + + return out; } void odp_ipsec_config_init(odp_ipsec_config_t *config) diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 2d6321166..845a73dea 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -190,12 +190,66 @@ void odp_ipsec_sa_param_init(odp_ipsec_sa_param_t *param) param->dest_queue = ODP_QUEUE_INVALID; } +/* Return IV length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return 0; + case ODP_CIPHER_ALG_DES: + case ODP_CIPHER_ALG_3DES_CBC: + return 8; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_CBC: +#endif + case ODP_CIPHER_ALG_AES_CBC: + case ODP_CIPHER_ALG_AES_CTR: + return 16; +#if ODP_DEPRECATED_API + case ODP_CIPHER_ALG_AES128_GCM: +#endif + case ODP_CIPHER_ALG_AES_GCM: + return 12; + default: + return (uint32_t)-1; + } +} + +/* Return digest length required for the cipher for IPsec use */ +uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return 0; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_MD5_96: +#endif + case ODP_AUTH_ALG_MD5_HMAC: + case ODP_AUTH_ALG_SHA1_HMAC: + return 12; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_SHA256_128: +#endif + case ODP_AUTH_ALG_SHA256_HMAC: + return 16; + case ODP_AUTH_ALG_SHA512_HMAC: + return 32; +#if ODP_DEPRECATED_API + case ODP_AUTH_ALG_AES128_GCM: +#endif + case ODP_AUTH_ALG_AES_GCM: + case ODP_AUTH_ALG_AES_GMAC: + return 16; + default: + return (uint32_t)-1; + } +} + odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) { ipsec_sa_t *ipsec_sa; odp_crypto_session_param_t crypto_param; odp_crypto_ses_create_err_t ses_create_rc; - uint32_t aad_len = 0; ipsec_sa = ipsec_sa_reserve(); if (NULL == ipsec_sa) { @@ -297,17 +351,25 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) crypto_param.auth_alg = param->crypto.auth_alg; crypto_param.auth_key = param->crypto.auth_key; + crypto_param.iv.length = + _odp_ipsec_cipher_iv_len(crypto_param.cipher_alg); + + crypto_param.auth_digest_len = + _odp_ipsec_auth_digest_len(crypto_param.auth_alg); + + if ((uint32_t)-1 == crypto_param.iv.length || + (uint32_t)-1 == crypto_param.auth_digest_len) + goto error; + switch (crypto_param.cipher_alg) { case ODP_CIPHER_ALG_NULL: ipsec_sa->esp_iv_len = 0; ipsec_sa->esp_block_len = 1; - crypto_param.iv.length = 0; break; case ODP_CIPHER_ALG_DES: case ODP_CIPHER_ALG_3DES_CBC: ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 8; - crypto_param.iv.length = 8; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_CBC: @@ -315,14 +377,12 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) case ODP_CIPHER_ALG_AES_CBC: ipsec_sa->esp_iv_len = 16; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; case ODP_CIPHER_ALG_AES_CTR: ipsec_sa->use_counter_iv = 1; ipsec_sa->aes_ctr_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 16; break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_GCM: @@ -331,40 +391,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 12; break; default: goto error; } switch (crypto_param.auth_alg) { - case ODP_AUTH_ALG_NULL: - ipsec_sa->icv_len = 0; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_MD5_96: -#endif - case ODP_AUTH_ALG_MD5_HMAC: - ipsec_sa->icv_len = 12; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - ipsec_sa->icv_len = 12; - break; -#if ODP_DEPRECATED_API - case ODP_AUTH_ALG_SHA256_128: -#endif - case ODP_AUTH_ALG_SHA256_HMAC: - ipsec_sa->icv_len = 16; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - ipsec_sa->icv_len = 32; - break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: #endif case ODP_AUTH_ALG_AES_GCM: - ipsec_sa->icv_len = 16; - aad_len = sizeof(ipsec_aad_t); + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); break; case ODP_AUTH_ALG_AES_GMAC: if (ODP_CIPHER_ALG_NULL != crypto_param.cipher_alg) @@ -372,19 +409,17 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - ipsec_sa->icv_len = 16; crypto_param.iv.length = 12; break; default: - goto error; + break; } if (1 == ipsec_sa->use_counter_iv && ODP_IPSEC_DIR_OUTBOUND == param->dir) odp_atomic_init_u64(&ipsec_sa->out.counter, 1); - crypto_param.auth_digest_len = ipsec_sa->icv_len; - crypto_param.auth_aad_len = aad_len; + ipsec_sa->icv_len = crypto_param.auth_digest_len; if (param->crypto.cipher_key_extra.length) { if (param->crypto.cipher_key_extra.length >