From patchwork Thu Dec 21 23:00:20 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122605 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp1509677qgn; Thu, 21 Dec 2017 15:03:25 -0800 (PST) X-Google-Smtp-Source: ACJfBosn6eZ6zW63V8E1cTouxVeXnacDFfEcSh2CeTUN7b4ui3Krl8+OXNZVpb8GQQWBZPWPs+z8 X-Received: by 10.55.124.67 with SMTP id x64mr10240422qkc.329.1513897404921; Thu, 21 Dec 2017 15:03:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513897404; cv=none; d=google.com; s=arc-20160816; b=pwrXO6O+5s6UQqRJ2Cbz0Nz3eJCq9b+nWguFjdJ3enXpGA6Cyl1wASjvBI1rIMiMvi kaLkvvmvyMiZmOyffm3BPjcc1E59QLaFnfCuVDiZ4OdsekdR1MOQ1a60HyW2DUlOHrCq nyZvVuIOB/Umxiny4bmeHFXD2XipPpuKRkPELt1xe7+6nPPG30iQdir0/KFNJnR35MOD UapCYlMa6lYFx7XFP3AILAFHuscKWnDYxzco5CvQRatFdh7syzfW+etq8gaMJq8HbaRL kxI3GxkKAOCyCoTUVJCnxnFMkpyUnEWiqx35ICIyU2DGKa9hJg2+ZW/SHN61UtnKQvii OteQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=qF3NefX6u65CraURLBrr1vxwFSaoYb0UUjxYgXmal/E=; b=Kx1GVbyosBTJUo/DgC1630Zcu15IIQfNsopesKmWmmz6Wbxg9Di7WUMHlLEWXQgg1t J4Vk7Yiz9VNJTa7smJXSi2IG7aWNV7xI6NKsTcdhxj5P8C+YLP3QnekxXcSXrtis4pRY uJvZI/R3OKpcORJ89L0420q5tOZFqiLsMYX4xmYjKrVeljOG52dEbVNNfGfeXT2JMtVY cxjZajfOyAWim03Mmc1lTMNXCEikRlTczHOIgkvovF5RrLwr+leyNfhOQMFaW04KMzWT gl132zGAleeq/2GIA64g10azFPMM7EUyyK82jhFXDnL+wWziFS17QaAmnTCxGneYv8+V c28A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id g28si1369113qta.473.2017.12.21.15.03.24; Thu, 21 Dec 2017 15:03:24 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id A07DC616F4; Thu, 21 Dec 2017 23:03:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 78105614FF; Thu, 21 Dec 2017 23:01:22 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 01ACC61504; Thu, 21 Dec 2017 23:01:16 +0000 (UTC) Received: from forward102j.mail.yandex.net (forward102j.mail.yandex.net [5.45.198.243]) by lists.linaro.org (Postfix) with ESMTPS id 98CEB6095F for ; Thu, 21 Dec 2017 23:00:26 +0000 (UTC) Received: from mxback11j.mail.yandex.net (mxback11j.mail.yandex.net [IPv6:2a02:6b8:0:1619::84]) by forward102j.mail.yandex.net (Yandex) with ESMTP id 20CFA5602115 for ; Fri, 22 Dec 2017 02:00:25 +0300 (MSK) Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [2a02:6b8:0:1a2d::28]) by mxback11j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id BrLTIgfcDI-0POSjsdk; Fri, 22 Dec 2017 02:00:25 +0300 Received: by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id B287xXhYac-0OVOGoHt; Fri, 22 Dec 2017 02:00:24 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 22 Dec 2017 02:00:20 +0300 Message-Id: <1513897223-21131-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513897223-21131-1-git-send-email-odpbot@yandex.ru> References: <1513897223-21131-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 352 Subject: [lng-odp] [PATCH API-NEXT v2 1/4] linux-gen: crypto: move session type to odp_crypto module X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov There is no point in having odp_crypto_generic_session_t definition in global include file. Move it to odp_crypto module. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 177eeff39e19289e771119cfdffc515cb16f9db5 ** Merge commit sha: ea71bf34033ee74ce7f090f0212b9285ca13b1fe **/ platform/linux-generic/Makefile.am | 1 - .../linux-generic/include/odp_crypto_internal.h | 73 ---------------------- platform/linux-generic/odp_crypto.c | 46 +++++++++++++- 3 files changed, 44 insertions(+), 76 deletions(-) delete mode 100644 platform/linux-generic/include/odp_crypto_internal.h diff --git a/platform/linux-generic/Makefile.am b/platform/linux-generic/Makefile.am index 4371e7a99..5f00e3f6e 100644 --- a/platform/linux-generic/Makefile.am +++ b/platform/linux-generic/Makefile.am @@ -138,7 +138,6 @@ noinst_HEADERS = \ include/odp_classification_inlines.h \ include/odp_classification_internal.h \ include/odp_config_internal.h \ - include/odp_crypto_internal.h \ include/odp_debug_internal.h \ include/odp_errno_define.h \ include/odp_forward_typedefs_internal.h \ diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h deleted file mode 100644 index 32178d9de..000000000 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ /dev/null @@ -1,73 +0,0 @@ -/* Copyright (c) 2014, Linaro Limited - * All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef ODP_CRYPTO_INTERNAL_H_ -#define ODP_CRYPTO_INTERNAL_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -#define MAX_IV_LEN 64 -#define OP_RESULT_MAGIC 0x91919191 - -/** Forward declaration of session structure */ -typedef struct odp_crypto_generic_session odp_crypto_generic_session_t; - -/** - * Algorithm handler function prototype - */ -typedef -odp_crypto_alg_err_t (*crypto_func_t)(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session); - -/** - * Per crypto session data structure - */ -struct odp_crypto_generic_session { - struct odp_crypto_generic_session *next; - - /* Session creation parameters */ - odp_crypto_session_param_t p; - - odp_bool_t do_cipher_first; - - struct { - /* Copy of session IV data */ - uint8_t iv_data[MAX_IV_LEN]; - uint8_t key_data[EVP_MAX_KEY_LENGTH]; - - const EVP_CIPHER *evp_cipher; - crypto_func_t func; - } cipher; - - struct { - uint8_t key[EVP_MAX_KEY_LENGTH]; - uint32_t key_length; - union { - const EVP_MD *evp_md; - const EVP_CIPHER *evp_cipher; - }; - crypto_func_t func; - } auth; -}; - -/** - * Per session creation operation result - */ -typedef struct odp_crypto_generic_session_result { - odp_crypto_ses_create_err_t rc; - odp_crypto_session_t session; -} odp_crypto_generic_session_result_t; - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 11635cdab..4cc01845a 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -15,7 +15,6 @@ #include #include #include -#include #include #include #include @@ -89,6 +88,49 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +/** Forward declaration of session structure */ +typedef struct odp_crypto_generic_session_t odp_crypto_generic_session_t; + +/** + * Algorithm handler function prototype + */ +typedef +odp_crypto_alg_err_t (*crypto_func_t)(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session); + +/** + * Per crypto session data structure + */ +struct odp_crypto_generic_session_t { + odp_crypto_generic_session_t *next; + + /* Session creation parameters */ + odp_crypto_session_param_t p; + + odp_bool_t do_cipher_first; + + struct { + /* Copy of session IV data */ + uint8_t iv_data[EVP_MAX_IV_LENGTH]; + uint8_t key_data[EVP_MAX_KEY_LENGTH]; + + const EVP_CIPHER *evp_cipher; + crypto_func_t func; + } cipher; + + struct { + uint8_t key[EVP_MAX_KEY_LENGTH]; + uint32_t key_length; + uint32_t bytes; + union { + const EVP_MD *evp_md; + const EVP_CIPHER *evp_cipher; + }; + crypto_func_t func; + } auth; +}; + typedef struct odp_crypto_global_s odp_crypto_global_t; struct odp_crypto_global_s { @@ -857,7 +899,7 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, /* Copy parameters */ session->p = *param; - if (session->p.iv.length > MAX_IV_LEN) { + if (session->p.iv.length > EVP_MAX_IV_LENGTH) { ODP_DBG("Maximum IV length exceeded\n"); *status = ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER; goto err; From patchwork Thu Dec 21 23:00:21 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122606 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp1510579qgn; Thu, 21 Dec 2017 15:04:13 -0800 (PST) X-Google-Smtp-Source: ACJfBosZM3+Ojy3tc0Sdr8/dbh82FGIr9gMuSRANCqzykJuf7C6DHWasQBpXlharyadmkLsOJ+Z7 X-Received: by 10.55.53.75 with SMTP id c72mr17237726qka.2.1513897452975; Thu, 21 Dec 2017 15:04:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513897452; cv=none; d=google.com; s=arc-20160816; b=dU9U5LEJg3fJun/uzDcFWmuL9RAtQ8AUcciN8s9wbNbRt9OeSbMnX+xR6+DUQDwrJI iBR+3SCXG+57P0YhWeOdi1mu6c47GGQgjIxeDU9ck6oworuxoK41MHZo/jseCTZuLEIz NAlHyrtXQlwyw1nuZqcbUDWUeXq4ps+0vSb6rjWnljcCWHeO0wG7jmzmwaURWcyoL4EQ zu+d2Ut1fmm4OX5dhHOfjsXji9JbW9yQw04ZuFYgs+f7hVucARZ0CCLpyW2Qtuwrsa9K 4/ExN4GjmDNKvWEnnV4cpcd6wwJtGffBA0JFf5ObZfETrS+fNOlghoB0KdmQoYWiZo8m EiZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=Z3AT5424hVuz1cNhOGKPMbJ5kej8WmGp7jPo8IacndM=; b=ZkkfWPY8C3Yq0Y8CIfTUKvMlYVrTOPImB5HmZ9Mb39HNN5pp748dPxe/OSkFAXaUvP 3cYdKE31gOEQbdh5YfDmuRECOdC65u2LPdQxQm7omseiNBc/y1jtCQMrnuZxjXdVOaMi YrRSk/FzUdnKJR/ppb1oBg5l/+ycbihJVzJC15gx9mvU1JOHBp0xBO0l4n10oxrhuv5u gCHLJtI6kS6aIgBmwxzAAgpzV90o28ruqHHH7VSQDtx0sCgWitJTBnCTevlDzJrcHhup WukqH6oSuADq54mXP7GMQX7naRhaTjopFeFDpGJ27XadVJq21Ce+nkijZgjnSZJHXeeF ptXw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id n5si6431914qtf.1.2017.12.21.15.04.12; Thu, 21 Dec 2017 15:04:12 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 90B9061514; Thu, 21 Dec 2017 23:04:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id C04AB61527; Thu, 21 Dec 2017 23:01:27 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 460AC6150E; Thu, 21 Dec 2017 23:01:21 +0000 (UTC) Received: from forward100j.mail.yandex.net (forward100j.mail.yandex.net [5.45.198.240]) by lists.linaro.org (Postfix) with ESMTPS id 0B4C461508 for ; Thu, 21 Dec 2017 23:00:27 +0000 (UTC) Received: from mxback5g.mail.yandex.net (mxback5g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:166]) by forward100j.mail.yandex.net (Yandex) with ESMTP id A73CF5D8411C for ; Fri, 22 Dec 2017 02:00:25 +0300 (MSK) Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [2a02:6b8:0:1a2d::28]) by mxback5g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id jZGRpYiuGk-0PMGfi8R; Fri, 22 Dec 2017 02:00:25 +0300 Received: by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id B287xXhYac-0PV0214O; Fri, 22 Dec 2017 02:00:25 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 22 Dec 2017 02:00:21 +0300 Message-Id: <1513897223-21131-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513897223-21131-1-git-send-email-odpbot@yandex.ru> References: <1513897223-21131-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 352 Subject: [lng-odp] [PATCH API-NEXT v2 2/4] api: crypto: add separate auth IV X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov GMAC auth algorithm requires IV to work. Instead of hacking the ODP_CIPHER_ALG_NULL iv to include value for ODP_AUTH_ALG_GMAC, provide separate iv (in auth capability, session params and operation params). Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 177eeff39e19289e771119cfdffc515cb16f9db5 ** Merge commit sha: ea71bf34033ee74ce7f090f0212b9285ca13b1fe **/ include/odp/api/spec/crypto.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 81fecbc36..033056591 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -327,6 +327,9 @@ typedef struct odp_crypto_session_param_t { */ odp_crypto_key_t auth_key; + /** Authentication Initialization Vector (IV) */ + odp_crypto_iv_t auth_iv; + /** Authentication digest length in bytes * * Use odp_crypto_auth_capability() for supported digest lengths. @@ -397,6 +400,9 @@ typedef struct odp_crypto_op_param_t { /** Override session IV pointer */ uint8_t *override_iv_ptr; + /** Override session authentication IV pointer */ + uint8_t *override_auth_iv_ptr; + /** Offset from start of packet for hash result * * Specifies the offset where the hash result is to be stored. In case @@ -433,6 +439,9 @@ typedef struct odp_crypto_packet_op_param_t { /** Override session IV pointer */ uint8_t *override_iv_ptr; + /** Override session authentication IV pointer */ + uint8_t *override_auth_iv_ptr; + /** Offset from start of packet for hash result * * Specifies the offset where the hash result is to be stored. In case @@ -598,6 +607,9 @@ typedef struct odp_crypto_auth_capability_t { /** Key length in bytes */ uint32_t key_len; + /** IV length in bytes */ + uint32_t iv_len; + /** Additional Authenticated Data (AAD) lengths */ struct { /** Minimum AAD length in bytes */ From patchwork Thu Dec 21 23:00:22 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122607 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp1511429qgn; Thu, 21 Dec 2017 15:04:56 -0800 (PST) X-Google-Smtp-Source: ACJfBosrHU/b91cFqd1jTZe0T8xEGXIa1TCRd8GRYU8vJj0IYRYjhdPnwrHIlsrsmpxZEqJJNWvF X-Received: by 10.200.44.243 with SMTP id 48mr16084579qtx.99.1513897495918; Thu, 21 Dec 2017 15:04:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513897495; cv=none; d=google.com; s=arc-20160816; b=EdCzA0k7KcTvISQF9r0LfbdfxY0fDibR+DjKsxoqKpwFydzTEy0xLzu2gPgW0U8vld oD8LF/KpSz7cKh9YttLI/v8nYQcHv0I69dwO08CZcTeU5CR7ytfVkCWjYw+/zCWNbWN5 5OBEa2KlpMb0kT1VVumFifnAkMwVniwQYcHD9iLZy+CBA55Det9B6JTgMp/dFL0AMBpz zQISBM1ISD5dZwg/K1EIDpwBOv6J3A080h4kI9foy/X3KIh/CwFrf7QahEFiDc0N4Ohe uSWGk/6Ykru2Z+0DxHJM9PfNMeivJumVAGZiYWNylMOsN+AVxSMPNCzCSYz02JIP6paz pwtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=5Gw3UpjQPZ2L2Vys0aQewFVfJX1Q2k8UF8OhF/kIwHI=; b=xpVKhUkzbYH2+uxuaj+jVvvmwhKfaxC7RNbRD0GYqj/Q15jAL6WJHDn14qe5mTa1rA PPDKlpKmJhV3gVxSk2DeFn8Ah0C6lJs3u5TvOblM+pN5DjqPebX4G/hdveLmsAE/Nr06 +JsLD/vt8p6DkN3CB0XnkjaUaBVTXP6KNXU+CV9krl1bXFUJeTh+a3GTnxr2JkTEV+n2 y2Z4CzWV3MfgZGc+AYZXwWdytpU+UIsVKPr3s9VOwIvQ8cgosq6sP/r4Kr2sMTYtf9DH qvvGUNY+Njw4li0n5kp90zQ4U5J9g85mE17BtXvp1dVhSdGzrBtCJ9azYgGrxrADI+F8 2ciw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id s125si1601107qkb.412.2017.12.21.15.04.55; Thu, 21 Dec 2017 15:04:55 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 9AF766152C; Thu, 21 Dec 2017 23:04:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 0C2B161516; Thu, 21 Dec 2017 23:01:32 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 5CA0C61505; Thu, 21 Dec 2017 23:01:21 +0000 (UTC) Received: from forward105p.mail.yandex.net (forward105p.mail.yandex.net [77.88.28.108]) by lists.linaro.org (Postfix) with ESMTPS id 6E3B56150A for ; Thu, 21 Dec 2017 23:00:27 +0000 (UTC) Received: from mxback7o.mail.yandex.net (mxback7o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::21]) by forward105p.mail.yandex.net (Yandex) with ESMTP id 35961408478E for ; Fri, 22 Dec 2017 02:00:26 +0300 (MSK) Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [2a02:6b8:0:1a2d::28]) by mxback7o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id aqxq5jg5JO-0QheiJP1; Fri, 22 Dec 2017 02:00:26 +0300 Received: by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id B287xXhYac-0PVWMsYG; Fri, 22 Dec 2017 02:00:25 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 22 Dec 2017 02:00:22 +0300 Message-Id: <1513897223-21131-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513897223-21131-1-git-send-email-odpbot@yandex.ru> References: <1513897223-21131-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 352 Subject: [lng-odp] [PATCH API-NEXT v2 3/4] validation: crypto: use auth IV for GMAC test case X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Change GMAC testing code to use new auth IV fields. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 177eeff39e19289e771119cfdffc515cb16f9db5 ** Merge commit sha: ea71bf34033ee74ce7f090f0212b9285ca13b1fe **/ test/validation/api/crypto/odp_crypto_test_inp.c | 11 +++++++++-- test/validation/api/crypto/test_vectors.h | 8 +++++--- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 7ad2889f5..cbf7bbd40 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -314,6 +314,10 @@ static void alg_test(odp_crypto_op_t op, .data = ovr_iv ? NULL : ref->iv, .length = ref->iv_length }; + odp_crypto_iv_t auth_iv = { + .data = ovr_iv ? NULL : ref->auth_iv, + .length = ref->auth_iv_length + }; int num, i; int found; @@ -407,6 +411,7 @@ static void alg_test(odp_crypto_op_t op, /* Search for the test case */ for (i = 0; i < num; i++) { if (auth_capa[i].digest_len == ref->digest_length && + auth_capa[i].iv_len == auth_iv.length && auth_capa[i].key_len == auth_key.length) { found = 1; break; @@ -415,8 +420,9 @@ static void alg_test(odp_crypto_op_t op, if (!found) { printf("\n Unsupported: alg=%s, key_len=%" PRIu32 ", " - "digest_len=%" PRIu32 "\n", auth_alg_name(auth_alg), - auth_key.length, ref->digest_length); + "digest_len=%" PRIu32 ", iv_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), auth_key.length, + ref->digest_length, auth_iv.length); return; } @@ -432,6 +438,7 @@ static void alg_test(odp_crypto_op_t op, ses_params.output_pool = suite_context.pool; ses_params.cipher_key = cipher_key; ses_params.iv = iv; + ses_params.auth_iv = auth_iv; ses_params.auth_key = auth_key; ses_params.auth_digest_len = ref->digest_length; ses_params.auth_aad_len = ref->aad_length; diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index f2ce9eb2f..90b020356 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -16,6 +16,8 @@ typedef struct crypto_test_reference_s { uint8_t auth_key[MAX_KEY_LEN]; uint32_t iv_length; uint8_t iv[MAX_IV_LEN]; + uint32_t auth_iv_length; + uint8_t auth_iv[MAX_IV_LEN]; uint32_t length; uint8_t plaintext[MAX_DATA_LEN]; uint8_t ciphertext[MAX_DATA_LEN]; @@ -447,9 +449,9 @@ static crypto_test_reference_t aes_gmac_reference[] = { .auth_key_length = AES128_GCM_KEY_LEN, .auth_key = { 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34}, - .iv_length = AES_GCM_IV_LEN, - .iv = { 0x22, 0x43, 0x3c, 0x64, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }, + .auth_iv_length = AES_GCM_IV_LEN, + .auth_iv = { 0x22, 0x43, 0x3c, 0x64, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, .length = 68, .plaintext = { 0x00, 0x00, 0x43, 0x21, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, From patchwork Thu Dec 21 23:00:23 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122608 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp1512567qgn; Thu, 21 Dec 2017 15:05:57 -0800 (PST) X-Google-Smtp-Source: ACJfBot618f5bSrv+uCBUPo0hDFdnAlCSwaKORSCy4vjND/KUSCzSnemv7z3/RCt7gnLCTstzykq X-Received: by 10.200.48.51 with SMTP id f48mr16748554qte.262.1513897557326; Thu, 21 Dec 2017 15:05:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513897557; cv=none; d=google.com; s=arc-20160816; b=p3lgT95XGAxZlqss6aveulP/WaFdepiww5V0WDa/9v/7jcnsZ8jo+1sQ7oaNQgdZnj e1FXEugnjf7BRn411e8183v46fCgfDIh2lCcUCV3P+nX2X+iZZflyR35JYzfkgmRJYxC DGJDEbWi11tRS15pChNWl2gDyX+POa0kGc+ZuQtccU4AEf/K4Rp81zwg+0ZzWQHALWXG lRRANscvxGzjDkKIMgYGwd6IK4dnvWLYBJTO8wq0FdspobQ0GlR5dGeOzna5RVuj/dYC XWYqOzjqPKTMDVZY21ys2BVuKNSOk0/MRBvYi4vjwkBPQkzITMUytfNy/3PYI+2JkCdf f3FA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=+7VTSJ8G0N5niTbPhmfMSc2J88F8Y5j3UW9vWbwgGoM=; b=BOuPO0NXWalXqJXjY1zKU0krWiTmblk2SkHhxC9chq4fZ2ImKu/PSO/BY9lzdywsWz UJUwnuXZJcljhC7qctxfAer93eIr/DxvTUARtkBnnUdj7VmjM4tLcvGzP9LDW2Jp72Jt UXLiis4e2/DXj11oRFs+somrzMZUykzKa5qUrR3sVwFDRYVgiynZhJQyRXIc+KoDMtJg xDeD7KkusDtaUm90Ty9rj7HllTuEqMiCTNjmX8hzAicg4wb2aVj5qMOeFqi8qWlSvKHB 78z2jdx9w40cT+silKE75GfFmANaXuKu2WNr8nR0Bs4/GzP/9uxqzWuD1av3yhzN4CCE 2dYQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id p24si3270135qtp.376.2017.12.21.15.05.57; Thu, 21 Dec 2017 15:05:57 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 0F2A661528; Thu, 21 Dec 2017 23:05:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 67548616E4; Thu, 21 Dec 2017 23:01:37 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id AB9B16150E; Thu, 21 Dec 2017 23:01:23 +0000 (UTC) Received: from forward101j.mail.yandex.net (forward101j.mail.yandex.net [5.45.198.241]) by lists.linaro.org (Postfix) with ESMTPS id 46E186150B for ; Thu, 21 Dec 2017 23:00:28 +0000 (UTC) Received: from mxback13g.mail.yandex.net (mxback13g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:92]) by forward101j.mail.yandex.net (Yandex) with ESMTP id F1B3D124277E for ; Fri, 22 Dec 2017 02:00:26 +0300 (MSK) Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [2a02:6b8:0:1a2d::28]) by mxback13g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id l9nymyRNXx-0QVKBTUv; Fri, 22 Dec 2017 02:00:26 +0300 Received: by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id B287xXhYac-0QVKVZSi; Fri, 22 Dec 2017 02:00:26 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Fri, 22 Dec 2017 02:00:23 +0300 Message-Id: <1513897223-21131-5-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513897223-21131-1-git-send-email-odpbot@yandex.ru> References: <1513897223-21131-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 352 Subject: [lng-odp] [PATCH API-NEXT v2 4/4] linux-generic: crypto, ipsec: use auth_iv. X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Separate handling of authentication IV data. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 177eeff39e19289e771119cfdffc515cb16f9db5 ** Merge commit sha: ea71bf34033ee74ce7f090f0212b9285ca13b1fe **/ platform/linux-generic/odp_crypto.c | 35 ++++++++++++++++++++++------------ platform/linux-generic/odp_ipsec.c | 6 ++++-- platform/linux-generic/odp_ipsec_sad.c | 2 +- 3 files changed, 28 insertions(+), 15 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 4cc01845a..f56aabc4a 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -36,9 +36,7 @@ * Keep sorted: first by key length, then by IV length */ static const odp_crypto_cipher_capability_t cipher_capa_null[] = { -{.key_len = 0, .iv_len = 0}, -/* Special case for GMAC */ -{.key_len = 0, .iv_len = 12} }; +{.key_len = 0, .iv_len = 0} }; static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = { {.key_len = 24, .iv_len = 8} }; @@ -86,7 +84,8 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { -{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, + .iv_len = 12 } }; /** Forward declaration of session structure */ typedef struct odp_crypto_generic_session_t odp_crypto_generic_session_t; @@ -121,6 +120,7 @@ struct odp_crypto_generic_session_t { struct { uint8_t key[EVP_MAX_KEY_LENGTH]; + uint8_t iv_data[EVP_MAX_IV_LENGTH]; uint32_t key_length; uint32_t bytes; union { @@ -640,10 +640,10 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, uint8_t block[EVP_MAX_MD_SIZE]; int ret; - if (param->override_iv_ptr) - iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) - iv_ptr = session->cipher.iv_data; + if (param->override_auth_iv_ptr) + iv_ptr = param->override_auth_iv_ptr; + else if (session->p.auth_iv.data) + iv_ptr = session->auth.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -679,10 +679,10 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, uint8_t block[EVP_MAX_MD_SIZE]; int ret; - if (param->override_iv_ptr) - iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) - iv_ptr = session->cipher.iv_data; + if (param->override_auth_iv_ptr) + iv_ptr = param->override_auth_iv_ptr; + else if (session->p.auth_iv.data) + iv_ptr = session->auth.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -905,11 +905,21 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, goto err; } + if (session->p.auth_iv.length > EVP_MAX_IV_LENGTH) { + ODP_DBG("Maximum auth IV length exceeded\n"); + *status = ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER; + goto err; + } + /* Copy IV data */ if (session->p.iv.data) memcpy(session->cipher.iv_data, session->p.iv.data, session->p.iv.length); + if (session->p.auth_iv.data) + memcpy(session->auth.iv_data, session->p.auth_iv.data, + session->p.auth_iv.length); + /* Derive order */ if (ODP_CRYPTO_OP_ENCODE == param->op) session->do_cipher_first = param->auth_cipher_text; @@ -1098,6 +1108,7 @@ odp_crypto_operation(odp_crypto_op_param_t *param, packet_param.session = param->session; packet_param.override_iv_ptr = param->override_iv_ptr; + packet_param.override_auth_iv_ptr = param->override_auth_iv_ptr; packet_param.hash_result_offset = param->hash_result_offset; packet_param.aad_ptr = param->aad_ptr; packet_param.cipher_range = param->cipher_range; diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index b023d308d..d8c8fc0f0 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -478,6 +478,7 @@ static int ipsec_in_esp(odp_packet_t *pkt, state->in.hdr_len - ipsec_sa->icv_len; param->override_iv_ptr = state->iv; + param->override_auth_iv_ptr = state->iv; state->esp.aad.spi = esp.spi; state->esp.aad.seq_no = esp.seq_no; @@ -560,7 +561,7 @@ static int ipsec_in_ah(odp_packet_t *pkt, return -1; } - param->override_iv_ptr = state->iv; + param->override_auth_iv_ptr = state->iv; state->in.hdr_len = (ah.ah_len + 2) * 4; state->in.trl_len = 0; @@ -1080,6 +1081,7 @@ static int ipsec_out_esp(odp_packet_t *pkt, } param->override_iv_ptr = state->iv; + param->override_auth_iv_ptr = state->iv; memset(&esp, 0, sizeof(esp)); esp.spi = odp_cpu_to_be_32(ipsec_sa->spi); @@ -1229,7 +1231,7 @@ static int ipsec_out_ah(odp_packet_t *pkt, return -1; } - param->override_iv_ptr = state->iv; + param->override_auth_iv_ptr = state->iv; if (odp_packet_extend_head(pkt, hdr_len, NULL, NULL) < 0) { status->error.alg = 1; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 845a73dea..56a75f3e5 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -409,7 +409,7 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 12; + crypto_param.auth_iv.length = 12; break; default: break;