From patchwork Sat Jan 27 05:59:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126026 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp841080ljd; Fri, 26 Jan 2018 22:01:53 -0800 (PST) X-Google-Smtp-Source: AH8x225YzWaHei0AKuSOgKgAgUc+V2N282aT134wI1nag3b7dmRbNvNLeLkmm8zMpJR+FmrhRtUT X-Received: by 10.55.78.149 with SMTP id c143mr11783531qkb.30.1517032913208; Fri, 26 Jan 2018 22:01:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517032913; cv=none; d=google.com; s=arc-20160816; b=IcBWuo0SR5uLr16Mo6n12k6sQrXYE/H0x8vci4zMs51gCvKG2CEtbwu2FLkskxvANA Xk9wUtm1W6n6UGJb9IaAdmRkcHbkEpOeovPcbpdZyHZzAaytsL2l4rMvki02XOON9/DO zBnTAIzXmUIN1F4evjyqzeiRrg51vnAye/azpdCXk9cBeFM/Y2X95YDWc3Sa2X/zXvv2 /SwTZ054l0DUVLJjlJtXX+54moZg/pEKtjF3E52YEU4Ibue9HT1JNmaIERgCWoLV93Ts v6xFvKv7jBB1C0QNIi3YR0hzfKBL4IGWnl6AkRbwBZnH270W1sJZ6h9GoQUY4r/hJAks JcJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=mrXhW7m0qD2evV301kRfOC8WcGbLKgug8/6xETZqwNY=; b=cQJ3SQlBt9G0PNwJPxjFnxUZLz6L6Zmddst2l1RmZwCNlZ9De73NTESgUzZp94TsST pdZJK4LWFAPH36ZSMCpuDWXIyjIcf1nD8vfwq4ETrhk6xY+NbBzvjeBZZIJGxtElrLkG I7/J0mulE4V/yP6FlPmcGJqrLFERGMXhUkh46jLmtdlipZSoDqMh532j5DZENJL+I3Rk v215XJlPn8bkCSmEf7H11sHJjEvKR+tHW/Ysg3A0exFeoDrWXLZ9imoTHJZ3CDXsXrDU p3EIUWUjmaZ9QV7pQkZygHQBISg9uefQCmhzjjYFpNckhOKIV/X8J/4iyafnMmaD0T/z 8Feg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id a8si7831600qtm.54.2018.01.26.22.01.52; Fri, 26 Jan 2018 22:01:53 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id E1027617FC; Sat, 27 Jan 2018 06:01:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 27965616FE; Sat, 27 Jan 2018 06:00:28 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 2709461751; Sat, 27 Jan 2018 06:00:19 +0000 (UTC) Received: from forward105j.mail.yandex.net (forward105j.mail.yandex.net [5.45.198.248]) by lists.linaro.org (Postfix) with ESMTPS id 7B7AB6089D for ; Sat, 27 Jan 2018 06:00:14 +0000 (UTC) Received: from mxback9g.mail.yandex.net (mxback9g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:170]) by forward105j.mail.yandex.net (Yandex) with ESMTP id CD6F81841DB for ; Sat, 27 Jan 2018 09:00:12 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback9g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id A4JjsyxsGI-0CEK2BSR; Sat, 27 Jan 2018 09:00:12 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0CNqNsR1; Sat, 27 Jan 2018 09:00:12 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 08:59:56 +0300 Message-Id: <1517032810-971-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 2/16] api: crypto: add enumeration for AES-CCM X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Petri Savolainen Added enumerations for AES CCM authentication / encryption algorithm. Signed-off-by: Petri Savolainen --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ include/odp/api/spec/crypto.h | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index e4b0e8cef..b8c7b9d80 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -92,6 +92,15 @@ typedef enum { */ ODP_CIPHER_ALG_AES_GCM, + /** AES-CCM + * + * AES in Counter with CBC-MAC (CCM) mode algorithm. CCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_AUTH_ALG_AES_CCM authentication. + */ + ODP_CIPHER_ALG_AES_CCM, + /** @deprecated Use ODP_CIPHER_ALG_AES_CBC instead */ ODP_DEPRECATE(ODP_CIPHER_ALG_AES128_CBC), @@ -157,6 +166,15 @@ typedef enum { */ ODP_AUTH_ALG_AES_GMAC, + /** AES-CCM + * + * AES in Counter with CBC-MAC (CCM) mode algorithm. CCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_CIPHER_ALG_AES_CCM cipher. + */ + ODP_AUTH_ALG_AES_CCM, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96), @@ -192,6 +210,9 @@ typedef union odp_crypto_cipher_algos_t { /** ODP_CIPHER_ALG_AES_GCM */ uint32_t aes_gcm : 1; + /** ODP_CIPHER_ALG_AES_CCM */ + uint32_t aes_ccm : 1; + /** @deprecated Use aes_cbc instead */ uint32_t ODP_DEPRECATE(aes128_cbc) : 1; @@ -234,6 +255,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_GMAC*/ uint32_t aes_gmac : 1; + /** ODP_AUTH_ALG_AES_CCM */ + uint32_t aes_ccm : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1; From patchwork Sat Jan 27 05:59:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126027 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp841379ljd; Fri, 26 Jan 2018 22:02:34 -0800 (PST) X-Google-Smtp-Source: AH8x2244y02qtPAlIG9GXVtNwQEVlcsPF75aFpG24qyzMPD9VlTrkR/j7ClE6Z3980GXAlpwKbeE X-Received: by 10.55.217.20 with SMTP id u20mr23310527qki.52.1517032954149; Fri, 26 Jan 2018 22:02:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517032954; cv=none; d=google.com; s=arc-20160816; b=RTtHAX+R0LzsoEf+blvCIqA7WXWmFerSgycJCm4dOamh0rkIe6RDtZSY14iElOBSWr hh4I/KACloSwbJ5R9HOjgrxiAMFmVhYStl93xvJOjglYaX7ta6aRLZBv8PcwDINQ/LgK 2N5gN87scDv+TE/ypDavCIL04rVUMUrb6/1g1q7xmJhSSYSgB4/NePUNchWLs82nyytc EXf6tlSAh0/oJrwSZyO9I2cA9BH+iBPhqYOX5hEDv0kQdoKNMi7PUdKDL8aGkIFIdo5o C0gyQnSBqbMlyyZiSWvJlXbw1FIZ9Tc8r0EJdDrlQ1Nk7591M+3blWd2ujULmtYglRhu EFyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=ywZL8f9+kMCe1iiUpjUbPATzAHrRPDSVqczDaYOa3oo=; b=Hus5nity6XD+pUt/K2EH7nn2Auh45rxmDJYlWNijZs6Pkpjmqmul9AeXIhivBv7MX1 9Z1djnQZkNv5naRcEKbM/bosvt3AfE242zXvosj8DxsXm7LxxF55yJfpytq373oM+aRu HmrN50PRjBl+xa5Crh7YDotRcdODNhgutxrZMy9LfD2Vx80vGUrvdFx8ngiHKUg/xeHy thvFwz2OhRcUsUIOgmZEqJtiexo5Oa7/yLQlgjIxSmkOjPWu8DrKVdyX3UqRhPUIm/by ewejbT4eChitLOuXPJ2k21y6bkUgHuuj7wHXNPeaMkekptMbK8EuACMsehBHDQJNVp2r h/VA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id q27si5866716qkq.35.2018.01.26.22.02.33; Fri, 26 Jan 2018 22:02:34 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id C7EE161802; Sat, 27 Jan 2018 06:02:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 96C4D6099A; Sat, 27 Jan 2018 06:00:30 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id C6F376175B; Sat, 27 Jan 2018 06:00:19 +0000 (UTC) Received: from forward102o.mail.yandex.net (forward102o.mail.yandex.net [37.140.190.182]) by lists.linaro.org (Postfix) with ESMTPS id 003D26096B for ; Sat, 27 Jan 2018 06:00:15 +0000 (UTC) Received: from mxback13j.mail.yandex.net (mxback13j.mail.yandex.net [IPv6:2a02:6b8:0:1619::88]) by forward102o.mail.yandex.net (Yandex) with ESMTP id 847F15A0354D for ; Sat, 27 Jan 2018 09:00:13 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback13j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id hv7GLGAqWV-0DZal4lx; Sat, 27 Jan 2018 09:00:13 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0CNO64iQ; Sat, 27 Jan 2018 09:00:12 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 08:59:57 +0300 Message-Id: <1517032810-971-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 3/16] api: crypto: add enumeration for AES-CMAC X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Add enumeration for AES CMAC authentication algorithm. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ include/odp/api/spec/crypto.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index b8c7b9d80..421080c2b 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -175,6 +175,14 @@ typedef enum { */ ODP_AUTH_ALG_AES_CCM, + /** AES-CMAC + * + * AES Cipher-based Message Authentication Code (CMAC) algorithm. CMAC + * is a keyed hash function that is based on a symmetric key block + * cipher, such as the AES. + */ + ODP_AUTH_ALG_AES_CMAC, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96), @@ -258,6 +266,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_CCM */ uint32_t aes_ccm : 1; + /** ODP_AUTH_ALG_AES_CMAC*/ + uint32_t aes_cmac : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1; From patchwork Sat Jan 27 05:59:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126028 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp841643ljd; Fri, 26 Jan 2018 22:03:12 -0800 (PST) X-Google-Smtp-Source: AH8x225I8LqTZnquX/un2SUcl7sK4mf/qLgXME9rxry6/F19hLiVrd6HFxmX18MySz8l7z/muB7i X-Received: by 10.200.0.204 with SMTP id d12mr28139319qtg.336.1517032992305; Fri, 26 Jan 2018 22:03:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517032992; cv=none; d=google.com; s=arc-20160816; b=qUJ4KSzO8Darycy8+mv2GiMH916KrvxjiKrWfFLe5HBGEy6ExZ7dNYstbIkuhsAC3h zndTmgR7hP4lku1zgVxlrjE5vm+lY3zDMmrfE7L54KP7t7Yxdq+ytOdDUnUQmj1GnldH 6LoG83ecjs7noBveerV6mZqdt5XP65jrz+E9HZPwcYVA5lFh3t5Ds0dsHqv43OxzVUZO 9ZLJvQbT3y1uNOtfCQzPACr8XC/nOdhAvjPtV7otteWXJg8shzSmN2iww3hb2Jr5G+ja tWWrBi0JNUgjZfyq5Oy490Pgnrb4GH+pZk9ZpUfdA5git3fSBdbeR93T0BBB4qWIpVhY 1xBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=+4RQ8wQwo0MtQ9hVrHyGOnhb0GjQT3Lh4sAZr6xkwVM=; b=h907RcTl95yjDmlG4BtiBeikIAoAwj0b6H3afRfaRU967175EcFb2QGtuTXMt81RA0 h7RyUNrwztXpvneckqt0pw5vNpKHNeBbR18XU40LWbtu2iianuQJzsb3huaY2tgcOzce IXG9l/t1Iw9Bulu8xcfapX7Kn+dZNBKsuH3yXv7PZ+7LMEhtiZq16Lys+kZQLoKsXnjl zBeQgDNpZyMBDjS8k97ACXUtGcIFLEhZxzRghcCR4SiBKy8KZMU7wY7amwAtWLEqn3Vk SRGKZqIMrdmlxgXXb2i716AdEcdQNJKRUewc0Zn0ce070lWHoSPrYH3spN8zJq5YwRbP 1pgA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id x57si2497637qth.340.2018.01.26.22.03.11; Fri, 26 Jan 2018 22:03:12 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id D864F617D4; Sat, 27 Jan 2018 06:03:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 3C8F1617C4; Sat, 27 Jan 2018 06:00:42 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 94CDC61719; Sat, 27 Jan 2018 06:00:20 +0000 (UTC) Received: from forward100o.mail.yandex.net (forward100o.mail.yandex.net [37.140.190.180]) by lists.linaro.org (Postfix) with ESMTPS id A8D7D6099A for ; Sat, 27 Jan 2018 06:00:15 +0000 (UTC) Received: from mxback2g.mail.yandex.net (mxback2g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:163]) by forward100o.mail.yandex.net (Yandex) with ESMTP id 31D4A2A21713 for ; Sat, 27 Jan 2018 09:00:14 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback2g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 8op4EzGfk5-0Edux0iQ; Sat, 27 Jan 2018 09:00:14 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0DN0B7h9; Sat, 27 Jan 2018 09:00:13 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 08:59:58 +0300 Message-Id: <1517032810-971-5-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 4/16] api: crypto: add ChaCha20-Poly1305 support X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov ChaCha20-Poly1305 is a promising AEAD algorithm. Add decarations to support it. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ include/odp/api/spec/crypto.h | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 421080c2b..b7ab53620 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -101,6 +101,15 @@ typedef enum { */ ODP_CIPHER_ALG_AES_CCM, + /** ChaCha20-Poly1305 + * + * ChaCha20 with Poly1305 provide both authentication and ciphering of + * data (authenticated encryption) in the same operation. Hence this + * algorithm must be paired always with ODP_AUTH_ALG_CHACHA20_POLY1305 + * authentication. + */ + ODP_CIPHER_ALG_CHACHA20_POLY1305, + /** @deprecated Use ODP_CIPHER_ALG_AES_CBC instead */ ODP_DEPRECATE(ODP_CIPHER_ALG_AES128_CBC), @@ -183,6 +192,15 @@ typedef enum { */ ODP_AUTH_ALG_AES_CMAC, + /** ChaCha20-Poly1305 AEAD + * + * ChaCha20 with Poly1305 provide both authentication and ciphering of + * data (authenticated encryption) in the same operation. Hence this + * algorithm must be paired always with + * ODP_CIPHER_ALG_CHACHA20_POLY1305 cipher. + */ + ODP_AUTH_ALG_CHACHA20_POLY1305, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96), @@ -221,6 +239,9 @@ typedef union odp_crypto_cipher_algos_t { /** ODP_CIPHER_ALG_AES_CCM */ uint32_t aes_ccm : 1; + /** ODP_CIPHER_ALG_CHACHA20_POLY1305 */ + uint32_t chacha20_poly1305 : 1; + /** @deprecated Use aes_cbc instead */ uint32_t ODP_DEPRECATE(aes128_cbc) : 1; @@ -269,6 +290,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_CMAC*/ uint32_t aes_cmac : 1; + /** ODP_AUTH_ALG_CHACHA20_POLY1305 */ + uint32_t chacha20_poly1305 : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1; From patchwork Sat Jan 27 05:59:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126042 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp844284ljd; Fri, 26 Jan 2018 22:09:33 -0800 (PST) X-Google-Smtp-Source: AH8x224v0PnmlS1i3XV905xlSJD/MjpsBDVH2YzjLUUzjurHkFyUxbJJQnDOEMLt97CHnarzDkze X-Received: by 10.55.150.6 with SMTP id y6mr23466169qkd.155.1517033372939; Fri, 26 Jan 2018 22:09:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033372; cv=none; d=google.com; s=arc-20160816; b=CCtoPKv5C6mnQ8syXdRm8vj+qz360NPc2AJM7g30aW7oKOdXHTZGwRf51v9uUrHDBv U9RIDP+QYYxlUxfZoy108Q9jhv7Q/4r1NXgHQlRdLxN7e3exONlnWoF6EiL+AFHSkCFG gycz8D2dNrTV3q/TQjK2d3yBRY0nzdlh566DA9XF/BhlWp2jhymKGnAJLg8plUsvExwU D6XUz8K88iJcOid2twvnTcJcazX8G4SZDHvPDvzIrtBP6yCZm2jyFu4nNmIRWoqDqPwM dhgNJ7beNk1+2qM5t1nTVnN0UVvC2jbb+66U7za30drfTKgAiKDBnUqxX6OoUjqavCv5 qZ0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=TGL6c63sQ12mHKETBD9RVN5MIbK29uejP72jNMgpYbA=; b=Ioq9+90CzX+mt5e/EXl1Evzmi8toT+xUEEsWF2okOfe2Berw05V88/NKuAaT6wettk 9n+/6QW9JbeaRa6JFcR+vUejHUnBbEttrVoPrGGWLPyhz/9gifPZk1hNpA+YOtej33vJ 8iL2cw2W4qZUik8EOpoO5SC2Awbrl1+ZXw+aTZ5r5S7nlmXbyPh/x+R8fl3/TNvYGeGp 8Hf7DYiy1CiU3/oj/bDbka5pgxjALrpu2LuArN6FPACZK3U3v1O8g3qu4NIPZx7e/Oeo pMFikLbu6PePO8hSHVopcvidKTYgGg1vcZ/87T13s6lXIyqWy1vTg8HCspOTECovffto RC0g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id m124si6625207qkc.128.2018.01.26.22.09.32; Fri, 26 Jan 2018 22:09:32 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 8801F617DF; Sat, 27 Jan 2018 06:09:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 4515B617ED; Sat, 27 Jan 2018 06:01:34 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id E0391617DE; Sat, 27 Jan 2018 06:00:47 +0000 (UTC) Received: from forward105p.mail.yandex.net (forward105p.mail.yandex.net [77.88.28.108]) by lists.linaro.org (Postfix) with ESMTPS id 5EC5F6072B for ; Sat, 27 Jan 2018 06:00:17 +0000 (UTC) Received: from mxback18j.mail.yandex.net (mxback18j.mail.yandex.net [IPv6:2a02:6b8:0:1619::94]) by forward105p.mail.yandex.net (Yandex) with ESMTP id AC9174083D3E for ; Sat, 27 Jan 2018 09:00:15 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback18j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id hyHyY9aYS3-0FZm5KAN; Sat, 27 Jan 2018 09:00:15 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0ENSwS1W; Sat, 27 Jan 2018 09:00:14 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 08:59:59 +0300 Message-Id: <1517032810-971-6-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 5/16] validation: crypto: use unix file format X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Merge f925f103c90591776f73863d30159357b08bf71e changed EOL to DOS convention in this file. Change it back. Fixes: f925f103c90591776f73863d30159357b08bf71e Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 2592 +++++++++++----------- 1 file changed, 1296 insertions(+), 1296 deletions(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 1d92c6568..2b0ba1cd9 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -1,1296 +1,1296 @@ -/* Copyright (c) 2014-2018, Linaro Limited - * All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include "config.h" - -#include -#include -#include -#include "test_vectors.h" -#include "odp_crypto_test_inp.h" -#include "crypto.h" - -#define MAX_ALG_CAPA 32 - -struct suite_context_s { - odp_bool_t packet; - odp_crypto_op_mode_t op_mode; - odp_crypto_op_mode_t pref_mode; - odp_pool_t pool; - odp_queue_t queue; -}; - -static struct suite_context_s suite_context; - -static int packet_cmp_mem(odp_packet_t pkt, uint32_t offset, - void *s, uint32_t len) -{ - uint8_t buf[len]; - - odp_packet_copy_to_mem(pkt, offset, len, buf); - - return memcmp(buf, s, len); -} - -static const char *auth_alg_name(odp_auth_alg_t auth) -{ - switch (auth) { - case ODP_AUTH_ALG_NULL: - return "ODP_AUTH_ALG_NULL"; - case ODP_AUTH_ALG_MD5_HMAC: - return "ODP_AUTH_ALG_MD5_HMAC"; - case ODP_AUTH_ALG_SHA1_HMAC: - return "ODP_AUTH_ALG_SHA1_HMAC"; - case ODP_AUTH_ALG_SHA256_HMAC: - return "ODP_AUTH_ALG_SHA256_HMAC"; - case ODP_AUTH_ALG_SHA512_HMAC: - return "ODP_AUTH_ALG_SHA512_HMAC"; - case ODP_AUTH_ALG_AES_GCM: - return "ODP_AUTH_ALG_AES_GCM"; - case ODP_AUTH_ALG_AES_GMAC: - return "ODP_AUTH_ALG_AES_GMAC"; - default: - return "Unknown"; - } -} - -static const char *cipher_alg_name(odp_cipher_alg_t cipher) -{ - switch (cipher) { - case ODP_CIPHER_ALG_NULL: - return "ODP_CIPHER_ALG_NULL"; - case ODP_CIPHER_ALG_DES: - return "ODP_CIPHER_ALG_DES"; - case ODP_CIPHER_ALG_3DES_CBC: - return "ODP_CIPHER_ALG_3DES_CBC"; - case ODP_CIPHER_ALG_AES_CBC: - return "ODP_CIPHER_ALG_AES_CBC"; - case ODP_CIPHER_ALG_AES_GCM: - return "ODP_CIPHER_ALG_AES_GCM"; - default: - return "Unknown"; - } -} - -static int alg_op(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_crypto_op_result_t result; - odp_crypto_op_param_t op_params; - odp_bool_t posted; - odp_event_subtype_t subtype; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - op_params.pkt = pkt; - op_params.out_pkt = pkt; - op_params.ctx = (void *)0xdeadbeef; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_operation(&op_params, &posted, &result); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_operation()"); - return rc; - } - - if (posted) { - odp_event_t event; - odp_crypto_compl_t compl_event; - - /* Poll completion queue for results */ - do { - event = odp_queue_deq(suite_context.queue); - } while (event == ODP_EVENT_INVALID); - - CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == odp_event_type(event)); - CU_ASSERT(ODP_EVENT_NO_SUBTYPE == odp_event_subtype(event)); - CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == - odp_event_types(event, &subtype)); - CU_ASSERT(ODP_EVENT_NO_SUBTYPE == subtype); - - compl_event = odp_crypto_compl_from_event(event); - CU_ASSERT(odp_crypto_compl_to_u64(compl_event) == - odp_crypto_compl_to_u64( - odp_crypto_compl_from_event(event))); - odp_crypto_compl_result(compl_event, &result); - odp_crypto_compl_free(compl_event); - } - - CU_ASSERT(result.pkt == pkt); - CU_ASSERT(result.ctx == (void *)0xdeadbeef); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(result.pkt))); - CU_ASSERT(ODP_EVENT_PACKET_BASIC == - odp_event_subtype(odp_packet_to_event(result.pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(result.pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_BASIC == subtype); - - *ok = result.ok; - - return 0; -} - -static int alg_packet_op(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_crypto_packet_result_t result; - odp_crypto_packet_op_param_t op_params; - odp_event_subtype_t subtype; - odp_packet_t out_pkt = pkt; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_op(&pkt, &out_pkt, &op_params, 1); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_op()"); - return rc; - } - - CU_ASSERT(out_pkt == pkt); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == - odp_event_subtype(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - rc = odp_crypto_result(&result, pkt); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_result()"); - return rc; - } - - if (!result.ok) - CU_ASSERT(odp_packet_has_error(pkt)); - - *ok = result.ok; - - return 0; -} - -static int alg_packet_op_enq(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_event_t event; - odp_crypto_packet_result_t result; - odp_crypto_packet_op_param_t op_params; - odp_event_subtype_t subtype; - odp_packet_t out_pkt = pkt; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_op_enq(&pkt, &pkt, &op_params, 1); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_op_enq()"); - return rc; - } - - /* Poll completion queue for results */ - do { - event = odp_queue_deq(suite_context.queue); - } while (event == ODP_EVENT_INVALID); - - CU_ASSERT(ODP_EVENT_PACKET == odp_event_type(event)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == odp_event_subtype(event)); - CU_ASSERT(ODP_EVENT_PACKET == odp_event_types(event, &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - pkt = odp_crypto_packet_from_event(event); - - CU_ASSERT(out_pkt == pkt); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == - odp_event_subtype(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - rc = odp_crypto_result(&result, pkt); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_result()"); - return rc; - } - - CU_ASSERT((!odp_packet_has_error(pkt)) == result.ok); - - *ok = result.ok; - - return 0; -} - -typedef enum crypto_test { - NORMAL_TEST = 0, /**< Plain execution */ - REPEAT_TEST, /**< Rerun without reinitializing the session */ - WRONG_DIGEST_TEST, /**< Check against wrong digest */ - MAX_TEST, /**< Final mark */ -} crypto_test; - -/* Basic algorithm run function for async inplace mode. - * Creates a session from input parameters and runs one operation - * on input_vec. Checks the output of the crypto operation against - * output_vec. Operation completion event is dequeued polling the - * session output queue. Completion context pointer is retrieved - * and checked against the one set before the operation. - * Completion event can be a separate buffer or the input packet - * buffer can be used. - * */ -static void alg_test(odp_crypto_op_t op, - odp_cipher_alg_t cipher_alg, - odp_auth_alg_t auth_alg, - crypto_test_reference_t *ref, - odp_bool_t ovr_iv) -{ - odp_crypto_session_t session; - int rc; - odp_crypto_ses_create_err_t status; - odp_bool_t ok = false; - int iteration; - odp_crypto_session_param_t ses_params; - odp_packet_data_range_t cipher_range; - odp_packet_data_range_t auth_range; - odp_crypto_key_t cipher_key = { - .data = ref->cipher_key, - .length = ref->cipher_key_length - }; - odp_crypto_key_t auth_key = { - .data = ref->auth_key, - .length = ref->auth_key_length - }; - odp_crypto_iv_t cipher_iv = { - .data = ovr_iv ? NULL : ref->cipher_iv, - .length = ref->cipher_iv_length - }; - odp_crypto_iv_t auth_iv = { - .data = ovr_iv ? NULL : ref->auth_iv, - .length = ref->auth_iv_length - }; - - /* Create a crypto session */ - odp_crypto_session_param_init(&ses_params); - ses_params.op = op; - ses_params.auth_cipher_text = false; - ses_params.op_mode = suite_context.op_mode; - ses_params.pref_mode = suite_context.pref_mode; - ses_params.cipher_alg = cipher_alg; - ses_params.auth_alg = auth_alg; - ses_params.compl_queue = suite_context.queue; - ses_params.output_pool = suite_context.pool; - ses_params.cipher_key = cipher_key; - ses_params.cipher_iv = cipher_iv; - ses_params.auth_iv = auth_iv; - ses_params.auth_key = auth_key; - ses_params.auth_digest_len = ref->digest_length; - ses_params.auth_aad_len = ref->aad_length; - - rc = odp_crypto_session_create(&ses_params, &session, &status); - CU_ASSERT_FATAL(!rc); - CU_ASSERT(status == ODP_CRYPTO_SES_CREATE_ERR_NONE); - CU_ASSERT(odp_crypto_session_to_u64(session) != - odp_crypto_session_to_u64(ODP_CRYPTO_SESSION_INVALID)); - - cipher_range.offset = 0; - cipher_range.length = ref->length; - auth_range.offset = 0; - auth_range.length = ref->length; - - /* Prepare input data */ - odp_packet_t pkt = odp_packet_alloc(suite_context.pool, - ref->length + ref->digest_length); - CU_ASSERT(pkt != ODP_PACKET_INVALID); - if (pkt == ODP_PACKET_INVALID) - goto cleanup; - - for (iteration = NORMAL_TEST; iteration < MAX_TEST; iteration++) { - /* checking against wrong digest is meaningless for NULL digest - * or when generating digest */ - if (iteration == WRONG_DIGEST_TEST && - (auth_alg == ODP_AUTH_ALG_NULL || - op == ODP_CRYPTO_OP_ENCODE)) - continue; - - if (op == ODP_CRYPTO_OP_ENCODE) { - odp_packet_copy_from_mem(pkt, 0, ref->length, - ref->plaintext); - } else { - odp_packet_copy_from_mem(pkt, 0, ref->length, - ref->ciphertext); - odp_packet_copy_from_mem(pkt, ref->length, - ref->digest_length, - ref->digest); - if (iteration == WRONG_DIGEST_TEST) { - uint8_t byte = ~ref->digest[0]; - - odp_packet_copy_from_mem(pkt, ref->length, - 1, &byte); - } - } - - if (!suite_context.packet) - rc = alg_op(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - else if (ODP_CRYPTO_ASYNC == suite_context.op_mode) - rc = alg_packet_op_enq(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - else - rc = alg_packet_op(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - if (rc < 0) - break; - - if (iteration == WRONG_DIGEST_TEST) { - CU_ASSERT(!ok); - continue; - } - - CU_ASSERT(ok); - - if (op == ODP_CRYPTO_OP_ENCODE) { - CU_ASSERT(!packet_cmp_mem(pkt, 0, - ref->ciphertext, - ref->length)); - CU_ASSERT(!packet_cmp_mem(pkt, ref->length, - ref->digest, - ref->digest_length)); - } else { - CU_ASSERT(!packet_cmp_mem(pkt, 0, - ref->plaintext, - ref->length)); - } - } - - odp_packet_free(pkt); - -cleanup: - rc = odp_crypto_session_destroy(session); - CU_ASSERT(!rc); -} - -static void check_alg(odp_crypto_op_t op, - odp_cipher_alg_t cipher_alg, - odp_auth_alg_t auth_alg, - crypto_test_reference_t *ref, - size_t count, - odp_bool_t ovr_iv) -{ - odp_crypto_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; - int rc, cipher_num, auth_num, i; - odp_bool_t cipher_tested[MAX_ALG_CAPA]; - odp_bool_t auth_tested[MAX_ALG_CAPA]; - odp_bool_t cipher_ok = false; - odp_bool_t auth_ok = false; - size_t idx; - - rc = odp_crypto_capability(&capa); - CU_ASSERT(!rc); - - if (cipher_alg == ODP_CIPHER_ALG_3DES_CBC && - !(capa.ciphers.bit.trides_cbc)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_CBC && - !(capa.ciphers.bit.aes_cbc)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_CTR && - !(capa.ciphers.bit.aes_ctr)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && - !(capa.ciphers.bit.aes_gcm)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_DES && - !(capa.ciphers.bit.des)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_NULL && - !(capa.ciphers.bit.null)) - rc = -1; - - CU_ASSERT(!rc); - CU_ASSERT((~capa.ciphers.all_bits & capa.hw_ciphers.all_bits) == 0); - - if (auth_alg == ODP_AUTH_ALG_AES_GCM && - !(capa.auths.bit.aes_gcm)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_AES_GMAC && - !(capa.auths.bit.aes_gmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && - !(capa.auths.bit.md5_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_NULL && - !(capa.auths.bit.null)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && - !(capa.auths.bit.sha1_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && - !(capa.auths.bit.sha256_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && - !(capa.auths.bit.sha512_hmac)) - rc = -1; - - CU_ASSERT(!rc); - CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); - - cipher_num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, - MAX_ALG_CAPA); - - CU_ASSERT(cipher_num > 0); - CU_ASSERT(cipher_num <= MAX_ALG_CAPA); - if (cipher_num > MAX_ALG_CAPA) - cipher_num = MAX_ALG_CAPA; - - auth_num = odp_crypto_auth_capability(auth_alg, auth_capa, - MAX_ALG_CAPA); - - CU_ASSERT(auth_num > 0); - CU_ASSERT(auth_num <= MAX_ALG_CAPA); - if (auth_num > MAX_ALG_CAPA) - auth_num = MAX_ALG_CAPA; - - memset(cipher_tested, 0, sizeof(cipher_tested)); - memset(auth_tested, 0, sizeof(auth_tested)); - - for (idx = 0; idx < count; idx++) { - int cipher_idx = -1, auth_idx = -1; - - for (i = 0; i < cipher_num; i++) { - if (cipher_capa[i].key_len == - ref[idx].cipher_key_length && - cipher_capa[i].iv_len == - ref[idx].cipher_iv_length) { - cipher_idx = i; - break; - } - } - - if (cipher_idx < 0) { - printf("\n Unsupported: alg=%s, key_len=%" PRIu32 - ", iv_len=%" PRIu32 "\n", - cipher_alg_name(cipher_alg), - ref[idx].cipher_key_length, - ref[idx].cipher_iv_length); - continue; - } - - for (i = 0; i < auth_num; i++) { - if (auth_capa[i].digest_len == - ref[idx].digest_length && - auth_capa[i].iv_len == - ref[idx].auth_iv_length && - auth_capa[i].key_len == - ref[idx].auth_key_length) { - auth_idx = i; - break; - } - } - - if (auth_idx < 0) { - printf("\n Unsupported: alg=%s, key_len=%" PRIu32 - ", iv_len=%" PRIu32 ", digest_len=%" PRIu32 "\n", - auth_alg_name(auth_alg), - ref[idx].auth_key_length, - ref[idx].auth_iv_length, - ref[idx].digest_length); - continue; - } - - alg_test(op, cipher_alg, auth_alg, &ref[idx], ovr_iv); - - cipher_tested[cipher_idx] = true; - auth_tested[auth_idx] = true; - } - - for (i = 0; i < cipher_num; i++) { - cipher_ok |= cipher_tested[i]; - if (!cipher_tested[i]) { - /* GMAC-related hacks */ - if (cipher_alg == ODP_CIPHER_ALG_NULL) - continue; - printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " - "iv_len=%" PRIu32 "\n", - cipher_alg_name(cipher_alg), - cipher_capa[i].key_len, - cipher_capa[i].iv_len); - } - } - - for (i = 0; i < auth_num; i++) { - auth_ok |= auth_tested[i]; - if (!auth_tested[i]) - printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " - "digest_len=%" PRIu32 "\n", - auth_alg_name(auth_alg), - auth_capa[i].key_len, - auth_capa[i].digest_len); - } - - /* Verify that we were able to run at least several tests */ - CU_ASSERT(cipher_ok); - CU_ASSERT(auth_ok); -} - -/** - * Check if given cipher and authentication algorithms are supported - * - * @param cipher Cipher algorithm - * @param auth Authentication algorithm - * - * @retval ODP_TEST_ACTIVE when both algorithms are supported - * @retval ODP_TEST_INACTIVE when either algorithm is not supported - */ -static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) -{ - odp_crypto_capability_t capability; - - if (odp_crypto_capability(&capability)) - return ODP_TEST_INACTIVE; - - if (suite_context.packet) { - if (suite_context.op_mode == ODP_CRYPTO_SYNC && - capability.sync_mode == ODP_SUPPORT_NO) - return ODP_TEST_INACTIVE; - if (suite_context.op_mode == ODP_CRYPTO_ASYNC && - capability.async_mode == ODP_SUPPORT_NO) - return ODP_TEST_INACTIVE; - } - - /* Cipher algorithms */ - switch (cipher) { - case ODP_CIPHER_ALG_NULL: - if (!capability.ciphers.bit.null) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_DES: - if (!capability.ciphers.bit.des) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_3DES_CBC: - if (!capability.ciphers.bit.trides_cbc) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_CBC: - if (!capability.ciphers.bit.aes_cbc) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_CTR: - if (!capability.ciphers.bit.aes_ctr) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_GCM: - if (!capability.ciphers.bit.aes_gcm) - return ODP_TEST_INACTIVE; - break; - default: - fprintf(stderr, "Unsupported cipher algorithm\n"); - return ODP_TEST_INACTIVE; - } - - /* Authentication algorithms */ - switch (auth) { - case ODP_AUTH_ALG_NULL: - if (!capability.auths.bit.null) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_MD5_HMAC: - if (!capability.auths.bit.md5_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - if (!capability.auths.bit.sha1_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA256_HMAC: - if (!capability.auths.bit.sha256_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - if (!capability.auths.bit.sha512_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_AES_GCM: - if (!capability.auths.bit.aes_gcm) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_AES_GMAC: - if (!capability.auths.bit.aes_gmac) - return ODP_TEST_INACTIVE; - break; - default: - fprintf(stderr, "Unsupported authentication algorithm\n"); - return ODP_TEST_INACTIVE; - } - - return ODP_TEST_ACTIVE; -} - -static int check_alg_null(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); -} - -#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) -static void crypto_test_enc_alg_null(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_NULL, - null_reference, - ARRAY_SIZE(null_reference), - false); -} - -static void crypto_test_dec_alg_null(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_NULL, - null_reference, - ARRAY_SIZE(null_reference), - false); -} - -static int check_alg_3des_cbc(void) -{ - return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_3des_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for 3DES_CBC algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_3des_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_3des_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - true); -} - -static int check_alg_aes_gcm(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_GCM algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_gcm(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_GCM algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_gcm_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_gcm(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - true); -} - -static int check_alg_aes_cbc(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CBC algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_aes_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - true); -} - -static int check_alg_aes_ctr(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_CTR, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_ctr(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CTR algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_aes_ctr_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_ctr(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_ctr_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - true); -} - -static int check_alg_hmac_md5(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_MD5_HMAC); -} - -/* This test verifies the correctness of HMAC_MD5 digest operation. - * The output check length is truncated to 12 bytes (96 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_md5(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_MD5_HMAC, - hmac_md5_reference, - ARRAY_SIZE(hmac_md5_reference), - false); -} - -static void crypto_test_check_alg_hmac_md5(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_MD5_HMAC, - hmac_md5_reference, - ARRAY_SIZE(hmac_md5_reference), - false); -} - -static int check_alg_hmac_sha1(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA1 digest operation. - * The output check length is truncated to 12 bytes (96 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha1(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA1_HMAC, - hmac_sha1_reference, - ARRAY_SIZE(hmac_sha1_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha1(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA1_HMAC, - hmac_sha1_reference, - ARRAY_SIZE(hmac_sha1_reference), - false); -} - -static int check_alg_hmac_sha256(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA256 digest operation. - * The output check length is truncated to 16 bytes (128 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha256(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA256_HMAC, - hmac_sha256_reference, - ARRAY_SIZE(hmac_sha256_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha256(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA256_HMAC, - hmac_sha256_reference, - ARRAY_SIZE(hmac_sha256_reference), - false); -} - -static int check_alg_hmac_sha512(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA512 digest operation. - * The output check length is truncated to 32 bytes (256 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha512(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA512_HMAC, - hmac_sha512_reference, - ARRAY_SIZE(hmac_sha512_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha512(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA512_HMAC, - hmac_sha512_reference, - ARRAY_SIZE(hmac_sha512_reference), - false); -} - -static int check_alg_aes_gmac(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC); -} - -static void crypto_test_gen_alg_aes_gmac(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - aes_gmac_reference, - ARRAY_SIZE(aes_gmac_reference), - false); -} - -static void crypto_test_gen_alg_aes_gmac_ovr_iv(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - alg_test(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - &aes_gmac_reference[i], - true); -} - -static void crypto_test_check_alg_aes_gmac(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - aes_gmac_reference, - ARRAY_SIZE(aes_gmac_reference), - false); -} - -static void crypto_test_check_alg_aes_gmac_ovr_iv(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - alg_test(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - &aes_gmac_reference[i], - true); -} - -int crypto_suite_sync_init(void) -{ - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = ODP_QUEUE_INVALID; - suite_context.pref_mode = ODP_CRYPTO_SYNC; - return 0; -} - -int crypto_suite_async_init(void) -{ - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - suite_context.queue = odp_queue_lookup("crypto-out"); - if (suite_context.queue == ODP_QUEUE_INVALID) - return -1; - - suite_context.pref_mode = ODP_CRYPTO_ASYNC; - return 0; -} - -int crypto_suite_packet_sync_init(void) -{ - suite_context.packet = true; - suite_context.op_mode = ODP_CRYPTO_SYNC; - - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = ODP_QUEUE_INVALID; - return 0; -} - -int crypto_suite_packet_async_init(void) -{ - suite_context.packet = true; - suite_context.op_mode = ODP_CRYPTO_ASYNC; - - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = odp_queue_lookup("crypto-out"); - if (suite_context.queue == ODP_QUEUE_INVALID) - return -1; - return 0; -} - -odp_testinfo_t crypto_suite[] = { - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, - check_alg_null), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, - check_alg_null), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc_ovr_iv, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc_ovr_iv, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc_ovr_iv, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc_ovr_iv, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr_ovr_iv, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr_ovr_iv, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm_ovr_iv, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, - check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, - check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, - check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, - check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, - check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, - check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, - check_alg_hmac_sha512), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, - check_alg_hmac_sha512), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac_ovr_iv, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, - check_alg_aes_gmac), - ODP_TEST_INFO_NULL, -}; - -int crypto_suite_term(void) -{ - int i; - int first = 1; - - for (i = 0; crypto_suite[i].pName; i++) { - if (crypto_suite[i].check_active && - crypto_suite[i].check_active() == ODP_TEST_INACTIVE) { - if (first) { - first = 0; - printf("\n\n Inactive tests:\n"); - } - printf(" %s\n", crypto_suite[i].pName); - } - } - return 0; -} +/* Copyright (c) 2014-2018, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include "config.h" + +#include +#include +#include +#include "test_vectors.h" +#include "odp_crypto_test_inp.h" +#include "crypto.h" + +#define MAX_ALG_CAPA 32 + +struct suite_context_s { + odp_bool_t packet; + odp_crypto_op_mode_t op_mode; + odp_crypto_op_mode_t pref_mode; + odp_pool_t pool; + odp_queue_t queue; +}; + +static struct suite_context_s suite_context; + +static int packet_cmp_mem(odp_packet_t pkt, uint32_t offset, + void *s, uint32_t len) +{ + uint8_t buf[len]; + + odp_packet_copy_to_mem(pkt, offset, len, buf); + + return memcmp(buf, s, len); +} + +static const char *auth_alg_name(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return "ODP_AUTH_ALG_NULL"; + case ODP_AUTH_ALG_MD5_HMAC: + return "ODP_AUTH_ALG_MD5_HMAC"; + case ODP_AUTH_ALG_SHA1_HMAC: + return "ODP_AUTH_ALG_SHA1_HMAC"; + case ODP_AUTH_ALG_SHA256_HMAC: + return "ODP_AUTH_ALG_SHA256_HMAC"; + case ODP_AUTH_ALG_SHA512_HMAC: + return "ODP_AUTH_ALG_SHA512_HMAC"; + case ODP_AUTH_ALG_AES_GCM: + return "ODP_AUTH_ALG_AES_GCM"; + case ODP_AUTH_ALG_AES_GMAC: + return "ODP_AUTH_ALG_AES_GMAC"; + default: + return "Unknown"; + } +} + +static const char *cipher_alg_name(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return "ODP_CIPHER_ALG_NULL"; + case ODP_CIPHER_ALG_DES: + return "ODP_CIPHER_ALG_DES"; + case ODP_CIPHER_ALG_3DES_CBC: + return "ODP_CIPHER_ALG_3DES_CBC"; + case ODP_CIPHER_ALG_AES_CBC: + return "ODP_CIPHER_ALG_AES_CBC"; + case ODP_CIPHER_ALG_AES_GCM: + return "ODP_CIPHER_ALG_AES_GCM"; + default: + return "Unknown"; + } +} + +static int alg_op(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_crypto_op_result_t result; + odp_crypto_op_param_t op_params; + odp_bool_t posted; + odp_event_subtype_t subtype; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + op_params.pkt = pkt; + op_params.out_pkt = pkt; + op_params.ctx = (void *)0xdeadbeef; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_operation(&op_params, &posted, &result); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_operation()"); + return rc; + } + + if (posted) { + odp_event_t event; + odp_crypto_compl_t compl_event; + + /* Poll completion queue for results */ + do { + event = odp_queue_deq(suite_context.queue); + } while (event == ODP_EVENT_INVALID); + + CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == odp_event_type(event)); + CU_ASSERT(ODP_EVENT_NO_SUBTYPE == odp_event_subtype(event)); + CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == + odp_event_types(event, &subtype)); + CU_ASSERT(ODP_EVENT_NO_SUBTYPE == subtype); + + compl_event = odp_crypto_compl_from_event(event); + CU_ASSERT(odp_crypto_compl_to_u64(compl_event) == + odp_crypto_compl_to_u64( + odp_crypto_compl_from_event(event))); + odp_crypto_compl_result(compl_event, &result); + odp_crypto_compl_free(compl_event); + } + + CU_ASSERT(result.pkt == pkt); + CU_ASSERT(result.ctx == (void *)0xdeadbeef); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(result.pkt))); + CU_ASSERT(ODP_EVENT_PACKET_BASIC == + odp_event_subtype(odp_packet_to_event(result.pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(result.pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_BASIC == subtype); + + *ok = result.ok; + + return 0; +} + +static int alg_packet_op(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_crypto_packet_result_t result; + odp_crypto_packet_op_param_t op_params; + odp_event_subtype_t subtype; + odp_packet_t out_pkt = pkt; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_op(&pkt, &out_pkt, &op_params, 1); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_op()"); + return rc; + } + + CU_ASSERT(out_pkt == pkt); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == + odp_event_subtype(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + rc = odp_crypto_result(&result, pkt); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_result()"); + return rc; + } + + if (!result.ok) + CU_ASSERT(odp_packet_has_error(pkt)); + + *ok = result.ok; + + return 0; +} + +static int alg_packet_op_enq(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_event_t event; + odp_crypto_packet_result_t result; + odp_crypto_packet_op_param_t op_params; + odp_event_subtype_t subtype; + odp_packet_t out_pkt = pkt; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_op_enq(&pkt, &pkt, &op_params, 1); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_op_enq()"); + return rc; + } + + /* Poll completion queue for results */ + do { + event = odp_queue_deq(suite_context.queue); + } while (event == ODP_EVENT_INVALID); + + CU_ASSERT(ODP_EVENT_PACKET == odp_event_type(event)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == odp_event_subtype(event)); + CU_ASSERT(ODP_EVENT_PACKET == odp_event_types(event, &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + pkt = odp_crypto_packet_from_event(event); + + CU_ASSERT(out_pkt == pkt); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == + odp_event_subtype(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + rc = odp_crypto_result(&result, pkt); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_result()"); + return rc; + } + + CU_ASSERT((!odp_packet_has_error(pkt)) == result.ok); + + *ok = result.ok; + + return 0; +} + +typedef enum crypto_test { + NORMAL_TEST = 0, /**< Plain execution */ + REPEAT_TEST, /**< Rerun without reinitializing the session */ + WRONG_DIGEST_TEST, /**< Check against wrong digest */ + MAX_TEST, /**< Final mark */ +} crypto_test; + +/* Basic algorithm run function for async inplace mode. + * Creates a session from input parameters and runs one operation + * on input_vec. Checks the output of the crypto operation against + * output_vec. Operation completion event is dequeued polling the + * session output queue. Completion context pointer is retrieved + * and checked against the one set before the operation. + * Completion event can be a separate buffer or the input packet + * buffer can be used. + * */ +static void alg_test(odp_crypto_op_t op, + odp_cipher_alg_t cipher_alg, + odp_auth_alg_t auth_alg, + crypto_test_reference_t *ref, + odp_bool_t ovr_iv) +{ + odp_crypto_session_t session; + int rc; + odp_crypto_ses_create_err_t status; + odp_bool_t ok = false; + int iteration; + odp_crypto_session_param_t ses_params; + odp_packet_data_range_t cipher_range; + odp_packet_data_range_t auth_range; + odp_crypto_key_t cipher_key = { + .data = ref->cipher_key, + .length = ref->cipher_key_length + }; + odp_crypto_key_t auth_key = { + .data = ref->auth_key, + .length = ref->auth_key_length + }; + odp_crypto_iv_t cipher_iv = { + .data = ovr_iv ? NULL : ref->cipher_iv, + .length = ref->cipher_iv_length + }; + odp_crypto_iv_t auth_iv = { + .data = ovr_iv ? NULL : ref->auth_iv, + .length = ref->auth_iv_length + }; + + /* Create a crypto session */ + odp_crypto_session_param_init(&ses_params); + ses_params.op = op; + ses_params.auth_cipher_text = false; + ses_params.op_mode = suite_context.op_mode; + ses_params.pref_mode = suite_context.pref_mode; + ses_params.cipher_alg = cipher_alg; + ses_params.auth_alg = auth_alg; + ses_params.compl_queue = suite_context.queue; + ses_params.output_pool = suite_context.pool; + ses_params.cipher_key = cipher_key; + ses_params.cipher_iv = cipher_iv; + ses_params.auth_iv = auth_iv; + ses_params.auth_key = auth_key; + ses_params.auth_digest_len = ref->digest_length; + ses_params.auth_aad_len = ref->aad_length; + + rc = odp_crypto_session_create(&ses_params, &session, &status); + CU_ASSERT_FATAL(!rc); + CU_ASSERT(status == ODP_CRYPTO_SES_CREATE_ERR_NONE); + CU_ASSERT(odp_crypto_session_to_u64(session) != + odp_crypto_session_to_u64(ODP_CRYPTO_SESSION_INVALID)); + + cipher_range.offset = 0; + cipher_range.length = ref->length; + auth_range.offset = 0; + auth_range.length = ref->length; + + /* Prepare input data */ + odp_packet_t pkt = odp_packet_alloc(suite_context.pool, + ref->length + ref->digest_length); + CU_ASSERT(pkt != ODP_PACKET_INVALID); + if (pkt == ODP_PACKET_INVALID) + goto cleanup; + + for (iteration = NORMAL_TEST; iteration < MAX_TEST; iteration++) { + /* checking against wrong digest is meaningless for NULL digest + * or when generating digest */ + if (iteration == WRONG_DIGEST_TEST && + (auth_alg == ODP_AUTH_ALG_NULL || + op == ODP_CRYPTO_OP_ENCODE)) + continue; + + if (op == ODP_CRYPTO_OP_ENCODE) { + odp_packet_copy_from_mem(pkt, 0, ref->length, + ref->plaintext); + } else { + odp_packet_copy_from_mem(pkt, 0, ref->length, + ref->ciphertext); + odp_packet_copy_from_mem(pkt, ref->length, + ref->digest_length, + ref->digest); + if (iteration == WRONG_DIGEST_TEST) { + uint8_t byte = ~ref->digest[0]; + + odp_packet_copy_from_mem(pkt, ref->length, + 1, &byte); + } + } + + if (!suite_context.packet) + rc = alg_op(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + else if (ODP_CRYPTO_ASYNC == suite_context.op_mode) + rc = alg_packet_op_enq(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + else + rc = alg_packet_op(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + if (rc < 0) + break; + + if (iteration == WRONG_DIGEST_TEST) { + CU_ASSERT(!ok); + continue; + } + + CU_ASSERT(ok); + + if (op == ODP_CRYPTO_OP_ENCODE) { + CU_ASSERT(!packet_cmp_mem(pkt, 0, + ref->ciphertext, + ref->length)); + CU_ASSERT(!packet_cmp_mem(pkt, ref->length, + ref->digest, + ref->digest_length)); + } else { + CU_ASSERT(!packet_cmp_mem(pkt, 0, + ref->plaintext, + ref->length)); + } + } + + odp_packet_free(pkt); + +cleanup: + rc = odp_crypto_session_destroy(session); + CU_ASSERT(!rc); +} + +static void check_alg(odp_crypto_op_t op, + odp_cipher_alg_t cipher_alg, + odp_auth_alg_t auth_alg, + crypto_test_reference_t *ref, + size_t count, + odp_bool_t ovr_iv) +{ + odp_crypto_capability_t capa; + odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + int rc, cipher_num, auth_num, i; + odp_bool_t cipher_tested[MAX_ALG_CAPA]; + odp_bool_t auth_tested[MAX_ALG_CAPA]; + odp_bool_t cipher_ok = false; + odp_bool_t auth_ok = false; + size_t idx; + + rc = odp_crypto_capability(&capa); + CU_ASSERT(!rc); + + if (cipher_alg == ODP_CIPHER_ALG_3DES_CBC && + !(capa.ciphers.bit.trides_cbc)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CBC && + !(capa.ciphers.bit.aes_cbc)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CTR && + !(capa.ciphers.bit.aes_ctr)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && + !(capa.ciphers.bit.aes_gcm)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_DES && + !(capa.ciphers.bit.des)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_NULL && + !(capa.ciphers.bit.null)) + rc = -1; + + CU_ASSERT(!rc); + CU_ASSERT((~capa.ciphers.all_bits & capa.hw_ciphers.all_bits) == 0); + + if (auth_alg == ODP_AUTH_ALG_AES_GCM && + !(capa.auths.bit.aes_gcm)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_GMAC && + !(capa.auths.bit.aes_gmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && + !(capa.auths.bit.md5_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_NULL && + !(capa.auths.bit.null)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && + !(capa.auths.bit.sha1_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && + !(capa.auths.bit.sha256_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && + !(capa.auths.bit.sha512_hmac)) + rc = -1; + + CU_ASSERT(!rc); + CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); + + cipher_num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, + MAX_ALG_CAPA); + + CU_ASSERT(cipher_num > 0); + CU_ASSERT(cipher_num <= MAX_ALG_CAPA); + if (cipher_num > MAX_ALG_CAPA) + cipher_num = MAX_ALG_CAPA; + + auth_num = odp_crypto_auth_capability(auth_alg, auth_capa, + MAX_ALG_CAPA); + + CU_ASSERT(auth_num > 0); + CU_ASSERT(auth_num <= MAX_ALG_CAPA); + if (auth_num > MAX_ALG_CAPA) + auth_num = MAX_ALG_CAPA; + + memset(cipher_tested, 0, sizeof(cipher_tested)); + memset(auth_tested, 0, sizeof(auth_tested)); + + for (idx = 0; idx < count; idx++) { + int cipher_idx = -1, auth_idx = -1; + + for (i = 0; i < cipher_num; i++) { + if (cipher_capa[i].key_len == + ref[idx].cipher_key_length && + cipher_capa[i].iv_len == + ref[idx].cipher_iv_length) { + cipher_idx = i; + break; + } + } + + if (cipher_idx < 0) { + printf("\n Unsupported: alg=%s, key_len=%" PRIu32 + ", iv_len=%" PRIu32 "\n", + cipher_alg_name(cipher_alg), + ref[idx].cipher_key_length, + ref[idx].cipher_iv_length); + continue; + } + + for (i = 0; i < auth_num; i++) { + if (auth_capa[i].digest_len == + ref[idx].digest_length && + auth_capa[i].iv_len == + ref[idx].auth_iv_length && + auth_capa[i].key_len == + ref[idx].auth_key_length) { + auth_idx = i; + break; + } + } + + if (auth_idx < 0) { + printf("\n Unsupported: alg=%s, key_len=%" PRIu32 + ", iv_len=%" PRIu32 ", digest_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), + ref[idx].auth_key_length, + ref[idx].auth_iv_length, + ref[idx].digest_length); + continue; + } + + alg_test(op, cipher_alg, auth_alg, &ref[idx], ovr_iv); + + cipher_tested[cipher_idx] = true; + auth_tested[auth_idx] = true; + } + + for (i = 0; i < cipher_num; i++) { + cipher_ok |= cipher_tested[i]; + if (!cipher_tested[i]) { + /* GMAC-related hacks */ + if (cipher_alg == ODP_CIPHER_ALG_NULL) + continue; + printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " + "iv_len=%" PRIu32 "\n", + cipher_alg_name(cipher_alg), + cipher_capa[i].key_len, + cipher_capa[i].iv_len); + } + } + + for (i = 0; i < auth_num; i++) { + auth_ok |= auth_tested[i]; + if (!auth_tested[i]) + printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " + "digest_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), + auth_capa[i].key_len, + auth_capa[i].digest_len); + } + + /* Verify that we were able to run at least several tests */ + CU_ASSERT(cipher_ok); + CU_ASSERT(auth_ok); +} + +/** + * Check if given cipher and authentication algorithms are supported + * + * @param cipher Cipher algorithm + * @param auth Authentication algorithm + * + * @retval ODP_TEST_ACTIVE when both algorithms are supported + * @retval ODP_TEST_INACTIVE when either algorithm is not supported + */ +static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) +{ + odp_crypto_capability_t capability; + + if (odp_crypto_capability(&capability)) + return ODP_TEST_INACTIVE; + + if (suite_context.packet) { + if (suite_context.op_mode == ODP_CRYPTO_SYNC && + capability.sync_mode == ODP_SUPPORT_NO) + return ODP_TEST_INACTIVE; + if (suite_context.op_mode == ODP_CRYPTO_ASYNC && + capability.async_mode == ODP_SUPPORT_NO) + return ODP_TEST_INACTIVE; + } + + /* Cipher algorithms */ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + if (!capability.ciphers.bit.null) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_DES: + if (!capability.ciphers.bit.des) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_3DES_CBC: + if (!capability.ciphers.bit.trides_cbc) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_CBC: + if (!capability.ciphers.bit.aes_cbc) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_CTR: + if (!capability.ciphers.bit.aes_ctr) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_GCM: + if (!capability.ciphers.bit.aes_gcm) + return ODP_TEST_INACTIVE; + break; + default: + fprintf(stderr, "Unsupported cipher algorithm\n"); + return ODP_TEST_INACTIVE; + } + + /* Authentication algorithms */ + switch (auth) { + case ODP_AUTH_ALG_NULL: + if (!capability.auths.bit.null) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_MD5_HMAC: + if (!capability.auths.bit.md5_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA1_HMAC: + if (!capability.auths.bit.sha1_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA256_HMAC: + if (!capability.auths.bit.sha256_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA512_HMAC: + if (!capability.auths.bit.sha512_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_AES_GCM: + if (!capability.auths.bit.aes_gcm) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_AES_GMAC: + if (!capability.auths.bit.aes_gmac) + return ODP_TEST_INACTIVE; + break; + default: + fprintf(stderr, "Unsupported authentication algorithm\n"); + return ODP_TEST_INACTIVE; + } + + return ODP_TEST_ACTIVE; +} + +static int check_alg_null(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); +} + +#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) +static void crypto_test_enc_alg_null(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_NULL, + null_reference, + ARRAY_SIZE(null_reference), + false); +} + +static void crypto_test_dec_alg_null(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_NULL, + null_reference, + ARRAY_SIZE(null_reference), + false); +} + +static int check_alg_3des_cbc(void) +{ + return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_3des_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for 3DES_CBC algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_3des_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_3des_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + true); +} + +static int check_alg_aes_gcm(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_GCM algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_gcm(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_GCM algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_gcm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_gcm(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + true); +} + +static int check_alg_aes_cbc(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CBC algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_aes_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + true); +} + +static int check_alg_aes_ctr(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CTR, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_ctr(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CTR algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_aes_ctr_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_ctr(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_ctr_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + true); +} + +static int check_alg_hmac_md5(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_MD5_HMAC); +} + +/* This test verifies the correctness of HMAC_MD5 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_md5(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_MD5_HMAC, + hmac_md5_reference, + ARRAY_SIZE(hmac_md5_reference), + false); +} + +static void crypto_test_check_alg_hmac_md5(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_MD5_HMAC, + hmac_md5_reference, + ARRAY_SIZE(hmac_md5_reference), + false); +} + +static int check_alg_hmac_sha1(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA1 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha1(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA1_HMAC, + hmac_sha1_reference, + ARRAY_SIZE(hmac_sha1_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha1(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA1_HMAC, + hmac_sha1_reference, + ARRAY_SIZE(hmac_sha1_reference), + false); +} + +static int check_alg_hmac_sha256(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA256 digest operation. + * The output check length is truncated to 16 bytes (128 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha256(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA256_HMAC, + hmac_sha256_reference, + ARRAY_SIZE(hmac_sha256_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha256(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA256_HMAC, + hmac_sha256_reference, + ARRAY_SIZE(hmac_sha256_reference), + false); +} + +static int check_alg_hmac_sha512(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA512 digest operation. + * The output check length is truncated to 32 bytes (256 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha512(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA512_HMAC, + hmac_sha512_reference, + ARRAY_SIZE(hmac_sha512_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha512(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA512_HMAC, + hmac_sha512_reference, + ARRAY_SIZE(hmac_sha512_reference), + false); +} + +static int check_alg_aes_gmac(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC); +} + +static void crypto_test_gen_alg_aes_gmac(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + aes_gmac_reference, + ARRAY_SIZE(aes_gmac_reference), + false); +} + +static void crypto_test_gen_alg_aes_gmac_ovr_iv(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + alg_test(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + &aes_gmac_reference[i], + true); +} + +static void crypto_test_check_alg_aes_gmac(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + aes_gmac_reference, + ARRAY_SIZE(aes_gmac_reference), + false); +} + +static void crypto_test_check_alg_aes_gmac_ovr_iv(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + alg_test(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + &aes_gmac_reference[i], + true); +} + +int crypto_suite_sync_init(void) +{ + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = ODP_QUEUE_INVALID; + suite_context.pref_mode = ODP_CRYPTO_SYNC; + return 0; +} + +int crypto_suite_async_init(void) +{ + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + suite_context.queue = odp_queue_lookup("crypto-out"); + if (suite_context.queue == ODP_QUEUE_INVALID) + return -1; + + suite_context.pref_mode = ODP_CRYPTO_ASYNC; + return 0; +} + +int crypto_suite_packet_sync_init(void) +{ + suite_context.packet = true; + suite_context.op_mode = ODP_CRYPTO_SYNC; + + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = ODP_QUEUE_INVALID; + return 0; +} + +int crypto_suite_packet_async_init(void) +{ + suite_context.packet = true; + suite_context.op_mode = ODP_CRYPTO_ASYNC; + + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = odp_queue_lookup("crypto-out"); + if (suite_context.queue == ODP_QUEUE_INVALID) + return -1; + return 0; +} + +odp_testinfo_t crypto_suite[] = { + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc_ovr_iv, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc_ovr_iv, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc_ovr_iv, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc_ovr_iv, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr_ovr_iv, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr_ovr_iv, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm_ovr_iv, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac_ovr_iv, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, + check_alg_aes_gmac), + ODP_TEST_INFO_NULL, +}; + +int crypto_suite_term(void) +{ + int i; + int first = 1; + + for (i = 0; crypto_suite[i].pName; i++) { + if (crypto_suite[i].check_active && + crypto_suite[i].check_active() == ODP_TEST_INACTIVE) { + if (first) { + first = 0; + printf("\n\n Inactive tests:\n"); + } + printf(" %s\n", crypto_suite[i].pName); + } + } + return 0; +} From patchwork Sat Jan 27 06:00:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126029 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp841664ljd; Fri, 26 Jan 2018 22:03:15 -0800 (PST) X-Google-Smtp-Source: AH8x225TdA/bETkR4m/dZuroMXLdPwb2gd1Z0x1XBRycBLNu0RKR2e8iVcdBZv/qoSD1eKogGjFN X-Received: by 10.55.162.150 with SMTP id l144mr24670845qke.336.1517032995003; Fri, 26 Jan 2018 22:03:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517032994; cv=none; d=google.com; s=arc-20160816; b=mZMExqsHb/yAoK4AtR3HbNgUpLQMcyr1NHdUFdOLwYK+LUUs8nREcQk6rb8TMkPnmW ZBNX4lgP0Oar7gOyDPkxJWqW7FOYVIXd/mfuA+AeZIn78YtVMU6TM7l5TU1oYrU72hI7 JwFaXnfxPcdRVAF2Awxox2pLhglvynEJ2XmY2J4vkIIrfFNXjJr70+b/aNRfngorNapH IMnk1qDG+mONyvXztAHPgDOGCQH3sbcHpelzJsZFQIsImAsNeoUHwwl/9+B9ERoC/WlD HyvzRPR/eL3yCj70u0z7/Ba3BKodAzsidYkX0uhKKM0M7GTO8pKbopnwNkyUjp537q6J ofrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=6tHwjXj5rV5e7ehqvl7H6n45DfNKwlXZ6Tzf1qKtvZQ=; b=fnz9L+Kt6RXN8iLgDwE7qfJII108UptziUl9LeMHUha4JGsZR0dKMfYsWpvuwdWLKU MSrwwsuBqsteVHOKRk9y6nuZpTQVA6Ma2k+xMHPSmWajI57FjRAXpO8U4w04Qmt0ZcJ0 Z23/mo/M3gsQCRKPjpetmjKyTapWUEc5bbWyEnSBfdBS80FgZev8Ve/hwSf4B9ZOP550 yWZZPKSfI0D6eBimoJ7qx40mzd8nJt7tr58l0T8CWnD7dVq8mWEN9E7dj8NOcNHwzkb2 kotE8DU33ugr1jhL7+xtDaws1o+OaXlmKzPJ5FlXUdnt0Mv5h1T8Ubuxf7/Vj33AKu1g rHwg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id f9si488773qke.33.2018.01.26.22.03.14; Fri, 26 Jan 2018 22:03:14 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id B7541617D4; Sat, 27 Jan 2018 06:03:14 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 7D9C3617CC; Sat, 27 Jan 2018 06:00:45 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 35938617B8; Sat, 27 Jan 2018 06:00:23 +0000 (UTC) Received: from forward101p.mail.yandex.net (forward101p.mail.yandex.net [77.88.28.101]) by lists.linaro.org (Postfix) with ESMTPS id DEE23616F4 for ; Sat, 27 Jan 2018 06:00:17 +0000 (UTC) Received: from mxback2o.mail.yandex.net (mxback2o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1c]) by forward101p.mail.yandex.net (Yandex) with ESMTP id 6CFB36A83653 for ; Sat, 27 Jan 2018 09:00:16 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback2o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 73Vktm3raG-0G0eHg7h; Sat, 27 Jan 2018 09:00:16 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0FNOpNtm; Sat, 27 Jan 2018 09:00:15 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:00 +0300 Message-Id: <1517032810-971-7-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 6/16] validation: crypto: drop obsolete GMAC-related hack X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Checking that cipher is not NULL was required because GMAC used NULL cipher to specify it's IV. Now it is obosolete, as auths has their own IV. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 2b0ba1cd9..0448972b8 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -580,9 +580,6 @@ static void check_alg(odp_crypto_op_t op, for (i = 0; i < cipher_num; i++) { cipher_ok |= cipher_tested[i]; if (!cipher_tested[i]) { - /* GMAC-related hacks */ - if (cipher_alg == ODP_CIPHER_ALG_NULL) - continue; printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " "iv_len=%" PRIu32 "\n", cipher_alg_name(cipher_alg), From patchwork Sat Jan 27 06:00:01 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126038 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp842235ljd; Fri, 26 Jan 2018 22:04:38 -0800 (PST) X-Google-Smtp-Source: AH8x225kMzxsntUvgSFpD118YHrbX8rZhbLBwMPQBkIf1za0uLIfteUVP/UYsmt6wbDlhjSbv5W2 X-Received: by 10.55.40.41 with SMTP id o41mr24609602qkh.176.1517033077872; Fri, 26 Jan 2018 22:04:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033077; cv=none; d=google.com; s=arc-20160816; b=SGgjXbNQF1n4K3fwhnjIcIcYVOD/yWOWSqYKOaE7Cb6s/bso6yl40/Cv03Y5UJjnxb 5MBN7GsbXCnqQ4Vef9cgIabIRNFXY05Ao375JOF1OyMdRlugElEPePfYXuoS+/ilj/xB NcssfDTnM/ajiqPNxK4gCDmExcgOUebyZmu6GL3ymxz/COC1nsydWTSzWfG5QNYkR1H4 sxnXDnRPH4+HZhScUwQiC2xovcTVHgJPc6NbH65p17RnzPl6ANnY/410QzQHjSxASHAA knG2TQK9hnCCD/4+d4NdoB960HL3bNx4f189ZlasbP2iRVaNIroMdsIuEBjGR7jEaECM AlTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=ODbUxtio5CZDNZhBznrqcGbXuWqQlRa+yTA2H3yUMWs=; b=NXz9OGzQ3hNjiYPW6KwoUAqFG47AAHRthfRhFUMGWJUF4vgwc5GjOYmlemMJAIzvJL Lhkul15pPl5nzxuDKrG/kBoDJEtWw1qgALrWt0Fcj0Vt5atEcRh9r1xf2l3M1R7U83HN 4r+0ooOPBMF+vqyNE+plc7Qs4RQ40Z9XmvLrf8peUtfgP7i4NyI7ZGRwa7qriqlptDG6 rK0uB4hnIwzQ19GNY+cLzoGTdvk64DfvBtL/NOdksLuSYj8Z9rcTZAEMZgmkF+3xtCro rNRpdPlOOBDVkW/pBIv2hpbb/lWGsBJGdO6NBp35D/Dfs6BEMeXtDKFj/G5B9zq0I/vX qPTw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id e67si2848585qkc.148.2018.01.26.22.04.37; Fri, 26 Jan 2018 22:04:37 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 8A125617BF; Sat, 27 Jan 2018 06:04:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id C4214617DA; Sat, 27 Jan 2018 06:00:50 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id A10EE617B9; Sat, 27 Jan 2018 06:00:25 +0000 (UTC) Received: from forward101p.mail.yandex.net (forward101p.mail.yandex.net [77.88.28.101]) by lists.linaro.org (Postfix) with ESMTPS id 2BA60616FE for ; Sat, 27 Jan 2018 06:00:18 +0000 (UTC) Received: from mxback19j.mail.yandex.net (mxback19j.mail.yandex.net [IPv6:2a02:6b8:0:1619::95]) by forward101p.mail.yandex.net (Yandex) with ESMTP id F12066A82E3A for ; Sat, 27 Jan 2018 09:00:16 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback19j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id Aie5D07zlz-0G3OJuZK; Sat, 27 Jan 2018 09:00:16 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0GNmTr9m; Sat, 27 Jan 2018 09:00:16 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:01 +0300 Message-Id: <1517032810-971-8-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 7/16] validation: crypto: use single definitions for AES key lengths X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Merge defines for AES-CBC/CTR/GCM keys. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ test/validation/api/crypto/test_vectors.h | 32 +++++++++++------------ test/validation/api/crypto/test_vectors_len.h | 37 +++++++-------------------- 2 files changed, 25 insertions(+), 44 deletions(-) diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 9c0b844d1..ff69717db 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -74,7 +74,7 @@ static crypto_test_reference_t tdes_cbc_reference[] = { static crypto_test_reference_t aes_cbc_reference[] = { { - .cipher_key_length = AES128_CBC_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06}, .cipher_iv_length = AES_CBC_IV_LEN, @@ -86,7 +86,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a } }, { - .cipher_key_length = AES128_CBC_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a}, .cipher_iv_length = AES_CBC_IV_LEN, @@ -103,7 +103,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 } }, { - .cipher_key_length = AES128_CBC_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x6c, 0x3e, 0xa0, 0x47, 0x76, 0x30, 0xce, 0x21, 0xa2, 0xce, 0x33, 0x4a, 0xa7, 0x46, 0xc2, 0xcd}, .cipher_iv_length = AES_CBC_IV_LEN, @@ -119,7 +119,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x85, 0x79, 0x69, 0x5d, 0x83, 0xba, 0x26, 0x84 } }, { - .cipher_key_length = AES128_CBC_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x56, 0xe4, 0x7a, 0x38, 0xc5, 0x59, 0x89, 0x74, 0xbc, 0x46, 0x90, 0x3d, 0xba, 0x29, 0x03, 0x49}, .cipher_iv_length = AES_CBC_IV_LEN, @@ -144,7 +144,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x49, 0xa5, 0x3e, 0x87, 0xf4, 0xc3, 0xda, 0x55 } }, { - .cipher_key_length = AES192_CBC_KEY_LEN, + .cipher_key_length = AES192_KEY_LEN, .cipher_key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c}, @@ -162,7 +162,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x53, 0x1c, 0xc6, 0x98, 0x85, 0xc3, 0x00, 0xe6}, }, { - .cipher_key_length = AES256_CBC_KEY_LEN, + .cipher_key_length = AES256_KEY_LEN, .cipher_key = { 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, 0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab, 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, @@ -188,7 +188,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { static crypto_test_reference_t aes_ctr_reference[] = { { - .cipher_key_length = AES128_CTR_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}, .cipher_iv_length = AES_CTR_IV_LEN, @@ -213,7 +213,7 @@ static crypto_test_reference_t aes_ctr_reference[] = { 0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee } }, { - .cipher_key_length = AES192_CTR_KEY_LEN, + .cipher_key_length = AES192_KEY_LEN, .cipher_key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, @@ -239,7 +239,7 @@ static crypto_test_reference_t aes_ctr_reference[] = { 0x5a, 0x97, 0xda, 0xec, 0x58, 0xc6, 0xb0, 0x50 } }, { - .cipher_key_length = AES256_CTR_KEY_LEN, + .cipher_key_length = AES256_KEY_LEN, .cipher_key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, @@ -272,7 +272,7 @@ static crypto_test_reference_t aes_ctr_reference[] = { */ static crypto_test_reference_t aes_gcm_reference[] = { { - .cipher_key_length = AES128_GCM_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34}, .cipher_iv_length = AES_GCM_IV_LEN, @@ -305,7 +305,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0x2f, 0xd0, 0x47, 0x96, 0x56, 0x2d, 0xfd, 0xb4 } }, { - .cipher_key_length = AES128_GCM_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08}, .cipher_iv_length = AES_GCM_IV_LEN, @@ -335,7 +335,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0xc3, 0x09, 0xe9, 0xd8, 0x5a, 0x41, 0xad, 0x4a } }, { - .cipher_key_length = AES128_GCM_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, .cipher_iv_length = AES_GCM_IV_LEN, @@ -365,7 +365,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0x8a, 0xd2, 0xb6, 0x9e, 0x47, 0x99, 0xc7, 0x1d } }, { - .cipher_key_length = AES128_GCM_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60, 0x7e, 0xae, 0x1f}, .cipher_iv_length = AES_GCM_IV_LEN, @@ -388,7 +388,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0x95, 0xf1, 0x12, 0xe4, 0xe7, 0xd0, 0x5d, 0x35 } }, { - .cipher_key_length = AES192_GCM_KEY_LEN, + .cipher_key_length = AES192_KEY_LEN, .cipher_key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c}, @@ -413,7 +413,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0x18, 0x02, 0x7b, 0x5b, 0x4c, 0xd7, 0xa6, 0x36 } }, { - .cipher_key_length = AES256_GCM_KEY_LEN, + .cipher_key_length = AES256_KEY_LEN, .cipher_key = { 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, 0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab, 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, @@ -446,7 +446,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { static crypto_test_reference_t aes_gmac_reference[] = { { - .auth_key_length = AES128_GCM_KEY_LEN, + .auth_key_length = AES128_KEY_LEN, .auth_key = { 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34}, .auth_iv_length = AES_GCM_IV_LEN, diff --git a/test/validation/api/crypto/test_vectors_len.h b/test/validation/api/crypto/test_vectors_len.h index 2551b054c..8933017b4 100644 --- a/test/validation/api/crypto/test_vectors_len.h +++ b/test/validation/api/crypto/test_vectors_len.h @@ -17,43 +17,24 @@ #define TDES_CBC_KEY_LEN 24 #define TDES_CBC_IV_LEN 8 -/* AES-CBC common */ -#define AES_CBC_IV_LEN 16 - -/* AES128-CBC */ -#define AES128_CBC_KEY_LEN 16 +/* AES common */ -/* AES192-CBC */ -#define AES192_CBC_KEY_LEN 24 +#define AES128_KEY_LEN 16 -/* AES256-CBC */ -#define AES256_CBC_KEY_LEN 32 +#define AES192_KEY_LEN 24 -/* AES-CBC common */ -#define AES_CTR_IV_LEN 16 +#define AES256_KEY_LEN 32 -/* AES128-CTR */ -#define AES128_CTR_KEY_LEN 16 - -/* AES192-CTR */ -#define AES192_CTR_KEY_LEN 24 +/* AES-CBC */ +#define AES_CBC_IV_LEN 16 -/* AES256-CTR */ -#define AES256_CTR_KEY_LEN 32 +/* AES-CTR */ +#define AES_CTR_IV_LEN 16 -/* AES-GCM common */ +/* AES-GCM */ #define AES_GCM_IV_LEN 12 #define AES_GCM_DIGEST_LEN 16 -/* AES128-GCM */ -#define AES128_GCM_KEY_LEN 16 - -/* AES192-GCM */ -#define AES192_GCM_KEY_LEN 24 - -/* AES256-GCM */ -#define AES256_GCM_KEY_LEN 32 - /* HMAC-MD5 */ #define HMAC_MD5_KEY_LEN 16 #define HMAC_MD5_96_CHECK_LEN 12 From patchwork Sat Jan 27 06:00:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126039 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp842647ljd; Fri, 26 Jan 2018 22:05:42 -0800 (PST) X-Google-Smtp-Source: AH8x224C11NqJKAOAMPEsJPB1LSmBU2ywXD+lyZ1XeR/AoJOdsFvVllin2zx7cMIibsqIHLD/Am7 X-Received: by 10.55.141.198 with SMTP id p189mr22909730qkd.65.1517033142311; Fri, 26 Jan 2018 22:05:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033142; cv=none; d=google.com; s=arc-20160816; b=IK8SJ0bzibejN1s6fLRmmLGz+mlRuy66oYg057/Whtfyz6aaVvo91eiDIQ/jo3rC9V oCZiAcckTNxhhe9Axb9NEa9fl2jXJUB/y2KkZ4I6+ovDtmCRaRaaWOeyIgXcSXwY9CXa 3KCj3a7rg6OrfK25NAcsyBxRPk6DumiGSLxu20hk/v4lWR+i6R9p/MqSBzOWw1KWH7Ms nk+/GVQM7YrAhR9jm+K/TfftaxOi9Rh2h7fyg9xBJ/YI7UJvR+1vIqBdhiqXLU9bbLat i8x9R6NA35aHigjCRBrAtJipOCGh2q6PGgNVrs8/TdLCYvuoMYDGBEs7pPrgw4+dr5D+ q4og== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=um6maXcd1BfLKGOaxU1B2w9bF3on/V8IiPuAfZi/FqU=; b=JRqyIVcAGCIVGORemDne17Pi4l8Z1U0th1HDCoSKgqgwUGik0ymfjKlNS4aEl8B9xI nUuRs1eHDHKv5oBkre3gjMfIAIkNirvQG6s9UKpXQpmKtfjlwSXAZm9nobWcqAZgecKa Nvd8eEZ8eL9D7VIqC13yD7ksKQqFlDpsiRYbcEL0DXSVNKrZebbc037EchbWUlkvvnyJ PWPikKTyaYi7bG73f9WQhpBdxZLsOQ0w4FmN9ZkcZ41sWRw6Rtdr/k+OwwvCqDiDn+s0 lsPRvXcJgMSahFx+tUrM1eEkTVmGHLQk9vxlxzibLl5TM5gH+HQQBz2bxHj+dfHNjQkG QsAQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id l62si6491415qkc.457.2018.01.26.22.05.42; Fri, 26 Jan 2018 22:05:42 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id DCB56617BE; Sat, 27 Jan 2018 06:05:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 2BE04617C1; Sat, 27 Jan 2018 06:00:58 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id A86E5617B8; Sat, 27 Jan 2018 06:00:27 +0000 (UTC) Received: from forward102p.mail.yandex.net (forward102p.mail.yandex.net [77.88.28.102]) by lists.linaro.org (Postfix) with ESMTPS id 5431A6089D for ; Sat, 27 Jan 2018 06:00:19 +0000 (UTC) Received: from mxback4o.mail.yandex.net (mxback4o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1e]) by forward102p.mail.yandex.net (Yandex) with ESMTP id DCA6D43013BC for ; Sat, 27 Jan 2018 09:00:17 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback4o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id Vf8CTzy1YW-0HWWEWfA; Sat, 27 Jan 2018 09:00:17 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0HNmVKsK; Sat, 27 Jan 2018 09:00:17 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:02 +0300 Message-Id: <1517032810-971-9-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 8/16] validation: crypto: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 72 ++++++++++++ test/validation/api/crypto/test_vectors.h | 140 +++++++++++++++++++++++ test/validation/api/crypto/test_vectors_len.h | 7 +- 3 files changed, 218 insertions(+), 1 deletion(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 0448972b8..5c38ae85f 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -52,6 +52,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GCM"; case ODP_AUTH_ALG_AES_GMAC: return "ODP_AUTH_ALG_AES_GMAC"; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: return "Unknown"; } @@ -70,6 +72,8 @@ static const char *cipher_alg_name(odp_cipher_alg_t cipher) return "ODP_CIPHER_ALG_AES_CBC"; case ODP_CIPHER_ALG_AES_GCM: return "ODP_CIPHER_ALG_AES_GCM"; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + return "ODP_CIPHER_ALG_CHACHA20_POLY1305"; default: return "Unknown"; } @@ -473,6 +477,9 @@ static void check_alg(odp_crypto_op_t op, if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && !(capa.ciphers.bit.aes_gcm)) rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305 && + !(capa.ciphers.bit.chacha20_poly1305)) + rc = -1; if (cipher_alg == ODP_CIPHER_ALG_DES && !(capa.ciphers.bit.des)) rc = -1; @@ -489,6 +496,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_CHACHA20_POLY1305 && + !(capa.auths.bit.chacha20_poly1305)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && !(capa.auths.bit.md5_hmac)) rc = -1; @@ -654,6 +664,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capability.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -689,6 +703,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capability.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -785,6 +803,52 @@ static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) true); } +static int check_alg_chacha20_poly1305(void) +{ + return check_alg_support(ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305); +} + +static void crypto_test_enc_alg_chacha20_poly1305(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + false); +} + +static void crypto_test_enc_alg_chacha20_poly1305_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + true); +} + +static void crypto_test_dec_alg_chacha20_poly1305(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + false); +} + +static void crypto_test_dec_alg_chacha20_poly1305_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + true); +} + static int check_alg_aes_gcm(void) { return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); @@ -1247,6 +1311,14 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gcm), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305_ovr_iv, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_chacha20_poly1305, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_chacha20_poly1305_ovr_iv, + check_alg_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, check_alg_hmac_md5), ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index ff69717db..3c18814fb 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -477,6 +477,146 @@ static crypto_test_reference_t aes_gmac_reference[] = { }, }; +/* + * Test vector from RFC 7539, sections 2.8.2, A.5: + * https://tools.ietf.org/html/rfc7539#section-2.8.2 + * https://tools.ietf.org/html/rfc7539#appendix-A.5 + */ +static crypto_test_reference_t chacha20_poly1305_reference[] = { + { + .cipher_key_length = CHACHA20_POLY1305_KEY_LEN, + .cipher_key = { 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f}, + .cipher_iv_length = CHACHA20_POLY1305_IV_LEN, + .cipher_iv = { 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47 }, + .length = 114, + .plaintext = { 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, + 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, + 0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73, + 0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39, + 0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63, + 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66, + 0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f, + 0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20, + 0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75, + 0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73, + 0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, + 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, + 0x74, 0x2e }, + .ciphertext = { 0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb, + 0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2, + 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe, + 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6, + 0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12, + 0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b, + 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29, + 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36, + 0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c, + 0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58, + 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94, + 0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc, + 0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d, + 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b, + 0x61, 0x16 }, + .aad_length = 12, + .aad = { 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, + 0xc5, 0xc6, 0xc7 }, + .digest_length = 16, + .digest = { 0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a, + 0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91 } + }, + { + .cipher_key_length = CHACHA20_POLY1305_KEY_LEN, + .cipher_key = { 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a, + 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0, + 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09, + 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0}, + .cipher_iv_length = CHACHA20_POLY1305_IV_LEN, + .cipher_iv = { 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08 }, + .length = 265, + .plaintext = { 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, + 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x73, 0x20, + 0x61, 0x72, 0x65, 0x20, 0x64, 0x72, 0x61, 0x66, + 0x74, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, + 0x6e, 0x74, 0x73, 0x20, 0x76, 0x61, 0x6c, 0x69, + 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x61, 0x20, + 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x20, + 0x6f, 0x66, 0x20, 0x73, 0x69, 0x78, 0x20, 0x6d, + 0x6f, 0x6e, 0x74, 0x68, 0x73, 0x20, 0x61, 0x6e, + 0x64, 0x20, 0x6d, 0x61, 0x79, 0x20, 0x62, 0x65, + 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, + 0x2c, 0x20, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, + 0x65, 0x64, 0x2c, 0x20, 0x6f, 0x72, 0x20, 0x6f, + 0x62, 0x73, 0x6f, 0x6c, 0x65, 0x74, 0x65, 0x64, + 0x20, 0x62, 0x79, 0x20, 0x6f, 0x74, 0x68, 0x65, + 0x72, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, + 0x6e, 0x74, 0x73, 0x20, 0x61, 0x74, 0x20, 0x61, + 0x6e, 0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x2e, + 0x20, 0x49, 0x74, 0x20, 0x69, 0x73, 0x20, 0x69, + 0x6e, 0x61, 0x70, 0x70, 0x72, 0x6f, 0x70, 0x72, + 0x69, 0x61, 0x74, 0x65, 0x20, 0x74, 0x6f, 0x20, + 0x75, 0x73, 0x65, 0x20, 0x49, 0x6e, 0x74, 0x65, + 0x72, 0x6e, 0x65, 0x74, 0x2d, 0x44, 0x72, 0x61, + 0x66, 0x74, 0x73, 0x20, 0x61, 0x73, 0x20, 0x72, + 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, + 0x20, 0x6d, 0x61, 0x74, 0x65, 0x72, 0x69, 0x61, + 0x6c, 0x20, 0x6f, 0x72, 0x20, 0x74, 0x6f, 0x20, + 0x63, 0x69, 0x74, 0x65, 0x20, 0x74, 0x68, 0x65, + 0x6d, 0x20, 0x6f, 0x74, 0x68, 0x65, 0x72, 0x20, + 0x74, 0x68, 0x61, 0x6e, 0x20, 0x61, 0x73, 0x20, + 0x2f, 0xe2, 0x80, 0x9c, 0x77, 0x6f, 0x72, 0x6b, + 0x20, 0x69, 0x6e, 0x20, 0x70, 0x72, 0x6f, 0x67, + 0x72, 0x65, 0x73, 0x73, 0x2e, 0x2f, 0xe2, 0x80, + 0x9d }, + .ciphertext = { 0x64, 0xa0, 0x86, 0x15, 0x75, 0x86, 0x1a, 0xf4, + 0x60, 0xf0, 0x62, 0xc7, 0x9b, 0xe6, 0x43, 0xbd, + 0x5e, 0x80, 0x5c, 0xfd, 0x34, 0x5c, 0xf3, 0x89, + 0xf1, 0x08, 0x67, 0x0a, 0xc7, 0x6c, 0x8c, 0xb2, + 0x4c, 0x6c, 0xfc, 0x18, 0x75, 0x5d, 0x43, 0xee, + 0xa0, 0x9e, 0xe9, 0x4e, 0x38, 0x2d, 0x26, 0xb0, + 0xbd, 0xb7, 0xb7, 0x3c, 0x32, 0x1b, 0x01, 0x00, + 0xd4, 0xf0, 0x3b, 0x7f, 0x35, 0x58, 0x94, 0xcf, + 0x33, 0x2f, 0x83, 0x0e, 0x71, 0x0b, 0x97, 0xce, + 0x98, 0xc8, 0xa8, 0x4a, 0xbd, 0x0b, 0x94, 0x81, + 0x14, 0xad, 0x17, 0x6e, 0x00, 0x8d, 0x33, 0xbd, + 0x60, 0xf9, 0x82, 0xb1, 0xff, 0x37, 0xc8, 0x55, + 0x97, 0x97, 0xa0, 0x6e, 0xf4, 0xf0, 0xef, 0x61, + 0xc1, 0x86, 0x32, 0x4e, 0x2b, 0x35, 0x06, 0x38, + 0x36, 0x06, 0x90, 0x7b, 0x6a, 0x7c, 0x02, 0xb0, + 0xf9, 0xf6, 0x15, 0x7b, 0x53, 0xc8, 0x67, 0xe4, + 0xb9, 0x16, 0x6c, 0x76, 0x7b, 0x80, 0x4d, 0x46, + 0xa5, 0x9b, 0x52, 0x16, 0xcd, 0xe7, 0xa4, 0xe9, + 0x90, 0x40, 0xc5, 0xa4, 0x04, 0x33, 0x22, 0x5e, + 0xe2, 0x82, 0xa1, 0xb0, 0xa0, 0x6c, 0x52, 0x3e, + 0xaf, 0x45, 0x34, 0xd7, 0xf8, 0x3f, 0xa1, 0x15, + 0x5b, 0x00, 0x47, 0x71, 0x8c, 0xbc, 0x54, 0x6a, + 0x0d, 0x07, 0x2b, 0x04, 0xb3, 0x56, 0x4e, 0xea, + 0x1b, 0x42, 0x22, 0x73, 0xf5, 0x48, 0x27, 0x1a, + 0x0b, 0xb2, 0x31, 0x60, 0x53, 0xfa, 0x76, 0x99, + 0x19, 0x55, 0xeb, 0xd6, 0x31, 0x59, 0x43, 0x4e, + 0xce, 0xbb, 0x4e, 0x46, 0x6d, 0xae, 0x5a, 0x10, + 0x73, 0xa6, 0x72, 0x76, 0x27, 0x09, 0x7a, 0x10, + 0x49, 0xe6, 0x17, 0xd9, 0x1d, 0x36, 0x10, 0x94, + 0xfa, 0x68, 0xf0, 0xff, 0x77, 0x98, 0x71, 0x30, + 0x30, 0x5b, 0xea, 0xba, 0x2e, 0xda, 0x04, 0xdf, + 0x99, 0x7b, 0x71, 0x4d, 0x6c, 0x6f, 0x2c, 0x29, + 0xa6, 0xad, 0x5c, 0xb4, 0x02, 0x2b, 0x02, 0x70, + 0x9b }, + .aad_length = 12, + .aad = { 0xf3, 0x33, 0x88, 0x86, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x4e, 0x91 }, + .digest_length = CHACHA20_POLY1305_CHECK_LEN, + .digest = { 0xee, 0xad, 0x9d, 0x67, 0x89, 0x0c, 0xbb, 0x22, + 0x39, 0x23, 0x36, 0xfe, 0xa1, 0x85, 0x1f, 0x38 } + }, +}; + static crypto_test_reference_t hmac_md5_reference[] = { { .auth_key_length = HMAC_MD5_KEY_LEN, diff --git a/test/validation/api/crypto/test_vectors_len.h b/test/validation/api/crypto/test_vectors_len.h index 8933017b4..860840cfe 100644 --- a/test/validation/api/crypto/test_vectors_len.h +++ b/test/validation/api/crypto/test_vectors_len.h @@ -9,7 +9,7 @@ /* Maximum */ #define MAX_KEY_LEN 64 #define MAX_IV_LEN 16 -#define MAX_DATA_LEN 128 +#define MAX_DATA_LEN 270 #define MAX_AAD_LEN 12 #define MAX_DIGEST_LEN 64 @@ -55,4 +55,9 @@ #define HMAC_SHA512_256_CHECK_LEN 32 #define HMAC_SHA512_CHECK_LEN 64 +/* ChaCha20-Poly1305 */ +#define CHACHA20_POLY1305_KEY_LEN 32 +#define CHACHA20_POLY1305_IV_LEN 12 +#define CHACHA20_POLY1305_CHECK_LEN 16 + #endif From patchwork Sat Jan 27 06:00:03 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126040 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp842688ljd; Fri, 26 Jan 2018 22:05:47 -0800 (PST) X-Google-Smtp-Source: AH8x227Epm68F0jKSIifIzwGqPEaIIUHWdRxzRuLgDGR8NRl2X34vll4pJNsJrPGfC2mTL22xHr1 X-Received: by 10.237.63.165 with SMTP id s34mr27692162qth.312.1517033147807; Fri, 26 Jan 2018 22:05:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033147; cv=none; d=google.com; s=arc-20160816; b=gwyy5sFvupSVoFAFayZBDgSpRWIZHR/Cj3SGAwlu/nV9762iZiyCevdWr3qK/0ungu BmXdkBSMfkRKu3NhLnmnL8eZjCG0aJzt+8eAUm088FHNRzOHiU3dNxwRc1rsvn5cfhDr bVu7JKgdlGUGkxks5uRGTEmghhyQLS5C41/nfOAjA+eydkhGVpuoFHQ8i+MK4X0Y3UMo OxnM90Q0VDqcYLTR2gMJRX1V6npIED/EYHt5HTB4xKFWWPUhs9IFPX5kXdQxkAsfWkcI R3VSj0GTuiGB7aHSho57pmSOktEnCJvAbNgJFjAHlrb0zLZeNA70Iw7aumC2nqLkQF8N oiuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=VxkkA9cyXnCWglshpIpcHzDLAG8qURkybudAeDuNBCg=; b=DCZqHz5SGhuarZbB5vHU4i3hmtP9CeEhzM2dmLJDn06YcAkkfFO03t4Ygsoq8WgN68 1zN4pm0qD/py4JykCaLRq85Il8R68eLwx+QF1ZrFIjlkEpUwKG4KI0dXj20e+c77C9+y 3yEyFxRc64OhtOwh/YZZ58rgNIDYXK7s/3nxwUdxzPcvZFQNclDe9OffNvqtpdOpQM/Q yWaWgcZC/ICLXGC0Sc4Ik4SJ7zC39IqTFiHLcNU18JMieHvhqesMHixnsGBTNSTlgDSW RGWfs1uKax6G90vjF8oeF2lY90m8K7kJQV8eV/iAXya4lZwXTyiXu5xNjkx228FLxycr o9yA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id i99si5423544qkh.405.2018.01.26.22.05.47; Fri, 26 Jan 2018 22:05:47 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 781C361794; Sat, 27 Jan 2018 06:05:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 741B5617E2; Sat, 27 Jan 2018 06:01:03 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 436A2617BF; Sat, 27 Jan 2018 06:00:29 +0000 (UTC) Received: from forward102j.mail.yandex.net (forward102j.mail.yandex.net [5.45.198.243]) by lists.linaro.org (Postfix) with ESMTPS id 9CB666096B for ; Sat, 27 Jan 2018 06:00:20 +0000 (UTC) Received: from mxback3o.mail.yandex.net (mxback3o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1d]) by forward102j.mail.yandex.net (Yandex) with ESMTP id C88815602C22 for ; Sat, 27 Jan 2018 09:00:18 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback3o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id wEM4t32WxK-0Ibmpbjh; Sat, 27 Jan 2018 09:00:18 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0HNCfKde; Sat, 27 Jan 2018 09:00:18 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:03 +0300 Message-Id: <1517032810-971-10-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 9/16] validation: crypto: add test vectors for AES-CCM X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Neither RFC 3610 nor SP 800-38C contains test vectors for 192 and 256 bit keys and none contains test vectors for 11-bit IV (used in IPsec). So I've used 1st test vector from RFC 3610 and generated the rest of test vectors. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 71 +++++++++++++ test/validation/api/crypto/test_vectors.h | 129 +++++++++++++++++++++++ 2 files changed, 200 insertions(+) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 5c38ae85f..ae843acf7 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -52,6 +52,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GCM"; case ODP_AUTH_ALG_AES_GMAC: return "ODP_AUTH_ALG_AES_GMAC"; + case ODP_AUTH_ALG_AES_CCM: + return "ODP_AUTH_ALG_AES_CCM"; case ODP_AUTH_ALG_CHACHA20_POLY1305: return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: @@ -72,6 +74,8 @@ static const char *cipher_alg_name(odp_cipher_alg_t cipher) return "ODP_CIPHER_ALG_AES_CBC"; case ODP_CIPHER_ALG_AES_GCM: return "ODP_CIPHER_ALG_AES_GCM"; + case ODP_CIPHER_ALG_AES_CCM: + return "ODP_CIPHER_ALG_AES_CCM"; case ODP_CIPHER_ALG_CHACHA20_POLY1305: return "ODP_CIPHER_ALG_CHACHA20_POLY1305"; default: @@ -477,6 +481,9 @@ static void check_alg(odp_crypto_op_t op, if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && !(capa.ciphers.bit.aes_gcm)) rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CCM && + !(capa.ciphers.bit.aes_ccm)) + rc = -1; if (cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305 && !(capa.ciphers.bit.chacha20_poly1305)) rc = -1; @@ -496,6 +503,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_CCM && + !(capa.auths.bit.aes_ccm)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_CHACHA20_POLY1305 && !(capa.auths.bit.chacha20_poly1305)) rc = -1; @@ -664,6 +674,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_AES_CCM: + if (!capability.ciphers.bit.aes_ccm) + return ODP_TEST_INACTIVE; + break; case ODP_CIPHER_ALG_CHACHA20_POLY1305: if (!capability.ciphers.bit.chacha20_poly1305) return ODP_TEST_INACTIVE; @@ -703,6 +717,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_AES_CCM: + if (!capability.auths.bit.aes_ccm) + return ODP_TEST_INACTIVE; + break; case ODP_AUTH_ALG_CHACHA20_POLY1305: if (!capability.auths.bit.chacha20_poly1305) return ODP_TEST_INACTIVE; @@ -912,6 +930,51 @@ static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) true); } +static int check_alg_aes_ccm(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CCM, ODP_AUTH_ALG_AES_CCM); +} + +static void crypto_test_enc_alg_aes_ccm(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + false); +} + +static void crypto_test_enc_alg_aes_ccm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + true); +} + +static void crypto_test_dec_alg_aes_ccm(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + false); +} + +static void crypto_test_dec_alg_aes_ccm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + true); +} + static int check_alg_aes_cbc(void) { return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); @@ -1311,6 +1374,14 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gcm), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ccm, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ccm_ovr_iv, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ccm, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ccm_ovr_iv, + check_alg_aes_ccm), ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305, check_alg_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305_ovr_iv, diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 3c18814fb..878710315 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -444,6 +444,135 @@ static crypto_test_reference_t aes_gcm_reference[] = { } }; +static crypto_test_reference_t aes_ccm_reference[] = { + /* + * AES-CCM reference from RFC 3610: + * https://tools.ietf.org/html/rfc3610#section-8 + */ + { + .cipher_key_length = AES128_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, + 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, + 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84 }, + .digest_length = 8, + .digest = { 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 } + }, + /* The rest of test vectors are generated manually, no "interesting" + * vectors for use cases in RFC 3610 or SP 800-38C. */ + { + .cipher_key_length = AES192_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x57, 0x9f, 0xb8, 0x6e, 0xdd, 0xb4, 0xa6, 0x4a, + 0xae, 0x5f, 0xe9, 0x6d, 0xbd, 0x75, 0x44, 0x05, + 0x33, 0xa9, 0xfc, 0x3a, 0x84, 0x57, 0x36 }, + .digest_length = 8, + .digest = { 0x67, 0xae, 0xc8, 0x0a, 0xc5, 0x88, 0xab, 0x16 } + }, + { + .cipher_key_length = AES256_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x59, 0x61, 0x55, 0x10, 0xa7, 0xc4, 0x3b, 0xfb, + 0x12, 0x3d, 0x63, 0x6b, 0x46, 0x13, 0xc0, 0x3c, + 0x6c, 0xe2, 0x69, 0x07, 0x10, 0x2a, 0x3f }, + .digest_length = 8, + .digest = { 0xb5, 0x57, 0x2a, 0x17, 0x2d, 0x49, 0x16, 0xd5 } + }, + { + .cipher_key_length = AES128_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xaa, 0x2d, 0x3e, 0xcb, 0xa6, 0x68, 0x63, 0x75, + 0x8f, 0x03, 0x01, 0x51, 0x16, 0xde, 0x30, 0xed, + 0x8a, 0xb5, 0x42, 0xdc, 0xfa, 0x72, 0xd0 }, + .digest_length = 8, + .digest = { 0x63, 0xe7, 0x01, 0x5c, 0x69, 0xaf, 0xb4, 0x0c } + }, + { + .cipher_key_length = AES192_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xee, 0x99, 0x99, 0x1e, 0xc5, 0x8f, 0xd7, 0x7e, + 0x56, 0x71, 0x16, 0x39, 0x8e, 0xc4, 0x4f, 0xcc, + 0x14, 0x45, 0x57, 0x3e, 0x38, 0x76, 0x51 }, + .digest_length = 8, + .digest = { 0x31, 0x29, 0x47, 0xa4, 0x6d, 0x76, 0x34, 0xb4 } + }, + { + .cipher_key_length = AES256_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xfa, 0x07, 0x47, 0x5c, 0xe8, 0xc9, 0x37, 0x88, + 0x54, 0x64, 0xb8, 0xc3, 0x85, 0xbb, 0x76, 0x0b, + 0xf2, 0xc2, 0x4c, 0x4e, 0x31, 0x16, 0x77 }, + .digest_length = 8, + .digest = { 0x88, 0x56, 0x7e, 0x19, 0x84, 0x13, 0x29, 0xc4 } + }, +}; + static crypto_test_reference_t aes_gmac_reference[] = { { .auth_key_length = AES128_KEY_LEN, From patchwork Sat Jan 27 06:00:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126044 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp847256ljd; Fri, 26 Jan 2018 22:17:12 -0800 (PST) X-Google-Smtp-Source: AH8x227aP08HZ/fOPnIUakx5pKrkUrJ+Vjtd5Hw9702HbyGVxGx28HOKeJvj49DfWeCNIjhX+T46 X-Received: by 10.237.37.18 with SMTP id v18mr26812468qtc.124.1517033831928; Fri, 26 Jan 2018 22:17:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033831; cv=none; d=google.com; s=arc-20160816; b=jutd2+lT/B4iPH+RoqR1bbobsBZ9a67GUHmMxtNTcKPb2D2ia5FW5Ffiux/hcU2ESb YPlAnbNmy7WO2yuWThdTTe9zVlckQ8plcJM+E1lA0RmKtm3j6dFmmowWEEZnu1btuTOr lRm+6SzNLA+e7KDbf2qChfIoBX25ZuOg8RhQFbdK59sXtpbrjREGdSSOb6JNPKKj/sXs zCk/nP/NT62ii5NSPs7gpjJNHNcTOZICulZlU0Ute8nTAqHFkAoIi93jn2ob5ZovGUxB iLZBmvT81cPA3EaqOUaGgrDHwCPCVxpya7v/R3u67pMipZBqtdWXWLrBMKQPID4p2YcB Ggow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=Js67pReAahNYwOHGw8VMqiNSpQ4CrGihCCDHd/BUYmg=; b=D7L363tneF9WKu3twht1+UCdS73oU8VFs4PK6XJCsBk0S7Na4hsGeCkI2Hr8DLGXsI GnNy90p+IWkXXWle3HugRt+NfUX1lyaspHSD3d24rIfwN7fu/5ZguSOlfAJiTaXHXW26 51f9jXEdvmQnnlfq2hoONvEK2+szgTfup7FhU4bZAeAWqTF1tO7lS+x2KtIPuu6por7A oIcKE+0AqobbkkKRRH4ymAWDXtYS/6iqAHKvB7aMzvkKQ8mcsMUJjDKmicVnhMiDA+jr QoR7RWZgkR8Q/M7ibfd+vMah96v0GE0abLCb37vtfaRnGsF5kIngTkoL3C4by6LFfBQj CI8A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id o39si8377392qtc.401.2018.01.26.22.17.11; Fri, 26 Jan 2018 22:17:11 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 87F00617D8; Sat, 27 Jan 2018 06:17:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 168B061800; Sat, 27 Jan 2018 06:02:01 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 4FAD261796; Sat, 27 Jan 2018 06:01:42 +0000 (UTC) Received: from forward100j.mail.yandex.net (forward100j.mail.yandex.net [5.45.198.240]) by lists.linaro.org (Postfix) with ESMTPS id 5527561780 for ; Sat, 27 Jan 2018 06:00:22 +0000 (UTC) Received: from mxback10o.mail.yandex.net (mxback10o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::24]) by forward100j.mail.yandex.net (Yandex) with ESMTP id 664D05D843B8 for ; Sat, 27 Jan 2018 09:00:19 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback10o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id NgEMFinn30-0JcewrXa; Sat, 27 Jan 2018 09:00:19 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0INaWLbR; Sat, 27 Jan 2018 09:00:18 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:04 +0300 Message-Id: <1517032810-971-11-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 10/16] validation: crypto: add AES-CMAC test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 43 +++++++++++ test/validation/api/crypto/test_vectors.h | 98 ++++++++++++++++++++++++ 2 files changed, 141 insertions(+) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index ae843acf7..f310329ab 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -54,6 +54,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GMAC"; case ODP_AUTH_ALG_AES_CCM: return "ODP_AUTH_ALG_AES_CCM"; + case ODP_AUTH_ALG_AES_CMAC: + return "ODP_AUTH_ALG_AES_CMAC"; case ODP_AUTH_ALG_CHACHA20_POLY1305: return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: @@ -503,6 +505,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_CMAC && + !(capa.auths.bit.aes_cmac)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_AES_CCM && !(capa.auths.bit.aes_ccm)) rc = -1; @@ -721,6 +726,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_ccm) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_AES_CMAC: + if (!capability.auths.bit.aes_cmac) + return ODP_TEST_INACTIVE; + break; case ODP_AUTH_ALG_CHACHA20_POLY1305: if (!capability.auths.bit.chacha20_poly1305) return ODP_TEST_INACTIVE; @@ -1285,6 +1294,36 @@ static void crypto_test_check_alg_aes_gmac_ovr_iv(void) true); } +static int check_alg_aes_cmac(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_CMAC); +} + +static void crypto_test_gen_alg_aes_cmac(void) +{ + unsigned int test_vec_num = (sizeof(aes_cmac_reference) / + sizeof(aes_cmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_CMAC, + aes_cmac_reference, + ARRAY_SIZE(aes_cmac_reference), + false); +} + +static void crypto_test_check_alg_aes_cmac(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_CMAC, + aes_cmac_reference, + ARRAY_SIZE(aes_cmac_reference), + false); +} + int crypto_suite_sync_init(void) { suite_context.pool = odp_pool_lookup("packet_pool"); @@ -1414,6 +1453,10 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gmac), ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_cmac, + check_alg_aes_cmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_cmac, + check_alg_aes_cmac), ODP_TEST_INFO_NULL, }; diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 878710315..edd3e7da8 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -606,6 +606,104 @@ static crypto_test_reference_t aes_gmac_reference[] = { }, }; +/* Test vectors from SP800-38B / CSRC examples: + * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/AES_CMAC.pdf + * + * 12-byte vectors are just truncated 16-byte vectors + */ +static crypto_test_reference_t aes_cmac_reference[] = { + { + .auth_key_length = AES128_KEY_LEN, + .auth_key = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 16, + .digest = { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, + 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c }, + }, + { + .auth_key_length = AES192_KEY_LEN, + .auth_key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, + 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, + 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 16, + .digest = { 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90, + 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84 }, + }, + { + .auth_key_length = AES256_KEY_LEN, + .auth_key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, + 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, + 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, + 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 16, + .digest = { 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82, + 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c }, + }, + { + .auth_key_length = AES128_KEY_LEN, + .auth_key = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 12, + .digest = { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, + 0xf7, 0x9b, 0xdd, 0x9d }, + }, + { + .auth_key_length = AES192_KEY_LEN, + .auth_key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, + 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, + 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 12, + .digest = { 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90, + 0x06, 0x62, 0xf6, 0x5e }, + }, + { + .auth_key_length = AES256_KEY_LEN, + .auth_key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, + 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, + 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, + 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 12, + .digest = { 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82, + 0xbd, 0x4b, 0xf2, 0x8d }, + } +}; + /* * Test vector from RFC 7539, sections 2.8.2, A.5: * https://tools.ietf.org/html/rfc7539#section-2.8.2 From patchwork Sat Jan 27 06:00:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126041 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp843709ljd; Fri, 26 Jan 2018 22:08:10 -0800 (PST) X-Google-Smtp-Source: AH8x224S2CpnighKJG0dFg1+O/6vIT4Q6lhkVFl/icN03lgWuBM09KZUDrZ+YjETlVWspNblsP0e X-Received: by 10.55.75.151 with SMTP id y145mr25076921qka.281.1517033290277; Fri, 26 Jan 2018 22:08:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033290; cv=none; d=google.com; s=arc-20160816; b=cIwBcTazjk+YS105FNSiMUUouSLnCQGZ5tl+CVeNVkhT4x6QHdRw2vz3RbOttzNgqR HmvmykvRZ2XvhHJvSQULwFCalUNjjhLL7K70erGUFxP5BaCYKm3qa7iBfdm/h1Rjmwh6 I0xUnmPrU21HKFwX6AqMki7KchuoBHCOlyV0KZVanxH/GhhOgR2fLNgX3gwQTeCaBCgx lxRUf9IKjPr1mKoT7EW2eZcCmN0s5YiqTlqRKGEGkd5M95cZ/O7o1M7v5EWubcvoDUkh kXpfO5Gxxo+SDNF8HW4Sjf+ZCkcisFO9yd91QF5gHcXVumzrxRVfLrVPoPj+sB2F991a jvvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=fBCh5XlBE5RLUqjpj6oDz4pdaoq2SoWHfsz7Vgv5wsI=; b=O02o4hS9Kmd0HzwgeHoKpeWBt+S391aD9fAF6+1eI9TZzTJunih19Lxi0MUBUhv4vx ZezhG7NN61ZhPyILB5yFRCqADgMLrNBgIzCArvkPbZ2iMlYXmev5ihOU+BwUnQxwovE4 5biPBPgl0uIqQS5Tzm0o8q4owyMxHJLTvK2r4857hhHm3ADugEAVXJovX5Hh2JufdGLT 3PrFICqnBYFuW0J8FJAXqr/NBOUPllyEGKJD+ldtlMLRAPm1BlbsNoO/4SfevpyZ5R/Z R5teNGS9c9IlA7icjdm/OQxEjgkdOLRL/snM0aOUO3ticHL2Dfe5varBlraMh9UqL5ti SpzQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id t129si3709759qkd.110.2018.01.26.22.08.10; Fri, 26 Jan 2018 22:08:10 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id EF15D617E1; Sat, 27 Jan 2018 06:08:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id C6869617E8; Sat, 27 Jan 2018 06:01:08 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 8F8AB617BF; Sat, 27 Jan 2018 06:00:30 +0000 (UTC) Received: from forward106j.mail.yandex.net (forward106j.mail.yandex.net [5.45.198.249]) by lists.linaro.org (Postfix) with ESMTPS id 71F436099A for ; Sat, 27 Jan 2018 06:00:21 +0000 (UTC) Received: from mxback6g.mail.yandex.net (mxback6g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:167]) by forward106j.mail.yandex.net (Yandex) with ESMTP id 12B3D1801D40 for ; Sat, 27 Jan 2018 09:00:20 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback6g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id wND1SGe0Kb-0K2CNYMv; Sat, 27 Jan 2018 09:00:20 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0JN0R4NA; Sat, 27 Jan 2018 09:00:19 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:05 +0300 Message-Id: <1517032810-971-12-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 11/16] linux-gen: crypto: support ChaCha20-Poly1305 X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov OpenSSL >= 1.1.0 supports ChaCha20-Poly1305 AEAD cipher, so let's support it in linux-generic. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ platform/linux-generic/odp_crypto.c | 57 +++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index e1d1c84b2..574671e07 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -28,6 +28,12 @@ #include #include +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_POLY1305) +#define _ODP_HAVE_CHACHA20_POLY1305 1 +#else +#define _ODP_HAVE_CHACHA20_POLY1305 0 +#endif + #define MAX_SESSIONS 32 /* @@ -56,6 +62,11 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { {.key_len = 24, .iv_len = 12}, {.key_len = 32, .iv_len = 12} }; +#if _ODP_HAVE_CHACHA20_POLY1305 +static const odp_crypto_cipher_capability_t cipher_capa_chacha20_poly1305[] = { +{.key_len = 32, .iv_len = 12} }; +#endif + /* * Authentication algorithm capabilities * @@ -87,6 +98,11 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, .iv_len = 12 } }; +#if _ODP_HAVE_CHACHA20_POLY1305 +static const odp_crypto_auth_capability_t auth_capa_chacha20_poly1305[] = { +{.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; +#endif + /** Forward declaration of session structure */ typedef struct odp_crypto_generic_session_t odp_crypto_generic_session_t; @@ -773,6 +789,9 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->ciphers.bit.aes_cbc = 1; capa->ciphers.bit.aes_ctr = 1; capa->ciphers.bit.aes_gcm = 1; +#if _ODP_HAVE_CHACHA20_POLY1305 + capa->ciphers.bit.chacha20_poly1305 = 1; +#endif capa->auths.bit.null = 1; capa->auths.bit.md5_hmac = 1; @@ -781,6 +800,9 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.sha512_hmac = 1; capa->auths.bit.aes_gcm = 1; capa->auths.bit.aes_gmac = 1; +#if _ODP_HAVE_CHACHA20_POLY1305 + capa->auths.bit.chacha20_poly1305 = 1; +#endif #if ODP_DEPRECATED_API capa->ciphers.bit.aes128_cbc = 1; @@ -824,6 +846,12 @@ int odp_crypto_cipher_capability(odp_cipher_alg_t cipher, src = cipher_capa_aes_gcm; num = sizeof(cipher_capa_aes_gcm) / size; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + src = cipher_capa_chacha20_poly1305; + num = sizeof(cipher_capa_chacha20_poly1305) / size; + break; +#endif default: return -1; } @@ -872,6 +900,12 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_aes_gmac; num = sizeof(auth_capa_aes_gmac) / size; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_AUTH_ALG_CHACHA20_POLY1305: + src = auth_capa_chacha20_poly1305; + num = sizeof(auth_capa_chacha20_poly1305) / size; + break; +#endif default: return -1; } @@ -993,6 +1027,17 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + /* ChaCha20_Poly1305 requires to do both auth and + * cipher at the same time */ + if (param->auth_alg != ODP_AUTH_ALG_CHACHA20_POLY1305) + rc = -1; + else + rc = process_aes_gcm_param(session, + EVP_chacha20_poly1305()); + break; +#endif default: rc = -1; } @@ -1063,6 +1108,18 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_AUTH_ALG_CHACHA20_POLY1305: + /* ChaCha20_Poly1305 requires to do both auth and + * cipher at the same time */ + if (param->cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305) { + session->auth.func = null_crypto_routine; + rc = 0; + } else { + rc = -1; + } + break; +#endif default: rc = -1; } From patchwork Sat Jan 27 06:00:06 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126045 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp847347ljd; Fri, 26 Jan 2018 22:17:29 -0800 (PST) X-Google-Smtp-Source: AH8x22403fdormS9BvOAd6mTgW8ygOddIu1uYlREQpSPv/vwTXr8eDmCGgCQxwm6/C6o9BdrzyBe X-Received: by 10.200.18.131 with SMTP id y3mr16408441qti.330.1517033849183; Fri, 26 Jan 2018 22:17:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033849; cv=none; d=google.com; s=arc-20160816; b=wXMGGYjlmc6aSTaiiSWAQnfpouzZLRcmMA6yg83Tp8Q6aJ5lM2XXnNWRfYJkVG5Woj RWnKOryuqFyWwQklDPJfIBG3TGmZ4gwzgpP8BFbhXDiqtIde60u4n/beZgikzImNW61s Y5sNynfY70YEEpw1Xfv3gLI2SPw9Fd+CTEVBEv1RHnA6HAGE89Nr6rx9Pv3TUGvb2rSG HM/Bcv7QtZ4JZmo7vmXTWd68lFs2mg7f0WW+AA2n6SvqNHNo65+BcPJNBXfWGYgU1fiU 6Cvw1iQzeCgyzMyc5XMZPDfWwU0OufLYm6BiYCj6TLTX+umIORwUGWLan083F+pSFmNx pjjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=uq3/ngsuOcY6WFGxcLN7V21XcGXlBHpFEG43c4mfyyY=; b=FQL3PjexQe+0for9gJWR40TMfqca2N0Z0ZFc4WaKvEHDB6DIUvUDWMQxwUX7YyhaPB 1GFE/g+9hFVkShmpK8RaGGUkbTpGkxpLFMF4VqRNuw83snXmo1W9cUnqmAayEj/rLLTX b9TnWr+CKETgyo59tcD6EfiQLHkBnTUv0Z0SxMpa87IvNpEWd9kfP3HDb84rHiw0OvR3 zh5bXHDLatmuKGQqNNogr++ZyHVlEtLqWinr5hwwNvtgjjqdcUa7qiX5n6Gj2xE31yzB VFmGFv+BNkaJt69auy2t4e6uQWFX1k23st6tdmDVkmi3vARNHaSRjgvhIidmjoXx9yry DsXw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id 11si2404406qto.249.2018.01.26.22.17.28; Fri, 26 Jan 2018 22:17:29 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id DA435617DF; Sat, 27 Jan 2018 06:17:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 62D3A61835; Sat, 27 Jan 2018 06:02:07 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 3B38D61773; Sat, 27 Jan 2018 06:01:43 +0000 (UTC) Received: from forward103p.mail.yandex.net (forward103p.mail.yandex.net [77.88.28.106]) by lists.linaro.org (Postfix) with ESMTPS id 45FFE61773 for ; Sat, 27 Jan 2018 06:00:22 +0000 (UTC) Received: from mxback9o.mail.yandex.net (mxback9o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::23]) by forward103p.mail.yandex.net (Yandex) with ESMTP id CE6F321849A3 for ; Sat, 27 Jan 2018 09:00:20 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback9o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id BHIt5znZEH-0K30DfIE; Sat, 27 Jan 2018 09:00:20 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0KNCBH6N; Sat, 27 Jan 2018 09:00:20 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:06 +0300 Message-Id: <1517032810-971-13-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 12/16] linux-gen: crypto: provide AES-CCM implementation X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov AES-CCM support in OpenSSL is quite unique: it requires whole data to be passed in single EVP_EncryptUpdate/EVP_DecryptUpdate call. Supporting this requires copying data back-and-forth between packet and temporary buffer. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ platform/linux-generic/odp_crypto.c | 192 ++++++++++++++++++++++++++++++++++++ 1 file changed, 192 insertions(+) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 574671e07..7423864ff 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -62,6 +62,14 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { {.key_len = 24, .iv_len = 12}, {.key_len = 32, .iv_len = 12} }; +static const odp_crypto_cipher_capability_t cipher_capa_aes_ccm[] = { +{.key_len = 16, .iv_len = 11}, +{.key_len = 16, .iv_len = 13}, +{.key_len = 24, .iv_len = 11}, +{.key_len = 24, .iv_len = 13}, +{.key_len = 32, .iv_len = 11}, +{.key_len = 32, .iv_len = 13} }; + #if _ODP_HAVE_CHACHA20_POLY1305 static const odp_crypto_cipher_capability_t cipher_capa_chacha20_poly1305[] = { {.key_len = 32, .iv_len = 12} }; @@ -94,6 +102,9 @@ static const odp_crypto_auth_capability_t auth_capa_sha512_hmac[] = { static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; +static const odp_crypto_auth_capability_t auth_capa_aes_ccm[] = { +{.digest_len = 8, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; + static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, .iv_len = 12 } }; @@ -749,6 +760,153 @@ static int process_aes_gmac_param(odp_crypto_generic_session_t *session, return 0; } +static +odp_crypto_alg_err_t aes_ccm_encrypt(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + EVP_CIPHER_CTX *ctx; + const uint8_t *aad_head = param->aad_ptr; + uint32_t aad_len = session->p.auth_aad_len; + void *iv_ptr; + int dummy_len = 0; + int cipher_len; + uint32_t in_len = param->cipher_range.length; + uint8_t data[in_len]; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret; + + if (param->cipher_iv_ptr) + iv_ptr = param->cipher_iv_ptr; + else if (session->p.cipher_iv.data) + iv_ptr = session->cipher.iv_data; + else + return ODP_CRYPTO_ALG_ERR_IV_INVALID; + + /* Encrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + NULL, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, + session->p.cipher_iv.length, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, + session->p.auth_digest_len, NULL); + EVP_EncryptInit_ex(ctx, NULL, NULL, session->cipher.key_data, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + /* Set len */ + EVP_EncryptUpdate(ctx, NULL, &dummy_len, NULL, in_len); + + /* Authenticate header data (if any) without encrypting them */ + if (aad_len > 0) + EVP_EncryptUpdate(ctx, NULL, &dummy_len, + aad_head, aad_len); + + odp_packet_copy_to_mem(pkt, param->cipher_range.offset, in_len, + data); + + EVP_EncryptUpdate(ctx, data, &cipher_len, data, in_len); + + ret = EVP_EncryptFinal_ex(ctx, data + cipher_len, &dummy_len); + cipher_len += dummy_len; + + odp_packet_copy_from_mem(pkt, param->cipher_range.offset, in_len, + data); + + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, + session->p.auth_digest_len, block); + odp_packet_copy_from_mem(pkt, param->hash_result_offset, + session->p.auth_digest_len, block); + + EVP_CIPHER_CTX_free(ctx); + + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; +} + +static +odp_crypto_alg_err_t aes_ccm_decrypt(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + EVP_CIPHER_CTX *ctx; + const uint8_t *aad_head = param->aad_ptr; + uint32_t aad_len = session->p.auth_aad_len; + void *iv_ptr; + int dummy_len = 0; + int cipher_len; + uint32_t in_len = param->cipher_range.length; + uint8_t data[in_len]; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret; + + if (param->cipher_iv_ptr) + iv_ptr = param->cipher_iv_ptr; + else if (session->p.cipher_iv.data) + iv_ptr = session->cipher.iv_data; + else + return ODP_CRYPTO_ALG_ERR_IV_INVALID; + + /* Decrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + NULL, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, + session->p.cipher_iv.length, NULL); + odp_packet_copy_to_mem(pkt, param->hash_result_offset, + session->p.auth_digest_len, block); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, + session->p.auth_digest_len, block); + EVP_DecryptInit_ex(ctx, NULL, NULL, session->cipher.key_data, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + /* Set len */ + EVP_DecryptUpdate(ctx, NULL, &dummy_len, NULL, in_len); + + /* Authenticate header data (if any) without encrypting them */ + if (aad_len > 0) + EVP_DecryptUpdate(ctx, NULL, &dummy_len, + aad_head, aad_len); + + odp_packet_copy_to_mem(pkt, param->cipher_range.offset, in_len, + data); + + ret = EVP_DecryptUpdate(ctx, data, &cipher_len, data, in_len); + + EVP_DecryptFinal_ex(ctx, data + cipher_len, &dummy_len); + cipher_len += dummy_len; + + odp_packet_copy_from_mem(pkt, param->cipher_range.offset, in_len, + data); + + EVP_CIPHER_CTX_free(ctx); + + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : + ODP_CRYPTO_ALG_ERR_NONE; +} + +static int process_aes_ccm_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) +{ + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.cipher_key.length) + return -1; + + memcpy(session->cipher.key_data, session->p.cipher_key.data, + session->p.cipher_key.length); + + session->cipher.evp_cipher = cipher; + + /* Set function */ + if (ODP_CRYPTO_OP_ENCODE == session->p.op) + session->cipher.func = aes_ccm_encrypt; + else + session->cipher.func = aes_ccm_decrypt; + + return 0; +} + static int process_auth_param(odp_crypto_generic_session_t *session, uint32_t key_length, const EVP_MD *evp_md) @@ -789,6 +947,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->ciphers.bit.aes_cbc = 1; capa->ciphers.bit.aes_ctr = 1; capa->ciphers.bit.aes_gcm = 1; + capa->ciphers.bit.aes_ccm = 1; #if _ODP_HAVE_CHACHA20_POLY1305 capa->ciphers.bit.chacha20_poly1305 = 1; #endif @@ -799,6 +958,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.sha256_hmac = 1; capa->auths.bit.sha512_hmac = 1; capa->auths.bit.aes_gcm = 1; + capa->auths.bit.aes_ccm = 1; capa->auths.bit.aes_gmac = 1; #if _ODP_HAVE_CHACHA20_POLY1305 capa->auths.bit.chacha20_poly1305 = 1; @@ -846,6 +1006,10 @@ int odp_crypto_cipher_capability(odp_cipher_alg_t cipher, src = cipher_capa_aes_gcm; num = sizeof(cipher_capa_aes_gcm) / size; break; + case ODP_CIPHER_ALG_AES_CCM: + src = cipher_capa_aes_ccm; + num = sizeof(cipher_capa_aes_ccm) / size; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_CIPHER_ALG_CHACHA20_POLY1305: src = cipher_capa_chacha20_poly1305; @@ -900,6 +1064,10 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_aes_gmac; num = sizeof(auth_capa_aes_gmac) / size; break; + case ODP_AUTH_ALG_AES_CCM: + src = auth_capa_aes_ccm; + num = sizeof(auth_capa_aes_ccm) / size; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_AUTH_ALG_CHACHA20_POLY1305: src = auth_capa_chacha20_poly1305; @@ -1027,6 +1195,20 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; + case ODP_CIPHER_ALG_AES_CCM: + /* AES-CCM requires to do both auth and + * cipher at the same time */ + if (param->auth_alg != ODP_AUTH_ALG_AES_CCM) + rc = -1; + else if (param->cipher_key.length == 16) + rc = process_aes_ccm_param(session, EVP_aes_128_ccm()); + else if (param->cipher_key.length == 24) + rc = process_aes_ccm_param(session, EVP_aes_192_ccm()); + else if (param->cipher_key.length == 32) + rc = process_aes_ccm_param(session, EVP_aes_256_ccm()); + else + rc = -1; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_CIPHER_ALG_CHACHA20_POLY1305: /* ChaCha20_Poly1305 requires to do both auth and @@ -1108,6 +1290,16 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; + case ODP_AUTH_ALG_AES_CCM: + /* AES-CCM requires to do both auth and + * cipher at the same time */ + if (param->cipher_alg == ODP_CIPHER_ALG_AES_CCM) { + session->auth.func = null_crypto_routine; + rc = 0; + } else { + rc = -1; + } + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_AUTH_ALG_CHACHA20_POLY1305: /* ChaCha20_Poly1305 requires to do both auth and From patchwork Sat Jan 27 06:00:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126043 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp846895ljd; Fri, 26 Jan 2018 22:16:19 -0800 (PST) X-Google-Smtp-Source: AH8x226gCyLXM6qMsugR+adXLvxq6iyerYcLn+lEzPnUooBqkyMTH1vMOsdgx3t9NKq0Vpeetbs3 X-Received: by 10.237.33.164 with SMTP id l33mr27965624qtc.100.1517033779383; Fri, 26 Jan 2018 22:16:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033779; cv=none; d=google.com; s=arc-20160816; b=ncaIUYSw+rdJV9LJEmJLofnRIAMAgGzhlWAA+rd/guQ/09uP/c5gJb2t57UgukDZpi GSyYHC36UuKgykgEX1qcWH9ox8P7fOQ8GhuqYn/XZ2FSGHRVrGVaPIva+kHhdON4IadI HrcRsXWA5Fbgr2dUoY3nfmpYr4NW9Gsyh8EJOg1elCw9g2CQDeai7DIt4feO8m+spJZP ZNXFUylch/i60UrPEqESrt9xmlYlXdxBAdxxEJyjqd8+3LUJXR6FMor2v7jI9fXENWaX 9/gVlXStFtZKSjo6BXujNc38ydrV/XE1IQGVmo2GS+Yh0WOhZo8x9zt/Rm8HeO8kB7Ul jmUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=Jcp828XckWz2SJGDrsdCHifuC1K52o/Z5kyGIx15oVU=; b=ToyfSldsWO2VEf8oq50TErpc5MAwcocxCoV08zpmnpEMU+hH64NmiQSWRpiL3KiMLi XcQCW/uPJVLfNIY2/jzVhVsqYJ7Hlx0oHvrDyLFWW3RO2Ch71oK8jZuYAjaKtPIR8eYk LrWdpQ6teq8FHyz5jdwAPUGUT6xD/1DWnVh5F0hEwdBbJcHy3aIW5ZtU2lwJiUZIFcRQ 170vDqThLykUH2J+dF5LJqeUk+hi0DcnpHXASVZ+xHC/SeWNUmdu5Mw/yXJ/F3O4f8Fr gVRG+4LdWBAWZEOtsb9ryxTdUST5OKEHNiH6UVM2PgBx6gkuZPh93syc5A4e1YWFti+0 uvdA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id e20si9553192qta.444.2018.01.26.22.16.19; Fri, 26 Jan 2018 22:16:19 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 0982E617AD; Sat, 27 Jan 2018 06:16:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id A8B59617F8; Sat, 27 Jan 2018 06:01:56 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id CFD0B61796; Sat, 27 Jan 2018 06:01:40 +0000 (UTC) Received: from forward102j.mail.yandex.net (forward102j.mail.yandex.net [5.45.198.243]) by lists.linaro.org (Postfix) with ESMTPS id 1060161796 for ; Sat, 27 Jan 2018 06:00:23 +0000 (UTC) Received: from mxback12g.mail.yandex.net (mxback12g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:91]) by forward102j.mail.yandex.net (Yandex) with ESMTP id CA41A5602C32 for ; Sat, 27 Jan 2018 09:00:21 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback12g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id dxPZW8KmuW-0LnWnQbd; Sat, 27 Jan 2018 09:00:21 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0KNmXlDC; Sat, 27 Jan 2018 09:00:21 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:07 +0300 Message-Id: <1517032810-971-14-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 13/16] linux-gen: crypto: rename auth functions X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Point that current authentication functions use HMAC by including hmac in their names. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ platform/linux-generic/odp_crypto.c | 84 +++++++++++++++---------------------- 1 file changed, 34 insertions(+), 50 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 7423864ff..fb2ebbd9a 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -148,8 +148,6 @@ struct odp_crypto_generic_session_t { struct { uint8_t key[EVP_MAX_KEY_LENGTH]; uint8_t iv_data[EVP_MAX_IV_LENGTH]; - uint32_t key_length; - uint32_t bytes; union { const EVP_MD *evp_md; const EVP_CIPHER *evp_cipher; @@ -202,13 +200,30 @@ null_crypto_routine(odp_packet_t pkt ODP_UNUSED, return ODP_CRYPTO_ALG_ERR_NONE; } +/* Mimic new OpenSSL 1.1.y API */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L +static HMAC_CTX *HMAC_CTX_new(void) +{ + HMAC_CTX *ctx = malloc(sizeof(*ctx)); + + HMAC_CTX_init(ctx); + return ctx; +} + +static void HMAC_CTX_free(HMAC_CTX *ctx) +{ + HMAC_CTX_cleanup(ctx); + free(ctx); +} +#endif + static -void packet_hmac_calculate(HMAC_CTX *ctx, - odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) +void packet_hmac(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session, + uint8_t *hash) { + HMAC_CTX *ctx = HMAC_CTX_new(); uint32_t offset = param->auth_range.offset; uint32_t len = param->auth_range.length; @@ -216,7 +231,7 @@ void packet_hmac_calculate(HMAC_CTX *ctx, HMAC_Init_ex(ctx, session->auth.key, - session->auth.key_length, + session->p.auth_key.length, session->auth.evp_md, NULL); @@ -231,40 +246,11 @@ void packet_hmac_calculate(HMAC_CTX *ctx, } HMAC_Final(ctx, hash, NULL); -} - -#if OPENSSL_VERSION_NUMBER < 0x10100000L -static -void packet_hmac(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) -{ - HMAC_CTX ctx; - - /* Hash it */ - HMAC_CTX_init(&ctx); - packet_hmac_calculate(&ctx, pkt, param, session, hash); - HMAC_CTX_cleanup(&ctx); -} -#else -static -void packet_hmac(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) -{ - HMAC_CTX *ctx; - - /* Hash it */ - ctx = HMAC_CTX_new(); - packet_hmac_calculate(ctx, pkt, param, session, hash); HMAC_CTX_free(ctx); } -#endif static -odp_crypto_alg_err_t auth_gen(odp_packet_t pkt, +odp_crypto_alg_err_t auth_hmac_gen(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { @@ -283,7 +269,7 @@ odp_crypto_alg_err_t auth_gen(odp_packet_t pkt, } static -odp_crypto_alg_err_t auth_check(odp_packet_t pkt, +odp_crypto_alg_err_t auth_hmac_check(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { @@ -907,15 +893,14 @@ static int process_aes_ccm_param(odp_crypto_generic_session_t *session, return 0; } -static int process_auth_param(odp_crypto_generic_session_t *session, - uint32_t key_length, - const EVP_MD *evp_md) +static int process_auth_hmac_param(odp_crypto_generic_session_t *session, + const EVP_MD *evp_md) { /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->auth.func = auth_gen; + session->auth.func = auth_hmac_gen; else - session->auth.func = auth_check; + session->auth.func = auth_hmac_check; session->auth.evp_md = evp_md; @@ -924,9 +909,8 @@ static int process_auth_param(odp_crypto_generic_session_t *session, return -1; /* Convert keys */ - session->auth.key_length = key_length; memcpy(session->auth.key, session->p.auth_key.data, - session->auth.key_length); + session->p.auth_key.length); return 0; } @@ -1245,10 +1229,10 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, #endif /* Fallthrough */ case ODP_AUTH_ALG_MD5_HMAC: - rc = process_auth_param(session, 16, EVP_md5()); + rc = process_auth_hmac_param(session, EVP_md5()); break; case ODP_AUTH_ALG_SHA1_HMAC: - rc = process_auth_param(session, 20, EVP_sha1()); + rc = process_auth_hmac_param(session, EVP_sha1()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_SHA256_128: @@ -1257,10 +1241,10 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, #endif /* Fallthrough */ case ODP_AUTH_ALG_SHA256_HMAC: - rc = process_auth_param(session, 32, EVP_sha256()); + rc = process_auth_hmac_param(session, EVP_sha256()); break; case ODP_AUTH_ALG_SHA512_HMAC: - rc = process_auth_param(session, 64, EVP_sha512()); + rc = process_auth_hmac_param(session, EVP_sha512()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: From patchwork Sat Jan 27 06:00:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126046 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp848011ljd; Fri, 26 Jan 2018 22:19:07 -0800 (PST) X-Google-Smtp-Source: AH8x226rFkCCFqpucNvYGxAeSUayDPj6FVxILNLSjlH0amT8wRm0FciO86EnRC4FzhSZWcTxkveH X-Received: by 10.55.126.5 with SMTP id z5mr25366616qkc.122.1517033947168; Fri, 26 Jan 2018 22:19:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033947; cv=none; d=google.com; s=arc-20160816; b=Ji5kVsAteFRqHi6SixlSoZAq4AyFzQT/3iN/HuWE9p8uZwrgYjjWX57JM0ssNNoNyW Mj7ijha8QVXlLHXV+BY88mcjE/LV2BMXTMA+U0MKIreZGB70F9FvCWwHx2M5aNi+SU/g DWiq44jrdqUyumxA1x4YyCUIj0eYFwnE/NKhNvZSazP8sNrxQSehhVlsi4dqmyw8wjeW ysBXBrdzgNFU+2HUIniwrN9hT1P2ThV5DMrNVJoZqDYNbSPyk/Wlk8bt5eTCt/qxMHko BsoeshH4ExgOcfxeXZ+pcokoo6wJBSYXpmXWHmoKXmY7di6sIWsT0AzRtqx2EFB7Va55 +vKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=ubYs9+EHdvxQ+3nimpmHhlfHAMGmcUc8Q9k3ibiTRgs=; b=nBVaRqYzcHAalaqJNDqG+UjAAFqfruGYzfr6BLiu1CQM5MfWTDPUcPBLMppDvXzN98 ocu11vxP/4DciS+L/FPhgNnkntcUNOvmDjM8nmxPkifLvriMuK0qNKLhOxSVwCBE0ZzL sGxDRlmbJyPvpHl1tLKsBQkUb5XCm1RacGXaDK8bOOckVHCgANo3wdYNoMoTdEFPaWAl 2UG1ohfScTJ/JJdgBUoYbonqC3wlnWA8vF1ccY8yUeOtLmnz0UwBeZZvGm/rJticO9T/ geMDqQ8hxE3YcD+UvRBfc9VPEUIKp6gBYWJuSMAIMar6i8M6Wn2CZglfMXKSXR+kYj/f 6Hmg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id g24si9375772qte.120.2018.01.26.22.19.06; Fri, 26 Jan 2018 22:19:07 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id C79F6617E7; Sat, 27 Jan 2018 06:19:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id BA3BA619C3; Sat, 27 Jan 2018 06:02:11 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 9730061773; Sat, 27 Jan 2018 06:01:43 +0000 (UTC) Received: from forward101p.mail.yandex.net (forward101p.mail.yandex.net [77.88.28.101]) by lists.linaro.org (Postfix) with ESMTPS id AB38B616F4 for ; Sat, 27 Jan 2018 06:00:23 +0000 (UTC) Received: from mxback16j.mail.yandex.net (mxback16j.mail.yandex.net [IPv6:2a02:6b8:0:1619::92]) by forward101p.mail.yandex.net (Yandex) with ESMTP id 7DE806A84643 for ; Sat, 27 Jan 2018 09:00:22 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback16j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id SkdHoQOGhz-0MsCdu20; Sat, 27 Jan 2018 09:00:22 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0LNOJmn9; Sat, 27 Jan 2018 09:00:21 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:08 +0300 Message-Id: <1517032810-971-15-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 14/16] linux-gen: crypto: implement AES-CMAC X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ platform/linux-generic/odp_crypto.c | 134 ++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index fb2ebbd9a..ec9b042a1 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -26,6 +26,7 @@ #include #include +#include #include #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_POLY1305) @@ -109,6 +110,14 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, .iv_len = 12 } }; +static const odp_crypto_auth_capability_t auth_capa_aes_cmac[] = { +{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 12, .key_len = 24, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 24, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 12, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; + #if _ODP_HAVE_CHACHA20_POLY1305 static const odp_crypto_auth_capability_t auth_capa_chacha20_poly1305[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; @@ -295,6 +304,85 @@ odp_crypto_alg_err_t auth_hmac_check(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_NONE; } +static +void packet_cmac(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session, + uint8_t *hash) +{ + CMAC_CTX *ctx = CMAC_CTX_new(); + uint32_t offset = param->auth_range.offset; + uint32_t len = param->auth_range.length; + size_t outlen; + + ODP_ASSERT(offset + len <= odp_packet_len(pkt)); + + CMAC_Init(ctx, + session->auth.key, + session->p.auth_key.length, + session->auth.evp_cipher, + NULL); + + while (len > 0) { + uint32_t seglen = 0; /* GCC */ + void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL); + uint32_t maclen = len > seglen ? seglen : len; + + CMAC_Update(ctx, mapaddr, maclen); + offset += maclen; + len -= maclen; + } + + CMAC_Final(ctx, hash, &outlen); + CMAC_CTX_free(ctx); +} + +static +odp_crypto_alg_err_t auth_cmac_gen(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + uint8_t hash[EVP_MAX_MD_SIZE]; + + /* Hash it */ + packet_cmac(pkt, param, session, hash); + + /* Copy to the output location */ + odp_packet_copy_from_mem(pkt, + param->hash_result_offset, + session->p.auth_digest_len, + hash); + + return ODP_CRYPTO_ALG_ERR_NONE; +} + +static +odp_crypto_alg_err_t auth_cmac_check(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + uint32_t bytes = session->p.auth_digest_len; + uint8_t hash_in[EVP_MAX_MD_SIZE]; + uint8_t hash_out[EVP_MAX_MD_SIZE]; + + /* Copy current value out and clear it before authentication */ + odp_packet_copy_to_mem(pkt, param->hash_result_offset, + bytes, hash_in); + + _odp_packet_set_data(pkt, param->hash_result_offset, + 0, bytes); + + /* Hash it */ + packet_cmac(pkt, param, session, hash_out); + + /* Verify match */ + if (0 != memcmp(hash_in, hash_out, bytes)) + return ODP_CRYPTO_ALG_ERR_ICV_CHECK; + + /* Matched */ + return ODP_CRYPTO_ALG_ERR_NONE; +} + static int internal_aad(EVP_CIPHER_CTX *ctx, odp_packet_t pkt, @@ -915,6 +1003,34 @@ static int process_auth_hmac_param(odp_crypto_generic_session_t *session, return 0; } +static int process_auth_cmac_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) +{ + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.auth_key.length) + return -1; + + /* Set function */ + if (ODP_CRYPTO_OP_ENCODE == session->p.op) + session->auth.func = auth_cmac_gen; + else + session->auth.func = auth_cmac_check; + + session->auth.evp_cipher = cipher; + + /* Number of valid bytes */ + if (session->p.auth_digest_len < + (unsigned)EVP_CIPHER_block_size(cipher) / 2) + return -1; + + /* Convert keys */ + memcpy(session->auth.key, session->p.auth_key.data, + session->p.auth_key.length); + + return 0; +} + int odp_crypto_capability(odp_crypto_capability_t *capa) { if (NULL == capa) @@ -944,6 +1060,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.aes_gcm = 1; capa->auths.bit.aes_ccm = 1; capa->auths.bit.aes_gmac = 1; + capa->auths.bit.aes_cmac = 1; #if _ODP_HAVE_CHACHA20_POLY1305 capa->auths.bit.chacha20_poly1305 = 1; #endif @@ -1052,6 +1169,10 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_aes_ccm; num = sizeof(auth_capa_aes_ccm) / size; break; + case ODP_AUTH_ALG_AES_CMAC: + src = auth_capa_aes_cmac; + num = sizeof(auth_capa_aes_cmac) / size; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_AUTH_ALG_CHACHA20_POLY1305: src = auth_capa_chacha20_poly1305; @@ -1284,6 +1405,19 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, rc = -1; } break; + case ODP_AUTH_ALG_AES_CMAC: + if (param->auth_key.length == 16) + rc = process_auth_cmac_param(session, + EVP_aes_128_cbc()); + else if (param->auth_key.length == 24) + rc = process_auth_cmac_param(session, + EVP_aes_192_cbc()); + else if (param->auth_key.length == 32) + rc = process_auth_cmac_param(session, + EVP_aes_256_cbc()); + else + rc = -1; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_AUTH_ALG_CHACHA20_POLY1305: /* ChaCha20_Poly1305 requires to do both auth and From patchwork Sat Jan 27 06:00:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126048 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp848342ljd; Fri, 26 Jan 2018 22:19:56 -0800 (PST) X-Google-Smtp-Source: AH8x224BLN/Ts7uem/L8t+HRb6S09y2IEE1nlt9a+xl/cJdy6whLEsHZKcp78qnwcCAHjX2y31rY X-Received: by 10.55.99.143 with SMTP id x137mr23756765qkb.90.1517033996048; Fri, 26 Jan 2018 22:19:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033996; cv=none; d=google.com; s=arc-20160816; b=KZB9JG9ic0PpjchkudqxDYVb+2HC5O2p6b2yajso5j0GlpuDEVzYGms7LOpp7OK9LC MqCXUY+cQW7X/GXJhRZlKS8Uyg0q2ukz4NY/qAZT15bKVBog2wG23lF/7maVWYRqVwTG XayoW1WFjgrDVIJBaMsUn8uu/OAN0T2ZOb9E7GD98ov4EzypnEzlylnIdkOYcZ5hbclm ONMg1SYHLtqsIAAI2TQYX5yh7myHo/598gC8s7GSFrSHoEUYaLF6xioR8k9qBQUim2v2 RTe2nfN0zv5n9Po7JxxlJIYAX9NASQWtI6jLEEallVwAMpcEsFJdJ7TmU/v0hoTpwJdg 1IPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=dr7AfSw6zjC327vcteQ1oUrwXJuS4+KHRUSArho0qS8=; b=qDjrBObUshbOno2J9RCt34QaOS2iLfUcaFak82mx/AERZuzDG/GZnoJTRNB72G38Zn I5ZmdYQK2dTnboQV/kGmOuZ2eqXtGbj3QF4aB2ANaDjNLDXtxKABqBR30XZNOKG7hhsR vkDFAaPEBVkhp4WKWpjfXlUsUlyTfbnJGiV8Ujqc8sd4Co00pmVymcb62pBT7I8ufdNV 50/9Of0O4i40dyLbhBXSyFuU9VpXJ7FdK6GL8l1wKApT/mbP/Mh4A1pPNk3RYCNU6NmO XR71DLBEDK/m3HYc5m260blTkXPDdK8VwiAXidhbpq1i75qhLjoQPEygOEV4JxwqWIaK dkBA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id k2si4071030qtf.40.2018.01.26.22.19.55; Fri, 26 Jan 2018 22:19:56 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id B6BD0617EB; Sat, 27 Jan 2018 06:19:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 51332619C7; Sat, 27 Jan 2018 06:02:21 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 10CA56175B; Sat, 27 Jan 2018 06:01:48 +0000 (UTC) Received: from forward103j.mail.yandex.net (forward103j.mail.yandex.net [5.45.198.246]) by lists.linaro.org (Postfix) with ESMTPS id BF52C60834 for ; Sat, 27 Jan 2018 06:00:24 +0000 (UTC) Received: from mxback2g.mail.yandex.net (mxback2g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:163]) by forward103j.mail.yandex.net (Yandex) with ESMTP id 348CB34C1C1E for ; Sat, 27 Jan 2018 09:00:23 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback2g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id BNA5eFpR61-0NdeiEX2; Sat, 27 Jan 2018 09:00:23 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0MNmTmRf; Sat, 27 Jan 2018 09:00:22 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:09 +0300 Message-Id: <1517032810-971-16-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 15/16] validation: ipsec: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ test/validation/api/ipsec/ipsec.c | 14 +++++++ test/validation/api/ipsec/ipsec.h | 1 + test/validation/api/ipsec/ipsec_test_in.c | 33 +++++++++++++++ test/validation/api/ipsec/ipsec_test_out.c | 44 ++++++++++++++++++++ test/validation/api/ipsec/test_vectors.h | 66 ++++++++++++++++++++++++++++++ 5 files changed, 158 insertions(+) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 5d3112a27..31bd557fe 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -177,6 +177,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capa.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -212,6 +216,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capa.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -313,6 +321,12 @@ int ipsec_check_esp_null_aes_gmac_128(void) ODP_AUTH_ALG_AES_GMAC, 128); } +int ipsec_check_esp_chacha20_poly1305(void) +{ + return ipsec_check_esp(ODP_CIPHER_ALG_CHACHA20_POLY1305, 256, + ODP_AUTH_ALG_CHACHA20_POLY1305, 0); +} + void ipsec_sa_param_fill(odp_ipsec_sa_param_t *param, odp_bool_t in, odp_bool_t ah, diff --git a/test/validation/api/ipsec/ipsec.h b/test/validation/api/ipsec/ipsec.h index 31ebed789..7ba9ef10e 100644 --- a/test/validation/api/ipsec/ipsec.h +++ b/test/validation/api/ipsec/ipsec.h @@ -91,5 +91,6 @@ int ipsec_check_esp_aes_gcm_128(void); int ipsec_check_esp_aes_gcm_256(void); int ipsec_check_ah_aes_gmac_128(void); int ipsec_check_esp_null_aes_gmac_128(void); +int ipsec_check_esp_chacha20_poly1305(void); #endif diff --git a/test/validation/api/ipsec/ipsec_test_in.c b/test/validation/api/ipsec/ipsec_test_in.c index 8a82abe49..8138defb5 100644 --- a/test/validation/api/ipsec/ipsec_test_in.c +++ b/test/validation/api/ipsec/ipsec_test_in.c @@ -1136,6 +1136,37 @@ static void test_in_ipv4_mcgrew_gcm_15_esp(void) ipsec_sa_destroy(sa); } +static void test_in_ipv4_rfc7634_chacha(void) +{ + odp_ipsec_tunnel_param_t tunnel = {}; + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + + ipsec_sa_param_fill(¶m, + true, false, 0x01020304, &tunnel, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_rfc7634_esp, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_rfc7634}, + }, + }; + + ipsec_check_in_one(&test, sa); + + ipsec_sa_destroy(sa); +} + static void test_in_ipv4_ah_aes_gmac_128(void) { odp_ipsec_sa_param_t param; @@ -1474,6 +1505,8 @@ odp_testinfo_t ipsec_in_suite[] = { #endif ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_mcgrew_gcm_15_esp, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_rfc7634_chacha, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256_tun_ipv4, diff --git a/test/validation/api/ipsec/ipsec_test_out.c b/test/validation/api/ipsec/ipsec_test_out.c index 971fbbf8d..0f49c7e1f 100644 --- a/test/validation/api/ipsec/ipsec_test_out.c +++ b/test/validation/api/ipsec/ipsec_test_out.c @@ -500,6 +500,48 @@ static void test_out_ipv4_esp_null_aes_gmac_128(void) ipsec_sa_destroy(sa); } +static void test_out_ipv4_esp_chacha20_poly1305(void) +{ + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + odp_ipsec_sa_t sa2; + + ipsec_sa_param_fill(¶m, + false, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_sa_param_fill(¶m, + true, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa2 = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_icmp_0, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_icmp_0 }, + }, + }; + + ipsec_check_out_in_one(&test, sa, sa2); + + ipsec_sa_destroy(sa2); + ipsec_sa_destroy(sa); +} + static void test_out_ipv4_ah_sha256_frag_check(void) { odp_ipsec_sa_param_t param; @@ -978,6 +1020,8 @@ odp_testinfo_t ipsec_out_suite[] = { ipsec_check_ah_aes_gmac_128), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_null_aes_gmac_128, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_chacha20_poly1305, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check_2, diff --git a/test/validation/api/ipsec/test_vectors.h b/test/validation/api/ipsec/test_vectors.h index 4732d6ca5..f14fdb2b3 100644 --- a/test/validation/api/ipsec/test_vectors.h +++ b/test/validation/api/ipsec/test_vectors.h @@ -48,6 +48,11 @@ KEY(key_mcgrew_gcm_salt_12, 0xd9, 0x66, 0x42, 0x67); KEY(key_mcgrew_gcm_15, 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34); KEY(key_mcgrew_gcm_salt_15, 0x22, 0x43, 0x3c, 0x64); +KEY(key_rfc7634, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f); +KEY(key_rfc7634_salt, 0xa0, 0xa1, 0xa2, 0xa3); static const ODP_UNUSED ipsec_test_packet pkt_ipv4_icmp_0 = { .len = 142, @@ -1730,6 +1735,67 @@ static const ipsec_test_packet pkt_mcgrew_gcm_test_15_esp = { }, }; +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634 = { + .len = 98, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x54, 0xa6, 0xf2, 0x00, 0x00, + 0x40, 0x01, 0xe7, 0x78, 0xc6, 0x33, 0x64, 0x05, + 0xc0, 0x00, 0x02, 0x05, + + /* ICMP */ + 0x08, 0x00, 0x5b, 0x7a, 0x3a, 0x08, 0x00, 0x00, + 0x55, 0x3b, 0xec, 0x10, 0x00, 0x07, 0x36, 0x27, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, +}; + +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634_esp = { + .len = 154, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x8c, 0x23, 0x45, 0x00, 0x00, + 0x40, 0x32, 0xde, 0x5b, 0xcb, 0x00, 0x71, 0x99, + 0xcb, 0x00, 0x71, 0x05, + + /* ESP */ + 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x05, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x24, 0x03, 0x94, 0x28, 0xb9, 0x7f, 0x41, 0x7e, + 0x3c, 0x13, 0x75, 0x3a, 0x4f, 0x05, 0x08, 0x7b, + 0x67, 0xc3, 0x52, 0xe6, 0xa7, 0xfa, 0xb1, 0xb9, + 0x82, 0xd4, 0x66, 0xef, 0x40, 0x7a, 0xe5, 0xc6, + 0x14, 0xee, 0x80, 0x99, 0xd5, 0x28, 0x44, 0xeb, + 0x61, 0xaa, 0x95, 0xdf, 0xab, 0x4c, 0x02, 0xf7, + 0x2a, 0xa7, 0x1e, 0x7c, 0x4c, 0x4f, 0x64, 0xc9, + 0xbe, 0xfe, 0x2f, 0xac, 0xc6, 0x38, 0xe8, 0xf3, + 0xcb, 0xec, 0x16, 0x3f, 0xac, 0x46, 0x9b, 0x50, + 0x27, 0x73, 0xf6, 0xfb, 0x94, 0xe6, 0x64, 0xda, + 0x91, 0x65, 0xb8, 0x28, 0x29, 0xf6, 0x41, 0xe0, + 0x76, 0xaa, 0xa8, 0x26, 0x6b, 0x7f, 0xb0, 0xf7, + 0xb1, 0x1b, 0x36, 0x99, 0x07, 0xe1, 0xad, 0x43, + }, +}; + static const ODP_UNUSED ipsec_test_packet pkt_ipv6_icmp_0_esp_udp_null_sha256_1 = { .len = 206, From patchwork Sat Jan 27 06:00:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126047 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp848036ljd; Fri, 26 Jan 2018 22:19:10 -0800 (PST) X-Google-Smtp-Source: AH8x226w8QDp5oD4RxdSB5M1edDQYDykIdDy+ytX7RXV4Swf/3QU9GsvIlhX++sKymxYI3g3sjZd X-Received: by 10.55.214.130 with SMTP id p2mr24397635qkl.248.1517033950703; Fri, 26 Jan 2018 22:19:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517033950; cv=none; d=google.com; s=arc-20160816; b=PcGoLxwLcZ/RcAUFjGrNIBzM2TcmBA2dndAeQoKkwJ81J7AjZhL6EsuMj5pbW5SB7m a+tgLDUHp7tinbt7cIHUYSefk1+llUl85XAw4v3niqTlKvRXvbkY01D3hGHWFo4KNJMx 052kJqQZboXhxPer/DlI6cwba73Za6nnialaHPv2HGT7FXitmVMKwORTnJquYmWsV7B2 WhpgvkK+tNja5lrrAKhvo8VBJm8XL1c70Q3n2lcttdLa7OXgwVJGGnEkqihWzV4giLLj IEYC97EOjHRtTZ8J/n3bklY4YXdoJ/orU/+Ege4tTTdX7GiAr3V7awVw2W25usGYpvQE KPuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=Hm6+yH54vvG4g50seIOKt3t1At7Xw9A4IWu6iayjqNI=; b=vwhKgWRrmGwUpKlnvV8u7TuIo4KEfh5nvg813ShkdV3qDC1nGn5DO0shG8AFW9chVJ yuxg+T9lRq1Hk83mapn0ADCF1FtSKG2500/q+GjObj/4SzfU/NT2PeofTars62lyk5TX ahPwkViX+F+hJNa4qD25Iyz7YSSO0rQQ4MVBEH9gP2T1hhc6reXv2SJXshHFLvpQNAGe 1sF21vLne1aiqwl+57WP+HgDU1RbTBrXISaWO/36rcPUBTPR6lytJwsgHnxStTxUq/xX xom2WJMs6nGY4mgq+2Vxg1Qzw1Agmzg/lI5UBpQTZZ3tFIqeVtJt4utv9PHrSH5nhIou ka4g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id r69si6218983qke.466.2018.01.26.22.19.10; Fri, 26 Jan 2018 22:19:10 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 5E73F617E8; Sat, 27 Jan 2018 06:19:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 092EE619C9; Sat, 27 Jan 2018 06:02:17 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 502466175B; Sat, 27 Jan 2018 06:01:47 +0000 (UTC) Received: from forward100o.mail.yandex.net (forward100o.mail.yandex.net [37.140.190.180]) by lists.linaro.org (Postfix) with ESMTPS id 28336617AD for ; Sat, 27 Jan 2018 06:00:25 +0000 (UTC) Received: from mxback10g.mail.yandex.net (mxback10g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:171]) by forward100o.mail.yandex.net (Yandex) with ESMTP id D7D3C2A22A58 for ; Sat, 27 Jan 2018 09:00:23 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback10g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id JotWF25jJN-0Npa1FWf; Sat, 27 Jan 2018 09:00:23 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id JSKreAboNf-0NNmbh0e; Sat, 27 Jan 2018 09:00:23 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sat, 27 Jan 2018 09:00:10 +0300 Message-Id: <1517032810-971-17-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517032810-971-1-git-send-email-odpbot@yandex.ru> References: <1517032810-971-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v1 16/16] linux-gen: ipsec: support ChaCha20-Poly1305 X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Support IPsec ChaCha20-Poly1305 on top of linux-generic's crypto support. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8cc286211b098976aafc39992f510742cefc7118 **/ platform/linux-generic/odp_ipsec.c | 1 + platform/linux-generic/odp_ipsec_sad.c | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index b6192377e..43d7b9f52 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -112,6 +112,7 @@ int odp_ipsec_auth_capability(odp_auth_alg_t auth, continue; if (ODP_AUTH_ALG_AES_GCM == auth || + ODP_AUTH_ALG_CHACHA20_POLY1305 == auth || ODP_DEPRECATE(ODP_AUTH_ALG_AES128_GCM) == auth) { uint8_t aad_len = 12; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 031adef65..d97735408 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -210,6 +210,8 @@ uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) #endif case ODP_CIPHER_ALG_AES_GCM: return 12; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + return 12; default: return (uint32_t)-1; } @@ -240,6 +242,8 @@ uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) case ODP_AUTH_ALG_AES_GCM: case ODP_AUTH_ALG_AES_GMAC: return 16; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + return 16; default: return (uint32_t)-1; } @@ -392,6 +396,11 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + ipsec_sa->use_counter_iv = 1; + ipsec_sa->esp_iv_len = 8; + ipsec_sa->esp_block_len = 1; + break; default: goto error; } @@ -411,6 +420,9 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_block_len = 16; crypto_param.auth_iv.length = 12; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); + break; default: break; }