From patchwork Sun Jan 28 08:59:54 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126060 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1556137ljd; Sun, 28 Jan 2018 01:01:19 -0800 (PST) X-Google-Smtp-Source: AH8x2265RKsteMq9LV+eOuB26zKAOZCASaoZRHr4L0ZimoR577eSgbebUo9iP//Zd9VVOsiwegO8 X-Received: by 10.200.55.171 with SMTP id d40mr32652150qtc.61.1517130079765; Sun, 28 Jan 2018 01:01:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130079; cv=none; d=google.com; s=arc-20160816; b=M/nJ87HQP14xrSuxaFWc8hAt8JspkhCrCvrexDljGlZuHz/sbozgKsub40pIHYli+y foiT0EgPea8uXwnRDePTXVfHR2v5UXB10WM3+P6EUsJtStti57IixIdcoNH2xVAS19CV Em3oTx/git03PGw8YoZbakjdBtQ5keHgPm6Gd+wQWO3SkSuj6QjxO+9WyT1mE65QDXBC ONZSODRNw/pQuK3jOrk7P7uPmC6Z0DwqGHg8nmIuwkB2VqKOwHzfFhpALXICijWPrnFH GJugRSOqsb52Li9oOeWmwb36Nb21E27hKJJooem3rPb7ldNLQu5tacAnEyqC85wgr2d2 9arg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=0ZG8jRkyzDHt1XAw3O3R2lIrVSdxzQgwh+YfLcKAC7U=; b=XKqnV1DQdLJi3/YXo172G5T0pMq33Pfk2VZM4qmeFhj28BmrG8HBy3lIWxinw6EMOQ kBV2P6qqyPV2vUI8f/bK+qi17wQTkZBe2w1XoyHvRW2O/CD6qRGATiTgosthNIMsrf1r f6fx3a+yN3RutaDg8ioR0K/7nWy9/DZqW4/tZWTjDgHvOtjNqXAiyZdpFuyig8lT4dZO n5lA24TLzBbMDkgyhhVrW7GjvJSRaIR3I9J6ZBtM4iURB67UPgbBnSCkgMI14KjNNA4d K/7aKNzLh3/66AssGVi1CkMEDweiqJ3wvaMQWn5pGqGk/82HwPiTxAHxmquix1tsmqe7 QF1g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id j2si446651qka.303.2018.01.28.01.01.19; Sun, 28 Jan 2018 01:01:19 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 6EDA562777; Sun, 28 Jan 2018 09:01:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 6338761519; Sun, 28 Jan 2018 09:00:27 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 1C64961519; Sun, 28 Jan 2018 09:00:17 +0000 (UTC) Received: from forward100p.mail.yandex.net (forward100p.mail.yandex.net [77.88.28.100]) by lists.linaro.org (Postfix) with ESMTPS id 61B4B61705 for ; Sun, 28 Jan 2018 09:00:13 +0000 (UTC) Received: from mxback2o.mail.yandex.net (mxback2o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1c]) by forward100p.mail.yandex.net (Yandex) with ESMTP id 82B1D510382C for ; Sun, 28 Jan 2018 12:00:11 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback2o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id AJkG6lESOm-0Bv8GA1E; Sun, 28 Jan 2018 12:00:11 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0AXehAks; Sun, 28 Jan 2018 12:00:10 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 11:59:54 +0300 Message-Id: <1517130009-11837-2-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 1/16] api: crypto: clarify special nature of gcm and gmac X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Petri Savolainen Reword specification text to be more clear about special nature of GCM (authenticate encryption in general) and GMAC (cannot be paired with cipher) algorithms. Signed-off-by: Petri Savolainen --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ include/odp/api/spec/crypto.h | 35 ++++++++++++++++++++++------------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 77ea317b8..e4b0e8cef 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -83,9 +83,12 @@ typedef enum { /** AES with counter mode */ ODP_CIPHER_ALG_AES_CTR, - /** AES in Galois/Counter Mode + /** AES-GCM * - * @note Must be paired with cipher ODP_AUTH_ALG_AES_GCM + * AES in Galois/Counter Mode (GCM) algorithm. GCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_AUTH_ALG_AES_GCM authentication. */ ODP_CIPHER_ALG_AES_GCM, @@ -128,23 +131,29 @@ typedef enum { */ ODP_AUTH_ALG_SHA512_HMAC, - /** AES in Galois/Counter Mode + /** AES-GCM * - * @note Must be paired with cipher ODP_CIPHER_ALG_AES_GCM + * AES in Galois/Counter Mode (GCM) algorithm. GCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_CIPHER_ALG_AES_GCM cipher. */ ODP_AUTH_ALG_AES_GCM, - /** AES in Galois/Counter MAC Mode + /** AES-GMAC * - * NIST and RFC specifications of GCM/GMAC refer to all data to be - * authenticated as AAD. In constrast to that, ODP API specifies the - * bulk of authenticated data to be located in packet payload for all - * authentication algorithms, including GMAC. Thus for GMAC application - * should also pass all data to be authenticated as packet data. AAD is - * not used for GMAC. GMAC IV should be passed via session IV or - * per-packet IV override. + * AES Galois Message Authentication Code (GMAC) algorithm. AES-GMAC + * is based on AES-GCM operation, but provides authentication only. + * Hence this algorithm can be paired only with ODP_CIPHER_ALG_NULL + * cipher. * - * @note Must be paired with cipher ODP_CIPHER_ALG_NULL + * NIST and RFC specifications of GMAC refer to all data to be + * authenticated as AAD. In constrast to that, ODP API specifies + * the bulk of authenticated data to be located in packet payload for + * all authentication algorithms. Thus GMAC operation authenticates + * only packet payload and AAD is not used. GMAC needs + * an initialization vector, which can be passed via session (auth_iv) + * or packet (auth_iv_ptr) level parameters. */ ODP_AUTH_ALG_AES_GMAC, From patchwork Sun Jan 28 08:59:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126061 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1556744ljd; Sun, 28 Jan 2018 01:02:10 -0800 (PST) X-Google-Smtp-Source: AH8x226C9zsCQnp8nvVQ+jE5gzdbYW9vSVnF5AWRYq12wH7hrThPowk3pwGYVo5WSC+HSjUKHdcY X-Received: by 10.200.59.65 with SMTP id r1mr32252567qtf.18.1517130130750; Sun, 28 Jan 2018 01:02:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130130; cv=none; d=google.com; s=arc-20160816; b=IsHer41UGAdwkoPs1s+YTCwz1zFfXuPUDx/a96JavZgBBs/aXI0WE3coOj0Qahq3r9 PDkwQ9o8W3PskDGgS9ZtiiqH+W6HoT407fDxSFjyh6rsBr16FhOpJ3msgc7xpSTtJs+6 KbS0sm9xyo2P9xBtxtHB8Ng8FME3iG4IsNthdLEpUNuqSrwTffHqzx0NX1MXlVLFRk+S dsC9kMy6nK/k/DARYgsLmaMKG87hbmF5ifkL373Gekbi5vJ4TXa8j1/7Oz1ZUopszi8k 9DHU3XBDaz+wA6Qh3LbhCGu2qybvGUKvHKHQpmBuOm7eZ48xJ/O74bMbaJsAeG4vmmjy 81Ew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=mGQF/8Q5PgYaR3wk83wyX87DO0RwQlw/JINM4yEIBSE=; b=RV5ktF5y3xbkJgjzpM/Q7UKGvR1OggRZ673LyUJ8rjcsHlaB5ZL/2PDaJm7SY0eONX z8wBQvTpZO8PL5O4Pw/SvQHTm5v5gMeYAnWXTUUWVyTeCf9uoy/IK4+1WhGy7lIW4j/w NdN4Qh5jAt6ZgacEh0AjlKtSv29B3PZ+J+c2Pm+6/MV3DI3u5V9lVLBm0U9zVgSPEOrY ReVJDpzBVlKmTEJRuKgY5T5o78FUdU1+8bFg4jOElIC2i7v7RLvci68+plG7VnUUti7t gpT6Mq1Jml8ZIiy5XWyC5fE2IsFybZjLc8fV953cMZXNme9ewdKOZ0t5qxUvyNCZsN9n XdmQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id s41si309336qts.213.2018.01.28.01.02.10; Sun, 28 Jan 2018 01:02:10 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 5BF2D62795; Sun, 28 Jan 2018 09:02:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id BAB3161705; Sun, 28 Jan 2018 09:00:32 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id E5E6E6176F; Sun, 28 Jan 2018 09:00:16 +0000 (UTC) Received: from forward100o.mail.yandex.net (forward100o.mail.yandex.net [37.140.190.180]) by lists.linaro.org (Postfix) with ESMTPS id 452BD61519 for ; Sun, 28 Jan 2018 09:00:13 +0000 (UTC) Received: from mxback6g.mail.yandex.net (mxback6g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:167]) by forward100o.mail.yandex.net (Yandex) with ESMTP id 0B4902A2260B for ; Sun, 28 Jan 2018 12:00:12 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback6g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id fPVLNzqDG1-0B2mUm3N; Sun, 28 Jan 2018 12:00:11 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0BXGenmd; Sun, 28 Jan 2018 12:00:11 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 11:59:55 +0300 Message-Id: <1517130009-11837-3-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 2/16] api: crypto: add enumeration for AES-CCM X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Petri Savolainen Added enumerations for AES CCM authentication / encryption algorithm. Signed-off-by: Petri Savolainen --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ include/odp/api/spec/crypto.h | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index e4b0e8cef..b8c7b9d80 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -92,6 +92,15 @@ typedef enum { */ ODP_CIPHER_ALG_AES_GCM, + /** AES-CCM + * + * AES in Counter with CBC-MAC (CCM) mode algorithm. CCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_AUTH_ALG_AES_CCM authentication. + */ + ODP_CIPHER_ALG_AES_CCM, + /** @deprecated Use ODP_CIPHER_ALG_AES_CBC instead */ ODP_DEPRECATE(ODP_CIPHER_ALG_AES128_CBC), @@ -157,6 +166,15 @@ typedef enum { */ ODP_AUTH_ALG_AES_GMAC, + /** AES-CCM + * + * AES in Counter with CBC-MAC (CCM) mode algorithm. CCM provides both + * authentication and ciphering of data (authenticated encryption) + * in the same operation. Hence this algorithm must be paired always + * with ODP_CIPHER_ALG_AES_CCM cipher. + */ + ODP_AUTH_ALG_AES_CCM, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96), @@ -192,6 +210,9 @@ typedef union odp_crypto_cipher_algos_t { /** ODP_CIPHER_ALG_AES_GCM */ uint32_t aes_gcm : 1; + /** ODP_CIPHER_ALG_AES_CCM */ + uint32_t aes_ccm : 1; + /** @deprecated Use aes_cbc instead */ uint32_t ODP_DEPRECATE(aes128_cbc) : 1; @@ -234,6 +255,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_GMAC*/ uint32_t aes_gmac : 1; + /** ODP_AUTH_ALG_AES_CCM */ + uint32_t aes_ccm : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1; From patchwork Sun Jan 28 08:59:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126059 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1555652ljd; Sun, 28 Jan 2018 01:00:40 -0800 (PST) X-Google-Smtp-Source: AH8x226jBOisDnYKYQr1Qyr0YVaIHknHkMNPKC94lNWDTSvvnVGMCCWAQzBwMIUzzEUZ62uAHq4s X-Received: by 10.55.192.4 with SMTP id o4mr1161322qki.268.1517130040469; Sun, 28 Jan 2018 01:00:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130040; cv=none; d=google.com; s=arc-20160816; b=olVsC2NEI589jH/H53q2wZgDE/DE+CDc3W1YlbTE2c0sph151Zd/BZXIMoRDYfkFCl mBj/dJDSSOcgIKnl6nW3URP+5veojGN+gumi4gCDsmdnTT5TUFeiVAILLeB0pwjk15cL cAfHr+DXCTfto3TjeNaWHmpjscxzcEvJXDjQEA6tLgP/nj1KL4BToGuyY+ov5MQDwnj8 Sy++Ro2Mg9yDnpYoMu2yLVAlMWflHKDg7yPTIZZDT3oxL7B48CMXF9mKKQ0gyZSslrah 2rgRcMKDVei5cFWkggtBY7n0YnpNIFowuzfmt2fOoVa9Whr7wNMZKnMAcUuGVxN138iC rBzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=GnoPEMptWu/pgmOVFRbUVCaWfh+S2LE1i7uis+HCNKY=; b=zUIRVmmAqxSz/+zD481DmrDwIC7VmUrD1yrdodR9YY2LvtOKwxgunVAX3PM8IDL2O4 AIXUP4tITP1F0n6q5NMGQbRLrS6jGstV8blFoHQlGt3/qD5psBFl2U19IYs6CuN5XjXw bSZEM7vvyQZ7NiziUPxTs/VS9jGwLabR/BMnvZv3kzQlsVmkjjRiLHoKPEpGKPLEGmqZ lpXEGA14MakdxMh5seN+2darOATDsVhOqOHg9+wa06ZeDxTT1+95pZXl5GnrnqanXv19 8T334QsGxgIObZTVnwiItcBDiQFXbqvvH/15/iK9xkvW29s8u+i70SjMYCsHdM4t3UZy FUxA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id o50si11418332qtb.313.2018.01.28.01.00.39; Sun, 28 Jan 2018 01:00:40 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 9DE63617F3; Sun, 28 Jan 2018 09:00:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 12A546178D; Sun, 28 Jan 2018 09:00:24 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 9FD8361776; Sun, 28 Jan 2018 09:00:16 +0000 (UTC) Received: from forward104o.mail.yandex.net (forward104o.mail.yandex.net [37.140.190.179]) by lists.linaro.org (Postfix) with ESMTPS id 57C1560887 for ; Sun, 28 Jan 2018 09:00:14 +0000 (UTC) Received: from mxback9o.mail.yandex.net (mxback9o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::23]) by forward104o.mail.yandex.net (Yandex) with ESMTP id 91969702823 for ; Sun, 28 Jan 2018 12:00:12 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback9o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id MbmuGPSBLy-0CSK34mi; Sun, 28 Jan 2018 12:00:12 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0CX4ed1p; Sun, 28 Jan 2018 12:00:12 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 11:59:56 +0300 Message-Id: <1517130009-11837-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 3/16] api: crypto: add enumeration for AES-CMAC X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Add enumeration for AES CMAC authentication algorithm. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ include/odp/api/spec/crypto.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index b8c7b9d80..421080c2b 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -175,6 +175,14 @@ typedef enum { */ ODP_AUTH_ALG_AES_CCM, + /** AES-CMAC + * + * AES Cipher-based Message Authentication Code (CMAC) algorithm. CMAC + * is a keyed hash function that is based on a symmetric key block + * cipher, such as the AES. + */ + ODP_AUTH_ALG_AES_CMAC, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96), @@ -258,6 +266,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_CCM */ uint32_t aes_ccm : 1; + /** ODP_AUTH_ALG_AES_CMAC*/ + uint32_t aes_cmac : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1; From patchwork Sun Jan 28 08:59:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126062 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1557819ljd; Sun, 28 Jan 2018 01:03:49 -0800 (PST) X-Google-Smtp-Source: AH8x225jxY/dpdYvyW6KGSTf5OWAd4rzpP6gk20qhPyHEnD6awoTHWhVL7+ulOk0paPCxdTxsy45 X-Received: by 10.55.133.197 with SMTP id h188mr28149284qkd.317.1517130229102; Sun, 28 Jan 2018 01:03:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130229; cv=none; d=google.com; s=arc-20160816; b=mvqQwMQLMjlDBmfX/uX+s0sTAOGEjQZE9MpjiYRcxCYBDEzrnT8qhvpm9W/1GDgGuz +mUs1uzzMFz0fw7Pl17ufLn4yLw/qoTVfgMn+37mdbhWlSM+NQHrdYQY1jwvgwZwqSWp qm8caVIYE1SomhffqK4Fj5N2BxqNTquBedjIYuuh5EHg8sPfLg8gSMG8gEp0RgMJfqhv TAMZ1CcqlR0GqZHtCdHncoY6mB8Q1Oq1AvMdAmg5Qgioi9p9sIoqJf9bakAP2PfCll98 ha4NIw63hTeFAFa04hqDmSCtWjLJ5rDuA4E7WczR2pYVy0q1gtObnzKIzSdiVTkI+LLC QtPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=R1u5yUguHIlaYlqSW35jBKpeufGUuh61IvtqkF4XpuY=; b=cRLA1S0dhvXJ2mjMViZu6PJ+QQTKAPShl8hxMFVzBXL6PX2O7ijK+bggNdwMsx2HYM KV5BbzKeCUl59YThUPUd2qseOnm2yw3poK0Sp9Mf1u9C0qbGJ4MbUbaWJjcDLMMWQ+Ip TlQjE6HpkbJuNSZ9NYEXYWo1Abw7hEROG4cmK8pQlUISItRIso3sWoxZe9bR8iuQIE1s IPcdzhshLvef7whSdQvpVVF2Cy1n1Heq3G1l4XmH++jQ1hvSA2LcPcZJkLkKvacZ/Kmq ggoOnWdrvU3VR7AlO2cA4yb7N9Cxb6zcGYf2n/MNHALYW9gJXVOErLq5yjMMyc23kz6r VMwQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id g54si4484284qtf.279.2018.01.28.01.03.48; Sun, 28 Jan 2018 01:03:49 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id C02E4617E5; Sun, 28 Jan 2018 09:03:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 60E2D617F3; Sun, 28 Jan 2018 09:00:41 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id D60E161705; Sun, 28 Jan 2018 09:00:17 +0000 (UTC) Received: from forward102p.mail.yandex.net (forward102p.mail.yandex.net [77.88.28.102]) by lists.linaro.org (Postfix) with ESMTPS id 8455961514 for ; Sun, 28 Jan 2018 09:00:14 +0000 (UTC) Received: from mxback2j.mail.yandex.net (mxback2j.mail.yandex.net [IPv6:2a02:6b8:0:1619::10b]) by forward102p.mail.yandex.net (Yandex) with ESMTP id 061FB4303CDD for ; Sun, 28 Jan 2018 12:00:13 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback2j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id fyw3Sg6rfL-0CkCIrFq; Sun, 28 Jan 2018 12:00:12 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0CXSKc0C; Sun, 28 Jan 2018 12:00:12 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 11:59:57 +0300 Message-Id: <1517130009-11837-5-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 4/16] api: crypto: add ChaCha20-Poly1305 support X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov ChaCha20-Poly1305 is a promising AEAD algorithm. Add decarations to support it. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ include/odp/api/spec/crypto.h | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 421080c2b..b7ab53620 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -101,6 +101,15 @@ typedef enum { */ ODP_CIPHER_ALG_AES_CCM, + /** ChaCha20-Poly1305 + * + * ChaCha20 with Poly1305 provide both authentication and ciphering of + * data (authenticated encryption) in the same operation. Hence this + * algorithm must be paired always with ODP_AUTH_ALG_CHACHA20_POLY1305 + * authentication. + */ + ODP_CIPHER_ALG_CHACHA20_POLY1305, + /** @deprecated Use ODP_CIPHER_ALG_AES_CBC instead */ ODP_DEPRECATE(ODP_CIPHER_ALG_AES128_CBC), @@ -183,6 +192,15 @@ typedef enum { */ ODP_AUTH_ALG_AES_CMAC, + /** ChaCha20-Poly1305 AEAD + * + * ChaCha20 with Poly1305 provide both authentication and ciphering of + * data (authenticated encryption) in the same operation. Hence this + * algorithm must be paired always with + * ODP_CIPHER_ALG_CHACHA20_POLY1305 cipher. + */ + ODP_AUTH_ALG_CHACHA20_POLY1305, + /** @deprecated Use ODP_AUTH_ALG_MD5_HMAC instead */ ODP_DEPRECATE(ODP_AUTH_ALG_MD5_96), @@ -221,6 +239,9 @@ typedef union odp_crypto_cipher_algos_t { /** ODP_CIPHER_ALG_AES_CCM */ uint32_t aes_ccm : 1; + /** ODP_CIPHER_ALG_CHACHA20_POLY1305 */ + uint32_t chacha20_poly1305 : 1; + /** @deprecated Use aes_cbc instead */ uint32_t ODP_DEPRECATE(aes128_cbc) : 1; @@ -269,6 +290,9 @@ typedef union odp_crypto_auth_algos_t { /** ODP_AUTH_ALG_AES_CMAC*/ uint32_t aes_cmac : 1; + /** ODP_AUTH_ALG_CHACHA20_POLY1305 */ + uint32_t chacha20_poly1305 : 1; + /** @deprecated Use md5_hmac instead */ uint32_t ODP_DEPRECATE(md5_96) : 1; From patchwork Sun Jan 28 08:59:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126074 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1564030ljd; Sun, 28 Jan 2018 01:14:36 -0800 (PST) X-Google-Smtp-Source: AH8x226sHkcxloTKtVPP9W5Zacb4VQiwshY+jEOWfW1WjQBc447PKutDWMxp2HbOpHYgWPmzWpuQ X-Received: by 10.200.48.1 with SMTP id f1mr33033896qte.38.1517130875990; Sun, 28 Jan 2018 01:14:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130875; cv=none; d=google.com; s=arc-20160816; b=XlfPzLN9djqrflPaJs1EOp+PynikkEvenB2YJUKNZWTQ+mLz2OrED2av/UqaJdOezY rw8b9zUTA/nQp7VLRTRXGlHiZYzzE+EBTC7e/x5SwoaSh5e8d404jsfEiqZmB3xMxuG4 SiNZeQE5So49wTqI5/rxIc8DLKl5xlVNkXxoNrIsK981Ew1iMvMoz/F9mFk3q84CtMEO uVKpaC0aebvfLiixm9XNFb1KRPzFxbJ4MEKNh9kh+2yV/A2AZDjUHau04QbTmzFxeAC5 0uqNMfIzQPV/mDsuK3e9DYrCBLts/P+TqHw0xN+W9dcgccXxIGRppEY/83Lz86ml2wYD OxwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=i8eyFoyJdT+rMK6ErxRu+QAMoQRohgwJDfHBQY2lzqU=; b=J1m6fts+PQlRk7y+zRfrqC+Jzdn7SWHnVFvNWWI9pVFLdtUlqgzGEYEEKksHujwQ3p lYBQR8KYCSdQKtWqTkrXwkA623aUL0oXa7lwEHFbm3tPq7YHv/HZ/8aUEqGBYJLE9HQQ fnuXxb+ll+LBGaDZNCG24UHxzmpgVWCkXK5e2uMwFzyAzFTabEpKnJ2c+DOCtyctoO20 4KQfntNy4eMZFrUKATqQxsbfqzYSF38qniX9+5qhIkAmNQHL9tn9yVA+9DQhrbaqGCT1 J/fGJwcltrNDcIKZMedqg+BD7Ytqt0E4uJrccJUPHZcxJvmnXR05fyElcaQYjuJpd9AB FBQA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id t7si563116qth.426.2018.01.28.01.14.35; Sun, 28 Jan 2018 01:14:35 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 9171262772; Sun, 28 Jan 2018 09:14:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 6EF476173A; Sun, 28 Jan 2018 09:01:56 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id BCC00618E4; Sun, 28 Jan 2018 09:00:42 +0000 (UTC) Received: from forward106j.mail.yandex.net (forward106j.mail.yandex.net [5.45.198.249]) by lists.linaro.org (Postfix) with ESMTPS id 7EBB86176D for ; Sun, 28 Jan 2018 09:00:16 +0000 (UTC) Received: from mxback15g.mail.yandex.net (mxback15g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:94]) by forward106j.mail.yandex.net (Yandex) with ESMTP id 824B81801DB3 for ; Sun, 28 Jan 2018 12:00:14 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback15g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id tXPmQZ76Gv-0EjCdNAu; Sun, 28 Jan 2018 12:00:14 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0DXmVKd8; Sun, 28 Jan 2018 12:00:13 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 11:59:58 +0300 Message-Id: <1517130009-11837-6-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 5/16] validation: crypto: use unix file format X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Merge f925f103c90591776f73863d30159357b08bf71e changed EOL to DOS convention in this file. Change it back. Fixes: f925f103c90591776f73863d30159357b08bf71e Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 2592 +++++++++++----------- 1 file changed, 1296 insertions(+), 1296 deletions(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 1d92c6568..2b0ba1cd9 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -1,1296 +1,1296 @@ -/* Copyright (c) 2014-2018, Linaro Limited - * All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include "config.h" - -#include -#include -#include -#include "test_vectors.h" -#include "odp_crypto_test_inp.h" -#include "crypto.h" - -#define MAX_ALG_CAPA 32 - -struct suite_context_s { - odp_bool_t packet; - odp_crypto_op_mode_t op_mode; - odp_crypto_op_mode_t pref_mode; - odp_pool_t pool; - odp_queue_t queue; -}; - -static struct suite_context_s suite_context; - -static int packet_cmp_mem(odp_packet_t pkt, uint32_t offset, - void *s, uint32_t len) -{ - uint8_t buf[len]; - - odp_packet_copy_to_mem(pkt, offset, len, buf); - - return memcmp(buf, s, len); -} - -static const char *auth_alg_name(odp_auth_alg_t auth) -{ - switch (auth) { - case ODP_AUTH_ALG_NULL: - return "ODP_AUTH_ALG_NULL"; - case ODP_AUTH_ALG_MD5_HMAC: - return "ODP_AUTH_ALG_MD5_HMAC"; - case ODP_AUTH_ALG_SHA1_HMAC: - return "ODP_AUTH_ALG_SHA1_HMAC"; - case ODP_AUTH_ALG_SHA256_HMAC: - return "ODP_AUTH_ALG_SHA256_HMAC"; - case ODP_AUTH_ALG_SHA512_HMAC: - return "ODP_AUTH_ALG_SHA512_HMAC"; - case ODP_AUTH_ALG_AES_GCM: - return "ODP_AUTH_ALG_AES_GCM"; - case ODP_AUTH_ALG_AES_GMAC: - return "ODP_AUTH_ALG_AES_GMAC"; - default: - return "Unknown"; - } -} - -static const char *cipher_alg_name(odp_cipher_alg_t cipher) -{ - switch (cipher) { - case ODP_CIPHER_ALG_NULL: - return "ODP_CIPHER_ALG_NULL"; - case ODP_CIPHER_ALG_DES: - return "ODP_CIPHER_ALG_DES"; - case ODP_CIPHER_ALG_3DES_CBC: - return "ODP_CIPHER_ALG_3DES_CBC"; - case ODP_CIPHER_ALG_AES_CBC: - return "ODP_CIPHER_ALG_AES_CBC"; - case ODP_CIPHER_ALG_AES_GCM: - return "ODP_CIPHER_ALG_AES_GCM"; - default: - return "Unknown"; - } -} - -static int alg_op(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_crypto_op_result_t result; - odp_crypto_op_param_t op_params; - odp_bool_t posted; - odp_event_subtype_t subtype; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - op_params.pkt = pkt; - op_params.out_pkt = pkt; - op_params.ctx = (void *)0xdeadbeef; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_operation(&op_params, &posted, &result); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_operation()"); - return rc; - } - - if (posted) { - odp_event_t event; - odp_crypto_compl_t compl_event; - - /* Poll completion queue for results */ - do { - event = odp_queue_deq(suite_context.queue); - } while (event == ODP_EVENT_INVALID); - - CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == odp_event_type(event)); - CU_ASSERT(ODP_EVENT_NO_SUBTYPE == odp_event_subtype(event)); - CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == - odp_event_types(event, &subtype)); - CU_ASSERT(ODP_EVENT_NO_SUBTYPE == subtype); - - compl_event = odp_crypto_compl_from_event(event); - CU_ASSERT(odp_crypto_compl_to_u64(compl_event) == - odp_crypto_compl_to_u64( - odp_crypto_compl_from_event(event))); - odp_crypto_compl_result(compl_event, &result); - odp_crypto_compl_free(compl_event); - } - - CU_ASSERT(result.pkt == pkt); - CU_ASSERT(result.ctx == (void *)0xdeadbeef); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(result.pkt))); - CU_ASSERT(ODP_EVENT_PACKET_BASIC == - odp_event_subtype(odp_packet_to_event(result.pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(result.pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_BASIC == subtype); - - *ok = result.ok; - - return 0; -} - -static int alg_packet_op(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_crypto_packet_result_t result; - odp_crypto_packet_op_param_t op_params; - odp_event_subtype_t subtype; - odp_packet_t out_pkt = pkt; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_op(&pkt, &out_pkt, &op_params, 1); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_op()"); - return rc; - } - - CU_ASSERT(out_pkt == pkt); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == - odp_event_subtype(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - rc = odp_crypto_result(&result, pkt); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_result()"); - return rc; - } - - if (!result.ok) - CU_ASSERT(odp_packet_has_error(pkt)); - - *ok = result.ok; - - return 0; -} - -static int alg_packet_op_enq(odp_packet_t pkt, - odp_bool_t *ok, - odp_crypto_session_t session, - uint8_t *cipher_iv_ptr, - uint8_t *auth_iv_ptr, - odp_packet_data_range_t *cipher_range, - odp_packet_data_range_t *auth_range, - uint8_t *aad, - unsigned int plaintext_len) -{ - int rc; - odp_event_t event; - odp_crypto_packet_result_t result; - odp_crypto_packet_op_param_t op_params; - odp_event_subtype_t subtype; - odp_packet_t out_pkt = pkt; - - /* Prepare input/output params */ - memset(&op_params, 0, sizeof(op_params)); - op_params.session = session; - - op_params.cipher_range = *cipher_range; - op_params.auth_range = *auth_range; - if (cipher_iv_ptr) - op_params.cipher_iv_ptr = cipher_iv_ptr; - if (auth_iv_ptr) - op_params.auth_iv_ptr = auth_iv_ptr; - - op_params.aad_ptr = aad; - - op_params.hash_result_offset = plaintext_len; - - rc = odp_crypto_op_enq(&pkt, &pkt, &op_params, 1); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_op_enq()"); - return rc; - } - - /* Poll completion queue for results */ - do { - event = odp_queue_deq(suite_context.queue); - } while (event == ODP_EVENT_INVALID); - - CU_ASSERT(ODP_EVENT_PACKET == odp_event_type(event)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == odp_event_subtype(event)); - CU_ASSERT(ODP_EVENT_PACKET == odp_event_types(event, &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - pkt = odp_crypto_packet_from_event(event); - - CU_ASSERT(out_pkt == pkt); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_type(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == - odp_event_subtype(odp_packet_to_event(pkt))); - CU_ASSERT(ODP_EVENT_PACKET == - odp_event_types(odp_packet_to_event(pkt), &subtype)); - CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); - - rc = odp_crypto_result(&result, pkt); - if (rc < 0) { - CU_FAIL("Failed odp_crypto_packet_result()"); - return rc; - } - - CU_ASSERT((!odp_packet_has_error(pkt)) == result.ok); - - *ok = result.ok; - - return 0; -} - -typedef enum crypto_test { - NORMAL_TEST = 0, /**< Plain execution */ - REPEAT_TEST, /**< Rerun without reinitializing the session */ - WRONG_DIGEST_TEST, /**< Check against wrong digest */ - MAX_TEST, /**< Final mark */ -} crypto_test; - -/* Basic algorithm run function for async inplace mode. - * Creates a session from input parameters and runs one operation - * on input_vec. Checks the output of the crypto operation against - * output_vec. Operation completion event is dequeued polling the - * session output queue. Completion context pointer is retrieved - * and checked against the one set before the operation. - * Completion event can be a separate buffer or the input packet - * buffer can be used. - * */ -static void alg_test(odp_crypto_op_t op, - odp_cipher_alg_t cipher_alg, - odp_auth_alg_t auth_alg, - crypto_test_reference_t *ref, - odp_bool_t ovr_iv) -{ - odp_crypto_session_t session; - int rc; - odp_crypto_ses_create_err_t status; - odp_bool_t ok = false; - int iteration; - odp_crypto_session_param_t ses_params; - odp_packet_data_range_t cipher_range; - odp_packet_data_range_t auth_range; - odp_crypto_key_t cipher_key = { - .data = ref->cipher_key, - .length = ref->cipher_key_length - }; - odp_crypto_key_t auth_key = { - .data = ref->auth_key, - .length = ref->auth_key_length - }; - odp_crypto_iv_t cipher_iv = { - .data = ovr_iv ? NULL : ref->cipher_iv, - .length = ref->cipher_iv_length - }; - odp_crypto_iv_t auth_iv = { - .data = ovr_iv ? NULL : ref->auth_iv, - .length = ref->auth_iv_length - }; - - /* Create a crypto session */ - odp_crypto_session_param_init(&ses_params); - ses_params.op = op; - ses_params.auth_cipher_text = false; - ses_params.op_mode = suite_context.op_mode; - ses_params.pref_mode = suite_context.pref_mode; - ses_params.cipher_alg = cipher_alg; - ses_params.auth_alg = auth_alg; - ses_params.compl_queue = suite_context.queue; - ses_params.output_pool = suite_context.pool; - ses_params.cipher_key = cipher_key; - ses_params.cipher_iv = cipher_iv; - ses_params.auth_iv = auth_iv; - ses_params.auth_key = auth_key; - ses_params.auth_digest_len = ref->digest_length; - ses_params.auth_aad_len = ref->aad_length; - - rc = odp_crypto_session_create(&ses_params, &session, &status); - CU_ASSERT_FATAL(!rc); - CU_ASSERT(status == ODP_CRYPTO_SES_CREATE_ERR_NONE); - CU_ASSERT(odp_crypto_session_to_u64(session) != - odp_crypto_session_to_u64(ODP_CRYPTO_SESSION_INVALID)); - - cipher_range.offset = 0; - cipher_range.length = ref->length; - auth_range.offset = 0; - auth_range.length = ref->length; - - /* Prepare input data */ - odp_packet_t pkt = odp_packet_alloc(suite_context.pool, - ref->length + ref->digest_length); - CU_ASSERT(pkt != ODP_PACKET_INVALID); - if (pkt == ODP_PACKET_INVALID) - goto cleanup; - - for (iteration = NORMAL_TEST; iteration < MAX_TEST; iteration++) { - /* checking against wrong digest is meaningless for NULL digest - * or when generating digest */ - if (iteration == WRONG_DIGEST_TEST && - (auth_alg == ODP_AUTH_ALG_NULL || - op == ODP_CRYPTO_OP_ENCODE)) - continue; - - if (op == ODP_CRYPTO_OP_ENCODE) { - odp_packet_copy_from_mem(pkt, 0, ref->length, - ref->plaintext); - } else { - odp_packet_copy_from_mem(pkt, 0, ref->length, - ref->ciphertext); - odp_packet_copy_from_mem(pkt, ref->length, - ref->digest_length, - ref->digest); - if (iteration == WRONG_DIGEST_TEST) { - uint8_t byte = ~ref->digest[0]; - - odp_packet_copy_from_mem(pkt, ref->length, - 1, &byte); - } - } - - if (!suite_context.packet) - rc = alg_op(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - else if (ODP_CRYPTO_ASYNC == suite_context.op_mode) - rc = alg_packet_op_enq(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - else - rc = alg_packet_op(pkt, &ok, session, - ovr_iv ? ref->cipher_iv : NULL, - ovr_iv ? ref->auth_iv : NULL, - &cipher_range, &auth_range, - ref->aad, ref->length); - if (rc < 0) - break; - - if (iteration == WRONG_DIGEST_TEST) { - CU_ASSERT(!ok); - continue; - } - - CU_ASSERT(ok); - - if (op == ODP_CRYPTO_OP_ENCODE) { - CU_ASSERT(!packet_cmp_mem(pkt, 0, - ref->ciphertext, - ref->length)); - CU_ASSERT(!packet_cmp_mem(pkt, ref->length, - ref->digest, - ref->digest_length)); - } else { - CU_ASSERT(!packet_cmp_mem(pkt, 0, - ref->plaintext, - ref->length)); - } - } - - odp_packet_free(pkt); - -cleanup: - rc = odp_crypto_session_destroy(session); - CU_ASSERT(!rc); -} - -static void check_alg(odp_crypto_op_t op, - odp_cipher_alg_t cipher_alg, - odp_auth_alg_t auth_alg, - crypto_test_reference_t *ref, - size_t count, - odp_bool_t ovr_iv) -{ - odp_crypto_capability_t capa; - odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; - odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; - int rc, cipher_num, auth_num, i; - odp_bool_t cipher_tested[MAX_ALG_CAPA]; - odp_bool_t auth_tested[MAX_ALG_CAPA]; - odp_bool_t cipher_ok = false; - odp_bool_t auth_ok = false; - size_t idx; - - rc = odp_crypto_capability(&capa); - CU_ASSERT(!rc); - - if (cipher_alg == ODP_CIPHER_ALG_3DES_CBC && - !(capa.ciphers.bit.trides_cbc)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_CBC && - !(capa.ciphers.bit.aes_cbc)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_CTR && - !(capa.ciphers.bit.aes_ctr)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && - !(capa.ciphers.bit.aes_gcm)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_DES && - !(capa.ciphers.bit.des)) - rc = -1; - if (cipher_alg == ODP_CIPHER_ALG_NULL && - !(capa.ciphers.bit.null)) - rc = -1; - - CU_ASSERT(!rc); - CU_ASSERT((~capa.ciphers.all_bits & capa.hw_ciphers.all_bits) == 0); - - if (auth_alg == ODP_AUTH_ALG_AES_GCM && - !(capa.auths.bit.aes_gcm)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_AES_GMAC && - !(capa.auths.bit.aes_gmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && - !(capa.auths.bit.md5_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_NULL && - !(capa.auths.bit.null)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && - !(capa.auths.bit.sha1_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && - !(capa.auths.bit.sha256_hmac)) - rc = -1; - if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && - !(capa.auths.bit.sha512_hmac)) - rc = -1; - - CU_ASSERT(!rc); - CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); - - cipher_num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, - MAX_ALG_CAPA); - - CU_ASSERT(cipher_num > 0); - CU_ASSERT(cipher_num <= MAX_ALG_CAPA); - if (cipher_num > MAX_ALG_CAPA) - cipher_num = MAX_ALG_CAPA; - - auth_num = odp_crypto_auth_capability(auth_alg, auth_capa, - MAX_ALG_CAPA); - - CU_ASSERT(auth_num > 0); - CU_ASSERT(auth_num <= MAX_ALG_CAPA); - if (auth_num > MAX_ALG_CAPA) - auth_num = MAX_ALG_CAPA; - - memset(cipher_tested, 0, sizeof(cipher_tested)); - memset(auth_tested, 0, sizeof(auth_tested)); - - for (idx = 0; idx < count; idx++) { - int cipher_idx = -1, auth_idx = -1; - - for (i = 0; i < cipher_num; i++) { - if (cipher_capa[i].key_len == - ref[idx].cipher_key_length && - cipher_capa[i].iv_len == - ref[idx].cipher_iv_length) { - cipher_idx = i; - break; - } - } - - if (cipher_idx < 0) { - printf("\n Unsupported: alg=%s, key_len=%" PRIu32 - ", iv_len=%" PRIu32 "\n", - cipher_alg_name(cipher_alg), - ref[idx].cipher_key_length, - ref[idx].cipher_iv_length); - continue; - } - - for (i = 0; i < auth_num; i++) { - if (auth_capa[i].digest_len == - ref[idx].digest_length && - auth_capa[i].iv_len == - ref[idx].auth_iv_length && - auth_capa[i].key_len == - ref[idx].auth_key_length) { - auth_idx = i; - break; - } - } - - if (auth_idx < 0) { - printf("\n Unsupported: alg=%s, key_len=%" PRIu32 - ", iv_len=%" PRIu32 ", digest_len=%" PRIu32 "\n", - auth_alg_name(auth_alg), - ref[idx].auth_key_length, - ref[idx].auth_iv_length, - ref[idx].digest_length); - continue; - } - - alg_test(op, cipher_alg, auth_alg, &ref[idx], ovr_iv); - - cipher_tested[cipher_idx] = true; - auth_tested[auth_idx] = true; - } - - for (i = 0; i < cipher_num; i++) { - cipher_ok |= cipher_tested[i]; - if (!cipher_tested[i]) { - /* GMAC-related hacks */ - if (cipher_alg == ODP_CIPHER_ALG_NULL) - continue; - printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " - "iv_len=%" PRIu32 "\n", - cipher_alg_name(cipher_alg), - cipher_capa[i].key_len, - cipher_capa[i].iv_len); - } - } - - for (i = 0; i < auth_num; i++) { - auth_ok |= auth_tested[i]; - if (!auth_tested[i]) - printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " - "digest_len=%" PRIu32 "\n", - auth_alg_name(auth_alg), - auth_capa[i].key_len, - auth_capa[i].digest_len); - } - - /* Verify that we were able to run at least several tests */ - CU_ASSERT(cipher_ok); - CU_ASSERT(auth_ok); -} - -/** - * Check if given cipher and authentication algorithms are supported - * - * @param cipher Cipher algorithm - * @param auth Authentication algorithm - * - * @retval ODP_TEST_ACTIVE when both algorithms are supported - * @retval ODP_TEST_INACTIVE when either algorithm is not supported - */ -static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) -{ - odp_crypto_capability_t capability; - - if (odp_crypto_capability(&capability)) - return ODP_TEST_INACTIVE; - - if (suite_context.packet) { - if (suite_context.op_mode == ODP_CRYPTO_SYNC && - capability.sync_mode == ODP_SUPPORT_NO) - return ODP_TEST_INACTIVE; - if (suite_context.op_mode == ODP_CRYPTO_ASYNC && - capability.async_mode == ODP_SUPPORT_NO) - return ODP_TEST_INACTIVE; - } - - /* Cipher algorithms */ - switch (cipher) { - case ODP_CIPHER_ALG_NULL: - if (!capability.ciphers.bit.null) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_DES: - if (!capability.ciphers.bit.des) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_3DES_CBC: - if (!capability.ciphers.bit.trides_cbc) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_CBC: - if (!capability.ciphers.bit.aes_cbc) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_CTR: - if (!capability.ciphers.bit.aes_ctr) - return ODP_TEST_INACTIVE; - break; - case ODP_CIPHER_ALG_AES_GCM: - if (!capability.ciphers.bit.aes_gcm) - return ODP_TEST_INACTIVE; - break; - default: - fprintf(stderr, "Unsupported cipher algorithm\n"); - return ODP_TEST_INACTIVE; - } - - /* Authentication algorithms */ - switch (auth) { - case ODP_AUTH_ALG_NULL: - if (!capability.auths.bit.null) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_MD5_HMAC: - if (!capability.auths.bit.md5_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA1_HMAC: - if (!capability.auths.bit.sha1_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA256_HMAC: - if (!capability.auths.bit.sha256_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_SHA512_HMAC: - if (!capability.auths.bit.sha512_hmac) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_AES_GCM: - if (!capability.auths.bit.aes_gcm) - return ODP_TEST_INACTIVE; - break; - case ODP_AUTH_ALG_AES_GMAC: - if (!capability.auths.bit.aes_gmac) - return ODP_TEST_INACTIVE; - break; - default: - fprintf(stderr, "Unsupported authentication algorithm\n"); - return ODP_TEST_INACTIVE; - } - - return ODP_TEST_ACTIVE; -} - -static int check_alg_null(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); -} - -#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) -static void crypto_test_enc_alg_null(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_NULL, - null_reference, - ARRAY_SIZE(null_reference), - false); -} - -static void crypto_test_dec_alg_null(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_NULL, - null_reference, - ARRAY_SIZE(null_reference), - false); -} - -static int check_alg_3des_cbc(void) -{ - return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_3des_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for 3DES_CBC algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_3des_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_3des_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_3DES_CBC, - ODP_AUTH_ALG_NULL, - tdes_cbc_reference, - ARRAY_SIZE(tdes_cbc_reference), - true); -} - -static int check_alg_aes_gcm(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_GCM algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_gcm(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_GCM algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_gcm_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_gcm(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for 3DES_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_GCM, - ODP_AUTH_ALG_AES_GCM, - aes_gcm_reference, - ARRAY_SIZE(aes_gcm_reference), - true); -} - -static int check_alg_aes_cbc(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CBC algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_aes_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_cbc(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CBC algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_cbc_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CBC, - ODP_AUTH_ALG_NULL, - aes_cbc_reference, - ARRAY_SIZE(aes_cbc_reference), - true); -} - -static int check_alg_aes_ctr(void) -{ - return check_alg_support(ODP_CIPHER_ALG_AES_CTR, ODP_AUTH_ALG_NULL); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer.*/ -static void crypto_test_enc_alg_aes_ctr(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - false); -} - -/* This test verifies the correctness of encode (plaintext -> ciphertext) - * operation for AES128_CTR algorithm. IV for the operation is the operation IV. - * */ -static void crypto_test_enc_alg_aes_ctr_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - true); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_ctr(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - false); -} - -/* This test verifies the correctness of decode (ciphertext -> plaintext) - * operation for AES128_CTR algorithm. IV for the operation is the session IV - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_dec_alg_aes_ctr_ovr_iv(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_AES_CTR, - ODP_AUTH_ALG_NULL, - aes_ctr_reference, - ARRAY_SIZE(aes_ctr_reference), - true); -} - -static int check_alg_hmac_md5(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_MD5_HMAC); -} - -/* This test verifies the correctness of HMAC_MD5 digest operation. - * The output check length is truncated to 12 bytes (96 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_md5(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_MD5_HMAC, - hmac_md5_reference, - ARRAY_SIZE(hmac_md5_reference), - false); -} - -static void crypto_test_check_alg_hmac_md5(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_MD5_HMAC, - hmac_md5_reference, - ARRAY_SIZE(hmac_md5_reference), - false); -} - -static int check_alg_hmac_sha1(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA1 digest operation. - * The output check length is truncated to 12 bytes (96 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha1(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA1_HMAC, - hmac_sha1_reference, - ARRAY_SIZE(hmac_sha1_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha1(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA1_HMAC, - hmac_sha1_reference, - ARRAY_SIZE(hmac_sha1_reference), - false); -} - -static int check_alg_hmac_sha256(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA256 digest operation. - * The output check length is truncated to 16 bytes (128 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha256(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA256_HMAC, - hmac_sha256_reference, - ARRAY_SIZE(hmac_sha256_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha256(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA256_HMAC, - hmac_sha256_reference, - ARRAY_SIZE(hmac_sha256_reference), - false); -} - -static int check_alg_hmac_sha512(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); -} - -/* This test verifies the correctness of HMAC_SHA512 digest operation. - * The output check length is truncated to 32 bytes (256 bits) as - * returned by the crypto operation API call. - * Note that hash digest is a one-way operation. - * In addition the test verifies if the implementation can use the - * packet buffer as completion event buffer. - * */ -static void crypto_test_gen_alg_hmac_sha512(void) -{ - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA512_HMAC, - hmac_sha512_reference, - ARRAY_SIZE(hmac_sha512_reference), - false); -} - -static void crypto_test_check_alg_hmac_sha512(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_SHA512_HMAC, - hmac_sha512_reference, - ARRAY_SIZE(hmac_sha512_reference), - false); -} - -static int check_alg_aes_gmac(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC); -} - -static void crypto_test_gen_alg_aes_gmac(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - check_alg(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - aes_gmac_reference, - ARRAY_SIZE(aes_gmac_reference), - false); -} - -static void crypto_test_gen_alg_aes_gmac_ovr_iv(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - alg_test(ODP_CRYPTO_OP_ENCODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - &aes_gmac_reference[i], - true); -} - -static void crypto_test_check_alg_aes_gmac(void) -{ - check_alg(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - aes_gmac_reference, - ARRAY_SIZE(aes_gmac_reference), - false); -} - -static void crypto_test_check_alg_aes_gmac_ovr_iv(void) -{ - unsigned int test_vec_num = (sizeof(aes_gmac_reference) / - sizeof(aes_gmac_reference[0])); - unsigned int i; - - for (i = 0; i < test_vec_num; i++) - alg_test(ODP_CRYPTO_OP_DECODE, - ODP_CIPHER_ALG_NULL, - ODP_AUTH_ALG_AES_GMAC, - &aes_gmac_reference[i], - true); -} - -int crypto_suite_sync_init(void) -{ - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = ODP_QUEUE_INVALID; - suite_context.pref_mode = ODP_CRYPTO_SYNC; - return 0; -} - -int crypto_suite_async_init(void) -{ - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - suite_context.queue = odp_queue_lookup("crypto-out"); - if (suite_context.queue == ODP_QUEUE_INVALID) - return -1; - - suite_context.pref_mode = ODP_CRYPTO_ASYNC; - return 0; -} - -int crypto_suite_packet_sync_init(void) -{ - suite_context.packet = true; - suite_context.op_mode = ODP_CRYPTO_SYNC; - - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = ODP_QUEUE_INVALID; - return 0; -} - -int crypto_suite_packet_async_init(void) -{ - suite_context.packet = true; - suite_context.op_mode = ODP_CRYPTO_ASYNC; - - suite_context.pool = odp_pool_lookup("packet_pool"); - if (suite_context.pool == ODP_POOL_INVALID) - return -1; - - suite_context.queue = odp_queue_lookup("crypto-out"); - if (suite_context.queue == ODP_QUEUE_INVALID) - return -1; - return 0; -} - -odp_testinfo_t crypto_suite[] = { - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, - check_alg_null), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, - check_alg_null), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc_ovr_iv, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc_ovr_iv, - check_alg_3des_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc_ovr_iv, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc_ovr_iv, - check_alg_aes_cbc), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr_ovr_iv, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr_ovr_iv, - check_alg_aes_ctr), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm_ovr_iv, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, - check_alg_aes_gcm), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, - check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, - check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, - check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, - check_alg_hmac_sha1), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, - check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, - check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, - check_alg_hmac_sha512), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, - check_alg_hmac_sha512), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac_ovr_iv, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac, - check_alg_aes_gmac), - ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, - check_alg_aes_gmac), - ODP_TEST_INFO_NULL, -}; - -int crypto_suite_term(void) -{ - int i; - int first = 1; - - for (i = 0; crypto_suite[i].pName; i++) { - if (crypto_suite[i].check_active && - crypto_suite[i].check_active() == ODP_TEST_INACTIVE) { - if (first) { - first = 0; - printf("\n\n Inactive tests:\n"); - } - printf(" %s\n", crypto_suite[i].pName); - } - } - return 0; -} +/* Copyright (c) 2014-2018, Linaro Limited + * All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include "config.h" + +#include +#include +#include +#include "test_vectors.h" +#include "odp_crypto_test_inp.h" +#include "crypto.h" + +#define MAX_ALG_CAPA 32 + +struct suite_context_s { + odp_bool_t packet; + odp_crypto_op_mode_t op_mode; + odp_crypto_op_mode_t pref_mode; + odp_pool_t pool; + odp_queue_t queue; +}; + +static struct suite_context_s suite_context; + +static int packet_cmp_mem(odp_packet_t pkt, uint32_t offset, + void *s, uint32_t len) +{ + uint8_t buf[len]; + + odp_packet_copy_to_mem(pkt, offset, len, buf); + + return memcmp(buf, s, len); +} + +static const char *auth_alg_name(odp_auth_alg_t auth) +{ + switch (auth) { + case ODP_AUTH_ALG_NULL: + return "ODP_AUTH_ALG_NULL"; + case ODP_AUTH_ALG_MD5_HMAC: + return "ODP_AUTH_ALG_MD5_HMAC"; + case ODP_AUTH_ALG_SHA1_HMAC: + return "ODP_AUTH_ALG_SHA1_HMAC"; + case ODP_AUTH_ALG_SHA256_HMAC: + return "ODP_AUTH_ALG_SHA256_HMAC"; + case ODP_AUTH_ALG_SHA512_HMAC: + return "ODP_AUTH_ALG_SHA512_HMAC"; + case ODP_AUTH_ALG_AES_GCM: + return "ODP_AUTH_ALG_AES_GCM"; + case ODP_AUTH_ALG_AES_GMAC: + return "ODP_AUTH_ALG_AES_GMAC"; + default: + return "Unknown"; + } +} + +static const char *cipher_alg_name(odp_cipher_alg_t cipher) +{ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + return "ODP_CIPHER_ALG_NULL"; + case ODP_CIPHER_ALG_DES: + return "ODP_CIPHER_ALG_DES"; + case ODP_CIPHER_ALG_3DES_CBC: + return "ODP_CIPHER_ALG_3DES_CBC"; + case ODP_CIPHER_ALG_AES_CBC: + return "ODP_CIPHER_ALG_AES_CBC"; + case ODP_CIPHER_ALG_AES_GCM: + return "ODP_CIPHER_ALG_AES_GCM"; + default: + return "Unknown"; + } +} + +static int alg_op(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_crypto_op_result_t result; + odp_crypto_op_param_t op_params; + odp_bool_t posted; + odp_event_subtype_t subtype; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + op_params.pkt = pkt; + op_params.out_pkt = pkt; + op_params.ctx = (void *)0xdeadbeef; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_operation(&op_params, &posted, &result); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_operation()"); + return rc; + } + + if (posted) { + odp_event_t event; + odp_crypto_compl_t compl_event; + + /* Poll completion queue for results */ + do { + event = odp_queue_deq(suite_context.queue); + } while (event == ODP_EVENT_INVALID); + + CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == odp_event_type(event)); + CU_ASSERT(ODP_EVENT_NO_SUBTYPE == odp_event_subtype(event)); + CU_ASSERT(ODP_EVENT_CRYPTO_COMPL == + odp_event_types(event, &subtype)); + CU_ASSERT(ODP_EVENT_NO_SUBTYPE == subtype); + + compl_event = odp_crypto_compl_from_event(event); + CU_ASSERT(odp_crypto_compl_to_u64(compl_event) == + odp_crypto_compl_to_u64( + odp_crypto_compl_from_event(event))); + odp_crypto_compl_result(compl_event, &result); + odp_crypto_compl_free(compl_event); + } + + CU_ASSERT(result.pkt == pkt); + CU_ASSERT(result.ctx == (void *)0xdeadbeef); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(result.pkt))); + CU_ASSERT(ODP_EVENT_PACKET_BASIC == + odp_event_subtype(odp_packet_to_event(result.pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(result.pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_BASIC == subtype); + + *ok = result.ok; + + return 0; +} + +static int alg_packet_op(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_crypto_packet_result_t result; + odp_crypto_packet_op_param_t op_params; + odp_event_subtype_t subtype; + odp_packet_t out_pkt = pkt; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_op(&pkt, &out_pkt, &op_params, 1); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_op()"); + return rc; + } + + CU_ASSERT(out_pkt == pkt); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == + odp_event_subtype(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + rc = odp_crypto_result(&result, pkt); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_result()"); + return rc; + } + + if (!result.ok) + CU_ASSERT(odp_packet_has_error(pkt)); + + *ok = result.ok; + + return 0; +} + +static int alg_packet_op_enq(odp_packet_t pkt, + odp_bool_t *ok, + odp_crypto_session_t session, + uint8_t *cipher_iv_ptr, + uint8_t *auth_iv_ptr, + odp_packet_data_range_t *cipher_range, + odp_packet_data_range_t *auth_range, + uint8_t *aad, + unsigned int plaintext_len) +{ + int rc; + odp_event_t event; + odp_crypto_packet_result_t result; + odp_crypto_packet_op_param_t op_params; + odp_event_subtype_t subtype; + odp_packet_t out_pkt = pkt; + + /* Prepare input/output params */ + memset(&op_params, 0, sizeof(op_params)); + op_params.session = session; + + op_params.cipher_range = *cipher_range; + op_params.auth_range = *auth_range; + if (cipher_iv_ptr) + op_params.cipher_iv_ptr = cipher_iv_ptr; + if (auth_iv_ptr) + op_params.auth_iv_ptr = auth_iv_ptr; + + op_params.aad_ptr = aad; + + op_params.hash_result_offset = plaintext_len; + + rc = odp_crypto_op_enq(&pkt, &pkt, &op_params, 1); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_op_enq()"); + return rc; + } + + /* Poll completion queue for results */ + do { + event = odp_queue_deq(suite_context.queue); + } while (event == ODP_EVENT_INVALID); + + CU_ASSERT(ODP_EVENT_PACKET == odp_event_type(event)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == odp_event_subtype(event)); + CU_ASSERT(ODP_EVENT_PACKET == odp_event_types(event, &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + pkt = odp_crypto_packet_from_event(event); + + CU_ASSERT(out_pkt == pkt); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_type(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == + odp_event_subtype(odp_packet_to_event(pkt))); + CU_ASSERT(ODP_EVENT_PACKET == + odp_event_types(odp_packet_to_event(pkt), &subtype)); + CU_ASSERT(ODP_EVENT_PACKET_CRYPTO == subtype); + + rc = odp_crypto_result(&result, pkt); + if (rc < 0) { + CU_FAIL("Failed odp_crypto_packet_result()"); + return rc; + } + + CU_ASSERT((!odp_packet_has_error(pkt)) == result.ok); + + *ok = result.ok; + + return 0; +} + +typedef enum crypto_test { + NORMAL_TEST = 0, /**< Plain execution */ + REPEAT_TEST, /**< Rerun without reinitializing the session */ + WRONG_DIGEST_TEST, /**< Check against wrong digest */ + MAX_TEST, /**< Final mark */ +} crypto_test; + +/* Basic algorithm run function for async inplace mode. + * Creates a session from input parameters and runs one operation + * on input_vec. Checks the output of the crypto operation against + * output_vec. Operation completion event is dequeued polling the + * session output queue. Completion context pointer is retrieved + * and checked against the one set before the operation. + * Completion event can be a separate buffer or the input packet + * buffer can be used. + * */ +static void alg_test(odp_crypto_op_t op, + odp_cipher_alg_t cipher_alg, + odp_auth_alg_t auth_alg, + crypto_test_reference_t *ref, + odp_bool_t ovr_iv) +{ + odp_crypto_session_t session; + int rc; + odp_crypto_ses_create_err_t status; + odp_bool_t ok = false; + int iteration; + odp_crypto_session_param_t ses_params; + odp_packet_data_range_t cipher_range; + odp_packet_data_range_t auth_range; + odp_crypto_key_t cipher_key = { + .data = ref->cipher_key, + .length = ref->cipher_key_length + }; + odp_crypto_key_t auth_key = { + .data = ref->auth_key, + .length = ref->auth_key_length + }; + odp_crypto_iv_t cipher_iv = { + .data = ovr_iv ? NULL : ref->cipher_iv, + .length = ref->cipher_iv_length + }; + odp_crypto_iv_t auth_iv = { + .data = ovr_iv ? NULL : ref->auth_iv, + .length = ref->auth_iv_length + }; + + /* Create a crypto session */ + odp_crypto_session_param_init(&ses_params); + ses_params.op = op; + ses_params.auth_cipher_text = false; + ses_params.op_mode = suite_context.op_mode; + ses_params.pref_mode = suite_context.pref_mode; + ses_params.cipher_alg = cipher_alg; + ses_params.auth_alg = auth_alg; + ses_params.compl_queue = suite_context.queue; + ses_params.output_pool = suite_context.pool; + ses_params.cipher_key = cipher_key; + ses_params.cipher_iv = cipher_iv; + ses_params.auth_iv = auth_iv; + ses_params.auth_key = auth_key; + ses_params.auth_digest_len = ref->digest_length; + ses_params.auth_aad_len = ref->aad_length; + + rc = odp_crypto_session_create(&ses_params, &session, &status); + CU_ASSERT_FATAL(!rc); + CU_ASSERT(status == ODP_CRYPTO_SES_CREATE_ERR_NONE); + CU_ASSERT(odp_crypto_session_to_u64(session) != + odp_crypto_session_to_u64(ODP_CRYPTO_SESSION_INVALID)); + + cipher_range.offset = 0; + cipher_range.length = ref->length; + auth_range.offset = 0; + auth_range.length = ref->length; + + /* Prepare input data */ + odp_packet_t pkt = odp_packet_alloc(suite_context.pool, + ref->length + ref->digest_length); + CU_ASSERT(pkt != ODP_PACKET_INVALID); + if (pkt == ODP_PACKET_INVALID) + goto cleanup; + + for (iteration = NORMAL_TEST; iteration < MAX_TEST; iteration++) { + /* checking against wrong digest is meaningless for NULL digest + * or when generating digest */ + if (iteration == WRONG_DIGEST_TEST && + (auth_alg == ODP_AUTH_ALG_NULL || + op == ODP_CRYPTO_OP_ENCODE)) + continue; + + if (op == ODP_CRYPTO_OP_ENCODE) { + odp_packet_copy_from_mem(pkt, 0, ref->length, + ref->plaintext); + } else { + odp_packet_copy_from_mem(pkt, 0, ref->length, + ref->ciphertext); + odp_packet_copy_from_mem(pkt, ref->length, + ref->digest_length, + ref->digest); + if (iteration == WRONG_DIGEST_TEST) { + uint8_t byte = ~ref->digest[0]; + + odp_packet_copy_from_mem(pkt, ref->length, + 1, &byte); + } + } + + if (!suite_context.packet) + rc = alg_op(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + else if (ODP_CRYPTO_ASYNC == suite_context.op_mode) + rc = alg_packet_op_enq(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + else + rc = alg_packet_op(pkt, &ok, session, + ovr_iv ? ref->cipher_iv : NULL, + ovr_iv ? ref->auth_iv : NULL, + &cipher_range, &auth_range, + ref->aad, ref->length); + if (rc < 0) + break; + + if (iteration == WRONG_DIGEST_TEST) { + CU_ASSERT(!ok); + continue; + } + + CU_ASSERT(ok); + + if (op == ODP_CRYPTO_OP_ENCODE) { + CU_ASSERT(!packet_cmp_mem(pkt, 0, + ref->ciphertext, + ref->length)); + CU_ASSERT(!packet_cmp_mem(pkt, ref->length, + ref->digest, + ref->digest_length)); + } else { + CU_ASSERT(!packet_cmp_mem(pkt, 0, + ref->plaintext, + ref->length)); + } + } + + odp_packet_free(pkt); + +cleanup: + rc = odp_crypto_session_destroy(session); + CU_ASSERT(!rc); +} + +static void check_alg(odp_crypto_op_t op, + odp_cipher_alg_t cipher_alg, + odp_auth_alg_t auth_alg, + crypto_test_reference_t *ref, + size_t count, + odp_bool_t ovr_iv) +{ + odp_crypto_capability_t capa; + odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; + odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; + int rc, cipher_num, auth_num, i; + odp_bool_t cipher_tested[MAX_ALG_CAPA]; + odp_bool_t auth_tested[MAX_ALG_CAPA]; + odp_bool_t cipher_ok = false; + odp_bool_t auth_ok = false; + size_t idx; + + rc = odp_crypto_capability(&capa); + CU_ASSERT(!rc); + + if (cipher_alg == ODP_CIPHER_ALG_3DES_CBC && + !(capa.ciphers.bit.trides_cbc)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CBC && + !(capa.ciphers.bit.aes_cbc)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CTR && + !(capa.ciphers.bit.aes_ctr)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && + !(capa.ciphers.bit.aes_gcm)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_DES && + !(capa.ciphers.bit.des)) + rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_NULL && + !(capa.ciphers.bit.null)) + rc = -1; + + CU_ASSERT(!rc); + CU_ASSERT((~capa.ciphers.all_bits & capa.hw_ciphers.all_bits) == 0); + + if (auth_alg == ODP_AUTH_ALG_AES_GCM && + !(capa.auths.bit.aes_gcm)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_GMAC && + !(capa.auths.bit.aes_gmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && + !(capa.auths.bit.md5_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_NULL && + !(capa.auths.bit.null)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && + !(capa.auths.bit.sha1_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && + !(capa.auths.bit.sha256_hmac)) + rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && + !(capa.auths.bit.sha512_hmac)) + rc = -1; + + CU_ASSERT(!rc); + CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); + + cipher_num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, + MAX_ALG_CAPA); + + CU_ASSERT(cipher_num > 0); + CU_ASSERT(cipher_num <= MAX_ALG_CAPA); + if (cipher_num > MAX_ALG_CAPA) + cipher_num = MAX_ALG_CAPA; + + auth_num = odp_crypto_auth_capability(auth_alg, auth_capa, + MAX_ALG_CAPA); + + CU_ASSERT(auth_num > 0); + CU_ASSERT(auth_num <= MAX_ALG_CAPA); + if (auth_num > MAX_ALG_CAPA) + auth_num = MAX_ALG_CAPA; + + memset(cipher_tested, 0, sizeof(cipher_tested)); + memset(auth_tested, 0, sizeof(auth_tested)); + + for (idx = 0; idx < count; idx++) { + int cipher_idx = -1, auth_idx = -1; + + for (i = 0; i < cipher_num; i++) { + if (cipher_capa[i].key_len == + ref[idx].cipher_key_length && + cipher_capa[i].iv_len == + ref[idx].cipher_iv_length) { + cipher_idx = i; + break; + } + } + + if (cipher_idx < 0) { + printf("\n Unsupported: alg=%s, key_len=%" PRIu32 + ", iv_len=%" PRIu32 "\n", + cipher_alg_name(cipher_alg), + ref[idx].cipher_key_length, + ref[idx].cipher_iv_length); + continue; + } + + for (i = 0; i < auth_num; i++) { + if (auth_capa[i].digest_len == + ref[idx].digest_length && + auth_capa[i].iv_len == + ref[idx].auth_iv_length && + auth_capa[i].key_len == + ref[idx].auth_key_length) { + auth_idx = i; + break; + } + } + + if (auth_idx < 0) { + printf("\n Unsupported: alg=%s, key_len=%" PRIu32 + ", iv_len=%" PRIu32 ", digest_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), + ref[idx].auth_key_length, + ref[idx].auth_iv_length, + ref[idx].digest_length); + continue; + } + + alg_test(op, cipher_alg, auth_alg, &ref[idx], ovr_iv); + + cipher_tested[cipher_idx] = true; + auth_tested[auth_idx] = true; + } + + for (i = 0; i < cipher_num; i++) { + cipher_ok |= cipher_tested[i]; + if (!cipher_tested[i]) { + /* GMAC-related hacks */ + if (cipher_alg == ODP_CIPHER_ALG_NULL) + continue; + printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " + "iv_len=%" PRIu32 "\n", + cipher_alg_name(cipher_alg), + cipher_capa[i].key_len, + cipher_capa[i].iv_len); + } + } + + for (i = 0; i < auth_num; i++) { + auth_ok |= auth_tested[i]; + if (!auth_tested[i]) + printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " + "digest_len=%" PRIu32 "\n", + auth_alg_name(auth_alg), + auth_capa[i].key_len, + auth_capa[i].digest_len); + } + + /* Verify that we were able to run at least several tests */ + CU_ASSERT(cipher_ok); + CU_ASSERT(auth_ok); +} + +/** + * Check if given cipher and authentication algorithms are supported + * + * @param cipher Cipher algorithm + * @param auth Authentication algorithm + * + * @retval ODP_TEST_ACTIVE when both algorithms are supported + * @retval ODP_TEST_INACTIVE when either algorithm is not supported + */ +static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) +{ + odp_crypto_capability_t capability; + + if (odp_crypto_capability(&capability)) + return ODP_TEST_INACTIVE; + + if (suite_context.packet) { + if (suite_context.op_mode == ODP_CRYPTO_SYNC && + capability.sync_mode == ODP_SUPPORT_NO) + return ODP_TEST_INACTIVE; + if (suite_context.op_mode == ODP_CRYPTO_ASYNC && + capability.async_mode == ODP_SUPPORT_NO) + return ODP_TEST_INACTIVE; + } + + /* Cipher algorithms */ + switch (cipher) { + case ODP_CIPHER_ALG_NULL: + if (!capability.ciphers.bit.null) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_DES: + if (!capability.ciphers.bit.des) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_3DES_CBC: + if (!capability.ciphers.bit.trides_cbc) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_CBC: + if (!capability.ciphers.bit.aes_cbc) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_CTR: + if (!capability.ciphers.bit.aes_ctr) + return ODP_TEST_INACTIVE; + break; + case ODP_CIPHER_ALG_AES_GCM: + if (!capability.ciphers.bit.aes_gcm) + return ODP_TEST_INACTIVE; + break; + default: + fprintf(stderr, "Unsupported cipher algorithm\n"); + return ODP_TEST_INACTIVE; + } + + /* Authentication algorithms */ + switch (auth) { + case ODP_AUTH_ALG_NULL: + if (!capability.auths.bit.null) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_MD5_HMAC: + if (!capability.auths.bit.md5_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA1_HMAC: + if (!capability.auths.bit.sha1_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA256_HMAC: + if (!capability.auths.bit.sha256_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_SHA512_HMAC: + if (!capability.auths.bit.sha512_hmac) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_AES_GCM: + if (!capability.auths.bit.aes_gcm) + return ODP_TEST_INACTIVE; + break; + case ODP_AUTH_ALG_AES_GMAC: + if (!capability.auths.bit.aes_gmac) + return ODP_TEST_INACTIVE; + break; + default: + fprintf(stderr, "Unsupported authentication algorithm\n"); + return ODP_TEST_INACTIVE; + } + + return ODP_TEST_ACTIVE; +} + +static int check_alg_null(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); +} + +#define ARRAY_SIZE(a) (sizeof(a) / sizeof(a[0])) +static void crypto_test_enc_alg_null(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_NULL, + null_reference, + ARRAY_SIZE(null_reference), + false); +} + +static void crypto_test_dec_alg_null(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_NULL, + null_reference, + ARRAY_SIZE(null_reference), + false); +} + +static int check_alg_3des_cbc(void) +{ + return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_3des_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for 3DES_CBC algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_3des_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_3des_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_3DES_CBC, + ODP_AUTH_ALG_NULL, + tdes_cbc_reference, + ARRAY_SIZE(tdes_cbc_reference), + true); +} + +static int check_alg_aes_gcm(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_GCM algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_gcm(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_GCM algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_gcm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_gcm(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for 3DES_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_GCM, + ODP_AUTH_ALG_AES_GCM, + aes_gcm_reference, + ARRAY_SIZE(aes_gcm_reference), + true); +} + +static int check_alg_aes_cbc(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CBC algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_aes_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_cbc(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CBC algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_cbc_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CBC, + ODP_AUTH_ALG_NULL, + aes_cbc_reference, + ARRAY_SIZE(aes_cbc_reference), + true); +} + +static int check_alg_aes_ctr(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CTR, ODP_AUTH_ALG_NULL); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer.*/ +static void crypto_test_enc_alg_aes_ctr(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + false); +} + +/* This test verifies the correctness of encode (plaintext -> ciphertext) + * operation for AES128_CTR algorithm. IV for the operation is the operation IV. + * */ +static void crypto_test_enc_alg_aes_ctr_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + true); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_ctr(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + false); +} + +/* This test verifies the correctness of decode (ciphertext -> plaintext) + * operation for AES128_CTR algorithm. IV for the operation is the session IV + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_dec_alg_aes_ctr_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CTR, + ODP_AUTH_ALG_NULL, + aes_ctr_reference, + ARRAY_SIZE(aes_ctr_reference), + true); +} + +static int check_alg_hmac_md5(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_MD5_HMAC); +} + +/* This test verifies the correctness of HMAC_MD5 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_md5(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_MD5_HMAC, + hmac_md5_reference, + ARRAY_SIZE(hmac_md5_reference), + false); +} + +static void crypto_test_check_alg_hmac_md5(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_MD5_HMAC, + hmac_md5_reference, + ARRAY_SIZE(hmac_md5_reference), + false); +} + +static int check_alg_hmac_sha1(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA1 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha1(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA1_HMAC, + hmac_sha1_reference, + ARRAY_SIZE(hmac_sha1_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha1(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA1_HMAC, + hmac_sha1_reference, + ARRAY_SIZE(hmac_sha1_reference), + false); +} + +static int check_alg_hmac_sha256(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA256 digest operation. + * The output check length is truncated to 16 bytes (128 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha256(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA256_HMAC, + hmac_sha256_reference, + ARRAY_SIZE(hmac_sha256_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha256(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA256_HMAC, + hmac_sha256_reference, + ARRAY_SIZE(hmac_sha256_reference), + false); +} + +static int check_alg_hmac_sha512(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA512 digest operation. + * The output check length is truncated to 32 bytes (256 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +static void crypto_test_gen_alg_hmac_sha512(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA512_HMAC, + hmac_sha512_reference, + ARRAY_SIZE(hmac_sha512_reference), + false); +} + +static void crypto_test_check_alg_hmac_sha512(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_SHA512_HMAC, + hmac_sha512_reference, + ARRAY_SIZE(hmac_sha512_reference), + false); +} + +static int check_alg_aes_gmac(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_GMAC); +} + +static void crypto_test_gen_alg_aes_gmac(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + aes_gmac_reference, + ARRAY_SIZE(aes_gmac_reference), + false); +} + +static void crypto_test_gen_alg_aes_gmac_ovr_iv(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + alg_test(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + &aes_gmac_reference[i], + true); +} + +static void crypto_test_check_alg_aes_gmac(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + aes_gmac_reference, + ARRAY_SIZE(aes_gmac_reference), + false); +} + +static void crypto_test_check_alg_aes_gmac_ovr_iv(void) +{ + unsigned int test_vec_num = (sizeof(aes_gmac_reference) / + sizeof(aes_gmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + alg_test(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_GMAC, + &aes_gmac_reference[i], + true); +} + +int crypto_suite_sync_init(void) +{ + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = ODP_QUEUE_INVALID; + suite_context.pref_mode = ODP_CRYPTO_SYNC; + return 0; +} + +int crypto_suite_async_init(void) +{ + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + suite_context.queue = odp_queue_lookup("crypto-out"); + if (suite_context.queue == ODP_QUEUE_INVALID) + return -1; + + suite_context.pref_mode = ODP_CRYPTO_ASYNC; + return 0; +} + +int crypto_suite_packet_sync_init(void) +{ + suite_context.packet = true; + suite_context.op_mode = ODP_CRYPTO_SYNC; + + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = ODP_QUEUE_INVALID; + return 0; +} + +int crypto_suite_packet_async_init(void) +{ + suite_context.packet = true; + suite_context.op_mode = ODP_CRYPTO_ASYNC; + + suite_context.pool = odp_pool_lookup("packet_pool"); + if (suite_context.pool == ODP_POOL_INVALID) + return -1; + + suite_context.queue = odp_queue_lookup("crypto-out"); + if (suite_context.queue == ODP_QUEUE_INVALID) + return -1; + return 0; +} + +odp_testinfo_t crypto_suite[] = { + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc_ovr_iv, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc_ovr_iv, + check_alg_3des_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_cbc_ovr_iv, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_cbc_ovr_iv, + check_alg_aes_cbc), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ctr_ovr_iv, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ctr_ovr_iv, + check_alg_aes_ctr), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_gcm_ovr_iv, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, + check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, + check_alg_hmac_md5), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, + check_alg_hmac_sha256), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_gmac_ovr_iv, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac, + check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, + check_alg_aes_gmac), + ODP_TEST_INFO_NULL, +}; + +int crypto_suite_term(void) +{ + int i; + int first = 1; + + for (i = 0; crypto_suite[i].pName; i++) { + if (crypto_suite[i].check_active && + crypto_suite[i].check_active() == ODP_TEST_INACTIVE) { + if (first) { + first = 0; + printf("\n\n Inactive tests:\n"); + } + printf(" %s\n", crypto_suite[i].pName); + } + } + return 0; +} From patchwork Sun Jan 28 08:59:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126063 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1558279ljd; Sun, 28 Jan 2018 01:04:32 -0800 (PST) X-Google-Smtp-Source: AH8x227rTmxKUcyiKWU8AKjxJeGdUjSZ/fkKaR8mI/t2oBBuuXhkzM5ILkJidBnK3lGXylIriw5y X-Received: by 10.237.44.98 with SMTP id f89mr32107712qtd.94.1517130272673; Sun, 28 Jan 2018 01:04:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130272; cv=none; d=google.com; s=arc-20160816; b=eXlXko4xh6+ZPcBg38ilB3fSL1yC6V0TwhQcg1vPV55kUPvpLa174mKOaUYCze3WCV zCIkM78Y+XpMnccNrhcDyddHZvfzqQOc5zgghh+ga1uT3Z4dXygAL/S1EOy3LSzGwOb8 bDmATqqDwicOb/JkjWo/egG+93GBo5YFnSng4vKmP0gejE4tRJCZUPIMESAl8TB8Do7o 0eJpjQI0fwK/VlodCSm5YfrAOrmDGszs7cFJJqEtO4P8QC1dOtiSyosFw1TBBJj7UpKL ll+sDIYBN/dTKAirWfI+W2Hz7CHY2vViPRzsWzfuD1MejO4zEeCjAIW+MVexr0smcNAY SevA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=1R/8aryKAiiP83k0EbZuTlFXo/q81fzqkNrJbqn3n8w=; b=Qh2RhQgD5JfGVQatzMmOCA+6MG8KBQvp3EwvUgm4wPztLPIDcrGutPrjieTBryGJi+ AWrgaY0JsgN85Rs0YceAwVsUuPjhBNgcZuV2WgRLpmoubr89dQxfp+kfAGwUiSiwzzzG 8Br1xuEymfap3r/zg8FW18ATAgsKaStrxPIehxLW5NojDTAFGoteD3gvTKrg1YK3lXdw o9d7a32Xd3UL+AQMnGP9OsGbt1+S/8z+5/MV2dNgvf0IGCCs5vGV+Z5GQgL+0IcboA+j Zjg4Gj3h4CC/naW5ujM9XchHej4Y4VuUQVwFYqXJlrww3OokBO9m3Ipy/zrUNhCrWH66 fMgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id c72si2035097qkb.394.2018.01.28.01.04.32; Sun, 28 Jan 2018 01:04:32 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 4ECFD617F3; Sun, 28 Jan 2018 09:04:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id A5C1261802; Sun, 28 Jan 2018 09:00:43 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 2B87B61736; Sun, 28 Jan 2018 09:00:20 +0000 (UTC) Received: from forward104o.mail.yandex.net (forward104o.mail.yandex.net [37.140.190.179]) by lists.linaro.org (Postfix) with ESMTPS id 328826173A for ; Sun, 28 Jan 2018 09:00:16 +0000 (UTC) Received: from mxback5g.mail.yandex.net (mxback5g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:166]) by forward104o.mail.yandex.net (Yandex) with ESMTP id E231F703821 for ; Sun, 28 Jan 2018 12:00:14 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback5g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id hvBA9v5mZt-0EoeevAU; Sun, 28 Jan 2018 12:00:14 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0EXeF2HH; Sun, 28 Jan 2018 12:00:14 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 11:59:59 +0300 Message-Id: <1517130009-11837-7-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 6/16] validation: crypto: drop obsolete GMAC-related hack X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Checking that cipher is not NULL was required because GMAC used NULL cipher to specify it's IV. Now it is obosolete, as auths has their own IV. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 2b0ba1cd9..0448972b8 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -580,9 +580,6 @@ static void check_alg(odp_crypto_op_t op, for (i = 0; i < cipher_num; i++) { cipher_ok |= cipher_tested[i]; if (!cipher_tested[i]) { - /* GMAC-related hacks */ - if (cipher_alg == ODP_CIPHER_ALG_NULL) - continue; printf("\n Untested: alg=%s, key_len=%" PRIu32 ", " "iv_len=%" PRIu32 "\n", cipher_alg_name(cipher_alg), From patchwork Sun Jan 28 09:00:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126064 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1558714ljd; Sun, 28 Jan 2018 01:05:19 -0800 (PST) X-Google-Smtp-Source: AH8x227fEgbjkLfcpEyGxb2lvY1Cqbc6wax6yvkRPVHsLFQ1eGexMBm1D83qfLiIP3cRY/BGIE+m X-Received: by 10.200.13.139 with SMTP id s11mr33546518qti.287.1517130319044; Sun, 28 Jan 2018 01:05:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130319; cv=none; d=google.com; s=arc-20160816; b=ky4MniHXvbZTz7am4Ke+eBucBATNEdAkD29c+x5GqK+IuSoofCGZwwc9PW9p9ZLnH4 TuOvblEsB/8ANsFfzanVwQQHBlV3rZ37OW31Ur/Fey3bsewBlSlLanm2ecgdy2XwOVVs YBmHLKKiKYM2okyIX86EGvnq7MiE/iPy3i9r/loW00/AtfEPHaj/UQdKvMpTIfwQthhA uMBME9keaXZ9lYVjFg8LeDgl2H2OGjgRO979Ib734RXFg2mg5D+7SM5x1f/2zTjmxVFN raVX12Q34/AEtENoqdj3WEaG1VvEiyrsZYbY6zt1qjJBLXJ7IUxWehjuXC0PpIOPnl3Q iCAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=Uow8LyRnkT28WJxZWLELmpb7c2N1ONnCDtPAbT32aaw=; b=CCWXpexryXMGOzxT4mHZPDVJqUV8RpMgXhnaErW5SIqNFGea+wZEYLWnhS9Yw4ZDC2 Q5TkthlO9DrTPqfONWpzcrBLoT/IshGlq9Mugsz8ur2bbaKdHq641zqFEIf4u8mObZ+b 263A3R3z77IwfrA7PAFfyB99EXSM0zF7GjhQZb9Aj2aPOxenVGYyov0Q4ofkq7NLeEhu 4RK0VhgdYNAqRqRUcBQC8hbFDacYyyihb/wdkdmH68Ci2DaAzqka+werHiLAwhVvNpx8 /b9ObArXLkE83wpfwCPZV8yOs+kl8Jq1dRDLVVuo4w7cBVEasxGed+i7MNwuUmzjv/4y 7DWg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id t3si6360265qkg.222.2018.01.28.01.05.18; Sun, 28 Jan 2018 01:05:19 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id A5D316176A; Sun, 28 Jan 2018 09:05:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 0C864619C7; Sun, 28 Jan 2018 09:00:48 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 4C87B61795; Sun, 28 Jan 2018 09:00:23 +0000 (UTC) Received: from forward100p.mail.yandex.net (forward100p.mail.yandex.net [77.88.28.100]) by lists.linaro.org (Postfix) with ESMTPS id 201CC60887 for ; Sun, 28 Jan 2018 09:00:17 +0000 (UTC) Received: from mxback15j.mail.yandex.net (mxback15j.mail.yandex.net [IPv6:2a02:6b8:0:1619::91]) by forward100p.mail.yandex.net (Yandex) with ESMTP id 902925101AE4 for ; Sun, 28 Jan 2018 12:00:15 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback15j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id cBCd0VVbWj-0FtSHwEb; Sun, 28 Jan 2018 12:00:15 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0EXShkDj; Sun, 28 Jan 2018 12:00:14 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:00 +0300 Message-Id: <1517130009-11837-8-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 7/16] validation: crypto: use single definitions for AES key lengths X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Merge defines for AES-CBC/CTR/GCM keys. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ test/validation/api/crypto/test_vectors.h | 32 +++++++++++------------ test/validation/api/crypto/test_vectors_len.h | 37 +++++++-------------------- 2 files changed, 25 insertions(+), 44 deletions(-) diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 9c0b844d1..ff69717db 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -74,7 +74,7 @@ static crypto_test_reference_t tdes_cbc_reference[] = { static crypto_test_reference_t aes_cbc_reference[] = { { - .cipher_key_length = AES128_CBC_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06}, .cipher_iv_length = AES_CBC_IV_LEN, @@ -86,7 +86,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a } }, { - .cipher_key_length = AES128_CBC_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a}, .cipher_iv_length = AES_CBC_IV_LEN, @@ -103,7 +103,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 } }, { - .cipher_key_length = AES128_CBC_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x6c, 0x3e, 0xa0, 0x47, 0x76, 0x30, 0xce, 0x21, 0xa2, 0xce, 0x33, 0x4a, 0xa7, 0x46, 0xc2, 0xcd}, .cipher_iv_length = AES_CBC_IV_LEN, @@ -119,7 +119,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x85, 0x79, 0x69, 0x5d, 0x83, 0xba, 0x26, 0x84 } }, { - .cipher_key_length = AES128_CBC_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x56, 0xe4, 0x7a, 0x38, 0xc5, 0x59, 0x89, 0x74, 0xbc, 0x46, 0x90, 0x3d, 0xba, 0x29, 0x03, 0x49}, .cipher_iv_length = AES_CBC_IV_LEN, @@ -144,7 +144,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x49, 0xa5, 0x3e, 0x87, 0xf4, 0xc3, 0xda, 0x55 } }, { - .cipher_key_length = AES192_CBC_KEY_LEN, + .cipher_key_length = AES192_KEY_LEN, .cipher_key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c}, @@ -162,7 +162,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { 0x53, 0x1c, 0xc6, 0x98, 0x85, 0xc3, 0x00, 0xe6}, }, { - .cipher_key_length = AES256_CBC_KEY_LEN, + .cipher_key_length = AES256_KEY_LEN, .cipher_key = { 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, 0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab, 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, @@ -188,7 +188,7 @@ static crypto_test_reference_t aes_cbc_reference[] = { static crypto_test_reference_t aes_ctr_reference[] = { { - .cipher_key_length = AES128_CTR_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}, .cipher_iv_length = AES_CTR_IV_LEN, @@ -213,7 +213,7 @@ static crypto_test_reference_t aes_ctr_reference[] = { 0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee } }, { - .cipher_key_length = AES192_CTR_KEY_LEN, + .cipher_key_length = AES192_KEY_LEN, .cipher_key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, @@ -239,7 +239,7 @@ static crypto_test_reference_t aes_ctr_reference[] = { 0x5a, 0x97, 0xda, 0xec, 0x58, 0xc6, 0xb0, 0x50 } }, { - .cipher_key_length = AES256_CTR_KEY_LEN, + .cipher_key_length = AES256_KEY_LEN, .cipher_key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, @@ -272,7 +272,7 @@ static crypto_test_reference_t aes_ctr_reference[] = { */ static crypto_test_reference_t aes_gcm_reference[] = { { - .cipher_key_length = AES128_GCM_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34}, .cipher_iv_length = AES_GCM_IV_LEN, @@ -305,7 +305,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0x2f, 0xd0, 0x47, 0x96, 0x56, 0x2d, 0xfd, 0xb4 } }, { - .cipher_key_length = AES128_GCM_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08}, .cipher_iv_length = AES_GCM_IV_LEN, @@ -335,7 +335,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0xc3, 0x09, 0xe9, 0xd8, 0x5a, 0x41, 0xad, 0x4a } }, { - .cipher_key_length = AES128_GCM_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, .cipher_iv_length = AES_GCM_IV_LEN, @@ -365,7 +365,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0x8a, 0xd2, 0xb6, 0x9e, 0x47, 0x99, 0xc7, 0x1d } }, { - .cipher_key_length = AES128_GCM_KEY_LEN, + .cipher_key_length = AES128_KEY_LEN, .cipher_key = { 0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60, 0x7e, 0xae, 0x1f}, .cipher_iv_length = AES_GCM_IV_LEN, @@ -388,7 +388,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0x95, 0xf1, 0x12, 0xe4, 0xe7, 0xd0, 0x5d, 0x35 } }, { - .cipher_key_length = AES192_GCM_KEY_LEN, + .cipher_key_length = AES192_KEY_LEN, .cipher_key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c}, @@ -413,7 +413,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { 0x18, 0x02, 0x7b, 0x5b, 0x4c, 0xd7, 0xa6, 0x36 } }, { - .cipher_key_length = AES256_GCM_KEY_LEN, + .cipher_key_length = AES256_KEY_LEN, .cipher_key = { 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, 0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab, 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, @@ -446,7 +446,7 @@ static crypto_test_reference_t aes_gcm_reference[] = { static crypto_test_reference_t aes_gmac_reference[] = { { - .auth_key_length = AES128_GCM_KEY_LEN, + .auth_key_length = AES128_KEY_LEN, .auth_key = { 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34}, .auth_iv_length = AES_GCM_IV_LEN, diff --git a/test/validation/api/crypto/test_vectors_len.h b/test/validation/api/crypto/test_vectors_len.h index 2551b054c..8933017b4 100644 --- a/test/validation/api/crypto/test_vectors_len.h +++ b/test/validation/api/crypto/test_vectors_len.h @@ -17,43 +17,24 @@ #define TDES_CBC_KEY_LEN 24 #define TDES_CBC_IV_LEN 8 -/* AES-CBC common */ -#define AES_CBC_IV_LEN 16 - -/* AES128-CBC */ -#define AES128_CBC_KEY_LEN 16 +/* AES common */ -/* AES192-CBC */ -#define AES192_CBC_KEY_LEN 24 +#define AES128_KEY_LEN 16 -/* AES256-CBC */ -#define AES256_CBC_KEY_LEN 32 +#define AES192_KEY_LEN 24 -/* AES-CBC common */ -#define AES_CTR_IV_LEN 16 +#define AES256_KEY_LEN 32 -/* AES128-CTR */ -#define AES128_CTR_KEY_LEN 16 - -/* AES192-CTR */ -#define AES192_CTR_KEY_LEN 24 +/* AES-CBC */ +#define AES_CBC_IV_LEN 16 -/* AES256-CTR */ -#define AES256_CTR_KEY_LEN 32 +/* AES-CTR */ +#define AES_CTR_IV_LEN 16 -/* AES-GCM common */ +/* AES-GCM */ #define AES_GCM_IV_LEN 12 #define AES_GCM_DIGEST_LEN 16 -/* AES128-GCM */ -#define AES128_GCM_KEY_LEN 16 - -/* AES192-GCM */ -#define AES192_GCM_KEY_LEN 24 - -/* AES256-GCM */ -#define AES256_GCM_KEY_LEN 32 - /* HMAC-MD5 */ #define HMAC_MD5_KEY_LEN 16 #define HMAC_MD5_96_CHECK_LEN 12 From patchwork Sun Jan 28 09:00:01 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126065 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1559326ljd; Sun, 28 Jan 2018 01:06:23 -0800 (PST) X-Google-Smtp-Source: AH8x2259xXo5cJiVd+QU6ghAk+KhbWh/Q9u/Y/1Kr+FQ6zfLwe+jaEmTk7wfaKs5IMY3AGFjY/jO X-Received: by 10.55.177.131 with SMTP id a125mr19771842qkf.101.1517130383154; Sun, 28 Jan 2018 01:06:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130383; cv=none; d=google.com; s=arc-20160816; b=GEZ8xk+8v5r4Dijt7orw02HWVdXRHEc+CNo9wyTlH5Hjb/m5gXVz7/5QVvnhIIS/sU PAO56CyKrZL1uFwGVB15e48P+/r4wcoMs/+uvPmxvvIfQQwC7FYVLMbGvSmiUDuRqVZ8 dfMLJgBl5oHqr1iQ896GosnAU3T/e5Oe7n7YMI5qxVLxpcxf/iEdsAA6bvdoZBdhWacN 0QJ3iVeEBJBKhjXfoyPwlXl43Qmv8DDQBY8RdGLNe1rtzrYoadM2BSJeui/f/0auA9TU xvDGm10u2Lem7Re2UnObFhhYUxcx6ikU6M8WC87weZsPxo279gi0YmLRX3t6tK9XjA/q w8IQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=kdjLbnZtIiJCw0FkWwh2HbYcLh2yj/PwTQDLSgTwny4=; b=Q774WlAqyrDO3RG8FtqvzcY0C+nRHVZQ3DANtZ3aAcpWWDW9GmQjjRaRSHdW0maVNu LCBxkdWI8+SnLgUMsnaVdHrs1Z+hfmA7rUR7aKBtvCAciN9XFuriVRfFEnlta7PRyVrs 8MgFmcap9FNkPZfu1seWtusX5tLRWVJg9qeYFtZcqf/9U2xP0d6zAi/+ZkidD3dwe1a2 lbWo4hlDDDfwK/Jm3aOQNPbTnBzEFmG3hr7LWOeucaeP9qWNxxXrp7Qrh+m6SakVQ6XM ev528h/vZPWSW1LRiw3CJOu/0Z9E7Y4P5EDW86UmiUvCK5VCEugSe+6h7+ChnpBPlDze mYGA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id i10si359967qkh.173.2018.01.28.01.06.22; Sun, 28 Jan 2018 01:06:23 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id B77D7617AF; Sun, 28 Jan 2018 09:06:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 6B291619CA; Sun, 28 Jan 2018 09:00:54 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 5286F617DE; Sun, 28 Jan 2018 09:00:26 +0000 (UTC) Received: from forward106p.mail.yandex.net (forward106p.mail.yandex.net [77.88.28.109]) by lists.linaro.org (Postfix) with ESMTPS id B261061519 for ; Sun, 28 Jan 2018 09:00:17 +0000 (UTC) Received: from mxback2g.mail.yandex.net (mxback2g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:163]) by forward106p.mail.yandex.net (Yandex) with ESMTP id 313482D83F2B for ; Sun, 28 Jan 2018 12:00:16 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback2g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id B4iEbl3MUU-0Gd8VWiT; Sun, 28 Jan 2018 12:00:16 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0FXaLnac; Sun, 28 Jan 2018 12:00:15 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:01 +0300 Message-Id: <1517130009-11837-9-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 8/16] validation: crypto: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 72 ++++++++++++ test/validation/api/crypto/test_vectors.h | 138 +++++++++++++++++++++++ test/validation/api/crypto/test_vectors_len.h | 7 +- 3 files changed, 216 insertions(+), 1 deletion(-) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 0448972b8..5c38ae85f 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -52,6 +52,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GCM"; case ODP_AUTH_ALG_AES_GMAC: return "ODP_AUTH_ALG_AES_GMAC"; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: return "Unknown"; } @@ -70,6 +72,8 @@ static const char *cipher_alg_name(odp_cipher_alg_t cipher) return "ODP_CIPHER_ALG_AES_CBC"; case ODP_CIPHER_ALG_AES_GCM: return "ODP_CIPHER_ALG_AES_GCM"; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + return "ODP_CIPHER_ALG_CHACHA20_POLY1305"; default: return "Unknown"; } @@ -473,6 +477,9 @@ static void check_alg(odp_crypto_op_t op, if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && !(capa.ciphers.bit.aes_gcm)) rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305 && + !(capa.ciphers.bit.chacha20_poly1305)) + rc = -1; if (cipher_alg == ODP_CIPHER_ALG_DES && !(capa.ciphers.bit.des)) rc = -1; @@ -489,6 +496,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_CHACHA20_POLY1305 && + !(capa.auths.bit.chacha20_poly1305)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_MD5_HMAC && !(capa.auths.bit.md5_hmac)) rc = -1; @@ -654,6 +664,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capability.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -689,6 +703,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capability.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -785,6 +803,52 @@ static void crypto_test_dec_alg_3des_cbc_ovr_iv(void) true); } +static int check_alg_chacha20_poly1305(void) +{ + return check_alg_support(ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305); +} + +static void crypto_test_enc_alg_chacha20_poly1305(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + false); +} + +static void crypto_test_enc_alg_chacha20_poly1305_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + true); +} + +static void crypto_test_dec_alg_chacha20_poly1305(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + false); +} + +static void crypto_test_dec_alg_chacha20_poly1305_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_CHACHA20_POLY1305, + ODP_AUTH_ALG_CHACHA20_POLY1305, + chacha20_poly1305_reference, + ARRAY_SIZE(chacha20_poly1305_reference), + true); +} + static int check_alg_aes_gcm(void) { return check_alg_support(ODP_CIPHER_ALG_AES_GCM, ODP_AUTH_ALG_AES_GCM); @@ -1247,6 +1311,14 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gcm), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305_ovr_iv, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_chacha20_poly1305, + check_alg_chacha20_poly1305), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_chacha20_poly1305_ovr_iv, + check_alg_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_md5, check_alg_hmac_md5), ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index ff69717db..97f0620a5 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -477,6 +477,144 @@ static crypto_test_reference_t aes_gmac_reference[] = { }, }; +/* + * Test vector from RFC 7539, sections 2.8.2, A.5 + */ +static crypto_test_reference_t chacha20_poly1305_reference[] = { + { + .cipher_key_length = CHACHA20_POLY1305_KEY_LEN, + .cipher_key = { 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f}, + .cipher_iv_length = CHACHA20_POLY1305_IV_LEN, + .cipher_iv = { 0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43, + 0x44, 0x45, 0x46, 0x47 }, + .length = 114, + .plaintext = { 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, + 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, + 0x65, 0x6d, 0x65, 0x6e, 0x20, 0x6f, 0x66, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x63, 0x6c, 0x61, 0x73, + 0x73, 0x20, 0x6f, 0x66, 0x20, 0x27, 0x39, 0x39, + 0x3a, 0x20, 0x49, 0x66, 0x20, 0x49, 0x20, 0x63, + 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x6f, 0x66, 0x66, + 0x65, 0x72, 0x20, 0x79, 0x6f, 0x75, 0x20, 0x6f, + 0x6e, 0x6c, 0x79, 0x20, 0x6f, 0x6e, 0x65, 0x20, + 0x74, 0x69, 0x70, 0x20, 0x66, 0x6f, 0x72, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x66, 0x75, 0x74, 0x75, + 0x72, 0x65, 0x2c, 0x20, 0x73, 0x75, 0x6e, 0x73, + 0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, + 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, + 0x74, 0x2e }, + .ciphertext = { 0xd3, 0x1a, 0x8d, 0x34, 0x64, 0x8e, 0x60, 0xdb, + 0x7b, 0x86, 0xaf, 0xbc, 0x53, 0xef, 0x7e, 0xc2, + 0xa4, 0xad, 0xed, 0x51, 0x29, 0x6e, 0x08, 0xfe, + 0xa9, 0xe2, 0xb5, 0xa7, 0x36, 0xee, 0x62, 0xd6, + 0x3d, 0xbe, 0xa4, 0x5e, 0x8c, 0xa9, 0x67, 0x12, + 0x82, 0xfa, 0xfb, 0x69, 0xda, 0x92, 0x72, 0x8b, + 0x1a, 0x71, 0xde, 0x0a, 0x9e, 0x06, 0x0b, 0x29, + 0x05, 0xd6, 0xa5, 0xb6, 0x7e, 0xcd, 0x3b, 0x36, + 0x92, 0xdd, 0xbd, 0x7f, 0x2d, 0x77, 0x8b, 0x8c, + 0x98, 0x03, 0xae, 0xe3, 0x28, 0x09, 0x1b, 0x58, + 0xfa, 0xb3, 0x24, 0xe4, 0xfa, 0xd6, 0x75, 0x94, + 0x55, 0x85, 0x80, 0x8b, 0x48, 0x31, 0xd7, 0xbc, + 0x3f, 0xf4, 0xde, 0xf0, 0x8e, 0x4b, 0x7a, 0x9d, + 0xe5, 0x76, 0xd2, 0x65, 0x86, 0xce, 0xc6, 0x4b, + 0x61, 0x16 }, + .aad_length = 12, + .aad = { 0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, + 0xc5, 0xc6, 0xc7 }, + .digest_length = 16, + .digest = { 0x1a, 0xe1, 0x0b, 0x59, 0x4f, 0x09, 0xe2, 0x6a, + 0x7e, 0x90, 0x2e, 0xcb, 0xd0, 0x60, 0x06, 0x91 } + }, + { + .cipher_key_length = CHACHA20_POLY1305_KEY_LEN, + .cipher_key = { 0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a, + 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0, + 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09, + 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0}, + .cipher_iv_length = CHACHA20_POLY1305_IV_LEN, + .cipher_iv = { 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x05, 0x06, 0x07, 0x08 }, + .length = 265, + .plaintext = { 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, + 0x2d, 0x44, 0x72, 0x61, 0x66, 0x74, 0x73, 0x20, + 0x61, 0x72, 0x65, 0x20, 0x64, 0x72, 0x61, 0x66, + 0x74, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, + 0x6e, 0x74, 0x73, 0x20, 0x76, 0x61, 0x6c, 0x69, + 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x61, 0x20, + 0x6d, 0x61, 0x78, 0x69, 0x6d, 0x75, 0x6d, 0x20, + 0x6f, 0x66, 0x20, 0x73, 0x69, 0x78, 0x20, 0x6d, + 0x6f, 0x6e, 0x74, 0x68, 0x73, 0x20, 0x61, 0x6e, + 0x64, 0x20, 0x6d, 0x61, 0x79, 0x20, 0x62, 0x65, + 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, + 0x2c, 0x20, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, + 0x65, 0x64, 0x2c, 0x20, 0x6f, 0x72, 0x20, 0x6f, + 0x62, 0x73, 0x6f, 0x6c, 0x65, 0x74, 0x65, 0x64, + 0x20, 0x62, 0x79, 0x20, 0x6f, 0x74, 0x68, 0x65, + 0x72, 0x20, 0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, + 0x6e, 0x74, 0x73, 0x20, 0x61, 0x74, 0x20, 0x61, + 0x6e, 0x79, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x2e, + 0x20, 0x49, 0x74, 0x20, 0x69, 0x73, 0x20, 0x69, + 0x6e, 0x61, 0x70, 0x70, 0x72, 0x6f, 0x70, 0x72, + 0x69, 0x61, 0x74, 0x65, 0x20, 0x74, 0x6f, 0x20, + 0x75, 0x73, 0x65, 0x20, 0x49, 0x6e, 0x74, 0x65, + 0x72, 0x6e, 0x65, 0x74, 0x2d, 0x44, 0x72, 0x61, + 0x66, 0x74, 0x73, 0x20, 0x61, 0x73, 0x20, 0x72, + 0x65, 0x66, 0x65, 0x72, 0x65, 0x6e, 0x63, 0x65, + 0x20, 0x6d, 0x61, 0x74, 0x65, 0x72, 0x69, 0x61, + 0x6c, 0x20, 0x6f, 0x72, 0x20, 0x74, 0x6f, 0x20, + 0x63, 0x69, 0x74, 0x65, 0x20, 0x74, 0x68, 0x65, + 0x6d, 0x20, 0x6f, 0x74, 0x68, 0x65, 0x72, 0x20, + 0x74, 0x68, 0x61, 0x6e, 0x20, 0x61, 0x73, 0x20, + 0x2f, 0xe2, 0x80, 0x9c, 0x77, 0x6f, 0x72, 0x6b, + 0x20, 0x69, 0x6e, 0x20, 0x70, 0x72, 0x6f, 0x67, + 0x72, 0x65, 0x73, 0x73, 0x2e, 0x2f, 0xe2, 0x80, + 0x9d }, + .ciphertext = { 0x64, 0xa0, 0x86, 0x15, 0x75, 0x86, 0x1a, 0xf4, + 0x60, 0xf0, 0x62, 0xc7, 0x9b, 0xe6, 0x43, 0xbd, + 0x5e, 0x80, 0x5c, 0xfd, 0x34, 0x5c, 0xf3, 0x89, + 0xf1, 0x08, 0x67, 0x0a, 0xc7, 0x6c, 0x8c, 0xb2, + 0x4c, 0x6c, 0xfc, 0x18, 0x75, 0x5d, 0x43, 0xee, + 0xa0, 0x9e, 0xe9, 0x4e, 0x38, 0x2d, 0x26, 0xb0, + 0xbd, 0xb7, 0xb7, 0x3c, 0x32, 0x1b, 0x01, 0x00, + 0xd4, 0xf0, 0x3b, 0x7f, 0x35, 0x58, 0x94, 0xcf, + 0x33, 0x2f, 0x83, 0x0e, 0x71, 0x0b, 0x97, 0xce, + 0x98, 0xc8, 0xa8, 0x4a, 0xbd, 0x0b, 0x94, 0x81, + 0x14, 0xad, 0x17, 0x6e, 0x00, 0x8d, 0x33, 0xbd, + 0x60, 0xf9, 0x82, 0xb1, 0xff, 0x37, 0xc8, 0x55, + 0x97, 0x97, 0xa0, 0x6e, 0xf4, 0xf0, 0xef, 0x61, + 0xc1, 0x86, 0x32, 0x4e, 0x2b, 0x35, 0x06, 0x38, + 0x36, 0x06, 0x90, 0x7b, 0x6a, 0x7c, 0x02, 0xb0, + 0xf9, 0xf6, 0x15, 0x7b, 0x53, 0xc8, 0x67, 0xe4, + 0xb9, 0x16, 0x6c, 0x76, 0x7b, 0x80, 0x4d, 0x46, + 0xa5, 0x9b, 0x52, 0x16, 0xcd, 0xe7, 0xa4, 0xe9, + 0x90, 0x40, 0xc5, 0xa4, 0x04, 0x33, 0x22, 0x5e, + 0xe2, 0x82, 0xa1, 0xb0, 0xa0, 0x6c, 0x52, 0x3e, + 0xaf, 0x45, 0x34, 0xd7, 0xf8, 0x3f, 0xa1, 0x15, + 0x5b, 0x00, 0x47, 0x71, 0x8c, 0xbc, 0x54, 0x6a, + 0x0d, 0x07, 0x2b, 0x04, 0xb3, 0x56, 0x4e, 0xea, + 0x1b, 0x42, 0x22, 0x73, 0xf5, 0x48, 0x27, 0x1a, + 0x0b, 0xb2, 0x31, 0x60, 0x53, 0xfa, 0x76, 0x99, + 0x19, 0x55, 0xeb, 0xd6, 0x31, 0x59, 0x43, 0x4e, + 0xce, 0xbb, 0x4e, 0x46, 0x6d, 0xae, 0x5a, 0x10, + 0x73, 0xa6, 0x72, 0x76, 0x27, 0x09, 0x7a, 0x10, + 0x49, 0xe6, 0x17, 0xd9, 0x1d, 0x36, 0x10, 0x94, + 0xfa, 0x68, 0xf0, 0xff, 0x77, 0x98, 0x71, 0x30, + 0x30, 0x5b, 0xea, 0xba, 0x2e, 0xda, 0x04, 0xdf, + 0x99, 0x7b, 0x71, 0x4d, 0x6c, 0x6f, 0x2c, 0x29, + 0xa6, 0xad, 0x5c, 0xb4, 0x02, 0x2b, 0x02, 0x70, + 0x9b }, + .aad_length = 12, + .aad = { 0xf3, 0x33, 0x88, 0x86, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x4e, 0x91 }, + .digest_length = CHACHA20_POLY1305_CHECK_LEN, + .digest = { 0xee, 0xad, 0x9d, 0x67, 0x89, 0x0c, 0xbb, 0x22, + 0x39, 0x23, 0x36, 0xfe, 0xa1, 0x85, 0x1f, 0x38 } + }, +}; + static crypto_test_reference_t hmac_md5_reference[] = { { .auth_key_length = HMAC_MD5_KEY_LEN, diff --git a/test/validation/api/crypto/test_vectors_len.h b/test/validation/api/crypto/test_vectors_len.h index 8933017b4..860840cfe 100644 --- a/test/validation/api/crypto/test_vectors_len.h +++ b/test/validation/api/crypto/test_vectors_len.h @@ -9,7 +9,7 @@ /* Maximum */ #define MAX_KEY_LEN 64 #define MAX_IV_LEN 16 -#define MAX_DATA_LEN 128 +#define MAX_DATA_LEN 270 #define MAX_AAD_LEN 12 #define MAX_DIGEST_LEN 64 @@ -55,4 +55,9 @@ #define HMAC_SHA512_256_CHECK_LEN 32 #define HMAC_SHA512_CHECK_LEN 64 +/* ChaCha20-Poly1305 */ +#define CHACHA20_POLY1305_KEY_LEN 32 +#define CHACHA20_POLY1305_IV_LEN 12 +#define CHACHA20_POLY1305_CHECK_LEN 16 + #endif From patchwork Sun Jan 28 09:00:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126066 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1560060ljd; Sun, 28 Jan 2018 01:07:38 -0800 (PST) X-Google-Smtp-Source: AH8x227KrFTvMkumBfMc8LM6juTmOsFD1TCrYD6FDSFlz3vwTh3vzuF5GU0ORxNg1p74HkNQK1Qc X-Received: by 10.55.51.18 with SMTP id z18mr29856304qkz.103.1517130458167; Sun, 28 Jan 2018 01:07:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130458; cv=none; d=google.com; s=arc-20160816; b=0C9vzJTKIi38Fsz+1YR69SirHCGaB0QQKEq8jH2PvAPqT0Z1iJ00ouqptJ1EPk9ssk 6GKEOEabC+TNiPj6h+odPSHm+24z7jgaj9dT3B4hZZbphxkAnQXDgfvYHZciR0SOKEU1 oTF6lApYF2sBbyCDxPsolKDIpL2Nb477zCbDARufVDozL3t4mZcbe/+kDLixkyAjE/hg ZPp2w7xaHjfi4e2U4rLxI48S0o4s+K09SZdVPserrdL6cf5a7HgtRrcrUh2lI7912xul VPEZ1W0YxNiHYtO480mLdNNQj5fn16t/aO55Vq3p2RsQlhD1eo1nyvVyGq9VtcFRVibh lkPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=cEtBdKhALteymY0H0lRzw1N5RFwbINSYbzsHNQTxGgw=; b=FpXqOgE6EskxIPf18FSAQX/a2NJhMJW+M4SD+tMgIRM73Y+cw+hbpAIlQ5ULosnS/s oJ1HePOS27cANQNaABIdY3vgqdHPm47jJqGCd6AGLBrhrcGfaWM2uu9N/OZbxEkoavy4 G8BheBPG2kmfovTUNAvdmxQVZ2M4m2d1vCKQSaoXiIIsBo4MGbE1qJrD/DezDspzWj3K DTVY8YmNO/kZPJ2lqUu8yObf+TSsa7qKPIMaushNvSzXa1Yq5lVyg+oPlyeIaGKKAJEe ioZaLBSGdR49BrQCIb4SzGRGbTTJy57VVfIuGPcHrEha3R7VUjg3zTF2AKupnIRr/Uer 1K5Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id l23si2660097qki.201.2018.01.28.01.07.37; Sun, 28 Jan 2018 01:07:38 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id C9315617E2; Sun, 28 Jan 2018 09:07:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id BE1A462772; Sun, 28 Jan 2018 09:00:59 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id A7A9E617B5; Sun, 28 Jan 2018 09:00:26 +0000 (UTC) Received: from forward104p.mail.yandex.net (forward104p.mail.yandex.net [77.88.28.107]) by lists.linaro.org (Postfix) with ESMTPS id 441EB60743 for ; Sun, 28 Jan 2018 09:00:18 +0000 (UTC) Received: from mxback19j.mail.yandex.net (mxback19j.mail.yandex.net [IPv6:2a02:6b8:0:1619::95]) by forward104p.mail.yandex.net (Yandex) with ESMTP id B911D181225 for ; Sun, 28 Jan 2018 12:00:16 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback19j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id igPYzqmoaV-0GcmJ5xc; Sun, 28 Jan 2018 12:00:16 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0GXm9RRm; Sun, 28 Jan 2018 12:00:16 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:02 +0300 Message-Id: <1517130009-11837-10-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 9/16] validation: crypto: add test vectors for AES-CCM X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Neither RFC 3610 nor SP 800-38C contains test vectors for 192 and 256 bit keys and none contains test vectors for 11-bit IV (used in IPsec). So I've used 1st test vector from RFC 3610 and generated the rest of test vectors. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 71 +++++++++++++ test/validation/api/crypto/test_vectors.h | 128 +++++++++++++++++++++++ 2 files changed, 199 insertions(+) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index 5c38ae85f..ae843acf7 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -52,6 +52,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GCM"; case ODP_AUTH_ALG_AES_GMAC: return "ODP_AUTH_ALG_AES_GMAC"; + case ODP_AUTH_ALG_AES_CCM: + return "ODP_AUTH_ALG_AES_CCM"; case ODP_AUTH_ALG_CHACHA20_POLY1305: return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: @@ -72,6 +74,8 @@ static const char *cipher_alg_name(odp_cipher_alg_t cipher) return "ODP_CIPHER_ALG_AES_CBC"; case ODP_CIPHER_ALG_AES_GCM: return "ODP_CIPHER_ALG_AES_GCM"; + case ODP_CIPHER_ALG_AES_CCM: + return "ODP_CIPHER_ALG_AES_CCM"; case ODP_CIPHER_ALG_CHACHA20_POLY1305: return "ODP_CIPHER_ALG_CHACHA20_POLY1305"; default: @@ -477,6 +481,9 @@ static void check_alg(odp_crypto_op_t op, if (cipher_alg == ODP_CIPHER_ALG_AES_GCM && !(capa.ciphers.bit.aes_gcm)) rc = -1; + if (cipher_alg == ODP_CIPHER_ALG_AES_CCM && + !(capa.ciphers.bit.aes_ccm)) + rc = -1; if (cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305 && !(capa.ciphers.bit.chacha20_poly1305)) rc = -1; @@ -496,6 +503,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_CCM && + !(capa.auths.bit.aes_ccm)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_CHACHA20_POLY1305 && !(capa.auths.bit.chacha20_poly1305)) rc = -1; @@ -664,6 +674,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_AES_CCM: + if (!capability.ciphers.bit.aes_ccm) + return ODP_TEST_INACTIVE; + break; case ODP_CIPHER_ALG_CHACHA20_POLY1305: if (!capability.ciphers.bit.chacha20_poly1305) return ODP_TEST_INACTIVE; @@ -703,6 +717,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_AES_CCM: + if (!capability.auths.bit.aes_ccm) + return ODP_TEST_INACTIVE; + break; case ODP_AUTH_ALG_CHACHA20_POLY1305: if (!capability.auths.bit.chacha20_poly1305) return ODP_TEST_INACTIVE; @@ -912,6 +930,51 @@ static void crypto_test_dec_alg_aes_gcm_ovr_iv(void) true); } +static int check_alg_aes_ccm(void) +{ + return check_alg_support(ODP_CIPHER_ALG_AES_CCM, ODP_AUTH_ALG_AES_CCM); +} + +static void crypto_test_enc_alg_aes_ccm(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + false); +} + +static void crypto_test_enc_alg_aes_ccm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + true); +} + +static void crypto_test_dec_alg_aes_ccm(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + false); +} + +static void crypto_test_dec_alg_aes_ccm_ovr_iv(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_AES_CCM, + ODP_AUTH_ALG_AES_CCM, + aes_ccm_reference, + ARRAY_SIZE(aes_ccm_reference), + true); +} + static int check_alg_aes_cbc(void) { return check_alg_support(ODP_CIPHER_ALG_AES_CBC, ODP_AUTH_ALG_NULL); @@ -1311,6 +1374,14 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gcm), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_gcm_ovr_iv, check_alg_aes_gcm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ccm, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_aes_ccm_ovr_iv, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ccm, + check_alg_aes_ccm), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_aes_ccm_ovr_iv, + check_alg_aes_ccm), ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305, check_alg_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_chacha20_poly1305_ovr_iv, diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 97f0620a5..15cd91d21 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -444,6 +444,134 @@ static crypto_test_reference_t aes_gcm_reference[] = { } }; +static crypto_test_reference_t aes_ccm_reference[] = { + /* + * AES-CCM reference from RFC 3610 + */ + { + .cipher_key_length = AES128_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, + 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, + 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84 }, + .digest_length = 8, + .digest = { 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 } + }, + /* The rest of test vectors are generated manually, no "interesting" + * vectors for use cases in RFC 3610 or SP 800-38C. */ + { + .cipher_key_length = AES192_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x57, 0x9f, 0xb8, 0x6e, 0xdd, 0xb4, 0xa6, 0x4a, + 0xae, 0x5f, 0xe9, 0x6d, 0xbd, 0x75, 0x44, 0x05, + 0x33, 0xa9, 0xfc, 0x3a, 0x84, 0x57, 0x36 }, + .digest_length = 8, + .digest = { 0x67, 0xae, 0xc8, 0x0a, 0xc5, 0x88, 0xab, 0x16 } + }, + { + .cipher_key_length = AES256_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf}, + .cipher_iv_length = 13, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0x59, 0x61, 0x55, 0x10, 0xa7, 0xc4, 0x3b, 0xfb, + 0x12, 0x3d, 0x63, 0x6b, 0x46, 0x13, 0xc0, 0x3c, + 0x6c, 0xe2, 0x69, 0x07, 0x10, 0x2a, 0x3f }, + .digest_length = 8, + .digest = { 0xb5, 0x57, 0x2a, 0x17, 0x2d, 0x49, 0x16, 0xd5 } + }, + { + .cipher_key_length = AES128_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xaa, 0x2d, 0x3e, 0xcb, 0xa6, 0x68, 0x63, 0x75, + 0x8f, 0x03, 0x01, 0x51, 0x16, 0xde, 0x30, 0xed, + 0x8a, 0xb5, 0x42, 0xdc, 0xfa, 0x72, 0xd0 }, + .digest_length = 8, + .digest = { 0x63, 0xe7, 0x01, 0x5c, 0x69, 0xaf, 0xb4, 0x0c } + }, + { + .cipher_key_length = AES192_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xee, 0x99, 0x99, 0x1e, 0xc5, 0x8f, 0xd7, 0x7e, + 0x56, 0x71, 0x16, 0x39, 0x8e, 0xc4, 0x4f, 0xcc, + 0x14, 0x45, 0x57, 0x3e, 0x38, 0x76, 0x51 }, + .digest_length = 8, + .digest = { 0x31, 0x29, 0x47, 0xa4, 0x6d, 0x76, 0x34, 0xb4 } + }, + { + .cipher_key_length = AES256_KEY_LEN, + .cipher_key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf}, + .cipher_iv_length = 11, + .cipher_iv = { 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3 }, + .aad_length = 8, + .aad = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, + .length = 23, + .plaintext = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, + .ciphertext = { 0xfa, 0x07, 0x47, 0x5c, 0xe8, 0xc9, 0x37, 0x88, + 0x54, 0x64, 0xb8, 0xc3, 0x85, 0xbb, 0x76, 0x0b, + 0xf2, 0xc2, 0x4c, 0x4e, 0x31, 0x16, 0x77 }, + .digest_length = 8, + .digest = { 0x88, 0x56, 0x7e, 0x19, 0x84, 0x13, 0x29, 0xc4 } + }, +}; + static crypto_test_reference_t aes_gmac_reference[] = { { .auth_key_length = AES128_KEY_LEN, From patchwork Sun Jan 28 09:00:03 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126067 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1560658ljd; Sun, 28 Jan 2018 01:08:46 -0800 (PST) X-Google-Smtp-Source: AH8x227WkIfE+PokUQ79SfNJBAZOCLEwj2/ukS2PirlqNmtnyuj05zPsPS+dAFIg4rqLRZ8aZZ4Q X-Received: by 10.55.19.30 with SMTP id d30mr28078681qkh.288.1517130526461; Sun, 28 Jan 2018 01:08:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130526; cv=none; d=google.com; s=arc-20160816; b=lLac/AR398bfSgCRnEZBADr+1w1nrZ00svBaZvjVgChofgtHyWiFr8/pf23XBjejtT rTAbDSuRsG34sthrYZwE7PHqmrR+pWEDHEJ7bp4DqqmoKJxrJj1V9nmIJBuEAY3OqBhW 0k60gZ1D5dJk62uV+X1ubpRqza29BuCHqpwr1+p0kkJXVYd2b410WqpGZPg0I2lR3PSi wN1fH4A0psUlUbLYs6MZ6HI8D8rv1xPkfC0LvPVnPts+5pbZC8drZAGg+RPFJQC2YAhU CefPIXQlZ1N/HyN1AgCaQ8ZSixfuJFsOH6StcClnpZ4HJ+hwwvk39YYSe0yOpmHsHYp+ uEow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=9Rr30yCq5/ed3i4CB5yssatbCd/B0SxGpbvbb15blyQ=; b=N4Sm6xmwPoqCGoeIiR6m937+7yQkrkE5QN3nE55qX2mc4DMWGbatQwK8KFMYe7xIL5 Wv2T2B6C0TZ3hdo+sOu415B1oJRfjC9aSRB77OFp+cAIW7Kg4IBlCLWYyQ6VO9c+SZCE PiUyAVyyB6DRciMIqa+QZK3eZ6Fi1chbLKazuKfpTDIkBm1IbUC6ATS7ac70fsqGcZqZ IABa/cMzfrjn8QmXtrsgH6UbygXwQ5Uq6oeWYERtZY+dtbFfEvTigxMEuirP650rBHxn H/rhi2MbOZb/F/CbJ3y+a/qwL0m40pBTxbJ548S1Q3zL2hiVps00pHy7wem+ITzJtCiO ITKw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id v64si7419960qki.417.2018.01.28.01.08.46; Sun, 28 Jan 2018 01:08:46 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 14A946176A; Sun, 28 Jan 2018 09:08:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 131B26277A; Sun, 28 Jan 2018 09:01:06 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 1A267617E5; Sun, 28 Jan 2018 09:00:29 +0000 (UTC) Received: from forward106p.mail.yandex.net (forward106p.mail.yandex.net [77.88.28.109]) by lists.linaro.org (Postfix) with ESMTPS id BB74761514 for ; Sun, 28 Jan 2018 09:00:18 +0000 (UTC) Received: from mxback12g.mail.yandex.net (mxback12g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:91]) by forward106p.mail.yandex.net (Yandex) with ESMTP id 868132D83F2D for ; Sun, 28 Jan 2018 12:00:17 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback12g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id ijtokVM0Do-0HnidMdZ; Sun, 28 Jan 2018 12:00:17 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0GXSv6ml; Sun, 28 Jan 2018 12:00:16 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:03 +0300 Message-Id: <1517130009-11837-11-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 10/16] validation: crypto: add AES-CMAC test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ test/validation/api/crypto/odp_crypto_test_inp.c | 43 +++++++++++ test/validation/api/crypto/test_vectors.h | 97 ++++++++++++++++++++++++ 2 files changed, 140 insertions(+) diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index ae843acf7..f310329ab 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -54,6 +54,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_AES_GMAC"; case ODP_AUTH_ALG_AES_CCM: return "ODP_AUTH_ALG_AES_CCM"; + case ODP_AUTH_ALG_AES_CMAC: + return "ODP_AUTH_ALG_AES_CMAC"; case ODP_AUTH_ALG_CHACHA20_POLY1305: return "ODP_AUTH_ALG_CHACHA20_POLY1305"; default: @@ -503,6 +505,9 @@ static void check_alg(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_AES_GMAC && !(capa.auths.bit.aes_gmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_AES_CMAC && + !(capa.auths.bit.aes_cmac)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_AES_CCM && !(capa.auths.bit.aes_ccm)) rc = -1; @@ -721,6 +726,10 @@ static int check_alg_support(odp_cipher_alg_t cipher, odp_auth_alg_t auth) if (!capability.auths.bit.aes_ccm) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_AES_CMAC: + if (!capability.auths.bit.aes_cmac) + return ODP_TEST_INACTIVE; + break; case ODP_AUTH_ALG_CHACHA20_POLY1305: if (!capability.auths.bit.chacha20_poly1305) return ODP_TEST_INACTIVE; @@ -1285,6 +1294,36 @@ static void crypto_test_check_alg_aes_gmac_ovr_iv(void) true); } +static int check_alg_aes_cmac(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_AES_CMAC); +} + +static void crypto_test_gen_alg_aes_cmac(void) +{ + unsigned int test_vec_num = (sizeof(aes_cmac_reference) / + sizeof(aes_cmac_reference[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) + check_alg(ODP_CRYPTO_OP_ENCODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_CMAC, + aes_cmac_reference, + ARRAY_SIZE(aes_cmac_reference), + false); +} + +static void crypto_test_check_alg_aes_cmac(void) +{ + check_alg(ODP_CRYPTO_OP_DECODE, + ODP_CIPHER_ALG_NULL, + ODP_AUTH_ALG_AES_CMAC, + aes_cmac_reference, + ARRAY_SIZE(aes_cmac_reference), + false); +} + int crypto_suite_sync_init(void) { suite_context.pool = odp_pool_lookup("packet_pool"); @@ -1414,6 +1453,10 @@ odp_testinfo_t crypto_suite[] = { check_alg_aes_gmac), ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_gmac_ovr_iv, check_alg_aes_gmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_aes_cmac, + check_alg_aes_cmac), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_aes_cmac, + check_alg_aes_cmac), ODP_TEST_INFO_NULL, }; diff --git a/test/validation/api/crypto/test_vectors.h b/test/validation/api/crypto/test_vectors.h index 15cd91d21..23ed95251 100644 --- a/test/validation/api/crypto/test_vectors.h +++ b/test/validation/api/crypto/test_vectors.h @@ -605,6 +605,103 @@ static crypto_test_reference_t aes_gmac_reference[] = { }, }; +/* + * Test vectors from SP800-38B / CSRC examples + * 12-byte vectors are just truncated 16-byte vectors + */ +static crypto_test_reference_t aes_cmac_reference[] = { + { + .auth_key_length = AES128_KEY_LEN, + .auth_key = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 16, + .digest = { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, + 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c }, + }, + { + .auth_key_length = AES192_KEY_LEN, + .auth_key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, + 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, + 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 16, + .digest = { 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90, + 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84 }, + }, + { + .auth_key_length = AES256_KEY_LEN, + .auth_key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, + 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, + 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, + 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 16, + .digest = { 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82, + 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c }, + }, + { + .auth_key_length = AES128_KEY_LEN, + .auth_key = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, + 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 12, + .digest = { 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44, + 0xf7, 0x9b, 0xdd, 0x9d }, + }, + { + .auth_key_length = AES192_KEY_LEN, + .auth_key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, + 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, + 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 12, + .digest = { 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90, + 0x06, 0x62, 0xf6, 0x5e }, + }, + { + .auth_key_length = AES256_KEY_LEN, + .auth_key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, + 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, + 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, + 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }, + .length = 16, + .plaintext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a}, + .ciphertext = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, + 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a + }, + .digest_length = 12, + .digest = { 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82, + 0xbd, 0x4b, 0xf2, 0x8d }, + } +}; + /* * Test vector from RFC 7539, sections 2.8.2, A.5 */ From patchwork Sun Jan 28 09:00:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126068 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1561222ljd; Sun, 28 Jan 2018 01:09:46 -0800 (PST) X-Google-Smtp-Source: AH8x224vZB5ME1XoF/p40JrlMc0sHXD6bg34nVs7K9TSTvluIcQ5xJXfat2jaDKwJeR4bjaMVlOa X-Received: by 10.200.30.141 with SMTP id c13mr33854780qtm.156.1517130586461; Sun, 28 Jan 2018 01:09:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130586; cv=none; d=google.com; s=arc-20160816; b=DSmzCA+VorM3bS3JL90nCjV6vZ629Das/c/uBcdcSwBg9LRMEKcb/CNKCaDZFDKv0j d3xPrqlr3cDumahKhsdXm75wykd77Ddf2EIryLzCLjkTZ/vyKPW5LSEDoJMzI4Zyn/8v 0OVoRxvKcXKBlZoW8yTsb5PR4EC/VOUH2M4xdE22/l9PKhG4RS7b8ybIt6e7PQZI7kOw 8ya0RAAQCEEYZ0zOYyivVnqRG5rGAeNwVyHAdexVZre1Lz8r1+FJhdLdYXWA3EemGqrv KvFwsyrn4CVibPRsRKcfIpLH7Jm7rsS2XAush/YAnVLNsupBQ87o6fXDClXhlMiwDeqW VCIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=+1vxjqZvU7yOL6HxNePOrlfrbxQJXlLuBKu6I1dZ7q4=; b=E1L2RArnbujjcCAHVQxuHH+FhKneMPPLvVd/Dke4lN4L44F5I9v60FSBVUoMOZkRbA lWk/6lROoaq9u41fmM9uQHU0gSq067xvRpN0Dz2s6iLdlF9OEg6WHjy6Erte12WKspcD gzptsYoBF4wNW24R8U4RH+vmG1FB3mrmZmrJof7cvCC1Bf1zLAAlh7JwbR+FF7t3MCYc BPGxv409TI8Yznfsg8jX6r+3oCYcQy5J988MET3IP3645ehReUQn2rjEOAZuzUYqwY3R RkesuHTE+akBVXb6vCPtdqn775IqMIGURuXo7M/GMUOA8shujsU8odJZXSzo6/ta5767 gGAw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id c189si3711804qkf.41.2018.01.28.01.09.46; Sun, 28 Jan 2018 01:09:46 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 27DD061835; Sun, 28 Jan 2018 09:09:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 6F97062778; Sun, 28 Jan 2018 09:01:09 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id A3B96617E2; Sun, 28 Jan 2018 09:00:30 +0000 (UTC) Received: from forward101p.mail.yandex.net (forward101p.mail.yandex.net [77.88.28.101]) by lists.linaro.org (Postfix) with ESMTPS id 7F82261705 for ; Sun, 28 Jan 2018 09:00:19 +0000 (UTC) Received: from mxback9j.mail.yandex.net (mxback9j.mail.yandex.net [IPv6:2a02:6b8:0:1619::112]) by forward101p.mail.yandex.net (Yandex) with ESMTP id 1C2E26A82B44 for ; Sun, 28 Jan 2018 12:00:18 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback9j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 3PBcS2XKXn-0IGqkk49; Sun, 28 Jan 2018 12:00:18 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0HXegAsk; Sun, 28 Jan 2018 12:00:17 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:04 +0300 Message-Id: <1517130009-11837-12-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 11/16] linux-gen: crypto: support ChaCha20-Poly1305 X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov OpenSSL >= 1.1.0 supports ChaCha20-Poly1305 AEAD cipher, so let's support it in linux-generic. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ platform/linux-generic/odp_crypto.c | 57 +++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index e1d1c84b2..574671e07 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -28,6 +28,12 @@ #include #include +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_POLY1305) +#define _ODP_HAVE_CHACHA20_POLY1305 1 +#else +#define _ODP_HAVE_CHACHA20_POLY1305 0 +#endif + #define MAX_SESSIONS 32 /* @@ -56,6 +62,11 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { {.key_len = 24, .iv_len = 12}, {.key_len = 32, .iv_len = 12} }; +#if _ODP_HAVE_CHACHA20_POLY1305 +static const odp_crypto_cipher_capability_t cipher_capa_chacha20_poly1305[] = { +{.key_len = 32, .iv_len = 12} }; +#endif + /* * Authentication algorithm capabilities * @@ -87,6 +98,11 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, .iv_len = 12 } }; +#if _ODP_HAVE_CHACHA20_POLY1305 +static const odp_crypto_auth_capability_t auth_capa_chacha20_poly1305[] = { +{.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; +#endif + /** Forward declaration of session structure */ typedef struct odp_crypto_generic_session_t odp_crypto_generic_session_t; @@ -773,6 +789,9 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->ciphers.bit.aes_cbc = 1; capa->ciphers.bit.aes_ctr = 1; capa->ciphers.bit.aes_gcm = 1; +#if _ODP_HAVE_CHACHA20_POLY1305 + capa->ciphers.bit.chacha20_poly1305 = 1; +#endif capa->auths.bit.null = 1; capa->auths.bit.md5_hmac = 1; @@ -781,6 +800,9 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.sha512_hmac = 1; capa->auths.bit.aes_gcm = 1; capa->auths.bit.aes_gmac = 1; +#if _ODP_HAVE_CHACHA20_POLY1305 + capa->auths.bit.chacha20_poly1305 = 1; +#endif #if ODP_DEPRECATED_API capa->ciphers.bit.aes128_cbc = 1; @@ -824,6 +846,12 @@ int odp_crypto_cipher_capability(odp_cipher_alg_t cipher, src = cipher_capa_aes_gcm; num = sizeof(cipher_capa_aes_gcm) / size; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + src = cipher_capa_chacha20_poly1305; + num = sizeof(cipher_capa_chacha20_poly1305) / size; + break; +#endif default: return -1; } @@ -872,6 +900,12 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_aes_gmac; num = sizeof(auth_capa_aes_gmac) / size; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_AUTH_ALG_CHACHA20_POLY1305: + src = auth_capa_chacha20_poly1305; + num = sizeof(auth_capa_chacha20_poly1305) / size; + break; +#endif default: return -1; } @@ -993,6 +1027,17 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + /* ChaCha20_Poly1305 requires to do both auth and + * cipher at the same time */ + if (param->auth_alg != ODP_AUTH_ALG_CHACHA20_POLY1305) + rc = -1; + else + rc = process_aes_gcm_param(session, + EVP_chacha20_poly1305()); + break; +#endif default: rc = -1; } @@ -1063,6 +1108,18 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; +#if _ODP_HAVE_CHACHA20_POLY1305 + case ODP_AUTH_ALG_CHACHA20_POLY1305: + /* ChaCha20_Poly1305 requires to do both auth and + * cipher at the same time */ + if (param->cipher_alg == ODP_CIPHER_ALG_CHACHA20_POLY1305) { + session->auth.func = null_crypto_routine; + rc = 0; + } else { + rc = -1; + } + break; +#endif default: rc = -1; } From patchwork Sun Jan 28 09:00:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126069 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1561754ljd; Sun, 28 Jan 2018 01:10:40 -0800 (PST) X-Google-Smtp-Source: AH8x2273h0iJP+ULIILhx6FIVaz/GYI9KTSPjzlvBP6g6UFlpAoTszdVnlw8UgjGqnGps8zG59Pn X-Received: by 10.237.60.36 with SMTP id t33mr17852135qte.228.1517130640509; Sun, 28 Jan 2018 01:10:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130640; cv=none; d=google.com; s=arc-20160816; b=IRj7ndfCU+jQ3Z4qz86jkkB0CnlCLidMIq/RYCR/Hpm8J5anm3X0C2or0XIoRRCtJv kKiMI5s66Kjg6HcnNa76zS9AtwEaA+PZ6dGgBo0gZYIPDhMBnbhUJ9BJH+f2z8KXLIRc 7EVpLXCCYyPXqtpPKZIjORdyXMp9xYtxZy2Z+m4on0AaZSV9C7Z+HgAmb7HURZjegR5i JXiAAE2vHJs2Da8pIDce/nk8+TVDWSyat90gCNSkF+mqmhQWqxVK5mFnVkw1xLLpazA0 KJxM8lW9S07EiH9VS+uwsi34PZSSFv2u99K0EYfadXTRNjkPY8dTAOE5X7oX0u6xSy4L tKjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=UTwtx2IvkvaPr/NmDz1euBw+PQ446RwnfPv4frBhzYE=; b=ZwrzTAVtiPmv/UVIsMleCx/4fES+FTCl6Hkyf3M6kBap9fJhUCmYaYmV8uMKI28N5U 5X7zXWtyx8leMZeyMYDrc4vuVTjKjnhpzTmteiae9e9kUlFeQPHswXG+IfMv2WuHbPUA AO1Z8ANkuvBK6XIQm6bzKDJ/rDa80cfjG0zYXwkdcUHjUj3PtiiKayxmNKPpfAZtnfN+ dD69Ly/5xFIs3zh6bIjC3APS29zv58+B8o86WWgmw1Q61pYBBm6qe21pEr2utDzI1u+I a4/DnRQm0OwH3yZMF1g+FIKFNQyyZxNctffTDN6bZob4QOAGaoY1f7WzZU1UNalmsQ1C IJXA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id q7si5366376qkd.467.2018.01.28.01.10.40; Sun, 28 Jan 2018 01:10:40 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 33A89619C9; Sun, 28 Jan 2018 09:10:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id C851B61795; Sun, 28 Jan 2018 09:01:15 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 2B42661705; Sun, 28 Jan 2018 09:00:32 +0000 (UTC) Received: from forward104j.mail.yandex.net (forward104j.mail.yandex.net [5.45.198.247]) by lists.linaro.org (Postfix) with ESMTPS id 775506172B for ; Sun, 28 Jan 2018 09:00:20 +0000 (UTC) Received: from mxback11j.mail.yandex.net (mxback11j.mail.yandex.net [IPv6:2a02:6b8:0:1619::84]) by forward104j.mail.yandex.net (Yandex) with ESMTP id 8DED6439E1 for ; Sun, 28 Jan 2018 12:00:18 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback11j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 6biOGMaDV0-0IDSviga; Sun, 28 Jan 2018 12:00:18 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0IXmmKv1; Sun, 28 Jan 2018 12:00:18 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:05 +0300 Message-Id: <1517130009-11837-13-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 12/16] linux-gen: crypto: provide AES-CCM implementation X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov AES-CCM support in OpenSSL is quite unique: it requires whole data to be passed in single EVP_EncryptUpdate/EVP_DecryptUpdate call. Supporting this requires copying data back-and-forth between packet and temporary buffer. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ platform/linux-generic/odp_crypto.c | 192 ++++++++++++++++++++++++++++++++++++ 1 file changed, 192 insertions(+) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 574671e07..7423864ff 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -62,6 +62,14 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { {.key_len = 24, .iv_len = 12}, {.key_len = 32, .iv_len = 12} }; +static const odp_crypto_cipher_capability_t cipher_capa_aes_ccm[] = { +{.key_len = 16, .iv_len = 11}, +{.key_len = 16, .iv_len = 13}, +{.key_len = 24, .iv_len = 11}, +{.key_len = 24, .iv_len = 13}, +{.key_len = 32, .iv_len = 11}, +{.key_len = 32, .iv_len = 13} }; + #if _ODP_HAVE_CHACHA20_POLY1305 static const odp_crypto_cipher_capability_t cipher_capa_chacha20_poly1305[] = { {.key_len = 32, .iv_len = 12} }; @@ -94,6 +102,9 @@ static const odp_crypto_auth_capability_t auth_capa_sha512_hmac[] = { static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; +static const odp_crypto_auth_capability_t auth_capa_aes_ccm[] = { +{.digest_len = 8, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; + static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, .iv_len = 12 } }; @@ -749,6 +760,153 @@ static int process_aes_gmac_param(odp_crypto_generic_session_t *session, return 0; } +static +odp_crypto_alg_err_t aes_ccm_encrypt(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + EVP_CIPHER_CTX *ctx; + const uint8_t *aad_head = param->aad_ptr; + uint32_t aad_len = session->p.auth_aad_len; + void *iv_ptr; + int dummy_len = 0; + int cipher_len; + uint32_t in_len = param->cipher_range.length; + uint8_t data[in_len]; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret; + + if (param->cipher_iv_ptr) + iv_ptr = param->cipher_iv_ptr; + else if (session->p.cipher_iv.data) + iv_ptr = session->cipher.iv_data; + else + return ODP_CRYPTO_ALG_ERR_IV_INVALID; + + /* Encrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + NULL, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, + session->p.cipher_iv.length, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, + session->p.auth_digest_len, NULL); + EVP_EncryptInit_ex(ctx, NULL, NULL, session->cipher.key_data, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + /* Set len */ + EVP_EncryptUpdate(ctx, NULL, &dummy_len, NULL, in_len); + + /* Authenticate header data (if any) without encrypting them */ + if (aad_len > 0) + EVP_EncryptUpdate(ctx, NULL, &dummy_len, + aad_head, aad_len); + + odp_packet_copy_to_mem(pkt, param->cipher_range.offset, in_len, + data); + + EVP_EncryptUpdate(ctx, data, &cipher_len, data, in_len); + + ret = EVP_EncryptFinal_ex(ctx, data + cipher_len, &dummy_len); + cipher_len += dummy_len; + + odp_packet_copy_from_mem(pkt, param->cipher_range.offset, in_len, + data); + + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, + session->p.auth_digest_len, block); + odp_packet_copy_from_mem(pkt, param->hash_result_offset, + session->p.auth_digest_len, block); + + EVP_CIPHER_CTX_free(ctx); + + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; +} + +static +odp_crypto_alg_err_t aes_ccm_decrypt(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + EVP_CIPHER_CTX *ctx; + const uint8_t *aad_head = param->aad_ptr; + uint32_t aad_len = session->p.auth_aad_len; + void *iv_ptr; + int dummy_len = 0; + int cipher_len; + uint32_t in_len = param->cipher_range.length; + uint8_t data[in_len]; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret; + + if (param->cipher_iv_ptr) + iv_ptr = param->cipher_iv_ptr; + else if (session->p.cipher_iv.data) + iv_ptr = session->cipher.iv_data; + else + return ODP_CRYPTO_ALG_ERR_IV_INVALID; + + /* Decrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + NULL, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, + session->p.cipher_iv.length, NULL); + odp_packet_copy_to_mem(pkt, param->hash_result_offset, + session->p.auth_digest_len, block); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, + session->p.auth_digest_len, block); + EVP_DecryptInit_ex(ctx, NULL, NULL, session->cipher.key_data, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + /* Set len */ + EVP_DecryptUpdate(ctx, NULL, &dummy_len, NULL, in_len); + + /* Authenticate header data (if any) without encrypting them */ + if (aad_len > 0) + EVP_DecryptUpdate(ctx, NULL, &dummy_len, + aad_head, aad_len); + + odp_packet_copy_to_mem(pkt, param->cipher_range.offset, in_len, + data); + + ret = EVP_DecryptUpdate(ctx, data, &cipher_len, data, in_len); + + EVP_DecryptFinal_ex(ctx, data + cipher_len, &dummy_len); + cipher_len += dummy_len; + + odp_packet_copy_from_mem(pkt, param->cipher_range.offset, in_len, + data); + + EVP_CIPHER_CTX_free(ctx); + + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : + ODP_CRYPTO_ALG_ERR_NONE; +} + +static int process_aes_ccm_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) +{ + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.cipher_key.length) + return -1; + + memcpy(session->cipher.key_data, session->p.cipher_key.data, + session->p.cipher_key.length); + + session->cipher.evp_cipher = cipher; + + /* Set function */ + if (ODP_CRYPTO_OP_ENCODE == session->p.op) + session->cipher.func = aes_ccm_encrypt; + else + session->cipher.func = aes_ccm_decrypt; + + return 0; +} + static int process_auth_param(odp_crypto_generic_session_t *session, uint32_t key_length, const EVP_MD *evp_md) @@ -789,6 +947,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->ciphers.bit.aes_cbc = 1; capa->ciphers.bit.aes_ctr = 1; capa->ciphers.bit.aes_gcm = 1; + capa->ciphers.bit.aes_ccm = 1; #if _ODP_HAVE_CHACHA20_POLY1305 capa->ciphers.bit.chacha20_poly1305 = 1; #endif @@ -799,6 +958,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.sha256_hmac = 1; capa->auths.bit.sha512_hmac = 1; capa->auths.bit.aes_gcm = 1; + capa->auths.bit.aes_ccm = 1; capa->auths.bit.aes_gmac = 1; #if _ODP_HAVE_CHACHA20_POLY1305 capa->auths.bit.chacha20_poly1305 = 1; @@ -846,6 +1006,10 @@ int odp_crypto_cipher_capability(odp_cipher_alg_t cipher, src = cipher_capa_aes_gcm; num = sizeof(cipher_capa_aes_gcm) / size; break; + case ODP_CIPHER_ALG_AES_CCM: + src = cipher_capa_aes_ccm; + num = sizeof(cipher_capa_aes_ccm) / size; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_CIPHER_ALG_CHACHA20_POLY1305: src = cipher_capa_chacha20_poly1305; @@ -900,6 +1064,10 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_aes_gmac; num = sizeof(auth_capa_aes_gmac) / size; break; + case ODP_AUTH_ALG_AES_CCM: + src = auth_capa_aes_ccm; + num = sizeof(auth_capa_aes_ccm) / size; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_AUTH_ALG_CHACHA20_POLY1305: src = auth_capa_chacha20_poly1305; @@ -1027,6 +1195,20 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; + case ODP_CIPHER_ALG_AES_CCM: + /* AES-CCM requires to do both auth and + * cipher at the same time */ + if (param->auth_alg != ODP_AUTH_ALG_AES_CCM) + rc = -1; + else if (param->cipher_key.length == 16) + rc = process_aes_ccm_param(session, EVP_aes_128_ccm()); + else if (param->cipher_key.length == 24) + rc = process_aes_ccm_param(session, EVP_aes_192_ccm()); + else if (param->cipher_key.length == 32) + rc = process_aes_ccm_param(session, EVP_aes_256_ccm()); + else + rc = -1; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_CIPHER_ALG_CHACHA20_POLY1305: /* ChaCha20_Poly1305 requires to do both auth and @@ -1108,6 +1290,16 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, else rc = -1; break; + case ODP_AUTH_ALG_AES_CCM: + /* AES-CCM requires to do both auth and + * cipher at the same time */ + if (param->cipher_alg == ODP_CIPHER_ALG_AES_CCM) { + session->auth.func = null_crypto_routine; + rc = 0; + } else { + rc = -1; + } + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_AUTH_ALG_CHACHA20_POLY1305: /* ChaCha20_Poly1305 requires to do both auth and From patchwork Sun Jan 28 09:00:06 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126071 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1562582ljd; Sun, 28 Jan 2018 01:12:02 -0800 (PST) X-Google-Smtp-Source: AH8x227P5ZZJARbqBe8Y8XyzdNCt5O8qJjVLC4WhgNJzVkjHIaxsOOVvM8Hh0o9lMreUBENBummv X-Received: by 10.55.112.132 with SMTP id l126mr29108974qkc.296.1517130722564; Sun, 28 Jan 2018 01:12:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130722; cv=none; d=google.com; s=arc-20160816; b=yvUb+S98egl8G7OZblwfjRKfEBkMhThoag9ylzRNPx8dGgkeeMu/pubny3OAL/4W9y u1gp1WrOLN59hABN+VJhlp34beRu1ndpFhjw6GPyzZ0zpnO7xKthowg0GJfXHWkt3ota HngHomUnd3IY32Q4lgnmVOMPV0A9f6XB4fA37bhxMqdk6xWi2E55TodHMmlCz98YFjej m8ojG9ZrEBveuvORrCMvDJptHC+IQmbfTn0tp18mNdkTpj1rZI4enzCy09G9Sh62EcQ6 8vbotDi4b+9DdxmNOx4Sx0W1+lWye/ol4kpclA44ZPvVDsyBUnjtOp+6XYZrB35LsnOW Wotg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=QuUP4V6s7MtFe8r7fykkhuzyoOGG/fypytnuukXYEug=; b=MOHq7x90FD+4EaKJ+xPsq5u7rJHUQwjJygz47Fificul96rw989jR40hmJiEFNk23y s9KN2Ty8+5lPVWjeXcKK6BWe++1z0h3w4oDG1QE9dVAOx7PfilZEe+BJYAfJEWL9El9Y XpaPia2Wx7K/wJd7ejlTZdluED+DfNIp6TwwJ5dlmp5L9ht2sVPXHLG4eDf2OkO55G4q ylG/XRw1KBZQ5eU5abxcDuEkpqKu0AxwyYq9UyBBvwOzMRnGwA+/dfTeHG7ZYePfAkEb rES/KnHG9N3/U8mj3RWNLH2fdjCrHLQIOLkerifJOteCx5/6WRzDjPTKLphu4dCElR7o Iuxw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id o42si9111174qtf.258.2018.01.28.01.12.02; Sun, 28 Jan 2018 01:12:02 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 398826176A; Sun, 28 Jan 2018 09:12:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 72BA162784; Sun, 28 Jan 2018 09:01:26 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 3A769617E5; Sun, 28 Jan 2018 09:00:34 +0000 (UTC) Received: from forward103j.mail.yandex.net (forward103j.mail.yandex.net [5.45.198.246]) by lists.linaro.org (Postfix) with ESMTPS id C212E6173A for ; Sun, 28 Jan 2018 09:00:21 +0000 (UTC) Received: from mxback4o.mail.yandex.net (mxback4o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1e]) by forward103j.mail.yandex.net (Yandex) with ESMTP id 0628934C1C7F for ; Sun, 28 Jan 2018 12:00:19 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback4o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id fhDLpdH8nE-0IUiXKY2; Sun, 28 Jan 2018 12:00:18 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0IXSi7BF; Sun, 28 Jan 2018 12:00:18 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:06 +0300 Message-Id: <1517130009-11837-14-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 13/16] linux-gen: crypto: rename auth functions X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Point that current authentication functions use HMAC by including hmac in their names. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ platform/linux-generic/odp_crypto.c | 92 +++++++++++++++---------------------- 1 file changed, 38 insertions(+), 54 deletions(-) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 7423864ff..1e2356373 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -148,8 +148,6 @@ struct odp_crypto_generic_session_t { struct { uint8_t key[EVP_MAX_KEY_LENGTH]; uint8_t iv_data[EVP_MAX_IV_LENGTH]; - uint32_t key_length; - uint32_t bytes; union { const EVP_MD *evp_md; const EVP_CIPHER *evp_cipher; @@ -202,13 +200,30 @@ null_crypto_routine(odp_packet_t pkt ODP_UNUSED, return ODP_CRYPTO_ALG_ERR_NONE; } +/* Mimic new OpenSSL 1.1.y API */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L +static HMAC_CTX *HMAC_CTX_new(void) +{ + HMAC_CTX *ctx = malloc(sizeof(*ctx)); + + HMAC_CTX_init(ctx); + return ctx; +} + +static void HMAC_CTX_free(HMAC_CTX *ctx) +{ + HMAC_CTX_cleanup(ctx); + free(ctx); +} +#endif + static -void packet_hmac_calculate(HMAC_CTX *ctx, - odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) +void packet_hmac(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session, + uint8_t *hash) { + HMAC_CTX *ctx = HMAC_CTX_new(); uint32_t offset = param->auth_range.offset; uint32_t len = param->auth_range.length; @@ -216,7 +231,7 @@ void packet_hmac_calculate(HMAC_CTX *ctx, HMAC_Init_ex(ctx, session->auth.key, - session->auth.key_length, + session->p.auth_key.length, session->auth.evp_md, NULL); @@ -231,42 +246,13 @@ void packet_hmac_calculate(HMAC_CTX *ctx, } HMAC_Final(ctx, hash, NULL); -} - -#if OPENSSL_VERSION_NUMBER < 0x10100000L -static -void packet_hmac(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) -{ - HMAC_CTX ctx; - - /* Hash it */ - HMAC_CTX_init(&ctx); - packet_hmac_calculate(&ctx, pkt, param, session, hash); - HMAC_CTX_cleanup(&ctx); -} -#else -static -void packet_hmac(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) -{ - HMAC_CTX *ctx; - - /* Hash it */ - ctx = HMAC_CTX_new(); - packet_hmac_calculate(ctx, pkt, param, session, hash); HMAC_CTX_free(ctx); } -#endif static -odp_crypto_alg_err_t auth_gen(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t auth_hmac_gen(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) { uint8_t hash[EVP_MAX_MD_SIZE]; @@ -283,9 +269,9 @@ odp_crypto_alg_err_t auth_gen(odp_packet_t pkt, } static -odp_crypto_alg_err_t auth_check(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t auth_hmac_check(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) { uint32_t bytes = session->p.auth_digest_len; uint8_t hash_in[EVP_MAX_MD_SIZE]; @@ -907,15 +893,14 @@ static int process_aes_ccm_param(odp_crypto_generic_session_t *session, return 0; } -static int process_auth_param(odp_crypto_generic_session_t *session, - uint32_t key_length, - const EVP_MD *evp_md) +static int process_auth_hmac_param(odp_crypto_generic_session_t *session, + const EVP_MD *evp_md) { /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->auth.func = auth_gen; + session->auth.func = auth_hmac_gen; else - session->auth.func = auth_check; + session->auth.func = auth_hmac_check; session->auth.evp_md = evp_md; @@ -924,9 +909,8 @@ static int process_auth_param(odp_crypto_generic_session_t *session, return -1; /* Convert keys */ - session->auth.key_length = key_length; memcpy(session->auth.key, session->p.auth_key.data, - session->auth.key_length); + session->p.auth_key.length); return 0; } @@ -1245,10 +1229,10 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, #endif /* Fallthrough */ case ODP_AUTH_ALG_MD5_HMAC: - rc = process_auth_param(session, 16, EVP_md5()); + rc = process_auth_hmac_param(session, EVP_md5()); break; case ODP_AUTH_ALG_SHA1_HMAC: - rc = process_auth_param(session, 20, EVP_sha1()); + rc = process_auth_hmac_param(session, EVP_sha1()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_SHA256_128: @@ -1257,10 +1241,10 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, #endif /* Fallthrough */ case ODP_AUTH_ALG_SHA256_HMAC: - rc = process_auth_param(session, 32, EVP_sha256()); + rc = process_auth_hmac_param(session, EVP_sha256()); break; case ODP_AUTH_ALG_SHA512_HMAC: - rc = process_auth_param(session, 64, EVP_sha512()); + rc = process_auth_hmac_param(session, EVP_sha512()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: From patchwork Sun Jan 28 09:00:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126073 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1563788ljd; Sun, 28 Jan 2018 01:14:12 -0800 (PST) X-Google-Smtp-Source: AH8x2254oZTaWhZu8CYy42mRvmFKMwd6pO4UPILwuOaYobpiayBIaqPp/qlLEqrpa+tVKzMNbCvo X-Received: by 10.237.36.17 with SMTP id r17mr33157148qtc.290.1517130851871; Sun, 28 Jan 2018 01:14:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130851; cv=none; d=google.com; s=arc-20160816; b=i99jWX4tyyEDEkV9m7CNndeoVzgzyklf2PAHQco1SxOozJVujxlXZPX/Ike0GK1tu/ OFKSZKJc8tBCdftFJBXeSWxWPm1JhP2Xi7dcimtZqZ1c6mOeJrhVCvTxofyqYgqhvHRQ dYFjAUEDayfHFf9cdp7gDac10VDoK6B+MHWAYe9up0AJ2NMR0mNeCxhZ9f0DO7ysCfq/ Y5q6eajTfy4PP0Oxdk2+ALfGjvSewS4nMM1BOMaXd1X60Yr7pJyjpB7LRPG8n3Zp7i8d Y8m885mSQbOScFHu3Ip9cM+jJ/j5PdkhvW9xBFvLzMOCnrS+5Dnqiety9JcFLQFjUqBv AAww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=1wLH18aBvFLM5vKpSdWBGwGsD7ZTbENBxI2H6N2SoMA=; b=VNHKk1bQjVPwwU77bvOmSfQ8kOkmzFiWz0tGzEP6n5eNJyTtxhWSgGiBF/kw1v87Mz EErjBLEn+79JZYUSo6KQPUurhfyxDcUyzBHAYYEUsNIEBJVzEMRAzDsb5HusPVVJPX8j Ex8SN4uIIEvL1nr+j8SOvxrtrBGW5WSZGvaHA9EilNvBJU+3PXdF/7qN6klbXy9T82dm dw9ii5jL514Wsk8QHwVsZmYjfl/Pvy15+8OWFOmwX3W9HzaN8XF9baHNSvNfsPayJSNG HwiXOtScH671eSlyQac/KU6TmdJxL2y2qb5UbiSQbHll8dErXUwthCWrYwNzMEIst6ld 9HIA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id q8si2215593qkj.199.2018.01.28.01.14.11; Sun, 28 Jan 2018 01:14:11 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 8A98F619BF; Sun, 28 Jan 2018 09:14:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 0C9226278C; Sun, 28 Jan 2018 09:01:34 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 4694B6176F; Sun, 28 Jan 2018 09:00:37 +0000 (UTC) Received: from forward102o.mail.yandex.net (forward102o.mail.yandex.net [37.140.190.182]) by lists.linaro.org (Postfix) with ESMTPS id 9DB4661776 for ; Sun, 28 Jan 2018 09:00:22 +0000 (UTC) Received: from mxback1o.mail.yandex.net (mxback1o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1b]) by forward102o.mail.yandex.net (Yandex) with ESMTP id 846375A01D77 for ; Sun, 28 Jan 2018 12:00:19 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback1o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id Fd8ccCBx7v-0J4W8qEg; Sun, 28 Jan 2018 12:00:19 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0JXalEZL; Sun, 28 Jan 2018 12:00:19 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:07 +0300 Message-Id: <1517130009-11837-15-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 14/16] linux-gen: crypto: implement AES-CMAC X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ platform/linux-generic/odp_crypto.c | 134 ++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+) diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 1e2356373..b396f7f3f 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -26,6 +26,7 @@ #include #include +#include #include #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_POLY1305) @@ -109,6 +110,14 @@ static const odp_crypto_auth_capability_t auth_capa_aes_gmac[] = { {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0}, .iv_len = 12 } }; +static const odp_crypto_auth_capability_t auth_capa_aes_cmac[] = { +{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 12, .key_len = 24, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 24, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 12, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; + #if _ODP_HAVE_CHACHA20_POLY1305 static const odp_crypto_auth_capability_t auth_capa_chacha20_poly1305[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } }; @@ -295,6 +304,85 @@ odp_crypto_alg_err_t auth_hmac_check(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_NONE; } +static +void packet_cmac(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session, + uint8_t *hash) +{ + CMAC_CTX *ctx = CMAC_CTX_new(); + uint32_t offset = param->auth_range.offset; + uint32_t len = param->auth_range.length; + size_t outlen; + + ODP_ASSERT(offset + len <= odp_packet_len(pkt)); + + CMAC_Init(ctx, + session->auth.key, + session->p.auth_key.length, + session->auth.evp_cipher, + NULL); + + while (len > 0) { + uint32_t seglen = 0; /* GCC */ + void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL); + uint32_t maclen = len > seglen ? seglen : len; + + CMAC_Update(ctx, mapaddr, maclen); + offset += maclen; + len -= maclen; + } + + CMAC_Final(ctx, hash, &outlen); + CMAC_CTX_free(ctx); +} + +static +odp_crypto_alg_err_t auth_cmac_gen(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + uint8_t hash[EVP_MAX_MD_SIZE]; + + /* Hash it */ + packet_cmac(pkt, param, session, hash); + + /* Copy to the output location */ + odp_packet_copy_from_mem(pkt, + param->hash_result_offset, + session->p.auth_digest_len, + hash); + + return ODP_CRYPTO_ALG_ERR_NONE; +} + +static +odp_crypto_alg_err_t auth_cmac_check(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session) +{ + uint32_t bytes = session->p.auth_digest_len; + uint8_t hash_in[EVP_MAX_MD_SIZE]; + uint8_t hash_out[EVP_MAX_MD_SIZE]; + + /* Copy current value out and clear it before authentication */ + odp_packet_copy_to_mem(pkt, param->hash_result_offset, + bytes, hash_in); + + _odp_packet_set_data(pkt, param->hash_result_offset, + 0, bytes); + + /* Hash it */ + packet_cmac(pkt, param, session, hash_out); + + /* Verify match */ + if (0 != memcmp(hash_in, hash_out, bytes)) + return ODP_CRYPTO_ALG_ERR_ICV_CHECK; + + /* Matched */ + return ODP_CRYPTO_ALG_ERR_NONE; +} + static int internal_aad(EVP_CIPHER_CTX *ctx, odp_packet_t pkt, @@ -915,6 +1003,34 @@ static int process_auth_hmac_param(odp_crypto_generic_session_t *session, return 0; } +static int process_auth_cmac_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) +{ + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.auth_key.length) + return -1; + + /* Set function */ + if (ODP_CRYPTO_OP_ENCODE == session->p.op) + session->auth.func = auth_cmac_gen; + else + session->auth.func = auth_cmac_check; + + session->auth.evp_cipher = cipher; + + /* Number of valid bytes */ + if (session->p.auth_digest_len < + (unsigned)EVP_CIPHER_block_size(cipher) / 2) + return -1; + + /* Convert keys */ + memcpy(session->auth.key, session->p.auth_key.data, + session->p.auth_key.length); + + return 0; +} + int odp_crypto_capability(odp_crypto_capability_t *capa) { if (NULL == capa) @@ -944,6 +1060,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.aes_gcm = 1; capa->auths.bit.aes_ccm = 1; capa->auths.bit.aes_gmac = 1; + capa->auths.bit.aes_cmac = 1; #if _ODP_HAVE_CHACHA20_POLY1305 capa->auths.bit.chacha20_poly1305 = 1; #endif @@ -1052,6 +1169,10 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_aes_ccm; num = sizeof(auth_capa_aes_ccm) / size; break; + case ODP_AUTH_ALG_AES_CMAC: + src = auth_capa_aes_cmac; + num = sizeof(auth_capa_aes_cmac) / size; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_AUTH_ALG_CHACHA20_POLY1305: src = auth_capa_chacha20_poly1305; @@ -1284,6 +1405,19 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, rc = -1; } break; + case ODP_AUTH_ALG_AES_CMAC: + if (param->auth_key.length == 16) + rc = process_auth_cmac_param(session, + EVP_aes_128_cbc()); + else if (param->auth_key.length == 24) + rc = process_auth_cmac_param(session, + EVP_aes_192_cbc()); + else if (param->auth_key.length == 32) + rc = process_auth_cmac_param(session, + EVP_aes_256_cbc()); + else + rc = -1; + break; #if _ODP_HAVE_CHACHA20_POLY1305 case ODP_AUTH_ALG_CHACHA20_POLY1305: /* ChaCha20_Poly1305 requires to do both auth and From patchwork Sun Jan 28 09:00:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126070 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1562563ljd; Sun, 28 Jan 2018 01:11:59 -0800 (PST) X-Google-Smtp-Source: AH8x225wKwsYSq2pIPYPM7Rda4JRgz8iHQ70hP8GND04y9zsNXK1lkviLxlQlgFCijjNjpPAvoWM X-Received: by 10.55.65.76 with SMTP id o73mr30416093qka.241.1517130719606; Sun, 28 Jan 2018 01:11:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130719; cv=none; d=google.com; s=arc-20160816; b=F7ACfjdXlbFVfjWZDDiJZ3Aj0RVSVWT6fZIbJjs/3BW7KqnX4m81HK0Gp8w6oQiBm5 w5duBENSyC5zKfhrjL4qfbTD66xt6BCUb3BrjJVtHKIgXCUEz89+YCMBpq0rc3rmEaIf NyYEaC4tiEZBqLptQTb+aD3GMlFrdYlJT0LTykFVpqMW7eucViiOJhZ7YaoldYZGt3c6 Ttv7UUAnTiSnRiJO0dw9qKtx/I8yx/cINc5Lv1sb3+4R1gpXBNHZNC3Y7FSwPjLYFrlJ pRi1XLjBTSj16M2QWiVBxT6HKjOiVShjC48c8hrClQ4ioWmnnnUpCDPGUIvJaJz3pKtq 2xCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=FTCzjrmijgldDmof54TQCRdPMcwVDJyEj+QVT7UTCIQ=; b=cX+d0vYcyf1HTiMnBsfTV6PLuf6PrsvnyqkMGdcRpCcvik89Q51zB431GesdiF2L7b RM117XDZ6hRh3Aj9tUN9tlSv6tf1s8zA9S4L8UgOVxRXQmO/iMUj+BhixBV852bkHc/y 0d3Zv25bgNL9xSiYzge2psxbF9Pu1/gLMG0gp+fK3jdrypGqeAI4p05b73bYnOkRX+jn GztBN7IIXWOBCg+13mvW3bptRxCuSaL0bYUAkm6vwlNVMKrl77z0gnKBz7x5s8TzAaZN BrRHs/yFfbailM32m036kw81RuXli0R//3Lsa3Vm/4Hyc7c3JSoeALTHz1wjlkKbO43z fVRw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id j186si32573qkc.241.2018.01.28.01.11.59; Sun, 28 Jan 2018 01:11:59 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 488EB619C6; Sun, 28 Jan 2018 09:11:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 2079561519; Sun, 28 Jan 2018 09:01:21 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 6D96961705; Sun, 28 Jan 2018 09:00:32 +0000 (UTC) Received: from forward106j.mail.yandex.net (forward106j.mail.yandex.net [5.45.198.249]) by lists.linaro.org (Postfix) with ESMTPS id 6D65161736 for ; Sun, 28 Jan 2018 09:00:21 +0000 (UTC) Received: from mxback4o.mail.yandex.net (mxback4o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1e]) by forward106j.mail.yandex.net (Yandex) with ESMTP id 3FFA1180324C for ; Sun, 28 Jan 2018 12:00:20 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback4o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id uSgNa5tCcT-0KU0uoTt; Sun, 28 Jan 2018 12:00:20 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0JXOSMA2; Sun, 28 Jan 2018 12:00:19 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:08 +0300 Message-Id: <1517130009-11837-16-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 15/16] validation: ipsec: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ test/validation/api/ipsec/ipsec.c | 14 +++++++ test/validation/api/ipsec/ipsec.h | 1 + test/validation/api/ipsec/ipsec_test_in.c | 33 +++++++++++++++ test/validation/api/ipsec/ipsec_test_out.c | 44 ++++++++++++++++++++ test/validation/api/ipsec/test_vectors.h | 66 ++++++++++++++++++++++++++++++ 5 files changed, 158 insertions(+) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 5d3112a27..31bd557fe 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -177,6 +177,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capa.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -212,6 +216,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capa.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -313,6 +321,12 @@ int ipsec_check_esp_null_aes_gmac_128(void) ODP_AUTH_ALG_AES_GMAC, 128); } +int ipsec_check_esp_chacha20_poly1305(void) +{ + return ipsec_check_esp(ODP_CIPHER_ALG_CHACHA20_POLY1305, 256, + ODP_AUTH_ALG_CHACHA20_POLY1305, 0); +} + void ipsec_sa_param_fill(odp_ipsec_sa_param_t *param, odp_bool_t in, odp_bool_t ah, diff --git a/test/validation/api/ipsec/ipsec.h b/test/validation/api/ipsec/ipsec.h index 31ebed789..7ba9ef10e 100644 --- a/test/validation/api/ipsec/ipsec.h +++ b/test/validation/api/ipsec/ipsec.h @@ -91,5 +91,6 @@ int ipsec_check_esp_aes_gcm_128(void); int ipsec_check_esp_aes_gcm_256(void); int ipsec_check_ah_aes_gmac_128(void); int ipsec_check_esp_null_aes_gmac_128(void); +int ipsec_check_esp_chacha20_poly1305(void); #endif diff --git a/test/validation/api/ipsec/ipsec_test_in.c b/test/validation/api/ipsec/ipsec_test_in.c index 8a82abe49..8138defb5 100644 --- a/test/validation/api/ipsec/ipsec_test_in.c +++ b/test/validation/api/ipsec/ipsec_test_in.c @@ -1136,6 +1136,37 @@ static void test_in_ipv4_mcgrew_gcm_15_esp(void) ipsec_sa_destroy(sa); } +static void test_in_ipv4_rfc7634_chacha(void) +{ + odp_ipsec_tunnel_param_t tunnel = {}; + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + + ipsec_sa_param_fill(¶m, + true, false, 0x01020304, &tunnel, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_rfc7634_esp, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_rfc7634}, + }, + }; + + ipsec_check_in_one(&test, sa); + + ipsec_sa_destroy(sa); +} + static void test_in_ipv4_ah_aes_gmac_128(void) { odp_ipsec_sa_param_t param; @@ -1474,6 +1505,8 @@ odp_testinfo_t ipsec_in_suite[] = { #endif ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_mcgrew_gcm_15_esp, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_rfc7634_chacha, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256_tun_ipv4, diff --git a/test/validation/api/ipsec/ipsec_test_out.c b/test/validation/api/ipsec/ipsec_test_out.c index 971fbbf8d..0f49c7e1f 100644 --- a/test/validation/api/ipsec/ipsec_test_out.c +++ b/test/validation/api/ipsec/ipsec_test_out.c @@ -500,6 +500,48 @@ static void test_out_ipv4_esp_null_aes_gmac_128(void) ipsec_sa_destroy(sa); } +static void test_out_ipv4_esp_chacha20_poly1305(void) +{ + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + odp_ipsec_sa_t sa2; + + ipsec_sa_param_fill(¶m, + false, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_sa_param_fill(¶m, + true, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa2 = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_icmp_0, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_icmp_0 }, + }, + }; + + ipsec_check_out_in_one(&test, sa, sa2); + + ipsec_sa_destroy(sa2); + ipsec_sa_destroy(sa); +} + static void test_out_ipv4_ah_sha256_frag_check(void) { odp_ipsec_sa_param_t param; @@ -978,6 +1020,8 @@ odp_testinfo_t ipsec_out_suite[] = { ipsec_check_ah_aes_gmac_128), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_null_aes_gmac_128, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_chacha20_poly1305, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check_2, diff --git a/test/validation/api/ipsec/test_vectors.h b/test/validation/api/ipsec/test_vectors.h index 4732d6ca5..f14fdb2b3 100644 --- a/test/validation/api/ipsec/test_vectors.h +++ b/test/validation/api/ipsec/test_vectors.h @@ -48,6 +48,11 @@ KEY(key_mcgrew_gcm_salt_12, 0xd9, 0x66, 0x42, 0x67); KEY(key_mcgrew_gcm_15, 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34); KEY(key_mcgrew_gcm_salt_15, 0x22, 0x43, 0x3c, 0x64); +KEY(key_rfc7634, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f); +KEY(key_rfc7634_salt, 0xa0, 0xa1, 0xa2, 0xa3); static const ODP_UNUSED ipsec_test_packet pkt_ipv4_icmp_0 = { .len = 142, @@ -1730,6 +1735,67 @@ static const ipsec_test_packet pkt_mcgrew_gcm_test_15_esp = { }, }; +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634 = { + .len = 98, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x54, 0xa6, 0xf2, 0x00, 0x00, + 0x40, 0x01, 0xe7, 0x78, 0xc6, 0x33, 0x64, 0x05, + 0xc0, 0x00, 0x02, 0x05, + + /* ICMP */ + 0x08, 0x00, 0x5b, 0x7a, 0x3a, 0x08, 0x00, 0x00, + 0x55, 0x3b, 0xec, 0x10, 0x00, 0x07, 0x36, 0x27, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, +}; + +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634_esp = { + .len = 154, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x8c, 0x23, 0x45, 0x00, 0x00, + 0x40, 0x32, 0xde, 0x5b, 0xcb, 0x00, 0x71, 0x99, + 0xcb, 0x00, 0x71, 0x05, + + /* ESP */ + 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x05, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x24, 0x03, 0x94, 0x28, 0xb9, 0x7f, 0x41, 0x7e, + 0x3c, 0x13, 0x75, 0x3a, 0x4f, 0x05, 0x08, 0x7b, + 0x67, 0xc3, 0x52, 0xe6, 0xa7, 0xfa, 0xb1, 0xb9, + 0x82, 0xd4, 0x66, 0xef, 0x40, 0x7a, 0xe5, 0xc6, + 0x14, 0xee, 0x80, 0x99, 0xd5, 0x28, 0x44, 0xeb, + 0x61, 0xaa, 0x95, 0xdf, 0xab, 0x4c, 0x02, 0xf7, + 0x2a, 0xa7, 0x1e, 0x7c, 0x4c, 0x4f, 0x64, 0xc9, + 0xbe, 0xfe, 0x2f, 0xac, 0xc6, 0x38, 0xe8, 0xf3, + 0xcb, 0xec, 0x16, 0x3f, 0xac, 0x46, 0x9b, 0x50, + 0x27, 0x73, 0xf6, 0xfb, 0x94, 0xe6, 0x64, 0xda, + 0x91, 0x65, 0xb8, 0x28, 0x29, 0xf6, 0x41, 0xe0, + 0x76, 0xaa, 0xa8, 0x26, 0x6b, 0x7f, 0xb0, 0xf7, + 0xb1, 0x1b, 0x36, 0x99, 0x07, 0xe1, 0xad, 0x43, + }, +}; + static const ODP_UNUSED ipsec_test_packet pkt_ipv6_icmp_0_esp_udp_null_sha256_1 = { .len = 206, From patchwork Sun Jan 28 09:00:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126072 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp1563111ljd; Sun, 28 Jan 2018 01:12:56 -0800 (PST) X-Google-Smtp-Source: AH8x227gSG3fTfSAe1B0VOItRgCo//J2w5tjXp/Z65kblx5PkdrNxLDIav2FdR/eaD9G8CCHyjqf X-Received: by 10.55.81.198 with SMTP id f189mr29190896qkb.204.1517130776691; Sun, 28 Jan 2018 01:12:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517130776; cv=none; d=google.com; s=arc-20160816; b=NWD2PbMdIkPdnL8jF4XqpxNYean0x+wbQGRu2oGuZO5Xv7R/jpaiO/Z+SxeuFsd/j3 DzMwIGxAfqZmmnbnaHIuouWlLoH/36QAOgQ4hlJ6ZSQhC/pKBLp4XgImYJeEHV3s6Sw0 290KKDdwtnw8fXpunQf3wAsZtzfg/XSegfVeEpWJQAINKiKJIGWjwAoCPKEqJ6Z4CoDk REQ5nnx3GHiEnDrPI44cxVenxdzKcmHWhe5JRW1F0VVVsCdBH8cwaD+g0rh1yTh869Hm 7+XxNGrsLsp0yFapWhl3zyuAtJ5TtKS0Go8gGEau6KD7U30ZEAZeQa8VPtL2xvdtmVmz MC0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=Gu+Mpf9f4k4zjIDt0acz6mkYoIwzs+2FvY1dB4+2Amg=; b=XTmFXgXuJVkQilreJ+P+BMOaek4xqBKeZFQTuTgUgyPYwAUYqCa4EJTHRgtp8GjycR 1mTB15bExfs8u+4u+3GPtgfjVVTOqB0YhRmyT7/FGzr+zn+W3ouzUNHj1jlEV5UxNgwr vkn2QvJU93MUIp7bRDMoHtxpTMRTFqefv3Lm5dIjiNJpDGsY+u7nRQKOoRE0OvLJTTaF IHpwHI875g74r/BHK/OsMzrWoJroVzT2M+4ufOeMQbj0qcUNoWU0/sUnj8km3jv8L6AE 5xRx/03yqQewtgSqhz3YCa9MynkDtsia0M8g+ri/ANRbVrhR8LsyuVyyF1NyKU1LKo84 wOaQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id i2si2234672qtj.314.2018.01.28.01.12.56; Sun, 28 Jan 2018 01:12:56 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 549CD62772; Sun, 28 Jan 2018 09:12:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id BBF5E62783; Sun, 28 Jan 2018 09:01:29 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 76FC7617E5; Sun, 28 Jan 2018 09:00:36 +0000 (UTC) Received: from forward106o.mail.yandex.net (forward106o.mail.yandex.net [37.140.190.187]) by lists.linaro.org (Postfix) with ESMTPS id 127CF6176F for ; Sun, 28 Jan 2018 09:00:22 +0000 (UTC) Received: from mxback1g.mail.yandex.net (mxback1g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:162]) by forward106o.mail.yandex.net (Yandex) with ESMTP id 9EA3B783A01 for ; Sun, 28 Jan 2018 12:00:20 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback1g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id idz6rSF8tb-0K6OEWVb; Sun, 28 Jan 2018 12:00:20 +0300 Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id kBi2pciDaV-0KXeMXNH; Sun, 28 Jan 2018 12:00:20 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Sun, 28 Jan 2018 12:00:09 +0300 Message-Id: <1517130009-11837-17-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> References: <1517130009-11837-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v2 16/16] linux-gen: ipsec: support ChaCha20-Poly1305 X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Support IPsec ChaCha20-Poly1305 on top of linux-generic's crypto support. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 0bdad6d2562166eec4abeb957b6bb5067de9fe94 ** Merge commit sha: 8947b874421e06f87f32ec66357967a71e46e986 **/ platform/linux-generic/odp_ipsec.c | 1 + platform/linux-generic/odp_ipsec_sad.c | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/platform/linux-generic/odp_ipsec.c b/platform/linux-generic/odp_ipsec.c index b6192377e..43d7b9f52 100644 --- a/platform/linux-generic/odp_ipsec.c +++ b/platform/linux-generic/odp_ipsec.c @@ -112,6 +112,7 @@ int odp_ipsec_auth_capability(odp_auth_alg_t auth, continue; if (ODP_AUTH_ALG_AES_GCM == auth || + ODP_AUTH_ALG_CHACHA20_POLY1305 == auth || ODP_DEPRECATE(ODP_AUTH_ALG_AES128_GCM) == auth) { uint8_t aad_len = 12; diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 031adef65..d97735408 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -210,6 +210,8 @@ uint32_t _odp_ipsec_cipher_iv_len(odp_cipher_alg_t cipher) #endif case ODP_CIPHER_ALG_AES_GCM: return 12; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + return 12; default: return (uint32_t)-1; } @@ -240,6 +242,8 @@ uint32_t _odp_ipsec_auth_digest_len(odp_auth_alg_t auth) case ODP_AUTH_ALG_AES_GCM: case ODP_AUTH_ALG_AES_GMAC: return 16; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + return 16; default: return (uint32_t)-1; } @@ -392,6 +396,11 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + ipsec_sa->use_counter_iv = 1; + ipsec_sa->esp_iv_len = 8; + ipsec_sa->esp_block_len = 1; + break; default: goto error; } @@ -411,6 +420,9 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->esp_block_len = 16; crypto_param.auth_iv.length = 12; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + crypto_param.auth_aad_len = sizeof(ipsec_aad_t); + break; default: break; }