This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "".
The branch, api-next has been updated via 57783b35f4383bdfdd146f2a3333bbc8bb995896 (commit) via 904631219eab0af46cb99e8a56742401452ac2c3 (commit) via f7bd3a7bbb3613260ef2bad1e3ede5145571dd6c (commit) via d3602cb56413bb31b4535976dfd3dd723a16bfc9 (commit) via 908e27635dfe08e249407f4c4e53aa2c7ce12ea1 (commit) via d80e025c8baebed0305648737e528580b84fae2a (commit) via 33a0dad444fab1c1567083b289eac7727eab3b31 (commit) via ccb2cd5eb7383f46051dff2b1e7675ed54f635b2 (commit) via d8e4647baa7b1159480dfde4d5a2143146e8c6cb (commit) via 20cc38e36a52f70758c3464014f4f00a94d2139d (commit) via 9bb2a439ae2a8751df5a6007a7e242d7bcb963e5 (commit) via a6fa9f3e721dbdb99e2a0bac320f988930e5f874 (commit) via b2261b9485e6993642c5c0c7ea58abb8a2d356a9 (commit) via c969cc4e6f6e2e0cc5c4e407dd696be069cf4525 (commit) via 3a1832865c90865de3fd8bd30103995637e7851c (commit) via ab5a099937bc3d81f610fcfc2a98bfb7e677a06a (commit) via 9f506fecfcd408a8af0df0e9627795d0b1059730 (commit) via c184a9c8d35c10b30014e7538a862a7bc42556e7 (commit) from 9ebcb7c6e2f3226c915c39c81dcd1895dda3639b (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 57783b35f4383bdfdd146f2a3333bbc8bb995896 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:39 2017 +0300
linux-generic: crypto: add HMAC-SHA-512 authentication support
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 3117f65d..6fc1907d 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -69,6 +69,10 @@ static const odp_crypto_auth_capability_t auth_capa_sha256_hmac[] = { {.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} }, {.digest_len = 32, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
+static const odp_crypto_auth_capability_t auth_capa_sha512_hmac[] = { +{.digest_len = 32, .key_len = 64, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 64, .key_len = 64, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; + static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } };
@@ -555,7 +559,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa) capa->auths.bit.md5_hmac = 1; capa->auths.bit.sha1_hmac = 1; capa->auths.bit.sha256_hmac = 1; - capa->auths.bit.sha512_hmac = 0; + capa->auths.bit.sha512_hmac = 1; capa->auths.bit.aes_gcm = 1;
#if ODP_DEPRECATED_API @@ -636,6 +640,10 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_sha256_hmac; num = sizeof(auth_capa_sha256_hmac) / size; break; + case ODP_AUTH_ALG_SHA512_HMAC: + src = auth_capa_sha512_hmac; + num = sizeof(auth_capa_sha512_hmac) / size; + break; case ODP_AUTH_ALG_AES_GCM: src = auth_capa_aes_gcm; num = sizeof(auth_capa_aes_gcm) / size; @@ -761,6 +769,9 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, case ODP_AUTH_ALG_SHA256_HMAC: rc = process_auth_param(session, 32, EVP_sha256()); break; + case ODP_AUTH_ALG_SHA512_HMAC: + rc = process_auth_param(session, 64, EVP_sha512()); + break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: if (param->cipher_alg == ODP_CIPHER_ALG_AES128_GCM)
commit 904631219eab0af46cb99e8a56742401452ac2c3 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:38 2017 +0300
linux-generic: crypto: add SHA-1 authentication support
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 9e5a1190..3117f65d 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -61,6 +61,10 @@ static const odp_crypto_auth_capability_t auth_capa_md5_hmac[] = { {.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
+static const odp_crypto_auth_capability_t auth_capa_sha1_hmac[] = { +{.digest_len = 12, .key_len = 20, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 20, .key_len = 20, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; + static const odp_crypto_auth_capability_t auth_capa_sha256_hmac[] = { {.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} }, {.digest_len = 32, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; @@ -549,7 +553,7 @@ int odp_crypto_capability(odp_crypto_capability_t *capa)
capa->auths.bit.null = 1; capa->auths.bit.md5_hmac = 1; - capa->auths.bit.sha1_hmac = 0; + capa->auths.bit.sha1_hmac = 1; capa->auths.bit.sha256_hmac = 1; capa->auths.bit.sha512_hmac = 0; capa->auths.bit.aes_gcm = 1; @@ -624,6 +628,10 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth, src = auth_capa_md5_hmac; num = sizeof(auth_capa_md5_hmac) / size; break; + case ODP_AUTH_ALG_SHA1_HMAC: + src = auth_capa_sha1_hmac; + num = sizeof(auth_capa_sha1_hmac) / size; + break; case ODP_AUTH_ALG_SHA256_HMAC: src = auth_capa_sha256_hmac; num = sizeof(auth_capa_sha256_hmac) / size; @@ -741,6 +749,9 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, case ODP_AUTH_ALG_MD5_HMAC: rc = process_auth_param(session, 16, EVP_md5()); break; + case ODP_AUTH_ALG_SHA1_HMAC: + rc = process_auth_param(session, 20, EVP_sha1()); + break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_SHA256_128: /* Fixed digest tag length with deprecated algo */
commit f7bd3a7bbb3613260ef2bad1e3ede5145571dd6c Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:37 2017 +0300
validation: crypto: add HMAC-SHA-512 test cases
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/test/common_plat/validation/api/crypto/crypto.h b/test/common_plat/validation/api/crypto/crypto.h index 84e67379..dd15b448 100644 --- a/test/common_plat/validation/api/crypto/crypto.h +++ b/test/common_plat/validation/api/crypto/crypto.h @@ -30,7 +30,8 @@ void crypto_test_gen_alg_hmac_sha1(void); void crypto_test_check_alg_hmac_sha1(void); void crypto_test_gen_alg_hmac_sha256(void); void crypto_test_check_alg_hmac_sha256(void); -void crypto_test_alg_hmac_sha512(void); +void crypto_test_gen_alg_hmac_sha512(void); +void crypto_test_check_alg_hmac_sha512(void);
/* test arrays: */ extern odp_testinfo_t crypto_suite[]; diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index 6129d82d..ae600e23 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -32,6 +32,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_SHA1_HMAC"; case ODP_AUTH_ALG_SHA256_HMAC: return "ODP_AUTH_ALG_SHA256_HMAC"; + case ODP_AUTH_ALG_SHA512_HMAC: + return "ODP_AUTH_ALG_SHA512_HMAC"; case ODP_AUTH_ALG_AES_GCM: return "ODP_AUTH_ALG_AES_GCM"; default: @@ -139,6 +141,9 @@ static void alg_test(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && !(capa.auths.bit.sha256_hmac)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC && + !(capa.auths.bit.sha512_hmac)) + rc = -1;
CU_ASSERT(!rc); CU_ASSERT((~capa.auths.all_bits & capa.hw_auths.all_bits) == 0); @@ -1391,9 +1396,106 @@ static int check_alg_hmac_sha512(void) return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); }
-void crypto_test_alg_hmac_sha512(void) +/* This test verifies the correctness of HMAC_SHA512 digest operation. + * The output check length is truncated to 32 bytes (256 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +void crypto_test_gen_alg_hmac_sha512(void) { - printf(" TEST NOT IMPLEMENTED YET "); + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0 }; + + unsigned int test_vec_num = (sizeof(hmac_sha512_reference_length) / + sizeof(hmac_sha512_reference_length[0])); + + unsigned int i; + + for (i = 0; i < test_vec_num; i++) { + auth_key.data = hmac_sha512_reference_key[i]; + auth_key.length = sizeof(hmac_sha512_reference_key[i]); + + if (!check_auth_options(ODP_AUTH_ALG_SHA512_HMAC, + auth_key.length, + HMAC_SHA512_256_CHECK_LEN)) + continue; + + alg_test(ODP_CRYPTO_OP_ENCODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_SHA512_HMAC, + auth_key, + NULL, NULL, + NULL, 0, + hmac_sha512_reference_plaintext[i], + hmac_sha512_reference_length[i], + NULL, 0, + hmac_sha512_reference_digest[i], + HMAC_SHA512_256_CHECK_LEN); + } +} + +void crypto_test_check_alg_hmac_sha512(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0 }; + uint8_t wrong_digest[HMAC_SHA512_DIGEST_LEN]; + + unsigned int test_vec_num = (sizeof(hmac_sha512_reference_length) / + sizeof(hmac_sha512_reference_length[0])); + + unsigned int i; + + memset(wrong_digest, 0xa5, sizeof(wrong_digest)); + + for (i = 0; i < test_vec_num; i++) { + auth_key.data = hmac_sha512_reference_key[i]; + auth_key.length = sizeof(hmac_sha512_reference_key[i]); + + if (!check_auth_options(ODP_AUTH_ALG_SHA512_HMAC, + auth_key.length, + HMAC_SHA512_256_CHECK_LEN)) + continue; + + alg_test(ODP_CRYPTO_OP_DECODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_SHA512_HMAC, + auth_key, + NULL, NULL, + NULL, 0, + hmac_sha512_reference_plaintext[i], + hmac_sha512_reference_length[i], + NULL, 0, + hmac_sha512_reference_digest[i], + HMAC_SHA512_256_CHECK_LEN); + + alg_test(ODP_CRYPTO_OP_DECODE, + 1, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_SHA512_HMAC, + auth_key, + NULL, NULL, + NULL, 0, + hmac_sha512_reference_plaintext[i], + hmac_sha512_reference_length[i], + NULL, 0, + wrong_digest, + HMAC_SHA512_256_CHECK_LEN); + } }
int crypto_suite_sync_init(void) @@ -1461,7 +1563,9 @@ odp_testinfo_t crypto_suite[] = { check_alg_hmac_sha256), ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256, check_alg_hmac_sha256), - ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_sha512, + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512, + check_alg_hmac_sha512), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512, check_alg_hmac_sha512), ODP_TEST_INFO_NULL, }; diff --git a/test/common_plat/validation/api/crypto/test_vectors.h b/test/common_plat/validation/api/crypto/test_vectors.h index 1de54964..bd8bf347 100644 --- a/test/common_plat/validation/api/crypto/test_vectors.h +++ b/test/common_plat/validation/api/crypto/test_vectors.h @@ -397,4 +397,54 @@ static uint8_t hmac_sha1_reference_digest[][HMAC_SHA1_DIGEST_LEN] = { 0x11, 0xcd, 0x91, 0xa3, 0x9a, 0xf4 }, };
+static uint8_t hmac_sha512_reference_key[][HMAC_SHA512_KEY_LEN] = { + { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b }, + + /* "Jefe" */ + { 0x4a, 0x65, 0x66, 0x65 }, + + { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa } +}; + +static uint32_t hmac_sha512_reference_length[] = { 8, 28, 50 }; + +static uint8_t +hmac_sha512_reference_plaintext[][HMAC_SHA512_MAX_DATA_LEN] = { + /* "Hi There" */ + { 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, + + /* what do ya want for nothing?*/ + { 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, + 0x79, 0x61, 0x20, 0x77, 0x61, 0x6e, 0x74, 0x20, + 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, + 0x69, 0x6e, 0x67, 0x3f }, + + { 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd } +}; + +static uint8_t hmac_sha512_reference_digest[][HMAC_SHA512_DIGEST_LEN] = { + { 0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, + 0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0, + 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, + 0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde }, + + { 0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2, + 0xe3, 0x95, 0xfb, 0xe7, 0x3b, 0x56, 0xe0, 0xa3, + 0x87, 0xbd, 0x64, 0x22, 0x2e, 0x83, 0x1f, 0xd6, + 0x10, 0x27, 0x0c, 0xd7, 0xea, 0x25, 0x05, 0x54 }, + + { 0xfa, 0x73, 0xb0, 0x08, 0x9d, 0x56, 0xa2, 0x84, + 0xef, 0xb0, 0xf0, 0x75, 0x6c, 0x89, 0x0b, 0xe9, + 0xb1, 0xb5, 0xdb, 0xdd, 0x8e, 0xe8, 0x1a, 0x36, + 0x55, 0xf8, 0x3e, 0x33, 0xb2, 0x27, 0x9d, 0x39 } +}; + #endif diff --git a/test/common_plat/validation/api/crypto/test_vectors_len.h b/test/common_plat/validation/api/crypto/test_vectors_len.h index 5c3ddcee..20a7ddba 100644 --- a/test/common_plat/validation/api/crypto/test_vectors_len.h +++ b/test/common_plat/validation/api/crypto/test_vectors_len.h @@ -41,4 +41,10 @@ #define HMAC_SHA1_DIGEST_LEN 20 #define HMAC_SHA1_96_CHECK_LEN 12
+/* HMAC-SHA512 */ +#define HMAC_SHA512_KEY_LEN 64 +#define HMAC_SHA512_MAX_DATA_LEN 128 +#define HMAC_SHA512_DIGEST_LEN 64 +#define HMAC_SHA512_256_CHECK_LEN 32 + #endif
commit d3602cb56413bb31b4535976dfd3dd723a16bfc9 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:36 2017 +0300
validation: crypto: add HMAC-SHA-1 test cases
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/test/common_plat/validation/api/crypto/crypto.h b/test/common_plat/validation/api/crypto/crypto.h index 2a491c3c..84e67379 100644 --- a/test/common_plat/validation/api/crypto/crypto.h +++ b/test/common_plat/validation/api/crypto/crypto.h @@ -26,7 +26,8 @@ void crypto_test_dec_alg_aes128_gcm(void); void crypto_test_dec_alg_aes128_gcm_ovr_iv(void); void crypto_test_gen_alg_hmac_md5(void); void crypto_test_check_alg_hmac_md5(void); -void crypto_test_alg_hmac_sha1(void); +void crypto_test_gen_alg_hmac_sha1(void); +void crypto_test_check_alg_hmac_sha1(void); void crypto_test_gen_alg_hmac_sha256(void); void crypto_test_check_alg_hmac_sha256(void); void crypto_test_alg_hmac_sha512(void); diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index 4d8f7b54..6129d82d 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -28,6 +28,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth) return "ODP_AUTH_ALG_NULL"; case ODP_AUTH_ALG_MD5_HMAC: return "ODP_AUTH_ALG_MD5_HMAC"; + case ODP_AUTH_ALG_SHA1_HMAC: + return "ODP_AUTH_ALG_SHA1_HMAC"; case ODP_AUTH_ALG_SHA256_HMAC: return "ODP_AUTH_ALG_SHA256_HMAC"; case ODP_AUTH_ALG_AES_GCM: @@ -131,6 +133,9 @@ static void alg_test(odp_crypto_op_t op, if (auth_alg == ODP_AUTH_ALG_NULL && !(capa.auths.bit.null)) rc = -1; + if (auth_alg == ODP_AUTH_ALG_SHA1_HMAC && + !(capa.auths.bit.sha1_hmac)) + rc = -1; if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC && !(capa.auths.bit.sha256_hmac)) rc = -1; @@ -1167,6 +1172,113 @@ void crypto_test_check_alg_hmac_md5(void) } }
+static int check_alg_hmac_sha1(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); +} + +/* This test verifies the correctness of HMAC_SHA1 digest operation. + * The output check length is truncated to 12 bytes (96 bits) as + * returned by the crypto operation API call. + * Note that hash digest is a one-way operation. + * In addition the test verifies if the implementation can use the + * packet buffer as completion event buffer. + * */ +void crypto_test_gen_alg_hmac_sha1(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0 }; + + unsigned int test_vec_num = (sizeof(hmac_sha1_reference_length) / + sizeof(hmac_sha1_reference_length[0])); + + unsigned int i; + + for (i = 0; i < test_vec_num; i++) { + auth_key.data = hmac_sha1_reference_key[i]; + auth_key.length = sizeof(hmac_sha1_reference_key[i]); + + if (!check_auth_options(ODP_AUTH_ALG_SHA1_HMAC, + auth_key.length, + HMAC_SHA1_96_CHECK_LEN)) + continue; + + alg_test(ODP_CRYPTO_OP_ENCODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_SHA1_HMAC, + auth_key, + NULL, NULL, + NULL, 0, + hmac_sha1_reference_plaintext[i], + hmac_sha1_reference_length[i], + NULL, 0, + hmac_sha1_reference_digest[i], + HMAC_SHA1_96_CHECK_LEN); + } +} + +void crypto_test_check_alg_hmac_sha1(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0 }; + uint8_t wrong_digest[HMAC_SHA1_DIGEST_LEN]; + + unsigned int test_vec_num = (sizeof(hmac_sha1_reference_length) / + sizeof(hmac_sha1_reference_length[0])); + + unsigned int i; + + memset(wrong_digest, 0xa5, sizeof(wrong_digest)); + + for (i = 0; i < test_vec_num; i++) { + auth_key.data = hmac_sha1_reference_key[i]; + auth_key.length = sizeof(hmac_sha1_reference_key[i]); + + if (!check_auth_options(ODP_AUTH_ALG_SHA1_HMAC, + auth_key.length, + HMAC_SHA1_96_CHECK_LEN)) + continue; + + alg_test(ODP_CRYPTO_OP_DECODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_SHA1_HMAC, + auth_key, + NULL, NULL, + NULL, 0, + hmac_sha1_reference_plaintext[i], + hmac_sha1_reference_length[i], + NULL, 0, + hmac_sha1_reference_digest[i], + HMAC_SHA1_96_CHECK_LEN); + + alg_test(ODP_CRYPTO_OP_DECODE, + 1, + ODP_CIPHER_ALG_NULL, + iv, + iv.data, + cipher_key, + ODP_AUTH_ALG_SHA1_HMAC, + auth_key, + NULL, NULL, + NULL, 0, + hmac_sha1_reference_plaintext[i], + hmac_sha1_reference_length[i], + NULL, 0, + wrong_digest, + HMAC_SHA1_96_CHECK_LEN); + } +} + static int check_alg_hmac_sha256(void) { return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA256_HMAC); @@ -1274,16 +1386,6 @@ void crypto_test_check_alg_hmac_sha256(void) } }
-static int check_alg_hmac_sha1(void) -{ - return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA1_HMAC); -} - -void crypto_test_alg_hmac_sha1(void) -{ - printf(" TEST NOT IMPLEMENTED YET "); -} - static int check_alg_hmac_sha512(void) { return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC); @@ -1351,7 +1453,9 @@ odp_testinfo_t crypto_suite[] = { check_alg_hmac_md5), ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_md5, check_alg_hmac_md5), - ODP_TEST_INFO_CONDITIONAL(crypto_test_alg_hmac_sha1, + ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha1, + check_alg_hmac_sha1), + ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha1, check_alg_hmac_sha1), ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha256, check_alg_hmac_sha256), diff --git a/test/common_plat/validation/api/crypto/test_vectors.h b/test/common_plat/validation/api/crypto/test_vectors.h index 6d568b91..1de54964 100644 --- a/test/common_plat/validation/api/crypto/test_vectors.h +++ b/test/common_plat/validation/api/crypto/test_vectors.h @@ -353,4 +353,48 @@ static uint32_t hmac_sha256_reference_digest_length[] = { 16, 16, 16 };
+static uint8_t hmac_sha1_reference_key[][HMAC_SHA1_KEY_LEN] = { + { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b }, + + /* "Jefe" */ + { 0x4a, 0x65, 0x66, 0x65 }, + + { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa } +}; + +static uint32_t hmac_sha1_reference_length[] = { 8, 28, 50 }; + +static uint8_t +hmac_sha1_reference_plaintext[][HMAC_SHA1_MAX_DATA_LEN] = { + /* "Hi There" */ + { 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, + + /* what do ya want for nothing?*/ + { 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, + 0x79, 0x61, 0x20, 0x77, 0x61, 0x6e, 0x74, 0x20, + 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, + 0x69, 0x6e, 0x67, 0x3f }, + + { 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd } +}; + +static uint8_t hmac_sha1_reference_digest[][HMAC_SHA1_DIGEST_LEN] = { + { 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, + 0x72, 0x64, 0xe2, 0x8b, 0xc0, 0xb6 }, + + { 0xef, 0xfc, 0xdf, 0x6a, 0xe5, 0xeb, + 0x2f, 0xa2, 0xd2, 0x74, 0x16, 0xd5 }, + + { 0x12, 0x5d, 0x73, 0x42, 0xb9, 0xac, + 0x11, 0xcd, 0x91, 0xa3, 0x9a, 0xf4 }, +}; + #endif diff --git a/test/common_plat/validation/api/crypto/test_vectors_len.h b/test/common_plat/validation/api/crypto/test_vectors_len.h index c1521dd7..5c3ddcee 100644 --- a/test/common_plat/validation/api/crypto/test_vectors_len.h +++ b/test/common_plat/validation/api/crypto/test_vectors_len.h @@ -35,4 +35,10 @@ #define HMAC_SHA256_MAX_DATA_LEN 128 #define HMAC_SHA256_DIGEST_LEN 32
+/* HMAC-SHA1 */ +#define HMAC_SHA1_KEY_LEN 20 +#define HMAC_SHA1_MAX_DATA_LEN 128 +#define HMAC_SHA1_DIGEST_LEN 20 +#define HMAC_SHA1_96_CHECK_LEN 12 + #endif
commit 908e27635dfe08e249407f4c4e53aa2c7ce12ea1 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:35 2017 +0300
validation: crypto: add tests for NULL cipher
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/test/common_plat/validation/api/crypto/crypto.h b/test/common_plat/validation/api/crypto/crypto.h index 4d810f62..2a491c3c 100644 --- a/test/common_plat/validation/api/crypto/crypto.h +++ b/test/common_plat/validation/api/crypto/crypto.h @@ -10,6 +10,8 @@ #include "odp_cunit_common.h"
/* test functions: */ +void crypto_test_enc_alg_null(void); +void crypto_test_dec_alg_null(void); void crypto_test_enc_alg_3des_cbc(void); void crypto_test_enc_alg_3des_cbc_ovr_iv(void); void crypto_test_dec_alg_3des_cbc(void); diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index 470c5bc5..4d8f7b54 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -430,6 +430,73 @@ static int check_auth_options(odp_auth_alg_t auth, uint32_t key_len, return 1; }
+static int check_alg_null(void) +{ + return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_NULL); +} + +void crypto_test_enc_alg_null(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0}; + unsigned int test_vec_num = (sizeof(null_reference_length) / + sizeof(null_reference_length[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) { + if (!check_cipher_options(ODP_CIPHER_ALG_NULL, + cipher_key.length, iv.length)) + continue; + + alg_test(ODP_CRYPTO_OP_ENCODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + NULL, + cipher_key, + ODP_AUTH_ALG_NULL, + auth_key, + NULL, NULL, + NULL, 0, + null_reference_plaintext[i], + null_reference_length[i], + null_reference_plaintext[i], + null_reference_length[i], NULL, 0); + } +} + +void crypto_test_dec_alg_null(void) +{ + odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 }, + auth_key = { .data = NULL, .length = 0 }; + odp_crypto_iv_t iv = { .data = NULL, .length = 0 }; + unsigned int test_vec_num = (sizeof(null_reference_length) / + sizeof(null_reference_length[0])); + unsigned int i; + + for (i = 0; i < test_vec_num; i++) { + if (!check_cipher_options(ODP_CIPHER_ALG_NULL, + cipher_key.length, iv.length)) + continue; + + alg_test(ODP_CRYPTO_OP_DECODE, + 0, + ODP_CIPHER_ALG_NULL, + iv, + NULL, + cipher_key, + ODP_AUTH_ALG_NULL, + auth_key, + NULL, NULL, + NULL, 0, + null_reference_plaintext[i], + null_reference_length[i], + null_reference_plaintext[i], + null_reference_length[i], NULL, 0); + } +} + static int check_alg_3des_cbc(void) { return check_alg_support(ODP_CIPHER_ALG_3DES_CBC, ODP_AUTH_ALG_NULL); @@ -1252,6 +1319,10 @@ int crypto_suite_async_init(void) }
odp_testinfo_t crypto_suite[] = { + ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_null, + check_alg_null), + ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_null, + check_alg_null), ODP_TEST_INFO_CONDITIONAL(crypto_test_enc_alg_3des_cbc, check_alg_3des_cbc), ODP_TEST_INFO_CONDITIONAL(crypto_test_dec_alg_3des_cbc, diff --git a/test/common_plat/validation/api/crypto/test_vectors.h b/test/common_plat/validation/api/crypto/test_vectors.h index 0d36c249..6d568b91 100644 --- a/test/common_plat/validation/api/crypto/test_vectors.h +++ b/test/common_plat/validation/api/crypto/test_vectors.h @@ -8,6 +8,18 @@ #define _ODP_TEST_CRYPTO_VECTORS_H_
#include "test_vectors_len.h" + +/** length in bytes */ +static uint32_t null_reference_length[] = { 8, 16 }; + +static uint8_t +null_reference_plaintext[][NULL_MAX_DATA_LEN] = { + {0x32, 0x6a, 0x49, 0x4c, 0xd3, 0x3f, 0xe7, 0x56}, + + {0x84, 0x40, 0x1f, 0x78, 0xfe, 0x6c, 0x10, 0x87, 0x6d, 0x8e, 0xa2, 0x30, + 0x94, 0xea, 0x53, 0x09} +}; + /* TDES-CBC reference vectors, according to * "http://csrc.nist.gov/groups/STM/cavp/documents/des/DESMMT.pdf" */ diff --git a/test/common_plat/validation/api/crypto/test_vectors_len.h b/test/common_plat/validation/api/crypto/test_vectors_len.h index 80fd927b..c1521dd7 100644 --- a/test/common_plat/validation/api/crypto/test_vectors_len.h +++ b/test/common_plat/validation/api/crypto/test_vectors_len.h @@ -6,6 +6,9 @@ #ifndef TEST_VECTORS_LEN_ #define TEST_VECTORS_LEN_
+/* NULL */ +#define NULL_MAX_DATA_LEN 16 + /* TDES-CBC */ #define TDES_CBC_KEY_LEN 24 #define TDES_CBC_IV_LEN 8
commit d80e025c8baebed0305648737e528580b84fae2a Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:34 2017 +0300
crypto: linux-generic: add capabilities for CIPHER_NULL and AUTH_NULL
There is no point in having separate cases for NULL algorithms. Add capabilities returning 0 key/digest/iv length.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 32fece30..9e5a1190 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -34,6 +34,9 @@ * * Keep sorted: first by key length, then by IV length */ +static const odp_crypto_cipher_capability_t cipher_capa_null[] = { +{.key_len = 0, .iv_len = 0} }; + static const odp_crypto_cipher_capability_t cipher_capa_des[] = { {.key_len = 24, .iv_len = 8} };
@@ -51,6 +54,9 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { * * Keep sorted: first by digest length, then by key length */ +static const odp_crypto_auth_capability_t auth_capa_null[] = { +{.digest_len = 0, .key_len = 0, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; + static const odp_crypto_auth_capability_t auth_capa_md5_hmac[] = { {.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, {.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; @@ -571,8 +577,8 @@ int odp_crypto_cipher_capability(odp_cipher_alg_t cipher,
switch (cipher) { case ODP_CIPHER_ALG_NULL: - src = NULL; - num = 0; + src = cipher_capa_null; + num = sizeof(cipher_capa_null) / size; break; case ODP_CIPHER_ALG_DES: src = cipher_capa_des; @@ -611,8 +617,8 @@ int odp_crypto_auth_capability(odp_auth_alg_t auth,
switch (auth) { case ODP_AUTH_ALG_NULL: - src = NULL; - num = 0; + src = auth_capa_null; + num = sizeof(auth_capa_null) / size; break; case ODP_AUTH_ALG_MD5_HMAC: src = auth_capa_md5_hmac; diff --git a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c index c89d04f9..470c5bc5 100644 --- a/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/common_plat/validation/api/crypto/odp_crypto_test_inp.c @@ -141,13 +141,8 @@ static void alg_test(odp_crypto_op_t op, num = odp_crypto_cipher_capability(cipher_alg, cipher_capa, MAX_ALG_CAPA);
- if (cipher_alg != ODP_CIPHER_ALG_NULL) { - CU_ASSERT(num > 0); - found = 0; - } else { - CU_ASSERT(num == 0); - found = 1; - } + CU_ASSERT(num > 0); + found = 0;
CU_ASSERT(num <= MAX_ALG_CAPA);
@@ -167,13 +162,8 @@ static void alg_test(odp_crypto_op_t op,
num = odp_crypto_auth_capability(auth_alg, auth_capa, MAX_ALG_CAPA);
- if (auth_alg != ODP_AUTH_ALG_NULL) { - CU_ASSERT(num > 0); - found = 0; - } else { - CU_ASSERT(num == 0); - found = 1; - } + CU_ASSERT(num > 0); + found = 0;
CU_ASSERT(num <= MAX_ALG_CAPA);
commit 33a0dad444fab1c1567083b289eac7727eab3b31 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:33 2017 +0300
test: odp_crypto: bail out if odp_crypto_session_create failed
If odp_crypto_session_create() failed, there is no point in checking/freeing session, as it might not have been updated.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/test/common_plat/performance/odp_crypto.c b/test/common_plat/performance/odp_crypto.c index 6a58294a..c3dd6d38 100644 --- a/test/common_plat/performance/odp_crypto.c +++ b/test/common_plat/performance/odp_crypto.c @@ -665,34 +665,32 @@ run_measure_one_config(crypto_args_t *cargs, int rc = 0;
if (create_session_from_config(&session, config, cargs)) - rc = -1; - - if (!rc) { - if (cargs->payload_length) { - rc = run_measure_one(cargs, config, &session, - cargs->payload_length, &result); - if (!rc) { - print_result_header(); - print_result(cargs, cargs->payload_length, - config, &result); - } - } else { - unsigned i; + return -1;
+ if (cargs->payload_length) { + rc = run_measure_one(cargs, config, &session, + cargs->payload_length, &result); + if (!rc) { print_result_header(); - for (i = 0; i < num_payloads; i++) { - rc = run_measure_one(cargs, config, &session, - payloads[i], &result); - if (rc) - break; - print_result(cargs, payloads[i], - config, &result); - } + print_result(cargs, cargs->payload_length, + config, &result); + } + } else { + unsigned i; + + print_result_header(); + for (i = 0; i < num_payloads; i++) { + rc = run_measure_one(cargs, config, &session, + payloads[i], &result); + if (rc) + break; + print_result(cargs, payloads[i], + config, &result); } }
- if (session != ODP_CRYPTO_SESSION_INVALID) - odp_crypto_session_destroy(session); + odp_crypto_session_destroy(session); + return rc; }
commit ccb2cd5eb7383f46051dff2b1e7675ed54f635b2 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:32 2017 +0300
linux-generic: crypto: NULL session->next pointer on session allocation
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index ea7c7026..32fece30 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -88,8 +88,10 @@ odp_crypto_generic_session_t *alloc_session(void)
odp_spinlock_lock(&global->lock); session = global->free; - if (session) + if (session) { global->free = session->next; + session->next = NULL; + } odp_spinlock_unlock(&global->lock);
return session;
commit d8e4647baa7b1159480dfde4d5a2143146e8c6cb Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:31 2017 +0300
linux-generic: crypto: make en/decryption work across packet segments
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 7ea90fb9..ea7c7026 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -190,14 +190,122 @@ odp_crypto_alg_err_t auth_check(odp_crypto_op_param_t *param, }
static +int internal_encrypt(EVP_CIPHER_CTX *ctx, odp_crypto_op_param_t *param) +{ + odp_packet_t pkt = param->out_pkt; + unsigned in_pos = param->cipher_range.offset; + unsigned out_pos = param->cipher_range.offset; + unsigned in_len = param->cipher_range.length; + uint8_t block[2 * EVP_MAX_BLOCK_LENGTH]; + unsigned block_len = EVP_CIPHER_block_size(EVP_CIPHER_CTX_cipher(ctx)); + int cipher_len; + int ret; + + while (in_len > 0) { + uint32_t seglen = 0; /* GCC */ + uint8_t *insegaddr = odp_packet_offset(pkt, in_pos, + &seglen, NULL); + unsigned inseglen = in_len < seglen ? in_len : seglen; + + /* There should be at least 1 additional block in out buffer */ + if (inseglen > block_len) { + unsigned part = inseglen - block_len; + + EVP_EncryptUpdate(ctx, insegaddr, &cipher_len, + insegaddr, part); + in_pos += part; + in_len -= part; + insegaddr += part; + inseglen -= part; + + out_pos += cipher_len; + } + + /* Use temporal storage */ + if (inseglen > 0) { + unsigned part = inseglen; + + EVP_EncryptUpdate(ctx, block, &cipher_len, + insegaddr, part); + in_pos += part; + in_len -= part; + insegaddr += part; + inseglen -= part; + + odp_packet_copy_from_mem(pkt, out_pos, + cipher_len, block); + out_pos += cipher_len; + } + } + + ret = EVP_EncryptFinal_ex(ctx, block, &cipher_len); + odp_packet_copy_from_mem(pkt, out_pos, cipher_len, block); + + return ret; +} + +static +int internal_decrypt(EVP_CIPHER_CTX *ctx, odp_crypto_op_param_t *param) +{ + odp_packet_t pkt = param->out_pkt; + unsigned in_pos = param->cipher_range.offset; + unsigned out_pos = param->cipher_range.offset; + unsigned in_len = param->cipher_range.length; + uint8_t block[2 * EVP_MAX_BLOCK_LENGTH]; + unsigned block_len = EVP_CIPHER_block_size(EVP_CIPHER_CTX_cipher(ctx)); + int cipher_len; + int ret; + + while (in_len > 0) { + uint32_t seglen = 0; /* GCC */ + uint8_t *insegaddr = odp_packet_offset(pkt, in_pos, + &seglen, NULL); + unsigned inseglen = in_len < seglen ? in_len : seglen; + + /* There should be at least 1 additional block in out buffer */ + if (inseglen > block_len) { + unsigned part = inseglen - block_len; + + EVP_DecryptUpdate(ctx, insegaddr, &cipher_len, + insegaddr, part); + in_pos += part; + in_len -= part; + insegaddr += part; + inseglen -= part; + + out_pos += cipher_len; + } + + /* Use temporal storage */ + if (inseglen > 0) { + unsigned part = inseglen; + + EVP_DecryptUpdate(ctx, block, &cipher_len, + insegaddr, part); + in_pos += part; + in_len -= part; + insegaddr += part; + inseglen -= part; + + odp_packet_copy_from_mem(pkt, out_pos, + cipher_len, block); + out_pos += cipher_len; + } + } + + ret = EVP_DecryptFinal_ex(ctx, block, &cipher_len); + odp_packet_copy_from_mem(pkt, out_pos, cipher_len, block); + + return ret; +} + +static odp_crypto_alg_err_t cipher_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t plain_len = param->cipher_range.length; void *iv_ptr; - int cipher_len = 0; + int ret;
if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -206,9 +314,6 @@ odp_crypto_alg_err_t cipher_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - /* Encrypt it */ ctx = EVP_CIPHER_CTX_new(); EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, @@ -216,13 +321,12 @@ odp_crypto_alg_err_t cipher_encrypt(odp_crypto_op_param_t *param, EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0);
- EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); - - EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); + ret = internal_encrypt(ctx, param);
EVP_CIPHER_CTX_free(ctx);
- return ODP_CRYPTO_ALG_ERR_NONE; + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; }
static @@ -230,10 +334,8 @@ odp_crypto_alg_err_t cipher_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t cipher_len = param->cipher_range.length; - int plain_len = 0; void *iv_ptr; + int ret;
if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -242,9 +344,6 @@ odp_crypto_alg_err_t cipher_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - /* Decrypt it */ ctx = EVP_CIPHER_CTX_new(); EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, @@ -252,13 +351,12 @@ odp_crypto_alg_err_t cipher_decrypt(odp_crypto_op_param_t *param, EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0);
- EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); - - EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len); + ret = internal_decrypt(ctx, param);
EVP_CIPHER_CTX_free(ctx);
- return ODP_CRYPTO_ALG_ERR_NONE; + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; }
static int process_cipher_param(odp_crypto_generic_session_t *session, @@ -293,13 +391,12 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t plain_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; void *iv_ptr; - int cipher_len = 0; - uint8_t *tag = data + param->hash_result_offset; + int dummy_len = 0; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret;
if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -308,9 +405,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - /* Encrypt it */ ctx = EVP_CIPHER_CTX_new(); EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, @@ -322,18 +416,20 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param,
/* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) - EVP_EncryptUpdate(ctx, NULL, &cipher_len, + EVP_EncryptUpdate(ctx, NULL, &dummy_len, aad_head, aad_len);
- EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); + ret = internal_encrypt(ctx, param);
- EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, - session->p.auth_digest_len, tag); + session->p.auth_digest_len, block); + odp_packet_copy_from_mem(param->out_pkt, param->hash_result_offset, + session->p.auth_digest_len, block);
EVP_CIPHER_CTX_free(ctx);
- return ODP_CRYPTO_ALG_ERR_NONE; + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : + ODP_CRYPTO_ALG_ERR_NONE; }
static @@ -341,13 +437,12 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t cipher_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; - int plain_len = 0; + int dummy_len = 0; void *iv_ptr; - uint8_t *tag = data + param->hash_result_offset; + uint8_t block[EVP_MAX_MD_SIZE]; + int ret;
if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -356,9 +451,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - /* Decrypt it */ ctx = EVP_CIPHER_CTX_new(); EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, @@ -368,22 +460,22 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0);
+ odp_packet_copy_to_mem(param->out_pkt, param->hash_result_offset, + session->p.auth_digest_len, block); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, - session->p.auth_digest_len, tag); + session->p.auth_digest_len, block);
/* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) - EVP_DecryptUpdate(ctx, NULL, &plain_len, + EVP_DecryptUpdate(ctx, NULL, &dummy_len, aad_head, aad_len);
- EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); - - if (EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len) <= 0) - return ODP_CRYPTO_ALG_ERR_ICV_CHECK; + ret = internal_decrypt(ctx, param);
EVP_CIPHER_CTX_free(ctx);
- return ODP_CRYPTO_ALG_ERR_NONE; + return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : + ODP_CRYPTO_ALG_ERR_NONE; }
static int process_aes_gcm_param(odp_crypto_generic_session_t *session,
commit 20cc38e36a52f70758c3464014f4f00a94d2139d Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:30 2017 +0300
linux-generic: crypto: make HMAC work across segmented packets
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 2ba077f9..7ea90fb9 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -112,29 +112,53 @@ null_crypto_routine(odp_crypto_op_param_t *param ODP_UNUSED, }
static +void packet_hmac(odp_crypto_op_param_t *param, + odp_crypto_generic_session_t *session, + uint8_t *hash) +{ + odp_packet_t pkt = param->out_pkt; + uint32_t offset = param->auth_range.offset; + uint32_t len = param->auth_range.length; + HMAC_CTX ctx; + + ODP_ASSERT(offset + len <= odp_packet_len(pkt)); + + /* Hash it */ + HMAC_CTX_init(&ctx); + HMAC_Init_ex(&ctx, + session->auth.key, + session->auth.key_length, + session->auth.evp_md, + NULL); + + while (len > 0) { + uint32_t seglen = 0; /* GCC */ + void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL); + uint32_t maclen = len > seglen ? seglen : len; + + HMAC_Update(&ctx, mapaddr, maclen); + offset += maclen; + len -= maclen; + } + + HMAC_Final(&ctx, hash, NULL); + HMAC_CTX_cleanup(&ctx); +} + +static odp_crypto_alg_err_t auth_gen(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { - uint8_t *data = odp_packet_data(param->out_pkt); - uint8_t *icv = data; - uint32_t len = param->auth_range.length; uint8_t hash[EVP_MAX_MD_SIZE];
- /* Adjust pointer for beginning of area to auth */ - data += param->auth_range.offset; - icv += param->hash_result_offset; - /* Hash it */ - HMAC(session->auth.evp_md, - session->auth.key, - session->auth.key_length, - data, - len, - hash, - NULL); + packet_hmac(param, session, hash);
/* Copy to the output location */ - memcpy(icv, hash, session->auth.bytes); + odp_packet_copy_from_mem(param->out_pkt, + param->hash_result_offset, + session->auth.bytes, + hash);
return ODP_CRYPTO_ALG_ERR_NONE; } @@ -143,31 +167,19 @@ static odp_crypto_alg_err_t auth_check(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { - uint8_t *data = odp_packet_data(param->out_pkt); - uint8_t *icv = data; - uint32_t len = param->auth_range.length; uint32_t bytes = session->auth.bytes; uint8_t hash_in[EVP_MAX_MD_SIZE]; uint8_t hash_out[EVP_MAX_MD_SIZE];
- /* Adjust pointer for beginning of area to auth */ - data += param->auth_range.offset; - icv += param->hash_result_offset; - /* Copy current value out and clear it before authentication */ - memset(hash_in, 0, sizeof(hash_in)); - memcpy(hash_in, icv, bytes); - memset(icv, 0, bytes); - memset(hash_out, 0, sizeof(hash_out)); + odp_packet_copy_to_mem(param->out_pkt, param->hash_result_offset, + bytes, hash_in); + + _odp_packet_set_data(param->out_pkt, param->hash_result_offset, + 0, bytes);
/* Hash it */ - HMAC(session->auth.evp_md, - session->auth.key, - session->auth.key_length, - data, - len, - hash_out, - NULL); + packet_hmac(param, session, hash_out);
/* Verify match */ if (0 != memcmp(hash_in, hash_out, bytes))
commit 9bb2a439ae2a8751df5a6007a7e242d7bcb963e5 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:29 2017 +0300
linux-generic: crypto: merge AES-CBC and 3DES-CBC support
There is now nearly no difference between AES-CBC and 3DES-CBC code. Merge it into generic 'cipher' support, easing adding support for other ciphers in future.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index f4f1948f..c3b70b23 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -40,18 +40,9 @@ struct odp_crypto_generic_session { struct { /* Copy of session IV data */ uint8_t iv_data[MAX_IV_LEN]; + uint8_t key_data[EVP_MAX_KEY_LENGTH];
- union { - struct { - uint8_t key[EVP_MAX_KEY_LENGTH]; - } des; - struct { - uint8_t key[EVP_MAX_KEY_LENGTH]; - } aes; - struct { - uint8_t key[EVP_MAX_KEY_LENGTH]; - } aes_gcm; - } data; + const EVP_CIPHER *evp_cipher; crypto_func_t func; } cipher;
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index bff712d1..2ba077f9 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -178,8 +178,8 @@ odp_crypto_alg_err_t auth_check(odp_crypto_op_param_t *param, }
static -odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t cipher_encrypt(odp_crypto_op_param_t *param, + odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); @@ -199,8 +199,8 @@ odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param,
/* Encrypt it */ ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, - session->cipher.data.aes.key, NULL); + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0);
@@ -214,8 +214,8 @@ odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, }
static -odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t cipher_decrypt(odp_crypto_op_param_t *param, + odp_crypto_generic_session_t *session) { EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); @@ -235,8 +235,8 @@ odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param,
/* Decrypt it */ ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, - session->cipher.data.aes.key, NULL); + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0);
@@ -249,20 +249,29 @@ odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_NONE; }
-static int process_aes_param(odp_crypto_generic_session_t *session) +static int process_cipher_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) { - /* Verify IV len is either 0 or 16 */ - if (!((0 == session->p.iv.length) || (16 == session->p.iv.length))) + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.cipher_key.length) return -1;
- memcpy(session->cipher.data.aes.key, session->p.cipher_key.data, + /* Verify IV len is correct */ + if (!((0 == session->p.iv.length) || + ((uint32_t)EVP_CIPHER_iv_length(cipher) == session->p.iv.length))) + return -1; + + session->cipher.evp_cipher = cipher; + + memcpy(session->cipher.key_data, session->p.cipher_key.data, session->p.cipher_key.length);
/* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->cipher.func = aes_encrypt; + session->cipher.func = cipher_encrypt; else - session->cipher.func = aes_decrypt; + session->cipher.func = cipher_decrypt;
return 0; } @@ -292,8 +301,8 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param,
/* Encrypt it */ ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, - session->cipher.data.aes_gcm.key, NULL); + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, session->p.iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); @@ -340,8 +349,8 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param,
/* Decrypt it */ ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, - session->cipher.data.aes_gcm.key, NULL); + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, session->p.iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); @@ -365,15 +374,19 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_NONE; }
-static int process_aes_gcm_param(odp_crypto_generic_session_t *session) +static int process_aes_gcm_param(odp_crypto_generic_session_t *session, + const EVP_CIPHER *cipher) { - /* Verify Key len is 16 */ - if (session->p.cipher_key.length != 16) + /* Verify Key len is valid */ + if ((uint32_t)EVP_CIPHER_key_length(cipher) != + session->p.cipher_key.length) return -1;
- memcpy(session->cipher.data.aes_gcm.key, session->p.cipher_key.data, + memcpy(session->cipher.key_data, session->p.cipher_key.data, session->p.cipher_key.length);
+ session->cipher.evp_cipher = cipher; + /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = aes_gcm_encrypt; @@ -383,96 +396,6 @@ static int process_aes_gcm_param(odp_crypto_generic_session_t *session) return 0; }
-static -odp_crypto_alg_err_t des_encrypt(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) -{ - EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t plain_len = param->cipher_range.length; - void *iv_ptr; - int cipher_len = 0; - - if (param->override_iv_ptr) - iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) - iv_ptr = session->cipher.iv_data; - else - return ODP_CRYPTO_ALG_ERR_IV_INVALID; - - /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - - /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, - session->cipher.data.des.key, NULL); - EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); - - EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); - - EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); - - EVP_CIPHER_CTX_cleanup(ctx); - - return ODP_CRYPTO_ALG_ERR_NONE; -} - -static -odp_crypto_alg_err_t des_decrypt(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) -{ - EVP_CIPHER_CTX *ctx; - uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t cipher_len = param->cipher_range.length; - int plain_len = 0; - void *iv_ptr; - - if (param->override_iv_ptr) - iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) - iv_ptr = session->cipher.iv_data; - else - return ODP_CRYPTO_ALG_ERR_IV_INVALID; - - /* Adjust pointer for beginning of area to cipher/auth */ - data += param->cipher_range.offset; - - /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, - session->cipher.data.des.key, NULL); - EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); - - EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); - - EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len); - - EVP_CIPHER_CTX_cleanup(ctx); - - return ODP_CRYPTO_ALG_ERR_NONE; -} - -static int process_des_param(odp_crypto_generic_session_t *session) -{ - /* Verify IV len is either 0 or 8 */ - if (!((0 == session->p.iv.length) || (8 == session->p.iv.length))) - return -1; - - memcpy(session->cipher.data.des.key, session->p.cipher_key.data, - session->p.cipher_key.length); - - /* Set function */ - if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->cipher.func = des_encrypt; - else - session->cipher.func = des_decrypt; - - return 0; -} - static int process_auth_param(odp_crypto_generic_session_t *session, uint32_t key_length, const EVP_MD *evp_md) @@ -656,13 +579,13 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, break; case ODP_CIPHER_ALG_DES: case ODP_CIPHER_ALG_3DES_CBC: - rc = process_des_param(session); + rc = process_cipher_param(session, EVP_des_ede3_cbc()); break; case ODP_CIPHER_ALG_AES_CBC: #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_CBC: #endif - rc = process_aes_param(session); + rc = process_cipher_param(session, EVP_aes_128_cbc()); break; #if ODP_DEPRECATED_API case ODP_CIPHER_ALG_AES128_GCM: @@ -674,7 +597,7 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, /* AES-GCM requires to do both auth and * cipher at the same time */ if (param->auth_alg == ODP_AUTH_ALG_AES_GCM || aes_gcm) - rc = process_aes_gcm_param(session); + rc = process_aes_gcm_param(session, EVP_aes_128_gcm()); else rc = -1; break;
commit a6fa9f3e721dbdb99e2a0bac320f988930e5f874 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:28 2017 +0300
linux-generic: crypto: rewrite 3DES-CBC support using EVP functions
Rewrite 3DES-CBC to use generic EVP interface following AES-GCM implementation.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index d6fd0400..f4f1948f 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -11,7 +11,6 @@ extern "C" { #endif
-#include <openssl/des.h> #include <openssl/evp.h>
#define MAX_IV_LEN 64 @@ -44,9 +43,7 @@ struct odp_crypto_generic_session {
union { struct { - DES_key_schedule ks1; - DES_key_schedule ks2; - DES_key_schedule ks3; + uint8_t key[EVP_MAX_KEY_LENGTH]; } des; struct { uint8_t key[EVP_MAX_KEY_LENGTH]; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index f503bd98..bff712d1 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -387,10 +387,11 @@ static odp_crypto_alg_err_t des_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t len = param->cipher_range.length; - DES_cblock iv; + uint32_t plain_len = param->cipher_range.length; void *iv_ptr; + int cipher_len = 0;
if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -399,24 +400,21 @@ odp_crypto_alg_err_t des_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv, iv_ptr, sizeof(iv)); - - /* Adjust pointer for beginning of area to cipher */ + /* Adjust pointer for beginning of area to cipher/auth */ data += param->cipher_range.offset; + /* Encrypt it */ - DES_ede3_cbc_encrypt(data, - data, - len, - &session->cipher.data.des.ks1, - &session->cipher.data.des.ks2, - &session->cipher.data.des.ks3, - &iv, - 1); + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, + session->cipher.data.des.key, NULL); + EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); + + EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); + + EVP_CIPHER_CTX_cleanup(ctx);
return ODP_CRYPTO_ALG_ERR_NONE; } @@ -425,9 +423,10 @@ static odp_crypto_alg_err_t des_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t len = param->cipher_range.length; - DES_cblock iv; + uint32_t cipher_len = param->cipher_range.length; + int plain_len = 0; void *iv_ptr;
if (param->override_iv_ptr) @@ -437,25 +436,21 @@ odp_crypto_alg_err_t des_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv, iv_ptr, sizeof(iv)); - - /* Adjust pointer for beginning of area to cipher */ + /* Adjust pointer for beginning of area to cipher/auth */ data += param->cipher_range.offset;
/* Decrypt it */ - DES_ede3_cbc_encrypt(data, - data, - len, - &session->cipher.data.des.ks1, - &session->cipher.data.des.ks2, - &session->cipher.data.des.ks3, - &iv, - 0); + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, + session->cipher.data.des.key, NULL); + EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); + + EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len); + + EVP_CIPHER_CTX_cleanup(ctx);
return ODP_CRYPTO_ALG_ERR_NONE; } @@ -466,20 +461,15 @@ static int process_des_param(odp_crypto_generic_session_t *session) if (!((0 == session->p.iv.length) || (8 == session->p.iv.length))) return -1;
+ memcpy(session->cipher.data.des.key, session->p.cipher_key.data, + session->p.cipher_key.length); + /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = des_encrypt; else session->cipher.func = des_decrypt;
- /* Convert keys */ - DES_set_key((DES_cblock *)&session->p.cipher_key.data[0], - &session->cipher.data.des.ks1); - DES_set_key((DES_cblock *)&session->p.cipher_key.data[8], - &session->cipher.data.des.ks2); - DES_set_key((DES_cblock *)&session->p.cipher_key.data[16], - &session->cipher.data.des.ks3); - return 0; }
commit b2261b9485e6993642c5c0c7ea58abb8a2d356a9 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:27 2017 +0300
linux-generic: crypto: rewrite AES-CBC support using EVP functions
Rewrite AES-CBC to use generic EVP interface following AES-GCM implementation.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index d1020dba..d6fd0400 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -12,7 +12,6 @@ extern "C" { #endif
#include <openssl/des.h> -#include <openssl/aes.h> #include <openssl/evp.h>
#define MAX_IV_LEN 64 @@ -50,7 +49,7 @@ struct odp_crypto_generic_session { DES_key_schedule ks3; } des; struct { - AES_KEY key; + uint8_t key[EVP_MAX_KEY_LENGTH]; } aes; struct { uint8_t key[EVP_MAX_KEY_LENGTH]; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index ff3f1ac7..f503bd98 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -181,10 +181,11 @@ static odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t len = param->cipher_range.length; - unsigned char iv_enc[AES_BLOCK_SIZE]; + uint32_t plain_len = param->cipher_range.length; void *iv_ptr; + int cipher_len = 0;
if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; @@ -193,18 +194,21 @@ odp_crypto_alg_err_t aes_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv_enc, iv_ptr, AES_BLOCK_SIZE); - - /* Adjust pointer for beginning of area to cipher */ + /* Adjust pointer for beginning of area to cipher/auth */ data += param->cipher_range.offset; + /* Encrypt it */ - AES_cbc_encrypt(data, data, len, &session->cipher.data.aes.key, - iv_enc, AES_ENCRYPT); + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, + session->cipher.data.aes.key, NULL); + EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); + + EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); + + EVP_CIPHER_CTX_free(ctx);
return ODP_CRYPTO_ALG_ERR_NONE; } @@ -213,9 +217,10 @@ static odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); - uint32_t len = param->cipher_range.length; - unsigned char iv_enc[AES_BLOCK_SIZE]; + uint32_t cipher_len = param->cipher_range.length; + int plain_len = 0; void *iv_ptr;
if (param->override_iv_ptr) @@ -225,18 +230,21 @@ odp_crypto_alg_err_t aes_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv_enc, iv_ptr, AES_BLOCK_SIZE); - - /* Adjust pointer for beginning of area to cipher */ + /* Adjust pointer for beginning of area to cipher/auth */ data += param->cipher_range.offset; - /* Encrypt it */ - AES_cbc_encrypt(data, data, len, &session->cipher.data.aes.key, - iv_enc, AES_DECRYPT); + + /* Decrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, + session->cipher.data.aes.key, NULL); + EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0); + + EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); + + EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len); + + EVP_CIPHER_CTX_free(ctx);
return ODP_CRYPTO_ALG_ERR_NONE; } @@ -247,16 +255,14 @@ static int process_aes_param(odp_crypto_generic_session_t *session) if (!((0 == session->p.iv.length) || (16 == session->p.iv.length))) return -1;
+ memcpy(session->cipher.data.aes.key, session->p.cipher_key.data, + session->p.cipher_key.length); + /* Set function */ - if (ODP_CRYPTO_OP_ENCODE == session->p.op) { + if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = aes_encrypt; - AES_set_encrypt_key(session->p.cipher_key.data, 128, - &session->cipher.data.aes.key); - } else { + else session->cipher.func = aes_decrypt; - AES_set_decrypt_key(session->p.cipher_key.data, 128, - &session->cipher.data.aes.key); - }
return 0; }
commit c969cc4e6f6e2e0cc5c4e407dd696be069cf4525 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:26 2017 +0300
linux-generic: crypto: explicitly disable padding for AES-GCM
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 3deec7de..ff3f1ac7 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -291,6 +291,7 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, session->p.iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0);
/* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) @@ -338,6 +339,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, session->p.iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); + EVP_CIPHER_CTX_set_padding(ctx, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, session->p.auth_digest_len, tag);
commit 3a1832865c90865de3fd8bd30103995637e7851c Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:25 2017 +0300
linux-generic: crypto: make AES-GCM thread safe
Using single context for all operations is not thread safe: multiple threads can access the same context in parallel, affecting its internal state. Make AES-GCM functions use local context for en/decryption operations.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index 515cefaa..d1020dba 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -53,7 +53,7 @@ struct odp_crypto_generic_session { AES_KEY key; } aes; struct { - EVP_CIPHER_CTX *ctx; + uint8_t key[EVP_MAX_KEY_LENGTH]; } aes_gcm; } data; crypto_func_t func; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 3f298485..3deec7de 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -265,11 +265,13 @@ static odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); uint32_t plain_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; void *iv_ptr; + int cipher_len = 0; uint8_t *tag = data + param->hash_result_offset;
if (param->override_iv_ptr) @@ -280,12 +282,14 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_IV_INVALID;
/* Adjust pointer for beginning of area to cipher/auth */ - uint8_t *plaindata = data + param->cipher_range.offset; + data += param->cipher_range.offset;
/* Encrypt it */ - EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; - int cipher_len = 0; - + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, + session->cipher.data.aes_gcm.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr);
/* Authenticate header data (if any) without encrypting them */ @@ -293,13 +297,14 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_EncryptUpdate(ctx, NULL, &cipher_len, aad_head, aad_len);
- EVP_EncryptUpdate(ctx, plaindata, &cipher_len, - plaindata, plain_len); + EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len);
- EVP_EncryptFinal_ex(ctx, plaindata + cipher_len, &cipher_len); + EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, session->p.auth_digest_len, tag);
+ EVP_CIPHER_CTX_free(ctx); + return ODP_CRYPTO_ALG_ERR_NONE; }
@@ -307,10 +312,12 @@ static odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); uint32_t cipher_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; + int plain_len = 0; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset;
@@ -322,11 +329,14 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_IV_INVALID;
/* Adjust pointer for beginning of area to cipher/auth */ - uint8_t *cipherdata = data + param->cipher_range.offset; - /* Encrypt it */ - EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; - int plain_len = 0; + data += param->cipher_range.offset;
+ /* Decrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, + session->cipher.data.aes_gcm.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, @@ -337,12 +347,13 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_DecryptUpdate(ctx, NULL, &plain_len, aad_head, aad_len);
- EVP_DecryptUpdate(ctx, cipherdata, &plain_len, - cipherdata, cipher_len); + EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len);
- if (EVP_DecryptFinal_ex(ctx, cipherdata + plain_len, &plain_len) <= 0) + if (EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len) <= 0) return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
+ EVP_CIPHER_CTX_free(ctx); + return ODP_CRYPTO_ALG_ERR_NONE; }
@@ -352,27 +363,14 @@ static int process_aes_gcm_param(odp_crypto_generic_session_t *session) if (session->p.cipher_key.length != 16) return -1;
- /* Set function */ - EVP_CIPHER_CTX *ctx = - session->cipher.data.aes_gcm.ctx = EVP_CIPHER_CTX_new(); + memcpy(session->cipher.data.aes_gcm.key, session->p.cipher_key.data, + session->p.cipher_key.length);
- if (ODP_CRYPTO_OP_ENCODE == session->p.op) { + /* Set function */ + if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = aes_gcm_encrypt; - EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL); - } else { + else session->cipher.func = aes_gcm_decrypt; - EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL); - } - - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); - if (ODP_CRYPTO_OP_ENCODE == session->p.op) { - EVP_EncryptInit_ex(ctx, NULL, NULL, - session->p.cipher_key.data, NULL); - } else { - EVP_DecryptInit_ex(ctx, NULL, NULL, - session->p.cipher_key.data, NULL); - }
return 0; } @@ -635,17 +633,16 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, /* Copy parameters */ session->p = *param;
- /* Copy IV data */ - if (session->p.iv.data) { - if (session->p.iv.length > MAX_IV_LEN) { - ODP_DBG("Maximum IV length exceeded\n"); - free_session(session); - return -1; - } + if (session->p.iv.length > MAX_IV_LEN) { + ODP_DBG("Maximum IV length exceeded\n"); + free_session(session); + return -1; + }
+ /* Copy IV data */ + if (session->p.iv.data) memcpy(session->cipher.iv_data, session->p.iv.data, session->p.iv.length); - }
/* Derive order */ if (ODP_CRYPTO_OP_ENCODE == param->op) @@ -757,15 +754,8 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, int odp_crypto_session_destroy(odp_crypto_session_t session) { odp_crypto_generic_session_t *generic; - int aes_gcm = 0;
generic = (odp_crypto_generic_session_t *)(intptr_t)session; -#if ODP_DEPRECATED_API - if (generic->p.cipher_alg == ODP_CIPHER_ALG_AES128_GCM) - aes_gcm = 1; -#endif - if (generic->p.cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) - EVP_CIPHER_CTX_free(generic->cipher.data.aes_gcm.ctx); memset(generic, 0, sizeof(*generic)); free_session(generic); return 0;
commit ab5a099937bc3d81f610fcfc2a98bfb7e677a06a Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:24 2017 +0300
linux-generic: crypto: remote extra memcpy in AES-GCM
There is no need to memcpy IV if it gets passed to EVP functions.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 352cfa53..3f298485 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -269,7 +269,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, uint32_t plain_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; - unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset;
@@ -280,13 +279,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv_enc, iv_ptr, AES_BLOCK_SIZE); - /* Adjust pointer for beginning of area to cipher/auth */ uint8_t *plaindata = data + param->cipher_range.offset;
@@ -294,7 +286,7 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; int cipher_len = 0;
- EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); + EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr);
/* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) @@ -319,7 +311,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, uint32_t cipher_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; - unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset;
@@ -330,20 +321,13 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* - * Create a copy of the IV. The DES library modifies IV - * and if we are processing packets on parallel threads - * we could get corruption. - */ - memcpy(iv_enc, iv_ptr, AES_BLOCK_SIZE); - /* Adjust pointer for beginning of area to cipher/auth */ uint8_t *cipherdata = data + param->cipher_range.offset; /* Encrypt it */ EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; int plain_len = 0;
- EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); + EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, session->p.auth_digest_len, tag);
commit 9f506fecfcd408a8af0df0e9627795d0b1059730 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:23 2017 +0300
linux-generic: crypto: update AES-GCM support to reflect aad and auth_digest_len
Make AES-GCM use recently introduced aad and auth_digest_len fields.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 91ef05ae..352cfa53 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -267,10 +267,8 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, { uint8_t *data = odp_packet_data(param->out_pkt); uint32_t plain_len = param->cipher_range.length; - uint8_t *aad_head = data + param->auth_range.offset; - uint8_t *aad_tail = data + param->cipher_range.offset + - param->cipher_range.length; - uint32_t auth_len = param->auth_range.length; + const uint8_t *aad_head = param->aad.ptr; + uint32_t aad_len = param->aad.length; unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -282,12 +280,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* All cipher data must be part of the authentication */ - if (param->auth_range.offset > param->cipher_range.offset || - param->auth_range.offset + auth_len < - param->cipher_range.offset + plain_len) - return ODP_CRYPTO_ALG_ERR_DATA_SIZE; - /* * Create a copy of the IV. The DES library modifies IV * and if we are processing packets on parallel threads @@ -305,23 +297,16 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);
/* Authenticate header data (if any) without encrypting them */ - if (aad_head < plaindata) { + if (aad_len > 0) EVP_EncryptUpdate(ctx, NULL, &cipher_len, - aad_head, plaindata - aad_head); - } + aad_head, aad_len);
EVP_EncryptUpdate(ctx, plaindata, &cipher_len, plaindata, plain_len); - cipher_len = plain_len; - - /* Authenticate footer data (if any) without encrypting them */ - if (aad_head + auth_len > plaindata + plain_len) { - EVP_EncryptUpdate(ctx, NULL, NULL, aad_tail, - auth_len - (aad_tail - aad_head)); - }
EVP_EncryptFinal_ex(ctx, plaindata + cipher_len, &cipher_len); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, + session->p.auth_digest_len, tag);
return ODP_CRYPTO_ALG_ERR_NONE; } @@ -332,10 +317,8 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, { uint8_t *data = odp_packet_data(param->out_pkt); uint32_t cipher_len = param->cipher_range.length; - uint8_t *aad_head = data + param->auth_range.offset; - uint8_t *aad_tail = data + param->cipher_range.offset + - param->cipher_range.length; - uint32_t auth_len = param->auth_range.length; + const uint8_t *aad_head = param->aad.ptr; + uint32_t aad_len = param->aad.length; unsigned char iv_enc[AES_BLOCK_SIZE]; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -347,12 +330,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, else return ODP_CRYPTO_ALG_ERR_IV_INVALID;
- /* All cipher data must be part of the authentication */ - if (param->auth_range.offset > param->cipher_range.offset || - param->auth_range.offset + auth_len < - param->cipher_range.offset + cipher_len) - return ODP_CRYPTO_ALG_ERR_DATA_SIZE; - /* * Create a copy of the IV. The DES library modifies IV * and if we are processing packets on parallel threads @@ -368,25 +345,18 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param,
EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, + session->p.auth_digest_len, tag);
/* Authenticate header data (if any) without encrypting them */ - if (aad_head < cipherdata) { + if (aad_len > 0) EVP_DecryptUpdate(ctx, NULL, &plain_len, - aad_head, cipherdata - aad_head); - } + aad_head, aad_len);
EVP_DecryptUpdate(ctx, cipherdata, &plain_len, cipherdata, cipher_len); - plain_len = cipher_len; - - /* Authenticate footer data (if any) without encrypting them */ - if (aad_head + auth_len > cipherdata + cipher_len) { - EVP_DecryptUpdate(ctx, NULL, NULL, aad_tail, - auth_len - (aad_tail - aad_head)); - }
- if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) <= 0) + if (EVP_DecryptFinal_ex(ctx, cipherdata + plain_len, &plain_len) <= 0) return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
return ODP_CRYPTO_ALG_ERR_NONE; @@ -770,6 +740,8 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, case ODP_AUTH_ALG_AES128_GCM: if (param->cipher_alg == ODP_CIPHER_ALG_AES128_GCM) aes_gcm = 1; + /* Fixed digest tag length with deprecated algo */ + session->p.auth_digest_len = 16; /* Fallthrough */ #endif case ODP_AUTH_ALG_AES_GCM:
commit c184a9c8d35c10b30014e7538a862a7bc42556e7 Author: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Date: Thu Jun 1 12:03:22 2017 +0300
linux-generic: crypto: add SHA* capabilities for full length digests
In addition to truncated digests (used by IPsec) add full-length capabilities to SHA* algos.
Signed-off-by: Dmitry Eremin-Solenikov dmitry.ereminsolenikov@linaro.org Reviewed-by: Petri Savolainen petri.savolainen@linaro.org Signed-off-by: Maxim Uvarov maxim.uvarov@linaro.org
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 472ee310..91ef05ae 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -52,10 +52,12 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = { * Keep sorted: first by digest length, then by key length */ static const odp_crypto_auth_capability_t auth_capa_md5_hmac[] = { -{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
static const odp_crypto_auth_capability_t auth_capa_sha256_hmac[] = { -{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } }; +{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} }, +{.digest_len = 32, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = { {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } };
-----------------------------------------------------------------------
Summary of changes: .../linux-generic/include/odp_crypto_internal.h | 17 +- platform/linux-generic/odp_crypto.c | 609 +++++++++++---------- test/common_plat/performance/odp_crypto.c | 44 +- test/common_plat/validation/api/crypto/crypto.h | 8 +- .../validation/api/crypto/odp_crypto_test_inp.c | 321 ++++++++++- .../validation/api/crypto/test_vectors.h | 106 ++++ .../validation/api/crypto/test_vectors_len.h | 15 + 7 files changed, 751 insertions(+), 369 deletions(-)
hooks/post-receive