diff mbox series

[API-NEXT,v1,6/6] linux-gen: crypto: add support for AES-192 and AES-256

Message ID 1501506009-28910-7-git-send-email-odpbot@yandex.ru
State Superseded
Headers show
Series [API-NEXT,v1,1/6] api: packet: add packet memset and memcmp-like functions | expand

Commit Message

Github ODP bot July 31, 2017, 1 p.m. UTC 
From: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>


Add support for AES with keys of 192 and 256 bits.

Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

---
/** Email created from pull request 94 (lumag:crypto-long-keys)
 ** https://github.com/Linaro/odp/pull/94
 ** Patch: https://github.com/Linaro/odp/pull/94.patch
 ** Base sha: c16f1363303cd5fc11324acbc4dfebe0a9680a41
 ** Merge commit sha: bab24526ba91a4499aff896c5e82d4ac3f03fea9
 **/
 platform/linux-generic/odp_crypto.c | 44 ++++++++++++++++++++++++++++++-------
 1 file changed, 36 insertions(+), 8 deletions(-)
diff mbox series

Patch

diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c
index 6d7d0e2e..caf020f9 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -44,10 +44,14 @@  static const odp_crypto_cipher_capability_t cipher_capa_trides_cbc[] = {
 {.key_len = 24, .iv_len = 8} };
 
 static const odp_crypto_cipher_capability_t cipher_capa_aes_cbc[] = {
-{.key_len = 16, .iv_len = 16} };
+{.key_len = 16, .iv_len = 16},
+{.key_len = 24, .iv_len = 16},
+{.key_len = 32, .iv_len = 16} };
 
 static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = {
-{.key_len = 16, .iv_len = 12} };
+{.key_len = 16, .iv_len = 12},
+{.key_len = 24, .iv_len = 12},
+{.key_len = 32, .iv_len = 12} };
 
 /*
  * Authentication algorithm capabilities
@@ -737,23 +741,47 @@  odp_crypto_session_create(odp_crypto_session_param_t *param,
 	case ODP_CIPHER_ALG_3DES_CBC:
 		rc = process_cipher_param(session, EVP_des_ede3_cbc());
 		break;
-	case ODP_CIPHER_ALG_AES_CBC:
 #if ODP_DEPRECATED_API
 	case ODP_CIPHER_ALG_AES128_CBC:
+		if (param->cipher_key.length == 16)
+			rc = process_cipher_param(session, EVP_aes_128_cbc());
+		else
+			rc = -1;
+		break;
 #endif
-		rc = process_cipher_param(session, EVP_aes_128_cbc());
+	case ODP_CIPHER_ALG_AES_CBC:
+		if (param->cipher_key.length == 16)
+			rc = process_cipher_param(session, EVP_aes_128_cbc());
+		else if (param->cipher_key.length == 24)
+			rc = process_cipher_param(session, EVP_aes_192_cbc());
+		else if (param->cipher_key.length == 32)
+			rc = process_cipher_param(session, EVP_aes_256_cbc());
+		else
+			rc = -1;
 		break;
 #if ODP_DEPRECATED_API
 	case ODP_CIPHER_ALG_AES128_GCM:
-		if (param->auth_alg == ODP_AUTH_ALG_AES128_GCM)
-			aes_gcm = 1;
-		/* Fallthrough */
+		/* AES-GCM requires to do both auth and
+		 * cipher at the same time */
+		if (param->auth_alg != ODP_AUTH_ALG_AES128_GCM)
+			rc = -1;
+		else if (param->cipher_key.length == 16)
+			rc = process_aes_gcm_param(session, EVP_aes_128_gcm());
+		else
+			rc = -1;
+		break;
 #endif
 	case ODP_CIPHER_ALG_AES_GCM:
 		/* AES-GCM requires to do both auth and
 		 * cipher at the same time */
-		if (param->auth_alg == ODP_AUTH_ALG_AES_GCM || aes_gcm)
+		if (param->auth_alg != ODP_AUTH_ALG_AES_GCM)
+			rc = -1;
+		else if (param->cipher_key.length == 16)
 			rc = process_aes_gcm_param(session, EVP_aes_128_gcm());
+		else if (param->cipher_key.length == 24)
+			rc = process_aes_gcm_param(session, EVP_aes_192_gcm());
+		else if (param->cipher_key.length == 32)
+			rc = process_aes_gcm_param(session, EVP_aes_256_gcm());
 		else
 			rc = -1;
 		break;