From patchwork Mon Apr 3 11:42:09 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Eremin-Solenikov X-Patchwork-Id: 96615 Delivered-To: patch@linaro.org Received: by 10.140.89.233 with SMTP id v96csp58479qgd; Mon, 3 Apr 2017 04:46:22 -0700 (PDT) X-Received: by 10.200.4.30 with SMTP id v30mr15559787qtg.171.1491219982711; Mon, 03 Apr 2017 04:46:22 -0700 (PDT) Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id v35si11689433qtg.70.2017.04.03.04.46.22; Mon, 03 Apr 2017 04:46:22 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 5FFA063DAF; Mon, 3 Apr 2017 11:46:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 781EC63DB2; Mon, 3 Apr 2017 11:42:58 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id D56D963DAE; Mon, 3 Apr 2017 11:42:50 +0000 (UTC) Received: from mail-lf0-f49.google.com (mail-lf0-f49.google.com [209.85.215.49]) by lists.linaro.org (Postfix) with ESMTPS id 231066097B for ; Mon, 3 Apr 2017 11:42:22 +0000 (UTC) Received: by mail-lf0-f49.google.com with SMTP id h125so71113183lfe.0 for ; Mon, 03 Apr 2017 04:42:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=L1sYXYylchtMLD6ymROhxi5B5Bx0+Cuh7Y7QUjZfBQk=; b=AlFiePTqH416aOKq6h1d/m9EqWR4cVa7L/uVtaujluNIRdo5uHqL+p+UCdUfxy/jNH LI7o0kqzyFIIcZh6791PM0iojzNEr4xpKgWqSGtiKp+gnmZBjDx2JDJMQGTacbuNN89Z YOZOpL1RWTWse32zmzT5ZHKQoE/7gB/UhbHwi4QMTGHLyGoSv0axazfMB94sNdVhOcKt gulofUUNwXVCUxHLiDCkKYsk+b1w6JGLyEFpOMlBcg8ZLeilciC8pHiaMcCXEkrDRlLa JFXGpq1uXISaSotwxImG/ZY52tfTJvzl9/6oAm91aEEZ3ZWACdm6s3Wk95nt6eOvkPed o8jw== X-Gm-Message-State: AFeK/H0rthFKKwZKCpUQmTBLk+nECJ8YJX4SU6AjlTIs57GrS9oCfS6HNMUk/lVtH5R6Ugo5m18h4zDg X-Received: by 10.25.209.197 with SMTP id i188mr5704519lfg.168.1491219740672; Mon, 03 Apr 2017 04:42:20 -0700 (PDT) Received: from forlindon.lumag.auriga.ru ([188.162.65.22]) by smtp.gmail.com with ESMTPSA id e124sm2422618lfg.8.2017.04.03.04.42.19 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 03 Apr 2017 04:42:20 -0700 (PDT) From: Dmitry Eremin-Solenikov To: lng-odp@lists.linaro.org Date: Mon, 3 Apr 2017 14:42:09 +0300 Message-Id: <20170403114212.23355-6-dmitry.ereminsolenikov@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170403114212.23355-1-dmitry.ereminsolenikov@linaro.org> References: <20170403114212.23355-1-dmitry.ereminsolenikov@linaro.org> Subject: [lng-odp] [API-NEXT v2 5/8] linux-generic: crypto: unify auth code X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" Authentication code contains similar functions. Instead of replicating them further (e.g. for SHA-1 or SHA-3) factor out common code blocks, moving all difference to session data. Signed-off-by: Dmitry Eremin-Solenikov --- .../linux-generic/include/odp_crypto_internal.h | 14 +-- platform/linux-generic/odp_crypto.c | 126 ++++----------------- 2 files changed, 28 insertions(+), 112 deletions(-) -- 2.11.0 diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index f85b76ea..515cefaa 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -60,16 +60,10 @@ struct odp_crypto_generic_session { } cipher; struct { - union { - struct { - uint8_t key[16]; - uint32_t bytes; - } md5; - struct { - uint8_t key[32]; - uint32_t bytes; - } sha256; - } data; + uint8_t key[EVP_MAX_KEY_LENGTH]; + uint32_t key_length; + uint32_t bytes; + const EVP_MD *evp_md; crypto_func_t func; } auth; }; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 2ba504b2..4d59b827 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -110,8 +110,8 @@ null_crypto_routine(odp_crypto_op_param_t *param ODP_UNUSED, } static -odp_crypto_alg_err_t md5_gen(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) +odp_crypto_alg_err_t auth_gen(odp_crypto_op_param_t *param, + odp_crypto_generic_session_t *session) { uint8_t *data = odp_packet_data(param->out_pkt); uint8_t *icv = data; @@ -123,94 +123,28 @@ odp_crypto_alg_err_t md5_gen(odp_crypto_op_param_t *param, icv += param->hash_result_offset; /* Hash it */ - HMAC(EVP_md5(), - session->auth.data.md5.key, - 16, + HMAC(session->auth.evp_md, + session->auth.key, + session->auth.key_length, data, len, hash, NULL); /* Copy to the output location */ - memcpy(icv, hash, session->auth.data.md5.bytes); + memcpy(icv, hash, session->auth.bytes); return ODP_CRYPTO_ALG_ERR_NONE; } static -odp_crypto_alg_err_t md5_check(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) -{ - uint8_t *data = odp_packet_data(param->out_pkt); - uint8_t *icv = data; - uint32_t len = param->auth_range.length; - uint32_t bytes = session->auth.data.md5.bytes; - uint8_t hash_in[EVP_MAX_MD_SIZE]; - uint8_t hash_out[EVP_MAX_MD_SIZE]; - - /* Adjust pointer for beginning of area to auth */ - data += param->auth_range.offset; - icv += param->hash_result_offset; - - /* Copy current value out and clear it before authentication */ - memset(hash_in, 0, sizeof(hash_in)); - memcpy(hash_in, icv, bytes); - memset(icv, 0, bytes); - memset(hash_out, 0, sizeof(hash_out)); - - /* Hash it */ - HMAC(EVP_md5(), - session->auth.data.md5.key, - 16, - data, - len, - hash_out, - NULL); - - /* Verify match */ - if (0 != memcmp(hash_in, hash_out, bytes)) - return ODP_CRYPTO_ALG_ERR_ICV_CHECK; - - /* Matched */ - return ODP_CRYPTO_ALG_ERR_NONE; -} - -static -odp_crypto_alg_err_t sha256_gen(odp_crypto_op_param_t *param, +odp_crypto_alg_err_t auth_check(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { uint8_t *data = odp_packet_data(param->out_pkt); uint8_t *icv = data; uint32_t len = param->auth_range.length; - uint8_t hash[EVP_MAX_MD_SIZE]; - - /* Adjust pointer for beginning of area to auth */ - data += param->auth_range.offset; - icv += param->hash_result_offset; - - /* Hash it */ - HMAC(EVP_sha256(), - session->auth.data.sha256.key, - 32, - data, - len, - hash, - NULL); - - /* Copy to the output location */ - memcpy(icv, hash, session->auth.data.sha256.bytes); - - return ODP_CRYPTO_ALG_ERR_NONE; -} - -static -odp_crypto_alg_err_t sha256_check(odp_crypto_op_param_t *param, - odp_crypto_generic_session_t *session) -{ - uint8_t *data = odp_packet_data(param->out_pkt); - uint8_t *icv = data; - uint32_t len = param->auth_range.length; - uint32_t bytes = session->auth.data.sha256.bytes; + uint32_t bytes = session->auth.bytes; uint8_t hash_in[EVP_MAX_MD_SIZE]; uint8_t hash_out[EVP_MAX_MD_SIZE]; @@ -225,9 +159,9 @@ odp_crypto_alg_err_t sha256_check(odp_crypto_op_param_t *param, memset(hash_out, 0, sizeof(hash_out)); /* Hash it */ - HMAC(EVP_sha256(), - session->auth.data.sha256.key, - 32, + HMAC(session->auth.evp_md, + session->auth.key, + session->auth.key_length, data, len, hash_out, @@ -587,38 +521,26 @@ static int process_des_param(odp_crypto_generic_session_t *session) return 0; } -static int process_md5_param(odp_crypto_generic_session_t *session, - uint32_t bits) +static int process_auth_param(odp_crypto_generic_session_t *session, + uint32_t bits, + uint32_t key_length, + const EVP_MD *evp_md) { /* Set function */ if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->auth.func = md5_gen; + session->auth.func = auth_gen; else - session->auth.func = md5_check; - - /* Number of valid bytes */ - session->auth.data.md5.bytes = bits / 8; - - /* Convert keys */ - memcpy(session->auth.data.md5.key, session->p.auth_key.data, 16); - - return 0; -} + session->auth.func = auth_check; -static int process_sha256_param(odp_crypto_generic_session_t *session, - uint32_t bits) -{ - /* Set function */ - if (ODP_CRYPTO_OP_ENCODE == session->p.op) - session->auth.func = sha256_gen; - else - session->auth.func = sha256_check; + session->auth.evp_md = evp_md; /* Number of valid bytes */ - session->auth.data.sha256.bytes = bits / 8; + session->auth.bytes = bits / 8; /* Convert keys */ - memcpy(session->auth.data.sha256.key, session->p.auth_key.data, 32); + session->auth.key_length = key_length; + memcpy(session->auth.key, session->p.auth_key.data, + session->auth.key_length); return 0; } @@ -816,12 +738,12 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, case ODP_AUTH_ALG_MD5_HMAC: /* deprecated */ case ODP_AUTH_ALG_MD5_96: - rc = process_md5_param(session, 96); + rc = process_auth_param(session, 96, 16, EVP_md5()); break; case ODP_AUTH_ALG_SHA256_HMAC: /* deprecated */ case ODP_AUTH_ALG_SHA256_128: - rc = process_sha256_param(session, 128); + rc = process_auth_param(session, 128, 32, EVP_sha256()); break; case ODP_AUTH_ALG_AES_GCM: /* deprecated */