From patchwork Thu Jun 1 09:03:25 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Eremin-Solenikov X-Patchwork-Id: 100846 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp708098qge; Thu, 1 Jun 2017 02:10:39 -0700 (PDT) X-Received: by 10.55.101.209 with SMTP id z200mr426080qkb.50.1496308239742; Thu, 01 Jun 2017 02:10:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1496308239; cv=none; d=google.com; s=arc-20160816; b=JMcbDWTsDWRyCGzYMK+i1/OPAewJGg3uFrqk2Z6jDIEF4tO7dio1NWeqr05AF8t0FO d0mP89wB+Iac9propVnPozKyitNtXmXs8HeyWyqTZGTEcGG4olZtyREsVYF6xVjh/5xL uZg5B0GnSTuFf7cBM5doZbJcadVoekQZJgeRYuJEpv35FVr4tXhMjLj/WeT1swKbzOvI P4lpdojtOqoITRJEQhPi/QaXIYfyuxcS2YgBqMp6CeXTIho8lb/nv+9KSifDz3MNrYq/ R0rJOAfsjwi80jHyU4GUzxovKSyJMXtbbmM1dtej49rQlQTrYwK7PSCGwKbTFIDdkGru +z6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:delivered-to:arc-authentication-results; bh=aaDht63rWicF6bPCJrNUMUIiYDsQRq2LZ96lyVms7bs=; b=r8UMHNdp8LfZ52183FUkf1iQYawyj8zpbzdUYOG4Z8M9JUV9rA+zb1ATZG//5ZOpA/ Q9toijBbpIuDNzBgZ8U+Z4HlXNCi7YiLOdJ82awVxucW/tUjsH5/3yvai0xif7mRjTjY cKGrW4NtxBB2FPyQMxdBh1QS2acLlcrJatVl1yJv2C/vxrLfW/03GNCrn32YaAxJKszo RkwLjlTcWBM9siNZlpvqMOow3X6IlEr4ivXGLPtTfLb/1ysaxpV+ncDtI5PBrNLE367X 4PfycFNuNzfjIKF86WaYOP5hey0C65EjRc7NKVeye0ELzznDqEuJUfIwdJoBxtHXhgvz i1Yg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206]) by mx.google.com with ESMTP id y54si18989557qtc.329.2017.06.01.02.10.39; Thu, 01 Jun 2017 02:10:39 -0700 (PDT) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) client-ip=54.225.227.206; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.225.227.206 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 568E160921; Thu, 1 Jun 2017 09:10:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, RCVD_IN_SORBS_SPAM, URIBL_BLOCKED autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id B95BC609DC; Thu, 1 Jun 2017 09:05:18 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id ACED760972; Thu, 1 Jun 2017 09:05:14 +0000 (UTC) Received: from mail-lf0-f54.google.com (mail-lf0-f54.google.com [209.85.215.54]) by lists.linaro.org (Postfix) with ESMTPS id 3A765609F0 for ; Thu, 1 Jun 2017 09:03:53 +0000 (UTC) Received: by mail-lf0-f54.google.com with SMTP id c184so17850340lfe.2 for ; Thu, 01 Jun 2017 02:03:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=aaDht63rWicF6bPCJrNUMUIiYDsQRq2LZ96lyVms7bs=; b=RuElGS8qeWGzq5YX8BCSNjzjTvo05psgnra6tUhqCJf+l4Y2Z3TWX5g1XCRJKKaHZx AvB+ZOV35SoYDSbsmh/llqMnZR+nTt5xxU1SU9WkYuWpccqTlt+GYqrKaVFB5uSrzuN8 lofwiOYfwWmpSQrAqZhBHlNDYgF6E+/k/2bHuIB8JbmL1uJ9TFt+N1lAcmUU7rmPowxa 8+d8nMaEy+r0zhN7ZBS5kjF1OYsF0Eq2N1mIf4U38zEwYtmHbN+A7WOLmBjPWq3bZ8nC 53b0oITMz37cx6m2TslUd+VMGOCTFzHTOEh39lB5UrKWImdCFjcelx6plhHJxg+aqvFM 0llQ== X-Gm-Message-State: AODbwcC3kOytEErXCE/tNllPLdw74+E5R1g/fSQkWyRfclRjhOE4svfp gaUgbNB+YBvCyD4sQHXTfkEN X-Received: by 10.25.149.202 with SMTP id x193mr205486lfd.100.1496307831806; Thu, 01 Jun 2017 02:03:51 -0700 (PDT) Received: from forlindon.lumag.auriga.ru ([188.162.64.12]) by smtp.gmail.com with ESMTPSA id 129sm4232819ljf.36.2017.06.01.02.03.50 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 01 Jun 2017 02:03:51 -0700 (PDT) From: Dmitry Eremin-Solenikov To: lng-odp@lists.linaro.org Date: Thu, 1 Jun 2017 12:03:25 +0300 Message-Id: <20170601090339.9313-10-dmitry.ereminsolenikov@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170601090339.9313-1-dmitry.ereminsolenikov@linaro.org> References: <20170601090339.9313-1-dmitry.ereminsolenikov@linaro.org> Subject: [lng-odp] [PATCH API-NEXT v5 09/23] linux-generic: crypto: make AES-GCM thread safe X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" Using single context for all operations is not thread safe: multiple threads can access the same context in parallel, affecting its internal state. Make AES-GCM functions use local context for en/decryption operations. Signed-off-by: Dmitry Eremin-Solenikov --- .../linux-generic/include/odp_crypto_internal.h | 2 +- platform/linux-generic/odp_crypto.c | 84 ++++++++++------------ 2 files changed, 38 insertions(+), 48 deletions(-) -- 2.11.0 diff --git a/platform/linux-generic/include/odp_crypto_internal.h b/platform/linux-generic/include/odp_crypto_internal.h index 515cefaa06cc..d1020dba3edd 100644 --- a/platform/linux-generic/include/odp_crypto_internal.h +++ b/platform/linux-generic/include/odp_crypto_internal.h @@ -53,7 +53,7 @@ struct odp_crypto_generic_session { AES_KEY key; } aes; struct { - EVP_CIPHER_CTX *ctx; + uint8_t key[EVP_MAX_KEY_LENGTH]; } aes_gcm; } data; crypto_func_t func; diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 3f298485caef..3deec7de3f7c 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -265,11 +265,13 @@ static odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); uint32_t plain_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; void *iv_ptr; + int cipher_len = 0; uint8_t *tag = data + param->hash_result_offset; if (param->override_iv_ptr) @@ -280,12 +282,14 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Adjust pointer for beginning of area to cipher/auth */ - uint8_t *plaindata = data + param->cipher_range.offset; + data += param->cipher_range.offset; /* Encrypt it */ - EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; - int cipher_len = 0; - + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, + session->cipher.data.aes_gcm.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); /* Authenticate header data (if any) without encrypting them */ @@ -293,13 +297,14 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param, EVP_EncryptUpdate(ctx, NULL, &cipher_len, aad_head, aad_len); - EVP_EncryptUpdate(ctx, plaindata, &cipher_len, - plaindata, plain_len); + EVP_EncryptUpdate(ctx, data, &cipher_len, data, plain_len); - EVP_EncryptFinal_ex(ctx, plaindata + cipher_len, &cipher_len); + EVP_EncryptFinal_ex(ctx, data + cipher_len, &cipher_len); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, session->p.auth_digest_len, tag); + EVP_CIPHER_CTX_free(ctx); + return ODP_CRYPTO_ALG_ERR_NONE; } @@ -307,10 +312,12 @@ static odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, odp_crypto_generic_session_t *session) { + EVP_CIPHER_CTX *ctx; uint8_t *data = odp_packet_data(param->out_pkt); uint32_t cipher_len = param->cipher_range.length; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = param->aad.length; + int plain_len = 0; void *iv_ptr; uint8_t *tag = data + param->hash_result_offset; @@ -322,11 +329,14 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Adjust pointer for beginning of area to cipher/auth */ - uint8_t *cipherdata = data + param->cipher_range.offset; - /* Encrypt it */ - EVP_CIPHER_CTX *ctx = session->cipher.data.aes_gcm.ctx; - int plain_len = 0; + data += param->cipher_range.offset; + /* Decrypt it */ + ctx = EVP_CIPHER_CTX_new(); + EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, + session->cipher.data.aes_gcm.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, @@ -337,12 +347,13 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param, EVP_DecryptUpdate(ctx, NULL, &plain_len, aad_head, aad_len); - EVP_DecryptUpdate(ctx, cipherdata, &plain_len, - cipherdata, cipher_len); + EVP_DecryptUpdate(ctx, data, &plain_len, data, cipher_len); - if (EVP_DecryptFinal_ex(ctx, cipherdata + plain_len, &plain_len) <= 0) + if (EVP_DecryptFinal_ex(ctx, data + plain_len, &plain_len) <= 0) return ODP_CRYPTO_ALG_ERR_ICV_CHECK; + EVP_CIPHER_CTX_free(ctx); + return ODP_CRYPTO_ALG_ERR_NONE; } @@ -352,27 +363,14 @@ static int process_aes_gcm_param(odp_crypto_generic_session_t *session) if (session->p.cipher_key.length != 16) return -1; - /* Set function */ - EVP_CIPHER_CTX *ctx = - session->cipher.data.aes_gcm.ctx = EVP_CIPHER_CTX_new(); + memcpy(session->cipher.data.aes_gcm.key, session->p.cipher_key.data, + session->p.cipher_key.length); - if (ODP_CRYPTO_OP_ENCODE == session->p.op) { + /* Set function */ + if (ODP_CRYPTO_OP_ENCODE == session->p.op) session->cipher.func = aes_gcm_encrypt; - EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL); - } else { + else session->cipher.func = aes_gcm_decrypt; - EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL); - } - - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); - if (ODP_CRYPTO_OP_ENCODE == session->p.op) { - EVP_EncryptInit_ex(ctx, NULL, NULL, - session->p.cipher_key.data, NULL); - } else { - EVP_DecryptInit_ex(ctx, NULL, NULL, - session->p.cipher_key.data, NULL); - } return 0; } @@ -635,17 +633,16 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, /* Copy parameters */ session->p = *param; - /* Copy IV data */ - if (session->p.iv.data) { - if (session->p.iv.length > MAX_IV_LEN) { - ODP_DBG("Maximum IV length exceeded\n"); - free_session(session); - return -1; - } + if (session->p.iv.length > MAX_IV_LEN) { + ODP_DBG("Maximum IV length exceeded\n"); + free_session(session); + return -1; + } + /* Copy IV data */ + if (session->p.iv.data) memcpy(session->cipher.iv_data, session->p.iv.data, session->p.iv.length); - } /* Derive order */ if (ODP_CRYPTO_OP_ENCODE == param->op) @@ -757,15 +754,8 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, int odp_crypto_session_destroy(odp_crypto_session_t session) { odp_crypto_generic_session_t *generic; - int aes_gcm = 0; generic = (odp_crypto_generic_session_t *)(intptr_t)session; -#if ODP_DEPRECATED_API - if (generic->p.cipher_alg == ODP_CIPHER_ALG_AES128_GCM) - aes_gcm = 1; -#endif - if (generic->p.cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) - EVP_CIPHER_CTX_free(generic->cipher.data.aes_gcm.ctx); memset(generic, 0, sizeof(*generic)); free_session(generic); return 0;