Dmitry Eremin-Solenikov(lumag) replied on github web page:
platform/linux-generic/odp_crypto.c
line 83
@@ -308,6 +319,142 @@ void packet_hmac(odp_packet_t pkt,
HMAC_Final(ctx, hash, NULL);
}
+static void do_pad_xor(uint8_t *out, const uint8_t *in, int len) {
+ int pos=0;
+ for (pos=1; pos <= 16; pos++, in++, out++) {
+ if (pos <= len)
+ *out ^= *in;
+ if (pos > len) {
+ *out ^= 0x80;
+ break;
+ }
+ }
+}
+static void xor_block(aes_block res, const aes_block op) {
+ res[0] ^= op[0];
+ res[1] ^= op[1];
+ res[2] ^= op[2];
+ res[3] ^= op[3];
+}
+
+static
+odp_crypto_alg_err_t aesxcbc_gen(odp_packet_t pkt,
+ const odp_crypto_packet_op_param_t *param,
+ odp_crypto_generic_session_t *session)
+{
+ aes_block e = {0, 0, 0, 0};
+ uint8_t *data = odp_packet_data(pkt);
+ uint8_t *icv = data;
+ uint32_t len = param->auth_range.length;
+ uint8_t hash_out[16];
+ EVP_CIPHER_CTX *ctx;
+ int dummy_len = 0;
+ /* Adjust pointer for beginning of area to auth */
+ data += param->auth_range.offset;
+ icv += param->hash_result_offset;
+
+ ctx = EVP_CIPHER_CTX_new();
+ EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, session->auth.key,
NULL);
+ for (; len > AES_BLOCK_SIZE ; len -= AES_BLOCK_SIZE) {
+ xor_block(e, (const uint32_t*) data);
+ EVP_EncryptUpdate(ctx, (uint8_t *)e, &dummy_len, (uint8_t *)e,
sizeof(e));
+ data += AES_BLOCK_SIZE;
+ }
+ do_pad_xor((uint8_t *)e, data, len);
+ if (len == AES_BLOCK_SIZE) {
+ xor_block(e, (const uint32_t*) (session->auth.key + 16));
+ }
+ else
+ {
+ xor_block(e, (const uint32_t*) (session->auth.key + 16*2));
+ }
+ EVP_EncryptUpdate(ctx, hash_out, &dummy_len, (uint8_t *)e, sizeof(e));
+ EVP_CIPHER_CTX_free(ctx);
Comment:
XCBC-MAC computation should be extracted to a separate function.
> Dmitry Eremin-Solenikov(lumag) wrote:
> This will not work with segmented packets.
>> Dmitry Eremin-Solenikov(lumag) wrote:
>> Please use `uint32_t*` instead of adding new type.
https://github.com/Linaro/odp/pull/470#discussion_r167566074
updated_at 2018-02-12 14:34:03
