From: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org> In preparation to add auth-specific IV, rename iv field to ciper_iv. Provide deprecated compatibility field iv.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org> --- /** Email created from pull request 352 (lumag:crypto_gmac_iv) ** https://github.com/Linaro/odp/pull/352 ** Patch: https://github.com/Linaro/odp/pull/352.patch ** Base sha: 6303c7d0e98fafe0f14c8c4dd9989b3b7633ebf4 ** Merge commit sha: 5a1e35f8e8d8df2bc17b098f7c9c92611ea98e23 **/ example/ipsec/odp_ipsec_cache.c | 14 +++++------ include/odp/api/spec/crypto.h | 8 +++++- platform/linux-generic/odp_crypto.c | 32 ++++++++++++------------ platform/linux-generic/odp_ipsec_sad.c | 6 ++--- test/performance/odp_crypto.c | 4 +-- test/validation/api/crypto/odp_crypto_test_inp.c | 2 +- 6 files changed, 36 insertions(+), 30 deletions(-) diff --git a/example/ipsec/odp_ipsec_cache.c b/example/ipsec/odp_ipsec_cache.c index bd4c1eabc..220df7825 100644 --- a/example/ipsec/odp_ipsec_cache.c +++ b/example/ipsec/odp_ipsec_cache.c @@ -92,13 +92,13 @@ int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa, params.cipher_alg = cipher_sa->alg.u.cipher; params.cipher_key.data = cipher_sa->key.data; params.cipher_key.length = cipher_sa->key.length; - params.iv.data = entry->state.iv; - params.iv.length = cipher_sa->iv_len; + params.cipher_iv.data = entry->state.iv; + params.cipher_iv.length = cipher_sa->iv_len; mode = cipher_sa->mode; } else { params.cipher_alg = ODP_CIPHER_ALG_NULL; - params.iv.data = NULL; - params.iv.length = 0; + params.cipher_iv.data = NULL; + params.cipher_iv.length = 0; } /* Auth */ @@ -113,10 +113,10 @@ int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa, } /* Generate an IV */ - if (params.iv.length) { - int32_t size = params.iv.length; + if (params.cipher_iv.length) { + int32_t size = params.cipher_iv.length; - int32_t ret = odp_random_data(params.iv.data, size, 1); + int32_t ret = odp_random_data(params.cipher_iv.data, size, 1); if (ret != size) return -1; } diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h index 81fecbc36..25ce2f86c 100644 --- a/include/odp/api/spec/crypto.h +++ b/include/odp/api/spec/crypto.h @@ -313,7 +313,13 @@ typedef struct odp_crypto_session_param_t { odp_crypto_key_t cipher_key; /** Cipher Initialization Vector (IV) */ - odp_crypto_iv_t iv; + union { + /** @deprecated Use cipher_iv */ + odp_crypto_iv_t ODP_DEPRECATE(iv); + + /** Cipher Initialization Vector (IV) */ + odp_crypto_iv_t cipher_iv; + }; /** Authentication algorithm * diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 3b110c191..2cf0f5c10 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -436,7 +436,7 @@ odp_crypto_alg_err_t cipher_encrypt(odp_packet_t pkt, if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) + else if (session->p.cipher_iv.data) iv_ptr = session->cipher.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -467,7 +467,7 @@ odp_crypto_alg_err_t cipher_decrypt(odp_packet_t pkt, if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) + else if (session->p.cipher_iv.data) iv_ptr = session->cipher.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -496,8 +496,8 @@ static int process_cipher_param(odp_crypto_generic_session_t *session, return -1; /* Verify IV len is correct */ - if (!((0 == session->p.iv.length) || - ((uint32_t)EVP_CIPHER_iv_length(cipher) == session->p.iv.length))) + if (!((0 == session->p.cipher_iv.length) || + ((uint32_t)EVP_CIPHER_iv_length(cipher) == session->p.cipher_iv.length))) return -1; session->cipher.evp_cipher = cipher; @@ -529,7 +529,7 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt, if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) + else if (session->p.cipher_iv.data) iv_ptr = session->cipher.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -539,7 +539,7 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt, EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, session->cipher.key_data, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + session->p.cipher_iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); @@ -576,7 +576,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt, if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) + else if (session->p.cipher_iv.data) iv_ptr = session->cipher.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -586,7 +586,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt, EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, session->cipher.key_data, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + session->p.cipher_iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); @@ -642,7 +642,7 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) + else if (session->p.cipher_iv.data) iv_ptr = session->cipher.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -652,7 +652,7 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL, session->auth.key, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + session->p.cipher_iv.length, NULL); EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); @@ -681,7 +681,7 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, if (param->override_iv_ptr) iv_ptr = param->override_iv_ptr; - else if (session->p.iv.data) + else if (session->p.cipher_iv.data) iv_ptr = session->cipher.iv_data; else return ODP_CRYPTO_ALG_ERR_IV_INVALID; @@ -691,7 +691,7 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, EVP_DecryptInit_ex(ctx, session->auth.evp_cipher, NULL, session->auth.key, NULL); EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + session->p.cipher_iv.length, NULL); EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); EVP_CIPHER_CTX_set_padding(ctx, 0); @@ -902,16 +902,16 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, /* Copy parameters */ session->p = *param; - if (session->p.iv.length > EVP_MAX_IV_LENGTH) { + if (session->p.cipher_iv.length > EVP_MAX_IV_LENGTH) { ODP_DBG("Maximum IV length exceeded\n"); *status = ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER; goto err; } /* Copy IV data */ - if (session->p.iv.data) - memcpy(session->cipher.iv_data, session->p.iv.data, - session->p.iv.length); + if (session->p.cipher_iv.data) + memcpy(session->cipher.iv_data, session->p.cipher_iv.data, + session->p.cipher_iv.length); /* Derive order */ if (ODP_CRYPTO_OP_ENCODE == param->op) diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 845a73dea..11227a5fc 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -351,13 +351,13 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) crypto_param.auth_alg = param->crypto.auth_alg; crypto_param.auth_key = param->crypto.auth_key; - crypto_param.iv.length = + crypto_param.cipher_iv.length = _odp_ipsec_cipher_iv_len(crypto_param.cipher_alg); crypto_param.auth_digest_len = _odp_ipsec_auth_digest_len(crypto_param.auth_alg); - if ((uint32_t)-1 == crypto_param.iv.length || + if ((uint32_t)-1 == crypto_param.cipher_iv.length || (uint32_t)-1 == crypto_param.auth_digest_len) goto error; @@ -409,7 +409,7 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16; - crypto_param.iv.length = 12; + crypto_param.cipher_iv.length = 12; break; default: break; diff --git a/test/performance/odp_crypto.c b/test/performance/odp_crypto.c index 0cbc2754e..21d916887 100644 --- a/test/performance/odp_crypto.c +++ b/test/performance/odp_crypto.c @@ -187,7 +187,7 @@ static crypto_alg_config_t algs_config[] = { .data = test_key24, .length = sizeof(test_key24) }, - .iv = { + .cipher_iv = { .data = test_iv, .length = 8, }, @@ -202,7 +202,7 @@ static crypto_alg_config_t algs_config[] = { .data = test_key24, .length = sizeof(test_key24) }, - .iv = { + .cipher_iv = { .data = test_iv, .length = 8, }, diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c index c7076d300..b49cffb5a 100644 --- a/test/validation/api/crypto/odp_crypto_test_inp.c +++ b/test/validation/api/crypto/odp_crypto_test_inp.c @@ -438,7 +438,7 @@ static void alg_test(odp_crypto_op_t op, ses_params.compl_queue = suite_context.queue; ses_params.output_pool = suite_context.pool; ses_params.cipher_key = cipher_key; - ses_params.iv = iv; + ses_params.cipher_iv = iv; ses_params.auth_key = auth_key; ses_params.auth_digest_len = ref->digest_length; ses_params.auth_aad_len = ref->aad_length;