From: yhe <y...@sonicwall.com>
---
/** Email created from pull request 470 (SonicwallYhe:api-next-seperate)
** https://github.com/Linaro/odp/pull/470
** Patch: https://github.com/Linaro/odp/pull/470.patch
** Base sha: af7be638ef9ac98bdb1f2e4917f152889eb1850f
** Merge commit sha: f30e7ae4157bae994d5734b8917d2dd31dbf201e
**/
platform/linux-generic/odp_crypto.c | 71 +++++++++++++-----------
test/validation/api/crypto/odp_crypto_test_inp.c | 4 +-
test/validation/api/crypto/test_vectors.h | 8 +--
3 files changed, 45 insertions(+), 38 deletions(-)
diff --git a/platform/linux-generic/odp_crypto.c
b/platform/linux-generic/odp_crypto.c
index 16ec25d67..174d0cf38 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -319,9 +319,11 @@ void packet_hmac(odp_packet_t pkt,
HMAC_Final(ctx, hash, NULL);
}
-static void do_pad_xor(uint8_t *out, const uint8_t *in, int len) {
- int pos=0;
- for (pos=1; pos <= 16; pos++, in++, out++) {
+static void do_pad_xor(uint8_t *out, const uint8_t *in, int len)
+{
+ int pos = 0;
+
+ for (pos = 1; pos <= 16; pos++, in++, out++) {
if (pos <= len)
*out ^= *in;
if (pos > len) {
@@ -330,7 +332,9 @@ static void do_pad_xor(uint8_t *out, const uint8_t *in, int
len) {
}
}
}
-static void xor_block(aes_block res, const aes_block op) {
+
+static void xor_block(uint32_t *res, const uint32_t *op)
+{
res[0] ^= op[0];
res[1] ^= op[1];
res[2] ^= op[2];
@@ -342,7 +346,7 @@ odp_crypto_alg_err_t aesxcbc_gen(odp_packet_t pkt,
const odp_crypto_packet_op_param_t *param,
odp_crypto_generic_session_t *session)
{
- aes_block e = {0, 0, 0, 0};
+ uint32_t e[4] = {0, 0, 0, 0};
uint8_t *data = odp_packet_data(pkt);
uint8_t *icv = data;
uint32_t len = param->auth_range.length;
@@ -354,22 +358,20 @@ odp_crypto_alg_err_t aesxcbc_gen(odp_packet_t pkt,
icv += param->hash_result_offset;
ctx = EVP_CIPHER_CTX_new();
- EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, session->auth.key,
NULL);
+ EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL,
session->auth.key, NULL);
for (; len > AES_BLOCK_SIZE ; len -= AES_BLOCK_SIZE) {
- xor_block(e, (const uint32_t*) data);
+ xor_block(e, (const uint32_t *)data);
EVP_EncryptUpdate(ctx, (uint8_t *)e, &dummy_len, (uint8_t *)e,
sizeof(e));
data += AES_BLOCK_SIZE;
}
do_pad_xor((uint8_t *)e, data, len);
- if (len == AES_BLOCK_SIZE) {
- xor_block(e, (const uint32_t*) (session->auth.key + 16));
- }
+ if (len == AES_BLOCK_SIZE)
+ xor_block(e, (const uint32_t *)(session->auth.key + 16));
else
- {
- xor_block(e, (const uint32_t*) (session->auth.key + 16*2));
- }
+ xor_block(e, (const uint32_t *)(session->auth.key + 16 * 2));
+
EVP_EncryptUpdate(ctx, hash_out, &dummy_len, (uint8_t *)e, sizeof(e));
- EVP_CIPHER_CTX_free(ctx);
+ EVP_CIPHER_CTX_free(ctx);
memcpy (icv, hash_out, 12);
return ODP_CRYPTO_ALG_ERR_NONE;
@@ -380,7 +382,7 @@ odp_crypto_alg_err_t aesxcbc_check(odp_packet_t pkt,
const odp_crypto_packet_op_param_t *param,
odp_crypto_generic_session_t *session)
{
- aes_block e = {0, 0, 0, 0};
+ uint32_t e[4] = {0, 0, 0, 0};
uint8_t *data = odp_packet_data(pkt);
uint8_t *icv = data;
uint32_t len = param->auth_range.length;
@@ -399,23 +401,21 @@ odp_crypto_alg_err_t aesxcbc_check(odp_packet_t pkt,
memset(hash_out, 0, sizeof(hash_out));
ctx = EVP_CIPHER_CTX_new();
- EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, session->auth.key,
NULL);
+ EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL,
session->auth.key, NULL);
for (; len > AES_BLOCK_SIZE ; len -= AES_BLOCK_SIZE) {
- xor_block(e, (const uint32_t*) data);
+ xor_block(e, (const uint32_t *) data);
EVP_EncryptUpdate(ctx, (uint8_t *)e, &dummy_len, (uint8_t *)e,
sizeof(e));
data += AES_BLOCK_SIZE;
}
do_pad_xor((uint8_t *)e, data, len);
- if (len == AES_BLOCK_SIZE) {
- xor_block(e, (const uint32_t*) (session->auth.key + 16));
- }
+ if (len == AES_BLOCK_SIZE)
+ xor_block(e, (const uint32_t *)(session->auth.key + 16));
else
- {
- xor_block(e, (const uint32_t*) (session->auth.key + 16*2));
- }
+ xor_block(e, (const uint32_t *)(session->auth.key + 16 * 2));
+
EVP_EncryptUpdate(ctx, hash_out, &dummy_len, (uint8_t *)e, sizeof(e));
- EVP_CIPHER_CTX_free(ctx);
+ EVP_CIPHER_CTX_free(ctx);
/* Verify match */
if (0 != memcmp(hash_in, hash_out, 12))
return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
@@ -424,9 +424,10 @@ odp_crypto_alg_err_t aesxcbc_check(odp_packet_t pkt,
return ODP_CRYPTO_ALG_ERR_NONE;
}
-static int process_aesxcbc_param(odp_crypto_generic_session_t *session)
+static int process_aesxcbc_param(odp_crypto_generic_session_t *session,
+ const EVP_CIPHER *cipher)
{
- aes_block kn[3] = {
+ uint32_t kn[12] = {
{ 0x01010101, 0x01010101, 0x01010101, 0x01010101 },
{ 0x02020202, 0x02020202, 0x02020202, 0x02020202 },
{ 0x03030303, 0x03030303, 0x03030303, 0x03030303 },
@@ -439,19 +440,25 @@ static int
process_aesxcbc_param(odp_crypto_generic_session_t *session)
session->auth.func = aesxcbc_gen;
else
session->auth.func = aesxcbc_check;
+ session->auth.init = null_crypto_init_routine;
+ session->auth.evp_cipher = cipher;
ctx = EVP_CIPHER_CTX_new();
- EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL,
session->p.auth_key.data, NULL);
+ EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL,
+ session->p.auth_key.data, NULL);
/* K1 = 0x01010101010101010101010101010101 encrypted with Key K */
- EVP_EncryptUpdate(ctx, session->auth.key, &dummy_len, (uint8_t *)kn[0],
16);
+ EVP_EncryptUpdate(ctx, session->auth.key,
+ &dummy_len, (uint8_t *)kn[0], 16);
/* K2 = 0x02020202020202020202020202020202 encrypted with Key K */
- EVP_EncryptUpdate(ctx, session->auth.key+16, &dummy_len, (uint8_t
*)kn[1], 16);
+ EVP_EncryptUpdate(ctx, session->auth.key + 16,
+ &dummy_len, (uint8_t *)kn[4], 16);
/* K3 = 0x03030303030303030303030303030303 encrypted with Key K */
- EVP_EncryptUpdate(ctx, session->auth.key+16*2, &dummy_len, (uint8_t
*)kn[2], 16);
+ EVP_EncryptUpdate(ctx, session->auth.key + 16 * 2,
+ &dummy_len, (uint8_t *)kn[8], 16);
- EVP_CIPHER_CTX_free(ctx);
+ EVP_CIPHER_CTX_free(ctx);
return 0;
}
@@ -1627,7 +1634,7 @@ odp_crypto_session_create(odp_crypto_session_param_t
*param,
break;
case ODP_AUTH_ALG_AES_XCBC_MAC:
- rc = process_aesxcbc_param(session);
+ rc = process_aesxcbc_param(session, EVP_aes_128_ecb());
break;
#if ODP_DEPRECATED_API
case ODP_AUTH_ALG_AES128_GCM:
diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c
b/test/validation/api/crypto/odp_crypto_test_inp.c
index 2316f2798..96d2f8f76 100644
--- a/test/validation/api/crypto/odp_crypto_test_inp.c
+++ b/test/validation/api/crypto/odp_crypto_test_inp.c
@@ -1499,9 +1499,9 @@ odp_testinfo_t crypto_suite[] = {
ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha256,
check_alg_hmac_sha256),
ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha384,
- check_alg_hmac_sha384),
+ check_alg_hmac_sha384),
ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha384,
- check_alg_hmac_sha384),
+ check_alg_hmac_sha384),
ODP_TEST_INFO_CONDITIONAL(crypto_test_gen_alg_hmac_sha512,
check_alg_hmac_sha512),
ODP_TEST_INFO_CONDITIONAL(crypto_test_check_alg_hmac_sha512,
diff --git a/test/validation/api/crypto/test_vectors.h
b/test/validation/api/crypto/test_vectors.h
index 700c5c047..6756afbc4 100644
--- a/test/validation/api/crypto/test_vectors.h
+++ b/test/validation/api/crypto/test_vectors.h
@@ -1281,7 +1281,7 @@ static crypto_test_reference_t hmac_sha384_reference[] = {
.digest_length = HMAC_SHA384_CHECK_LEN,
.digest = { 0xaf, 0x45, 0xd2, 0xe3, 0x76, 0x48, 0x40, 0x31,
0x61, 0x7f, 0x78, 0xd2, 0xb5, 0x8a, 0x6b, 0x1b,
- 0x9c, 0x7e, 0xf4, 0x64, 0xf5, 0xa0, 0x1b, 0x47,
+ 0x9c, 0x7e, 0xf4, 0x64, 0xf5, 0xa0, 0x1b, 0x47,
0xe4, 0x2e, 0xc3, 0x73, 0x63, 0x22, 0x44, 0x5e,
0x8e, 0x22, 0x40, 0xca, 0x5e, 0x69, 0xe2, 0xc7,
0x8b, 0x32, 0x39, 0xec, 0xfa, 0xb2, 0x16, 0x49 }
@@ -1309,7 +1309,7 @@ static crypto_test_reference_t hmac_sha384_reference[] = {
.digest_length = HMAC_SHA384_CHECK_LEN,
.digest = {0x88, 0x06, 0x26, 0x08, 0xd3, 0xe6, 0xad, 0x8a,
0x0a, 0xa2, 0xac, 0xe0, 0x14, 0xc8, 0xa8, 0x6f,
- 0x0a, 0xa6, 0x35, 0xd9, 0x47, 0xac, 0x9f, 0xeb,
+ 0x0a, 0xa6, 0x35, 0xd9, 0x47, 0xac, 0x9f, 0xeb,
0xe8, 0x3e, 0xf4, 0xe5, 0x59, 0x66, 0x14, 0x4b,
0x2a, 0x5a, 0xb3, 0x9d, 0xc1, 0x38, 0x14, 0xb9,
0x4e, 0x3a, 0xb6, 0xe1, 0x01, 0xa3, 0x4f, 0x27 }
@@ -1490,7 +1490,7 @@ static crypto_test_reference_t aes_xcbc_reference[] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13 },
.digest_length = AES_XCBC_MAC_96_CHECK_LEN,
- .digest = { 0x47, 0xf5, 0x1b, 0x45, 0x64, 0x96, 0x62, 0x15,
+ .digest = { 0x47, 0xf5, 0x1b, 0x45, 0x64, 0x96, 0x62, 0x15,
0xb8, 0x98, 0x5c, 0x63 }
},
{
@@ -1529,7 +1529,7 @@ static crypto_test_reference_t aes_xcbc_reference[] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13 },
.digest_length = AES_XCBC_MAC_CHECK_LEN,
- .digest = { 0x47, 0xf5, 0x1b, 0x45, 0x64, 0x96, 0x62, 0x15,
+ .digest = { 0x47, 0xf5, 0x1b, 0x45, 0x64, 0x96, 0x62, 0x15,
0xb8, 0x98, 0x5c, 0x63, 0x05, 0x5e, 0xd3, 0x08 }
}
};
