[API-NEXT,v5,3/6] api: crypto: use cipher_iv instead of iv in session params

Message ID 1515024013-30222-4-git-send-email-odpbot@yandex.ru
State New
Headers show
Series
  • Add separate auth IV
Related show

Commit Message

Github ODP bot Jan. 4, 2018, midnight
From: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>


In preparation to add auth-specific IV, rename iv field to ciper_iv.
Provide deprecated compatibility field iv.

Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

---
/** Email created from pull request 352 (lumag:crypto_gmac_iv)
 ** https://github.com/Linaro/odp/pull/352
 ** Patch: https://github.com/Linaro/odp/pull/352.patch
 ** Base sha: 6303c7d0e98fafe0f14c8c4dd9989b3b7633ebf4
 ** Merge commit sha: 5a1e35f8e8d8df2bc17b098f7c9c92611ea98e23
 **/
 example/ipsec/odp_ipsec_cache.c                  | 14 +++++------
 include/odp/api/spec/crypto.h                    |  8 +++++-
 platform/linux-generic/odp_crypto.c              | 32 ++++++++++++------------
 platform/linux-generic/odp_ipsec_sad.c           |  6 ++---
 test/performance/odp_crypto.c                    |  4 +--
 test/validation/api/crypto/odp_crypto_test_inp.c |  2 +-
 6 files changed, 36 insertions(+), 30 deletions(-)

Patch

diff --git a/example/ipsec/odp_ipsec_cache.c b/example/ipsec/odp_ipsec_cache.c
index bd4c1eabc..220df7825 100644
--- a/example/ipsec/odp_ipsec_cache.c
+++ b/example/ipsec/odp_ipsec_cache.c
@@ -92,13 +92,13 @@  int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa,
 		params.cipher_alg  = cipher_sa->alg.u.cipher;
 		params.cipher_key.data  = cipher_sa->key.data;
 		params.cipher_key.length  = cipher_sa->key.length;
-		params.iv.data = entry->state.iv;
-		params.iv.length = cipher_sa->iv_len;
+		params.cipher_iv.data = entry->state.iv;
+		params.cipher_iv.length = cipher_sa->iv_len;
 		mode = cipher_sa->mode;
 	} else {
 		params.cipher_alg = ODP_CIPHER_ALG_NULL;
-		params.iv.data = NULL;
-		params.iv.length = 0;
+		params.cipher_iv.data = NULL;
+		params.cipher_iv.length = 0;
 	}
 
 	/* Auth */
@@ -113,10 +113,10 @@  int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa,
 	}
 
 	/* Generate an IV */
-	if (params.iv.length) {
-		int32_t size = params.iv.length;
+	if (params.cipher_iv.length) {
+		int32_t size = params.cipher_iv.length;
 
-		int32_t ret = odp_random_data(params.iv.data, size, 1);
+		int32_t ret = odp_random_data(params.cipher_iv.data, size, 1);
 		if (ret != size)
 			return -1;
 	}
diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h
index 81fecbc36..25ce2f86c 100644
--- a/include/odp/api/spec/crypto.h
+++ b/include/odp/api/spec/crypto.h
@@ -313,7 +313,13 @@  typedef struct odp_crypto_session_param_t {
 	odp_crypto_key_t cipher_key;
 
 	/** Cipher Initialization Vector (IV) */
-	odp_crypto_iv_t iv;
+	union {
+		/** @deprecated Use cipher_iv */
+		odp_crypto_iv_t ODP_DEPRECATE(iv);
+
+		/** Cipher Initialization Vector (IV) */
+		odp_crypto_iv_t cipher_iv;
+	};
 
 	/** Authentication algorithm
 	 *
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c
index 3b110c191..2cf0f5c10 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -436,7 +436,7 @@  odp_crypto_alg_err_t cipher_encrypt(odp_packet_t pkt,
 
 	if (param->override_iv_ptr)
 		iv_ptr = param->override_iv_ptr;
-	else if (session->p.iv.data)
+	else if (session->p.cipher_iv.data)
 		iv_ptr = session->cipher.iv_data;
 	else
 		return ODP_CRYPTO_ALG_ERR_IV_INVALID;
@@ -467,7 +467,7 @@  odp_crypto_alg_err_t cipher_decrypt(odp_packet_t pkt,
 
 	if (param->override_iv_ptr)
 		iv_ptr = param->override_iv_ptr;
-	else if (session->p.iv.data)
+	else if (session->p.cipher_iv.data)
 		iv_ptr = session->cipher.iv_data;
 	else
 		return ODP_CRYPTO_ALG_ERR_IV_INVALID;
@@ -496,8 +496,8 @@  static int process_cipher_param(odp_crypto_generic_session_t *session,
 		return -1;
 
 	/* Verify IV len is correct */
-	if (!((0 == session->p.iv.length) ||
-	      ((uint32_t)EVP_CIPHER_iv_length(cipher) == session->p.iv.length)))
+	if (!((0 == session->p.cipher_iv.length) ||
+	      ((uint32_t)EVP_CIPHER_iv_length(cipher) == session->p.cipher_iv.length)))
 		return -1;
 
 	session->cipher.evp_cipher = cipher;
@@ -529,7 +529,7 @@  odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt,
 
 	if (param->override_iv_ptr)
 		iv_ptr = param->override_iv_ptr;
-	else if (session->p.iv.data)
+	else if (session->p.cipher_iv.data)
 		iv_ptr = session->cipher.iv_data;
 	else
 		return ODP_CRYPTO_ALG_ERR_IV_INVALID;
@@ -539,7 +539,7 @@  odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt,
 	EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL,
 			   session->cipher.key_data, NULL);
 	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN,
-			    session->p.iv.length, NULL);
+			    session->p.cipher_iv.length, NULL);
 	EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr);
 	EVP_CIPHER_CTX_set_padding(ctx, 0);
 
@@ -576,7 +576,7 @@  odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt,
 
 	if (param->override_iv_ptr)
 		iv_ptr = param->override_iv_ptr;
-	else if (session->p.iv.data)
+	else if (session->p.cipher_iv.data)
 		iv_ptr = session->cipher.iv_data;
 	else
 		return ODP_CRYPTO_ALG_ERR_IV_INVALID;
@@ -586,7 +586,7 @@  odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt,
 	EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL,
 			   session->cipher.key_data, NULL);
 	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN,
-			    session->p.iv.length, NULL);
+			    session->p.cipher_iv.length, NULL);
 	EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr);
 	EVP_CIPHER_CTX_set_padding(ctx, 0);
 
@@ -642,7 +642,7 @@  odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt,
 
 	if (param->override_iv_ptr)
 		iv_ptr = param->override_iv_ptr;
-	else if (session->p.iv.data)
+	else if (session->p.cipher_iv.data)
 		iv_ptr = session->cipher.iv_data;
 	else
 		return ODP_CRYPTO_ALG_ERR_IV_INVALID;
@@ -652,7 +652,7 @@  odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt,
 	EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL,
 			   session->auth.key, NULL);
 	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN,
-			    session->p.iv.length, NULL);
+			    session->p.cipher_iv.length, NULL);
 	EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr);
 	EVP_CIPHER_CTX_set_padding(ctx, 0);
 
@@ -681,7 +681,7 @@  odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt,
 
 	if (param->override_iv_ptr)
 		iv_ptr = param->override_iv_ptr;
-	else if (session->p.iv.data)
+	else if (session->p.cipher_iv.data)
 		iv_ptr = session->cipher.iv_data;
 	else
 		return ODP_CRYPTO_ALG_ERR_IV_INVALID;
@@ -691,7 +691,7 @@  odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt,
 	EVP_DecryptInit_ex(ctx, session->auth.evp_cipher, NULL,
 			   session->auth.key, NULL);
 	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN,
-			    session->p.iv.length, NULL);
+			    session->p.cipher_iv.length, NULL);
 	EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr);
 	EVP_CIPHER_CTX_set_padding(ctx, 0);
 
@@ -902,16 +902,16 @@  odp_crypto_session_create(odp_crypto_session_param_t *param,
 	/* Copy parameters */
 	session->p = *param;
 
-	if (session->p.iv.length > EVP_MAX_IV_LENGTH) {
+	if (session->p.cipher_iv.length > EVP_MAX_IV_LENGTH) {
 		ODP_DBG("Maximum IV length exceeded\n");
 		*status = ODP_CRYPTO_SES_CREATE_ERR_INV_CIPHER;
 		goto err;
 	}
 
 	/* Copy IV data */
-	if (session->p.iv.data)
-		memcpy(session->cipher.iv_data, session->p.iv.data,
-		       session->p.iv.length);
+	if (session->p.cipher_iv.data)
+		memcpy(session->cipher.iv_data, session->p.cipher_iv.data,
+		       session->p.cipher_iv.length);
 
 	/* Derive order */
 	if (ODP_CRYPTO_OP_ENCODE == param->op)
diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c
index 845a73dea..11227a5fc 100644
--- a/platform/linux-generic/odp_ipsec_sad.c
+++ b/platform/linux-generic/odp_ipsec_sad.c
@@ -351,13 +351,13 @@  odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param)
 	crypto_param.auth_alg = param->crypto.auth_alg;
 	crypto_param.auth_key = param->crypto.auth_key;
 
-	crypto_param.iv.length =
+	crypto_param.cipher_iv.length =
 		_odp_ipsec_cipher_iv_len(crypto_param.cipher_alg);
 
 	crypto_param.auth_digest_len =
 		_odp_ipsec_auth_digest_len(crypto_param.auth_alg);
 
-	if ((uint32_t)-1 == crypto_param.iv.length ||
+	if ((uint32_t)-1 == crypto_param.cipher_iv.length ||
 	    (uint32_t)-1 == crypto_param.auth_digest_len)
 		goto error;
 
@@ -409,7 +409,7 @@  odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param)
 		ipsec_sa->use_counter_iv = 1;
 		ipsec_sa->esp_iv_len = 8;
 		ipsec_sa->esp_block_len = 16;
-		crypto_param.iv.length = 12;
+		crypto_param.cipher_iv.length = 12;
 		break;
 	default:
 		break;
diff --git a/test/performance/odp_crypto.c b/test/performance/odp_crypto.c
index 0cbc2754e..21d916887 100644
--- a/test/performance/odp_crypto.c
+++ b/test/performance/odp_crypto.c
@@ -187,7 +187,7 @@  static crypto_alg_config_t algs_config[] = {
 				.data = test_key24,
 				.length = sizeof(test_key24)
 			},
-			.iv = {
+			.cipher_iv = {
 				.data = test_iv,
 				.length = 8,
 			},
@@ -202,7 +202,7 @@  static crypto_alg_config_t algs_config[] = {
 				.data = test_key24,
 				.length = sizeof(test_key24)
 			},
-			.iv = {
+			.cipher_iv = {
 				.data = test_iv,
 				.length = 8,
 			},
diff --git a/test/validation/api/crypto/odp_crypto_test_inp.c b/test/validation/api/crypto/odp_crypto_test_inp.c
index c7076d300..b49cffb5a 100644
--- a/test/validation/api/crypto/odp_crypto_test_inp.c
+++ b/test/validation/api/crypto/odp_crypto_test_inp.c
@@ -438,7 +438,7 @@  static void alg_test(odp_crypto_op_t op,
 	ses_params.compl_queue = suite_context.queue;
 	ses_params.output_pool = suite_context.pool;
 	ses_params.cipher_key = cipher_key;
-	ses_params.iv = iv;
+	ses_params.cipher_iv = iv;
 	ses_params.auth_key = auth_key;
 	ses_params.auth_digest_len = ref->digest_length;
 	ses_params.auth_aad_len = ref->aad_length;