[API-NEXT,v1,1/1] linux-generic: crypto: adapt HMAC code to OpenSSL 1.1.x

Message ID 1497513607-20195-2-git-send-email-odpbot@yandex.ru
State Superseded
Headers show
Series
  • linux-generic: crypto: adapt HMAC code to OpenSSL 1.1.x
Related show

Commit Message

Github ODP bot June 15, 2017, 8 a.m.
From: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>


OpenSSL 1.1.x has changed HMAC API in an incompatible way. Let's adapt
to it by providing version-dependent wrapper around HMAC calculation.

Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

---
/** Email created from pull request 51 (lumag:hmac-1.1.x)
 ** https://github.com/Linaro/odp/pull/51
 ** Patch: https://github.com/Linaro/odp/pull/51.patch
 ** Base sha: 4f97e500a097928e308a415c32a88465adc5f5cc
 ** Merge commit sha: 31e0b980e18e6b8761600e5ab0f4aadbf88bdbac
 **/
 platform/linux-generic/odp_crypto.c | 43 +++++++++++++++++++++++++++++--------
 1 file changed, 34 insertions(+), 9 deletions(-)

Comments

Dmitry Eremin-Solenikov June 22, 2017, 11:02 a.m. | #1
On 15.06.2017 11:00, Github ODP bot wrote:
> From: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

> 

> OpenSSL 1.1.x has changed HMAC API in an incompatible way. Let's adapt

> to it by providing version-dependent wrapper around HMAC calculation.

> 

> Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>


Ping. Any reaction on this patch?

> ---

> /** Email created from pull request 51 (lumag:hmac-1.1.x)

>  ** https://github.com/Linaro/odp/pull/51

>  ** Patch: https://github.com/Linaro/odp/pull/51.patch

>  ** Base sha: 4f97e500a097928e308a415c32a88465adc5f5cc

>  ** Merge commit sha: 31e0b980e18e6b8761600e5ab0f4aadbf88bdbac

>  **/

>  platform/linux-generic/odp_crypto.c | 43 +++++++++++++++++++++++++++++--------

>  1 file changed, 34 insertions(+), 9 deletions(-)


-- 
With best wishes
Dmitry
Brian Brooks June 22, 2017, 1:48 p.m. | #2
On 06/15 11:00:07, Github ODP bot wrote:
> From: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

> 

> OpenSSL 1.1.x has changed HMAC API in an incompatible way. Let's adapt

> to it by providing version-dependent wrapper around HMAC calculation.


I am using OpenSSL 1.1.x on some machines.

Reviewed-and-tested-by: Brian Brooks <brian.brooks@arm.com>

> Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

> ---

> /** Email created from pull request 51 (lumag:hmac-1.1.x)

>  ** https://github.com/Linaro/odp/pull/51

>  ** Patch: https://github.com/Linaro/odp/pull/51.patch

>  ** Base sha: 4f97e500a097928e308a415c32a88465adc5f5cc

>  ** Merge commit sha: 31e0b980e18e6b8761600e5ab0f4aadbf88bdbac

>  **/

>  platform/linux-generic/odp_crypto.c | 43 +++++++++++++++++++++++++++++--------

>  1 file changed, 34 insertions(+), 9 deletions(-)

> 

> diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c

> index 6fc1907d..68fc5658 100644

> --- a/platform/linux-generic/odp_crypto.c

> +++ b/platform/linux-generic/odp_crypto.c

> @@ -128,20 +128,18 @@ null_crypto_routine(odp_crypto_op_param_t *param ODP_UNUSED,

>  }

>  

>  static

> -void packet_hmac(odp_crypto_op_param_t *param,

> -		 odp_crypto_generic_session_t *session,

> -		 uint8_t *hash)

> +void packet_hmac_calculate(HMAC_CTX *ctx,

> +			   odp_crypto_op_param_t *param,

> +			   odp_crypto_generic_session_t *session,

> +			   uint8_t *hash)

>  {

>  	odp_packet_t pkt = param->out_pkt;

>  	uint32_t offset = param->auth_range.offset;

>  	uint32_t len   = param->auth_range.length;

> -	HMAC_CTX ctx;

>  

>  	ODP_ASSERT(offset + len <= odp_packet_len(pkt));

>  

> -	/* Hash it */

> -	HMAC_CTX_init(&ctx);

> -	HMAC_Init_ex(&ctx,

> +	HMAC_Init_ex(ctx,

>  		     session->auth.key,

>  		     session->auth.key_length,

>  		     session->auth.evp_md,

> @@ -152,14 +150,41 @@ void packet_hmac(odp_crypto_op_param_t *param,

>  		void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL);

>  		uint32_t maclen = len > seglen ? seglen : len;

>  

> -		HMAC_Update(&ctx, mapaddr, maclen);

> +		HMAC_Update(ctx, mapaddr, maclen);

>  		offset  += maclen;

>  		len     -= maclen;

>  	}

>  

> -	HMAC_Final(&ctx, hash, NULL);

> +	HMAC_Final(ctx, hash, NULL);

> +}

> +

> +#if OPENSSL_VERSION_NUMBER < 0x10100000L

> +static

> +void packet_hmac(odp_crypto_op_param_t *param,

> +		 odp_crypto_generic_session_t *session,

> +		 uint8_t *hash)

> +{

> +	HMAC_CTX ctx;

> +

> +	/* Hash it */

> +	HMAC_CTX_init(&ctx);

> +	packet_hmac_calculate(&ctx, param, session, hash);

>  	HMAC_CTX_cleanup(&ctx);

>  }

> +#else

> +static

> +void packet_hmac(odp_crypto_op_param_t *param,

> +		 odp_crypto_generic_session_t *session,

> +		 uint8_t *hash)

> +{

> +	HMAC_CTX *ctx;

> +

> +	/* Hash it */

> +	ctx = HMAC_CTX_new();

> +	packet_hmac_calculate(ctx, param, session, hash);

> +	HMAC_CTX_free(ctx);

> +}

> +#endif

>  

>  static

>  odp_crypto_alg_err_t auth_gen(odp_crypto_op_param_t *param,

>

Patch hide | download patch | download mbox

diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c
index 6fc1907d..68fc5658 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -128,20 +128,18 @@  null_crypto_routine(odp_crypto_op_param_t *param ODP_UNUSED,
 }
 
 static
-void packet_hmac(odp_crypto_op_param_t *param,
-		 odp_crypto_generic_session_t *session,
-		 uint8_t *hash)
+void packet_hmac_calculate(HMAC_CTX *ctx,
+			   odp_crypto_op_param_t *param,
+			   odp_crypto_generic_session_t *session,
+			   uint8_t *hash)
 {
 	odp_packet_t pkt = param->out_pkt;
 	uint32_t offset = param->auth_range.offset;
 	uint32_t len   = param->auth_range.length;
-	HMAC_CTX ctx;
 
 	ODP_ASSERT(offset + len <= odp_packet_len(pkt));
 
-	/* Hash it */
-	HMAC_CTX_init(&ctx);
-	HMAC_Init_ex(&ctx,
+	HMAC_Init_ex(ctx,
 		     session->auth.key,
 		     session->auth.key_length,
 		     session->auth.evp_md,
@@ -152,14 +150,41 @@  void packet_hmac(odp_crypto_op_param_t *param,
 		void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL);
 		uint32_t maclen = len > seglen ? seglen : len;
 
-		HMAC_Update(&ctx, mapaddr, maclen);
+		HMAC_Update(ctx, mapaddr, maclen);
 		offset  += maclen;
 		len     -= maclen;
 	}
 
-	HMAC_Final(&ctx, hash, NULL);
+	HMAC_Final(ctx, hash, NULL);
+}
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+static
+void packet_hmac(odp_crypto_op_param_t *param,
+		 odp_crypto_generic_session_t *session,
+		 uint8_t *hash)
+{
+	HMAC_CTX ctx;
+
+	/* Hash it */
+	HMAC_CTX_init(&ctx);
+	packet_hmac_calculate(&ctx, param, session, hash);
 	HMAC_CTX_cleanup(&ctx);
 }
+#else
+static
+void packet_hmac(odp_crypto_op_param_t *param,
+		 odp_crypto_generic_session_t *session,
+		 uint8_t *hash)
+{
+	HMAC_CTX *ctx;
+
+	/* Hash it */
+	ctx = HMAC_CTX_new();
+	packet_hmac_calculate(ctx, param, session, hash);
+	HMAC_CTX_free(ctx);
+}
+#endif
 
 static
 odp_crypto_alg_err_t auth_gen(odp_crypto_op_param_t *param,