diff options
author | Nathan Skrzypczak <nathan.skrzypczak@gmail.com> | 2019-11-06 14:12:23 +0100 |
---|---|---|
committer | Florin Coras <florin.coras@gmail.com> | 2019-11-07 17:29:31 +0000 |
commit | 7c40a3837a7a256cbb61dfad15be6e910058e4ba (patch) | |
tree | 3a92f319d58a44fc84926d0de14b4f7e436c487a /src/plugins/hs_apps/sapi/vpp_echo_bapi.c | |
parent | dcbbf2833d09ca6fc4f3df9bcac4ff2d1244c531 (diff) |
hsa: Add ckpair & crypto engine in vpp_echo
Type: feature
* vpp echo adds and dels a cert and key pair for each run
* it passes the crypto engine to be used (openssl, picotls, vpp, mbedtls)
Change-Id: Iaba1de2e6abb510e6c4edbe84b2324b2f4843f26
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Diffstat (limited to 'src/plugins/hs_apps/sapi/vpp_echo_bapi.c')
-rw-r--r-- | src/plugins/hs_apps/sapi/vpp_echo_bapi.c | 101 |
1 files changed, 54 insertions, 47 deletions
diff --git a/src/plugins/hs_apps/sapi/vpp_echo_bapi.c b/src/plugins/hs_apps/sapi/vpp_echo_bapi.c index fad0d18ccc6..3cfe6a78ec5 100644 --- a/src/plugins/hs_apps/sapi/vpp_echo_bapi.c +++ b/src/plugins/hs_apps/sapi/vpp_echo_bapi.c @@ -68,28 +68,38 @@ echo_send_detach (echo_main_t * em) } void -echo_send_add_crypto_ctx (echo_main_t * em) +echo_send_add_cert_key (echo_main_t * em) { - vl_api_application_tls_cert_add_t *cert_mp; - vl_api_application_tls_key_add_t *key_mp; - - cert_mp = vl_msg_api_alloc (sizeof (*cert_mp) + test_srv_crt_rsa_len); - clib_memset (cert_mp, 0, sizeof (*cert_mp)); - cert_mp->_vl_msg_id = ntohs (VL_API_APPLICATION_TLS_CERT_ADD); - cert_mp->client_index = em->my_client_index; - cert_mp->context = ntohl (0xfeedface); - cert_mp->cert_len = clib_host_to_net_u16 (test_srv_crt_rsa_len); - clib_memcpy_fast (cert_mp->cert, test_srv_crt_rsa, test_srv_crt_rsa_len); - vl_msg_api_send_shmem (em->vl_input_queue, (u8 *) & cert_mp); - - key_mp = vl_msg_api_alloc (sizeof (*key_mp) + test_srv_key_rsa_len); - clib_memset (key_mp, 0, sizeof (*key_mp) + test_srv_key_rsa_len); - key_mp->_vl_msg_id = ntohs (VL_API_APPLICATION_TLS_KEY_ADD); - key_mp->client_index = em->my_client_index; - key_mp->context = ntohl (0xfeedface); - key_mp->key_len = clib_host_to_net_u16 (test_srv_key_rsa_len); - clib_memcpy_fast (key_mp->key, test_srv_key_rsa, test_srv_key_rsa_len); - vl_msg_api_send_shmem (em->vl_input_queue, (u8 *) & key_mp); + u32 cert_len = test_srv_crt_rsa_len; + u32 key_len = test_srv_key_rsa_len; + vl_api_app_add_cert_key_pair_t *bmp; + + bmp = vl_msg_api_alloc (sizeof (*bmp) + cert_len + key_len); + clib_memset (bmp, 0, sizeof (*bmp) + cert_len + key_len); + + bmp->_vl_msg_id = ntohs (VL_API_APP_ADD_CERT_KEY_PAIR); + bmp->client_index = em->my_client_index; + bmp->context = ntohl (0xfeedface); + bmp->cert_len = clib_host_to_net_u16 (cert_len); + bmp->certkey_len = clib_host_to_net_u16 (key_len + cert_len); + clib_memcpy_fast (bmp->certkey, test_srv_crt_rsa, cert_len); + clib_memcpy_fast (bmp->certkey + cert_len, test_srv_key_rsa, key_len); + + vl_msg_api_send_shmem (em->vl_input_queue, (u8 *) & bmp); +} + +void +echo_send_del_cert_key (echo_main_t * em) +{ + vl_api_app_del_cert_key_pair_t *bmp; + bmp = vl_msg_api_alloc (sizeof (*bmp)); + clib_memset (bmp, 0, sizeof (*bmp)); + + bmp->_vl_msg_id = ntohs (VL_API_APP_DEL_CERT_KEY_PAIR); + bmp->client_index = em->my_client_index; + bmp->context = ntohl (0xfeedface); + bmp->index = clib_host_to_net_u32 (em->ckpair_index); + vl_msg_api_send_shmem (em->vl_input_queue, (u8 *) & bmp); } void @@ -109,6 +119,8 @@ echo_send_listen (echo_main_t * em) clib_memcpy_fast (&mp->ip, &em->uri_elts.ip, sizeof (mp->ip)); mp->port = em->uri_elts.port; mp->proto = em->uri_elts.transport_proto; + mp->ckpair_index = em->ckpair_index; + mp->crypto_engine = em->crypto_engine; app_send_ctrl_evt_to_vpp (mq, app_evt); } @@ -148,6 +160,8 @@ echo_send_connect (u64 parent_session_handle, u32 opaque) mp->port = em->uri_elts.port; mp->proto = em->uri_elts.transport_proto; mp->parent_handle = parent_session_handle; + mp->ckpair_index = em->ckpair_index; + mp->crypto_engine = em->crypto_engine; app_send_ctrl_evt_to_vpp (mq, app_evt); } @@ -216,47 +230,40 @@ echo_segment_handle_add_del (echo_main_t * em, u64 segment_handle, u8 add) */ static void - vl_api_application_tls_cert_add_reply_t_handler - (vl_api_application_tls_cert_add_reply_t * mp) + vl_api_app_add_cert_key_pair_reply_t_handler + (vl_api_app_add_cert_key_pair_reply_t * mp) { echo_main_t *em = &echo_main; if (mp->retval) { - ECHO_FAIL (ECHO_FAIL_VL_API_TLS_CERT_ADD_REPLY, - "tls cert add returned %d", + ECHO_FAIL (ECHO_FAIL_VL_API_CERT_KEY_ADD_REPLY, + "Adding cert and key returned %d", clib_net_to_host_u32 (mp->retval)); return; } /* No concurrency here, only bapi thread writes */ - if (em->state != STATE_ATTACHED_NO_CERT - && em->state != STATE_ATTACHED_ONE_CERT) + if (em->state != STATE_ATTACHED_NO_CERT) { - ECHO_FAIL (ECHO_FAIL_VL_API_TLS_CERT_ADD_REPLY, "Wrong state"); + ECHO_FAIL (ECHO_FAIL_VL_API_CERT_KEY_ADD_REPLY, "Wrong state"); return; } - em->state++; + em->ckpair_index = clib_net_to_host_u32 (mp->index); + em->state = STATE_ATTACHED; } static void - vl_api_application_tls_key_add_reply_t_handler - (vl_api_application_tls_key_add_reply_t * mp) + vl_api_app_del_cert_key_pair_reply_t_handler + (vl_api_app_del_cert_key_pair_reply_t * mp) { echo_main_t *em = &echo_main; if (mp->retval) { - ECHO_FAIL (ECHO_FAIL_VL_API_TLS_KEY_ADD_REPLY, - "tls key add returned %d", + ECHO_FAIL (ECHO_FAIL_VL_API_CERT_KEY_DEL_REPLY, + "Delete cert and key returned %d", clib_net_to_host_u32 (mp->retval)); return; } - /* No concurrency here, only bapi thread writes */ - if (em->state != STATE_ATTACHED_NO_CERT - && em->state != STATE_ATTACHED_ONE_CERT) - { - ECHO_FAIL (ECHO_FAIL_VL_API_TLS_CERT_ADD_REPLY, "Wrong state"); - return; - } - em->state++; + em->state = STATE_CLEANED_CERT_KEY; } static void @@ -419,12 +426,12 @@ failed: vec_free (fds); } -#define foreach_quic_echo_msg \ -_(APP_ATTACH_REPLY, app_attach_reply) \ -_(APPLICATION_DETACH_REPLY, application_detach_reply) \ -_(MAP_ANOTHER_SEGMENT, map_another_segment) \ -_(APPLICATION_TLS_CERT_ADD_REPLY, application_tls_cert_add_reply) \ -_(APPLICATION_TLS_KEY_ADD_REPLY, application_tls_key_add_reply) \ +#define foreach_quic_echo_msg \ +_(APP_ATTACH_REPLY, app_attach_reply) \ +_(APPLICATION_DETACH_REPLY, application_detach_reply) \ +_(MAP_ANOTHER_SEGMENT, map_another_segment) \ +_(APP_ADD_CERT_KEY_PAIR_REPLY, app_add_cert_key_pair_reply) \ +_(APP_DEL_CERT_KEY_PAIR_REPLY, app_del_cert_key_pair_reply) \ _(UNMAP_SEGMENT, unmap_segment) void |