diff options
| author |   Damjan Marion <damarion@cisco.com> | 2025-01-10 18:53:23 +0000 |
|---|---|---|
| committer |   Ole Tr�an <otroan@employees.org> | 2025-01-13 12:21:15 +0000 |
| commit | 1f7c4e2e6ced5672f3ce398a5e8bcdfd45adc5de (patch) | |
| tree | c71cbe22d983a592826364daf38f280c0daba253 /src | |
| parent | b647193cdae84d443c11a33056b875571575d56f (diff) | |
crypto: remove AEAD opt types
Type: improvement
Change-Id: I32ccf1d58a34bc6f64946ffd711dbd2b4f5864f6
Signed-off-by: Damjan Marion <damarion@cisco.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/plugins/unittest/crypto_test.c | 380 | ||||
| -rw-r--r-- | src/vnet/crypto/crypto.c | 20 | ||||
| -rw-r--r-- | src/vnet/crypto/crypto.h | 3 |
3 files changed, 185 insertions, 218 deletions
diff --git a/src/plugins/unittest/crypto_test.c b/src/plugins/unittest/crypto_test.c index 4bc06f71c79..eb3f9d05166 100644 --- a/src/plugins/unittest/crypto_test.c +++ b/src/plugins/unittest/crypto_test.c @@ -35,6 +35,7 @@ print_results (vlib_main_t * vm, unittest_crypto_test_registration_t ** rv, vnet_crypto_op_t * ops, vnet_crypto_op_chunk_t * chunks, u32 n_ops, crypto_test_main_t * tm) { + vnet_crypto_main_t *cm = &crypto_main; int i; unittest_crypto_test_registration_t *r; vnet_crypto_op_chunk_t *chp; @@ -48,17 +49,17 @@ print_results (vlib_main_t * vm, unittest_crypto_test_registration_t ** rv, unittest_crypto_test_data_t *exp_pt = 0, *exp_ct = 0, exp_pt_data; unittest_crypto_test_data_t *exp_digest = 0, *exp_tag = 0; unittest_crypto_test_data_t *exp_pt_chunks = 0, *exp_ct_chunks = 0; + vnet_crypto_op_data_t *od = cm->opt_data + op->op; + vnet_crypto_alg_data_t *ad = cm->algs + od->alg; switch (vnet_crypto_get_op_type (op->op)) { - case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT: - exp_tag = &r->tag; - /* fall through */ case VNET_CRYPTO_OP_TYPE_ENCRYPT: exp_ct = &r->ciphertext; exp_ct_chunks = r->ct_chunks; + if (ad->is_aead) + exp_tag = &r->tag; break; - case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT: case VNET_CRYPTO_OP_TYPE_DECRYPT: if (r->plaintext_incremental) { @@ -308,24 +309,16 @@ test_crypto_incremental (vlib_main_t * vm, crypto_test_main_t * tm, op->src = tm->inc_data; op->dst = encrypted_data + computed_data_total_len; computed_data_total_len += r->plaintext_incremental; - op->user_data = i; - op++; - break; - case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT: - vnet_crypto_op_init (op, id); - op->iv = tm->inc_data; - op->key_index = vnet_crypto_key_add (vm, r->alg, - tm->inc_data, r->key.length); - vec_add1 (key_indices, op->key_index); - op->aad = tm->inc_data; - op->aad_len = r->aad.length; - op->len = r->plaintext_incremental; - op->dst = encrypted_data + computed_data_total_len; - computed_data_total_len += r->plaintext_incremental; - op->src = tm->inc_data; - op->tag = encrypted_data + computed_data_total_len; - computed_data_total_len += r->tag.length; - op->tag_len = r->tag.length; + + if (ad->is_aead) + { + op->aad = tm->inc_data; + op->aad_len = r->aad.length; + op->tag = encrypted_data + computed_data_total_len; + computed_data_total_len += r->tag.length; + op->tag_len = r->tag.length; + } + op->user_data = i; op++; break; @@ -372,25 +365,16 @@ test_crypto_incremental (vlib_main_t * vm, crypto_test_main_t * tm, op->src = encrypted_data + computed_data_total_len; op->dst = decrypted_data + computed_data_total_len; computed_data_total_len += r->plaintext_incremental; - op->user_data = i; - op++; - break; - case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT: - vnet_crypto_op_init (op, id); - op->iv = tm->inc_data; - op->key_index = vnet_crypto_key_add (vm, r->alg, - tm->inc_data, r->key.length); - vec_add1 (key_indices, op->key_index); - op->aad = tm->inc_data; - op->aad_len = r->aad.length; - op->len = r->plaintext_incremental; - op->dst = decrypted_data + computed_data_total_len; - op->src = encrypted_data + computed_data_total_len; - computed_data_total_len += r->plaintext_incremental; - op->tag = encrypted_data + computed_data_total_len; - computed_data_total_len += r->tag.length; - op->tag_len = r->tag.length; + if (ad->is_aead) + { + op->aad = tm->inc_data; + op->aad_len = r->aad.length; + op->tag = encrypted_data + computed_data_total_len; + computed_data_total_len += r->tag.length; + op->tag_len = r->tag.length; + } + op->user_data = i; op++; break; @@ -483,116 +467,117 @@ test_crypto_static (vlib_main_t * vm, crypto_test_main_t * tm, { case VNET_CRYPTO_OP_TYPE_ENCRYPT: case VNET_CRYPTO_OP_TYPE_DECRYPT: - op->iv = r->iv.data; - op->key_index = vnet_crypto_key_add (vm, r->alg, - r->key.data, - r->key.length); - vec_add1 (key_indices, op->key_index); - - if (r->is_chained) - { - pt = r->pt_chunks; - ct = r->ct_chunks; - op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS; - op->chunk_index = vec_len (chunks); - while (pt->data) - { - ch.src = t == VNET_CRYPTO_OP_TYPE_ENCRYPT ? - pt->data : ct->data; - ch.len = pt->length; - ch.dst = computed_data + computed_data_total_len; - computed_data_total_len += pt->length; - vec_add1 (chunks, ch); - op->n_chunks++; - pt++; - ct++; - } - } - else - { - op->len = r->plaintext.length; - op->src = t == VNET_CRYPTO_OP_TYPE_ENCRYPT ? - r->plaintext.data : r->ciphertext.data; - op->dst = computed_data + computed_data_total_len; - computed_data_total_len += r->ciphertext.length; - } - break; - case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT: - case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT: - if (r->is_chained) - { - op->iv = r->iv.data; - op->key_index = vnet_crypto_key_add (vm, r->alg, - r->key.data, - r->key.length); - vec_add1 (key_indices, op->key_index); - op->aad = r->aad.data; - op->aad_len = r->aad.length; - if (t == VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT) - { - pt = r->pt_chunks; - op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS; - op->chunk_index = vec_len (chunks); - while (pt->data) - { - clib_memset (&ch, 0, sizeof (ch)); - ch.src = pt->data; - ch.len = pt->length; - ch.dst = computed_data + computed_data_total_len; - computed_data_total_len += pt->length; - vec_add1 (chunks, ch); - op->n_chunks++; - pt++; - } - op->tag = computed_data + computed_data_total_len; - computed_data_total_len += r->tag.length; - } - else - { - ct = r->ct_chunks; - op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS; - op->chunk_index = vec_len (chunks); - while (ct->data) - { - clib_memset (&ch, 0, sizeof (ch)); - ch.src = ct->data; - ch.len = ct->length; - ch.dst = computed_data + computed_data_total_len; - computed_data_total_len += ct->length; - vec_add1 (chunks, ch); - op->n_chunks++; - ct++; - } - op->tag = r->tag.data; - } - op->tag_len = r->tag.length; - } - else - { - op->iv = r->iv.data; - op->key_index = vnet_crypto_key_add (vm, r->alg, - r->key.data, - r->key.length); - vec_add1 (key_indices, op->key_index); - op->aad = r->aad.data; - op->aad_len = r->aad.length; - op->len = r->plaintext.length; - op->dst = computed_data + computed_data_total_len; - computed_data_total_len += r->ciphertext.length; - - if (t == VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT) - { - op->src = r->plaintext.data; - op->tag = computed_data + computed_data_total_len; - computed_data_total_len += r->tag.length; - } - else - { - op->tag = r->tag.data; - op->src = r->ciphertext.data; - } - op->tag_len = r->tag.length; - } + if (!ad->is_aead) + { + op->iv = r->iv.data; + op->key_index = + vnet_crypto_key_add (vm, r->alg, r->key.data, r->key.length); + vec_add1 (key_indices, op->key_index); + + if (r->is_chained) + { + pt = r->pt_chunks; + ct = r->ct_chunks; + op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS; + op->chunk_index = vec_len (chunks); + while (pt->data) + { + ch.src = t == VNET_CRYPTO_OP_TYPE_ENCRYPT ? pt->data : + ct->data; + ch.len = pt->length; + ch.dst = computed_data + computed_data_total_len; + computed_data_total_len += pt->length; + vec_add1 (chunks, ch); + op->n_chunks++; + pt++; + ct++; + } + } + else + { + op->len = r->plaintext.length; + op->src = t == VNET_CRYPTO_OP_TYPE_ENCRYPT ? + r->plaintext.data : + r->ciphertext.data; + op->dst = computed_data + computed_data_total_len; + computed_data_total_len += r->ciphertext.length; + } + } + else + { + if (r->is_chained) + { + op->iv = r->iv.data; + op->key_index = vnet_crypto_key_add ( + vm, r->alg, r->key.data, r->key.length); + vec_add1 (key_indices, op->key_index); + op->aad = r->aad.data; + op->aad_len = r->aad.length; + if (t == VNET_CRYPTO_OP_TYPE_ENCRYPT) + { + pt = r->pt_chunks; + op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS; + op->chunk_index = vec_len (chunks); + while (pt->data) + { + clib_memset (&ch, 0, sizeof (ch)); + ch.src = pt->data; + ch.len = pt->length; + ch.dst = computed_data + computed_data_total_len; + computed_data_total_len += pt->length; + vec_add1 (chunks, ch); + op->n_chunks++; + pt++; + } + op->tag = computed_data + computed_data_total_len; + computed_data_total_len += r->tag.length; + } + else + { + ct = r->ct_chunks; + op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS; + op->chunk_index = vec_len (chunks); + while (ct->data) + { + clib_memset (&ch, 0, sizeof (ch)); + ch.src = ct->data; + ch.len = ct->length; + ch.dst = computed_data + computed_data_total_len; + computed_data_total_len += ct->length; + vec_add1 (chunks, ch); + op->n_chunks++; + ct++; + } + op->tag = r->tag.data; + } + op->tag_len = r->tag.length; + } + else + { + op->iv = r->iv.data; + op->key_index = vnet_crypto_key_add ( + vm, r->alg, r->key.data, r->key.length); + vec_add1 (key_indices, op->key_index); + op->aad = r->aad.data; + op->aad_len = r->aad.length; + op->len = r->plaintext.length; + op->dst = computed_data + computed_data_total_len; + computed_data_total_len += r->ciphertext.length; + + if (t == VNET_CRYPTO_OP_TYPE_ENCRYPT) + { + op->src = r->plaintext.data; + op->tag = computed_data + computed_data_total_len; + computed_data_total_len += r->tag.length; + } + else + { + op->tag = r->tag.data; + op->src = r->ciphertext.data; + } + op->tag_len = r->tag.length; + } + } break; case VNET_CRYPTO_OP_TYPE_HMAC: if (r->is_chained) @@ -729,37 +714,8 @@ test_crypto (vlib_main_t * vm, crypto_test_main_t * tm) switch (i) { case VNET_CRYPTO_OP_TYPE_ENCRYPT: - if (r->plaintext_incremental) - { - computed_data_total_incr_len += r->plaintext_incremental; - n_ops_incr += 1; - } - /* fall though */ - case VNET_CRYPTO_OP_TYPE_DECRYPT: - case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT: - if (r->is_chained) - { - ct = r->ct_chunks; - j = 0; - while (ct->data) - { - if (j > CRYPTO_TEST_MAX_OP_CHUNKS) - return clib_error_return (0, - "test case '%s' exceeds extra data!", - r->name); - computed_data_total_len += ct->length; - ct++; - j++; - } - n_chained_ops += 1; - } - else if (!r->plaintext_incremental) - { - computed_data_total_len += r->ciphertext.length; - n_ops_static += 1; - } - break; - case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT: + if (ad->is_aead) + { if (r->plaintext_incremental) { computed_data_total_incr_len += r->plaintext_incremental; @@ -777,9 +733,9 @@ test_crypto (vlib_main_t * vm, crypto_test_main_t * tm) while (ct->data) { if (j > CRYPTO_TEST_MAX_OP_CHUNKS) - return clib_error_return (0, - "test case '%s' exceeds extra data!", - r->name); + return clib_error_return ( + 0, "test case '%s' exceeds extra data!", + r->name); computed_data_total_len += ct->length; ct++; j++; @@ -790,6 +746,36 @@ test_crypto (vlib_main_t * vm, crypto_test_main_t * tm) n_ops_static += 1; } break; + } + + if (r->plaintext_incremental) + { + computed_data_total_incr_len += r->plaintext_incremental; + n_ops_incr += 1; + } + /* fall though */ + case VNET_CRYPTO_OP_TYPE_DECRYPT: + if (r->is_chained) + { + ct = r->ct_chunks; + j = 0; + while (ct->data) + { + if (j > CRYPTO_TEST_MAX_OP_CHUNKS) + return clib_error_return ( + 0, "test case '%s' exceeds extra data!", r->name); + computed_data_total_len += ct->length; + ct++; + j++; + } + n_chained_ops += 1; + } + else if (!r->plaintext_incremental) + { + computed_data_total_len += r->ciphertext.length; + n_ops_static += 1; + } + break; case VNET_CRYPTO_OP_TYPE_HMAC: if (r->plaintext_incremental) { @@ -923,23 +909,15 @@ test_crypto_perf (vlib_main_t * vm, crypto_test_main_t * tm) op1->src = op2->src = op1->dst = op2->dst = b->data; op1->key_index = op2->key_index = key_index; op1->iv = op2->iv = b->data - 64; - n_bytes += op1->len = op2->len = buffer_size; - break; - case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT: - case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT: - vnet_crypto_op_init (op1, - ad->op_by_type - [VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT]); - vnet_crypto_op_init (op2, - ad->op_by_type - [VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT]); - op1->src = op2->src = op1->dst = op2->dst = b->data; - op1->key_index = op2->key_index = key_index; - op1->tag = op2->tag = b->data - 32; - op1->iv = op2->iv = b->data - 64; - op1->aad = op2->aad = b->data - VLIB_BUFFER_PRE_DATA_SIZE; - op1->aad_len = op2->aad_len = 64; - op1->tag_len = op2->tag_len = 16; + + if (ad->is_aead) + { + op1->tag = op2->tag = b->data - 32; + op1->aad = op2->aad = b->data - VLIB_BUFFER_PRE_DATA_SIZE; + op1->aad_len = op2->aad_len = 64; + op1->tag_len = op2->tag_len = 16; + } + n_bytes += op1->len = op2->len = buffer_size; break; case VNET_CRYPTO_OP_TYPE_HMAC: diff --git a/src/vnet/crypto/crypto.c b/src/vnet/crypto/crypto.c index ff6b42a4382..396b8d4ca6a 100644 --- a/src/vnet/crypto/crypto.c +++ b/src/vnet/crypto/crypto.c @@ -669,29 +669,19 @@ static void vnet_crypto_init_cipher_data (vnet_crypto_alg_t alg, vnet_crypto_op_id_t eid, vnet_crypto_op_id_t did, char *name, u8 is_aead) { - vnet_crypto_op_type_t eopt, dopt; vnet_crypto_main_t *cm = &crypto_main; cm->algs[alg].name = name; + cm->algs[alg].is_aead = is_aead; cm->opt_data[eid].alg = cm->opt_data[did].alg = alg; cm->opt_data[eid].active_engine_index_simple = ~0; cm->opt_data[did].active_engine_index_simple = ~0; cm->opt_data[eid].active_engine_index_chained = ~0; cm->opt_data[did].active_engine_index_chained = ~0; - if (is_aead) - { - eopt = VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT; - dopt = VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT; - } - else - { - eopt = VNET_CRYPTO_OP_TYPE_ENCRYPT; - dopt = VNET_CRYPTO_OP_TYPE_DECRYPT; - } - cm->opt_data[eid].type = eopt; - cm->opt_data[did].type = dopt; - cm->algs[alg].op_by_type[eopt] = eid; - cm->algs[alg].op_by_type[dopt] = did; + cm->opt_data[eid].type = VNET_CRYPTO_OP_TYPE_ENCRYPT; + cm->opt_data[did].type = VNET_CRYPTO_OP_TYPE_DECRYPT; + cm->algs[alg].op_by_type[VNET_CRYPTO_OP_TYPE_ENCRYPT] = eid; + cm->algs[alg].op_by_type[VNET_CRYPTO_OP_TYPE_DECRYPT] = did; hash_set_mem (cm->alg_index_by_name, name, alg); } diff --git a/src/vnet/crypto/crypto.h b/src/vnet/crypto/crypto.h index a0e7c261149..daaff8e0333 100644 --- a/src/vnet/crypto/crypto.h +++ b/src/vnet/crypto/crypto.h @@ -60,8 +60,6 @@ #define foreach_crypto_op_type \ _ (ENCRYPT, "encrypt") \ _ (DECRYPT, "decrypt") \ - _ (AEAD_ENCRYPT, "aead-encrypt") \ - _ (AEAD_DECRYPT, "aead-decrypt") \ _ (HMAC, "hmac") \ _ (HASH, "hash") @@ -250,6 +248,7 @@ typedef enum typedef struct { char *name; + u8 is_aead : 1; vnet_crypto_op_id_t op_by_type[VNET_CRYPTO_OP_N_TYPES]; } vnet_crypto_alg_data_t; |