[lng-odp] [API-NEXT PATCH v3 2/6] api: crypto: add HMAC-SHA-256-128 support

Nicolas Morey-Chaisemartin Mon, 09 Nov 2015 05:40:57 -0800

Signed-off-by: Nicolas Morey-Chaisemartin <nmo...@kalray.eu>
---
 include/odp/api/crypto.h                           |  2 +
 .../linux-generic/include/odp_crypto_internal.h    |  4 +
 platform/linux-generic/odp_crypto.c                | 89 ++++++++++++++++++++++
 3 files changed, 95 insertions(+)


diff --git a/include/odp/api/crypto.h b/include/odp/api/crypto.h
index cc204a1..579354d 100644
--- a/include/odp/api/crypto.h
+++ b/include/odp/api/crypto.h
@@ -78,6 +78,8 @@ typedef enum {
        ODP_AUTH_ALG_NULL,
        /** HMAC-MD5 with 96 bit key */
        ODP_AUTH_ALG_MD5_96,
+       /** SHA256 with 128 bit key */
+       ODP_AUTH_ALG_SHA256_128,
 } odp_auth_alg_t;
 
 /**
diff --git a/platform/linux-generic/include/odp_crypto_internal.h 
b/platform/linux-generic/include/odp_crypto_internal.h
index 23fec04..10bcfd4 100644
--- a/platform/linux-generic/include/odp_crypto_internal.h
+++ b/platform/linux-generic/include/odp_crypto_internal.h
@@ -56,6 +56,10 @@ struct odp_crypto_generic_session {
                                uint8_t  key[16];
                                uint32_t bytes;
                        } md5;
+                       struct {
+                               uint8_t  key[32];
+                               uint32_t bytes;
+                       } sha256;
                } data;
                crypto_func_t func;
        } auth;
diff --git a/platform/linux-generic/odp_crypto.c 
b/platform/linux-generic/odp_crypto.c
index e3bc557..ed3d14c 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -140,6 +140,72 @@ odp_crypto_alg_err_t md5_check(odp_crypto_op_params_t 
*params,
 }
 
 static
+odp_crypto_alg_err_t sha256_gen(odp_crypto_op_params_t *params,
+                               odp_crypto_generic_session_t *session)
+{
+       uint8_t *data  = odp_packet_data(params->out_pkt);
+       uint8_t *icv   = data;
+       uint32_t len   = params->auth_range.length;
+       uint8_t  hash[EVP_MAX_MD_SIZE];
+
+       /* Adjust pointer for beginning of area to auth */
+       data += params->auth_range.offset;
+       icv  += params->hash_result_offset;
+
+       /* Hash it */
+       HMAC(EVP_sha256(),
+            session->auth.data.sha256.key,
+            32,
+            data,
+            len,
+            hash,
+            NULL);
+
+       /* Copy to the output location */
+       memcpy(icv, hash, session->auth.data.sha256.bytes);
+
+       return ODP_CRYPTO_ALG_ERR_NONE;
+}
+
+static
+odp_crypto_alg_err_t sha256_check(odp_crypto_op_params_t *params,
+                                 odp_crypto_generic_session_t *session)
+{
+       uint8_t *data  = odp_packet_data(params->out_pkt);
+       uint8_t *icv   = data;
+       uint32_t len   = params->auth_range.length;
+       uint32_t bytes = session->auth.data.sha256.bytes;
+       uint8_t  hash_in[EVP_MAX_MD_SIZE];
+       uint8_t  hash_out[EVP_MAX_MD_SIZE];
+
+       /* Adjust pointer for beginning of area to auth */
+       data += params->auth_range.offset;
+       icv  += params->hash_result_offset;
+
+       /* Copy current value out and clear it before authentication */
+       memset(hash_in, 0, sizeof(hash_in));
+       memcpy(hash_in, icv, bytes);
+       memset(icv, 0, bytes);
+       memset(hash_out, 0, sizeof(hash_out));
+
+       /* Hash it */
+       HMAC(EVP_sha256(),
+            session->auth.data.sha256.key,
+            32,
+            data,
+            len,
+            hash_out,
+            NULL);
+
+       /* Verify match */
+       if (0 != memcmp(hash_in, hash_out, bytes))
+               return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
+
+       /* Matched */
+       return ODP_CRYPTO_ALG_ERR_NONE;
+}
+
+static
 odp_crypto_alg_err_t des_encrypt(odp_crypto_op_params_t *params,
                                 odp_crypto_generic_session_t *session)
 {
@@ -261,6 +327,26 @@ int process_md5_params(odp_crypto_generic_session_t 
*session,
        return 0;
 }
 
+static
+int process_sha256_params(odp_crypto_generic_session_t *session,
+                         odp_crypto_session_params_t *params,
+                         uint32_t bits)
+{
+       /* Set function */
+       if (ODP_CRYPTO_OP_ENCODE == params->op)
+               session->auth.func = sha256_gen;
+       else
+               session->auth.func = sha256_check;
+
+       /* Number of valid bytes */
+       session->auth.data.sha256.bytes = bits / 8;
+
+       /* Convert keys */
+       memcpy(session->auth.data.sha256.key, params->auth_key.data, 32);
+
+       return 0;
+}
+
 int
 odp_crypto_session_create(odp_crypto_session_params_t *params,
                          odp_crypto_session_t *session_out,
@@ -323,6 +409,9 @@ odp_crypto_session_create(odp_crypto_session_params_t 
*params,
        case ODP_AUTH_ALG_MD5_96:
                rc = process_md5_params(session, params, 96);
                break;
+       case ODP_AUTH_ALG_SHA256_128:
+               rc = process_sha256_params(session, params, 128);
+               break;
        default:
                rc = -1;
        }
-- 
2.6.2.406.gaaaec35


_______________________________________________
lng-odp mailing list
lng-odp@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/lng-odp

[lng-odp] [API-NEXT PATCH v3 2/6] api: crypto: add HMAC-SHA-256-128 support

Reply via email to