packages/libwd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libwd/0040-aead-modify-the-aead-s-request-api.patch

786 lines
24 KiB
Diff
Raw Normal View History

libwd: backport for uadk from 2.3.24 to 2.3.27 Update some patch for uadk from mainline. To get more infomation, please visit the homepage: https://github.com/Linaro/uadk Signed-off-by: Yang Shen <shenyang39@huawei.com>
2022-02-21 03:30:18 +00:00
From c421a68ee4f70675235443f9cc968f264c7a39a6 Mon Sep 17 00:00:00 2001
From: Kai Ye <yekai13@huawei.com>
Date: Thu, 13 Jan 2022 10:37:10 +0800
Subject: [PATCH 43/53] aead: modify the aead's request api
1. Add the parameter of mac address for Openssl engine. Previous
plan not adapted to the Openssl engine, it caused the low performance.
So after modification, user should allocated the mac memory and set
the mac length as doing task.
2. Deleted a parameter in api. the out_buffer_bytes is a redundant
code.
Signed-off-by: Kai Ye <yekai13@huawei.com>
---
drv/hisi_sec.c | 72 ++----------------
include/wd_aead.h | 6 +-
test/hisi_sec_test/test_hisi_sec.c | 116 ++++++++++++++++++++++-------
uadk_tool/sec_uadk_benchmark.c | 33 ++++----
wd_aead.c | 46 ++++++++----
5 files changed, 152 insertions(+), 121 deletions(-)
diff --git a/drv/hisi_sec.c b/drv/hisi_sec.c
index d31a1b9..f5db7eb 100644
--- a/drv/hisi_sec.c
+++ b/drv/hisi_sec.c
@@ -73,8 +73,8 @@
/* The max BD data length is 16M-512B */
#define MAX_INPUT_DATA_LEN 0xFFFE00
#define MAX_CCM_AAD_LEN 65279
-#define SHA1_ALIGN_SZ 64
-#define SHA512_ALIGN_SZ 128
+#define SHA1_ALIGN_SZ 64U
+#define SHA512_ALIGN_SZ 128U
#define AUTHPAD_OFFSET 2
#define AUTHTYPE_OFFSET 6
@@ -1739,48 +1739,12 @@ static void set_aead_auth_iv(struct wd_aead_msg *msg)
}
}
-static void fill_aead_mac_addr_pbuff(struct wd_aead_msg *msg, __u64 *mac_addr)
-{
- __u64 addr = 0;
-
- if (msg->op_type == WD_CIPHER_DECRYPTION_DIGEST)
- addr = (__u64)(uintptr_t)msg->in + msg->in_bytes + msg->assoc_bytes;
-
- /* AEAD output MAC addr use out addr */
- if (msg->op_type == WD_CIPHER_ENCRYPTION_DIGEST)
- addr = (__u64)(uintptr_t)msg->out + msg->out_bytes - msg->auth_bytes;
-
- *mac_addr = addr;
-}
-
-static void fill_aead_mac_addr_sgl(struct wd_aead_msg *msg, __u64 *mac_addr)
-{
- msg->mac = calloc(1, msg->auth_bytes);
- if (!msg->mac) {
- WD_ERR("failed to alloc mac memory!\n");
- return;
- }
-
- if (msg->op_type == WD_CIPHER_DECRYPTION_DIGEST)
- hisi_qm_sgl_copy(msg->mac, msg->in,
- msg->in_bytes + msg->assoc_bytes,
- msg->auth_bytes, COPY_SGL_TO_PBUFF);
-
- *mac_addr = (__u64)(uintptr_t)msg->mac;
-}
-
static void fill_aead_bd2_addr(struct wd_aead_msg *msg,
struct hisi_sec_sqe *sqe)
{
sqe->type2.data_src_addr = (__u64)(uintptr_t)msg->in;
sqe->type2.data_dst_addr = (__u64)(uintptr_t)msg->out;
-
- /* AEAD input MAC addr use in addr */
- if (msg->data_fmt == WD_FLAT_BUF)
- fill_aead_mac_addr_pbuff(msg, &sqe->type2.mac_addr);
- else
- fill_aead_mac_addr_sgl(msg, &sqe->type2.mac_addr);
-
+ sqe->type2.mac_addr = (__u64)(uintptr_t)msg->mac;
sqe->type2.c_key_addr = (__u64)(uintptr_t)msg->ckey;
sqe->type2.a_key_addr = (__u64)(uintptr_t)msg->akey;
sqe->type2.c_ivin_addr = (__u64)(uintptr_t)msg->iv;
@@ -1939,7 +1903,7 @@ static void parse_aead_bd2(struct hisi_sec_sqe *sqe,
if (recv_msg->auth_bytes == 0)
recv_msg->auth_bytes = sqe->type2.icvw_kmode &
SEC_AUTH_LEN_MASK;
- recv_msg->out_bytes = sqe->type2.clen_ivhlen + recv_msg->auth_bytes +
+ recv_msg->out_bytes = sqe->type2.clen_ivhlen +
sqe->type2.cipher_src_offset;
#ifdef DEBUG
@@ -1961,15 +1925,9 @@ int hisi_sec_aead_recv(handle_t ctx, struct wd_aead_msg *recv_msg)
parse_aead_bd2(&sqe, recv_msg);
- if (recv_msg->data_fmt == WD_SGL_BUF) {
- if (sqe.type_auth_cipher & (SEC_CIPHER_ENC << SEC_CIPHER_OFFSET))
- hisi_qm_sgl_copy(recv_msg->mac, recv_msg->out,
- recv_msg->out_bytes - recv_msg->auth_bytes,
- recv_msg->auth_bytes, COPY_PBUFF_TO_SGL);
-
+ if (recv_msg->data_fmt == WD_SGL_BUF)
hisi_sec_put_sgl(h_qp, recv_msg->alg_type, recv_msg->in,
recv_msg->out);
- }
return 0;
}
@@ -2089,18 +2047,10 @@ static int fill_aead_bd3_mode(struct wd_aead_msg *msg,
static void fill_aead_bd3_addr(struct wd_aead_msg *msg,
struct hisi_sec_sqe3 *sqe)
{
- __u64 mac_addr;
-
sqe->data_src_addr = (__u64)(uintptr_t)msg->in;
sqe->data_dst_addr = (__u64)(uintptr_t)msg->out;
- /* AEAD input MAC addr use in and out addr */
- if (msg->data_fmt == WD_FLAT_BUF)
- fill_aead_mac_addr_pbuff(msg, &mac_addr);
- else
- fill_aead_mac_addr_sgl(msg, &mac_addr);
-
- sqe->mac_addr = mac_addr;
+ sqe->mac_addr = (__u64)(uintptr_t)msg->mac;
sqe->c_key_addr = (__u64)(uintptr_t)msg->ckey;
sqe->a_key_addr = (__u64)(uintptr_t)msg->akey;
sqe->no_scene.c_ivin_addr = (__u64)(uintptr_t)msg->iv;
@@ -2237,7 +2187,7 @@ static void parse_aead_bd3(struct hisi_sec_sqe3 *sqe,
if (recv_msg->auth_bytes == 0)
recv_msg->auth_bytes = (sqe->c_icv_key >> SEC_MAC_OFFSET_V3) &
SEC_MAC_LEN_MASK;
- recv_msg->out_bytes = sqe->c_len_ivin + recv_msg->auth_bytes +
+ recv_msg->out_bytes = sqe->c_len_ivin +
sqe->cipher_src_offset;
#ifdef DEBUG
@@ -2259,15 +2209,9 @@ int hisi_sec_aead_recv_v3(handle_t ctx, struct wd_aead_msg *recv_msg)
parse_aead_bd3(&sqe, recv_msg);
- if (recv_msg->data_fmt == WD_SGL_BUF) {
- if (sqe.c_icv_key & SEC_CIPHER_ENC)
- hisi_qm_sgl_copy(recv_msg->mac, recv_msg->out,
- recv_msg->out_bytes - recv_msg->auth_bytes,
- recv_msg->auth_bytes, COPY_PBUFF_TO_SGL);
-
+ if (recv_msg->data_fmt == WD_SGL_BUF)
hisi_sec_put_sgl(h_qp, recv_msg->alg_type,
recv_msg->in, recv_msg->out);
- }
return 0;
}
diff --git a/include/wd_aead.h b/include/wd_aead.h
index f169812..a632cd8 100644
--- a/include/wd_aead.h
+++ b/include/wd_aead.h
@@ -52,11 +52,12 @@ typedef void *wd_alg_aead_cb_t(struct wd_aead_req *req, void *cb_param);
* @ op_type: denoted by enum wd_aead_op_type
* @ src: input data pointer
* @ dst: output data pointer
+ * @ mac: mac data pointer
* @ iv: input iv pointer
* @ in_bytes: input data length
* @ out_bytes: output data length
- * @ out_buf_bytes: output data buffer length
* @ iv_bytes: input iv length
+ * @ mac_bytes: mac data buffer length
* @ assoc_bytes: input associated data length
* @ state: operation result, denoted by WD error code
* @ cb: callback function pointer
@@ -72,11 +73,12 @@ struct wd_aead_req {
struct wd_datalist *list_dst;
void *dst;
};
+ void *mac;
void *iv;
__u32 in_bytes;
__u32 out_bytes;
- __u32 out_buf_bytes;
__u16 iv_bytes;
+ __u16 mac_bytes;
__u16 assoc_bytes;
__u16 state;
__u8 data_fmt;
diff --git a/test/hisi_sec_test/test_hisi_sec.c b/test/hisi_sec_test/test_hisi_sec.c
index dda291d..6f27cd1 100644
--- a/test/hisi_sec_test/test_hisi_sec.c
+++ b/test/hisi_sec_test/test_hisi_sec.c
@@ -279,6 +279,7 @@ static void dump_mem(int sgl, unsigned char *buf, size_t len)
if ((i + 1) % 8 == 0)
SEC_TST_PRT("\n");
}
+ SEC_TST_PRT("\n");
}
}
@@ -2523,6 +2524,7 @@ static int sec_aead_sync_once(void)
unsigned long Perf = 0;
float speed, time_used;
unsigned long cnt = g_times;
+ __u16 mac_bytes;
__u16 auth_size;
__u16 in_size;
__u16 iv_len;
@@ -2553,8 +2555,7 @@ static int sec_aead_sync_once(void)
/* should set key */
dump_mem(WD_FLAT_BUF, (void *)tv->key, tv->klen);
- if (setup.cmode == WD_CIPHER_CCM ||
- setup.cmode == WD_CIPHER_GCM) {
+ if (setup.cmode == WD_CIPHER_CCM || setup.cmode == WD_CIPHER_GCM) {
ret = wd_aead_set_ckey(h_sess, (const __u8*)tv->key, tv->klen);
if (ret) {
SEC_TST_PRT("aead sess set key failed!\n");
@@ -2576,6 +2577,7 @@ static int sec_aead_sync_once(void)
}
auth_size = (__u16)(tv->clen - tv->plen);
+ mac_bytes = auth_size;
ret = wd_aead_set_authsize(h_sess, auth_size);
if (ret) {
SEC_TST_PRT("set auth size fail, authsize: %u\n", auth_size);
@@ -2596,6 +2598,18 @@ static int sec_aead_sync_once(void)
}
SEC_TST_PRT("aead get max auth size: %u\n", ret);
+ if (setup.cmode == WD_CIPHER_CCM || setup.cmode == WD_CIPHER_GCM)
+ mac_bytes = 16;
+
+ req.mac = malloc(mac_bytes);
+ if (!req.mac) {
+ SEC_TST_PRT("req iv mem malloc failed!\n");
+ ret = -ENOMEM;
+ goto out_key;
+ }
+ memset(req.mac, 0, mac_bytes);
+ req.mac_bytes = mac_bytes;
+
if (g_direction == 0)
req.op_type = WD_CIPHER_ENCRYPTION_DIGEST;
else
@@ -2609,7 +2623,7 @@ static int sec_aead_sync_once(void)
}
if (in_size > BUFF_SIZE) {
SEC_TST_PRT("alloc in buffer block size too small!\n");
- goto out_key;
+ goto out_mac;
}
unit_sz = cal_unit_sz(in_size, g_sgl_num);
void *src = create_buf(WD_FLAT_BUF, in_size, unit_sz);
@@ -2627,10 +2641,14 @@ static int sec_aead_sync_once(void)
req.in_bytes = tv->plen;
} else {
memcpy(src, tv->assoc, tv->alen);
- memcpy((src + req.assoc_bytes), tv->ctext, tv->clen);
+ memcpy(src + req.assoc_bytes, tv->ctext, tv->clen - auth_size);
req.in_bytes = tv->clen - auth_size;
+ memcpy(req.mac, tv->ctext + tv->clen - auth_size, auth_size);
}
+ SEC_TST_PRT("mac addr src is:\n");
+ dump_mem(0, req.mac, auth_size);
+
req.src = create_buf(g_data_fmt, in_size, unit_sz);
if (!req.src) {
ret = -ENOMEM;
@@ -2643,21 +2661,19 @@ static int sec_aead_sync_once(void)
dump_mem(g_data_fmt, req.src, tv->alen + req.in_bytes);
if (g_direction == 0) {
- req.out_bytes = req.assoc_bytes + tv->clen;
+ req.out_bytes = req.assoc_bytes + tv->clen - auth_size;
} else {
req.out_bytes = req.assoc_bytes + tv->plen;
}
- req.out_buf_bytes = req.out_bytes + auth_size;
// alloc out buffer memory
- unit_sz = cal_unit_sz(req.out_buf_bytes, g_sgl_num);
- req.dst = create_buf(g_data_fmt, req.out_buf_bytes, unit_sz);
+ unit_sz = cal_unit_sz(req.out_bytes, g_sgl_num);
+ req.dst = create_buf(g_data_fmt, req.out_bytes, unit_sz);
if (!req.dst) {
ret = -ENOMEM;
goto out_dst;
}
- // set iv
req.iv = malloc(AES_BLOCK_SIZE);
if (!req.iv) {
SEC_TST_PRT("req iv mem malloc failed!\n");
@@ -2688,7 +2704,10 @@ static int sec_aead_sync_once(void)
SEC_TST_PRT("Pro-%d, thread_id-%d, speed:%0.3f ops, Perf: %ld KB/s\n", getpid(),
(int)syscall(__NR_gettid), speed, Perf);
+ SEC_TST_PRT("aead dump out addr is:\n");
dump_mem(g_data_fmt, req.dst, req.out_bytes);
+ SEC_TST_PRT("aead dump mac addr is:\n");
+ dump_mem(0, req.mac, auth_size);
free(req.iv);
out_iv:
@@ -2696,6 +2715,8 @@ out_iv:
out_dst:
free_buf(g_data_fmt, req.src);
out_src:
+out_mac:
+ free(req.mac);
out_key:
wd_aead_free_sess(h_sess);
out:
@@ -2827,6 +2848,7 @@ static int sec_aead_async_once(void)
static pthread_t send_td;
static pthread_t poll_td;
thread_data_d td_data;
+ __u16 mac_bytes;
__u16 auth_size;
__u16 in_size;
__u16 iv_len;
@@ -2857,8 +2879,7 @@ static int sec_aead_async_once(void)
/* should set key */
dump_mem(WD_FLAT_BUF, (void *)tv->key, tv->klen);
- if (setup.cmode == WD_CIPHER_CCM ||
- setup.cmode == WD_CIPHER_GCM) {
+ if (setup.cmode == WD_CIPHER_CCM || setup.cmode == WD_CIPHER_GCM) {
ret = wd_aead_set_ckey(h_sess, (const __u8*)tv->key, tv->klen);
if (ret) {
SEC_TST_PRT("aead sess set key failed!\n");
@@ -2880,6 +2901,7 @@ static int sec_aead_async_once(void)
}
auth_size = (__u16)(tv->clen - tv->plen);
+ mac_bytes = auth_size;
ret = wd_aead_set_authsize(h_sess, auth_size);
if (ret) {
SEC_TST_PRT("set auth size fail, authsize: %u\n", auth_size);
@@ -2898,6 +2920,17 @@ static int sec_aead_async_once(void)
goto out_key;
}
SEC_TST_PRT("aead get max auth size: %u\n", ret);
+ if (setup.cmode == WD_CIPHER_CCM || setup.cmode == WD_CIPHER_GCM)
+ mac_bytes = 16;
+
+ req.mac = malloc(mac_bytes);
+ if (!req.mac) {
+ SEC_TST_PRT("req iv mem malloc failed!\n");
+ ret = -ENOMEM;
+ goto out_key;
+ }
+ memset(req.mac, 0, mac_bytes);
+ req.mac_bytes = mac_bytes;
if (g_direction == 0)
req.op_type = WD_CIPHER_ENCRYPTION_DIGEST;
@@ -2908,7 +2941,7 @@ static int sec_aead_async_once(void)
in_size = tv->alen + tv->plen + auth_size;
if (in_size > BUFF_SIZE) {
SEC_TST_PRT("alloc in buffer block size too small!\n");
- goto out_key;
+ goto out_mac;
}
req.assoc_bytes = tv->alen;
unit_sz = cal_unit_sz(BUFF_SIZE, g_sgl_num);
@@ -2931,15 +2964,15 @@ static int sec_aead_async_once(void)
req.in_bytes = tv->plen;
} else {
memcpy(src, tv->assoc, tv->alen);
- memcpy((src + tv->alen), tv->ctext, tv->clen);
+ memcpy(src + tv->alen, tv->ctext, tv->clen - auth_size);
req.in_bytes = tv->clen - auth_size;
+ memcpy(req.mac, tv->ctext + tv->clen - auth_size, auth_size);
}
-
copy_mem(g_data_fmt, req.src, WD_FLAT_BUF, src,
(size_t)(req.in_bytes + tv->alen));
free(src);
- SEC_TST_PRT("aead req src in--------->: %u\n", tv->alen + req.in_bytes);
+ SEC_TST_PRT("aead req alen---->: %u. in_bytes--->:%u\n", tv->alen, req.in_bytes);
dump_mem(g_data_fmt, req.src, tv->alen + req.in_bytes);
// alloc out buffer memory
@@ -2949,7 +2982,6 @@ static int sec_aead_async_once(void)
goto out_dst;
}
- req.out_buf_bytes = BUFF_SIZE;
if (g_direction == 0)
req.out_bytes = tv->alen + tv->clen;
else
@@ -3010,6 +3042,8 @@ out_iv:
out_dst:
free_buf(g_data_fmt, req.src);
out_src:
+out_mac:
+ free(req.mac);
out_key:
wd_aead_free_sess(h_sess);
out:
@@ -3026,6 +3060,7 @@ static int sec_aead_sync_multi(void)
struct wd_aead_req req;
static pthread_t sendtd[64];
thread_data_d td_data;
+ __u16 mac_bytes;
__u16 auth_size;
__u16 in_size;
__u16 iv_len;
@@ -3056,8 +3091,7 @@ static int sec_aead_sync_multi(void)
/* should set key */
dump_mem(WD_FLAT_BUF, (void *)tv->key, tv->klen);
- if (setup.cmode == WD_CIPHER_CCM ||
- setup.cmode == WD_CIPHER_GCM) {
+ if (setup.cmode == WD_CIPHER_CCM || setup.cmode == WD_CIPHER_GCM) {
ret = wd_aead_set_ckey(h_sess, (const __u8*)tv->key, tv->klen);
if (ret) {
SEC_TST_PRT("aead sess set key failed!\n");
@@ -3079,6 +3113,7 @@ static int sec_aead_sync_multi(void)
}
auth_size = (__u16)(tv->clen - tv->plen);
+ mac_bytes = auth_size;
ret = wd_aead_set_authsize(h_sess, auth_size);
if (ret) {
SEC_TST_PRT("set auth size fail, authsize: %u\n", auth_size);
@@ -3098,6 +3133,18 @@ static int sec_aead_sync_multi(void)
}
SEC_TST_PRT("aead get max auth size: %u\n", ret);
+ if (setup.cmode == WD_CIPHER_CCM || setup.cmode == WD_CIPHER_GCM)
+ mac_bytes = 16;
+
+ req.mac = malloc(mac_bytes);
+ if (!req.mac) {
+ SEC_TST_PRT("req iv mem malloc failed!\n");
+ ret = -ENOMEM;
+ goto out_key;
+ }
+ memset(req.mac, 0, mac_bytes);
+ req.mac_bytes = mac_bytes;
+
if (g_direction == 0)
req.op_type = WD_CIPHER_ENCRYPTION_DIGEST;
else
@@ -3108,7 +3155,7 @@ static int sec_aead_sync_multi(void)
in_size = tv->alen + tv->plen + auth_size;
if (in_size > BUFF_SIZE) {
SEC_TST_PRT("alloc in buffer block size too small!\n");
- goto out_key;
+ goto out_mac;
}
unit_sz = cal_unit_sz(BUFF_SIZE, g_sgl_num);
void *src = create_buf(WD_FLAT_BUF, BUFF_SIZE, unit_sz);
@@ -3123,8 +3170,9 @@ static int sec_aead_sync_multi(void)
req.in_bytes = tv->plen;
} else {
memcpy(src, tv->assoc, tv->alen);
- memcpy((src + tv->alen), tv->ctext, tv->clen);
+ memcpy(src + tv->alen, tv->ctext, tv->clen - auth_size);
req.in_bytes = tv->clen - auth_size;
+ memcpy(req.mac, tv->ctext + tv->clen - auth_size, auth_size);
}
req.src = create_buf(g_data_fmt, in_size, unit_sz);
@@ -3137,7 +3185,7 @@ static int sec_aead_sync_multi(void)
(size_t)(req.in_bytes + tv->alen));
free(src);
- SEC_TST_PRT("aead req src in--------->: %u\n", tv->alen + req.in_bytes);
+ SEC_TST_PRT("aead req src in>: alen:%u, input len:%d\n", tv->alen, req.in_bytes);
dump_mem(g_data_fmt, req.src, tv->alen + req.in_bytes);
// alloc out buffer memory
@@ -3147,7 +3195,6 @@ static int sec_aead_sync_multi(void)
goto out_dst;
}
- req.out_buf_bytes = BUFF_SIZE;
if (g_direction == 0)
req.out_bytes = tv->alen + tv->clen;
else
@@ -3175,6 +3222,7 @@ static int sec_aead_sync_multi(void)
td_data.recv_num = g_times;
td_data.sum_perf = 0;
+ printf("%s, req->in_bytes:%d\n", __func__, req.in_bytes);
for (i = 0; i < g_thread_num; i++) {
ret = pthread_create(&sendtd[i], NULL, aead_sync_send_thread, &td_data);
if (ret) {
@@ -3200,6 +3248,8 @@ out_iv:
out_dst:
free_buf(g_data_fmt, req.src);
out_src:
+out_mac:
+ free(req.mac);
out_key:
wd_aead_free_sess(h_sess);
out:
@@ -3217,6 +3267,7 @@ static int sec_aead_async_multi(void)
static pthread_t send_td[64];
static pthread_t poll_td;
thread_data_d td_data;
+ __u16 mac_bytes;
__u16 auth_size;
__u16 in_size;
__u16 iv_len;
@@ -3247,8 +3298,7 @@ static int sec_aead_async_multi(void)
/* should set key */
dump_mem(WD_FLAT_BUF, (void *)tv->key, tv->klen);
- if (setup.cmode == WD_CIPHER_CCM ||
- setup.cmode == WD_CIPHER_GCM) {
+ if (setup.cmode == WD_CIPHER_CCM || setup.cmode == WD_CIPHER_GCM) {
ret = wd_aead_set_ckey(h_sess, (const __u8*)tv->key, tv->klen);
if (ret) {
SEC_TST_PRT("aead sess set key failed!\n");
@@ -3270,6 +3320,7 @@ static int sec_aead_async_multi(void)
}
auth_size = (__u16)(tv->clen - tv->plen);
+ mac_bytes = auth_size;
ret = wd_aead_set_authsize(h_sess, auth_size);
if (ret) {
SEC_TST_PRT("set auth size fail, authsize: %u\n", auth_size);
@@ -3289,6 +3340,15 @@ static int sec_aead_async_multi(void)
}
SEC_TST_PRT("aead get max auth size: %u\n", ret);
+ if (setup.cmode == WD_CIPHER_CCM || setup.cmode == WD_CIPHER_GCM)
+ mac_bytes = 16;
+
+ req.mac = malloc(mac_bytes);
+ if (req.mac == NULL)
+ goto out;
+ memset(req.mac, 0, mac_bytes);
+ req.mac_bytes = mac_bytes;
+
if (g_direction == 0)
req.op_type = WD_CIPHER_ENCRYPTION_DIGEST;
else
@@ -3321,8 +3381,9 @@ static int sec_aead_async_multi(void)
req.in_bytes = tv->plen;
} else {
memcpy(src, tv->assoc, tv->alen);
- memcpy((src + tv->alen), tv->ctext, tv->clen);
+ memcpy(src + tv->alen, tv->ctext, tv->clen - auth_size);
req.in_bytes = tv->clen - auth_size;
+ memcpy(req.mac, tv->ctext + (tv->clen - auth_size), auth_size);
}
copy_mem(g_data_fmt, req.src, WD_FLAT_BUF, src,
@@ -3338,9 +3399,8 @@ static int sec_aead_async_multi(void)
ret = -1;
goto out;
}
- req.out_buf_bytes = BUFF_SIZE;
if (g_direction == 0)
- req.out_bytes = tv->alen + tv->clen;
+ req.out_bytes = tv->alen + tv->clen - auth_size;
else
req.out_bytes = tv->alen + tv->plen;
@@ -3396,6 +3456,8 @@ static int sec_aead_async_multi(void)
dump_mem(g_data_fmt, req.dst, req.out_bytes);
out:
+ if (req.mac)
+ free(req.mac);
if (req.src)
free_buf(g_data_fmt, req.src);
if (req.dst)
diff --git a/uadk_tool/sec_uadk_benchmark.c b/uadk_tool/sec_uadk_benchmark.c
index 40ba227..d68ac25 100644
--- a/uadk_tool/sec_uadk_benchmark.c
+++ b/uadk_tool/sec_uadk_benchmark.c
@@ -24,6 +24,7 @@ struct thread_pool {
struct bd_pool *pool;
u8 *iv;
u8 *key;
+ u8 *mac;
} g_uadk_pool;
typedef struct uadk_thread_res {
@@ -475,6 +476,7 @@ int init_uadk_bd_pool(void)
g_uadk_pool.iv = malloc(g_thread_num * MAX_IVK_LENTH * sizeof(char));
g_uadk_pool.key = malloc(g_thread_num * MAX_IVK_LENTH * sizeof(char));
+ g_uadk_pool.mac = malloc(g_thread_num * MAX_IVK_LENTH * sizeof(char));
g_uadk_pool.pool = malloc(g_thread_num * sizeof(struct bd_pool));
if (!g_uadk_pool.pool) {
@@ -611,9 +613,10 @@ static void *sec_uadk_async_run(void *arg)
struct wd_aead_req areq;
struct wd_digest_req dreq;
struct bd_pool *uadk_pool;
- u8 *priv_iv, *priv_key;
+ u8 *priv_iv, *priv_key, *priv_mac;
int try_cnt = 0;
handle_t h_sess;
+ u32 auth_size = 16;
u32 count = 0;
int ret, i = 0;
@@ -623,6 +626,7 @@ static void *sec_uadk_async_run(void *arg)
uadk_pool = &g_uadk_pool.pool[pdata->td_id];
priv_iv = &g_uadk_pool.iv[pdata->td_id];
priv_key = &g_uadk_pool.key[pdata->td_id];
+ priv_mac = &g_uadk_pool.mac[pdata->td_id];
memset(priv_iv, DEF_IVK_DATA, MAX_IVK_LENTH);
memset(priv_key, DEF_IVK_DATA, MAX_IVK_LENTH);
@@ -687,7 +691,7 @@ static void *sec_uadk_async_run(void *arg)
wd_aead_free_sess(h_sess);
return NULL;
}
- ret = wd_aead_set_authsize(h_sess, 16);
+ ret = wd_aead_set_authsize(h_sess, auth_size);
if (ret) {
SEC_TST_PRT("set auth size fail, authsize: 16\n");
wd_aead_free_sess(h_sess);
@@ -696,16 +700,15 @@ static void *sec_uadk_async_run(void *arg)
areq.op_type = pdata->optype;
areq.iv = priv_iv; // aead IV need update with param
+ areq.mac = priv_mac;
areq.iv_bytes = pdata->ivsize;
+ areq.mac_bytes = auth_size;
areq.assoc_bytes = 16;
areq.in_bytes = g_pktlen;
- if (areq.op_type) {// decrypto
+ if (areq.op_type)// decrypto
areq.out_bytes = g_pktlen + 16; // aadsize = 16;
- areq.out_buf_bytes = areq.out_bytes + 16; // authsize = 16
- } else {
+ else
areq.out_bytes = g_pktlen + 32; // aadsize + authsize = 32;
- areq.out_buf_bytes = areq.out_bytes + 32;
- }
areq.data_fmt = 0;
areq.state = 0;
@@ -795,8 +798,9 @@ static void *sec_uadk_sync_run(void *arg)
struct wd_aead_req areq;
struct wd_digest_req dreq;
struct bd_pool *uadk_pool;
- u8 *priv_iv, *priv_key;
+ u8 *priv_iv, *priv_key, *priv_mac;
handle_t h_sess;
+ u32 auth_size = 16;
u32 count = 0;
int ret, i = 0;
@@ -806,6 +810,7 @@ static void *sec_uadk_sync_run(void *arg)
uadk_pool = &g_uadk_pool.pool[pdata->td_id];
priv_iv = &g_uadk_pool.iv[pdata->td_id];
priv_key = &g_uadk_pool.key[pdata->td_id];
+ priv_mac = &g_uadk_pool.mac[pdata->td_id];
memset(priv_iv, DEF_IVK_DATA, MAX_IVK_LENTH);
memset(priv_key, DEF_IVK_DATA, MAX_IVK_LENTH);
@@ -860,7 +865,7 @@ static void *sec_uadk_sync_run(void *arg)
wd_aead_free_sess(h_sess);
return NULL;
}
- ret = wd_aead_set_authsize(h_sess, 16);
+ ret = wd_aead_set_authsize(h_sess, auth_size);
if (ret) {
SEC_TST_PRT("set auth size fail, authsize: 16\n");
wd_aead_free_sess(h_sess);
@@ -869,16 +874,16 @@ static void *sec_uadk_sync_run(void *arg)
areq.op_type = pdata->optype;
areq.iv = priv_iv; // aead IV need update with param
+ areq.mac = priv_mac;
+ areq.mac_bytes = 16;
areq.iv_bytes = pdata->ivsize;
areq.assoc_bytes = 16;
areq.in_bytes = g_pktlen;
- if (areq.op_type) {// decrypto
+ areq.mac_bytes = auth_size;
+ if (areq.op_type)// decrypto
areq.out_bytes = g_pktlen + 16; // aadsize = 16;
- areq.out_buf_bytes = areq.out_bytes + 16; // authsize = 16
- } else {
+ else
areq.out_bytes = g_pktlen + 32; // aadsize + authsize = 32;
- areq.out_buf_bytes = areq.out_bytes + 32;
- }
areq.data_fmt = 0;
areq.state = 0;
diff --git a/wd_aead.c b/wd_aead.c
index ebad440..670bb33 100644
--- a/wd_aead.c
+++ b/wd_aead.c
@@ -305,6 +305,33 @@ void wd_aead_free_sess(handle_t h_sess)
free(sess);
}
+static int aead_mac_param_check(struct wd_aead_sess *sess,
+ struct wd_aead_req *req)
+{
+ int ret = 0;
+
+ switch (sess->cmode) {
+ case WD_CIPHER_CBC:
+ if (req->mac_bytes < g_aead_mac_len[sess->dalg]) {
+ WD_ERR("failed to check cbc-hmac mac buffer length!\n");
+ ret = -WD_EINVAL;
+ }
+ break;
+ case WD_CIPHER_CCM:
+ case WD_CIPHER_GCM:
+ if (req->mac_bytes < WD_AEAD_CCM_GCM_MAX) {
+ WD_ERR("failed to check CCM or GCM mac buffer length!\n");
+ ret = -WD_EINVAL;
+ }
+ break;
+ default:
+ ret = -WD_EINVAL;
+ WD_ERR("set the aead cmode is error!\n");
+ }
+
+ return ret;
+}
+
static int aead_param_check(struct wd_aead_sess *sess,
struct wd_aead_req *req)
{
@@ -328,33 +355,23 @@ static int aead_param_check(struct wd_aead_sess *sess,
}
if (unlikely(req->iv_bytes != get_iv_block_size(sess->cmode))) {
- WD_ERR("failed to check aead IV length!\n");
+ WD_ERR("failed to check aead IV length, size:%u\n", req->iv_bytes);
return -WD_EINVAL;
}
- if (unlikely(req->out_buf_bytes < req->out_bytes)) {
- WD_ERR("failed to check aead out buffer length!\n");
- return -WD_EINVAL;
- }
-
- if (unlikely(req->op_type == WD_CIPHER_ENCRYPTION_DIGEST &&
- req->out_buf_bytes < (req->out_bytes + sess->auth_bytes))) {
- WD_ERR("failed to check aead type or mac length!\n");
+ ret = aead_mac_param_check(sess, req);
+ if (unlikely(ret))
return -WD_EINVAL;
- }
if (req->data_fmt == WD_SGL_BUF) {
len = req->in_bytes + req->assoc_bytes;
- if (req->op_type == WD_CIPHER_DECRYPTION_DIGEST)
- len += sess->auth_bytes;
-
ret = wd_check_datalist(req->list_src, len);
if (unlikely(ret)) {
WD_ERR("failed to check the src datalist!\n");
return -WD_EINVAL;
}
- ret = wd_check_datalist(req->list_dst, req->out_buf_bytes);
+ ret = wd_check_datalist(req->list_dst, req->out_bytes);
if (unlikely(ret)) {
WD_ERR("failed to check the dst datalist!\n");
return -WD_EINVAL;
@@ -480,6 +497,7 @@ static void fill_request_msg(struct wd_aead_msg *msg, struct wd_aead_req *req,
msg->iv = req->iv;
msg->iv_bytes = req->iv_bytes;
msg->assoc_bytes = req->assoc_bytes;
+ msg->mac = req->mac;
msg->auth_bytes = sess->auth_bytes;
msg->data_fmt = req->data_fmt;
}
--
2.25.1
Reference in New Issue Copy Permalink