97 lines
3.4 KiB
Diff
97 lines
3.4 KiB
Diff
From b20d26a878066c2697ab060ea2bb6f6053434a2c Mon Sep 17 00:00:00 2001
|
|
From: Wenkai Lin <linwenkai6@hisilicon.com>
|
|
Date: Fri, 22 Sep 2023 14:00:36 +0800
|
|
Subject: [PATCH 36/38] uadk: bugfix for aead set decrypt mac for stream mode
|
|
|
|
For the aead stream mode, packets are sent in three phases:
|
|
first, middle and final, user may deliver the decrypt mac through
|
|
the first or final message.
|
|
|
|
Currently uadk stores the first message's mac to the session,
|
|
then restore it when process the final message, it can't work
|
|
when the first message does not carry a valid decrypt mac.
|
|
|
|
Now uadk can cache the mac calculated based on the first message
|
|
and the middle message to the session and use the decrypt mac
|
|
until the final message is processed.
|
|
|
|
Signed-off-by: Wenkai Lin <linwenkai6@hisilicon.com>
|
|
---
|
|
drv/hisi_sec.c | 4 ++--
|
|
include/drv/wd_aead_drv.h | 2 +-
|
|
wd_aead.c | 14 +++++++++-----
|
|
3 files changed, 12 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/drv/hisi_sec.c b/drv/hisi_sec.c
|
|
index 2c71090..0ea1870 100644
|
|
--- a/drv/hisi_sec.c
|
|
+++ b/drv/hisi_sec.c
|
|
@@ -2271,7 +2271,7 @@ static void gcm_auth_ivin(struct wd_aead_msg *msg)
|
|
|
|
/* Use the user's origin mac for decrypt icv check */
|
|
if (msg->op_type == WD_CIPHER_DECRYPTION_DIGEST)
|
|
- memcpy(msg->mac, msg->mac_bak, msg->auth_bytes);
|
|
+ memcpy(msg->mac, msg->dec_mac, msg->auth_bytes);
|
|
}
|
|
|
|
static void fill_gcm_first_bd2(struct wd_aead_msg *msg, struct hisi_sec_sqe *sqe)
|
|
@@ -2364,7 +2364,7 @@ static int gcm_do_soft_mac(struct wd_aead_msg *msg)
|
|
msg->mac[i] = g[i] ^ ctr_r[i];
|
|
|
|
if (msg->op_type == WD_CIPHER_DECRYPTION_DIGEST) {
|
|
- ret = memcmp(msg->mac, msg->mac_bak, msg->auth_bytes);
|
|
+ ret = memcmp(msg->mac, msg->dec_mac, msg->auth_bytes);
|
|
if (ret) {
|
|
msg->result = WD_IN_EPARA;
|
|
WD_ERR("failed to do the gcm authentication!\n");
|
|
diff --git a/include/drv/wd_aead_drv.h b/include/drv/wd_aead_drv.h
|
|
index 5e4f73a..a9c0e7c 100644
|
|
--- a/include/drv/wd_aead_drv.h
|
|
+++ b/include/drv/wd_aead_drv.h
|
|
@@ -64,7 +64,7 @@ struct wd_aead_msg {
|
|
/* mac */
|
|
__u8 *mac;
|
|
/* mac data pointer for decrypto as stream mode */
|
|
- __u8 mac_bak[AES_BLOCK_SIZE];
|
|
+ __u8 *dec_mac;
|
|
/* total of data for stream mode */
|
|
__u64 long_data_len;
|
|
enum wd_aead_msg_state msg_state;
|
|
diff --git a/wd_aead.c b/wd_aead.c
|
|
index e5e1b19..87d61c3 100644
|
|
--- a/wd_aead.c
|
|
+++ b/wd_aead.c
|
|
@@ -635,20 +635,24 @@ static void fill_stream_msg(struct wd_aead_msg *msg, struct wd_aead_req *req,
|
|
memset(sess->iv, 0, MAX_IV_SIZE);
|
|
memcpy(sess->iv, req->iv, GCM_IV_SIZE);
|
|
|
|
- /* Store the original mac of first message to session */
|
|
if (msg->op_type == WD_CIPHER_DECRYPTION_DIGEST)
|
|
- memcpy(sess->mac_bak, req->mac, sess->auth_bytes);
|
|
+ msg->mac = sess->mac_bak;
|
|
break;
|
|
case AEAD_MSG_MIDDLE:
|
|
/* Middle messages need to store the stream's total length to session */
|
|
sess->long_data_len += req->in_bytes;
|
|
|
|
msg->long_data_len = sess->long_data_len;
|
|
+
|
|
+ if (msg->op_type == WD_CIPHER_DECRYPTION_DIGEST)
|
|
+ msg->mac = sess->mac_bak;
|
|
break;
|
|
case AEAD_MSG_END:
|
|
- /* Sets the original mac for final message */
|
|
- if (msg->op_type == WD_CIPHER_DECRYPTION_DIGEST)
|
|
- memcpy(msg->mac_bak, sess->mac_bak, sess->auth_bytes);
|
|
+ if (msg->op_type == WD_CIPHER_DECRYPTION_DIGEST) {
|
|
+ /* Sets the original mac for final message */
|
|
+ msg->dec_mac = req->mac;
|
|
+ msg->mac = sess->mac_bak;
|
|
+ }
|
|
|
|
msg->long_data_len = sess->long_data_len + req->in_bytes;
|
|
/* Reset the session's long_data_len */
|
|
--
|
|
2.25.1
|
|
|