add cavium ciphers to SSL, and example client

This commit is contained in:
Todd Ouska 2013-02-01 12:21:38 -08:00
parent defe5b4e31
commit 44b6593fe5
18 changed files with 252 additions and 44 deletions

View File

@ -2827,6 +2827,8 @@ static void AesCaviumCbcEncrypt(Aes* aes, byte* out, const byte* in,
CYASSL_MSG("Bad Cavium Aes Encrypt");
}
length -= CYASSL_MAX_16BIT;
offset += CYASSL_MAX_16BIT;
XMEMCPY(aes->reg, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
@ -2836,6 +2838,7 @@ static void AesCaviumCbcEncrypt(Aes* aes, byte* out, const byte* in,
aes->devId) != 0) {
CYASSL_MSG("Bad Cavium Aes Encrypt");
}
XMEMCPY(aes->reg, out + offset+length - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
}
}
@ -2843,23 +2846,31 @@ static void AesCaviumCbcDecrypt(Aes* aes, byte* out, const byte* in,
word32 length)
{
word32 requestId;
word offset = 0;
while (length > CYASSL_MAX_16BIT) {
word16 slen = (word16)CYASSL_MAX_16BIT;
XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
if (CspDecryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in, out, (byte*)aes->reg,
(byte*)aes->key, &requestId, aes->devId) != 0) {
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &requestId,
aes->devId) != 0) {
CYASSL_MSG("Bad Cavium Aes Decrypt");
}
length -= CYASSL_MAX_16BIT;
offset += CYASSL_MAX_16BIT;
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
if (CspDecryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
aes->type, slen, (byte*)in, out, (byte*)aes->reg,
(byte*)aes->key, &requestId, aes->devId) != 0) {
aes->type, slen, (byte*)in + offset, out + offset,
(byte*)aes->reg, (byte*)aes->key, &requestId,
aes->devId) != 0) {
CYASSL_MSG("Bad Cavium Aes Decrypt");
}
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
}
}

View File

@ -148,7 +148,7 @@ static void Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
while (length > CYASSL_MAX_16BIT) {
word16 slen = (word16)CYASSL_MAX_16BIT;
if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_NO_UPDATE,
if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE,
slen, (byte*)in + offset, out + offset, &requestId,
arc4->devId) != 0) {
CYASSL_MSG("Bad Cavium Arc4 Encrypt");
@ -158,7 +158,7 @@ static void Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
}
if (length) {
word16 slen = (word16)length;
if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_NO_UPDATE,
if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE,
slen, (byte*)in + offset, out + offset, &requestId,
arc4->devId) != 0) {
CYASSL_MSG("Bad Cavium Arc4 Encrypt");

View File

@ -827,6 +827,8 @@ static void Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
CYASSL_MSG("Bad Cavium 3DES Cbc Encrypt");
}
length -= CYASSL_MAX_16BIT;
offset += CYASSL_MAX_16BIT;
XMEMCPY(des3->reg, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
@ -837,6 +839,7 @@ static void Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
&requestId, des3->devId) != 0) {
CYASSL_MSG("Bad Cavium 3DES Cbc Encrypt");
}
XMEMCPY(des3->reg, out+offset+length - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
}
}
@ -844,25 +847,31 @@ static void Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
word32 length)
{
word32 requestId;
word offset = 0;
while (length > CYASSL_MAX_16BIT) {
word16 slen = (word16)CYASSL_MAX_16BIT;
XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in, out,
CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset,
(byte*)des3->reg, (byte*)des3->key[0], &requestId,
des3->devId) != 0) {
CYASSL_MSG("Bad Cavium 3Des Decrypt");
}
length -= CYASSL_MAX_16BIT;
offset += CYASSL_MAX_16BIT;
XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
}
if (length) {
word16 slen = (word16)length;
XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE,DES_BLOCK_SIZE);
if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
CAVIUM_NO_UPDATE, slen, (byte*)in, out,
CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset,
(byte*)des3->reg, (byte*)des3->key[0], &requestId,
des3->devId) != 0) {
CYASSL_MSG("Bad Cavium 3Des Decrypt");
}
XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
}
}

View File

@ -277,6 +277,10 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "AES-CCM Authentication check fail", max);
break;
case CAVIUM_INIT_E:
XSTRNCPY(buffer, "Cavium Init type error", max);
break;
default:
XSTRNCPY(buffer, "unknown error number", max);

View File

@ -160,29 +160,6 @@ typedef struct func_args {
#ifdef HAVE_CAVIUM
static int OpenNitroxDevice(int dma_mode,int dev_id)
{
Csp1CoreAssignment core_assign;
Uint32 device;
if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
return -1;
if (Csp1GetDevType(&device))
return -1;
if (device != NPX_DEVICE) {
if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
(Uint32 *)&core_assign)!= 0)
return -1;
}
CspShutdown(CAVIUM_DEV_ID);
return CspInitialize(dma_mode, dev_id);
}
#endif
void ctaocrypt_test(void* args)
{
int ret = 0;
@ -199,11 +176,6 @@ void ctaocrypt_test(void* args)
#endif /* USE_FAST_MATH */
#endif /* !CYASSL_LEANPSK */
#ifdef HAVE_CAVIUM
ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed", -1236);
#endif /* HAVE_CAVIUM */
#ifndef NO_MD5
if ( (ret = md5_test()) )
@ -398,25 +370,56 @@ void ctaocrypt_test(void* args)
printf( "ECC test passed!\n");
#endif
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
((func_args*)args)->return_code = ret;
}
/* so overall tests can pull in test function */
#ifndef NO_MAIN_DRIVER
#ifdef HAVE_CAVIUM
static int OpenNitroxDevice(int dma_mode,int dev_id)
{
Csp1CoreAssignment core_assign;
Uint32 device;
if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
return -1;
if (Csp1GetDevType(&device))
return -1;
if (device != NPX_DEVICE) {
if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
(Uint32 *)&core_assign)!= 0)
return -1;
}
CspShutdown(CAVIUM_DEV_ID);
return CspInitialize(dma_mode, dev_id);
}
#endif /* HAVE_CAVIUM */
/* so overall tests can pull in test function */
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed", -1236);
#endif /* HAVE_CAVIUM */
args.argc = argc;
args.argv = argv;
ctaocrypt_test(&args);
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
@ -1490,8 +1493,8 @@ int des3_test(void)
return -20006;
#endif
Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION);
Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION);
Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
if (memcmp(plain, vector, sizeof(plain)))

View File

@ -101,6 +101,8 @@ enum {
AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */
CAVIUM_INIT_E = -182, /* Cavium Init type error */
MIN_CODE_E = -200 /* errors -101 - -199 */
};

View File

@ -567,6 +567,8 @@ enum Misc {
HASH_SIG_SIZE = 2, /* default SHA1 RSA */
NO_CAVIUM_DEVICE = -2, /* invalid cavium device id */
NO_COPY = 0, /* should we copy static buffer for write */
COPY = 1 /* should we copy static buffer for write */
};
@ -969,6 +971,9 @@ struct CYASSL_CTX {
#ifdef HAVE_OCSP
CYASSL_OCSP ocsp;
#endif
#ifdef HAVE_CAVIUM
int devId; /* cavium device id to use */
#endif
};
@ -1470,6 +1475,9 @@ struct CYASSL {
#ifdef FORTRESS
void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */
#endif
#ifdef HAVE_CAVIUM
int devId; /* cavium device id to use */
#endif
};

View File

@ -867,6 +867,11 @@ CYASSL_API void CyaSSL_KeepArrays(CYASSL*);
CYASSL_API void CyaSSL_FreeArrays(CYASSL*);
/* cavium additions */
CYASSL_API int CyaSSL_UseCavium(CYASSL*, int devId);
CYASSL_API int CyaSSL_CTX_UseCavium(CYASSL_CTX*, int devId);
#define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */
#define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */

View File

@ -40,6 +40,12 @@
#endif
#endif /* USE_WINDOWS_API */
#ifdef HAVE_CAVIUM
#include "cavium_sysdep.h"
#include "cavium_common.h"
#include "cavium_ioctl.h"
#endif
#ifdef _MSC_VER
/* disable conversion warning */
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
@ -798,6 +804,30 @@ static INLINE void SetDHCtx(CYASSL_CTX* ctx)
#endif /* !NO_CERTS */
#ifdef HAVE_CAVIUM
static INLINE int OpenNitroxDevice(int dma_mode,int dev_id)
{
Csp1CoreAssignment core_assign;
Uint32 device;
if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
return -1;
if (Csp1GetDevType(&device))
return -1;
if (device != NPX_DEVICE) {
if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
(Uint32 *)&core_assign)!= 0)
return -1;
}
CspShutdown(CAVIUM_DEV_ID);
return CspInitialize(dma_mode, dev_id);
}
#endif /* HAVE_CAVIUM */
#ifdef USE_WINDOWS_API
/* do back x number of directories */

View File

@ -333,6 +333,10 @@ void client_test(void* args)
if (!usePsk && doPeerCheck == 0)
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
#ifdef HAVE_CAVIUM
CyaSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID);
#endif
if (benchmark) {
/* time passed in number of connects give average */
int times = benchmark;
@ -533,6 +537,12 @@ void client_test(void* args)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
@ -548,6 +558,9 @@ void client_test(void* args)
client_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}

View File

@ -186,6 +186,12 @@ void echoclient_test(void* args)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
@ -200,6 +206,9 @@ void echoclient_test(void* args)
echoclient_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}

View File

@ -287,6 +287,12 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
@ -301,6 +307,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
echoserver_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}

View File

@ -383,6 +383,12 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
@ -398,6 +404,9 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
server_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}

View File

@ -397,6 +397,9 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method)
#ifdef HAVE_OCSP
CyaSSL_OCSP_Init(&ctx->ocsp);
#endif
#ifdef HAVE_CAVIUM
ctx->devId = NO_CAVIUM_DEVICE;
#endif
if (InitMutex(&ctx->countMutex) < 0) {
CYASSL_MSG("Mutex error on CTX init");
@ -1241,6 +1244,10 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->toInfoOn = 0;
#endif
#ifdef HAVE_CAVIUM
ssl->devId = ctx->devId;
#endif
ssl->rng = NULL;
ssl->arrays = NULL;
InitCiphers(ssl);

View File

@ -1203,8 +1203,9 @@ static int SetPrefix(byte* sha_input, int idx)
static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
byte side, void* heap)
byte side, void* heap, int devId)
{
(void)devId;
#ifdef BUILD_ARC4
word32 sz = specs->key_size;
if (specs->bulk_cipher_algorithm == rc4) {
@ -1214,6 +1215,18 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
if (dec->arc4 == NULL)
return MEMORY_E;
#ifdef HAVE_CAVIUM
if (devId != NO_CAVIUM_DEVICE) {
if (Arc4InitCavium(enc->arc4, devId) != 0) {
CYASSL_MSG("Arc4InitCavium failed in SetKeys");
return CAVIUM_INIT_E;
}
if (Arc4InitCavium(dec->arc4, devId) != 0) {
CYASSL_MSG("Arc4InitCavium failed in SetKeys");
return CAVIUM_INIT_E;
}
}
#endif
if (side == CLIENT_END) {
Arc4SetKey(enc->arc4, keys->client_write_key, sz);
Arc4SetKey(dec->arc4, keys->server_write_key, sz);
@ -1285,6 +1298,18 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
if (dec->des3 == NULL)
return MEMORY_E;
#ifdef HAVE_CAVIUM
if (devId != NO_CAVIUM_DEVICE) {
if (Des3_InitCavium(enc->des3, devId) != 0) {
CYASSL_MSG("Des3_InitCavium failed in SetKeys");
return CAVIUM_INIT_E;
}
if (Des3_InitCavium(dec->des3, devId) != 0) {
CYASSL_MSG("Des3_InitCavium failed in SetKeys");
return CAVIUM_INIT_E;
}
}
#endif
if (side == CLIENT_END) {
Des3_SetKey(enc->des3, keys->client_write_key,
keys->client_write_IV, DES_ENCRYPTION);
@ -1310,6 +1335,18 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
if (dec->aes == NULL)
return MEMORY_E;
#ifdef HAVE_CAVIUM
if (devId != NO_CAVIUM_DEVICE) {
if (AesInitCavium(enc->aes, devId) != 0) {
CYASSL_MSG("AesInitCavium failed in SetKeys");
return CAVIUM_INIT_E;
}
if (AesInitCavium(dec->aes, devId) != 0) {
CYASSL_MSG("AesInitCavium failed in SetKeys");
return CAVIUM_INIT_E;
}
}
#endif
if (side == CLIENT_END) {
AesSetKey(enc->aes, keys->client_write_key,
specs->key_size, keys->client_write_IV,
@ -1442,6 +1479,11 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
int StoreKeys(CYASSL* ssl, const byte* keyData)
{
int sz, i = 0;
int devId = NO_CAVIUM_DEVICE;
#ifdef HAVE_CAVIUM
devId = ssl->devId;
#endif
if (ssl->specs.cipher_type != aead) {
sz = ssl->specs.hash_size;
@ -1469,7 +1511,7 @@ int StoreKeys(CYASSL* ssl, const byte* keyData)
#endif
return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs,
ssl->options.side, ssl->heap);
ssl->options.side, ssl->heap, devId);
}
#ifndef NO_OLD_TLS

View File

@ -433,6 +433,34 @@ int CyaSSL_read(CYASSL* ssl, void* data, int sz)
return CyaSSL_read_internal(ssl, data, sz, FALSE);
}
#ifdef HAVE_CAVIUM
int CyaSSL_UseCavium(CYASSL* ssl, int devId)
{
if (ssl == NULL)
return BAD_FUNC_ARG;
ssl->devId = devId;
return 0;
}
int CyaSSL_CTX_UseCavium(CYASSL_CTX* ctx, int devId)
{
if (ctx == NULL)
return BAD_FUNC_ARG;
ctx->devId = devId;
return 0;
}
#endif /* HAVE_CAVIUM */
#ifndef CYASSL_LEANPSK
int CyaSSL_send(CYASSL* ssl, const void* data, int sz, int flags)
{

View File

@ -19,6 +19,12 @@ int main(int argc, char** argv)
(void)argv;
printf("starting unit tests...\n");
#ifdef HAVE_CAVIUM
ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
if (CurrentDir("tests"))
ChangeDirBack(1);
else if (CurrentDir("build"))
@ -39,6 +45,10 @@ int main(int argc, char** argv)
return ret;
}
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return 0;
}

View File

@ -60,6 +60,12 @@ int main(int argc, char** argv)
tcp_ready ready;
THREAD_TYPE serverThread;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = server_args.argc = argc;
@ -144,6 +150,9 @@ int main(int argc, char** argv)
CyaSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
printf("\nAll tests passed!\n");
return EXIT_SUCCESS;
}