diff options
| author | Cristian Stoica <cristian.stoica@freescale.com> | 2013-10-31 18:05:12 (GMT) |
|---|---|---|
| committer | Jose Rivera <German.Rivera@freescale.com> | 2014-03-28 13:38:03 (GMT) |
| commit | 6b9a65077f314d5ede4a0a917e6cfde93c5377a9 (patch) | |
| tree | 3632f428ff9e02921b81170ba654d3c84d2671ae /crypto/testmgr.h | |
| parent | 887fd86a5f104695084a815035040fd0c3866cc1 (diff) | |
| download | linux-fsl-qoriq-6b9a65077f314d5ede4a0a917e6cfde93c5377a9.tar.xz | |
crypto: add support for TLS 1.0 record encryption
This patch adds kernel support for encryption/decryption of TLS 1.0
records using block ciphers. Implementation is similar to authenc in the
sense that the base algorithms (AES, SHA1) are combined in a template to
produce TLS encapsulation frames. The composite algorithm will be called
"tls10(hmac(<digest>),cbc(<cipher>))". The cipher and hmac keys are
wrapped in the same format used by authenc.c
Change-Id: If2211062f1e8805ee1fe9e6684e7c0902bf44467
Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
Reviewed-on: http://git.am.freescale.net:8181/6211
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Reviewed-by: Thomas Trefny <Tom.Trefny@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
(cherry picked from commit e2fe61d3fe94949f9fc5766f7b27a1d19c9d4d6e)
Conflicts:
crypto/tcrypt.c
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Change-Id: I6ecb63c7cb8c64aef984e71e439dab6000666b29
Reviewed-on: http://git.am.freescale.net:8181/10373
Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
Reviewed-by: Mircea Pop <mircea.pop@freescale.com>
Reviewed-by: Alexandru Porosanu <alexandru.porosanu@freescale.com>
Tested-by: Review Code-CDREVIEW <CDREVIEW@freescale.com>
Reviewed-by: Jose Rivera <German.Rivera@freescale.com>
Diffstat (limited to 'crypto/testmgr.h')
| -rw-r--r-- | crypto/testmgr.h | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 7d44aa3..72b4e80 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -92,8 +92,110 @@ struct cprng_testvec { unsigned short loops; }; +struct tls_testvec { + char *key; /* wrapped keys for encryption and authentication */ + char *iv; /* initialization vector */ + char *input; /* input data */ + char *assoc; /* associated data: seq num, type, version, input len */ + char *result; /* result data */ + unsigned char fail; /* the test failure is expected */ + unsigned char novrfy; /* dec verification failure expected */ + unsigned char klen; /* key length */ + unsigned short ilen; /* input data length */ + unsigned short alen; /* associated data length */ + unsigned short rlen; /* result length */ +}; + static char zeroed_string[48]; + +/* + * TLS1.0 synthetic test vectors + */ +#define TLS_ENC_TEST_VECTORS 2 +#define TLS_DEC_TEST_VECTORS 1 + +static struct tls_testvec tls_enc_tv_template[] = { + { +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x10" /* enc key length */ + "authenticationkey20b" + "enckeyis16_bytes", + .klen = 8 + 20 + 16, + .iv = "iv0123456789abcd", + .input = "Single block msg", + .ilen = 16, + .assoc = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x00\x03\x01\x00\x10", + .alen = 13, + .result = "\xd5\xac\xb\xd2\xac\xad\x3f\xb1" + "\x59\x79\x1e\x91\x5f\x52\x14\x9c" + "\xc0\x75\xd8\x4c\x97\x0f\x07\x73" + "\xdc\x89\x47\x49\x49\xcb\x30\x6b" + "\x1b\x45\x23\xa1\xd0\x51\xcf\x02" + "\x2e\xa8\x5d\xa0\xfe\xca\x82\x61", + .rlen = 16 + 20 + 12, + }, { +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x10" /* enc key length */ + "authenticationkey20b" + "enckeyis16_bytes", + .klen = 8 + 20 + 16, + .iv = "iv0123456789abcd", + .input = "", + .ilen = 0, + .assoc = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x00\x03\x01\x00\x10", + .alen = 13, + .result = "\xa3\xdc\xf9\xac\x52\x70\x08\xcf" + "\x8d\x47\xbb\xe0\x64\xc0\x89\x2c" + "\xfb\x5d\x2d\x43\x35\x16\xeb\x4c" + "\x55\xb7\xcf\xaa\x9a\xe0\x02\x71", + .rlen = 20 + 12, + } +}; + +static struct tls_testvec tls_dec_tv_template[] = { + { +#ifdef __LITTLE_ENDIAN + .key = "\x08\x00" /* rta length */ + "\x01\x00" /* rta type */ +#else + .key = "\x00\x08" /* rta length */ + "\x00\x01" /* rta type */ +#endif + "\x00\x00\x00\x10" /* enc key length */ + "authenticationkey20b" + "enckeyis16_bytes", + .klen = 8 + 20 + 16, + .iv = "iv0123456789abcd", + .input = "\xd5\xac\xb\xd2\xac\xad\x3f\xb1" + "\x59\x79\x1e\x91\x5f\x52\x14\x9c" + "\xc0\x75\xd8\x4c\x97\x0f\x07\x73" + "\xdc\x89\x47\x49\x49\xcb\x30\x6b" + "\x1b\x45\x23\xa1\xd0\x51\xcf\x02" + "\x2e\xa8\x5d\xa0\xfe\xca\x82\x61", + .ilen = 16 + 20 + 12, + .assoc = "\x00\x01\x02\x03\x04\x05\x06\x07" + "\x00\x03\x01\x00\x30", + .alen = 13, + .result = "Single block msg", + .rlen = 16, + } +}; + /* * MD4 test vectors from RFC1320 */ |