[dpdk-dev] crypto/openssl: fix compilation break with openssl 1.1
Checks
Commit Message
hmac APIs are changed in openssl version 1.1.
this patch handles both versions of openssl for hmac APIs
Fixes: d7174e8f368f ("crypto/openssl: replace evp APIs with HMAC APIs")
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 27 ++++++++++++++++++++----
drivers/crypto/openssl/rte_openssl_pmd_private.h | 2 +-
2 files changed, 24 insertions(+), 5 deletions(-)
Comments
> -----Original Message-----
> From: Akhil Goyal [mailto:akhil.goyal@nxp.com]
> Sent: Wednesday, September 20, 2017 10:50 AM
> To: dev@dpdk.org
> Cc: Doherty, Declan <declan.doherty@intel.com>; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>; hemant.agrawal@nxp.com; Akhil Goyal
> <akhil.goyal@nxp.com>
> Subject: [PATCH] crypto/openssl: fix compilation break with openssl 1.1
>
> hmac APIs are changed in openssl version 1.1.
>
> this patch handles both versions of openssl for hmac APIs
>
> Fixes: d7174e8f368f ("crypto/openssl: replace evp APIs with HMAC APIs")
>
> Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Merged the patch to "crypto/openssl: replace evp APIs with HMAC APIs").
Applied to dpdk-next-crypto.
Thanks,
Pablo
@@ -48,6 +48,25 @@
static uint8_t cryptodev_driver_id;
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+static HMAC_CTX *HMAC_CTX_new(void)
+{
+ HMAC_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
+
+ if (ctx != NULL)
+ HMAC_CTX_init(ctx);
+ return ctx;
+}
+
+static void HMAC_CTX_free(HMAC_CTX *ctx)
+{
+ if (ctx != NULL) {
+ HMAC_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+ }
+}
+#endif
+
static int cryptodev_openssl_remove(struct rte_vdev_device *vdev);
/*----------------------------------------------------------------------------*/
@@ -437,12 +456,12 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
case RTE_CRYPTO_AUTH_SHA384_HMAC:
case RTE_CRYPTO_AUTH_SHA512_HMAC:
sess->auth.mode = OPENSSL_AUTH_AS_HMAC;
- HMAC_CTX_init(&sess->auth.hmac.ctx);
+ sess->auth.hmac.ctx = HMAC_CTX_new();
if (get_auth_algo(xform->auth.algo,
&sess->auth.hmac.evp_algo) != 0)
return -EINVAL;
- if (HMAC_Init_ex(&sess->auth.hmac.ctx,
+ if (HMAC_Init_ex(sess->auth.hmac.ctx,
xform->auth.key.data,
xform->auth.key.length,
sess->auth.hmac.evp_algo, NULL) != 1)
@@ -585,7 +604,7 @@ openssl_reset_session(struct openssl_session *sess)
break;
case OPENSSL_AUTH_AS_HMAC:
EVP_PKEY_free(sess->auth.hmac.pkey);
- HMAC_CTX_cleanup(&sess->auth.hmac.ctx);
+ HMAC_CTX_free(sess->auth.hmac.ctx);
break;
default:
break;
@@ -1293,7 +1312,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
case OPENSSL_AUTH_AS_HMAC:
status = process_openssl_auth_hmac(mbuf_src, dst,
op->sym->auth.data.offset, srclen,
- &sess->auth.hmac.ctx);
+ sess->auth.hmac.ctx);
break;
default:
status = -1;
@@ -172,7 +172,7 @@ struct openssl_session {
/**< pointer to EVP key */
const EVP_MD *evp_algo;
/**< pointer to EVP algorithm function */
- HMAC_CTX ctx;
+ HMAC_CTX *ctx;
/**< pointer to EVP context structure */
} hmac;
};