[PATCH API-NEXT v4] Update Linux crypto implementation to support recent API additions

example/ipsec/odp_ipsec_cache.c

@@ -100,6 +100,7 @@ int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa,
 		params.auth_alg = auth_sa->alg.u.auth;
 		params.auth_key.data = auth_sa->key.data;
 		params.auth_key.length = auth_sa->key.length;
+		params.auth_digest_len = auth_sa->icv_len;
 		mode = auth_sa->mode;
 	} else {
 		params.auth_alg = ODP_AUTH_ALG_NULL;

platform/linux-generic/odp_crypto.c

@@ -52,10 +52,12 @@ static const odp_crypto_cipher_capability_t cipher_capa_aes_gcm[] = {
  * Keep sorted: first by digest length, then by key length
  */
 static const odp_crypto_auth_capability_t auth_capa_md5_hmac[] = {
-{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
+{.digest_len = 12, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} },
+{.digest_len = 16, .key_len = 16, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
 
 static const odp_crypto_auth_capability_t auth_capa_sha256_hmac[] = {
-{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
+{.digest_len = 16, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} },
+{.digest_len = 32, .key_len = 32, .aad_len = {.min = 0, .max = 0, .inc = 0} } };
 
 static const odp_crypto_auth_capability_t auth_capa_aes_gcm[] = {
 {.digest_len = 16, .key_len = 0, .aad_len = {.min = 8, .max = 12, .inc = 4} } };
@@ -265,10 +267,8 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param,
 {
 	uint8_t *data  = odp_packet_data(param->out_pkt);
 	uint32_t plain_len   = param->cipher_range.length;
-	uint8_t *aad_head = data + param->auth_range.offset;
-	uint8_t *aad_tail = data + param->cipher_range.offset +
-		param->cipher_range.length;
-	uint32_t auth_len = param->auth_range.length;
+	const uint8_t *aad_head = param->aad.ptr;
+	uint32_t aad_len = param->aad.length;
 	unsigned char iv_enc[AES_BLOCK_SIZE];
 	void *iv_ptr;
 	uint8_t *tag = data + param->hash_result_offset;
@@ -280,12 +280,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param,
 	else
 		return ODP_CRYPTO_ALG_ERR_IV_INVALID;
 
-	/* All cipher data must be part of the authentication */
-	if (param->auth_range.offset > param->cipher_range.offset ||
-	    param->auth_range.offset + auth_len <
-	    param->cipher_range.offset + plain_len)
-		return ODP_CRYPTO_ALG_ERR_DATA_SIZE;
-
 	/*
 	 * Create a copy of the IV.  The DES library modifies IV
 	 * and if we are processing packets on parallel threads
@@ -303,23 +297,16 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_crypto_op_param_t *param,
 	EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);
 
 	/* Authenticate header data (if any) without encrypting them */
-	if (aad_head < plaindata) {
+	if (aad_len > 0)
 		EVP_EncryptUpdate(ctx, NULL, &cipher_len,
-				  aad_head, plaindata - aad_head);
-	}
+				  aad_head, aad_len);
 
 	EVP_EncryptUpdate(ctx, plaindata, &cipher_len,
 			  plaindata, plain_len);
-	cipher_len = plain_len;
-
-	/* Authenticate footer data (if any) without encrypting them */
-	if (aad_head + auth_len > plaindata + plain_len) {
-		EVP_EncryptUpdate(ctx, NULL, NULL, aad_tail,
-				  auth_len - (aad_tail - aad_head));
-	}
 
 	EVP_EncryptFinal_ex(ctx, plaindata + cipher_len, &cipher_len);
-	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag);
+	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG,
+			    session->p.auth_digest_len, tag);
 
 	return ODP_CRYPTO_ALG_ERR_NONE;
 }
@@ -330,10 +317,8 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param,
 {
 	uint8_t *data  = odp_packet_data(param->out_pkt);
 	uint32_t cipher_len   = param->cipher_range.length;
-	uint8_t *aad_head = data + param->auth_range.offset;
-	uint8_t *aad_tail = data + param->cipher_range.offset +
-		param->cipher_range.length;
-	uint32_t auth_len = param->auth_range.length;
+	const uint8_t *aad_head = param->aad.ptr;
+	uint32_t aad_len = param->aad.length;
 	unsigned char iv_enc[AES_BLOCK_SIZE];
 	void *iv_ptr;
 	uint8_t *tag   = data + param->hash_result_offset;
@@ -345,12 +330,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param,
 	else
 		return ODP_CRYPTO_ALG_ERR_IV_INVALID;
 
-	/* All cipher data must be part of the authentication */
-	if (param->auth_range.offset > param->cipher_range.offset ||
-	    param->auth_range.offset + auth_len <
-	    param->cipher_range.offset + cipher_len)
-		return ODP_CRYPTO_ALG_ERR_DATA_SIZE;
-
 	/*
 	 * Create a copy of the IV.  The DES library modifies IV
 	 * and if we are processing packets on parallel threads
@@ -366,25 +345,18 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_param_t *param,
 
 	EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);
 
-	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
+	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG,
+			    session->p.auth_digest_len, tag);
 
 	/* Authenticate header data (if any) without encrypting them */
-	if (aad_head < cipherdata) {
+	if (aad_len > 0)
 		EVP_DecryptUpdate(ctx, NULL, &plain_len,
-				  aad_head, cipherdata - aad_head);
-	}
+				  aad_head, aad_len);
 
 	EVP_DecryptUpdate(ctx, cipherdata, &plain_len,
 			  cipherdata, cipher_len);
-	plain_len = cipher_len;
-
-	/* Authenticate footer data (if any) without encrypting them */
-	if (aad_head + auth_len > cipherdata + cipher_len) {
-		EVP_DecryptUpdate(ctx, NULL, NULL, aad_tail,
-				  auth_len - (aad_tail - aad_head));
-	}
 
-	if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) <= 0)
+	if (EVP_DecryptFinal_ex(ctx, cipherdata + plain_len, &plain_len) <= 0)
 		return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
 
 	return ODP_CRYPTO_ALG_ERR_NONE;
@@ -522,7 +494,6 @@ static int process_des_param(odp_crypto_generic_session_t *session)
 }
 
 static int process_auth_param(odp_crypto_generic_session_t *session,
-			      uint32_t bits,
 			      uint32_t key_length,
 			      const EVP_MD *evp_md)
 {
@@ -535,7 +506,9 @@ static int process_auth_param(odp_crypto_generic_session_t *session,
 	session->auth.evp_md = evp_md;
 
 	/* Number of valid bytes */
-	session->auth.bytes = bits / 8;
+	session->auth.bytes = session->p.auth_digest_len;
+	if (session->auth.bytes < (unsigned)EVP_MD_size(evp_md) / 2)
+		return -1;
 
 	/* Convert keys */
 	session->auth.key_length = key_length;
@@ -745,28 +718,34 @@ odp_crypto_session_create(odp_crypto_session_param_t *param,
 		session->auth.func = null_crypto_routine;
 		rc = 0;
 		break;
-	case ODP_AUTH_ALG_MD5_HMAC:
 #if ODP_DEPRECATED_API
 	case ODP_AUTH_ALG_MD5_96:
+		session->p.auth_digest_len = 96 / 8;
+		/* Fallthrough */
 #endif
-		rc = process_auth_param(session, 96, 16, EVP_md5());
+	case ODP_AUTH_ALG_MD5_HMAC:
+		rc = process_auth_param(session, 16, EVP_md5());
 		break;
-	case ODP_AUTH_ALG_SHA256_HMAC:
 #if ODP_DEPRECATED_API
 	case ODP_AUTH_ALG_SHA256_128:
+		session->p.auth_digest_len = 128 / 8;
+		/* Fallthrough */
 #endif
-		rc = process_auth_param(session, 128, 32, EVP_sha256());
+	case ODP_AUTH_ALG_SHA256_HMAC:
+		rc = process_auth_param(session, 32, EVP_sha256());
 		break;
 #if ODP_DEPRECATED_API
 	case ODP_AUTH_ALG_AES128_GCM:
 		if (param->cipher_alg == ODP_CIPHER_ALG_AES128_GCM)
 			aes_gcm = 1;
+		session->p.auth_digest_len = 128 / 8;
 		/* Fallthrough */
 #endif
 	case ODP_AUTH_ALG_AES_GCM:
 		/* AES-GCM requires to do both auth and
 		 * cipher at the same time */
-		if (param->cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) {
+		if ((param->cipher_alg == ODP_CIPHER_ALG_AES_GCM || aes_gcm) &&
+		    session->p.auth_digest_len == 128 / 8) {
 			session->auth.func = null_crypto_routine;
 			rc = 0;
 		} else {

test/common_plat/performance/odp_crypto.c

@@ -209,7 +209,8 @@ static crypto_alg_config_t algs_config[] = {
 			.auth_key = {
 				.data = test_key16,
 				.length = sizeof(test_key16)
-			}
+			},
+			.auth_digest_len = 96 / 8,
 		},
 		.hash_adjust = 12
 	},
@@ -221,7 +222,8 @@ static crypto_alg_config_t algs_config[] = {
 			.auth_key = {
 				.data = test_key16,
 				.length = sizeof(test_key16)
-			}
+			},
+			.auth_digest_len = 96 / 8,
 		},
 		.hash_adjust = 12
 	},