crypto: support async handlers for 3des and md5

With this change, add support for 3DES and MD5 in IPsec async mode.

After changes in foreach_crypto_link_async_alg, the last combination in
the list (aes-256-cbc-hmac-sha-512) started to fail during decription.
That was also fixed by proper vector size validation.

Type: improvement
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I660657bdab62ea9cf031c3e43d99f2317e5f74d7

diff --git a/src/vnet/crypto/crypto.c b/src/vnet/crypto/crypto.c
index b98d219..74f945e 100644 (file)
--- a/src/vnet/crypto/crypto.c
+++ b/src/vnet/crypto/crypto.c
@@ -283,9 +283,9 @@ vnet_crypto_register_async_handler (vlib_main_t * vm, u32 engine_index,
   vnet_crypto_main_t *cm = &crypto_main;
   vnet_crypto_engine_t *ae, *e = vec_elt_at_index (cm->engines, engine_index);
   vnet_crypto_async_op_data_t *otd = cm->async_opt_data + opt;
-  vec_validate_aligned (cm->enqueue_handlers, VNET_CRYPTO_ASYNC_OP_N_IDS - 1,
+  vec_validate_aligned (cm->enqueue_handlers, VNET_CRYPTO_ASYNC_OP_N_IDS,
                        CLIB_CACHE_LINE_BYTES);
-  vec_validate_aligned (cm->dequeue_handlers, VNET_CRYPTO_ASYNC_OP_N_IDS - 1,
+  vec_validate_aligned (cm->dequeue_handlers, VNET_CRYPTO_ASYNC_OP_N_IDS,
                        CLIB_CACHE_LINE_BYTES);
 
   /* both enqueue hdl and dequeue hdl should present */
@@ -721,7 +721,7 @@ vnet_crypto_init (vlib_main_t * vm)
                        CLIB_CACHE_LINE_BYTES);
   vec_validate (cm->algs, VNET_CRYPTO_N_ALGS);
   vec_validate (cm->async_algs, VNET_CRYPTO_N_ASYNC_ALGS);
-  clib_bitmap_validate (cm->async_active_ids, VNET_CRYPTO_ASYNC_OP_N_IDS - 1);
+  clib_bitmap_validate (cm->async_active_ids, VNET_CRYPTO_ASYNC_OP_N_IDS);
 
 #define _(n, s, l) \
   vnet_crypto_init_cipher_data (VNET_CRYPTO_ALG_##n, \

diff --git a/src/vnet/crypto/crypto.h b/src/vnet/crypto/crypto.h
index 7db591f..a44c891 100644 (file)
--- a/src/vnet/crypto/crypto.h
+++ b/src/vnet/crypto/crypto.h
@@ -86,18 +86,27 @@ typedef enum
 
 /* CRYPTO_ID, INTEG_ID, PRETTY_NAME, KEY_LENGTH_IN_BYTES, DIGEST_LEN */
 #define foreach_crypto_link_async_alg                                         \
+  _ (3DES_CBC, MD5, "3des-cbc-hmac-md5", 24, 12)                              \
+  _ (AES_128_CBC, MD5, "aes-128-cbc-hmac-md5", 16, 12)                        \
+  _ (AES_192_CBC, MD5, "aes-192-cbc-hmac-md5", 24, 12)                        \
+  _ (AES_256_CBC, MD5, "aes-256-cbc-hmac-md5", 32, 12)                        \
+  _ (3DES_CBC, SHA1, "3des-cbc-hmac-sha-1", 24, 12)                           \
   _ (AES_128_CBC, SHA1, "aes-128-cbc-hmac-sha-1", 16, 12)                     \
   _ (AES_192_CBC, SHA1, "aes-192-cbc-hmac-sha-1", 24, 12)                     \
   _ (AES_256_CBC, SHA1, "aes-256-cbc-hmac-sha-1", 32, 12)                     \
+  _ (3DES_CBC, SHA224, "3des-cbc-hmac-sha-224", 24, 14)                       \
   _ (AES_128_CBC, SHA224, "aes-128-cbc-hmac-sha-224", 16, 14)                 \
   _ (AES_192_CBC, SHA224, "aes-192-cbc-hmac-sha-224", 24, 14)                 \
   _ (AES_256_CBC, SHA224, "aes-256-cbc-hmac-sha-224", 32, 14)                 \
+  _ (3DES_CBC, SHA256, "3des-cbc-hmac-sha-256", 24, 16)                       \
   _ (AES_128_CBC, SHA256, "aes-128-cbc-hmac-sha-256", 16, 16)                 \
   _ (AES_192_CBC, SHA256, "aes-192-cbc-hmac-sha-256", 24, 16)                 \
   _ (AES_256_CBC, SHA256, "aes-256-cbc-hmac-sha-256", 32, 16)                 \
+  _ (3DES_CBC, SHA384, "3des-cbc-hmac-sha-384", 24, 24)                       \
   _ (AES_128_CBC, SHA384, "aes-128-cbc-hmac-sha-384", 16, 24)                 \
   _ (AES_192_CBC, SHA384, "aes-192-cbc-hmac-sha-384", 24, 24)                 \
   _ (AES_256_CBC, SHA384, "aes-256-cbc-hmac-sha-384", 32, 24)                 \
+  _ (3DES_CBC, SHA512, "3des-cbc-hmac-sha-512", 24, 32)                       \
   _ (AES_128_CBC, SHA512, "aes-128-cbc-hmac-sha-512", 16, 32)                 \
   _ (AES_192_CBC, SHA512, "aes-192-cbc-hmac-sha-512", 24, 32)                 \
   _ (AES_256_CBC, SHA512, "aes-256-cbc-hmac-sha-512", 32, 32)                 \