crypto/aesni_mb: fix GCM digest size check

GCM digest sizes should be between 1 and 16 bytes.

Fixes: 7b2d4706c90e ("crypto/aesni_mb: support newer library version only")
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

drivers/crypto/aesni_mb/aesni_mb_pmd_private.h

@@ -85,7 +85,7 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
 		[AES_CMAC]			= 12,
 		[AES_CCM]			= 8,
 		[NULL_HASH]			= 0,
-		[AES_GMAC]			= 16,
+		[AES_GMAC]			= 12,
 		[PLAIN_SHA1]			= 20,
 		[PLAIN_SHA_224]			= 28,
 		[PLAIN_SHA_256]			= 32,
@@ -121,7 +121,7 @@ static const unsigned auth_digest_byte_lengths[] = {
 		[AES_XCBC]			= 16,
 		[AES_CMAC]			= 16,
 		[AES_CCM]			= 16,
-		[AES_GMAC]			= 12,
+		[AES_GMAC]			= 16,
 		[NULL_HASH]			= 0,
 		[PLAIN_SHA1]			= 20,
 		[PLAIN_SHA_224]			= 28,

drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c

@@ -213,19 +213,11 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr,
 			sess->cipher.direction = DECRYPT;
 
 		sess->auth.algo = AES_GMAC;
-		/*
-		 * Multi-buffer lib supports 8, 12 and 16 bytes of digest.
-		 * If size requested is different, generate the full digest
-		 * (16 bytes) in a temporary location and then memcpy
-		 * the requested number of bytes.
-		 */
-		if (sess->auth.req_digest_len != 16 &&
-				sess->auth.req_digest_len != 12 &&
-				sess->auth.req_digest_len != 8) {
-			sess->auth.gen_digest_len = 16;
-		} else {
-			sess->auth.gen_digest_len = sess->auth.req_digest_len;
+		if (sess->auth.req_digest_len > get_digest_byte_length(AES_GMAC)) {
+			AESNI_MB_LOG(ERR, "Invalid digest size\n");
+			return -EINVAL;
 		}
+		sess->auth.gen_digest_len = sess->auth.req_digest_len;
 		sess->iv.length = xform->auth.iv.length;
 		sess->iv.offset = xform->auth.iv.offset;
 
@@ -721,6 +713,12 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
 			return -EINVAL;
 		}
 
+		/* GCM digest size must be between 1 and 16 */
+		if (sess->auth.req_digest_len == 0 ||
+				sess->auth.req_digest_len > 16) {
+			AESNI_MB_LOG(ERR, "Invalid digest size\n");
+			return -EINVAL;
+		}
 		break;
 
 	default:

drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c

@@ -455,9 +455,9 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
 					.increment = 8
 				},
 				.digest_size = {
-					.min = 8,
+					.min = 1,
 					.max = 16,
-					.increment = 4
+					.increment = 1
 				},
 				.aad_size = {
 					.min = 0,
@@ -485,9 +485,9 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = {
 					.increment = 8
 				},
 				.digest_size = {
-					.min = 8,
+					.min = 1,
 					.max = 16,
-					.increment = 4
+					.increment = 1
 				},
 				.iv_size = {
 					.min = 12,