From: Ramkumar Balu <rbalu@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>,
Anoob Joseph <anoobj@marvell.com>,
Declan Doherty <declan.doherty@intel.com>,
Fan Zhang <roy.fan.zhang@intel.com>,
Ankur Dwivedi <adwivedi@marvell.com>,
"Tejasree Kondoj" <ktejasree@marvell.com>
Cc: <stable@dpdk.org>, <dev@dpdk.org>, Ramkumar <rbalu@marvell.com>
Subject: [PATCH 2/5] crypto/openssl: fix output of RSA verify op
Date: Mon, 29 Nov 2021 09:51:56 +0000
Message-ID: <20211129095159.16376-3-rbalu@marvell.com> (raw)
In-Reply-To: <20211129095159.16376-1-rbalu@marvell.com>
From: Ramkumar <rbalu@marvell.com>
During RSA verify, the OpenSSL PMD fails to return the plaintext after
public key decryption.
This patch fixes the OpenSSL PMD to return the decrypted plaintext in
cipher.data / cipher.length fields
Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym operations")
Fixes: fe1606e0138c ("crypto/openssl: fix RSA verify operation")
Cc: stable@dpdk.org
Signed-off-by: Ramkumar <rbalu@marvell.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 5794ed8159..3ab2c3b5c1 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1953,12 +1953,16 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
break;
case RTE_CRYPTO_ASYM_OP_VERIFY:
- tmp = rte_malloc(NULL, op->rsa.sign.length, 0);
+ tmp = op->rsa.cipher.data;
if (tmp == NULL) {
- OPENSSL_LOG(ERR, "Memory allocation failed");
- cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
- break;
+ tmp = rte_malloc(NULL, op->rsa.sign.length, 0);
+ if (tmp == NULL) {
+ OPENSSL_LOG(ERR, "Memory allocation failed");
+ cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+ break;
+ }
}
+
ret = RSA_public_decrypt(op->rsa.sign.length,
op->rsa.sign.data,
tmp,
@@ -1974,7 +1978,9 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
OPENSSL_LOG(ERR, "RSA sign Verification failed");
cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
}
- rte_free(tmp);
+ op->rsa.cipher.length = ret;
+ if (tmp != op->rsa.cipher.data)
+ rte_free(tmp);
break;
default:
--
2.17.1
next prev parent reply other threads:[~2021-11-29 10:41 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-29 9:51 [PATCH 0/5] cryptodev: fix inconsistency in RSA op usage Ramkumar Balu
2021-11-29 9:51 ` [PATCH 1/5] cryptodev: fix RSA op cipher field description Ramkumar Balu
2021-11-29 9:51 ` Ramkumar Balu [this message]
2021-12-28 9:10 ` [PATCH 2/5] crypto/openssl: fix output of RSA verify op Kusztal, ArkadiuszX
2022-01-13 10:34 ` Ramkumar Balu
2021-11-29 9:51 ` [PATCH 3/5] crypto/octeontx: fix output field for RSA verify Ramkumar Balu
2021-11-29 9:51 ` [PATCH 4/5] crypto/octeontx2: " Ramkumar Balu
2021-11-29 9:51 ` [PATCH 5/5] crypto/cnxk: " Ramkumar Balu
2021-12-28 8:58 ` [PATCH 0/5] cryptodev: fix inconsistency in RSA op usage Kusztal, ArkadiuszX
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211129095159.16376-3-rbalu@marvell.com \
--to=rbalu@marvell.com \
--cc=adwivedi@marvell.com \
--cc=anoobj@marvell.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=ktejasree@marvell.com \
--cc=roy.fan.zhang@intel.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
DPDK patches and discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://inbox.dpdk.org/dev/0 dev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 dev dev/ http://inbox.dpdk.org/dev \
dev@dpdk.org
public-inbox-index dev
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://inbox.dpdk.org/inbox.dpdk.dev
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git