From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 9CE88A0032;
	Wed, 31 Aug 2022 17:09:25 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 3E17D40F17;
	Wed, 31 Aug 2022 17:09:25 +0200 (CEST)
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 by mails.dpdk.org (Postfix) with ESMTP id AE3FB40395
 for <dev@dpdk.org>; Wed, 31 Aug 2022 17:09:23 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1661958564; x=1693494564;
 h=from:to:cc:subject:date:message-id:in-reply-to: references;
 bh=XTaeYp07R7N6Db2mkjf5Mu0bYsrQKTWy9vZ2mSdwUAQ=;
 b=jaHAU1n5/OdCtb+LWkOaw7D5tT9iMnt3pqexmuI7KwsXXtihok8NhTAM
 5PfXkxe2dtcRvsuQW/Jllzpl55u5ti9sUYd68m1sU+dq6QVn2tc253f9w
 8cYHRoAK8+woEnqutCi2/uQawqS2F8Rs86NLXkU8YP3xHJGvxnVzjO4Tq
 AUpvto4DSYIx0BhMChumFIYMiZMWQv/ayqfmyLAjutE9wwxaqdT9VkWdE
 jwNxEtw6clLRxWf67Qnk9kTcFiA6R3W3SFQS6NgdxS+SIEpOOaiQxJ3UN
 SOOw0e+FgGxGBWIDdwAQt3cHJvgG6X0drc5zM0xVwxDvUqVWBE3gnQT/R g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10456"; a="321607808"
X-IronPort-AV: E=Sophos;i="5.93,278,1654585200"; d="scan'208";a="321607808"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
 by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 31 Aug 2022 08:09:22 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.93,278,1654585200"; d="scan'208";a="673389194"
Received: from silpixa00400465.ir.intel.com ([10.55.128.22])
 by fmsmga008.fm.intel.com with ESMTP; 31 Aug 2022 08:09:21 -0700
From: Kai Ji <kai.ji@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com,
	Kai Ji <kai.ji@intel.com>
Subject: [dpdk-dev v2] crypto/openssl: fix HMAC output length
Date: Wed, 31 Aug 2022 23:09:18 +0800
Message-Id: <20220831150918.86824-1-kai.ji@intel.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20220711170810.60624-1-kai.ji@intel.com>
References: <20220711170810.60624-1-kai.ji@intel.com>
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

This patch sets the max length of dst in OpenSSL 3.0 lib EVP MAC final
routine to ensure enough space for the result.

Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 392b546a63..a078038651 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1447,7 +1447,7 @@ process_openssl_auth_mac(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
 	}
 
 process_auth_final:
-	if (EVP_MAC_final(ctx, dst, &dstlen, sizeof(dst)) != 1)
+	if (EVP_MAC_final(ctx, dst, &dstlen, DIGEST_LENGTH_MAX) != 1)
 		goto process_auth_err;
 
 	EVP_MAC_CTX_free(ctx);
-- 
2.17.1