From: Ramkumar Balu <rbalu@marvell.com> To: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>, Akhil Goyal <gakhil@marvell.com>, Anoob Joseph <anoobj@marvell.com>, "Doherty, Declan" <declan.doherty@intel.com>, "Zhang, Roy Fan" <roy.fan.zhang@intel.com>, Ankur Dwivedi <adwivedi@marvell.com>, Tejasree Kondoj <ktejasree@marvell.com> Cc: "stable@dpdk.org" <stable@dpdk.org>, "dev@dpdk.org" <dev@dpdk.org> Subject: RE: [PATCH 2/5] crypto/openssl: fix output of RSA verify op Date: Thu, 13 Jan 2022 10:34:33 +0000 Message-ID: <DM5PR1801MB2074CDB917B17D58694E2DD5B0539@DM5PR1801MB2074.namprd18.prod.outlook.com> (raw) In-Reply-To: <PH0PR11MB5013FD6B41628E8CC79F1CF29F439@PH0PR11MB5013.namprd11.prod.outlook.com> Thank you for the comments. I agree that OpenSSL PMD needs a major refactoring in asym crypto. I have asked Akhil to reject this patch series. -----Original Message----- From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com> Sent: Tuesday, December 28, 2021 2:41 PM To: Ramkumar Balu <rbalu@marvell.com>; Akhil Goyal <gakhil@marvell.com>; Anoob Joseph <anoobj@marvell.com>; Doherty, Declan <declan.doherty@intel.com>; Zhang, Roy Fan <roy.fan.zhang@intel.com>; Ankur Dwivedi <adwivedi@marvell.com>; Tejasree Kondoj <ktejasree@marvell.com> Cc: stable@dpdk.org; dev@dpdk.org Subject: [EXT] RE: [PATCH 2/5] crypto/openssl: fix output of RSA verify op ---------------------------------------------------------------------- > -----Original Message----- > From: Ramkumar Balu <rbalu@marvell.com> > Sent: Monday, November 29, 2021 10:52 AM > To: Akhil Goyal <gakhil@marvell.com>; Anoob Joseph > <anoobj@marvell.com>; Doherty, Declan <declan.doherty@intel.com>; > Zhang, Roy Fan <roy.fan.zhang@intel.com>; Ankur Dwivedi > <adwivedi@marvell.com>; Tejasree Kondoj <ktejasree@marvell.com> > Cc: stable@dpdk.org; dev@dpdk.org; Ramkumar <rbalu@marvell.com> > Subject: [PATCH 2/5] crypto/openssl: fix output of RSA verify op > > From: Ramkumar <rbalu@marvell.com> > > During RSA verify, the OpenSSL PMD fails to return the plaintext after > public key decryption. > This patch fixes the OpenSSL PMD to return the decrypted plaintext in > cipher.data / cipher.length fields > > Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym > operations") > Fixes: fe1606e0138c ("crypto/openssl: fix RSA verify operation") > Cc: stable@dpdk.org > > Signed-off-by: Ramkumar <rbalu@marvell.com> > --- > drivers/crypto/openssl/rte_openssl_pmd.c | 16 +++++++++++----- > 1 file changed, 11 insertions(+), 5 deletions(-) > > diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c > b/drivers/crypto/openssl/rte_openssl_pmd.c > index 5794ed8159..3ab2c3b5c1 100644 > --- a/drivers/crypto/openssl/rte_openssl_pmd.c > +++ b/drivers/crypto/openssl/rte_openssl_pmd.c > @@ -1953,12 +1953,16 @@ process_openssl_rsa_op(struct rte_crypto_op > *cop, > break; > > case RTE_CRYPTO_ASYM_OP_VERIFY: > - tmp = rte_malloc(NULL, op->rsa.sign.length, 0); > + tmp = op->rsa.cipher.data; > if (tmp == NULL) { > - OPENSSL_LOG(ERR, "Memory allocation failed"); > - cop->status = RTE_CRYPTO_OP_STATUS_ERROR; > - break; > + tmp = rte_malloc(NULL, op->rsa.sign.length, 0); > + if (tmp == NULL) { > + OPENSSL_LOG(ERR, "Memory allocation > failed"); > + cop->status = > RTE_CRYPTO_OP_STATUS_ERROR; > + break; > + } > } > + > ret = RSA_public_decrypt(op->rsa.sign.length, > op->rsa.sign.data, > tmp, [Arek] - this function is deprecated and more importantly it properly handle only NO_PADDING situation (no der encoding, like pre TLS 1.2). OpenSSL code needs major refactor in this area soon (mostly in asymmetric crypto). > @@ -1974,7 +1978,9 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, > OPENSSL_LOG(ERR, "RSA sign Verification failed"); > cop->status = RTE_CRYPTO_OP_STATUS_ERROR; > } > - rte_free(tmp); > + op->rsa.cipher.length = ret; > + if (tmp != op->rsa.cipher.data) > + rte_free(tmp); > break; > > default: > -- > 2.17.1
next prev parent reply other threads:[~2022-01-13 10:34 UTC|newest] Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-11-29 9:51 [PATCH 0/5] cryptodev: fix inconsistency in RSA op usage Ramkumar Balu 2021-11-29 9:51 ` [PATCH 1/5] cryptodev: fix RSA op cipher field description Ramkumar Balu 2021-11-29 9:51 ` [PATCH 2/5] crypto/openssl: fix output of RSA verify op Ramkumar Balu 2021-12-28 9:10 ` Kusztal, ArkadiuszX 2022-01-13 10:34 ` Ramkumar Balu [this message] 2021-11-29 9:51 ` [PATCH 3/5] crypto/octeontx: fix output field for RSA verify Ramkumar Balu 2021-11-29 9:51 ` [PATCH 4/5] crypto/octeontx2: " Ramkumar Balu 2021-11-29 9:51 ` [PATCH 5/5] crypto/cnxk: " Ramkumar Balu 2021-12-28 8:58 ` [PATCH 0/5] cryptodev: fix inconsistency in RSA op usage Kusztal, ArkadiuszX
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=DM5PR1801MB2074CDB917B17D58694E2DD5B0539@DM5PR1801MB2074.namprd18.prod.outlook.com \ --to=rbalu@marvell.com \ --cc=adwivedi@marvell.com \ --cc=anoobj@marvell.com \ --cc=arkadiuszx.kusztal@intel.com \ --cc=declan.doherty@intel.com \ --cc=dev@dpdk.org \ --cc=gakhil@marvell.com \ --cc=ktejasree@marvell.com \ --cc=roy.fan.zhang@intel.com \ --cc=stable@dpdk.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
DPDK patches and discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://inbox.dpdk.org/dev/0 dev/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 dev dev/ http://inbox.dpdk.org/dev \ dev@dpdk.org public-inbox-index dev Example config snippet for mirrors. Newsgroup available over NNTP: nntp://inbox.dpdk.org/inbox.dpdk.dev AGPL code for this site: git clone https://public-inbox.org/public-inbox.git