[PATCH 21.11] crypto/ipsec_mb: fix incorrectly setting cipher keys

patches for DPDK stable branches
 help / color / mirror / Atom feed

* [PATCH 21.11] crypto/ipsec_mb: fix incorrectly setting cipher keys
@ 2024-04-05 10:39 Ciara Power
  0 siblings, 0 replies; only message in thread
From: Ciara Power @ 2024-04-05 10:39 UTC (permalink / raw)
  To: stable; +Cc: Ciara Power, pablo.de.lara.guarch, Fan Zhang

The encryption and decryption keys were incorrectly being reset based on
authentication algorithm after already being set earlier in the code
based on cipher algorithm.
In cases when 3DES was used, the keys were being
incorrectly overwritten.

For CPU path, there is no need to have the keys set for XCBC and CMAC
cases.

Fixes: 010230a1543b ("crypto/aesni_mb: support Chacha20-Poly1305")
Fixes: b0a37e8cd2ac ("crypto/ipsec_mb: fix cipher key setting")
Fixes: a2c6d3f34f90 ("crypto/aesni_mb: support CPU crypto")

Signed-off-by: Ciara Power <ciara.power@intel.com>
---
Cc: pablo.de.lara.guarch@intel.com
---
 drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 536a586e98..1097244bab 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -992,9 +992,6 @@ set_cpu_mb_job_params(IMB_JOB *job, struct aesni_mb_session *session,
 		job->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded;
 		job->u.XCBC._k2 = session->auth.xcbc.k2;
 		job->u.XCBC._k3 = session->auth.xcbc.k3;
-
-		job->enc_keys = session->cipher.expanded_aes_keys.encode;
-		job->dec_keys = session->cipher.expanded_aes_keys.decode;
 		break;
 
 	case IMB_AUTH_AES_CCM:
@@ -1009,8 +1006,6 @@ set_cpu_mb_job_params(IMB_JOB *job, struct aesni_mb_session *session,
 		job->u.CMAC._key_expanded = session->auth.cmac.expkey;
 		job->u.CMAC._skey1 = session->auth.cmac.skey1;
 		job->u.CMAC._skey2 = session->auth.cmac.skey2;
-		job->enc_keys = session->cipher.expanded_aes_keys.encode;
-		job->dec_keys = session->cipher.expanded_aes_keys.decode;
 		break;
 
 	case IMB_AUTH_AES_GMAC:
@@ -1139,24 +1134,17 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
 		job->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded;
 		job->u.XCBC._k2 = session->auth.xcbc.k2;
 		job->u.XCBC._k3 = session->auth.xcbc.k3;
-
-		job->enc_keys = session->cipher.expanded_aes_keys.encode;
-		job->dec_keys = session->cipher.expanded_aes_keys.decode;
 		break;
 
 	case IMB_AUTH_AES_CCM:
 		job->u.CCM.aad = op->sym->aead.aad.data + 18;
 		job->u.CCM.aad_len_in_bytes = session->aead.aad_len;
-		job->enc_keys = session->cipher.expanded_aes_keys.encode;
-		job->dec_keys = session->cipher.expanded_aes_keys.decode;
 		break;
 
 	case IMB_AUTH_AES_CMAC:
 		job->u.CMAC._key_expanded = session->auth.cmac.expkey;
 		job->u.CMAC._skey1 = session->auth.cmac.skey1;
 		job->u.CMAC._skey2 = session->auth.cmac.skey2;
-		job->enc_keys = session->cipher.expanded_aes_keys.encode;
-		job->dec_keys = session->cipher.expanded_aes_keys.decode;
 		break;
 
 	case IMB_AUTH_AES_GMAC:
@@ -1194,8 +1182,6 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
 		job->u.CHACHA20_POLY1305.aad = op->sym->aead.aad.data;
 		job->u.CHACHA20_POLY1305.aad_len_in_bytes =
 			session->aead.aad_len;
-		job->enc_keys = session->cipher.expanded_aes_keys.encode;
-		job->dec_keys = session->cipher.expanded_aes_keys.encode;
 		break;
 	default:
 		job->u.HMAC._hashed_auth_key_xor_ipad =
-- 
2.25.1


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2024-04-05 10:40 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-05 10:39 [PATCH 21.11] crypto/ipsec_mb: fix incorrectly setting cipher keys Ciara Power

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).