From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 15A86A0487 for ; Wed, 3 Jul 2019 17:39:24 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id E0ADE4C99; Wed, 3 Jul 2019 17:39:23 +0200 (CEST) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by dpdk.org (Postfix) with ESMTP id 6C4732C60 for ; Wed, 3 Jul 2019 17:39:22 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Jul 2019 08:39:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,446,1557212400"; d="scan'208";a="184788186" Received: from damiannx-mobl1.ger.corp.intel.com (HELO akusztax-MOBL.ger.corp.intel.com) ([10.104.14.182]) by fmsmga001.fm.intel.com with ESMTP; 03 Jul 2019 08:39:19 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: akhil.goyal@nxp.com, fiona.trahe@intel.com, shally.verma@caviumnetworks.com, Arek Kusztal Date: Wed, 3 Jul 2019 17:37:58 +0200 Message-Id: <20190703153759.1508-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.19.1.windows.1 In-Reply-To: <20190703153759.1508-1-arkadiuszx.kusztal@intel.com> References: <20190703153759.1508-1-arkadiuszx.kusztal@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v2 2/3] crypto/openssl: rework openssl rsa implementation X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This commit reworks implementation of RSA algorithm in OPENSSL PMD to be conformant to API changes. Signed-off-by: Arek Kusztal --- drivers/crypto/openssl/rte_openssl_pmd.c | 67 ++++++++++++++++++-------------- 1 file changed, 38 insertions(+), 29 deletions(-) diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index 7c8bf0d..642580b 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -1842,15 +1842,13 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, int ret = 0; struct rte_crypto_asym_op *op = cop->asym; RSA *rsa = sess->u.r.rsa; - uint32_t pad = (op->rsa.pad); + uint32_t pad = (op->rsa.padding); uint8_t *tmp; cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS; switch (pad) { - case RTE_CRYPTO_RSA_PKCS1_V1_5_BT0: - case RTE_CRYPTO_RSA_PKCS1_V1_5_BT1: - case RTE_CRYPTO_RSA_PKCS1_V1_5_BT2: + case RTE_CRYPTO_RSA_PADDING_PKCS1: pad = RSA_PKCS1_PADDING; break; case RTE_CRYPTO_RSA_PADDING_NONE: @@ -1867,19 +1865,19 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, case RTE_CRYPTO_ASYM_OP_ENCRYPT: ret = RSA_public_encrypt(op->rsa.message.length, op->rsa.message.data, - op->rsa.message.data, + op->rsa.cipher.data, rsa, pad); if (ret > 0) - op->rsa.message.length = ret; + op->rsa.cipher.length = ret; OPENSSL_LOG(DEBUG, "length of encrypted text %d\n", ret); break; case RTE_CRYPTO_ASYM_OP_DECRYPT: - ret = RSA_private_decrypt(op->rsa.message.length, - op->rsa.message.data, + ret = RSA_private_decrypt(op->rsa.cipher.length, + op->rsa.cipher.data, op->rsa.message.data, rsa, pad); @@ -1898,28 +1896,39 @@ process_openssl_rsa_op(struct rte_crypto_op *cop, break; case RTE_CRYPTO_ASYM_OP_VERIFY: - tmp = rte_malloc(NULL, op->rsa.sign.length, 0); - if (tmp == NULL) { - OPENSSL_LOG(ERR, "Memory allocation failed"); - cop->status = RTE_CRYPTO_OP_STATUS_ERROR; - break; - } - ret = RSA_public_decrypt(op->rsa.sign.length, - op->rsa.sign.data, - tmp, - rsa, - pad); - - OPENSSL_LOG(DEBUG, - "Length of public_decrypt %d " - "length of message %zd\n", - ret, op->rsa.message.length); - if ((ret <= 0) || (CRYPTO_memcmp(tmp, op->rsa.message.data, - op->rsa.message.length))) { - OPENSSL_LOG(ERR, "RSA sign Verification failed"); - cop->status = RTE_CRYPTO_OP_STATUS_ERROR; + if (pad == RSA_NO_PADDING) { + ret = RSA_public_decrypt(op->rsa.sign.length, + op->rsa.sign.data, + op->rsa.message_to_verify.data, + rsa, + pad); + + if (ret > 0) + op->rsa.message_to_verify.length = ret; + } else { + tmp = rte_malloc(NULL, op->rsa.sign.length, 0); + if (tmp == NULL) { + OPENSSL_LOG(ERR, "Memory allocation failed"); + cop->status = RTE_CRYPTO_OP_STATUS_ERROR; + break; + } + ret = RSA_public_decrypt(op->rsa.sign.length, + op->rsa.sign.data, + tmp, + rsa, + pad); + + OPENSSL_LOG(DEBUG, + "Length of public_decrypt %d " + "length of message %zd\n", + ret, op->rsa.message.length); + if ((ret <= 0) || (CRYPTO_memcmp(tmp, op->rsa.message.data, + op->rsa.message.length))) { + OPENSSL_LOG(ERR, "RSA sign Verification failed"); + cop->status = RTE_CRYPTO_OP_STATUS_ERROR; + } + rte_free(tmp); } - rte_free(tmp); break; default: -- 2.1.0