[v1] crypto/openssl: fix of dstlen passed in HMAC
Checks
Commit Message
This fix of dstlen passed in OpenSSL 3.0 lib EVP MAC final routine.
Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
> -----Original Message-----
> From: Kai Ji <kai.ji@intel.com>
> Sent: Monday, July 11, 2022 6:08 PM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Ji, Kai <kai.ji@intel.com>
> Subject: [dpdk-dev v1] crypto/openssl: fix of dstlen passed in HMAC
>
> This fix of dstlen passed in OpenSSL 3.0 lib EVP MAC final routine.
>
> Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP
> API")
>
> Signed-off-by: Kai Ji <kai.ji@intel.com>
> ---
> drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c
> b/drivers/crypto/openssl/rte_openssl_pmd.c
> index e01dacc98d..5658b9db66 100644
> --- a/drivers/crypto/openssl/rte_openssl_pmd.c
> +++ b/drivers/crypto/openssl/rte_openssl_pmd.c
> @@ -1395,7 +1395,7 @@ process_openssl_auth_hmac(struct rte_mbuf
> *mbuf_src, uint8_t *dst, int offset,
> }
>
> process_auth_final:
> - if (EVP_MAC_final(ctx, dst, &dstlen, sizeof(dst)) != 1)
> + if (EVP_MAC_final(ctx, dst, &dstlen, DIGEST_LENGTH_MAX) != 1)
> goto process_auth_err;
>
> EVP_MAC_CTX_free(ctx);
> --
> 2.17.1
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
> Subject: [EXT] [dpdk-dev v1] crypto/openssl: fix of dstlen passed in HMAC
>
Title can be reworded
Crypto/openssl: fix HMAC output length
> This fix of dstlen passed in OpenSSL 3.0 lib EVP MAC final routine.
Please reword the description to explain what is not correct and what is done to fix it.
>
> Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")
>
> Signed-off-by: Kai Ji <kai.ji@intel.com>
> ---
> drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c
> b/drivers/crypto/openssl/rte_openssl_pmd.c
> index e01dacc98d..5658b9db66 100644
> --- a/drivers/crypto/openssl/rte_openssl_pmd.c
> +++ b/drivers/crypto/openssl/rte_openssl_pmd.c
> @@ -1395,7 +1395,7 @@ process_openssl_auth_hmac(struct rte_mbuf
> *mbuf_src, uint8_t *dst, int offset,
> }
>
> process_auth_final:
> - if (EVP_MAC_final(ctx, dst, &dstlen, sizeof(dst)) != 1)
> + if (EVP_MAC_final(ctx, dst, &dstlen, DIGEST_LENGTH_MAX) != 1)
> goto process_auth_err;
>
> EVP_MAC_CTX_free(ctx);
> --
> 2.17.1
@@ -1395,7 +1395,7 @@ process_openssl_auth_hmac(struct rte_mbuf *mbuf_src, uint8_t *dst, int offset,
}
process_auth_final:
- if (EVP_MAC_final(ctx, dst, &dstlen, sizeof(dst)) != 1)
+ if (EVP_MAC_final(ctx, dst, &dstlen, DIGEST_LENGTH_MAX) != 1)
goto process_auth_err;
EVP_MAC_CTX_free(ctx);