lib/cryptodev: set minimal output buffer size for RSA op
Checks
Commit Message
Depending on RSA op, the output buffer size could be set
minimal expected memory, rather than 0 as today. This will allow
PMD to do any validation on the size, in case an application
did not create enough memory or even in case of any memory
fault.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
app/test/test_cryptodev_asym.c | 6 +++---
lib/cryptodev/rte_crypto_asym.h | 15 ++++++++++-----
2 files changed, 13 insertions(+), 8 deletions(-)
Comments
> Subject: [PATCH] lib/cryptodev: set minimal output buffer size for RSA op
>
> Depending on RSA op, the output buffer size could be set
> minimal expected memory, rather than 0 as today. This will allow
> PMD to do any validation on the size, in case an application
> did not create enough memory or even in case of any memory
> fault.
>
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
> > Subject: [PATCH] lib/cryptodev: set minimal output buffer size for RSA op
> >
> > Depending on RSA op, the output buffer size could be set
> > minimal expected memory, rather than 0 as today. This will allow
> > PMD to do any validation on the size, in case an application
> > did not create enough memory or even in case of any memory
> > fault.
> >
> > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Acked-by: Akhil Goyal <gakhil@marvell.com>
Applied to dpdk-next-crypto
@@ -90,7 +90,7 @@ queue_ops_rsa_sign_verify(void *sess)
asym_op->rsa.message.data = rsaplaintext.data;
asym_op->rsa.message.length = rsaplaintext.len;
- asym_op->rsa.sign.length = 0;
+ asym_op->rsa.sign.length = RTE_DIM(rsa_n);
asym_op->rsa.sign.data = output_buf;
asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
@@ -181,7 +181,7 @@ queue_ops_rsa_enc_dec(void *sess)
asym_op->rsa.message.data = rsaplaintext.data;
asym_op->rsa.cipher.data = cipher_buf;
- asym_op->rsa.cipher.length = 0;
+ asym_op->rsa.cipher.length = RTE_DIM(rsa_n);
asym_op->rsa.message.length = rsaplaintext.len;
asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
@@ -213,7 +213,7 @@ queue_ops_rsa_enc_dec(void *sess)
/* Use the resulted output as decryption Input vector*/
asym_op = result_op->asym;
- asym_op->rsa.message.length = 0;
+ asym_op->rsa.message.length = RTE_DIM(rsa_n);
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
@@ -414,7 +414,8 @@ struct rte_crypto_rsa_op_param {
* In this case the underlying array should have been
* allocated with enough memory to hold plaintext output
* (i.e. must be at least RSA key size). The message.length
- * field should be 0 and will be overwritten by the PMD
+ * field could be either 0 or minimal length expected from PMD.
+ * This could be validated and overwritten by the PMD
* with the decrypted length.
*/
@@ -427,8 +428,10 @@ struct rte_crypto_rsa_op_param {
* - for RSA public encrypt.
* In this case the underlying array should have been allocated
* with enough memory to hold ciphertext output (i.e. must be
- * at least RSA key size). The cipher.length field should
- * be 0 and will be overwritten by the PMD with the encrypted length.
+ * at least RSA key size). The cipher.length field could be
+ * either 0 or minimal length expected from PMD.
+ * This could be validated and overwritten by the PMD
+ * with the encrypted length.
*
* When RTE_CRYPTO_RSA_PADDING_NONE and RTE_CRYPTO_ASYM_OP_VERIFY
* selected, this is an output of decrypted signature.
@@ -443,8 +446,10 @@ struct rte_crypto_rsa_op_param {
* - for RSA private encrypt.
* In this case the underlying array should have been allocated
* with enough memory to hold signature output (i.e. must be
- * at least RSA key size). The sign.length field should
- * be 0 and will be overwritten by the PMD with the signature length.
+ * at least RSA key size). The sign.length field could be
+ * either 0 or minimal length expected from PMD.
+ * This could be validated and overwritten by the PMD
+ * with the signature length.
*/
struct rte_crypto_rsa_padding padding;