[dpdk-dev] [PATCH] crypto/openssl: fix inproper freeing of asymmetric crypto keys in rsa

Akhil Goyal akhil.goyal at nxp.com
Tue Jun 18 14:59:03 CEST 2019


Hi Arek,

> In case big number need to be freed, data it contains should be cleared
> before especially if it is critical data like private keys.
> 
> Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym operations")
> 
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal at intel.com>
> ---
>  config/common_base                           |  4 ++--
>  drivers/crypto/openssl/rte_openssl_pmd_ops.c | 16 ++++++++--------
>  2 files changed, 10 insertions(+), 10 deletions(-)
> 
> diff --git a/config/common_base b/config/common_base
> index 6b96e0e..a3d8e17 100644
> --- a/config/common_base
> +++ b/config/common_base
> @@ -573,7 +573,7 @@ CONFIG_RTE_LIBRTE_PMD_OCTEONTX_CRYPTO=y
>  #
>  CONFIG_RTE_LIBRTE_PMD_QAT=y
>  CONFIG_RTE_LIBRTE_PMD_QAT_SYM=n
> -CONFIG_RTE_LIBRTE_PMD_QAT_ASYM=n
> +CONFIG_RTE_LIBRTE_PMD_QAT_ASYM=y
>  #
>  # Max. number of QuickAssist devices, which can be detected and attached
>  #
> @@ -597,7 +597,7 @@ CONFIG_RTE_LIBRTE_PMD_AESNI_MB=n
>  #
>  # Compile PMD for Software backed device
>  #
> -CONFIG_RTE_LIBRTE_PMD_OPENSSL=n
> +CONFIG_RTE_LIBRTE_PMD_OPENSSL=y
> 
I think these config changes were done by mistake in this patch.

Openssl cannot be enabled by default as it needs external codebase.

Please send fix only for openssl driver as the description says.

Thanks,
Akhil


More information about the dev mailing list