[DPDK/cryptodev Bug 1773] Crypto devices should be using constant time memcmp

bugzilla at dpdk.org bugzilla at dpdk.org
Tue Aug 19 03:33:28 CEST 2025

Previous message (by thread): [EXTERNAL] Re: [PATCH v2] bus/vmbus: add device argument to configure if NUMA information on the device should be ignored
Next message (by thread): [PATCH] app/crypto-perf: add ECDSA P384 support
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

https://bugs.dpdk.org/show_bug.cgi?id=1773

            Bug ID: 1773
           Summary: Crypto devices should be using constant time memcmp
           Product: DPDK
           Version: 25.07
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: Normal
         Component: cryptodev
          Assignee: dev at dpdk.org
          Reporter: stephen at networkplumber.org
  Target Milestone: ---

To be resistant to timing attacks all cryptodev operations should be using a
version of memcmp that takes constant time.

There is no such function in std libc maybe make a new one?

Examples in current code base:


~/.../main/drivers/crypto $ git grep memcmp
armv8/rte_armv8_pmd.c:          if (memcmp(adst, op->sym->auth.digest.data,
ccp/ccp_crypto.c:               if (memcmp(dst, op->sym->auth.digest.data,
ccp/ccp_crypto.c:               if (memcmp(addr + offset, digest_data,
cnxk/cnxk_ae.h:         if (memcmp(rsa->sign.data, rsa->message.data,
cnxk/cnxk_se.h: if (memcmp(mac, gen_mac, mac_len))
ipsec_mb/pmd_aesni_gcm.c:               if (memcmp(tag, digest,
session->req_digest_length) != 0)
ipsec_mb/pmd_aesni_gcm.c:       return memcmp(digest, tmpdigest,
s->req_digest_length) == 0 ? 0
ipsec_mb/pmd_aesni_mb.c:        if (memcmp(job->auth_tag_output, crc,
RTE_ETHER_CRC_LEN) != 0)
ipsec_mb/pmd_aesni_mb.c:        if (memcmp(job->auth_tag_output, digest, len)
!= 0)
ipsec_mb/pmd_aesni_mb.c:                        if (memcmp(vec->digest[i].va,
dgst[i], len) != 0)
ipsec_mb/pmd_snow3g.c:                  if (memcmp(dst,
ops[i]->sym->auth.digest.data,
ipsec_mb/pmd_zuc.c:                     if (memcmp(dst[i],
ops[i]->sym->auth.digest.data,
mlx5/mlx5_crypto_dek.c: return memcmp(key, dek->data, xkey_len);
nitrox/nitrox_sym_reqmgr.c:     if (!memcmp(ctx->salt, addr,
AES_GCM_SALT_SIZE))
octeontx/otx_cryptodev_ops.c:           if (memcmp(rsa->sign.data,
rsa->message.data,
openssl/rte_openssl_pmd.c:              if (CRYPTO_memcmp(dst,
op->sym->auth.digest.data,
openssl/rte_openssl_pmd.c:              if (CRYPTO_memcmp(tmp,
op->rsa.message.data,
openssl/rte_openssl_pmd.c:              if ((ret <= 0) || (CRYPTO_memcmp(tmp,
op->rsa.message.data,
scheduler/rte_cryptodev_scheduler.c:            return
!memcmp(&sec_cap1->docsis, &sec_cap2->docsis,
uadk/uadk_crypto_pmd.c:                 if (memcmp(dst,
op->sym->auth.digest.data,

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mails.dpdk.org/archives/dev/attachments/20250819/ba32bf0e/attachment.htm>

Previous message (by thread): [EXTERNAL] Re: [PATCH v2] bus/vmbus: add device argument to configure if NUMA information on the device should be ignored
Next message (by thread): [PATCH] app/crypto-perf: add ECDSA P384 support
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list