[PATCH] test/crypto: fix RSA decrypt op validation

Gowrishankar Muthukrishnan gmuthukrishn at marvell.com
Wed Jun 18 18:04:49 CEST 2025

Previous message (by thread): [PATCH] test/crypto: fix RSA decrypt op validation
Next message (by thread): [PATCH] test/crypto: fix RSA decrypt op validation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Kai Ji,
> 
> Hi Gowrishankar,
> 
> Thanks for reach out, I don't have those environments setup on my end, but
> Ubuntu 20.04 and RHEL8  are old but still common LTS packages.
> Are you able to dump the actual msg buffer ?
> 

RSA_private_decrypt fails and return code is -1. Output buffer is untouched.

I dumped error code of it:
error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for modulus

When I used same openssl library that I compiled, no error is seen. Also, public
decrypt function is called, but it should be private decrypt to be called.

JFYI end of life for full support already over for the above distros. Not sure if the
Openssl 1.1.1 in them need some fix for above.

Thanks,
Gowrishankar

> It is highly possible relates to dsitro-specific patches ? Paddings ? Or crypto
> polices in RHEL ?
> 
> Regards
> 
> Kai
> 
> ________________________________
> 
> From: Gowrishankar Muthukrishnan <gmuthukrishn at marvell.com>
> Sent: Thursday, June 12, 2025 11:33
> To: Ji, Kai <kai.ji at intel.com>
> Cc: Anoob Joseph <anoobj at marvell.com>; dev at dpdk.org <dev at dpdk.org>; Akhil
> Goyal <gakhil at marvell.com>; Fan Zhang <fanzhang.oss at gmail.com>; Shally
> Verma <shallyv at marvell.com>; Kanaka Durga Kotamarthy
> <kkotamarthy at marvell.com>; Ayuj Verma <ayverma at marvell.com>; Kusztal,
> ArkadiuszX <arkadiuszx.kusztal at intel.com>
> Subject: RE: [PATCH] test/crypto: fix RSA decrypt op validation
> 
> Hi Kai Ji,
> This patch adds a check on cop status after DECRYPT in existing RSA test.There
> are few CI failures for this patch and the failures are very specific to Openssl 1.1.1
> variants used in below platforms:
> * Ubuntu 20.04 - Openssl 1.1.1f
> * RHEL 8 - Openssl 1.1.1k
> 
> When I manually build these Openssl variants in the above platforms (using
> Docker images) and execute tests using respective openssl shared libraries, all
> tests PASS. If I use Openssl library that is shipped within the above distributions,
> the test in patch FAIL.
> 
> I would like to get your opinion first to proceed on getting these patches CI acked.
> In my debug, I don't see any issue with the patch and the patch adds better
> Validation indeed. May be that, it has uncovered a potential failure in above
> Distros. Can you check on your end if these failures disappear in manual try.
> What would you suggest to go forward, for openssl PMD ?
> 
> If required, I can start filing a Bugzilla as well.
> 
> Thanks,
> Gowrishankar
> 
> >
> > Following RSA encrypt op, same plaintext buffer is used as output
> > buffer for decrypt op, hence comparing plaintext buffer against same
> > buffer pointer in crypto op always succeed irrespective of whether decrypt op
> succeeds or not.
> > This patch fixes this issue with a local buffer for crypto op.
> >
> > Fixes: 5ae36995f10 ("test/crypto: move RSA enqueue/dequeue into
> > functions")
> > Cc: stable at dpdk.org
> >
> > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn at marvell.com>
>

Previous message (by thread): [PATCH] test/crypto: fix RSA decrypt op validation
Next message (by thread): [PATCH] test/crypto: fix RSA decrypt op validation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list