<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div class="elementToProof" style="font-family: "IntelOne Text"; font-size: 10pt; color: rgb(0, 0, 0);">
Acked-by: Kai Ji <kai.ji@intel.com></div>
<div class="elementToProof" style="font-family: "IntelOne Text"; font-size: 10pt; color: rgb(0, 0, 0);">
<br>
</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com><br>
<b>Sent:</b> 20 June 2025 09:19<br>
<b>To:</b> dev@dpdk.org <dev@dpdk.org>; Ji, Kai <kai.ji@intel.com>; Ashish Gupta <ashishg@marvell.comashish.gupta@marvell.com>; Shally Verma <shallyv@marvell.com>; Sunila Sahu <ssahu@marvell.com><br>
<b>Cc:</b> anoobj@marvell.com <anoobj@marvell.com>; Akhil Goyal <gakhil@marvell.com>; Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>; stable@dpdk.org <stable@dpdk.org><br>
<b>Subject:</b> [PATCH 1/3] crypto/openssl: include private exponent in RSA session</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText">If private exponent is available, it should be included within<br>
RSA session as per RFC 8017 (A.1.2). OpenSSL 1.1.1 implementation<br>
rely on this private exponent, to implicitly reject invalid cipher.<br>
Hence, check if it is available for session and include it.<br>
<br>
Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym operations")<br>
Cc: stable@dpdk.org<br>
<br>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com><br>
---<br>
 drivers/crypto/openssl/rte_openssl_pmd_ops.c | 6 ++++--<br>
 1 file changed, 4 insertions(+), 2 deletions(-)<br>
<br>
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c<br>
index 04e018f3df..d3aa396c76 100644<br>
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c<br>
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c<br>
@@ -1025,7 +1025,7 @@ static int openssl_set_asym_session_parameters(<br>
                 if (rsa == NULL)<br>
                         goto err_rsa;<br>
 <br>
-               if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_EXP) {<br>
+               if (xform->rsa.d.length > 0) {<br>
                         d = BN_bin2bn(<br>
                         (const unsigned char *)xform->rsa.d.data,<br>
                         xform->rsa.d.length,<br>
@@ -1034,7 +1034,9 @@ static int openssl_set_asym_session_parameters(<br>
                                 RSA_free(rsa);<br>
                                 goto err_rsa;<br>
                         }<br>
-               } else {<br>
+               }<br>
+<br>
+               if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_QT) {<br>
                         p = BN_bin2bn((const unsigned char *)<br>
                                         xform->rsa.qt.p.data,<br>
                                         xform->rsa.qt.p.length,<br>
-- <br>
2.25.1<br>
<br>
</div>
</span></font></div>
</body>
</html>