patch 'crypto/cnxk: return decrypted data for RSA verify' has been queued to stable release 23.11.7

Shani Peretz shperetz at nvidia.com
Tue Mar 31 08:24:35 CEST 2026

Previous message (by thread): patch 'test/crypto: fix mbuf segment number' has been queued to stable release 23.11.7
Next message (by thread): patch 'net/mlx5: fix job leak on indirect meter creation failure' has been queued to stable release 23.11.7
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to stable release 23.11.7

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 04/05/26. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/shanipr/dpdk-stable

This queued commit can be viewed at:
https://github.com/shanipr/dpdk-stable/commit/98c16b2b2168fdd6ea94ec13ef3aa83a0c8acdac

Thanks.

Shani

---
>From 98c16b2b2168fdd6ea94ec13ef3aa83a0c8acdac Mon Sep 17 00:00:00 2001
From: Garvit Varshney <gvarshney at marvell.com>
Date: Tue, 27 Jan 2026 10:04:59 +0530
Subject: [PATCH] crypto/cnxk: return decrypted data for RSA verify

[ upstream commit adaf208c017724a814a08472a22908ca0a2f11b8 ]

For RSA verify operations with RTE_CRYPTO_RSA_PADDING_NONE, the driver
cannot determine which padding algorithm the application is using.
As per the API specification in rte_crypto_asym.h, when
RTE_CRYPTO_RSA_PADDING_NONE and RTE_CRYPTO_ASYM_OP_VERIFY are selected,
the decrypted signature should be returned to the application in the
cipher output buffer.

Fixes: dfd038b97ec3 ("crypto/cnxk: refactor RSA verification")

Signed-off-by: Garvit Varshney <gvarshney at marvell.com>
Acked-by: Akhil Goyal <gakhil at marvell.com>
---
 .mailmap                      | 1 +
 drivers/crypto/cnxk/cnxk_ae.h | 7 ++++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.mailmap b/.mailmap
index f1c508e271..bdf998a1ae 100644
--- a/.mailmap
+++ b/.mailmap
@@ -448,6 +448,7 @@ Gang Yang <gangx.yang at intel.com>
 Gao Feng <davidfgao at tencent.com>
 Gaoxiang Liu <liugaoxiang at huawei.com>
 Gargi Sau <gargi.sau at intel.com>
+Garvit Varshney <gvarshney at marvell.com>
 Gary Mussar <gmussar at ciena.com>
 Gaurav Singh <gaurav1086 at gmail.com>
 Gautam Dawar <gdawar at solarflare.com>
diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index 527b5b9730..54b8bfd8ae 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -1172,9 +1172,10 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
 		break;
 	case RTE_CRYPTO_ASYM_OP_VERIFY:
 		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
-			rsa->sign.length = rsa_ctx->n.length;
-			if (memcmp(rptr, rsa->message.data, rsa->message.length))
-				cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			/* Application compares decrypted data with message for SW padding schemes
+			 */
+			rsa->cipher.length = rsa_ctx->n.length;
+			memcpy(rsa->cipher.data, rptr, rsa->cipher.length);
 		} else {
 			/* Get length of signed output */
 			rsa->sign.length = rte_cpu_to_be_16(*((uint16_t *)rptr));
-- 
2.43.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2026-03-31 00:32:36.077266376 +0300
+++ 0076-crypto-cnxk-return-decrypted-data-for-RSA-verify.patch	2026-03-31 00:32:29.484361000 +0300
@@ -1 +1 @@
-From adaf208c017724a814a08472a22908ca0a2f11b8 Mon Sep 17 00:00:00 2001
+From 98c16b2b2168fdd6ea94ec13ef3aa83a0c8acdac Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit adaf208c017724a814a08472a22908ca0a2f11b8 ]
+
@@ -14 +15,0 @@
-Cc: stable at dpdk.org
@@ -24 +25 @@
-index cdaa471715..81499a3337 100644
+index f1c508e271..bdf998a1ae 100644
@@ -27 +28 @@
-@@ -497,6 +497,7 @@ Ganghui Zeng <zengganghui at huawei.com>
+@@ -448,6 +448,7 @@ Gang Yang <gangx.yang at intel.com>
@@ -36 +37 @@
-index 912a2a9496..21a0c8068a 100644
+index 527b5b9730..54b8bfd8ae 100644
@@ -39 +40 @@
-@@ -1591,9 +1591,10 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
+@@ -1172,9 +1172,10 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
@@ -42 +43 @@
- 		if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
+ 		if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {

Previous message (by thread): patch 'test/crypto: fix mbuf segment number' has been queued to stable release 23.11.7
Next message (by thread): patch 'net/mlx5: fix job leak on indirect meter creation failure' has been queued to stable release 23.11.7
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list