[dpdk-dev] [PATCH 1/3] crypto/aesni_mb: fix CCM digest size check
Pablo de Lara
pablo.de.lara.guarch at intel.com
Tue Oct 6 12:59:11 CEST 2020
Digest size for CCM was being checked for other algorithms
apart from CCM.
Fixes: c4c0c312a823 ("crypto/aesni_mb: check for invalid digest size")
Cc: stable at dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
---
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 29 +++++++++++-----------
1 file changed, 15 insertions(+), 14 deletions(-)
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index 1bddbcf74..784278719 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -564,6 +564,14 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -EINVAL;
}
+ /* Set IV parameters */
+ sess->iv.offset = xform->aead.iv.offset;
+ sess->iv.length = xform->aead.iv.length;
+
+ /* Set digest sizes */
+ sess->auth.req_digest_len = xform->aead.digest_length;
+ sess->auth.gen_digest_len = sess->auth.req_digest_len;
+
switch (xform->aead.algo) {
case RTE_CRYPTO_AEAD_AES_CCM:
sess->cipher.mode = CCM;
@@ -582,6 +590,13 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -EINVAL;
}
+ /* CCM digests must be between 4 and 16 and an even number */
+ if (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN ||
+ sess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN ||
+ (sess->auth.req_digest_len & 1) == 1) {
+ AESNI_MB_LOG(ERR, "Invalid digest size\n");
+ return -EINVAL;
+ }
break;
case RTE_CRYPTO_AEAD_AES_GCM:
@@ -616,20 +631,6 @@ aesni_mb_set_session_aead_parameters(const MB_MGR *mb_mgr,
return -ENOTSUP;
}
- /* Set IV parameters */
- sess->iv.offset = xform->aead.iv.offset;
- sess->iv.length = xform->aead.iv.length;
-
- sess->auth.req_digest_len = xform->aead.digest_length;
- /* CCM digests must be between 4 and 16 and an even number */
- if (sess->auth.req_digest_len < AES_CCM_DIGEST_MIN_LEN ||
- sess->auth.req_digest_len > AES_CCM_DIGEST_MAX_LEN ||
- (sess->auth.req_digest_len & 1) == 1) {
- AESNI_MB_LOG(ERR, "Invalid digest size\n");
- return -EINVAL;
- }
- sess->auth.gen_digest_len = sess->auth.req_digest_len;
-
return 0;
}
--
2.25.1
More information about the dev
mailing list