diff mbox series

crypto/openssl: validate incorrect signature in verify op

Message ID	20250216142822.1508-1-gmuthukrishn@marvell.com (mailing list archive)
State	Superseded
Delegated to:	akhil goyal
Headers	From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com> To: <dev@dpdk.org>, Akhil Goyal <gakhil@marvell.com>, Kai Ji <kai.ji@intel.com>, Fan Zhang <fanzhang.oss@gmail.com> CC: <anoobj@marvell.com>, Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>, <stable@dpdk.org> Subject: [PATCH] crypto/openssl: validate incorrect signature in verify op Date: Sun, 16 Feb 2025 19:58:19 +0530 Message-ID: <20250216142822.1508-1-gmuthukrishn@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	crypto/openssl: validate incorrect signature in verify op \| crypto/openssl: validate incorrect signature in verify op

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/loongarch-compilation	success	Compilation OK
ci/loongarch-unit-testing	success	Unit Testing PASS
ci/github-robot: build	success	github build: passed
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/iol-marvell-Functional	success	Functional Testing PASS
ci/iol-abi-testing	success	Testing PASS
ci/iol-unit-arm64-testing	success	Testing PASS
ci/iol-unit-amd64-testing	success	Testing PASS
ci/iol-sample-apps-testing	success	Testing PASS
ci/iol-compile-amd64-testing	success	Testing PASS
ci/iol-compile-arm64-testing	success	Testing PASS
ci/Intel-compilation	success	Compilation OK
ci/intel-Testing	success	Testing PASS
ci/intel-Functional	success	Functional PASS
ci/iol-intel-Performance	success	Performance Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS

Commit Message

Gowrishankar Muthukrishnan Feb. 16, 2025, 2:28 p.m. UTC

Return correct error status when incorrect signature is
used in RSA verify op.

Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP API")
Cc: stable@dpdk.org

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 drivers/crypto/openssl/rte_openssl_pmd.c | 3 +++
 1 file changed, 3 insertions(+)

diff mbox series

Patch

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index b090611bd0..239688ed47 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -2710,6 +2710,8 @@  process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
 		return ret;
 	}
 
+	cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+
 	switch (op->rsa.op_type) {
 	case RTE_CRYPTO_ASYM_OP_ENCRYPT:
 		if (EVP_PKEY_encrypt_init(rsa_ctx) != 1)
@@ -2807,6 +2809,7 @@  process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
 				op->rsa.sign.data,
 				op->rsa.sign.length) <= 0) {
 			OPENSSL_free(tmp);
+			ret = 0;
 			goto err_rsa;
 		}