diff mbox series

crypto/virtio: fix DER encoding of RSA public key

Message ID 20250510104103.2081-1-gmuthukrishn@marvell.com (mailing list archive)
State Accepted
Delegated to: akhil goyal
Headers
Series crypto/virtio: fix DER encoding of RSA public key |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/loongarch-compilation success Compilation OK
ci/loongarch-unit-testing success Unit Testing PASS
ci/github-robot: build success github build: passed
ci/iol-marvell-Functional success Functional Testing PASS
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-broadcom-Performance success Performance Testing PASS
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-abi-testing success Testing PASS
ci/iol-unit-amd64-testing success Testing PASS
ci/iol-compile-amd64-testing success Testing PASS
ci/iol-sample-apps-testing success Testing PASS
ci/iol-unit-arm64-testing success Testing PASS
ci/iol-compile-arm64-testing success Testing PASS
ci/aws-unit-testing success Unit Testing PASS
ci/Intel-compilation success Compilation OK
ci/intel-Testing success Testing PASS
ci/intel-Functional success Functional PASS

Commit Message

Gowrishankar Muthukrishnan May 10, 2025, 10:40 a.m. UTC 
As per RFC 8017, RSA public key in ASN.1 should have only
modulus and exponent values. Add a separate encoding function
to follow this standard.

Fixes: 6fe6a7f7bcf ("crypto/virtio: add asymmetric RSA support")

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 drivers/crypto/virtio/virtio_cryptodev.c | 31 +++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

Comments

Akhil Goyal May 28, 2025, 12:28 p.m. UTC | #1 
> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Saturday, May 10, 2025 4:11 PM
> To: dev@dpdk.org; Jay Zhou <jianjay.zhou@huawei.com>
> Cc: Anoob Joseph <anoobj@marvell.com>; Akhil Goyal <gakhil@marvell.com>;
> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Subject: [PATCH] crypto/virtio: fix DER encoding of RSA public key
> 
> As per RFC 8017, RSA public key in ASN.1 should have only
> modulus and exponent values. Add a separate encoding function
> to follow this standard.
> 
> Fixes: 6fe6a7f7bcf ("crypto/virtio: add asymmetric RSA support")
Updated the Fixes tag 
Fixes: 10702138f1a1 ("crypto/virtio: support asymmetric RSA")
    Cc: stable@dpdk.org
> 
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

Applied to dpdk-next-crypto
Thanks.
diff mbox series

Patch

diff --git a/drivers/crypto/virtio/virtio_cryptodev.c b/drivers/crypto/virtio/virtio_cryptodev.c
index bc737f1e68..b01e97c988 100644
--- a/drivers/crypto/virtio/virtio_cryptodev.c
+++ b/drivers/crypto/virtio/virtio_cryptodev.c
@@ -1524,6 +1524,29 @@  virtio_crypto_asym_rsa_xform_to_der(
 	return len;
 }
 
+static int
+virtio_crypto_asym_rsa_xform_to_public_der(
+		struct rte_crypto_asym_xform *xform,
+		uint8_t *der)
+{
+	uint8_t data[VIRTIO_CRYPTO_MAX_CTRL_DATA];
+	size_t tlen = 0, len;
+	uint8_t *tlv;
+
+	if (xform->xform_type != RTE_CRYPTO_ASYM_XFORM_RSA)
+		return -EINVAL;
+
+	tlv = data;
+	len = tlv_encode(tlv, 0x02, xform->rsa.n.data, xform->rsa.n.length);
+	tlen += len;
+	len = tlv_encode(tlv + tlen, 0x02, xform->rsa.e.data, xform->rsa.e.length);
+	tlen += len;
+
+	RTE_ASSERT(tlen < VIRTIO_CRYPTO_MAX_CTRL_DATA);
+	len = tlv_encode(der, 0x30, data, tlen);
+	return len;
+}
+
 static int
 virtio_crypto_asym_rsa_configure_session(
 		struct rte_crypto_rsa_xform *rsa,
@@ -1607,7 +1630,13 @@  virtio_crypto_asym_configure_session(
 			return ret;
 		}
 
-		ret = virtio_crypto_asym_rsa_xform_to_der(xform, ctrl->data);
+		if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_EXP) {
+			ret = virtio_crypto_asym_rsa_xform_to_public_der(
+					xform, ctrl->data);
+		} else {
+			ret = virtio_crypto_asym_rsa_xform_to_der(xform,
+					ctrl->data);
+		}
 		if (ret <= 0) {
 			VIRTIO_CRYPTO_SESSION_LOG_ERR("Invalid RSA primitives");
 			return ret;