[2/4] crypto/ipsec_mb: fix ZUC authentication verify
Checks
Commit Message
ZUC authentication is done over multiple buffers at a time.
When authentication verification is done, multiple scratch buffers
are using to generate the tags that will be compared afterwards.
However, the same scratch buffer was used always, instead of having
different ones for each crypto operation.
Fixes: 0b133c36ad7d ("crypto/zuc: support IPsec Multi-buffer lib v0.54")
Cc: pablo.de.lara.guarch@intel.com
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
drivers/crypto/ipsec_mb/pmd_zuc.c | 2 +-
drivers/crypto/ipsec_mb/pmd_zuc_priv.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
@@ -166,7 +166,7 @@ process_zuc_hash_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,
hash_keys[i] = sess->pKey_hash;
if (sess->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY)
- dst[i] = (uint32_t *)qp_data->temp_digest;
+ dst[i] = (uint32_t *)qp_data->temp_digest[i];
else
dst[i] = (uint32_t *)ops[i]->sym->auth.digest.data;
@@ -75,7 +75,7 @@ struct zuc_session {
struct zuc_qp_data {
- uint8_t temp_digest[ZUC_DIGEST_LENGTH];
+ uint8_t temp_digest[ZUC_MAX_BURST][ZUC_DIGEST_LENGTH];
/* *< Buffers used to store the digest generated
* by the driver when verifying a digest provided
* by the user (using authentication verify operation)