]> git.droids-corp.org - dpdk.git/commitdiff
git.droids-corp.org / dpdk.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ab3dec5)
crypto/openssl: fix big numbers after computations
authorArek Kusztal <arkadiuszx.kusztal@intel.com>
Thu, 7 Feb 2019 10:54:39 +0000 (11:54 +0100)
committerAkhil Goyal <akhil.goyal@nxp.com>
Wed, 6 Mar 2019 16:30:43 +0000 (17:30 +0100)
After performing mod exp and mod inv big numbers (BIGNUM) should
be cleared as data already is copied into op fields and this BNs would
very likely contain private information for unspecified amount of time
(duration of the session).

Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym operations")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Shally Verma <shallyv@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
drivers/crypto/openssl/rte_openssl_pmd.c patch | blob | history

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index ea5aac69eda98f79fa4e52f521d8d16e6e0572ca..4ecc3c414818a52d223a72edc148d8a7f949f5dd 100644 (file)
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1795,6 +1795,9 @@ process_openssl_modinv_op(struct rte_crypto_op *cop,
                cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
        }
 
+       BN_clear(res);
+       BN_clear(base);
+
        return 0;
 }
 
@@ -1825,6 +1828,9 @@ process_openssl_modexp_op(struct rte_crypto_op *cop,
                cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
        }
 
+       BN_clear(res);
+       BN_clear(base);
+
        return 0;
 }
 
DPDK repo used for reviews