crypto/ipsec_mb: fix ZUC authentication verify

ZUC authentication is done over multiple buffers at a time.
When authentication verification is done, multiple scratch buffers
are using to generate the tags that will be compared afterwards.
However, the same scratch buffer was used always, instead of having
different ones for each crypto operation.

Fixes: 0b133c36ad7d ("crypto/zuc: support IPsec Multi-buffer lib v0.54")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

diff --git a/drivers/crypto/ipsec_mb/pmd_zuc.c b/drivers/crypto/ipsec_mb/pmd_zuc.c
index ec83d96..07cf146 100644 (file)
--- a/drivers/crypto/ipsec_mb/pmd_zuc.c
+++ b/drivers/crypto/ipsec_mb/pmd_zuc.c
@@ -166,7 +166,7 @@ process_zuc_hash_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,
 
                hash_keys[i] = sess->pKey_hash;
                if (sess->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY)
-                       dst[i] = (uint32_t *)qp_data->temp_digest;
+                       dst[i] = (uint32_t *)qp_data->temp_digest[i];
                else
                        dst[i] = (uint32_t *)ops[i]->sym->auth.digest.data;
 

diff --git a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
index 46d5bfa..76fd675 100644 (file)
--- a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
+++ b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
@@ -75,7 +75,7 @@ struct zuc_session {
 
 struct zuc_qp_data {
 
-       uint8_t temp_digest[ZUC_DIGEST_LENGTH];
+       uint8_t temp_digest[ZUC_MAX_BURST][ZUC_DIGEST_LENGTH];
        /* *< Buffers used to store the digest generated
         * by the driver when verifying a digest provided
         * by the user (using authentication verify operation)