crypto/ipsec_mb: fix ZUC authentication verify

ZUC authentication is done over multiple buffers at a time.
When authentication verification is done, multiple scratch buffers
are using to generate the tags that will be compared afterwards.
However, the same scratch buffer was used always, instead of having
different ones for each crypto operation.

Fixes: 0b133c36ad7d ("crypto/zuc: support IPsec Multi-buffer lib v0.54")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

diff --git a/drivers/crypto/ipsec_mb/pmd_zuc.c b/drivers/crypto/ipsec_mb/pmd_zuc.c
index ec83d96dfc0b4a7dca80768b723f177c6cc84716..07cf1462d2d4e823c5dcc3b49e130788e8c320b5 100644 (file)
--- a/drivers/crypto/ipsec_mb/pmd_zuc.c
+++ b/drivers/crypto/ipsec_mb/pmd_zuc.c
@@ -166,7 +166,7 @@ process_zuc_hash_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,
 
                hash_keys[i] = sess->pKey_hash;
                if (sess->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY)
-                       dst[i] = (uint32_t *)qp_data->temp_digest;
+                       dst[i] = (uint32_t *)qp_data->temp_digest[i];
                else
                        dst[i] = (uint32_t *)ops[i]->sym->auth.digest.data;
 

diff --git a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
index 46d5bfae37e8a6172a62e8fbd117349d9a2551d7..76fd6758c219a9c25ae34312f98843b992aadcd0 100644 (file)
--- a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
+++ b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
@@ -75,7 +75,7 @@ struct zuc_session {
 
 struct zuc_qp_data {
 
-       uint8_t temp_digest[ZUC_DIGEST_LENGTH];
+       uint8_t temp_digest[ZUC_MAX_BURST][ZUC_DIGEST_LENGTH];
        /* *< Buffers used to store the digest generated
         * by the driver when verifying a digest provided
         * by the user (using authentication verify operation)