From: Arek Kusztal Date: Thu, 7 Feb 2019 10:54:39 +0000 (+0100) Subject: crypto/openssl: fix big numbers after computations X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=990b180290203c32b8df9e1179f989270354cd13;p=dpdk.git crypto/openssl: fix big numbers after computations After performing mod exp and mod inv big numbers (BIGNUM) should be cleared as data already is copied into op fields and this BNs would very likely contain private information for unspecified amount of time (duration of the session). Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym operations") Cc: stable@dpdk.org Signed-off-by: Arek Kusztal Acked-by: Fiona Trahe Acked-by: Shally Verma Acked-by: Akhil Goyal --- diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index ea5aac69ed..4ecc3c4148 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -1795,6 +1795,9 @@ process_openssl_modinv_op(struct rte_crypto_op *cop, cop->status = RTE_CRYPTO_OP_STATUS_ERROR; } + BN_clear(res); + BN_clear(base); + return 0; } @@ -1825,6 +1828,9 @@ process_openssl_modexp_op(struct rte_crypto_op *cop, cop->status = RTE_CRYPTO_OP_STATUS_ERROR; } + BN_clear(res); + BN_clear(base); + return 0; }