Acked-by: Kai Ji <[email protected]>
________________________________
From: Gowrishankar Muthukrishnan <[email protected]>
Sent: 20 June 2025 09:19
To: [email protected] <[email protected]>; Ji, Kai <[email protected]>; Ashish Gupta
<[email protected][email protected]>; Shally Verma
<[email protected]>; Sunila Sahu <[email protected]>
Cc: [email protected] <[email protected]>; Akhil Goyal <[email protected]>;
Gowrishankar Muthukrishnan <[email protected]>; [email protected]
<[email protected]>
Subject: [PATCH 1/3] crypto/openssl: include private exponent in RSA session
If private exponent is available, it should be included within
RSA session as per RFC 8017 (A.1.2). OpenSSL 1.1.1 implementation
rely on this private exponent, to implicitly reject invalid cipher.
Hence, check if it is available for session and include it.
Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym operations")
Cc: [email protected]
Signed-off-by: Gowrishankar Muthukrishnan <[email protected]>
---
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 04e018f3df..d3aa396c76 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -1025,7 +1025,7 @@ static int openssl_set_asym_session_parameters(
if (rsa == NULL)
goto err_rsa;
- if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_EXP) {
+ if (xform->rsa.d.length > 0) {
d = BN_bin2bn(
(const unsigned char *)xform->rsa.d.data,
xform->rsa.d.length,
@@ -1034,7 +1034,9 @@ static int openssl_set_asym_session_parameters(
RSA_free(rsa);
goto err_rsa;
}
- } else {
+ }
+
+ if (xform->rsa.key_type == RTE_RSA_KEY_TYPE_QT) {
p = BN_bin2bn((const unsigned char *)
xform->rsa.qt.p.data,
xform->rsa.qt.p.length,
--
2.25.1
