This patch avoid copying the decrypted message into
the signature buffer, which is actually an input to the
verify operation. This prevents overwriting the input
buffer unnecessarily.

Fixes: 6661bedf1605 ("crypto/cnxk: add asymmetric datapath")

Signed-off-by: Sucharitha Sarananaga <ssaranan...@marvell.com>
---
 drivers/crypto/cnxk/cnxk_ae.h | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index cd66f66e70..26a8f4544d 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -1583,20 +1583,18 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, 
uint8_t *rptr,
        case RTE_CRYPTO_ASYM_OP_VERIFY:
                if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
                        rsa->sign.length = rsa_ctx->n.length;
-                       memcpy(rsa->sign.data, rptr, rsa->sign.length);
+                       if (memcmp(rptr, rsa->message.data, 
rsa->message.length))
+                               cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
                } else {
                        /* Get length of signed output */
                        rsa->sign.length =
                                rte_cpu_to_be_16(*((uint16_t *)rptr));
                        /*
                         * Offset output data pointer by length field
-                        * (2 bytes) and copy signed data.
+                        * (2 bytes) and compare signed data.
                         */
-                       memcpy(rsa->sign.data, rptr + 2, rsa->sign.length);
-               }
-               if (memcmp(rsa->sign.data, rsa->message.data,
-                          rsa->message.length)) {
-                       cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+                       if (memcmp(rptr + 2, rsa->message.data, 
rsa->message.length))
+                               cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
                }
                break;
        default:
-- 
2.49.0

Reply via email to