[dpdk-dev] crypto: fix incorrect key setting
Checks
Commit Message
When ciphering and authenticating in the same operation
(cipher-then-auth or auth-then-cipher),
the cipher key and authentication key was set with the same
key, in SNOW3G, KASUMI and ZUC PMDs.
They were using the key of the first transform structure,
instead of using the keys of the two different transform
structures.
This is not a big issue, since usually, the same key is
used for ciphering and authentication, but keys may be different.
Fixes: 3aafc423cf4d ("snow3g: add driver for SNOW 3G library")
Fixes: 2773c86d061a ("crypto/kasumi: add driver for KASUMI library")
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
CC: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
drivers/crypto/kasumi/rte_kasumi_pmd.c | 4 ++--
drivers/crypto/snow3g/rte_snow3g_pmd.c | 4 ++--
drivers/crypto/zuc/rte_zuc_pmd.c | 6 ++++--
3 files changed, 8 insertions(+), 6 deletions(-)
Comments
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Pablo de Lara
> Sent: Tuesday, February 7, 2017 10:50 PM
> To: dev@dpdk.org
> Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> stable@dpdk.org
> Subject: [dpdk-dev] [PATCH] crypto: fix incorrect key setting
>
> When ciphering and authenticating in the same operation (cipher-then-auth
> or auth-then-cipher), the cipher key and authentication key was set with the
> same key, in SNOW3G, KASUMI and ZUC PMDs.
> They were using the key of the first transform structure, instead of using the
> keys of the two different transform structures.
>
> This is not a big issue, since usually, the same key is used for ciphering and
> authentication, but keys may be different.
>
> Fixes: 3aafc423cf4d ("snow3g: add driver for SNOW 3G library")
> Fixes: 2773c86d061a ("crypto/kasumi: add driver for KASUMI library")
> Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
>
> CC: stable@dpdk.org
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> ---
> drivers/crypto/kasumi/rte_kasumi_pmd.c | 4 ++--
> drivers/crypto/snow3g/rte_snow3g_pmd.c | 4 ++--
> drivers/crypto/zuc/rte_zuc_pmd.c | 6 ++++--
> 3 files changed, 8 insertions(+), 6 deletions(-)
>
> --
> 2.7.4
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
> -----Original Message-----
> From: Jain, Deepak K
> Sent: Thursday, February 09, 2017 5:18 PM
> To: De Lara Guarch, Pablo; dev@dpdk.org
> Cc: De Lara Guarch, Pablo; stable@dpdk.org
> Subject: RE: [dpdk-dev] [PATCH] crypto: fix incorrect key setting
>
>
> > -----Original Message-----
> > From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Pablo de Lara
> > Sent: Tuesday, February 7, 2017 10:50 PM
> > To: dev@dpdk.org
> > Cc: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>;
> > stable@dpdk.org
> > Subject: [dpdk-dev] [PATCH] crypto: fix incorrect key setting
> >
> > When ciphering and authenticating in the same operation (cipher-then-
> auth
> > or auth-then-cipher), the cipher key and authentication key was set with
> the
> > same key, in SNOW3G, KASUMI and ZUC PMDs.
> > They were using the key of the first transform structure, instead of using
> the
> > keys of the two different transform structures.
> >
> > This is not a big issue, since usually, the same key is used for ciphering
> and
> > authentication, but keys may be different.
> >
> > Fixes: 3aafc423cf4d ("snow3g: add driver for SNOW 3G library")
> > Fixes: 2773c86d061a ("crypto/kasumi: add driver for KASUMI library")
> > Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
> >
> > CC: stable@dpdk.org
> > Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> > ---
> > drivers/crypto/kasumi/rte_kasumi_pmd.c | 4 ++--
> > drivers/crypto/snow3g/rte_snow3g_pmd.c | 4 ++--
> > drivers/crypto/zuc/rte_zuc_pmd.c | 6 ++++--
> > 3 files changed, 8 insertions(+), 6 deletions(-)
> >
> > --
> > 2.7.4
> Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
Applied to dpdk-next-crypto.
Pablo
@@ -116,7 +116,7 @@ kasumi_set_session_parameters(struct kasumi_session *sess,
if (cipher_xform->cipher.algo != RTE_CRYPTO_CIPHER_KASUMI_F8)
return -EINVAL;
/* Initialize key */
- sso_kasumi_init_f8_key_sched(xform->cipher.key.data,
+ sso_kasumi_init_f8_key_sched(cipher_xform->cipher.key.data,
&sess->pKeySched_cipher);
}
@@ -126,7 +126,7 @@ kasumi_set_session_parameters(struct kasumi_session *sess,
return -EINVAL;
sess->auth_op = auth_xform->auth.op;
/* Initialize key */
- sso_kasumi_init_f9_key_sched(xform->auth.key.data,
+ sso_kasumi_init_f9_key_sched(auth_xform->auth.key.data,
&sess->pKeySched_hash);
}
@@ -116,7 +116,7 @@ snow3g_set_session_parameters(struct snow3g_session *sess,
if (cipher_xform->cipher.algo != RTE_CRYPTO_CIPHER_SNOW3G_UEA2)
return -EINVAL;
/* Initialize key */
- sso_snow3g_init_key_sched(xform->cipher.key.data,
+ sso_snow3g_init_key_sched(cipher_xform->cipher.key.data,
&sess->pKeySched_cipher);
}
@@ -126,7 +126,7 @@ snow3g_set_session_parameters(struct snow3g_session *sess,
return -EINVAL;
sess->auth_op = auth_xform->auth.op;
/* Initialize key */
- sso_snow3g_init_key_sched(xform->auth.key.data,
+ sso_snow3g_init_key_sched(auth_xform->auth.key.data,
&sess->pKeySched_hash);
}
@@ -115,7 +115,8 @@ zuc_set_session_parameters(struct zuc_session *sess,
if (cipher_xform->cipher.algo != RTE_CRYPTO_CIPHER_ZUC_EEA3)
return -EINVAL;
/* Copy the key */
- memcpy(sess->pKey_cipher, xform->cipher.key.data, ZUC_IV_KEY_LENGTH);
+ memcpy(sess->pKey_cipher, cipher_xform->cipher.key.data,
+ ZUC_IV_KEY_LENGTH);
}
if (auth_xform) {
@@ -124,7 +125,8 @@ zuc_set_session_parameters(struct zuc_session *sess,
return -EINVAL;
sess->auth_op = auth_xform->auth.op;
/* Copy the key */
- memcpy(sess->pKey_hash, xform->auth.key.data, ZUC_IV_KEY_LENGTH);
+ memcpy(sess->pKey_hash, auth_xform->auth.key.data,
+ ZUC_IV_KEY_LENGTH);
}