Adding an iv update to de-crypto method as cbc mode. the dst address should not be changed. So fix it. Signed-off-by: Kai Ye <yekai13@huawei.com> --- src/uadk_cipher.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index 8a2c39d..5dd2178 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -764,8 +764,9 @@ static void uadk_cipher_update_priv_ctx(struct cipher_priv_ctx *priv) switch (priv->setup.mode) { case WD_CIPHER_CBC: if (priv->req.op_type == WD_CIPHER_ENCRYPTION) { - priv->req.dst += priv->req.in_bytes; - memcpy(priv->iv, priv->req.dst - iv_bytes, iv_bytes); + memcpy(priv->iv, priv->req.dst + priv->req.in_bytes - iv_bytes, iv_bytes); + } else { + memcpy(priv->iv, priv->req.src + priv->req.in_bytes - iv_bytes, iv_bytes); } break; case WD_CIPHER_OFB: @@ -777,11 +778,9 @@ static void uadk_cipher_update_priv_ctx(struct cipher_priv_ctx *priv) break; case WD_CIPHER_CFB: if (priv->req.op_type == WD_CIPHER_ENCRYPTION) { - priv->req.dst += priv->req.in_bytes; - memcpy(priv->iv, priv->req.dst - iv_bytes, iv_bytes); + memcpy(priv->iv, priv->req.dst + priv->req.in_bytes - iv_bytes, iv_bytes); } else { - priv->req.src += priv->req.in_bytes; - memcpy(priv->iv, priv->req.src - iv_bytes, iv_bytes); + memcpy(priv->iv, priv->req.src + priv->req.in_bytes - iv_bytes, iv_bytes); } break; case WD_CIPHER_CTR: -- 2.33.0
Because the java releases the memory immediately after the memory is used. So the engine should not use user memory for storage the key. Signed-off-by: Kai Ye <yekai13@huawei.com> --- src/uadk_cipher.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index 5dd2178..60f5058 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -36,6 +36,7 @@ #define BYTE_BITS 8 #define IV_LEN 16 #define ENV_ENABLED 1 +#define MAX_KEY_LEN 64 struct cipher_engine { struct wd_ctx_config ctx_cfg; @@ -57,7 +58,7 @@ struct cipher_priv_ctx { struct wd_cipher_sess_setup setup; struct wd_cipher_req req; unsigned char iv[IV_LEN]; - const unsigned char *key; + unsigned char key[MAX_KEY_LEN]; int switch_flag; void *sw_ctx_data; /* Crypto small packet offload threshold */ @@ -694,7 +695,7 @@ static int uadk_e_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, if (unlikely(ret != 1)) return 0; - priv->key = key; + memcpy(priv->key, key, EVP_CIPHER_CTX_key_length(ctx)); priv->switch_threshold = SMALL_PACKET_OFFLOAD_THRESHOLD_DEFAULT; return 1; -- 2.33.0
participants (1)
-
Kai Ye