ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

crypto-openssl-gcm: account for failed decrypts

Browse Source 
Change-Id: I749c5a9d58128fd6d0fb8284e56b8f89cf91c609
Signed-off-by: Neale Ranns <nranns@cisco.com>
This commit is contained in:
Neale Ranns
2019-04-14 20:48:55 +00:00
committed by Damjan Marion
parent 0a0c7eef78
commit 1b1d1e9e84
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/plugins/crypto_openssl/main.c
View File

@@ -140,7 +140,7 @@ openssl_ops_dec_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
openssl_per_thread_data_t *ptd = vec_elt_at_index (per_thread_data, openssl_per_thread_data_t *ptd = vec_elt_at_index (per_thread_data,
vm->thread_index); vm->thread_index);
EVP_CIPHER_CTX *ctx = ptd->evp_cipher_ctx; EVP_CIPHER_CTX *ctx = ptd->evp_cipher_ctx;
u32 i; u32 i, n_fail = 0;
for (i = 0; i < n_ops; i++) for (i = 0; i < n_ops; i++)
{ {
vnet_crypto_op_t *op = ops[i]; vnet_crypto_op_t *op = ops[i];
@@ -157,9 +157,12 @@ openssl_ops_dec_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
if (EVP_DecryptFinal_ex (ctx, op->dst + len, &len) > 0) if (EVP_DecryptFinal_ex (ctx, op->dst + len, &len) > 0)
op->status = VNET_CRYPTO_OP_STATUS_COMPLETED; op->status = VNET_CRYPTO_OP_STATUS_COMPLETED;
else else
op->status = VNET_CRYPTO_OP_STATUS_FAIL_DECRYPT; {
n_fail++;
op->status = VNET_CRYPTO_OP_STATUS_FAIL_DECRYPT;
}
} }
return n_ops; return n_ops - n_fail;
} }
static_always_inline u32 static_always_inline u32