ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

crypto-openssl-gcm: account for failed decrypts

Browse Source 
Change-Id: I749c5a9d58128fd6d0fb8284e56b8f89cf91c609
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 1b1d1e9e84)
This commit is contained in:
Neale Ranns
2019-04-14 20:48:55 +00:00
committed by Damjan Marion
parent 8f63c2ebe6
commit 58dcf5c5e6
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/plugins/crypto_openssl/main.c
View File

@@ -136,7 +136,7 @@ openssl_ops_dec_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
openssl_per_thread_data_t *ptd = vec_elt_at_index (per_thread_data,
vm->thread_index);
EVP_CIPHER_CTX *ctx = ptd->evp_cipher_ctx;
u32 i;
u32 i, n_fail = 0;
for (i = 0; i < n_ops; i++)
{
vnet_crypto_op_t *op = ops[i];
@@ -152,9 +152,12 @@ openssl_ops_dec_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
if (EVP_DecryptFinal_ex (ctx, op->dst + len, &len) > 0)
op->status = VNET_CRYPTO_OP_STATUS_COMPLETED;
else
op->status = VNET_CRYPTO_OP_STATUS_FAIL_DECRYPT;
{
n_fail++;
op->status = VNET_CRYPTO_OP_STATUS_FAIL_DECRYPT;
}
}
return n_ops;
return n_ops - n_fail;
}
static_always_inline u32