From: Emma Finn <emma.finn@intel.com>
To: Akhil Goyal <gakhil@marvell.com>,
Fan Zhang <fanzhang.oss@gmail.com>, Kai Ji <kai.ji@intel.com>,
Rupesh Chiluka <rchiluka@marvell.com>
Cc: dev@dpdk.org, Emma Finn <emma.finn@intel.com>
Subject: [PATCH 2/2] crypto/qat: fix modexp and modinv result length and comparison
Date: Mon, 23 Mar 2026 15:08:54 +0000 [thread overview]
Message-ID: <20260323150854.2394000-2-emma.finn@intel.com> (raw)
In-Reply-To: <20260323150854.2394000-1-emma.finn@intel.com>
QAT HW rounds the output buffer size up to the next supported size,
but result.length was set to alg_bytesize instead of n.length, causing
result comparisons to read past the end of the expected value.
Additionally, when a modulus has a leading zero padding byte, QAT HW
strips it from the result but we never strip it from the expected result,
so the compare fails. Fix verify_modexp() and verify_modinv() to skip
leading zero bytes in the result before comparison.
Fixes: 064ef1b098d1 ("test/crypto: remove PMD-specific asym test suites")
Signed-off-by: Emma Finn <emma.finn@intel.com>
---
app/test/test_cryptodev_asym.c | 8 ++++++++
app/test/test_cryptodev_asym_util.h | 20 ++++++++++++++++----
drivers/crypto/qat/qat_asym.c | 7 +++----
3 files changed, 27 insertions(+), 8 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 1515372a35..07e5eb5842 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -3826,6 +3826,14 @@ modular_exponentiation(const void *test_data)
uint8_t result[TEST_DATA_SIZE] = { 0 };
struct rte_crypto_asym_xform xform = { };
const uint8_t dev_id = params->valid_devs[0];
+ const struct rte_cryptodev_asymmetric_xform_capability *cap;
+ struct rte_cryptodev_asym_capability_idx cap_idx;
+
+ cap_idx.type = RTE_CRYPTO_ASYM_XFORM_MODEX;
+ cap = rte_cryptodev_asym_capability_get(dev_id, &cap_idx);
+ if (cap == NULL || rte_cryptodev_asym_xform_capability_check_modlen(
+ cap, vector->modulus.len))
+ return TEST_SKIPPED;
memcpy(input, vector->base.data, vector->base.len);
memcpy(exponent, vector->exponent.data, vector->exponent.len);
diff --git a/app/test/test_cryptodev_asym_util.h b/app/test/test_cryptodev_asym_util.h
index 07e6e831e8..16e4c0da6c 100644
--- a/app/test/test_cryptodev_asym_util.h
+++ b/app/test/test_cryptodev_asym_util.h
@@ -20,8 +20,14 @@ static inline int rsa_verify(struct rsa_test_data *rsa_param,
static inline int verify_modinv(uint8_t *mod_inv,
struct rte_crypto_op *result_op)
{
- if (memcmp(mod_inv, result_op->asym->modinv.result.data,
- result_op->asym->modinv.result.length))
+ const uint8_t *b = result_op->asym->modinv.result.data;
+ size_t b_len = result_op->asym->modinv.result.length;
+
+ while (b_len > 1 && b[0] == 0) {
+ b++;
+ b_len--;
+ }
+ if (memcmp(mod_inv, b, b_len))
return -1;
return 0;
}
@@ -29,8 +35,14 @@ static inline int verify_modinv(uint8_t *mod_inv,
static inline int verify_modexp(uint8_t *mod_exp,
struct rte_crypto_op *result_op)
{
- if (memcmp(mod_exp, result_op->asym->modex.result.data,
- result_op->asym->modex.result.length))
+ const uint8_t *b = result_op->asym->modex.result.data;
+ size_t b_len = result_op->asym->modex.result.length;
+
+ while (b_len > 1 && b[0] == 0) {
+ b++;
+ b_len--;
+ }
+ if (memcmp(mod_exp, b, b_len))
return -1;
return 0;
}
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index beb5a27805..7a296cad6c 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -274,7 +274,7 @@ modexp_collect(struct rte_crypto_asym_op *asym_op,
rte_memcpy(modexp_result,
cookie->output_array[0] + alg_bytesize
- n.length, n.length);
- asym_op->modex.result.length = alg_bytesize;
+ asym_op->modex.result.length = n.length;
HEXDUMP("ModExp result", cookie->output_array[0],
alg_bytesize);
return RTE_CRYPTO_OP_STATUS_SUCCESS;
@@ -332,11 +332,10 @@ modinv_collect(struct rte_crypto_asym_op *asym_op,
QAT_LOG(ERR, "Incorrect length of modinv modulus");
return RTE_CRYPTO_OP_STATUS_INVALID_ARGS;
}
- rte_memcpy(modinv_result + (asym_op->modinv.result.length
- - n.length),
+ rte_memcpy(modinv_result,
cookie->output_array[0] + alg_bytesize
- n.length, n.length);
- asym_op->modinv.result.length = alg_bytesize;
+ asym_op->modinv.result.length = n.length;
HEXDUMP("ModInv result", cookie->output_array[0],
alg_bytesize);
return RTE_CRYPTO_OP_STATUS_SUCCESS;
--
2.43.0
next prev parent reply other threads:[~2026-03-23 15:09 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-23 15:08 [PATCH 1/2] crypto/qat: fix asym session validation and gen4 EC caps Emma Finn
2026-03-23 15:08 ` Emma Finn [this message]
2026-03-24 7:08 ` [EXTERNAL] [PATCH 2/2] crypto/qat: fix modexp and modinv result length and comparison Rupesh Chiluka
2026-03-24 9:29 ` Akhil Goyal
2026-03-24 7:08 ` [EXTERNAL] [PATCH 1/2] crypto/qat: fix asym session validation and gen4 EC caps Rupesh Chiluka
2026-03-24 9:29 ` Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260323150854.2394000-2-emma.finn@intel.com \
--to=emma.finn@intel.com \
--cc=dev@dpdk.org \
--cc=fanzhang.oss@gmail.com \
--cc=gakhil@marvell.com \
--cc=kai.ji@intel.com \
--cc=rchiluka@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox