DPDK-dev Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Stephen Hemminger <stephen@networkplumber.org>
To: dev@dpdk.org
Cc: Stephen Hemminger <stephen@networkplumber.org>,
	Anoob Joseph <anoobj@marvell.com>
Subject: [PATCH v2 6/6] crypto/octeontx: use timing-safe RSA signature verification
Date: Mon, 29 Jun 2026 11:59:29 -0700	[thread overview]
Message-ID: <20260629190027.2071745-7-stephen@networkplumber.org> (raw)
In-Reply-To: <20260629190027.2071745-1-stephen@networkplumber.org>

Replace memcmp() with rte_memeq_timingsafe() when verifying
RSA signatures to prevent timing-based side-channel attacks.

The comparison at drivers/crypto/octeontx/otx_cryptodev_ops.c:742
is used to verify RSA signed data against expected message content.
Using regular memcmp() for cryptographic verification can leak
information about the compared data through timing differences.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 drivers/crypto/octeontx/otx_cryptodev_ops.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index d6d1b2cea9..40f565cd78 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -12,6 +12,7 @@
 #include <rte_errno.h>
 #include <rte_malloc.h>
 #include <rte_mempool.h>
+#include <rte_memory.h>
 
 #include "otx_cryptodev.h"
 #include "otx_cryptodev_capabilities.h"
@@ -739,7 +740,7 @@ otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info *req,
 		}
 		memcpy(rsa->sign.data, req->rptr, rsa->sign.length);
 
-		if (memcmp(rsa->sign.data, rsa->message.data,
+		if (!rte_memeq_timingsafe(rsa->sign.data, rsa->message.data,
 			   rsa->message.length)) {
 			CPT_LOG_DP_ERR("RSA verification failed");
 			cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
-- 
2.53.0


  parent reply	other threads:[~2026-06-29 19:01 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-25 15:56 [PATCH 0/5] crypto: use timing-safe digest comparison Stephen Hemminger
2026-06-25 15:56 ` [PATCH 1/5] eal: take experimental flag off of rte_memeq_timingsafe Stephen Hemminger
2026-06-25 15:56 ` [PATCH 2/5] crypto/uadk: use timing-safe digest comparison Stephen Hemminger
2026-06-25 15:56 ` [PATCH 3/5] crypto/ccp: " Stephen Hemminger
2026-06-25 15:56 ` [PATCH 4/5] crypto/armv8: " Stephen Hemminger
2026-06-26 17:11   ` Jack Bond-Preston
2026-06-25 15:56 ` [PATCH 5/5] crypto/cnxk: " Stephen Hemminger
2026-06-29  6:42   ` [EXTERNAL] " Tejasree Kondoj
2026-06-29  7:38 ` [EXTERNAL] [PATCH 0/5] crypto: " Akhil Goyal
2026-06-29 18:59 ` [PATCH v2 0/6] " Stephen Hemminger
2026-06-29 18:59   ` [PATCH v2 1/6] eal: take experimental flag off of rte_memeq_timingsafe Stephen Hemminger
2026-06-29 18:59   ` [PATCH v2 2/6] crypto/uadk: use timing-safe digest comparison Stephen Hemminger
2026-06-29 18:59   ` [PATCH v2 3/6] crypto/ccp: " Stephen Hemminger
2026-06-29 18:59   ` [PATCH v2 4/6] crypto/armv8: " Stephen Hemminger
2026-06-29 18:59   ` [PATCH v2 5/6] crypto/cnxk: " Stephen Hemminger
2026-06-29 18:59   ` Stephen Hemminger [this message]
2026-06-30  9:50     ` [EXTERNAL] [PATCH v2 6/6] crypto/octeontx: use timing-safe RSA signature verification Tejasree Kondoj
2026-06-30 17:22   ` [PATCH v2 0/6] crypto: use timing-safe digest comparison Morten Brørup

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260629190027.2071745-7-stephen@networkplumber.org \
    --to=stephen@networkplumber.org \
    --cc=anoobj@marvell.com \
    --cc=dev@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox