diff options
author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-08-09 13:04:41 +0200 |
---|---|---|
committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-09-21 10:29:37 +0200 |
commit | e4a8065910cd6b2e7e0448cc6431ca2906322389 (patch) | |
tree | 73492991cfa40f994c20d761d476e6bc16304536 /freebsd/sys/opencrypto/cryptodev.c | |
parent | Update to FreeBSD head 2017-08-01 (diff) | |
download | rtems-libbsd-e4a8065910cd6b2e7e0448cc6431ca2906322389.tar.bz2 |
Update to FreeBSD head 2017-10-01
Git mirror commit b2f0376b45428f13151d229c5ae9d4d8f74acbd1.
Update #3472.
Diffstat (limited to 'freebsd/sys/opencrypto/cryptodev.c')
-rw-r--r-- | freebsd/sys/opencrypto/cryptodev.c | 76 |
1 files changed, 47 insertions, 29 deletions
diff --git a/freebsd/sys/opencrypto/cryptodev.c b/freebsd/sys/opencrypto/cryptodev.c index 20c8c89b..9d8b23dc 100644 --- a/freebsd/sys/opencrypto/cryptodev.c +++ b/freebsd/sys/opencrypto/cryptodev.c @@ -526,7 +526,8 @@ cryptof_ioctl( if (thash) { cria.cri_alg = thash->type; cria.cri_klen = sop->mackeylen * 8; - if (sop->mackeylen != thash->keysize) { + if (thash->keysize != 0 && + sop->mackeylen > thash->keysize) { CRYPTDEB("invalid mac key length"); error = EINVAL; goto bail; @@ -758,18 +759,22 @@ cryptodev_op( goto bail; } - if (cse->thash) { - crda = crp->crp_desc; - if (cse->txform) - crde = crda->crd_next; - } else { - if (cse->txform) + if (cse->thash && cse->txform) { + if (cop->flags & COP_F_CIPHER_FIRST) { crde = crp->crp_desc; - else { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - error = EINVAL; - goto bail; + crda = crde->crd_next; + } else { + crda = crp->crp_desc; + crde = crda->crd_next; } + } else if (cse->thash) { + crda = crp->crp_desc; + } else if (cse->txform) { + crde = crp->crp_desc; + } else { + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); + error = EINVAL; + goto bail; } if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base, @@ -925,7 +930,7 @@ cryptodev_aead( uio->uio_iov = &cse->iovec; uio->uio_iovcnt = 1; uio->uio_offset = 0; - uio->uio_resid = caead->len + caead->aadlen + cse->thash->hashsize; + uio->uio_resid = caead->aadlen + caead->len + cse->thash->hashsize; uio->uio_segflg = UIO_SYSSPACE; uio->uio_rw = UIO_WRITE; uio->uio_td = td; @@ -940,20 +945,33 @@ cryptodev_aead( goto bail; } - crda = crp->crp_desc; - crde = crda->crd_next; + if (caead->flags & COP_F_CIPHER_FIRST) { + crde = crp->crp_desc; + crda = crde->crd_next; + } else { + crda = crp->crp_desc; + crde = crda->crd_next; + } - if ((error = copyin(caead->src, cse->uio.uio_iov[0].iov_base, - caead->len))) + if ((error = copyin(caead->aad, cse->uio.uio_iov[0].iov_base, + caead->aadlen))) goto bail; - if ((error = copyin(caead->aad, (char *)cse->uio.uio_iov[0].iov_base + - caead->len, caead->aadlen))) + if ((error = copyin(caead->src, (char *)cse->uio.uio_iov[0].iov_base + + caead->aadlen, caead->len))) goto bail; - crda->crd_skip = caead->len; - crda->crd_len = caead->aadlen; - crda->crd_inject = caead->len + caead->aadlen; + /* + * For GCM, crd_len covers only the AAD. For other ciphers + * chained with an HMAC, crd_len covers both the AAD and the + * cipher text. + */ + crda->crd_skip = 0; + if (cse->cipher == CRYPTO_AES_NIST_GCM_16) + crda->crd_len = caead->aadlen; + else + crda->crd_len = caead->aadlen + caead->len; + crda->crd_inject = caead->aadlen + caead->len; crda->crd_alg = cse->mac; crda->crd_key = cse->mackey; @@ -963,15 +981,15 @@ cryptodev_aead( crde->crd_flags |= CRD_F_ENCRYPT; else crde->crd_flags &= ~CRD_F_ENCRYPT; - /* crde->crd_skip set below */ + crde->crd_skip = caead->aadlen; crde->crd_len = caead->len; - crde->crd_inject = 0; + crde->crd_inject = caead->aadlen; crde->crd_alg = cse->cipher; crde->crd_key = cse->key; crde->crd_klen = cse->keylen * 8; - crp->crp_ilen = caead->len + caead->aadlen; + crp->crp_ilen = caead->aadlen + caead->len; crp->crp_flags = CRYPTO_F_IOV | CRYPTO_F_CBIMM | (caead->flags & COP_F_BATCH); crp->crp_buf = (caddr_t)&cse->uio.uio_iov; @@ -989,10 +1007,9 @@ cryptodev_aead( goto bail; bcopy(cse->tmp_iv, crde->crd_iv, caead->ivlen); crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT; - crde->crd_skip = 0; } else { crde->crd_flags |= CRD_F_IV_PRESENT; - crde->crd_skip = cse->txform->blocksize; + crde->crd_skip += cse->txform->blocksize; crde->crd_len -= cse->txform->blocksize; } @@ -1032,12 +1049,13 @@ again: goto bail; } - if (caead->dst && (error = copyout(cse->uio.uio_iov[0].iov_base, - caead->dst, caead->len))) + if (caead->dst && (error = copyout( + (caddr_t)cse->uio.uio_iov[0].iov_base + caead->aadlen, caead->dst, + caead->len))) goto bail; if ((error = copyout((caddr_t)cse->uio.uio_iov[0].iov_base + - caead->len + caead->aadlen, caead->tag, cse->thash->hashsize))) + caead->aadlen + caead->len, caead->tag, cse->thash->hashsize))) goto bail; bail: |