git: c71f2370c5d4 - main - crypto: Fix assertions for digest-only sessions with separate output.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 30 Jun 2022 17:27:56 UTC
The branch main has been updated by jhb:
URL: https://cgit.FreeBSD.org/src/commit/?id=c71f2370c5d480cf70f12ee276e044681c57aefc
commit c71f2370c5d480cf70f12ee276e044681c57aefc
Author: John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2022-06-30 17:10:00 +0000
Commit: John Baldwin <jhb@FreeBSD.org>
CommitDate: 2022-06-30 17:10:00 +0000
crypto: Fix assertions for digest-only sessions with separate output.
Digest-only sessions do not generate modified payload as an output, so
don't bother asserting anything about the payload with respect to the
output buffer other than the payload output start being zero.
In addition, a verify request on a digest-only session doesn't
generate any output at all so should never have a separate output
buffer.
PR: 252316
Reviewed by: markj
Co-authored-by: Jeremy Faulkner <gldisater@gmail.com>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D35578
---
sys/opencrypto/crypto.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c
index fde1316595e5..ff7ce0f9b818 100644
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@@ -1372,6 +1372,11 @@ crp_sanity(struct cryptop *crp)
if (out == NULL) {
KASSERT(crp->crp_payload_output_start == 0,
("payload output start non-zero without output buffer"));
+ } else if (csp->csp_mode == CSP_MODE_DIGEST) {
+ KASSERT(!(crp->crp_op & CRYPTO_OP_VERIFY_DIGEST),
+ ("digest verify with separate output buffer"));
+ KASSERT(crp->crp_payload_output_start == 0,
+ ("digest operation with non-zero payload output start"));
} else {
KASSERT(crp->crp_payload_output_start == 0 ||
crp->crp_payload_output_start < olen,