git: 4b18b3c402b4 - stable/13 - safexcel: Support truncated tags for AES-CCM.

From: John Baldwin <jhb_at_FreeBSD.org>
Date: Thu, 21 Oct 2021 22:04:25 UTC
The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=4b18b3c402b4db8a6a15acff3dd96e8d5be10bdb

commit 4b18b3c402b4db8a6a15acff3dd96e8d5be10bdb
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-10-06 21:08:48 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-10-21 21:17:21 +0000

    safexcel: Support truncated tags for AES-CCM.
    
    Reviewed by:    markj
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D32119
    
    (cherry picked from commit 366ae4a000b1483390ddbf28e3dc420ebac894a0)
---
 sys/dev/safexcel/safexcel.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/sys/dev/safexcel/safexcel.c b/sys/dev/safexcel/safexcel.c
index 9a9b0ab0cb74..807040a7a1d8 100644
--- a/sys/dev/safexcel/safexcel.c
+++ b/sys/dev/safexcel/safexcel.c
@@ -1735,7 +1735,7 @@ safexcel_instr_ccm(struct safexcel_request *req, struct safexcel_instr *instr,
 	memset(b0, 0, blen);
 	b0[0] =
 	    (L - 1) | /* payload length size */
-	    ((CCM_CBC_MAX_DIGEST_LEN - 2) / 2) << 3 /* digest length */ |
+	    ((req->sess->digestlen - 2) / 2) << 3 /* digest length */ |
 	    (crp->crp_aad_length > 0 ? 1 : 0) << 6 /* AAD present bit */;
 	memcpy(&b0[1], req->iv, csp->csp_ivlen);
 	b0[14] = crp->crp_payload_length >> 8;
@@ -2314,9 +2314,6 @@ safexcel_probesession(device_t dev, const struct crypto_session_params *csp)
 				return (EINVAL);
 			break;
 		case CRYPTO_AES_CCM_16:
-			if (csp->csp_auth_mlen != 0 &&
-			    csp->csp_auth_mlen != AES_CBC_MAC_HASH_LEN)
-				return (EINVAL);
 			break;
 		default:
 			return (EINVAL);