svn commit: r319723 - head/sys/dev/cxgbe/crypto
John Baldwin
jhb at FreeBSD.org
Thu Jun 8 21:33:11 UTC 2017
Author: jhb
Date: Thu Jun 8 21:33:10 2017
New Revision: 319723
URL: https://svnweb.freebsd.org/changeset/base/319723
Log:
Fix the software fallback for GCM to validate the existing tag for decrypts.
Sponsored by: Chelsio Communications
Modified:
head/sys/dev/cxgbe/crypto/t4_crypto.c
Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c
==============================================================================
--- head/sys/dev/cxgbe/crypto/t4_crypto.c Thu Jun 8 21:30:34 2017 (r319722)
+++ head/sys/dev/cxgbe/crypto/t4_crypto.c Thu Jun 8 21:33:10 2017 (r319723)
@@ -1398,9 +1398,20 @@ ccr_gcm_soft(struct ccr_session *s, struct cryptop *cr
AES_GMAC_Update(&gmac_ctx, block, sizeof(block));
AES_GMAC_Final(digest, &gmac_ctx);
- crypto_copyback(crp->crp_flags, crp->crp_buf, crda->crd_inject,
- sizeof(digest), digest);
- crp->crp_etype = 0;
+ if (crde->crd_flags & CRD_F_ENCRYPT) {
+ crypto_copyback(crp->crp_flags, crp->crp_buf, crda->crd_inject,
+ sizeof(digest), digest);
+ crp->crp_etype = 0;
+ } else {
+ char digest2[GMAC_DIGEST_LEN];
+
+ crypto_copydata(crp->crp_flags, crp->crp_buf, crda->crd_inject,
+ sizeof(digest2), digest2);
+ if (timingsafe_bcmp(digest, digest2, sizeof(digest)) == 0)
+ crp->crp_etype = 0;
+ else
+ crp->crp_etype = EBADMSG;
+ }
crypto_done(crp);
}
More information about the svn-src-head
mailing list