d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

aesni(4): CRYPTO_AES_NIST_GCM_16 mandates MAC

Browse Source 
Remove some dead conditionals and add an assertion around behavior already
present in aesni_process().

Silence a few Coverity false positives.

CIDs:		1381571, 1381557
Sponsored by:	Dell EMC Isilon
This commit is contained in:
Conrad Meyer 2017-10-04 21:15:45 +00:00
parent b01988a5f5
commit a480149062
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=324288
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/crypto/aesni/aesni.c
View File

@ -773,12 +773,15 @@ aesni_cipher_crypt(struct aesni_session *ses, struct cryptodesc *enccrd,
int error, ivlen;
bool encflag, allocated, authallocated;
KASSERT(ses->algo != CRYPTO_AES_NIST_GCM_16 || authcrd != NULL,
("AES_NIST_GCM_16 must include MAC descriptor"));
buf = aesni_cipher_alloc(enccrd, crp, &allocated);
if (buf == NULL)
return (ENOMEM);
authallocated = false;
if (ses->algo == CRYPTO_AES_NIST_GCM_16 && authcrd != NULL) {
if (ses->algo == CRYPTO_AES_NIST_GCM_16) {
authbuf = aesni_cipher_alloc(authcrd, crp, &authallocated);
if (authbuf == NULL) {
error = ENOMEM;
@ -851,7 +854,7 @@ aesni_cipher_crypt(struct aesni_session *ses, struct cryptodesc *enccrd,
iv);
break;
case CRYPTO_AES_NIST_GCM_16:
if (authcrd != NULL && !encflag)
if (!encflag)
crypto_copydata(crp->crp_flags, crp->crp_buf,
authcrd->crd_inject, GMAC_DIGEST_LEN, tag);
else