From eb340a613cc089dc32e67a94247b862ebf8dba54 Mon Sep 17 00:00:00 2001 From: Pawel Jakub Dawidek Date: Thu, 20 Apr 2006 06:31:44 +0000 Subject: [PATCH] padlock(4) doesn't support explicitly provided keys yet. Return an error instead of encrypting/decrypting data with a wrong key. --- sys/crypto/via/padlock.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sys/crypto/via/padlock.c b/sys/crypto/via/padlock.c index 33dbae83891f..606747f02725 100644 --- a/sys/crypto/via/padlock.c +++ b/sys/crypto/via/padlock.c @@ -366,6 +366,10 @@ padlock_process(void *arg __unused, struct cryptop *crp, int hint __unused) err = EINVAL; goto out; } + if ((crd->crd_flags & CRD_F_KEY_EXPLICIT) != 0) { + err = EINVAL; + goto out; + } mtx_lock(&sc->sc_sessions_mtx); TAILQ_FOREACH(ses, &sc->sc_sessions, ses_next) {