From 36e4dcf47d45bbb87875ee4a9f5cc26a72a9f048 Mon Sep 17 00:00:00 2001
From: Mark Johnston <markj@FreeBSD.org>
Date: Mon, 18 Oct 2021 09:40:47 -0400
Subject: [PATCH] safexcel: Set the context record unconditionally

The condition added in commit 5bdb8b273aaf excludes plain SHA
transforms, so for such sessions crypto operations would return
incorrect results.

Fixes:	5bdb8b273aaf ("safexcel: Maintain per-session context records")
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
---
 sys/dev/safexcel/safexcel.c | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/sys/dev/safexcel/safexcel.c b/sys/dev/safexcel/safexcel.c
index b844a167b078..36bd65642403 100644
--- a/sys/dev/safexcel/safexcel.c
+++ b/sys/dev/safexcel/safexcel.c
@@ -2520,15 +2520,12 @@ safexcel_newsession(device_t dev, crypto_session_t cses,
 	if (csp->csp_auth_mlen != 0)
 		sess->digestlen = csp->csp_auth_mlen;
 
-	if ((csp->csp_cipher_alg == 0 || csp->csp_cipher_key != NULL) &&
-	    (csp->csp_auth_alg == 0 || csp->csp_auth_key != NULL)) {
-		sess->encctx.len = safexcel_set_context(&sess->encctx.ctx,
-		    CRYPTO_OP_ENCRYPT, csp->csp_cipher_key, csp->csp_auth_key,
-		    sess);
-		sess->decctx.len = safexcel_set_context(&sess->decctx.ctx,
-		    CRYPTO_OP_DECRYPT, csp->csp_cipher_key, csp->csp_auth_key,
-		    sess);
-	}
+	sess->encctx.len = safexcel_set_context(&sess->encctx.ctx,
+	    CRYPTO_OP_ENCRYPT, csp->csp_cipher_key, csp->csp_auth_key,
+	    sess);
+	sess->decctx.len = safexcel_set_context(&sess->decctx.ctx,
+	    CRYPTO_OP_DECRYPT, csp->csp_cipher_key, csp->csp_auth_key,
+	    sess);
 
 	return (0);
 }