d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ubsec(4) doesn't support explicitly provided keys. Return an error instead

Browse Source 
of encrypting/decrypting data with a wrong key.
This commit is contained in:
pjd 2006-04-10 18:37:46 +00:00
parent d84c042d26
commit 23fa018811
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/dev/ubsec/ubsec.c
View File

@ -1077,6 +1077,13 @@ ubsec_process(void *arg, struct cryptop *crp, int hint)
}
crd2 = crd1->crd_next;
if ((crd1->crd_flags & CRD_F_KEY_EXPLICIT) ||
(crd2 != NULL && (crd2->crd_flags & CRD_F_KEY_EXPLICIT))) {
ubsecstats.hst_badflags++;
err = EINVAL;
goto errout;
}
if (crd2 == NULL) {
if (crd1->crd_alg == CRYPTO_MD5_HMAC ||
crd1->crd_alg == CRYPTO_SHA1_HMAC) {