Date: Mon, 8 Sep 2014 04:51:02 GMT From: John-Mark Gurney <jmg@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 1199449 for review Message-ID: <201409080451.s884p2Fh026676@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@1199449?ac=10 Change 1199449 by jmg@jmg_carbon2 on 2014/08/27 22:59:03 document that we support ICM... use encflag, since we have it... directly test the return, we don't need it else where... comment out some debugging... don't copy back the IV.. if we have a block < 16 bytes, it'll panic the machine... I'm not sure if this is even useful, as the next bit of lines overwrites it... this will need more investigation... also, only copyback data if we didn't get an error (tag matched).. We only decrypt when a tag match, so we would have been leaking data to userland... Affected files ... .. //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#6 edit Differences ... ==== //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#6 (text+ko) ==== @@ -89,7 +89,7 @@ return (EINVAL); } - device_set_desc_copy(dev, "AES-CBC,AES-XTS,AES-GCM"); + device_set_desc_copy(dev, "AES-CBC,AES-XTS,AES-GCM,AES-ICM"); return (0); } @@ -459,7 +459,6 @@ uint8_t *buf, *authbuf; int error, allocated, authallocated; int ivlen, encflag; - int r; encflag = (enccrd->crd_flags & CRD_F_ENCRYPT) == CRD_F_ENCRYPT; @@ -511,7 +510,7 @@ /* Setup ses->iv */ bzero(ses->iv, sizeof ses->iv); /*printf("crd_flags: %#x, ivlen: %d, iv: ", enccrd->crd_flags, ivlen);*/ - if ((enccrd->crd_flags & CRD_F_ENCRYPT) != 0) { + if (encflag) { if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0) bcopy(enccrd->crd_iv, ses->iv, ivlen); if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) @@ -579,10 +578,10 @@ enccrd->crd_len, authcrd->crd_len, ivlen, ses->enc_schedule, ses->rounds); else { - r = AES_GCM_decrypt(buf, buf, authbuf, ses->iv, tag, + if (!AES_GCM_decrypt(buf, buf, authbuf, ses->iv, tag, enccrd->crd_len, authcrd->crd_len, ivlen, - ses->enc_schedule, ses->rounds); - /*printf("dec r: %d\n", r);*/ + ses->enc_schedule, ses->rounds)) + error = EBADMSG; } break; } @@ -592,12 +591,13 @@ enccrd->crd_len, buf); /* OpenBSD doesn't copy this back. Why not? */ - if ((enccrd->crd_flags & CRD_F_ENCRYPT) != 0) + /*printf("t: %d, %d, %d, %d\n", enccrd->crd_skip, enccrd->crd_len, enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN, AES_BLOCK_LEN);*/ + if (encflag && 0) crypto_copydata(crp->crp_flags, crp->crp_buf, enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN, AES_BLOCK_LEN, ses->iv); - if (authcrd != NULL) { + if (!error && authcrd != NULL) { crypto_copyback(crp->crp_flags, crp->crp_buf, authcrd->crd_inject, GMAC_DIGEST_LEN, tag); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201409080451.s884p2Fh026676>