Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 13 Jul 2022 16:47:51 GMT
From:      John Baldwin <jhb@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: b53f356918f8 - stable/13 - crypto: Fix assertions for digest-only sessions with separate output.
Message-ID:  <202207131647.26DGlpGf052478@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=b53f356918f872063b098741e797b8ebea3d03b9

commit b53f356918f872063b098741e797b8ebea3d03b9
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2022-06-30 17:10:00 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2022-07-13 16:25:14 +0000

    crypto: Fix assertions for digest-only sessions with separate output.
    
    Digest-only sessions do not generate modified payload as an output, so
    don't bother asserting anything about the payload with respect to the
    output buffer other than the payload output start being zero.
    
    In addition, a verify request on a digest-only session doesn't
    generate any output at all so should never have a separate output
    buffer.
    
    PR:             252316
    Reviewed by:    markj
    Co-authored-by: Jeremy Faulkner <gldisater@gmail.com>
    MFC after:      2 weeks
    Differential Revision:  https://reviews.freebsd.org/D35578
    
    (cherry picked from commit c71f2370c5d480cf70f12ee276e044681c57aefc)
---
 sys/opencrypto/crypto.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c
index 1c5074e847ed..c9ba66650807 100644
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@@ -1423,6 +1423,11 @@ crp_sanity(struct cryptop *crp)
 	if (out == NULL) {
 		KASSERT(crp->crp_payload_output_start == 0,
 		    ("payload output start non-zero without output buffer"));
+	} else if (csp->csp_mode == CSP_MODE_DIGEST) {
+		KASSERT(!(crp->crp_op & CRYPTO_OP_VERIFY_DIGEST),
+		    ("digest verify with separate output buffer"));
+		KASSERT(crp->crp_payload_output_start == 0,
+		    ("digest operation with non-zero payload output start"));
 	} else {
 		KASSERT(crp->crp_payload_output_start == 0 ||
 		    crp->crp_payload_output_start < olen,

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202207131647.26DGlpGf052478>