diff options
author | Conrad Meyer <cem@FreeBSD.org> | 2017-10-04 21:15:45 +0000 |
---|---|---|
committer | Conrad Meyer <cem@FreeBSD.org> | 2017-10-04 21:15:45 +0000 |
commit | a4801490622c622b67323a91b23bdd7911ec619a (patch) | |
tree | a9ac980ad513cac06128028dadb884f1abc29421 /sys/crypto/aesni | |
parent | b01988a5f58a72c7827daebe9d885364791f3ae8 (diff) | |
download | src-a4801490622c622b67323a91b23bdd7911ec619a.tar.gz src-a4801490622c622b67323a91b23bdd7911ec619a.zip |
aesni(4): CRYPTO_AES_NIST_GCM_16 mandates MAC
Remove some dead conditionals and add an assertion around behavior already
present in aesni_process().
Silence a few Coverity false positives.
CIDs: 1381571, 1381557
Sponsored by: Dell EMC Isilon
Notes
Notes:
svn path=/head/; revision=324288
Diffstat (limited to 'sys/crypto/aesni')
-rw-r--r-- | sys/crypto/aesni/aesni.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/sys/crypto/aesni/aesni.c b/sys/crypto/aesni/aesni.c index 3cb1df83b699..8b45f282a7ea 100644 --- a/sys/crypto/aesni/aesni.c +++ b/sys/crypto/aesni/aesni.c @@ -773,12 +773,15 @@ aesni_cipher_crypt(struct aesni_session *ses, struct cryptodesc *enccrd, int error, ivlen; bool encflag, allocated, authallocated; + KASSERT(ses->algo != CRYPTO_AES_NIST_GCM_16 || authcrd != NULL, + ("AES_NIST_GCM_16 must include MAC descriptor")); + buf = aesni_cipher_alloc(enccrd, crp, &allocated); if (buf == NULL) return (ENOMEM); authallocated = false; - if (ses->algo == CRYPTO_AES_NIST_GCM_16 && authcrd != NULL) { + if (ses->algo == CRYPTO_AES_NIST_GCM_16) { authbuf = aesni_cipher_alloc(authcrd, crp, &authallocated); if (authbuf == NULL) { error = ENOMEM; @@ -851,7 +854,7 @@ aesni_cipher_crypt(struct aesni_session *ses, struct cryptodesc *enccrd, iv); break; case CRYPTO_AES_NIST_GCM_16: - if (authcrd != NULL && !encflag) + if (!encflag) crypto_copydata(crp->crp_flags, crp->crp_buf, authcrd->crd_inject, GMAC_DIGEST_LEN, tag); else |