aboutsummaryrefslogtreecommitdiff
path: root/sys/crypto/aesni
diff options
context:
space:
mode:
authorConrad Meyer <cem@FreeBSD.org>2017-10-04 21:15:45 +0000
committerConrad Meyer <cem@FreeBSD.org>2017-10-04 21:15:45 +0000
commita4801490622c622b67323a91b23bdd7911ec619a (patch)
treea9ac980ad513cac06128028dadb884f1abc29421 /sys/crypto/aesni
parentb01988a5f58a72c7827daebe9d885364791f3ae8 (diff)
downloadsrc-a4801490622c622b67323a91b23bdd7911ec619a.tar.gz
src-a4801490622c622b67323a91b23bdd7911ec619a.zip
aesni(4): CRYPTO_AES_NIST_GCM_16 mandates MAC
Remove some dead conditionals and add an assertion around behavior already present in aesni_process(). Silence a few Coverity false positives. CIDs: 1381571, 1381557 Sponsored by: Dell EMC Isilon
Notes
Notes: svn path=/head/; revision=324288
Diffstat (limited to 'sys/crypto/aesni')
-rw-r--r--sys/crypto/aesni/aesni.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/sys/crypto/aesni/aesni.c b/sys/crypto/aesni/aesni.c
index 3cb1df83b699..8b45f282a7ea 100644
--- a/sys/crypto/aesni/aesni.c
+++ b/sys/crypto/aesni/aesni.c
@@ -773,12 +773,15 @@ aesni_cipher_crypt(struct aesni_session *ses, struct cryptodesc *enccrd,
int error, ivlen;
bool encflag, allocated, authallocated;
+ KASSERT(ses->algo != CRYPTO_AES_NIST_GCM_16 || authcrd != NULL,
+ ("AES_NIST_GCM_16 must include MAC descriptor"));
+
buf = aesni_cipher_alloc(enccrd, crp, &allocated);
if (buf == NULL)
return (ENOMEM);
authallocated = false;
- if (ses->algo == CRYPTO_AES_NIST_GCM_16 && authcrd != NULL) {
+ if (ses->algo == CRYPTO_AES_NIST_GCM_16) {
authbuf = aesni_cipher_alloc(authcrd, crp, &authallocated);
if (authbuf == NULL) {
error = ENOMEM;
@@ -851,7 +854,7 @@ aesni_cipher_crypt(struct aesni_session *ses, struct cryptodesc *enccrd,
iv);
break;
case CRYPTO_AES_NIST_GCM_16:
- if (authcrd != NULL && !encflag)
+ if (!encflag)
crypto_copydata(crp->crp_flags, crp->crp_buf,
authcrd->crd_inject, GMAC_DIGEST_LEN, tag);
else
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 12:12:36 +0000