Page MenuHomeFreeBSD
Files F111125466

D12437.id33457.diff
No OneTemporary
Actions

D12437.id33457.diff
View Options

Index: sys/crypto/via/padlock_hash.c
===================================================================
--- sys/crypto/via/padlock_hash.c
+++ sys/crypto/via/padlock_hash.c
@@ -82,7 +82,8 @@
static struct auth_hash padlock_hmac_sha1 = {
CRYPTO_SHA1_HMAC, "HMAC-SHA1",
- 20, SHA1_HASH_LEN, SHA1_HMAC_BLOCK_LEN, sizeof(struct padlock_sha_ctx),
+ SHA1_HMAC_BLOCK_LEN, SHA1_HASH_LEN, sizeof(struct padlock_sha_ctx),
+ SHA1_HMAC_BLOCK_LEN,
(void (*)(void *))padlock_sha_init, NULL, NULL,
(int (*)(void *, const uint8_t *, uint16_t))padlock_sha_update,
(void (*)(uint8_t *, void *))padlock_sha1_final
@@ -90,7 +91,8 @@
static struct auth_hash padlock_hmac_sha256 = {
CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256",
- 32, SHA2_256_HASH_LEN, SHA2_256_HMAC_BLOCK_LEN, sizeof(struct padlock_sha_ctx),
+ SHA2_256_HMAC_BLOCK_LEN, SHA2_256_HASH_LEN,
+ sizeof(struct padlock_sha_ctx), SHA2_256_HMAC_BLOCK_LEN,
(void (*)(void *))padlock_sha_init, NULL, NULL,
(int (*)(void *, const uint8_t *, uint16_t))padlock_sha_update,
(void (*)(uint8_t *, void *))padlock_sha256_final
Index: sys/netipsec/xform_ah.c
===================================================================
--- sys/netipsec/xform_ah.c
+++ sys/netipsec/xform_ah.c
@@ -193,9 +193,9 @@
return EINVAL;
}
keylen = _KEYLEN(sav->key_auth);
- if (keylen != thash->keysize && thash->keysize != 0) {
+ if (keylen > thash->keysize && thash->keysize != 0) {
DPRINTF(("%s: invalid keylength %d, algorithm %s requires "
- "keysize %d\n", __func__,
+ "keysize less than %d\n", __func__,
keylen, thash->name, thash->keysize));
return EINVAL;
}
Index: sys/opencrypto/cryptodev.h
===================================================================
--- sys/opencrypto/cryptodev.h
+++ sys/opencrypto/cryptodev.h
@@ -95,13 +95,6 @@
#define HMAC_IPAD_VAL 0x36
#define HMAC_OPAD_VAL 0x5C
/* HMAC Key Length */
-#define NULL_HMAC_KEY_LEN 0
-#define MD5_HMAC_KEY_LEN 16
-#define SHA1_HMAC_KEY_LEN 20
-#define RIPEMD160_HMAC_KEY_LEN 20
-#define SHA2_256_HMAC_KEY_LEN 32
-#define SHA2_384_HMAC_KEY_LEN 48
-#define SHA2_512_HMAC_KEY_LEN 64
#define AES_128_GMAC_KEY_LEN 16
#define AES_192_GMAC_KEY_LEN 24
#define AES_256_GMAC_KEY_LEN 32
Index: sys/opencrypto/cryptodev.c
===================================================================
--- sys/opencrypto/cryptodev.c
+++ sys/opencrypto/cryptodev.c
@@ -520,7 +520,8 @@
if (thash) {
cria.cri_alg = thash->type;
cria.cri_klen = sop->mackeylen * 8;
- if (sop->mackeylen != thash->keysize) {
+ if (thash->keysize != 0 &&
+ sop->mackeylen > thash->keysize) {
CRYPTDEB("invalid mac key length");
error = EINVAL;
goto bail;
Index: sys/opencrypto/xform_md5.c
===================================================================
--- sys/opencrypto/xform_md5.c
+++ sys/opencrypto/xform_md5.c
@@ -58,14 +58,14 @@
/* Authentication instances */
struct auth_hash auth_hash_hmac_md5 = {
CRYPTO_MD5_HMAC, "HMAC-MD5",
- MD5_HMAC_KEY_LEN, MD5_HASH_LEN, sizeof(MD5_CTX), MD5_HMAC_BLOCK_LEN,
+ MD5_HMAC_BLOCK_LEN, MD5_HASH_LEN, sizeof(MD5_CTX), MD5_HMAC_BLOCK_LEN,
(void (*) (void *)) MD5Init, NULL, NULL, MD5Update_int,
(void (*) (u_int8_t *, void *)) MD5Final
};
struct auth_hash auth_hash_key_md5 = {
CRYPTO_MD5_KPDK, "Keyed MD5",
- NULL_HMAC_KEY_LEN, MD5_KPDK_HASH_LEN, sizeof(MD5_CTX), 0,
+ 0, MD5_KPDK_HASH_LEN, sizeof(MD5_CTX), 0,
(void (*)(void *)) MD5Init, NULL, NULL, MD5Update_int,
(void (*)(u_int8_t *, void *)) MD5Final
};
Index: sys/opencrypto/xform_null.c
===================================================================
--- sys/opencrypto/xform_null.c
+++ sys/opencrypto/xform_null.c
@@ -78,7 +78,7 @@
/* Authentication instances */
struct auth_hash auth_hash_null = { /* NB: context isn't used */
CRYPTO_NULL_HMAC, "NULL-HMAC",
- NULL_HMAC_KEY_LEN, NULL_HASH_LEN, sizeof(int), NULL_HMAC_BLOCK_LEN,
+ 0, NULL_HASH_LEN, sizeof(int), NULL_HMAC_BLOCK_LEN,
null_init, null_reinit, null_reinit, null_update, null_final
};
Index: sys/opencrypto/xform_rmd160.c
===================================================================
--- sys/opencrypto/xform_rmd160.c
+++ sys/opencrypto/xform_rmd160.c
@@ -58,7 +58,7 @@
/* Authentication instances */
struct auth_hash auth_hash_hmac_ripemd_160 = {
CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160",
- RIPEMD160_HMAC_KEY_LEN, RIPEMD160_HASH_LEN, sizeof(RMD160_CTX),
+ RIPEMD160_HMAC_BLOCK_LEN, RIPEMD160_HASH_LEN, sizeof(RMD160_CTX),
RIPEMD160_HMAC_BLOCK_LEN,
(void (*)(void *)) RMD160Init, NULL, NULL, RMD160Update_int,
(void (*)(u_int8_t *, void *)) RMD160Final
Index: sys/opencrypto/xform_sha1.c
===================================================================
--- sys/opencrypto/xform_sha1.c
+++ sys/opencrypto/xform_sha1.c
@@ -60,13 +60,13 @@
/* Authentication instances */
struct auth_hash auth_hash_hmac_sha1 = {
CRYPTO_SHA1_HMAC, "HMAC-SHA1",
- SHA1_HMAC_KEY_LEN, SHA1_HASH_LEN, sizeof(SHA1_CTX), SHA1_HMAC_BLOCK_LEN,
+ SHA1_HMAC_BLOCK_LEN, SHA1_HASH_LEN, sizeof(SHA1_CTX), SHA1_HMAC_BLOCK_LEN,
SHA1Init_int, NULL, NULL, SHA1Update_int, SHA1Final_int
};
struct auth_hash auth_hash_key_sha1 = {
CRYPTO_SHA1_KPDK, "Keyed SHA1",
- NULL_HMAC_KEY_LEN, SHA1_KPDK_HASH_LEN, sizeof(SHA1_CTX), 0,
+ 0, SHA1_KPDK_HASH_LEN, sizeof(SHA1_CTX), 0,
SHA1Init_int, NULL, NULL, SHA1Update_int, SHA1Final_int
};
Index: sys/opencrypto/xform_sha2.c
===================================================================
--- sys/opencrypto/xform_sha2.c
+++ sys/opencrypto/xform_sha2.c
@@ -62,7 +62,7 @@
/* Authentication instances */
struct auth_hash auth_hash_hmac_sha2_256 = {
CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256",
- SHA2_256_HMAC_KEY_LEN, SHA2_256_HASH_LEN, sizeof(SHA256_CTX),
+ SHA2_256_HMAC_BLOCK_LEN, SHA2_256_HASH_LEN, sizeof(SHA256_CTX),
SHA2_256_HMAC_BLOCK_LEN,
(void (*)(void *)) SHA256_Init, NULL, NULL, SHA256Update_int,
(void (*)(u_int8_t *, void *)) SHA256_Final
@@ -70,7 +70,7 @@
struct auth_hash auth_hash_hmac_sha2_384 = {
CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384",
- SHA2_384_HMAC_KEY_LEN, SHA2_384_HASH_LEN, sizeof(SHA384_CTX),
+ SHA2_384_HMAC_BLOCK_LEN, SHA2_384_HASH_LEN, sizeof(SHA384_CTX),
SHA2_384_HMAC_BLOCK_LEN,
(void (*)(void *)) SHA384_Init, NULL, NULL, SHA384Update_int,
(void (*)(u_int8_t *, void *)) SHA384_Final
@@ -78,7 +78,7 @@
struct auth_hash auth_hash_hmac_sha2_512 = {
CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512",
- SHA2_512_HMAC_KEY_LEN, SHA2_512_HASH_LEN, sizeof(SHA512_CTX),
+ SHA2_512_HMAC_BLOCK_LEN, SHA2_512_HASH_LEN, sizeof(SHA512_CTX),
SHA2_512_HMAC_BLOCK_LEN,
(void (*)(void *)) SHA512_Init, NULL, NULL, SHA512Update_int,
(void (*)(u_int8_t *, void *)) SHA512_Final

File Metadata

Mime Type
text/plain
Expires
Fri, Feb 28, 6:48 PM (20 h, 9 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
16889496
Default Alt Text
D12437.id33457.diff (6 KB)

Event Timeline