Page MenuHomeFreeBSD
Differential D25288 Diff 73484 head/sys/opencrypto/crypto.c

Changeset View

Standalone View

View Options

head/sys/opencrypto/crypto.c

Show First 20 LinesShow All 749 Lines▼ Show 20 Lines
/* Various sanity checks on crypto session parameters. */ /* Various sanity checks on crypto session parameters. */
static bool static bool
check_csp(const struct crypto_session_params *csp) check_csp(const struct crypto_session_params *csp)
{ {
struct auth_hash *axf; struct auth_hash *axf;
/* Mode-independent checks. */ /* Mode-independent checks. */
if ((csp->csp_flags & ~CSP_F_SEPARATE_OUTPUT) != 0) if ((csp->csp_flags & ~(CSP_F_SEPARATE_OUTPUT | CSP_F_SEPARATE_AAD)) !=
0)
return (false); return (false);
if (csp->csp_ivlen < 0 || csp->csp_cipher_klen < 0 || if (csp->csp_ivlen < 0 || csp->csp_cipher_klen < 0 ||
csp->csp_auth_klen < 0 || csp->csp_auth_mlen < 0) csp->csp_auth_klen < 0 || csp->csp_auth_mlen < 0)
return (false); return (false);
if (csp->csp_auth_key != NULL && csp->csp_auth_klen == 0) if (csp->csp_auth_key != NULL && csp->csp_auth_klen == 0)
return (false); return (false);
if (csp->csp_cipher_key != NULL && csp->csp_cipher_klen == 0) if (csp->csp_cipher_key != NULL && csp->csp_cipher_klen == 0)
return (false); return (false);
switch (csp->csp_mode) { switch (csp->csp_mode) {
case CSP_MODE_COMPRESS: case CSP_MODE_COMPRESS:
if (!alg_is_compression(csp->csp_cipher_alg)) if (!alg_is_compression(csp->csp_cipher_alg))
return (false); return (false);
if (csp->csp_flags & CSP_F_SEPARATE_OUTPUT) if (csp->csp_flags & CSP_F_SEPARATE_OUTPUT)
return (false); return (false);
if (csp->csp_flags & CSP_F_SEPARATE_AAD)
return (false);
if (csp->csp_cipher_klen != 0 || csp->csp_ivlen != 0 || if (csp->csp_cipher_klen != 0 || csp->csp_ivlen != 0 ||
csp->csp_auth_alg != 0 || csp->csp_auth_klen != 0 || csp->csp_auth_alg != 0 || csp->csp_auth_klen != 0 ||
csp->csp_auth_mlen != 0) csp->csp_auth_mlen != 0)
return (false); return (false);
break; break;
case CSP_MODE_CIPHER: case CSP_MODE_CIPHER:
if (!alg_is_cipher(csp->csp_cipher_alg)) if (!alg_is_cipher(csp->csp_cipher_alg))
return (false); return (false);
if (csp->csp_flags & CSP_F_SEPARATE_AAD)
return (false);
if (csp->csp_cipher_alg != CRYPTO_NULL_CBC) { if (csp->csp_cipher_alg != CRYPTO_NULL_CBC) {
if (csp->csp_cipher_klen == 0) if (csp->csp_cipher_klen == 0)
return (false); return (false);
if (csp->csp_ivlen == 0) if (csp->csp_ivlen == 0)
return (false); return (false);
} }
if (csp->csp_ivlen >= EALG_MAX_BLOCK_LEN) if (csp->csp_ivlen >= EALG_MAX_BLOCK_LEN)
return (false); return (false);
if (csp->csp_auth_alg != 0 || csp->csp_auth_klen != 0 || if (csp->csp_auth_alg != 0 || csp->csp_auth_klen != 0 ||
csp->csp_auth_mlen != 0) csp->csp_auth_mlen != 0)
return (false); return (false);
break; break;
case CSP_MODE_DIGEST: case CSP_MODE_DIGEST:
if (csp->csp_cipher_alg != 0 || csp->csp_cipher_klen != 0) if (csp->csp_cipher_alg != 0 || csp->csp_cipher_klen != 0)
return (false); return (false);
if (csp->csp_flags & CSP_F_SEPARATE_AAD)
return (false);
/* IV is optional for digests (e.g. GMAC). */ /* IV is optional for digests (e.g. GMAC). */
if (csp->csp_ivlen >= EALG_MAX_BLOCK_LEN) if (csp->csp_ivlen >= EALG_MAX_BLOCK_LEN)
return (false); return (false);
if (!alg_is_digest(csp->csp_auth_alg)) if (!alg_is_digest(csp->csp_auth_alg))
return (false); return (false);
/* Key is optional for BLAKE2 digests. */ /* Key is optional for BLAKE2 digests. */
if (csp->csp_auth_alg == CRYPTO_BLAKE2B || if (csp->csp_auth_alg == CRYPTO_BLAKE2B ||
▲ Show 20 LinesShow All 495 Lines▼ Show 20 Lines case CSP_MODE_ETA:
KASSERT(crp->crp_op == KASSERT(crp->crp_op ==
(CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST) || (CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST) ||
crp->crp_op == crp->crp_op ==
(CRYPTO_OP_DECRYPT | CRYPTO_OP_VERIFY_DIGEST), (CRYPTO_OP_DECRYPT | CRYPTO_OP_VERIFY_DIGEST),
("invalid ETA op %x", crp->crp_op)); ("invalid ETA op %x", crp->crp_op));
break; break;
} }
if (csp->csp_mode == CSP_MODE_AEAD || csp->csp_mode == CSP_MODE_ETA) { if (csp->csp_mode == CSP_MODE_AEAD || csp->csp_mode == CSP_MODE_ETA) {
if (crp->crp_aad == NULL) {
KASSERT(crp->crp_aad_start == 0 || KASSERT(crp->crp_aad_start == 0 ||
crp->crp_aad_start < ilen, crp->crp_aad_start < ilen,
("invalid AAD start")); ("invalid AAD start"));
KASSERT(crp->crp_aad_length != 0 || crp->crp_aad_start == 0, KASSERT(crp->crp_aad_length != 0 ||
crp->crp_aad_start == 0,
("AAD with zero length and non-zero start")); ("AAD with zero length and non-zero start"));
KASSERT(crp->crp_aad_length == 0 || KASSERT(crp->crp_aad_length == 0 ||
crp->crp_aad_start + crp->crp_aad_length <= ilen, crp->crp_aad_start + crp->crp_aad_length <= ilen,
("AAD outside input length")); ("AAD outside input length"));
} else { } else {
KASSERT(crp->crp_aad_start == 0 && crp->crp_aad_length == 0, KASSERT(csp->csp_flags & CSP_F_SEPARATE_AAD,
("session doesn't support separate AAD buffer"));
KASSERT(crp->crp_aad_start == 0,
("separate AAD buffer with non-zero AAD start"));
KASSERT(crp->crp_aad_length != 0,
("separate AAD buffer with zero length"));
}
} else {
KASSERT(crp->crp_aad == NULL && crp->crp_aad_start == 0 &&
crp->crp_aad_length == 0,
("AAD region in request not supporting AAD")); ("AAD region in request not supporting AAD"));
} }
if (csp->csp_ivlen == 0) { if (csp->csp_ivlen == 0) {
KASSERT((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0, KASSERT((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0,
("IV_SEPARATE set when IV isn't used")); ("IV_SEPARATE set when IV isn't used"));
KASSERT(crp->crp_iv_start == 0, KASSERT(crp->crp_iv_start == 0,
("crp_iv_start set when IV isn't used")); ("crp_iv_start set when IV isn't used"));
} else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) { } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) {
▲ Show 20 LinesShow All 971 LinesShow Last 20 Lines