Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

If symmetric encryption is done from userland crypto(4) and no IV

Browse Source 
is specified, the kernel gets one from the random generator. Make sure it
is copied out to the user, otherwise the result is quite useless.
This commit is contained in:
drochner 2011-05-23 15:22:57 +00:00
parent fe35ba177e
commit 893c8ed684
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sys/opencrypto/cryptodev.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: cryptodev.c,v 1.60 2011/05/23 13:53:59 drochner Exp $ */
/* $NetBSD: cryptodev.c,v 1.61 2011/05/23 15:22:57 drochner Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */
/* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */
@ -64,7 +64,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.60 2011/05/23 13:53:59 drochner Exp $");
__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.61 2011/05/23 15:22:57 drochner Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -594,7 +594,8 @@ cryptodev_op(struct csession *cse, struct crypt_op *cop, struct lwp *l)
if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
crde->crd_skip = 0;
} else {
crde->crd_flags |= CRD_F_IV_PRESENT;
if (!(crde->crd_flags & CRD_F_ENCRYPT))
crde->crd_flags |= CRD_F_IV_PRESENT;
crde->crd_skip = cse->txform->ivsize;
crde->crd_len -= cse->txform->ivsize;
}
@ -1290,7 +1291,8 @@ cryptodev_mop(struct fcrypt *fcr,
if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
crde->crd_skip = 0;
} else {
crde->crd_flags |= CRD_F_IV_PRESENT;
if (!(crde->crd_flags & CRD_F_ENCRYPT))
crde->crd_flags |= CRD_F_IV_PRESENT;
crde->crd_skip = cse->txform->ivsize;
crde->crd_len -= cse->txform->ivsize;
}