Author: jhb
Date: Thu Jun  8 21:33:10 2017
New Revision: 319723
URL: https://svnweb.freebsd.org/changeset/base/319723

Log:
  Fix the software fallback for GCM to validate the existing tag for decrypts.
  
  Sponsored by: Chelsio Communications

Modified:
  head/sys/dev/cxgbe/crypto/t4_crypto.c

Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c
==============================================================================
--- head/sys/dev/cxgbe/crypto/t4_crypto.c       Thu Jun  8 21:30:34 2017        
(r319722)
+++ head/sys/dev/cxgbe/crypto/t4_crypto.c       Thu Jun  8 21:33:10 2017        
(r319723)
@@ -1398,9 +1398,20 @@ ccr_gcm_soft(struct ccr_session *s, struct cryptop *cr
        AES_GMAC_Update(&gmac_ctx, block, sizeof(block));
        AES_GMAC_Final(digest, &gmac_ctx);
 
-       crypto_copyback(crp->crp_flags, crp->crp_buf, crda->crd_inject,
-           sizeof(digest), digest);
-       crp->crp_etype = 0;
+       if (crde->crd_flags & CRD_F_ENCRYPT) {
+               crypto_copyback(crp->crp_flags, crp->crp_buf, crda->crd_inject,
+                   sizeof(digest), digest);
+               crp->crp_etype = 0;
+       } else {
+               char digest2[GMAC_DIGEST_LEN];
+
+               crypto_copydata(crp->crp_flags, crp->crp_buf, crda->crd_inject,
+                   sizeof(digest2), digest2);
+               if (timingsafe_bcmp(digest, digest2, sizeof(digest)) == 0)
+                       crp->crp_etype = 0;
+               else
+                       crp->crp_etype = EBADMSG;
+       }
        crypto_done(crp);
 }
 
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to