padlock(4) doesn't support explicitly provided keys yet.

Return an error instead of encrypting/decrypting data with a wrong key.
author: pjd <pjd@FreeBSD.org> 2006-04-20 06:31:44 +0000
committer: pjd <pjd@FreeBSD.org> 2006-04-20 06:31:44 +0000
commit: a4071b836a496570fbc0647b522984a444e6d4a2 (patch)
tree: 23fc09d5d3bdef4e24caa1554e87df785f1af5d4 /sys/crypto/via/padlock.c
parent: 8d8f399b4c6bee6dd415d0e3ae46a82b39ba8031 (diff)
download: FreeBSD-src-a4071b836a496570fbc0647b522984a444e6d4a2.zip
FreeBSD-src-a4071b836a496570fbc0647b522984a444e6d4a2.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/sys/crypto/via/padlock.c b/sys/crypto/via/padlock.c
index 33dbae8..606747f 100644
--- a/sys/crypto/via/padlock.c
+++ b/sys/crypto/via/padlock.c
@@ -366,6 +366,10 @@ padlock_process(void *arg __unused, struct cryptop *crp, int hint __unused)
 		err = EINVAL;
 		goto out;
 	}
+	if ((crd->crd_flags & CRD_F_KEY_EXPLICIT) != 0) {
+		err = EINVAL;
+		goto out;
+	}
 
 	mtx_lock(&sc->sc_sessions_mtx);
 	TAILQ_FOREACH(ses, &sc->sc_sessions, ses_next) {
author	pjd <pjd@FreeBSD.org>	2006-04-20 06:31:44 +0000
committer	pjd <pjd@FreeBSD.org>	2006-04-20 06:31:44 +0000
commit	a4071b836a496570fbc0647b522984a444e6d4a2 (patch)
tree	23fc09d5d3bdef4e24caa1554e87df785f1af5d4 /sys/crypto/via/padlock.c
parent	8d8f399b4c6bee6dd415d0e3ae46a82b39ba8031 (diff)
download	FreeBSD-src-a4071b836a496570fbc0647b522984a444e6d4a2.zip FreeBSD-src-a4071b836a496570fbc0647b522984a444e6d4a2.tar.gz