diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2002-04-26 04:31:15 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2002-04-26 04:31:15 +0000 |
| commit | 1af502855dfc89da4e63fc61e60f0c2dd4d1b555 (patch) | |
| tree | a8eee28c73dfd32ef63e63a0e0b52f37717c115e /sys | |
| parent | c154336f3844e340bc010e23ce4aca76a3d0ca79 (diff) | |
disable cryptodevallowsoft again; constrain key bit sizes to % 32cryptodev.c
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/crypto/cryptodev.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/sys/crypto/cryptodev.c b/sys/crypto/cryptodev.c index b0106a5bd51..f8097466ca8 100644 --- a/sys/crypto/cryptodev.c +++ b/sys/crypto/cryptodev.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptodev.c,v 1.39 2002/04/24 23:24:32 deraadt Exp $ */ +/* $OpenBSD: cryptodev.c,v 1.40 2002/04/26 04:31:14 deraadt Exp $ */ /* * Copyright (c) 2001 Theo de Raadt @@ -123,7 +123,7 @@ int cryptodev_cb(void *); int cryptodevkey_cb(void *); int usercrypto = 1; /* userland may do crypto requests */ -int cryptodevallowsoft = 1; /* only use hardware crypto */ +int cryptodevallowsoft = 0; /* only use hardware crypto */ /* ARGSUSED */ int @@ -508,8 +508,13 @@ cryptodev_key(struct crypt_kop *kop) krp->krp_status = 0; krp->krp_callback = (int (*) (struct cryptkop *)) cryptodevkey_cb; - for (i = 0; i < CRK_MAXPARAM; i++) + for (i = 0; i < CRK_MAXPARAM; i++) { krp->krp_param[i].crp_nbits = kop->crk_param[i].crp_nbits; + if (krp->krp_param[i].crp_nbits % 32) { + error = EINVAL; + goto fail; + } + } for (i = 0; i < krp->krp_iparams + krp->krp_oparams; i++) { size = (krp->krp_param[i].crp_nbits + 7) / 8; if (size == 0) |