[src/trunk]: src/sys/opencrypto If symmetric encryption is done from userland...

[drochner <drochner%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/3e6bae99032d
branches:  trunk
changeset: 765255:3e6bae99032d
user:      drochner <drochner%NetBSD.org@localhost>
date:      Mon May 23 15:22:57 2011 +0000

description:
If symmetric encryption is done from userland crypto(4) and no IV
is specified, the kernel gets one from the random generator. Make sure it
is copied out to the user, otherwise the result is quite useless.

diffstat:

 sys/opencrypto/cryptodev.c |  10 ++++++----
 1 files changed, 6 insertions(+), 4 deletions(-)

diffs (38 lines):

diff -r 63f81434c785 -r 3e6bae99032d sys/opencrypto/cryptodev.c
--- a/sys/opencrypto/cryptodev.c        Mon May 23 15:17:25 2011 +0000
+++ b/sys/opencrypto/cryptodev.c        Mon May 23 15:22:57 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: cryptodev.c,v 1.60 2011/05/23 13:53:59 drochner Exp $ */
+/*     $NetBSD: cryptodev.c,v 1.61 2011/05/23 15:22:57 drochner Exp $ */
 /*     $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $        */
 /*     $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $   */
 
@@ -64,7 +64,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.60 2011/05/23 13:53:59 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.61 2011/05/23 15:22:57 drochner Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -594,7 +594,8 @@
                if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
                        crde->crd_skip = 0;
                } else {
-                       crde->crd_flags |= CRD_F_IV_PRESENT;
+                       if (!(crde->crd_flags & CRD_F_ENCRYPT))
+                               crde->crd_flags |= CRD_F_IV_PRESENT;
                        crde->crd_skip = cse->txform->ivsize;
                        crde->crd_len -= cse->txform->ivsize;
                }
@@ -1290,7 +1291,8 @@
                        if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */
                                crde->crd_skip = 0;
                        } else {
-                               crde->crd_flags |= CRD_F_IV_PRESENT;
+                               if (!(crde->crd_flags & CRD_F_ENCRYPT))
+                                       crde->crd_flags |= CRD_F_IV_PRESENT;
                                crde->crd_skip = cse->txform->ivsize;
                                crde->crd_len -= cse->txform->ivsize;
                        }