Bug #12390
closedAES: aes_mech_info_tab error
100%
Description
This appears to be a syntax fix in relation to each block. It appears that the character should be a comma instead of a pipe. Testing before the change and after the change with crypto tests checks out in both forms.
usr/src/uts/common/crypto/io/aes.c @@ -75,7 +75,7 @@ static crypto_mech_info_t aes_mech_info_tab[] = { /* AES_CMAC */ {SUN_CKM_AES_CMAC, AES_CMAC_MECH_INFO_TYPE, CRYPTO_FG_ENCRYPT | CRYPTO_FG_ENCRYPT_ATOMIC | - CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC | + CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, AES_MIN_KEY_BYTES, AES_MAX_KEY_BYTES, CRYPTO_KEYSIZE_UNIT_IN_BYTES}, /* AES_CTR */ {SUN_CKM_AES_CTR, AES_CTR_MECH_INFO_TYPE,
Files
Updated by Nick Ewins about 2 years ago
- % Done changed from 0 to 90
To test, I built and booted a BE containing this change and then ran the crypto digest tests which all passed.
Updated by Brian Bennett about 2 years ago
I'd like to see some description of what exactly was wrong with the old code, other than a patch. What is it that misbehaves with the current code? How is it triggered, and under what circumstances?
The test suite passes after this change...was it failing before?
Updated by Jason King about 2 years ago
If you look at the definition of crypto_mech_info_t
, it's fairly obviously wrong. The next field is a bitmap of the operations supported.. by wrongly bitwise-ORing the minimum key size in bytes (16) along with the rest of the supported operations, it was falsely advertising that AES supports CRYPTO_FG_SIGN_RECOVER
.
It ends up being mostly a discovery problem where it's advertising incorrect values.
Updated by Electric Monk about 2 years ago
- Status changed from New to Closed
- % Done changed from 90 to 100
git commit 82c3f1a85d940e88355a055831c2d279c69c59e6
commit 82c3f1a85d940e88355a055831c2d279c69c59e6 Author: Nick Ewins <nick@krypton.computer> Date: 2020-06-09T14:40:45.000Z 12390 AES: aes_mech_info_tab error Reviewed by: Garrett D'Amore <garrett@damore.org> Reviewed by: Matt Barden <mbarden@tintri.com> Reviewed by: Toomas Soome <tsoome@me.com> Approved by: Dan McDonald <danmcd@joyent.com>
Updated by Nick Ewins about 2 years ago
crypto digest test log showing all passed.