summaryrefslogtreecommitdiff
path: root/usr/src/lib/pkcs11/libpkcs11/common/metaCrypt.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/lib/pkcs11/libpkcs11/common/metaCrypt.c')
-rw-r--r--usr/src/lib/pkcs11/libpkcs11/common/metaCrypt.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/usr/src/lib/pkcs11/libpkcs11/common/metaCrypt.c b/usr/src/lib/pkcs11/libpkcs11/common/metaCrypt.c
index 272469b54e..0df7ea84b3 100644
--- a/usr/src/lib/pkcs11/libpkcs11/common/metaCrypt.c
+++ b/usr/src/lib/pkcs11/libpkcs11/common/metaCrypt.c
@@ -21,10 +21,9 @@
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2018, Joyent, Inc.
*/
-#pragma ident "%Z%%M% %I% %E% SMI"
-
/*
* Encryption and Decryption Functions
* (as defined in PKCS#11 spec sections 11.8 and 11.9)
@@ -83,7 +82,18 @@ meta_Encrypt(CK_SESSION_HANDLE hSession,
if (rv != CKR_OK)
return (rv);
- if (pData == NULL || pulEncryptedDataLen == NULL) {
+ if (pulEncryptedDataLen == NULL) {
+ meta_operation_cleanup(session, CKF_ENCRYPT, FALSE);
+ REFRELEASE(session);
+ return (CKR_ARGUMENTS_BAD);
+ }
+
+ /*
+ * Allow pData to be NULL as long as the length is 0 in order to
+ * support ciphers that permit 0 byte inputs (e.g. combined mode
+ * ciphers), otherwise consider pData being NULL as invalid.
+ */
+ if (pData == NULL && ulDataLen != 0) {
meta_operation_cleanup(session, CKF_ENCRYPT, FALSE);
REFRELEASE(session);
return (CKR_ARGUMENTS_BAD);
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-06 10:11:50 +0000