From c71f2370c5d480cf70f12ee276e044681c57aefc Mon Sep 17 00:00:00 2001
From: John Baldwin <jhb@FreeBSD.org>
Date: Thu, 30 Jun 2022 10:10:00 -0700
Subject: [PATCH] crypto: Fix assertions for digest-only sessions with separate
 output.

Digest-only sessions do not generate modified payload as an output, so
don't bother asserting anything about the payload with respect to the
output buffer other than the payload output start being zero.

In addition, a verify request on a digest-only session doesn't
generate any output at all so should never have a separate output
buffer.

PR:		252316
Reviewed by:	markj
Co-authored-by:	Jeremy Faulkner <gldisater@gmail.com>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D35578
---
 sys/opencrypto/crypto.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c
index fde1316595e..ff7ce0f9b81 100644
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@@ -1372,6 +1372,11 @@ crp_sanity(struct cryptop *crp)
 	if (out == NULL) {
 		KASSERT(crp->crp_payload_output_start == 0,
 		    ("payload output start non-zero without output buffer"));
+	} else if (csp->csp_mode == CSP_MODE_DIGEST) {
+		KASSERT(!(crp->crp_op & CRYPTO_OP_VERIFY_DIGEST),
+		    ("digest verify with separate output buffer"));
+		KASSERT(crp->crp_payload_output_start == 0,
+		    ("digest operation with non-zero payload output start"));
 	} else {
 		KASSERT(crp->crp_payload_output_start == 0 ||
 		    crp->crp_payload_output_start < olen,