diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2010-01-10 12:43:08 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2010-01-10 12:43:08 +0000 |
| commit | e984d91179e6d0cd1106eb8a8f90cd3cdebf4ad2 (patch) | |
| tree | bda04e5dbaef37b20c5c45e7c0dd7c34f727ff0d /sys/netinet/ip_ipsp.h | |
| parent | e86b036f8f31495d41041510999f7ece130f9cc9 (diff) | |
Fix two bugs in IPsec/HMAC-SHA2:
(1) use correct (message) block size of 128 byte (instead of 64
bytes) for HMAC-SHA512/384 (RFC4634).
(2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncated to
nnn/2 bits, while we still use 96 bits. 96 bits have been
specified in draft-ietf-ipsec-ciph-sha-256-00 while
draft-ietf-ipsec-ciph-sha-256-01 changed it to 128 bits.
WARNING: this change makes IPsec with SHA-256 (the default)
incompatible with older OpenBSD versions and other IPsec-implementations
that share this bug.
ok+tests naddy, fries; requested by reyk/deraadt
Diffstat (limited to 'sys/netinet/ip_ipsp.h')
| -rw-r--r-- | sys/netinet/ip_ipsp.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h index 9b214c4ea5c..05a2d4d8d73 100644 --- a/sys/netinet/ip_ipsp.h +++ b/sys/netinet/ip_ipsp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.h,v 1.139 2009/11/13 20:54:05 claudio Exp $ */ +/* $OpenBSD: ip_ipsp.h,v 1.140 2010/01/10 12:43:07 markus Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr), @@ -61,7 +61,7 @@ union sockaddr_union { #define SHA2_384HMAC96_KEYSIZE 48 #define SHA2_512HMAC96_KEYSIZE 64 -#define AH_HMAC_HASHLEN 12 /* 96 bits of authenticator */ +#define AH_HMAC_MAX_HASHLEN 32 /* 256 bits of authenticator for SHA512 */ #define AH_HMAC_RPLENGTH 4 /* 32 bits of replay counter */ #define AH_HMAC_INITIAL_RPL 1 /* Replay counter initial value */ |