summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sbin/iked/crypto.c6
-rw-r--r--sbin/iked/ikev2_msg.c6
2 files changed, 6 insertions, 6 deletions
diff --git a/sbin/iked/crypto.c b/sbin/iked/crypto.c
index a6d9b54b011..99d32823f6e 100644
--- a/sbin/iked/crypto.c
+++ b/sbin/iked/crypto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto.c,v 1.43 2023/05/23 13:12:19 claudio Exp $ */
+/* $OpenBSD: crypto.c,v 1.44 2023/06/06 13:27:49 claudio Exp $ */
/*
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
@@ -567,9 +567,9 @@ cipher_init(struct iked_cipher *encr, int enc)
return (-1);
if (encr->encr_saltlength > 0) {
/* For AEADs the nonce is salt + IV (see RFC5282) */
- nonce = ibuf_new(ibuf_data(encr->encr_key) +
+ nonce = ibuf_new(ibuf_seek(encr->encr_key,
ibuf_size(encr->encr_key) - encr->encr_saltlength,
- encr->encr_saltlength);
+ encr->encr_saltlength), encr->encr_saltlength);
if (nonce == NULL)
return (-1);
if (ibuf_add(nonce, ibuf_data(encr->encr_iv) , ibuf_size(encr->encr_iv)) != 0)
diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c
index 77a9a166c14..47803e966c0 100644
--- a/sbin/iked/ikev2_msg.c
+++ b/sbin/iked/ikev2_msg.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ikev2_msg.c,v 1.93 2023/05/30 08:41:15 claudio Exp $ */
+/* $OpenBSD: ikev2_msg.c,v 1.94 2023/06/06 13:27:49 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -644,7 +644,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa,
}
cipher_setkey(sa->sa_encr, encr->buf, ibuf_length(encr));
- cipher_setiv(sa->sa_encr, ibuf_data(src) + ivoff, ivlen);
+ cipher_setiv(sa->sa_encr, ibuf_seek(src, ivoff, ivlen), ivlen);
if (cipher_init_decrypt(sa->sa_encr) == -1) {
log_info("%s: error initiating cipher.", __func__);
goto done;
@@ -676,7 +676,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa,
}
if ((outlen = ibuf_length(out)) != 0) {
- if (cipher_update(sa->sa_encr, ibuf_data(src) + encroff,
+ if (cipher_update(sa->sa_encr, ibuf_seek(src, encroff, encrlen),
encrlen, ibuf_data(out), &outlen) == -1) {
log_info("%s: error updating cipher.", __func__);
goto done;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 22:20:25 +0000