From 753c6a04eef9cdfccc259b238ae4e90bc55eb207 Mon Sep 17 00:00:00 2001 From: Mike Belopuhov Date: Fri, 7 Dec 2012 17:03:23 +0000 Subject: Fix one of the two issues with ESN support in the GCM case: supply correct AAD length to the final round of hashing. While here rename swcr_combined to swcr_authenc. --- sys/crypto/cryptosoft.c | 8 ++++---- sys/crypto/cryptosoft.h | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sys/crypto/cryptosoft.c b/sys/crypto/cryptosoft.c index 204b7193c30..c3880d5c803 100644 --- a/sys/crypto/cryptosoft.c +++ b/sys/crypto/cryptosoft.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptosoft.c,v 1.65 2012/10/04 13:17:12 haesbaert Exp $ */ +/* $OpenBSD: cryptosoft.c,v 1.66 2012/12/07 17:03:22 mikeb Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) @@ -493,7 +493,7 @@ swcr_authcompute(struct cryptop *crp, struct cryptodesc *crd, * Apply a combined encryption-authentication transformation */ int -swcr_combined(struct cryptop *crp) +swcr_authenc(struct cryptop *crp) { uint32_t blkbuf[howmany(EALG_MAX_BLOCK_LEN, sizeof(uint32_t))]; u_char *blk = (u_char *)blkbuf; @@ -626,7 +626,7 @@ swcr_combined(struct cryptop *crp) /* length block */ bzero(blk, blksz); blkp = (uint32_t *)blk + 1; - *blkp = htobe32(crda->crd_len * 8); + *blkp = htobe32(aadlen * 8); blkp = (uint32_t *)blk + 3; *blkp = htobe32(crde->crd_len * 8); axf->Update(&ctx, blk, blksz); @@ -1147,7 +1147,7 @@ swcr_process(struct cryptop *crp) case CRYPTO_AES_128_GMAC: case CRYPTO_AES_192_GMAC: case CRYPTO_AES_256_GMAC: - crp->crp_etype = swcr_combined(crp); + crp->crp_etype = swcr_authenc(crp); goto done; case CRYPTO_DEFLATE_COMP: diff --git a/sys/crypto/cryptosoft.h b/sys/crypto/cryptosoft.h index 9a1c6840312..070b974abc6 100644 --- a/sys/crypto/cryptosoft.h +++ b/sys/crypto/cryptosoft.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptosoft.h,v 1.13 2010/09/22 11:54:23 mikeb Exp $ */ +/* $OpenBSD: cryptosoft.h,v 1.14 2012/12/07 17:03:22 mikeb Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) @@ -63,7 +63,7 @@ extern const u_int8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN]; int swcr_encdec(struct cryptodesc *, struct swcr_data *, caddr_t, int); int swcr_authcompute(struct cryptop *, struct cryptodesc *, struct swcr_data *, caddr_t, int); -int swcr_combined(struct cryptop *); +int swcr_authenc(struct cryptop *); int swcr_compdec(struct cryptodesc *, struct swcr_data *, caddr_t, int); int swcr_process(struct cryptop *); int swcr_newsession(u_int32_t *, struct cryptoini *); -- cgit v1.2.3