PERFORCE change 1199492 for review
John-Mark Gurney
jmg at FreeBSD.org
Mon Sep 8 04:52:41 UTC 2014
http://p4web.freebsd.org/@@1199492?ac=10
Change 1199492 by jmg at jmg_carbon2 on 2014/08/29 00:27:25
This is only useful for CBC... I had it commented out as for ICM
it would pass a negative offset in, since ICM allows a size
smaller than AES block size...
Sponsered by: FreeBSD Foundation
Affected files ...
.. //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#7 edit
Differences ...
==== //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#7 (text+ko) ====
@@ -590,12 +590,13 @@
crypto_copyback(crp->crp_flags, crp->crp_buf, enccrd->crd_skip,
enccrd->crd_len, buf);
- /* OpenBSD doesn't copy this back. Why not? */
+ /*
+ * OpenBSD doesn't copy this back. This primes the IV for the next
+ * chain. Why do we not do it for decrypt?
+ */
/*printf("t: %d, %d, %d, %d\n", enccrd->crd_skip, enccrd->crd_len, enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN, AES_BLOCK_LEN);*/
- if (encflag && 0)
- crypto_copydata(crp->crp_flags, crp->crp_buf,
- enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN,
- AES_BLOCK_LEN, ses->iv);
+ if (encflag && enccrd->crd_alg == CRYPTO_AES_CBC)
+ bcopy(buf + enccrd->crd_len - AES_BLOCK_LEN, ses->iv, AES_BLOCK_LEN);
if (!error && authcrd != NULL) {
crypto_copyback(crp->crp_flags, crp->crp_buf,
More information about the p4-projects
mailing list