Date: Mon, 8 Sep 2014 04:51:07 GMT From: John-Mark Gurney <jmg@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 1199492 for review Message-ID: <201409080451.s884p7mo026960@skunkworks.freebsd.org>
index | next in thread | raw e-mail
http://p4web.freebsd.org/@@1199492?ac=10 Change 1199492 by jmg@jmg_carbon2 on 2014/08/29 00:27:25 This is only useful for CBC... I had it commented out as for ICM it would pass a negative offset in, since ICM allows a size smaller than AES block size... Sponsered by: FreeBSD Foundation Affected files ... .. //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#7 edit Differences ... ==== //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#7 (text+ko) ==== @@ -590,12 +590,13 @@ crypto_copyback(crp->crp_flags, crp->crp_buf, enccrd->crd_skip, enccrd->crd_len, buf); - /* OpenBSD doesn't copy this back. Why not? */ + /* + * OpenBSD doesn't copy this back. This primes the IV for the next + * chain. Why do we not do it for decrypt? + */ /*printf("t: %d, %d, %d, %d\n", enccrd->crd_skip, enccrd->crd_len, enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN, AES_BLOCK_LEN);*/ - if (encflag && 0) - crypto_copydata(crp->crp_flags, crp->crp_buf, - enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN, - AES_BLOCK_LEN, ses->iv); + if (encflag && enccrd->crd_alg == CRYPTO_AES_CBC) + bcopy(buf + enccrd->crd_len - AES_BLOCK_LEN, ses->iv, AES_BLOCK_LEN); if (!error && authcrd != NULL) { crypto_copyback(crp->crp_flags, crp->crp_buf,help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201409080451.s884p7mo026960>