Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 May 2021 23:59:41 GMT
From:      John Baldwin <jhb@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 4a92afae7fcb - main - ktls_ocf: Fix a few places to not hardcode the GMAC hash length.
Message-ID:  <202105252359.14PNxf7v094999@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=4a92afae7fcbb0a8453712dfec5de086aaf5cba4

commit 4a92afae7fcbb0a8453712dfec5de086aaf5cba4
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-05-25 23:59:18 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-05-25 23:59:18 +0000

    ktls_ocf: Fix a few places to not hardcode the GMAC hash length.
    
    This is not a functional change as the Poly1305 hash is the same
    length as the GMAC hash length.
    
    Reviewed by:    gallatin, markj
    Sponsored by:   Netflix
    Differential Revision:  https://reviews.freebsd.org/D30137
---
 sys/opencrypto/ktls_ocf.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/opencrypto/ktls_ocf.c b/sys/opencrypto/ktls_ocf.c
index 2f2249cd3bfe..31aaba119091 100644
--- a/sys/opencrypto/ktls_ocf.c
+++ b/sys/opencrypto/ktls_ocf.c
@@ -416,11 +416,11 @@ ktls_ocf_tls12_aead_encrypt(struct ktls_session *tls,
 	/* Duplicate iovec and append vector for tag. */
 	memcpy(iov, tag_uio->uio_iov, outiovcnt * sizeof(struct iovec));
 	iov[outiovcnt].iov_base = trailer;
-	iov[outiovcnt].iov_len = AES_GMAC_HASH_LEN;
+	iov[outiovcnt].iov_len = tls->params.tls_tlen;
 	tag_uio->uio_iov = iov;
 	tag_uio->uio_iovcnt++;
 	crp.crp_digest_start = tag_uio->uio_resid;
-	tag_uio->uio_resid += AES_GMAC_HASH_LEN;
+	tag_uio->uio_resid += tls->params.tls_tlen;
 
 	crp.crp_op = CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST;
 	crp.crp_flags = CRYPTO_F_CBIMM | CRYPTO_F_IV_SEPARATE;
@@ -505,7 +505,7 @@ ktls_ocf_tls12_aead_decrypt(struct ktls_session *tls,
 	error = ktls_ocf_dispatch(os, &crp);
 
 	crypto_destroyreq(&crp);
-	*trailer_len = AES_GMAC_HASH_LEN;
+	*trailer_len = tls->params.tls_tlen;
 	return (error);
 }

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202105252359.14PNxf7v094999>