Date: Wed, 20 Feb 2019 21:24:56 +0000 (UTC) From: Sean Eric Fagan <sef@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r344388 - head/tools/tools/crypto Message-ID: <201902202124.x1KLOuEF010010@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sef Date: Wed Feb 20 21:24:56 2019 New Revision: 344388 URL: https://svnweb.freebsd.org/changeset/base/344388 Log: It turns out that setting the IV length is necessary with CCM in OpenSSL. This adds that back. Reviewed by: cem Modified: head/tools/tools/crypto/cryptocheck.c Modified: head/tools/tools/crypto/cryptocheck.c ============================================================================== --- head/tools/tools/crypto/cryptocheck.c Wed Feb 20 21:07:09 2019 (r344387) +++ head/tools/tools/crypto/cryptocheck.c Wed Feb 20 21:24:56 2019 (r344388) @@ -1185,6 +1185,9 @@ openssl_ccm_encrypt(struct alg *alg, const EVP_CIPHER if (EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name, size, ERR_error_string(ERR_get_error(), NULL)); + if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, iv_len, NULL) != 1) + errx(1, "OpenSSL %s (%zu) setting iv length failed: %s", alg->name, + size, ERR_error_string(ERR_get_error(), NULL)); if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, AES_CBC_MAC_HASH_LEN, NULL) != 1) errx(1, "OpenSSL %s (%zu) setting tag length failed: %s", alg->name, size, ERR_error_string(ERR_get_error(), NULL));
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201902202124.x1KLOuEF010010>