Page MenuHomeFreeBSD
Files F106141973

D24449.id70657.diff
No OneTemporary
Actions

D24449.id70657.diff
View Options

Index: sys/netipsec/xform_esp.c
===================================================================
--- sys/netipsec/xform_esp.c
+++ sys/netipsec/xform_esp.c
@@ -813,10 +813,9 @@
crp->crp_payload_length = m->m_pkthdr.len - (skip + hlen + alen);
crp->crp_op = CRYPTO_OP_ENCRYPT;
- /* Encryption operation. */
+ /* Generate IV / nonce. */
+ ivp = &crp->crp_iv[0];
if (SAV_ISCTRORGCM(sav)) {
- ivp = &crp->crp_iv[0];
-
/* GCM IV Format: RFC4106 4 */
/* CTR IV Format: RFC3686 4 */
/* Salt is last four bytes of key, RFC4106 8.1 */
@@ -833,8 +832,9 @@
m_copyback(m, skip + hlen - sav->ivlen, sav->ivlen, &ivp[4]);
crp->crp_flags |= CRYPTO_F_IV_SEPARATE;
} else if (sav->ivlen != 0) {
+ arc4rand(ivp, sav->ivlen, 0);
+ m_copyback(m, skip + hlen - sav->ivlen, sav->ivlen, ivp);
crp->crp_iv_start = skip + hlen - sav->ivlen;
- crp->crp_flags |= CRYPTO_F_IV_GENERATE;
}
/* Callback parameters */

File Metadata

Mime Type
text/plain
Expires
Fri, Dec 27, 2:24 AM (9 h, 53 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15610245
Default Alt Text
D24449.id70657.diff (926 B)

Event Timeline