Page MenuHomeFreeBSD

D24449.id70821.diff
No OneTemporary

D24449.id70821.diff

Index: head/sys/netipsec/xform_esp.c
===================================================================
--- head/sys/netipsec/xform_esp.c
+++ head/sys/netipsec/xform_esp.c
@@ -813,10 +813,9 @@
crp->crp_payload_length = m->m_pkthdr.len - (skip + hlen + alen);
crp->crp_op = CRYPTO_OP_ENCRYPT;
- /* Encryption operation. */
+ /* Generate IV / nonce. */
+ ivp = &crp->crp_iv[0];
if (SAV_ISCTRORGCM(sav)) {
- ivp = &crp->crp_iv[0];
-
/* GCM IV Format: RFC4106 4 */
/* CTR IV Format: RFC3686 4 */
/* Salt is last four bytes of key, RFC4106 8.1 */
@@ -833,8 +832,9 @@
m_copyback(m, skip + hlen - sav->ivlen, sav->ivlen, &ivp[4]);
crp->crp_flags |= CRYPTO_F_IV_SEPARATE;
} else if (sav->ivlen != 0) {
+ arc4rand(ivp, sav->ivlen, 0);
crp->crp_iv_start = skip + hlen - sav->ivlen;
- crp->crp_flags |= CRYPTO_F_IV_GENERATE;
+ m_copyback(m, crp->crp_iv_start, sav->ivlen, ivp);
}
/* Callback parameters */

File Metadata

Mime Type
text/plain
Expires
Fri, Dec 27, 3:20 AM (10 h, 39 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15605969
Default Alt Text
D24449.id70821.diff (934 B)

Event Timeline