svn commit: r286000 - head/sys/netipsec
Ermal Luçi
eri at freebsd.org
Thu Jul 30 05:07:28 UTC 2015
Hello John-Mark,
this was forgotten part on my patches merge from gnn at .
Can it be fixed by correcting the patches rather than re-introducing this?
Most probably the constant definition is wrong on the transforms and also
some part of code removal was missed.
On Wed, Jul 29, 2015 at 9:15 AM, John-Mark Gurney <jmg at freebsd.org> wrote:
> Author: jmg
> Date: Wed Jul 29 07:15:16 2015
> New Revision: 286000
> URL: https://svnweb.freebsd.org/changeset/base/286000
>
> Log:
> RFC4868 section 2.3 requires that the output be half... This fixes
> problems that was introduced in r285336... I have verified that
> HMAC-SHA2-256 both ah only and w/ AES-CBC interoperate w/ a NetBSD
> 6.1.5 vm...
>
> Reviewed by: gnn
>
> Modified:
> head/sys/netipsec/xform.h
> head/sys/netipsec/xform_ah.c
> head/sys/netipsec/xform_esp.c
>
> Modified: head/sys/netipsec/xform.h
>
> ==============================================================================
> --- head/sys/netipsec/xform.h Wed Jul 29 06:35:36 2015 (r285999)
> +++ head/sys/netipsec/xform.h Wed Jul 29 07:15:16 2015 (r286000)
> @@ -105,6 +105,7 @@ struct xformsw {
> #ifdef _KERNEL
> extern void xform_register(struct xformsw*);
> extern int xform_init(struct secasvar *sav, int xftype);
> +extern int xform_ah_authsize(struct auth_hash *esph);
>
> struct cryptoini;
>
>
> Modified: head/sys/netipsec/xform_ah.c
>
> ==============================================================================
> --- head/sys/netipsec/xform_ah.c Wed Jul 29 06:35:36 2015
> (r285999)
> +++ head/sys/netipsec/xform_ah.c Wed Jul 29 07:15:16 2015
> (r286000)
> @@ -85,8 +85,8 @@
> * Return authenticator size in bytes, based on a field in the
> * algorithm descriptor.
> */
> -#define AUTHSIZE(sav) \
> - ((sav->flags & SADB_X_EXT_OLD) ? 16 :
> (sav)->tdb_authalgxform->hashsize)
> +#define AUTHSIZE(sav) ((sav->flags & SADB_X_EXT_OLD) ? 16 : \
> + xform_ah_authsize((sav)->tdb_authalgxform))
>
> VNET_DEFINE(int, ah_enable) = 1; /* control flow of packets with AH
> */
> VNET_DEFINE(int, ah_cleartos) = 1; /* clear ip_tos when doing AH calc
> */
> @@ -112,6 +112,35 @@ static unsigned char ipseczeroes[256]; /
> static int ah_input_cb(struct cryptop*);
> static int ah_output_cb(struct cryptop*);
>
> +int
> +xform_ah_authsize(struct auth_hash *esph)
> +{
> + int alen;
> +
> + if (esph == NULL)
> + return 0;
> +
> + switch (esph->type) {
> + case CRYPTO_SHA2_256_HMAC:
> + case CRYPTO_SHA2_384_HMAC:
> + case CRYPTO_SHA2_512_HMAC:
> + alen = esph->hashsize / 2; /* RFC4868 2.3 */
> + break;
> +
> + case CRYPTO_AES_128_NIST_GMAC:
> + case CRYPTO_AES_192_NIST_GMAC:
> + case CRYPTO_AES_256_NIST_GMAC:
> + alen = esph->hashsize;
> + break;
> +
> + default:
> + alen = AH_HMAC_HASHLEN;
> + break;
> + }
> +
> + return alen;
> +}
> +
> /*
> * NB: this is public for use by the PF_KEY support.
> */
>
> Modified: head/sys/netipsec/xform_esp.c
>
> ==============================================================================
> --- head/sys/netipsec/xform_esp.c Wed Jul 29 06:35:36 2015
> (r285999)
> +++ head/sys/netipsec/xform_esp.c Wed Jul 29 07:15:16 2015
> (r286000)
> @@ -320,7 +320,6 @@ esp_input(struct mbuf *m, struct secasva
> IPSEC_ASSERT(sav != NULL, ("null SA"));
> IPSEC_ASSERT(sav->tdb_encalgxform != NULL, ("null encoding
> xform"));
>
> - alen = 0;
> /* Valid IP Packet length ? */
> if ( (skip&3) || (m->m_pkthdr.len&3) ){
> DPRINTF(("%s: misaligned packet, skip %u pkt len %u",
> @@ -335,13 +334,13 @@ esp_input(struct mbuf *m, struct secasva
> esph = sav->tdb_authalgxform;
> espx = sav->tdb_encalgxform;
>
> - /* Determine the ESP header length */
> + /* Determine the ESP header and auth length */
> if (sav->flags & SADB_X_EXT_OLD)
> hlen = sizeof (struct esp) + sav->ivlen;
> else
> hlen = sizeof (struct newesp) + sav->ivlen;
> - /* Authenticator hash size */
> - alen = esph ? esph->hashsize : 0;
> +
> + alen = xform_ah_authsize(esph);
>
> /*
> * Verify payload length is multiple of encryption algorithm
> @@ -530,7 +529,7 @@ esp_input_cb(struct cryptop *crp)
>
> /* If authentication was performed, check now. */
> if (esph != NULL) {
> - alen = esph->hashsize;
> + alen = xform_ah_authsize(esph);
> AHSTAT_INC(ahs_hist[sav->alg_auth]);
> /* Copy the authenticator from the packet */
> m_copydata(m, m->m_pkthdr.len - alen, alen, aalg);
> @@ -700,10 +699,7 @@ esp_output(struct mbuf *m, struct ipsecr
> /* XXX clamp padding length a la KAME??? */
> padding = ((blks - ((rlen + 2) % blks)) % blks) + 2;
>
> - if (esph)
> - alen = esph->hashsize;
> - else
> - alen = 0;
> + alen = xform_ah_authsize(esph);
>
> ESPSTAT_INC(esps_output);
>
> @@ -983,21 +979,7 @@ esp_output_cb(struct cryptop *crp)
> if (esph != NULL) {
> int alen;
>
> - switch (esph->type) {
> - case CRYPTO_SHA2_256_HMAC:
> - case CRYPTO_SHA2_384_HMAC:
> - case CRYPTO_SHA2_512_HMAC:
> - alen = esph->hashsize/2;
> - break;
> - case CRYPTO_AES_128_NIST_GMAC:
> - case CRYPTO_AES_192_NIST_GMAC:
> - case CRYPTO_AES_256_NIST_GMAC:
> - alen = esph->hashsize;
> - break;
> - default:
> - alen = AH_HMAC_HASHLEN;
> - break;
> - }
> + alen = xform_ah_authsize(esph);
> m_copyback(m, m->m_pkthdr.len - alen,
> alen, ipseczeroes);
> }
>
> --
> Ermal
>
More information about the svn-src-head
mailing list