svn commit: r344388 - head/tools/tools/crypto
Sean Eric Fagan
sef at FreeBSD.org
Wed Feb 20 21:24:57 UTC 2019
Author: sef
Date: Wed Feb 20 21:24:56 2019
New Revision: 344388
URL: https://svnweb.freebsd.org/changeset/base/344388
Log:
It turns out that setting the IV length is necessary with CCM in OpenSSL.
This adds that back.
Reviewed by: cem
Modified:
head/tools/tools/crypto/cryptocheck.c
Modified: head/tools/tools/crypto/cryptocheck.c
==============================================================================
--- head/tools/tools/crypto/cryptocheck.c Wed Feb 20 21:07:09 2019 (r344387)
+++ head/tools/tools/crypto/cryptocheck.c Wed Feb 20 21:24:56 2019 (r344388)
@@ -1185,6 +1185,9 @@ openssl_ccm_encrypt(struct alg *alg, const EVP_CIPHER
if (EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1)
errx(1, "OpenSSL %s (%zu) ctx init failed: %s", alg->name,
size, ERR_error_string(ERR_get_error(), NULL));
+ if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, iv_len, NULL) != 1)
+ errx(1, "OpenSSL %s (%zu) setting iv length failed: %s", alg->name,
+ size, ERR_error_string(ERR_get_error(), NULL));
if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, AES_CBC_MAC_HASH_LEN, NULL) != 1)
errx(1, "OpenSSL %s (%zu) setting tag length failed: %s", alg->name,
size, ERR_error_string(ERR_get_error(), NULL));
More information about the svn-src-head
mailing list