Date: Wed, 29 Jul 2015 14:53:20 +0200 From: =?UTF-8?Q?Ermal_Lu=C3=A7i?= <eri@freebsd.org> To: John-Mark Gurney <jmg@freebsd.org>, George Neville-Neil <gnn@neville-neil.com> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r286000 - head/sys/netipsec Message-ID: <CAPBZQG3GS-wzEohLY8=Jewz_2JiFkAbArxKMFPxMz4JFg34_Hg@mail.gmail.com> In-Reply-To: <201507290715.t6T7FHGb094456@repo.freebsd.org> References: <201507290715.t6T7FHGb094456@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello John-Mark, this was forgotten part on my patches merge from gnn@. Can it be fixed by correcting the patches rather than re-introducing this? Most probably the constant definition is wrong on the transforms and also some part of code removal was missed. On Wed, Jul 29, 2015 at 9:15 AM, John-Mark Gurney <jmg@freebsd.org> wrote: > Author: jmg > Date: Wed Jul 29 07:15:16 2015 > New Revision: 286000 > URL: https://svnweb.freebsd.org/changeset/base/286000 > > Log: > RFC4868 section 2.3 requires that the output be half... This fixes > problems that was introduced in r285336... I have verified that > HMAC-SHA2-256 both ah only and w/ AES-CBC interoperate w/ a NetBSD > 6.1.5 vm... > > Reviewed by: gnn > > Modified: > head/sys/netipsec/xform.h > head/sys/netipsec/xform_ah.c > head/sys/netipsec/xform_esp.c > > Modified: head/sys/netipsec/xform.h > > ============================================================================== > --- head/sys/netipsec/xform.h Wed Jul 29 06:35:36 2015 (r285999) > +++ head/sys/netipsec/xform.h Wed Jul 29 07:15:16 2015 (r286000) > @@ -105,6 +105,7 @@ struct xformsw { > #ifdef _KERNEL > extern void xform_register(struct xformsw*); > extern int xform_init(struct secasvar *sav, int xftype); > +extern int xform_ah_authsize(struct auth_hash *esph); > > struct cryptoini; > > > Modified: head/sys/netipsec/xform_ah.c > > ============================================================================== > --- head/sys/netipsec/xform_ah.c Wed Jul 29 06:35:36 2015 > (r285999) > +++ head/sys/netipsec/xform_ah.c Wed Jul 29 07:15:16 2015 > (r286000) > @@ -85,8 +85,8 @@ > * Return authenticator size in bytes, based on a field in the > * algorithm descriptor. > */ > -#define AUTHSIZE(sav) \ > - ((sav->flags & SADB_X_EXT_OLD) ? 16 : > (sav)->tdb_authalgxform->hashsize) > +#define AUTHSIZE(sav) ((sav->flags & SADB_X_EXT_OLD) ? 16 : \ > + xform_ah_authsize((sav)->tdb_authalgxform)) > > VNET_DEFINE(int, ah_enable) = 1; /* control flow of packets with AH > */ > VNET_DEFINE(int, ah_cleartos) = 1; /* clear ip_tos when doing AH calc > */ > @@ -112,6 +112,35 @@ static unsigned char ipseczeroes[256]; / > static int ah_input_cb(struct cryptop*); > static int ah_output_cb(struct cryptop*); > > +int > +xform_ah_authsize(struct auth_hash *esph) > +{ > + int alen; > + > + if (esph == NULL) > + return 0; > + > + switch (esph->type) { > + case CRYPTO_SHA2_256_HMAC: > + case CRYPTO_SHA2_384_HMAC: > + case CRYPTO_SHA2_512_HMAC: > + alen = esph->hashsize / 2; /* RFC4868 2.3 */ > + break; > + > + case CRYPTO_AES_128_NIST_GMAC: > + case CRYPTO_AES_192_NIST_GMAC: > + case CRYPTO_AES_256_NIST_GMAC: > + alen = esph->hashsize; > + break; > + > + default: > + alen = AH_HMAC_HASHLEN; > + break; > + } > + > + return alen; > +} > + > /* > * NB: this is public for use by the PF_KEY support. > */ > > Modified: head/sys/netipsec/xform_esp.c > > ============================================================================== > --- head/sys/netipsec/xform_esp.c Wed Jul 29 06:35:36 2015 > (r285999) > +++ head/sys/netipsec/xform_esp.c Wed Jul 29 07:15:16 2015 > (r286000) > @@ -320,7 +320,6 @@ esp_input(struct mbuf *m, struct secasva > IPSEC_ASSERT(sav != NULL, ("null SA")); > IPSEC_ASSERT(sav->tdb_encalgxform != NULL, ("null encoding > xform")); > > - alen = 0; > /* Valid IP Packet length ? */ > if ( (skip&3) || (m->m_pkthdr.len&3) ){ > DPRINTF(("%s: misaligned packet, skip %u pkt len %u", > @@ -335,13 +334,13 @@ esp_input(struct mbuf *m, struct secasva > esph = sav->tdb_authalgxform; > espx = sav->tdb_encalgxform; > > - /* Determine the ESP header length */ > + /* Determine the ESP header and auth length */ > if (sav->flags & SADB_X_EXT_OLD) > hlen = sizeof (struct esp) + sav->ivlen; > else > hlen = sizeof (struct newesp) + sav->ivlen; > - /* Authenticator hash size */ > - alen = esph ? esph->hashsize : 0; > + > + alen = xform_ah_authsize(esph); > > /* > * Verify payload length is multiple of encryption algorithm > @@ -530,7 +529,7 @@ esp_input_cb(struct cryptop *crp) > > /* If authentication was performed, check now. */ > if (esph != NULL) { > - alen = esph->hashsize; > + alen = xform_ah_authsize(esph); > AHSTAT_INC(ahs_hist[sav->alg_auth]); > /* Copy the authenticator from the packet */ > m_copydata(m, m->m_pkthdr.len - alen, alen, aalg); > @@ -700,10 +699,7 @@ esp_output(struct mbuf *m, struct ipsecr > /* XXX clamp padding length a la KAME??? */ > padding = ((blks - ((rlen + 2) % blks)) % blks) + 2; > > - if (esph) > - alen = esph->hashsize; > - else > - alen = 0; > + alen = xform_ah_authsize(esph); > > ESPSTAT_INC(esps_output); > > @@ -983,21 +979,7 @@ esp_output_cb(struct cryptop *crp) > if (esph != NULL) { > int alen; > > - switch (esph->type) { > - case CRYPTO_SHA2_256_HMAC: > - case CRYPTO_SHA2_384_HMAC: > - case CRYPTO_SHA2_512_HMAC: > - alen = esph->hashsize/2; > - break; > - case CRYPTO_AES_128_NIST_GMAC: > - case CRYPTO_AES_192_NIST_GMAC: > - case CRYPTO_AES_256_NIST_GMAC: > - alen = esph->hashsize; > - break; > - default: > - alen = AH_HMAC_HASHLEN; > - break; > - } > + alen = xform_ah_authsize(esph); > m_copyback(m, m->m_pkthdr.len - alen, > alen, ipseczeroes); > } > > -- > Ermal >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPBZQG3GS-wzEohLY8=Jewz_2JiFkAbArxKMFPxMz4JFg34_Hg>