| xform_esp.c (282046) | xform_esp.c (285336) |
|---|---|
| 1/* $FreeBSD: head/sys/netipsec/xform_esp.c 282046 2015-04-27 00:55:56Z ae $ */ | 1/* $FreeBSD: head/sys/netipsec/xform_esp.c 285336 2015-07-09 18:16:35Z gnn $ */ |
| 2/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */ 3/*- 4 * The authors of this code are John Ioannidis (ji@tla.org), 5 * Angelos D. Keromytis (kermit@csd.uch.gr) and 6 * Niels Provos (provos@physnet.uni-hamburg.de). 7 * 8 * The original version of this code was written by John Ioannidis 9 * for BSD/OS in Athens, Greece, in November 1995. --- 106 unchanged lines hidden (view full) --- 116 case SADB_X_EALG_CAST128CBC: 117 return &enc_xform_cast5; 118 case SADB_X_EALG_SKIPJACK: 119 return &enc_xform_skipjack; 120 case SADB_EALG_NULL: 121 return &enc_xform_null; 122 case SADB_X_EALG_CAMELLIACBC: 123 return &enc_xform_camellia; | 2/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */ 3/*- 4 * The authors of this code are John Ioannidis (ji@tla.org), 5 * Angelos D. Keromytis (kermit@csd.uch.gr) and 6 * Niels Provos (provos@physnet.uni-hamburg.de). 7 * 8 * The original version of this code was written by John Ioannidis 9 * for BSD/OS in Athens, Greece, in November 1995. --- 106 unchanged lines hidden (view full) --- 116 case SADB_X_EALG_CAST128CBC: 117 return &enc_xform_cast5; 118 case SADB_X_EALG_SKIPJACK: 119 return &enc_xform_skipjack; 120 case SADB_EALG_NULL: 121 return &enc_xform_null; 122 case SADB_X_EALG_CAMELLIACBC: 123 return &enc_xform_camellia; |
| 124 case SADB_X_EALG_AESCTR: 125 return &enc_xform_aes_icm; 126 case SADB_X_EALG_AESGCM16: 127 return &enc_xform_aes_nist_gcm; 128 case SADB_X_EALG_AESGMAC: 129 return &enc_xform_aes_nist_gmac; |
|
| 124 } 125 return NULL; 126} 127 128size_t 129esp_hdrsiz(struct secasvar *sav) 130{ 131 size_t size; --- 61 unchanged lines hidden (view full) --- 193 } 194 195 /* 196 * NB: The null xform needs a non-zero blocksize to keep the 197 * crypto code happy but if we use it to set ivlen then 198 * the ESP header will be processed incorrectly. The 199 * compromise is to force it to zero here. 200 */ | 130 } 131 return NULL; 132} 133 134size_t 135esp_hdrsiz(struct secasvar *sav) 136{ 137 size_t size; --- 61 unchanged lines hidden (view full) --- 199 } 200 201 /* 202 * NB: The null xform needs a non-zero blocksize to keep the 203 * crypto code happy but if we use it to set ivlen then 204 * the ESP header will be processed incorrectly. The 205 * compromise is to force it to zero here. 206 */ |
| 201 sav->ivlen = (txform == &enc_xform_null ? 0 : txform->blocksize); | 207 sav->ivlen = (txform == &enc_xform_null ? 0 : txform->ivsize); |
| 202 sav->iv = (caddr_t) malloc(sav->ivlen, M_XDATA, M_WAITOK); 203 key_randomfill(sav->iv, sav->ivlen); /*XXX*/ 204 205 /* 206 * Setup AH-related state. 207 */ 208 if (sav->alg_auth != 0) { 209 error = ah_init0(sav, xsp, &cria); 210 if (error) 211 return error; 212 } 213 214 /* NB: override anything set in ah_init0 */ 215 sav->tdb_xform = xsp; 216 sav->tdb_encalgxform = txform; 217 | 208 sav->iv = (caddr_t) malloc(sav->ivlen, M_XDATA, M_WAITOK); 209 key_randomfill(sav->iv, sav->ivlen); /*XXX*/ 210 211 /* 212 * Setup AH-related state. 213 */ 214 if (sav->alg_auth != 0) { 215 error = ah_init0(sav, xsp, &cria); 216 if (error) 217 return error; 218 } 219 220 /* NB: override anything set in ah_init0 */ 221 sav->tdb_xform = xsp; 222 sav->tdb_encalgxform = txform; 223 |
| 224 /* 225 * Whenever AES-GCM is used for encryption, one 226 * of the AES authentication algorithms is chosen 227 * as well, based on the key size. 228 */ 229 if (sav->alg_enc == SADB_X_EALG_AESGCM16) { 230 switch (keylen) { 231 case AES_128_HMAC_KEY_LEN: 232 sav->alg_auth = SADB_X_AALG_AES128GMAC; 233 sav->tdb_authalgxform = &auth_hash_nist_gmac_aes_128; 234 break; 235 case AES_192_HMAC_KEY_LEN: 236 sav->alg_auth = SADB_X_AALG_AES192GMAC; 237 sav->tdb_authalgxform = &auth_hash_nist_gmac_aes_192; 238 break; 239 case AES_256_HMAC_KEY_LEN: 240 sav->alg_auth = SADB_X_AALG_AES256GMAC; 241 sav->tdb_authalgxform = &auth_hash_nist_gmac_aes_256; 242 break; 243 default: 244 DPRINTF(("%s: invalid key length %u" 245 "for algorithm %s\n", __func__, 246 keylen, txform->name)); 247 return EINVAL; 248 } 249 bzero(&cria, sizeof(cria)); 250 cria.cri_alg = sav->tdb_authalgxform->type; 251 cria.cri_klen = _KEYBITS(sav->key_enc) + 4; 252 cria.cri_key = sav->key_enc->key_data; 253 } 254 |
|
| 218 /* Initialize crypto session. */ 219 bzero(&crie, sizeof (crie)); 220 crie.cri_alg = sav->tdb_encalgxform->type; 221 crie.cri_klen = _KEYBITS(sav->key_enc); 222 crie.cri_key = sav->key_enc->key_data; | 255 /* Initialize crypto session. */ 256 bzero(&crie, sizeof (crie)); 257 crie.cri_alg = sav->tdb_encalgxform->type; 258 crie.cri_klen = _KEYBITS(sav->key_enc); 259 crie.cri_key = sav->key_enc->key_data; |
| 260 if (sav->alg_enc == SADB_X_EALG_AESGCM16) 261 arc4rand(crie.cri_iv, sav->ivlen, 0); 262 |
|
| 223 /* XXX Rounds ? */ 224 225 if (sav->tdb_authalgxform && sav->tdb_encalgxform) { 226 /* init both auth & enc */ 227 crie.cri_next = &cria; 228 error = crypto_newsession(&sav->tdb_cryptoid, 229 &crie, V_crypto_support); 230 } else if (sav->tdb_encalgxform) { --- 53 unchanged lines hidden (view full) --- 284 /* Valid IP Packet length ? */ 285 if ( (skip&3) || (m->m_pkthdr.len&3) ){ 286 DPRINTF(("%s: misaligned packet, skip %u pkt len %u", 287 __func__, skip, m->m_pkthdr.len)); 288 ESPSTAT_INC(esps_badilen); 289 m_freem(m); 290 return EINVAL; 291 } | 263 /* XXX Rounds ? */ 264 265 if (sav->tdb_authalgxform && sav->tdb_encalgxform) { 266 /* init both auth & enc */ 267 crie.cri_next = &cria; 268 error = crypto_newsession(&sav->tdb_cryptoid, 269 &crie, V_crypto_support); 270 } else if (sav->tdb_encalgxform) { --- 53 unchanged lines hidden (view full) --- 324 /* Valid IP Packet length ? */ 325 if ( (skip&3) || (m->m_pkthdr.len&3) ){ 326 DPRINTF(("%s: misaligned packet, skip %u pkt len %u", 327 __func__, skip, m->m_pkthdr.len)); 328 ESPSTAT_INC(esps_badilen); 329 m_freem(m); 330 return EINVAL; 331 } |
| 292 | |
| 293 /* XXX don't pullup, just copy header */ 294 IP6_EXTHDR_GET(esp, struct newesp *, m, skip, sizeof (struct newesp)); 295 296 esph = sav->tdb_authalgxform; 297 espx = sav->tdb_encalgxform; 298 299 /* Determine the ESP header length */ 300 if (sav->flags & SADB_X_EXT_OLD) 301 hlen = sizeof (struct esp) + sav->ivlen; 302 else 303 hlen = sizeof (struct newesp) + sav->ivlen; 304 /* Authenticator hash size */ | 332 /* XXX don't pullup, just copy header */ 333 IP6_EXTHDR_GET(esp, struct newesp *, m, skip, sizeof (struct newesp)); 334 335 esph = sav->tdb_authalgxform; 336 espx = sav->tdb_encalgxform; 337 338 /* Determine the ESP header length */ 339 if (sav->flags & SADB_X_EXT_OLD) 340 hlen = sizeof (struct esp) + sav->ivlen; 341 else 342 hlen = sizeof (struct newesp) + sav->ivlen; 343 /* Authenticator hash size */ |
| 305 if (esph != NULL) { 306 switch (esph->type) { 307 case CRYPTO_SHA2_256_HMAC: 308 case CRYPTO_SHA2_384_HMAC: 309 case CRYPTO_SHA2_512_HMAC: 310 alen = esph->hashsize/2; 311 break; 312 default: 313 alen = AH_HMAC_HASHLEN; 314 break; 315 } 316 } | 344 alen = esph ? esph->hashsize : 0; |
| 317 318 /* 319 * Verify payload length is multiple of encryption algorithm 320 * block size. 321 * 322 * NB: This works for the null algorithm because the blocksize 323 * is 4 and all packets must be 4-byte aligned regardless 324 * of the algorithm. 325 */ 326 plen = m->m_pkthdr.len - (skip + hlen + alen); 327 if ((plen & (espx->blocksize - 1)) || (plen <= 0)) { | 345 346 /* 347 * Verify payload length is multiple of encryption algorithm 348 * block size. 349 * 350 * NB: This works for the null algorithm because the blocksize 351 * is 4 and all packets must be 4-byte aligned regardless 352 * of the algorithm. 353 */ 354 plen = m->m_pkthdr.len - (skip + hlen + alen); 355 if ((plen & (espx->blocksize - 1)) || (plen <= 0)) { |
| 328 DPRINTF(("%s: payload of %d octets not a multiple of %d octets," 329 " SA %s/%08lx\n", __func__, 330 plen, espx->blocksize, ipsec_address(&sav->sah->saidx.dst, 331 buf, sizeof(buf)), (u_long) ntohl(sav->spi))); 332 ESPSTAT_INC(esps_badilen); 333 m_freem(m); 334 return EINVAL; | 356 if (!espx || sav->alg_enc != SADB_X_EALG_AESGCM16) { 357 DPRINTF(("%s: payload of %d octets not a multiple of %d octets," 358 " SA %s/%08lx\n", __func__, 359 plen, espx->blocksize, ipsec_address(&sav->sah->saidx.dst, 360 buf, sizeof(buf)), (u_long) ntohl(sav->spi))); 361 ESPSTAT_INC(esps_badilen); 362 m_freem(m); 363 return EINVAL; 364 } |
| 335 } 336 337 /* 338 * Check sequence number. 339 */ 340 if (esph != NULL && sav->replay != NULL && 341 !ipsec_chkreplay(ntohl(esp->esp_seq), sav)) { 342 DPRINTF(("%s: packet replay check for %s\n", __func__, --- 29 unchanged lines hidden (view full) --- 372 373 if (esph != NULL) { 374 struct cryptodesc *crda = crp->crp_desc; 375 376 IPSEC_ASSERT(crda != NULL, ("null ah crypto descriptor")); 377 378 /* Authentication descriptor */ 379 crda->crd_skip = skip; | 365 } 366 367 /* 368 * Check sequence number. 369 */ 370 if (esph != NULL && sav->replay != NULL && 371 !ipsec_chkreplay(ntohl(esp->esp_seq), sav)) { 372 DPRINTF(("%s: packet replay check for %s\n", __func__, --- 29 unchanged lines hidden (view full) --- 402 403 if (esph != NULL) { 404 struct cryptodesc *crda = crp->crp_desc; 405 406 IPSEC_ASSERT(crda != NULL, ("null ah crypto descriptor")); 407 408 /* Authentication descriptor */ 409 crda->crd_skip = skip; |
| 380 crda->crd_len = m->m_pkthdr.len - (skip + alen); | 410 if (espx && espx->type == CRYPTO_AES_NIST_GCM_16) 411 crda->crd_len = hlen - sav->ivlen; 412 else 413 crda->crd_len = m->m_pkthdr.len - (skip + alen); |
| 381 crda->crd_inject = m->m_pkthdr.len - alen; 382 383 crda->crd_alg = esph->type; | 414 crda->crd_inject = m->m_pkthdr.len - alen; 415 416 crda->crd_alg = esph->type; |
| 384 crda->crd_key = sav->key_auth->key_data; 385 crda->crd_klen = _KEYBITS(sav->key_auth); | 417 if (espx && (espx->type == CRYPTO_AES_NIST_GCM_16)) { 418 crda->crd_key = sav->key_enc->key_data; 419 crda->crd_klen = _KEYBITS(sav->key_enc); 420 } else { 421 crda->crd_key = sav->key_auth->key_data; 422 crda->crd_klen = _KEYBITS(sav->key_auth); 423 } |
| 386 387 /* Copy the authenticator */ 388 m_copydata(m, m->m_pkthdr.len - alen, alen, 389 (caddr_t) (tc + 1)); 390 391 /* Chain authentication request */ 392 crde = crda->crd_next; 393 } else { --- 21 unchanged lines hidden (view full) --- 415 IPSEC_ASSERT(crde != NULL, ("null esp crypto descriptor")); 416 crde->crd_skip = skip + hlen; 417 crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen); 418 crde->crd_inject = skip + hlen - sav->ivlen; 419 420 crde->crd_alg = espx->type; 421 crde->crd_key = sav->key_enc->key_data; 422 crde->crd_klen = _KEYBITS(sav->key_enc); | 424 425 /* Copy the authenticator */ 426 m_copydata(m, m->m_pkthdr.len - alen, alen, 427 (caddr_t) (tc + 1)); 428 429 /* Chain authentication request */ 430 crde = crda->crd_next; 431 } else { --- 21 unchanged lines hidden (view full) --- 453 IPSEC_ASSERT(crde != NULL, ("null esp crypto descriptor")); 454 crde->crd_skip = skip + hlen; 455 crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen); 456 crde->crd_inject = skip + hlen - sav->ivlen; 457 458 crde->crd_alg = espx->type; 459 crde->crd_key = sav->key_enc->key_data; 460 crde->crd_klen = _KEYBITS(sav->key_enc); |
| 461 if (espx && (espx->type == CRYPTO_AES_NIST_GCM_16)) 462 crde->crd_flags |= CRD_F_IV_EXPLICIT; 463 |
|
| 423 /* XXX Rounds ? */ 424 425 return (crypto_dispatch(crp)); 426} 427 428/* 429 * ESP input callback from the crypto driver. 430 */ --- 53 unchanged lines hidden (view full) --- 484 DPRINTF(("%s: bogus returned buffer from crypto\n", __func__)); 485 error = EINVAL; 486 goto bad; 487 } 488 ESPSTAT_INC(esps_hist[sav->alg_enc]); 489 490 /* If authentication was performed, check now. */ 491 if (esph != NULL) { | 464 /* XXX Rounds ? */ 465 466 return (crypto_dispatch(crp)); 467} 468 469/* 470 * ESP input callback from the crypto driver. 471 */ --- 53 unchanged lines hidden (view full) --- 525 DPRINTF(("%s: bogus returned buffer from crypto\n", __func__)); 526 error = EINVAL; 527 goto bad; 528 } 529 ESPSTAT_INC(esps_hist[sav->alg_enc]); 530 531 /* If authentication was performed, check now. */ 532 if (esph != NULL) { |
| 492 switch (esph->type) { 493 case CRYPTO_SHA2_256_HMAC: 494 case CRYPTO_SHA2_384_HMAC: 495 case CRYPTO_SHA2_512_HMAC: 496 alen = esph->hashsize/2; 497 break; 498 default: 499 alen = AH_HMAC_HASHLEN; 500 break; 501 } | 533 alen = esph->hashsize; |
| 502 AHSTAT_INC(ahs_hist[sav->alg_auth]); 503 /* Copy the authenticator from the packet */ 504 m_copydata(m, m->m_pkthdr.len - alen, alen, aalg); 505 ptr = (caddr_t) (tc + 1); 506 507 /* Verify authenticator */ 508 if (bcmp(ptr, aalg, alen) != 0) { 509 DPRINTF(("%s: authentication hash mismatch for " --- 148 unchanged lines hidden (view full) --- 658 else 659 hlen = sizeof (struct newesp) + sav->ivlen; 660 661 rlen = m->m_pkthdr.len - skip; /* Raw payload length. */ 662 /* 663 * NB: The null encoding transform has a blocksize of 4 664 * so that headers are properly aligned. 665 */ | 534 AHSTAT_INC(ahs_hist[sav->alg_auth]); 535 /* Copy the authenticator from the packet */ 536 m_copydata(m, m->m_pkthdr.len - alen, alen, aalg); 537 ptr = (caddr_t) (tc + 1); 538 539 /* Verify authenticator */ 540 if (bcmp(ptr, aalg, alen) != 0) { 541 DPRINTF(("%s: authentication hash mismatch for " --- 148 unchanged lines hidden (view full) --- 690 else 691 hlen = sizeof (struct newesp) + sav->ivlen; 692 693 rlen = m->m_pkthdr.len - skip; /* Raw payload length. */ 694 /* 695 * NB: The null encoding transform has a blocksize of 4 696 * so that headers are properly aligned. 697 */ |
| 666 blks = espx->blocksize; /* IV blocksize */ | 698 blks = espx->ivsize; /* IV blocksize */ |
| 667 668 /* XXX clamp padding length a la KAME??? */ 669 padding = ((blks - ((rlen + 2) % blks)) % blks) + 2; 670 671 if (esph) | 699 700 /* XXX clamp padding length a la KAME??? */ 701 padding = ((blks - ((rlen + 2) % blks)) % blks) + 2; 702 703 if (esph) |
| 672 switch (esph->type) { 673 case CRYPTO_SHA2_256_HMAC: 674 case CRYPTO_SHA2_384_HMAC: 675 case CRYPTO_SHA2_512_HMAC: 676 alen = esph->hashsize/2; 677 break; 678 default: 679 alen = AH_HMAC_HASHLEN; 680 break; 681 } | 704 alen = esph->hashsize; |
| 682 else 683 alen = 0; 684 685 ESPSTAT_INC(esps_output); 686 687 saidx = &sav->sah->saidx; 688 /* Check for maximum packet size violations. */ 689 switch (saidx->dst.sa.sa_family) { --- 11 unchanged lines hidden (view full) --- 701 DPRINTF(("%s: unknown/unsupported protocol " 702 "family %d, SA %s/%08lx\n", __func__, 703 saidx->dst.sa.sa_family, ipsec_address(&saidx->dst, 704 buf, sizeof(buf)), (u_long) ntohl(sav->spi))); 705 ESPSTAT_INC(esps_nopf); 706 error = EPFNOSUPPORT; 707 goto bad; 708 } | 705 else 706 alen = 0; 707 708 ESPSTAT_INC(esps_output); 709 710 saidx = &sav->sah->saidx; 711 /* Check for maximum packet size violations. */ 712 switch (saidx->dst.sa.sa_family) { --- 11 unchanged lines hidden (view full) --- 724 DPRINTF(("%s: unknown/unsupported protocol " 725 "family %d, SA %s/%08lx\n", __func__, 726 saidx->dst.sa.sa_family, ipsec_address(&saidx->dst, 727 buf, sizeof(buf)), (u_long) ntohl(sav->spi))); 728 ESPSTAT_INC(esps_nopf); 729 error = EPFNOSUPPORT; 730 goto bad; 731 } |
| 732 DPRINTF(("%s: skip %d hlen %d rlen %d padding %d alen %d blksd %d\n", 733 __func__, skip, hlen, rlen, padding, alen, blks)); |
|
| 709 if (skip + hlen + rlen + padding + alen > maxpacketsize) { 710 DPRINTF(("%s: packet in SA %s/%08lx got too big " 711 "(len %u, max len %u)\n", __func__, 712 ipsec_address(&saidx->dst, buf, sizeof(buf)), 713 (u_long) ntohl(sav->spi), 714 skip + hlen + rlen + padding + alen, maxpacketsize)); 715 ESPSTAT_INC(esps_toobig); 716 error = EMSGSIZE; --- 98 unchanged lines hidden (view full) --- 815 crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen); 816 crde->crd_flags = CRD_F_ENCRYPT; 817 crde->crd_inject = skip + hlen - sav->ivlen; 818 819 /* Encryption operation. */ 820 crde->crd_alg = espx->type; 821 crde->crd_key = sav->key_enc->key_data; 822 crde->crd_klen = _KEYBITS(sav->key_enc); | 734 if (skip + hlen + rlen + padding + alen > maxpacketsize) { 735 DPRINTF(("%s: packet in SA %s/%08lx got too big " 736 "(len %u, max len %u)\n", __func__, 737 ipsec_address(&saidx->dst, buf, sizeof(buf)), 738 (u_long) ntohl(sav->spi), 739 skip + hlen + rlen + padding + alen, maxpacketsize)); 740 ESPSTAT_INC(esps_toobig); 741 error = EMSGSIZE; --- 98 unchanged lines hidden (view full) --- 840 crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen); 841 crde->crd_flags = CRD_F_ENCRYPT; 842 crde->crd_inject = skip + hlen - sav->ivlen; 843 844 /* Encryption operation. */ 845 crde->crd_alg = espx->type; 846 crde->crd_key = sav->key_enc->key_data; 847 crde->crd_klen = _KEYBITS(sav->key_enc); |
| 848 if (espx->type == CRYPTO_AES_NIST_GCM_16) 849 crde->crd_flags |= CRD_F_IV_EXPLICIT; |
|
| 823 /* XXX Rounds ? */ 824 } else 825 crda = crp->crp_desc; 826 827 /* IPsec-specific opaque crypto info. */ 828 tc = (struct tdb_crypto *) malloc(sizeof(struct tdb_crypto), 829 M_XDATA, M_NOWAIT|M_ZERO); 830 if (tc == NULL) { --- 18 unchanged lines hidden (view full) --- 849 crp->crp_buf = (caddr_t) m; 850 crp->crp_callback = esp_output_cb; 851 crp->crp_opaque = (caddr_t) tc; 852 crp->crp_sid = sav->tdb_cryptoid; 853 854 if (esph) { 855 /* Authentication descriptor. */ 856 crda->crd_skip = skip; | 850 /* XXX Rounds ? */ 851 } else 852 crda = crp->crp_desc; 853 854 /* IPsec-specific opaque crypto info. */ 855 tc = (struct tdb_crypto *) malloc(sizeof(struct tdb_crypto), 856 M_XDATA, M_NOWAIT|M_ZERO); 857 if (tc == NULL) { --- 18 unchanged lines hidden (view full) --- 876 crp->crp_buf = (caddr_t) m; 877 crp->crp_callback = esp_output_cb; 878 crp->crp_opaque = (caddr_t) tc; 879 crp->crp_sid = sav->tdb_cryptoid; 880 881 if (esph) { 882 /* Authentication descriptor. */ 883 crda->crd_skip = skip; |
| 857 crda->crd_len = m->m_pkthdr.len - (skip + alen); | 884 if (espx && espx->type == CRYPTO_AES_NIST_GCM_16) 885 crda->crd_len = hlen - sav->ivlen; 886 else 887 crda->crd_len = m->m_pkthdr.len - (skip + alen); |
| 858 crda->crd_inject = m->m_pkthdr.len - alen; 859 860 /* Authentication operation. */ 861 crda->crd_alg = esph->type; | 888 crda->crd_inject = m->m_pkthdr.len - alen; 889 890 /* Authentication operation. */ 891 crda->crd_alg = esph->type; |
| 862 crda->crd_key = sav->key_auth->key_data; 863 crda->crd_klen = _KEYBITS(sav->key_auth); | 892 if (espx && espx->type == CRYPTO_AES_NIST_GCM_16) { 893 crda->crd_key = sav->key_enc->key_data; 894 crda->crd_klen = _KEYBITS(sav->key_enc); 895 } else { 896 crda->crd_key = sav->key_auth->key_data; 897 crda->crd_klen = _KEYBITS(sav->key_auth); 898 } 899 |
| 864 } 865 866 return crypto_dispatch(crp); 867bad: 868 if (m) 869 m_freem(m); 870 return (error); 871} --- 76 unchanged lines hidden (view full) --- 948 int alen; 949 950 switch (esph->type) { 951 case CRYPTO_SHA2_256_HMAC: 952 case CRYPTO_SHA2_384_HMAC: 953 case CRYPTO_SHA2_512_HMAC: 954 alen = esph->hashsize/2; 955 break; | 900 } 901 902 return crypto_dispatch(crp); 903bad: 904 if (m) 905 m_freem(m); 906 return (error); 907} --- 76 unchanged lines hidden (view full) --- 984 int alen; 985 986 switch (esph->type) { 987 case CRYPTO_SHA2_256_HMAC: 988 case CRYPTO_SHA2_384_HMAC: 989 case CRYPTO_SHA2_512_HMAC: 990 alen = esph->hashsize/2; 991 break; |
| 992 case CRYPTO_AES_128_GMAC: 993 case CRYPTO_AES_192_GMAC: 994 case CRYPTO_AES_256_GMAC: 995 alen = esph->hashsize; 996 break; |
|
| 956 default: 957 alen = AH_HMAC_HASHLEN; 958 break; 959 } 960 m_copyback(m, m->m_pkthdr.len - alen, 961 alen, ipseczeroes); 962 } 963 } --- 33 unchanged lines hidden --- | 997 default: 998 alen = AH_HMAC_HASHLEN; 999 break; 1000 } 1001 m_copyback(m, m->m_pkthdr.len - alen, 1002 alen, ipseczeroes); 1003 } 1004 } --- 33 unchanged lines hidden --- |