On Mon, Feb 12, 2018 at 15:47 +0100, Renaud Allard wrote:
> 
> 
> On 02/12/2018 01:32 PM, Renaud Allard wrote:
> > Hello,
> > 
> > I am running OpenBSD 6.2 i386 on a VIA CPU with padlock.
> > cpu0: VIA Eden Processor 1000MHz ("CentaurHauls" 686-class) 1 GHz
> > cpu0: RNG AES AES-CTR SHA1 SHA256 RSA
> > 
> > ipsec with SHA/AES was running fine until I upgraded to 6.2. I could not
> > reproduce this issue anywhere else than on that hardware.
> > 
> > When I run an ipsec tunnel (ikev1) with AES and SHA, I can see flows and
> > SA with ipsecctl -s. But no packet ever goes through enc0.
> > 
> > If I configure the tunnel to use hmac-md5 and 3des, for which there is
> > no padlock support (everything else being the same), the tunnel just
> > works fine.
> > 
> > I am now running -current and the issue is still present.
> > 
> > I suppose there is an issue that appeared some time between 6.1 and 6.2
> > which made the crypto acceleration fail with that CPU (and probably with
> > other padlock enabled CPUs too).
> > 
> 
> I tried multiple configurations, and actually, only AES doesn't work.
> SHA1 till SHA2-512 work, 3DES and blowfish work.
> 


Hi,

Thank you for your report, I think I forgot to convert bits to bytes.
Please test the diff below.

Cheers,
Mike


diff --git sys/arch/amd64/amd64/via.c sys/arch/amd64/amd64/via.c
index c0e1e540b12..818c35f53d0 100644
--- sys/arch/amd64/amd64/via.c
+++ sys/arch/amd64/amd64/via.c
@@ -177,13 +177,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct cryptoini 
*cri)
                        ses->ses_klen = c->cri_klen;
                        ses->ses_cw0 = cw0;
 
                        /* Build expanded keys for both directions */
                        AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key,
-                           c->cri_klen);
+                           c->cri_klen / 8);
                        AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key,
-                           c->cri_klen);
+                           c->cri_klen / 8);
                        for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) {
                                ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
                                ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
                        }
 
diff --git sys/arch/i386/i386/via.c sys/arch/i386/i386/via.c
index 860fa45c0ac..83a092c24b7 100644
--- sys/arch/i386/i386/via.c
+++ sys/arch/i386/i386/via.c
@@ -178,13 +178,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct cryptoini 
*cri)
                        ses->ses_klen = c->cri_klen;
                        ses->ses_cw0 = cw0;
 
                        /* Build expanded keys for both directions */
                        AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key,
-                           c->cri_klen);
+                           c->cri_klen / 8);
                        AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key,
-                           c->cri_klen);
+                           c->cri_klen / 8);
                        for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) {
                                ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
                                ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
                        }
 

Reply via email to