On 02/14/2018 11:26 PM, Mike Belopuhov wrote:
> > Hi, > > Thank you for your report, I think I forgot to convert bits to bytes. > Please test the diff below. > > Cheers, > Mike > > > diff --git sys/arch/amd64/amd64/via.c sys/arch/amd64/amd64/via.c > index c0e1e540b12..818c35f53d0 100644 > --- sys/arch/amd64/amd64/via.c > +++ sys/arch/amd64/amd64/via.c > @@ -177,13 +177,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct > cryptoini *cri) > ses->ses_klen = c->cri_klen; > ses->ses_cw0 = cw0; > > /* Build expanded keys for both directions */ > AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key, > - c->cri_klen); > + c->cri_klen / 8); > AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key, > - c->cri_klen); > + c->cri_klen / 8); > for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) { > ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]); > ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]); > } > > diff --git sys/arch/i386/i386/via.c sys/arch/i386/i386/via.c > index 860fa45c0ac..83a092c24b7 100644 > --- sys/arch/i386/i386/via.c > +++ sys/arch/i386/i386/via.c > @@ -178,13 +178,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct > cryptoini *cri) > ses->ses_klen = c->cri_klen; > ses->ses_cw0 = cw0; > > /* Build expanded keys for both directions */ > AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key, > - c->cri_klen); > + c->cri_klen / 8); > AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key, > - c->cri_klen); > + c->cri_klen / 8); > for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) { > ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]); > ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]); > } > > Hi Mike, That patch solved the issue. I was only able to test on i386, but I suppose it's the same for amd64. Thank you Cheers
smime.p7s
Description: S/MIME Cryptographic Signature