On 02/14/2018 11:26 PM, Mike Belopuhov wrote:
>
> Hi,
>
> Thank you for your report, I think I forgot to convert bits to bytes.
> Please test the diff below.
>
> Cheers,
> Mike
>
>
> diff --git sys/arch/amd64/amd64/via.c sys/arch/amd64/amd64/via.c
> index c0e1e540b12..818c35f53d0 100644
> --- sys/arch/amd64/amd64/via.c
> +++ sys/arch/amd64/amd64/via.c
> @@ -177,13 +177,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct
> cryptoini *cri)
> ses->ses_klen = c->cri_klen;
> ses->ses_cw0 = cw0;
>
> /* Build expanded keys for both directions */
> AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key,
> - c->cri_klen);
> + c->cri_klen / 8);
> AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key,
> - c->cri_klen);
> + c->cri_klen / 8);
> for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) {
> ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
> ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
> }
>
> diff --git sys/arch/i386/i386/via.c sys/arch/i386/i386/via.c
> index 860fa45c0ac..83a092c24b7 100644
> --- sys/arch/i386/i386/via.c
> +++ sys/arch/i386/i386/via.c
> @@ -178,13 +178,13 @@ viac3_crypto_newsession(u_int32_t *sidp, struct
> cryptoini *cri)
> ses->ses_klen = c->cri_klen;
> ses->ses_cw0 = cw0;
>
> /* Build expanded keys for both directions */
> AES_KeySetup_Encrypt(ses->ses_ekey, c->cri_key,
> - c->cri_klen);
> + c->cri_klen / 8);
> AES_KeySetup_Decrypt(ses->ses_dkey, c->cri_key,
> - c->cri_klen);
> + c->cri_klen / 8);
> for (i = 0; i < 4 * (AES_MAXROUNDS + 1); i++) {
> ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
> ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
> }
>
>
Hi Mike,
That patch solved the issue. I was only able to test on i386, but I
suppose it's the same for amd64.
Thank you
Cheers
smime.p7s
Description: S/MIME Cryptographic Signature
