This basically "just moves code around", but adjusts calling conventions
and the subsequent code changes (no more "key_len", so the ASSERT() now
checks MAX_HMAC_KEY_LENGTH - which was the only "len" ever used. Passing
"key" instead of "key->hmac" now, adjusting memcpy(). etc.).
Side benefit: unit test does not need to have its local copy of
init_implicit_iv() anymore.
One bit not obvious to me at first was "what about other callers to
init_key_ctx_bi() that do not have key_ctx_update_implicit_iv() today?"
(like tls-crypt-v2) - this is not a problem, as those are not using AEAD
ciphers (today), so the extra call ends up doing nothing.
Your patch has been applied to the master branch.
commit f0c26b02a7e394287052d524ef6d6bc738635692
Author: Arne Schwabe
Date: Sun Dec 22 22:45:41 2024 +0100
Move initialisation of implicit IVs to init_key_ctx_bi methods
Signed-off-by: Arne Schwabe <[email protected]>
Acked-by: Gert Doering <[email protected]>
Message-Id: <[email protected]>
URL:
https://www.mail-archive.com/[email protected]/msg30170.html
Signed-off-by: Gert Doering <[email protected]>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
