CVSROOT: /cvs
Module name: src
Changes by: mi...@cvs.openbsd.org 2012/12/07 13:55:51
Modified files:
sys/crypto : cryptosoft.c
Log message:
RFC 4106, Section 5 states that the SPI and a 64-bit Sequence
Number are provided to the GCM as an Additional Authenticated
Data. Usually an SPI and a lower 32-bit part of the ESN are
contained within the same memory buffer whereas an upper part
of the ESN comes from an external location. To accommodate
that RFC 4303, Section 3.3.2.1 states that upper part of the
ESN is hashed in the end. Unfortunately this advice is not
applicable for the combined authentication/encryption modes
and RFC 4106 decided not to follow that advice, effectively
requiring large API changes to accommodate that poor choice.
For now implement a kludge that will take an effect in case
CRD_F_ESN flag is set in the crypto operation descriptor.
Successfully tested against Linux 3.2 with strongSwan 4.6.4.
