summaryrefslogtreecommitdiff
path: root/cipher.h
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2009-01-28 16:38:41 +1100
committerDamien Miller <djm@mindrot.org>2009-01-28 16:38:41 +1100
commit13ae44ce5865b720708aae9cb1d2e2f08a0d90cb (patch)
treeb9acd30c2e1edfa1a4b7dcc26b8c11f8ea77b855 /cipher.h
parent9aa72ba57af907af8f7228f64fca8a474797898f (diff)
- markus@cvs.openbsd.org 2009/01/26 09:58:15
[cipher.c cipher.h packet.c] Work around the CPNI-957037 Plaintext Recovery Attack by always reading 256K of data on packet size or HMAC errors (in CBC mode only). Help, feedback and ok djm@ Feedback from Martin Albrecht and Paterson Kenny
Diffstat (limited to 'cipher.h')
-rw-r--r--cipher.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/cipher.h b/cipher.h
index 49bbc1682..3dd2270bb 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher.h,v 1.36 2006/03/25 22:22:42 djm Exp $ */ 1/* $OpenBSD: cipher.h,v 1.37 2009/01/26 09:58:15 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -81,6 +81,7 @@ void cipher_cleanup(CipherContext *);
81void cipher_set_key_string(CipherContext *, Cipher *, const char *, int); 81void cipher_set_key_string(CipherContext *, Cipher *, const char *, int);
82u_int cipher_blocksize(const Cipher *); 82u_int cipher_blocksize(const Cipher *);
83u_int cipher_keylen(const Cipher *); 83u_int cipher_keylen(const Cipher *);
84u_int cipher_is_cbc(const Cipher *);
84 85
85u_int cipher_get_number(const Cipher *); 86u_int cipher_get_number(const Cipher *);
86void cipher_get_keyiv(CipherContext *, u_char *, u_int); 87void cipher_get_keyiv(CipherContext *, u_char *, u_int);