diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | cipher.c | 15 |
2 files changed, 16 insertions, 2 deletions
| @@ -1,3 +1,6 @@ | |||
| 1 | 20140527 | ||
| 2 | - (djm) [cipher.c] Fix merge botch. | ||
| 3 | |||
| 1 | 20140522 | 4 | 20140522 |
| 2 | - (djm) [Makefile.in] typo in path | 5 | - (djm) [Makefile.in] typo in path |
| 3 | 6 | ||
| @@ -553,7 +553,12 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) | |||
| 553 | ssh_aes_ctr_iv(&cc->evp, 0, iv, len); | 553 | ssh_aes_ctr_iv(&cc->evp, 0, iv, len); |
| 554 | else | 554 | else |
| 555 | #endif /* OPENSSL_HAVE_EVPCTR */ | 555 | #endif /* OPENSSL_HAVE_EVPCTR */ |
| 556 | memcpy(iv, cc->evp.iv, len); | 556 | if (cipher_authlen(c)) { |
| 557 | if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN, | ||
| 558 | len, iv)) | ||
| 559 | fatal("%s: EVP_CTRL_GCM_IV_GEN", __func__); | ||
| 560 | } else | ||
| 561 | memcpy(iv, cc->evp.iv, len); | ||
| 557 | break; | 562 | break; |
| 558 | #endif /* WITH_OPENSSL */ | 563 | #endif /* WITH_OPENSSL */ |
| 559 | #ifdef WITH_SSH1 | 564 | #ifdef WITH_SSH1 |
| @@ -597,7 +602,13 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv) | |||
| 597 | ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen); | 602 | ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen); |
| 598 | else | 603 | else |
| 599 | #endif /* OPENSSL_HAVE_EVPCTR */ | 604 | #endif /* OPENSSL_HAVE_EVPCTR */ |
| 600 | memcpy(cc->evp.iv, iv, evplen); | 605 | if (cipher_authlen(c)) { |
| 606 | if (!EVP_CIPHER_CTX_ctrl(&cc->evp, | ||
| 607 | EVP_CTRL_GCM_SET_IV_FIXED, -1, iv)) | ||
| 608 | fatal("%s: EVP_CTRL_GCM_SET_IV_FIXED failed", | ||
| 609 | __func__); | ||
| 610 | } else | ||
| 611 | memcpy(cc->evp.iv, iv, evplen); | ||
| 601 | break; | 612 | break; |
| 602 | #endif /* WITH_OPENSSL */ | 613 | #endif /* WITH_OPENSSL */ |
| 603 | #ifdef WITH_SSH1 | 614 | #ifdef WITH_SSH1 |