diff options
author | Damjan Marion <damarion@cisco.com> | 2019-04-25 18:24:04 +0200 |
---|---|---|
committer | Neale Ranns <nranns@cisco.com> | 2019-04-25 22:54:38 +0000 |
commit | 82d81d4fb0509236d10fe5de8bc2d4d26d6730b6 (patch) | |
tree | 754e5de442f4a4b067a624a69d1823b0fe5251f3 /src/plugins | |
parent | 22e9c03ad285a3f4bc86e75159d2ed48210438de (diff) |
crypto: AES GCM IV length is always 12
... at least for use cases we are interested in
Change-Id: I1156ff354635e8f990ce2664ebc8dcd3786ddca5
Signed-off-by: Damjan Marion <damarion@cisco.com>
Diffstat (limited to 'src/plugins')
-rw-r--r-- | src/plugins/crypto_openssl/main.c | 2 | ||||
-rw-r--r-- | src/plugins/unittest/crypto_test.c | 2 |
2 files changed, 1 insertions, 3 deletions
diff --git a/src/plugins/crypto_openssl/main.c b/src/plugins/crypto_openssl/main.c index fb9754f85a2..eaa16ceb2d8 100644 --- a/src/plugins/crypto_openssl/main.c +++ b/src/plugins/crypto_openssl/main.c @@ -155,7 +155,7 @@ openssl_ops_dec_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops, int len; EVP_DecryptInit_ex (ctx, cipher, 0, 0, 0); - EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_GCM_SET_IVLEN, op->iv_len, 0); + EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_GCM_SET_IVLEN, 12, 0); EVP_DecryptInit_ex (ctx, 0, 0, key->data, op->iv); if (op->aad_len) EVP_DecryptUpdate (ctx, 0, &len, op->aad, op->aad_len); diff --git a/src/plugins/unittest/crypto_test.c b/src/plugins/unittest/crypto_test.c index b4f48741573..24910e7df6d 100644 --- a/src/plugins/unittest/crypto_test.c +++ b/src/plugins/unittest/crypto_test.c @@ -114,7 +114,6 @@ test_crypto (vlib_main_t * vm, crypto_test_main_t * tm) case VNET_CRYPTO_OP_TYPE_ENCRYPT: case VNET_CRYPTO_OP_TYPE_DECRYPT: op->iv = r->iv.data; - op->iv_len = r->iv.length; op->key_index = vnet_crypto_key_add (vm, r->alg, r->key.data, r->key.length); @@ -128,7 +127,6 @@ test_crypto (vlib_main_t * vm, crypto_test_main_t * tm) case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT: case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT: op->iv = r->iv.data; - op->iv_len = r->iv.length; op->key_index = vnet_crypto_key_add (vm, r->alg, r->key.data, r->key.length); |