summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorArtem Glazychev <artem.glazychev@xored.com>2020-09-10 13:13:29 +0700
committerNeale Ranns <nranns@cisco.com>2020-09-10 16:02:24 +0000
commitcf527882e2fe49eda108cd63af175431222beebe (patch)
treed52c08012b18fb0453915a95ee67b76965a2feae /src
parenta3960a8b74de5cef51db2c7575f8f2d71a013d0a (diff)
wireguard: fix handshake procedure
Type: fix Change-Id: I96e8c5c9c792b1d9aefd39ce3e240d220827b7d1 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Diffstat (limited to 'src')
-rwxr-xr-xsrc/plugins/wireguard/wireguard_noise.c25
-rwxr-xr-xsrc/plugins/wireguard/wireguard_send.h4
2 files changed, 17 insertions, 12 deletions
diff --git a/src/plugins/wireguard/wireguard_noise.c b/src/plugins/wireguard/wireguard_noise.c
index 666618a2a51..dc7d5060fe5 100755
--- a/src/plugins/wireguard/wireguard_noise.c
+++ b/src/plugins/wireguard/wireguard_noise.c
@@ -547,29 +547,34 @@ chacha20poly1305_calc (vlib_main_t * vm,
vnet_crypto_op_id_t op_id,
vnet_crypto_key_index_t key_index)
{
+ vnet_crypto_op_t _op, *op = &_op;
u8 iv[12];
+ u8 tag_[NOISE_AUTHTAG_LEN] = { };
+ u8 src_[] = { };
+
clib_memset (iv, 0, 12);
clib_memcpy (iv + 4, &nonce, sizeof (nonce));
- vnet_crypto_op_t _op, *op = &_op;
+ vnet_crypto_op_init (op, op_id);
- u8 _tag[16] = { };
+ op->tag_len = NOISE_AUTHTAG_LEN;
if (op_id == VNET_CRYPTO_OP_CHACHA20_POLY1305_DEC)
{
- clib_memcpy (_tag, src + src_len - NOISE_AUTHTAG_LEN,
- NOISE_AUTHTAG_LEN);
+ op->tag = src + src_len - NOISE_AUTHTAG_LEN;
src_len -= NOISE_AUTHTAG_LEN;
}
- vnet_crypto_op_init (op, op_id);
- op->key_index = key_index;
- op->src = src;
- op->dst = dst;
+ else
+ op->tag = tag_;
+
+ op->src = !src ? src_ : src;
op->len = src_len;
+
+ op->dst = dst;
+ op->key_index = key_index;
op->aad = aad;
op->aad_len = aad_len;
op->iv = iv;
- op->tag_len = NOISE_AUTHTAG_LEN;
- op->tag = _tag;
+
vnet_crypto_process_ops (vm, op, 1);
if (op_id == VNET_CRYPTO_OP_CHACHA20_POLY1305_ENC)
{
diff --git a/src/plugins/wireguard/wireguard_send.h b/src/plugins/wireguard/wireguard_send.h
index 8f5e7ab8765..4ea1f6effea 100755
--- a/src/plugins/wireguard/wireguard_send.h
+++ b/src/plugins/wireguard/wireguard_send.h
@@ -26,8 +26,8 @@ always_inline void
ip4_header_set_len_w_chksum (ip4_header_t * ip4, u16 len)
{
ip_csum_t sum = ip4->checksum;
- u8 old = ip4->length;
- u8 new = len;
+ u16 old = ip4->length;
+ u16 new = len;
sum = ip_csum_update (sum, old, new, ip4_header_t, length);
ip4->checksum = ip_csum_fold (sum);