From f48050785f254afb7515383e8595425fa652e056 Mon Sep 17 00:00:00 2001 From: Vladimir Ratnikov Date: Fri, 17 May 2019 09:17:59 -0400 Subject: openssl plugin 3des routine iv_len fix Since 3DES has 8 bytes of initialization vector and code contains hardcode for 16 bytes, check added to determine if crypto algorythm is 3DES_CBC and set corresponding iv_len param Change-Id: Iac50c8a8241e321e3b4d576c88f2496852bd905c Signed-off-by: Vladimir Ratnikov --- src/plugins/crypto_openssl/main.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'src/plugins/crypto_openssl/main.c') diff --git a/src/plugins/crypto_openssl/main.c b/src/plugins/crypto_openssl/main.c index 2132c5bb15a..fd749d04926 100644 --- a/src/plugins/crypto_openssl/main.c +++ b/src/plugins/crypto_openssl/main.c @@ -70,9 +70,15 @@ openssl_ops_enc_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops, vnet_crypto_op_t *op = ops[i]; vnet_crypto_key_t *key = vnet_crypto_get_key (op->key_index); int out_len; + int iv_len; + + if (op->op == VNET_CRYPTO_OP_3DES_CBC_ENC) + iv_len = 8; + else + iv_len = 16; if (op->flags & VNET_CRYPTO_OP_FLAG_INIT_IV) - RAND_bytes (op->iv, 16); + RAND_bytes (op->iv, iv_len); EVP_EncryptInit_ex (ctx, cipher, NULL, key->data, op->iv); EVP_EncryptUpdate (ctx, op->dst, &out_len, op->src, op->len); -- cgit 1.2.3-korg