Compliance with RFC5647 section 7.1 in cipher_crypt()

Peter P. p.pan48711 at gmail.com
Tue Nov 8 03:34:50 AEDT 2016


Hi,

I noticed in the following snippet from cipher_crypt() that the requested
value to increment the the invocation field by is one octet while section
7.1 in RFC5647 states that it should be eight. Under the covers in
OpenSSL's aes_gcm_ctrl, I see that the value passed in of 1 is ignored and
is substituted by a hard-coded 8.  If the value of arg is ever honored by
the underlying OpenSSL code, the way this is coded may cause failures when
using AES-GCM ciphers.

Should cipher_crypt be updated to increment the value by 8 instead of 1?

if (authlen)
u_char lastiv[1];
if (authlen != cipher_authlen(cc->cipher))
return SSH_ERR_INVALID_ARGUMENT;
/* increment IV */
if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN,
1, lastiv))
return SSH_ERR_LIBCRYPTO_ERROR;
*snip*

Thanks,
Peter


More information about the openssh-unix-dev mailing list