diff options
| author |   markus <markus@openbsd.org> | 2002-04-01 18:55:05 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2002-04-01 18:55:05 +0000 |
| commit | bbf6b0fc813a7dbfc050e7fb32735f33dd6c4dfa (patch) | |
| tree | 7cf9f22b4c0ae79d4fa529a48f2bfa016ad0464c | |
| parent | -Tattling is bad, users should be allowed to run anything on the system (diff) | |
| download | wireguard-openbsd-bbf6b0fc813a7dbfc050e7fb32735f33dd6c4dfa.tar.xz wireguard-openbsd-bbf6b0fc813a7dbfc050e7fb32735f33dd6c4dfa.zip | |
skip bad IVs; ok provos@/deraadt@
| -rw-r--r-- | sys/dev/ic/if_wi.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/sys/dev/ic/if_wi.c b/sys/dev/ic/if_wi.c index 73d65167384..36cfb8c2a44 100644 --- a/sys/dev/ic/if_wi.c +++ b/sys/dev/ic/if_wi.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_wi.c,v 1.35 2002/04/01 07:12:05 millert Exp $ */ +/* $OpenBSD: if_wi.c,v 1.36 2002/04/01 18:55:05 markus Exp $ */ /* * Copyright (c) 1997, 1998, 1999 @@ -124,7 +124,7 @@ u_int32_t widebug = WIDEBUG; #if !defined(lint) && !defined(__OpenBSD__) static const char rcsid[] = - "$OpenBSD: if_wi.c,v 1.35 2002/04/01 07:12:05 millert Exp $"; + "$OpenBSD: if_wi.c,v 1.36 2002/04/01 18:55:05 markus Exp $"; #endif /* lint */ #ifdef foo @@ -1583,8 +1583,15 @@ wi_do_hostencrypt(struct wi_softc *sc, caddr_t buf, int len) if (!sc->wi_icv_flag) { sc->wi_icv = arc4random(); sc->wi_icv_flag++; - } else - sc->wi_icv++; /* XXX better IV needed */ + } else if (sc->wi_icv >= 0x03ff00 && + (sc->wi_icv & 0xf8ff00) == 0x00ff00) { + /* + * Skip 'bad' IVs from Fluhrer/Mantin/Shamir: + * (B, 255, N) with 3 <= B < 8 + */ + sc->wi_icv += 0x000100; + } else + sc->wi_icv++; /* prepend 24bit IV to tx key, byte order does not matter */ key[0] = sc->wi_icv >> 16; |