Bring CBC oracle attack countermeasure from r1.32 of cryptosoft.c to - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	mikeb <mikeb@openbsd.org>	2010-12-15 23:34:23 +0000
committer	mikeb <mikeb@openbsd.org>	2010-12-15 23:34:23 +0000
commit	0c4448d4f521013698164f4dab22f2f76d0d71d2 (patch)
tree	86b80412680179286a5221a9af5848a297de6f00 /lib/libc/stdlib/malloc.c
parent	attach the Hercules HWGUn-54 to rsu(4) (diff)
download	wireguard-openbsd-0c4448d4f521013698164f4dab22f2f76d0d71d2.tar.xz wireguard-openbsd-0c4448d4f521013698164f4dab22f2f76d0d71d2.zip

Bring CBC oracle attack countermeasure from r1.32 of cryptosoft.c to

the hardware crypto accelerator land. This fixes aes-ni, via xcrypt, glxsb(4), hifn(4), safe(4) and ubsec(4) drivers. Original commit message by angelos: Don't keep the last blocksize-bytes of ciphertext for use as the next plaintext's IV, in CBC mode. Use arc4random() to acquire fresh IVs per message. with and ok deraadt, ok markus, djm

Diffstat (limited to 'lib/libc/stdlib/malloc.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: