netbsd-bugs: kern/30291: AESCTR IV value in cblock should be 8 bytes, not 16

Subject: kern/30291: AESCTR IV value in cblock should be 8 bytes, not 16
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <kent.peacock@sun.com>
List: netbsd-bugs
Date: 05/20/2005 14:50:00

>Number:         30291
>Category:       kern
>Synopsis:       AESCTR IV value in cblock should be 8 bytes, not 16
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri May 20 14:50:00 +0000 2005
>Originator:     Kent Peacock
>Release:        2.0.2
>Organization:
Sun Microsystems
>Environment:
N/A
>Description:
According to RFC 3686, which describe the use of AES counter mode in
ESP, the IV value used should be 8 bytes. The code in esp_aesctr.c
incorrectly uses a 16 byte IV.



>How-To-Repeat:
Seen by code inspection.
>Fix:
In sys/netinet6/esp_aesctr.c:

***************
*** 77,83 ****
  union cblock {
        struct {
                u_int8_t nonce[4];
!               u_int8_t iv[8];
                u_int32_t ctr;
        } v __attribute__((__packed__));
        u_int8_t cblock[16];
--- 61,67 ----
  union cblock {
        struct {
                u_int8_t nonce[4];
!               u_int8_t iv[16];
                u_int32_t ctr;
        } v __attribute__((__packed__));
        u_int8_t cblock[16];