- (djm) [cipher.c] Fix merge botch.

author: Damien Miller <djm@mindrot.org> 2014-05-27 14:27:02 +1000
committer: Damien Miller <djm@mindrot.org> 2014-05-27 14:27:02 +1000
commit: eae88744662e6b149f43ef071657727f1a157d95 (patch)
tree: 6b22697e5a2f805559e2fe3457fb6b9f644279f5 /cipher.c
parent: 564b5e253c1d95c26a00e8288f0089a2571661c3 (diff)
1 files changed, 13 insertions, 2 deletions
diff --git a/cipher.c b/cipher.c
index 0ea073f5..5569d245 100644
--- a/cipher.c
+++ b/cipher.c
@@ -553,7 +553,12 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
 			ssh_aes_ctr_iv(&cc->evp, 0, iv, len);
 		else
 #endif /* OPENSSL_HAVE_EVPCTR */
-		memcpy(iv, cc->evp.iv, len);
+		if (cipher_authlen(c)) {
+			if (!EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_IV_GEN,
+			    len, iv))
+				fatal("%s: EVP_CTRL_GCM_IV_GEN", __func__);
+                } else
+			memcpy(iv, cc->evp.iv, len);
 		break;
 #endif /* WITH_OPENSSL */
 #ifdef WITH_SSH1
@@ -597,7 +602,13 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
 			ssh_aes_ctr_iv(&cc->evp, 1, iv, evplen);
 		else
 #endif /* OPENSSL_HAVE_EVPCTR */
-		memcpy(cc->evp.iv, iv, evplen);
+		if (cipher_authlen(c)) {
+			if (!EVP_CIPHER_CTX_ctrl(&cc->evp,
+			    EVP_CTRL_GCM_SET_IV_FIXED, -1, iv))
+				fatal("%s: EVP_CTRL_GCM_SET_IV_FIXED failed",
+				    __func__);
+			} else
+				memcpy(cc->evp.iv, iv, evplen);
 		break;
 #endif /* WITH_OPENSSL */
 #ifdef WITH_SSH1
author	Damien Miller <djm@mindrot.org>	2014-05-27 14:27:02 +1000
committer	Damien Miller <djm@mindrot.org>	2014-05-27 14:27:02 +1000
commit	eae88744662e6b149f43ef071657727f1a157d95 (patch)
tree	6b22697e5a2f805559e2fe3457fb6b9f644279f5 /cipher.c
parent	564b5e253c1d95c26a00e8288f0089a2571661c3 (diff)