My understanding of the API is that the 1 means: copy out 1 byte of the IV before incrementing Peter P. <p.pan48711@xxxxxxxxx> schrieb am Mo. 7. Nov. 2016 um 23:46: > Hi, > > I noticed in the following snippet from cipher_crypt() that the requested > value to increment the the invocation field by is one octet while section > 7.1 in RFC5647 states that it should be eight. Under the covers in > OpenSSL's aes_gcm_ctrl, I see that the value passed in of 1 is ignored and > is substituted by a hard-coded 8. If the value of arg is ever honored by > the underlying OpenSSL code, the way this is coded may cause failures when > using AES-GCM ciphers. > > Should cipher_crypt be updated to increment the value by 8 instead of 1? > > if (authlen) > u_char lastiv[1]; > if (authlen != cipher_authlen(cc->cipher)) > return SSH_ERR_INVALID_ARGUMENT; > /* increment IV */ > if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, > 1, lastiv)) > return SSH_ERR_LIBCRYPTO_ERROR; > *snip* > > Thanks, > Peter > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev