Code Review / vpp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 0a485f5) | patch
ipsec: fix AES CBC IV generation (CVE-2022-46397) 54/38154/1 stable/2110
authorBenoît Ganne <bganne@cisco.com>
Tue, 18 Jan 2022 14:56:41 +0000 (15:56 +0100)
committerDave Wallace <dwallacelf@gmail.com>
Sat, 4 Feb 2023 02:05:21 +0000 (21:05 -0500)
commit08ff7a9857212f091a07228f666a2376e26a5eff
treef505c6a8a84de32d78b3ab25348a4b9e9a89b37etree | snapshot
parent0a485f517d2b6d1c328eda23b707cb8d9c544bebcommit | diff
ipsec: fix AES CBC IV generation (CVE-2022-46397)

For AES-CBC, the IV must be unpredictable (see NIST SP800-38a Appendix
C). Chaining IVs like is done by ipsecmb and native backends for the
VNET_CRYPTO_OP_FLAG_INIT_IV is fully predictable.
Encrypt a counter as part of the message, making the (predictable)
counter-generated IV unpredictable.

Fixes: VPP-2037
Type: fix

Change-Id: If4f192d62bf97dda553e7573331c75efa11822ae
Signed-off-by: Benoît Ganne <bganne@cisco.com>
src/vnet/crypto/crypto.h diff | blob | history
src/vnet/ipsec/esp_encrypt.c diff | blob | history
src/vnet/ipsec/ipsec_sa.h diff | blob | history
Vector Packet Processing