From 4e6a381306abb266c353c1ac1e2c5bf4407fd932 Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Fri, 12 Jun 2020 22:27:26 +0000 Subject: [PATCH] Fix a regression in r361804 for TLS 1.3. I was not including the record type stored in the first byte of the trailer as part of the payload to be encrypted and hashed. Sponsored by: Netflix --- sys/opencrypto/ktls_ocf.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/opencrypto/ktls_ocf.c b/sys/opencrypto/ktls_ocf.c index 66b5d0231f2b..b6981cca58a1 100644 --- a/sys/opencrypto/ktls_ocf.c +++ b/sys/opencrypto/ktls_ocf.c @@ -293,6 +293,7 @@ ktls_ocf_tls13_gcm_encrypt(struct ktls_session *tls, * record_type even if only the first byte is used. */ trailer[0] = record_type; + crp->crp_payload_length++; iov[iovcnt + 1].iov_base = trailer; iov[iovcnt + 1].iov_len = AES_GMAC_HASH_LEN + 1; uio.uio_iovcnt++;