Page MenuHomeFreeBSD
Differential D11758

Place the AAD before the plaintext/ciphertext for CIOCRYPTAEAD.
ClosedPublic
Actions

Authored by jhb on Jul 27 2017, 9:41 PM.
Tags
None
Referenced Files
Unknown Object (File)
Dec 20 2023, 2:28 AM
Unknown Object (File)
Dec 12 2023, 8:09 PM
Unknown Object (File)
Nov 10 2023, 1:48 PM
Unknown Object (File)
Nov 8 2023, 1:43 PM
Unknown Object (File)
Oct 31 2023, 10:50 AM
Unknown Object (File)
Oct 7 2023, 12:38 PM
Unknown Object (File)
Sep 6 2023, 3:47 PM
Unknown Object (File)
Jul 13 2023, 11:14 AM
View All 15 Files
Subscribers
cperciva
jmg
np
pjd
secteam

Details

Reviewers
cem
Commits
rS323889: Place the AAD before the plaintext/ciphertext for CIOCRYPTAEAD.
Summary

Place the AAD before the plaintext/ciphertext for CIOCRYPTAEAD.

Software crypto implementations don't care how the buffer is laid out,
but hardware implementations may assume that the AAD is always before
the plain/cipher text and that the hash/tag is immediately after the end
of the plain/cipher text.

In particular, this arrangement matches the layout of both IPSec packets
and TLS frames. Linux's crypto framework also assumes this layout for
AEAD requests.

Test Plan
  • tested IPSec-like requests using the cryptocheck tool against the Chelsio ccr(4) driver and out-of-tree Intel qat(4) driver. Also verified no regressions with aesni0 or cryptosoft
  • note that I hacked ccr(4) to play crazy games with sglists to work around this issue (it will construct a S/G list that places the AAD first), but it is non-ideal as it results in more complicated S/G lists

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
head/
sys/
opencrypto/
30 lines

Diff 33293

View Options

head/sys/opencrypto/cryptodev.c

Loading...