Add boot crypto framework
Needs ReviewPublic

Authored by eric_metricspace.net on Oct 17 2017, 12:47 AM.

Details

Summary

This adds a crypto framework for boot-time code without the size restrictions to which BIOS code is subject. The framework is designed to allow new ciphers to be added relatively easily.

Note: it is probable that this code will be replaced in the mid-term future. There is talk of a crypto overhaul, but this will not take place in any timeline suitable for GELI integration.

Test Plan

This has already been tested for both AES-CBC and AES-XTS in testing of the GELI boot code. Its present form is unmodified from the last successful test.

Diff Detail

Repository
rS FreeBSD src repository
Lint
Lint Skipped
Unit
Unit Tests Skipped

Rebased to HEAD.

This one is independent of the other GELI precursors, and can go in as-is.