Use a counter with a random base for explicit IVs in GCM.
ClosedPublic
Actions

Authored by jhb on Oct 22 2019, 10:07 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Mon, Nov 25, 6:33 AM

	Unknown Object (File)
	Sat, Nov 23, 3:19 AM

	Unknown Object (File)
	Wed, Nov 20, 5:29 PM

	Unknown Object (File)
	Fri, Nov 15, 1:13 AM

	Unknown Object (File)
	Wed, Nov 6, 11:56 AM

	Unknown Object (File)
	Tue, Nov 5, 6:28 PM

	Unknown Object (File)
	Oct 17 2024, 1:11 PM

	Unknown Object (File)
	Oct 16 2024, 11:03 AM

View All 68 Files

Subscribers

imp

Details

Reviewers

gallatin

Commits

rS354028: Use a counter with a random base for explicit IVs in GCM.

Summary

This permits constructing the entire TLS header in ktls_frame()
rather than ktls_seq(). This also matches the approach used by
OpenSSL which uses an incrementing nonce as the explicit IV
rather than the sequence number.

Test Plan

tested with ktls_ocf with both cryptosoft and ccr
used wireshark to verify incrementing nonces

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb created this revision.Oct 22 2019, 10:07 PM

Harbormaster completed remote builds in B27160: Diff 63557.Oct 22 2019, 10:07 PM

Would you be able to test this with the current ISA-L module (and verify it works ok on your end)?

Works fine running on a Netflix cache.

This revision is now accepted and ready to land.Oct 23 2019, 11:08 PM

Closed by commit rS354028: Use a counter with a random base for explicit IVs in GCM. (authored by jhb). · Explain WhyOct 24 2019, 6:13 PM

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rS354028: Use a counter with a random base for explicit IVs in GCM..

Herald added a subscriber: imp. · View Herald TranscriptOct 24 2019, 6:13 PM

Revision Contents
Changeset List

Path

Size

head/

sys/

kern/

uipc_ktls.c

47 lines

Diff 63641

View Options

Use a counter with a random base for explicit IVs in GCM.ClosedPublicActions