Page MenuHomeFreeBSD
Differential D30001

aesni: Avoid modifying session keys in hmac_update()
ClosedPublic
Actions

Authored by markj on Apr 27 2021, 12:19 AM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jun 27, 4:56 AM
Unknown Object (File)
Tue, Jun 25, 8:47 AM
Unknown Object (File)
Sat, Jun 22, 11:13 PM
Unknown Object (File)
Fri, Jun 21, 4:46 AM
Unknown Object (File)
Thu, Jun 20, 10:53 AM
Unknown Object (File)
Thu, Jun 20, 10:45 AM
Unknown Object (File)
May 6 2024, 10:20 PM
Unknown Object (File)
Feb 14 2024, 5:27 AM
View All 32 Files
Subscribers
None

Details

Reviewers
kib
jhb
cem
Commits
rG62e32cf9140e: aesni: Avoid modifying session keys in hmac_update()
Summary

Otherwise aesni_process() is not thread-safe for AES+SHA-HMAC
transforms, since hmac_update() updates the caller-supplied key directly
to create the derived key. Use a buffer on the stack to store a copy of
the key used for computing inner and outer digests.

Note that this applies to stable/12 only.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj requested review of this revision.Apr 27 2021, 12:19 AM
markj created this revision.
Harbormaster completed remote builds in B38878: Diff 88218.Apr 27 2021, 12:19 AM
kib accepted this revision.Apr 27 2021, 2:09 PM
This revision is now accepted and ready to land.Apr 27 2021, 2:09 PM
Closed by commit rG62e32cf9140e: aesni: Avoid modifying session keys in hmac_update() (authored by markj). · Explain WhyApr 27 2021, 7:16 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG62e32cf9140e: aesni: Avoid modifying session keys in hmac_update().

Revision Contents
Changeset List

PathSize
sys/
crypto/
aesni/
6 lines
18 lines

Diff 88275

View Options

sys/crypto/aesni/aesni.h

Loading...
View Options

sys/crypto/aesni/aesni.c

Loading...