Page MenuHomeFreeBSD
Differential D32100

ossl: Add support for ETA mode
ClosedPublic
Actions

Authored by kd on Sep 24 2021, 11:38 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Apr 22, 9:17 AM
Unknown Object (File)
Sun, Apr 21, 8:11 PM
Unknown Object (File)
Mar 21 2024, 7:12 PM
Unknown Object (File)
Mar 21 2024, 7:12 PM
Unknown Object (File)
Feb 5 2024, 2:36 PM
Unknown Object (File)
Dec 28 2023, 4:41 PM
Unknown Object (File)
Dec 28 2023, 4:41 PM
Unknown Object (File)
Dec 20 2023, 3:41 AM
View All 30 Files
Subscribers
imp

Details

Reviewers
jhb
wma
mw
cem
Commits
rGc4026909bdfe: ossl: Add support for ETA mode
rG048a71b46e81: ossl: Add support for ETA mode
Summary

With the support for AES-CBC we can now handle ETA requests.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kd requested review of this revision.Sep 24 2021, 11:38 AM
kd created this revision.
kd added a parent revision: D32099: ossl: Add support for AES-CBC cipher.
kd mentioned this in D32099: ossl: Add support for AES-CBC cipher.Oct 30 2021, 1:40 PM
kd updated this revision to Diff 97860.Nov 2 2021, 12:21 PM
jhb accepted this revision.Nov 4 2021, 9:02 PM
jhb added inline comments.
sys/crypto/openssl/ossl.c
176

I don't think ETA makes sense for CHACHA20. I would perhaps require sc->has_aes as the only likely candidates for ETA use (AES-CBC, AES-CTR, and AES-XTS) will all need has_aes

This revision is now accepted and ready to land.Nov 4 2021, 9:02 PM
kd updated this revision to Diff 98054.Nov 5 2021, 8:52 AM

Don't allow for creating ETA sessions witch CHACHA20 used as a cipher.

This revision now requires review to proceed.Nov 5 2021, 8:52 AM
kd added inline comments.Nov 5 2021, 8:53 AM
sys/crypto/openssl/ossl.c
176

Good point. Since we have AEAD of CHACH20+POLY1305 you're right that it doesn't make sense to try to use it for ETA.
I inverted part of this logic instead, checking just for sc->has_aes here would still allow someone to create an ETA session with CHACHA20 as the cipher.

jhb accepted this revision.Nov 5 2021, 5:01 PM
This revision is now accepted and ready to land.Nov 5 2021, 5:01 PM
Closed by commit rG048a71b46e81: ossl: Add support for ETA mode (authored by kd, committed by wma). · Explain WhyNov 6 2021, 8:12 AM
This revision was automatically updated to reflect the committed changes.
wma added a commit: rG048a71b46e81: ossl: Add support for ETA mode.
Herald added a subscriber: imp. · View Herald TranscriptNov 6 2021, 8:12 AM
wma added a reverting change: rG0dedcdaa1a02: Revert "ossl: Add support for ETA mode".Nov 6 2021, 4:46 PM
wma added a commit: rGc4026909bdfe: ossl: Add support for ETA mode.Nov 8 2021, 9:54 AM

Revision Contents
Changeset List

PathSize
sys/
crypto/
openssl/
33 lines

Diff 98118

View Options

sys/crypto/openssl/ossl.c

Loading...