Page MenuHomeFreeBSD

crypto: Test all of the AES-CCM KAT vectors.

Authored by jhb on Sep 24 2021, 6:06 PM.



Previously, only test vectors which used the default nonce and tag
sizes (12 and 16, respectively) were tested. This now tests all of
the vectors. This exposed some additional issues around requests with
an empty payload (which wasn't supported) and an empty AAD (which
falls back to CIOCCRYPT instead of CIOCCRYPTAEAD).

  • Make use of the 'ivlen' and 'maclen' fields for CIOGSESSION2 to test AES-CCM vectors with non-default nonce and tag lengths.
  • Permit requests with an empty payload.
  • Permit an input MAC for requests without AAD.

Sponsored by: The FreeBSD Foundation

Diff Detail

R10 FreeBSD src repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

With the fixes in this series, all of the tests pass on cryptosoft0, aesni0, and ccr0. I have not tested safexcel0.

This revision is now accepted and ready to land.Sep 28 2021, 4:11 PM
This revision was automatically updated to reflect the committed changes.