Page MenuHomeFreeBSD
Differential D37371

ktls: Add tests for software AES-CBC decryption for TLS 1.1+.
ClosedPublic
Actions

Authored by jhb on Nov 12 2022, 12:02 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mar 17 2024, 2:54 AM
Unknown Object (File)
Mar 17 2024, 2:54 AM
Unknown Object (File)
Mar 17 2024, 2:54 AM
Unknown Object (File)
Mar 17 2024, 2:54 AM
Unknown Object (File)
Mar 14 2024, 10:28 AM
Unknown Object (File)
Feb 18 2024, 5:46 PM
Unknown Object (File)
Feb 2 2024, 10:09 AM
Unknown Object (File)
Jan 13 2024, 3:59 AM
View All 29 Files
Subscribers
imp
np

Details

Reviewers
markj
Commits
rG64811651aa7c: ktls: Add tests for software AES-CBC decryption for TLS 1.1+.
Summary

Sponsored by: Chelsio Communications

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jhb created this revision.Nov 12 2022, 12:02 AM
Herald added a subscriber: imp. · View Herald TranscriptNov 12 2022, 12:02 AM
jhb requested review of this revision.Nov 12 2022, 12:02 AM
Harbormaster completed remote builds in B48315: Diff 113031.Nov 12 2022, 12:02 AM
jhb added a parent revision: D37370: ktls: Add software support for AES-CBC decryption for TLS 1.1+..Nov 12 2022, 12:02 AM
jhb added a child revision: D37372: ktls_ocf: Reject encrypted TLS records using AEAD that are too small..
markj accepted this revision.Nov 14 2022, 2:59 PM
markj added inline comments.
tests/sys/kern/ktls_test.c
273–274

It might be worthwhile to keep the cbc_encrypt() and _decrypt() functions as wrappers. Then it's easier to read the callers since one doesn't have to remember what the bool parameter means.

909–961

The comment didn't move along with the old function. A comment for the new function should also explain "padding".

This revision is now accepted and ready to land.Nov 14 2022, 2:59 PM
jhb marked an inline comment as done.Nov 14 2022, 5:54 PM
jhb added inline comments.
tests/sys/kern/ktls_test.c
909–961

The comment is for the group of functions that encrypt TLS records (there is a similar pattern for the decrypt_tls_* functions). But yes, padding is worth documenting.

jhb marked an inline comment as done.Nov 14 2022, 6:11 PM
jhb updated this revision to Diff 113088.Nov 14 2022, 6:13 PM

Review feedback

This revision now requires review to proceed.Nov 14 2022, 6:13 PM
Harbormaster completed remote builds in B48331: Diff 113088.Nov 14 2022, 6:13 PM
markj accepted this revision.Nov 15 2022, 2:20 PM
This revision is now accepted and ready to land.Nov 15 2022, 2:20 PM
Closed by commit rG64811651aa7c: ktls: Add tests for software AES-CBC decryption for TLS 1.1+. (authored by jhb). · Explain WhyNov 15 2022, 8:04 PM
This revision was automatically updated to reflect the committed changes.
jhb added a commit: rG64811651aa7c: ktls: Add tests for software AES-CBC decryption for TLS 1.1+..

Revision Contents
Changeset List

PathSize
tests/
sys/
kern/
233 lines

Diff 113155

View Options

tests/sys/kern/ktls_test.c

Loading...