Differential D6218

Truncate HMAC output only if requested by the client
ClosedPublic
Actions

Authored by bsz_semihalf.com on May 5 2016, 10:17 AM.

Details

Reviewers

• ian

Group Reviewers

ARM

Commits

rS301223: Truncate HMAC output only if requested by the client

Summary

The output of HMAC was previously truncated to 12 bytes. This was only
correct in case of one particular crypto client - the new version of IPSEC.
Fix by taking into account the cri_mlen field in cryptoini session request
filled in by the client.

Submitted by: Michal Stanek <mst@semihalf.com
Obtained from: Semihalf
Sponsored by: Stormshield
Differential revision:
Reviewed by:

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

bsz_semihalf.com updated this revision to Diff 15921.May 5 2016, 10:17 AM

bsz_semihalf.com retitled this revision from to Truncate HMAC output only if requested by the client.

bsz_semihalf.com updated this object.

bsz_semihalf.com edited the test plan for this revision. (Show Details)

bsz_semihalf.com added reviewers: • ian, ARM.

bsz_semihalf.com set the repository for this revision to rS FreeBSD src repository - subversion.

Herald added a subscriber: imp. · View Herald TranscriptMay 5 2016, 10:17 AM

bsz_semihalf.com added a child revision: D6219: Add HMAC-SHA256 support in CESA.May 5 2016, 10:20 AM

bsz_semihalf.com added a parent revision: D6217: Split CESA memory resource into TDMA and CESA regs.

Closed by commit rS301223: Truncate HMAC output only if requested by the client (authored by zbb). · Explain WhyJun 2 2016, 6:38 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

head/

sys/

dev/

cesa/

cesa.h

8 lines

cesa.c

24 lines

Diff 17235

View Options

head/sys/dev/cesa/cesa.h