Use a counter with a random base for explicit IVs in GCM.
ClosedPublic
Actions

Authored by jhb on Oct 22 2019, 10:07 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Sat, Feb 1, 11:31 AM

	Unknown Object (File)
	Sat, Jan 25, 7:23 AM

	Unknown Object (File)
	Jan 13 2025, 4:21 AM

	Unknown Object (File)
	Dec 11 2024, 1:48 AM

	Unknown Object (File)
	Nov 27 2024, 7:28 AM

	Unknown Object (File)
	Nov 25 2024, 6:33 AM

	Unknown Object (File)
	Nov 23 2024, 3:19 AM

	Unknown Object (File)
	Nov 20 2024, 5:29 PM

View All 73 Files

Subscribers

imp

Details

Reviewers

gallatin

Commits

rS354028: Use a counter with a random base for explicit IVs in GCM.

Summary

This permits constructing the entire TLS header in ktls_frame()
rather than ktls_seq(). This also matches the approach used by
OpenSSL which uses an incrementing nonce as the explicit IV
rather than the sequence number.

Test Plan

tested with ktls_ocf with both cryptosoft and ccr
used wireshark to verify incrementing nonces

Diff Detail

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 27160
Build 25432: arc lint + arc unit

Event Timeline

jhb created this revision.Oct 22 2019, 10:07 PM

Harbormaster completed remote builds in B27160: Diff 63557.Oct 22 2019, 10:07 PM

Would you be able to test this with the current ISA-L module (and verify it works ok on your end)?

Works fine running on a Netflix cache.

This revision is now accepted and ready to land.Oct 23 2019, 11:08 PM

Closed by commit rS354028: Use a counter with a random base for explicit IVs in GCM. (authored by jhb). · Explain WhyOct 24 2019, 6:13 PM

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rS354028: Use a counter with a random base for explicit IVs in GCM..

Herald added a subscriber: imp. · View Herald TranscriptOct 24 2019, 6:13 PM

Revision Contents
Changeset List

Path

Size

sys/

kern/

uipc_ktls.c

47 lines

Diff 63557

View Options

Use a counter with a random base for explicit IVs in GCM.ClosedPublicActions