Page MenuHomeFreeBSD
Differential D22365

Add support for including ESN in AES-NI crypto driver
ClosedPublic
Actions

Authored by jaz_semihalf.com on Nov 14 2019, 12:24 PM.
Tags
None
Referenced Files
F136952771: D22365.id.diff
Thu, Nov 20, 7:52 PM
F136952518: D22365.id71770.diff
Thu, Nov 20, 7:51 PM
F136952489: D22365.id64312.diff
Thu, Nov 20, 7:51 PM
F136952447: D22365.id76980.diff
Thu, Nov 20, 7:51 PM
F136952385: D22365.id78303.diff
Thu, Nov 20, 7:50 PM
F136950557: D22365.diff
Thu, Nov 20, 7:42 PM
F136921023: D22365.id76980.diff
Thu, Nov 20, 4:22 PM
Unknown Object (File)
Tue, Nov 18, 6:33 AM
View All Files
Subscribers
imp

Details

Reviewers
mw
wma
jmg
pdk_semihalf.com
jhb
trasz
Group Reviewers
secteam
security
Commits
rS366754: Add support for ESN in AES-NI crypto driver
Summary

This patch adds support for IPSec ESN (Extended Sequence Numbers) in
encrypt and authenticate mode (eg. AES-CBC and SHA256) and combined mode
(eg. AES-GCM).

For the encrypt and authenticate mode the ESN is stored in separate
crp_esn buffer because the high-order 32 bits of the sequence number are
appended after the Next Header (RFC 4303).

For the combined modes the high-order 32 bits of the sequence number
[e.g. RFC 4106, Chapter 5 AAD Construction] are part of crp_aad
(prepared by netipsec layer in case of ESN support enabled), therefore
non visible diff around combined modes.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

pdk_semihalf.com created this revision.Nov 14 2019, 12:24 PM
Herald added a reviewer: jmg. · View Herald TranscriptNov 14 2019, 12:24 PM
Herald added a subscriber: imp. · View Herald Transcript
trasz resigned from this revision.Jan 14 2020, 2:32 PM
jaz_semihalf.com commandeered this revision.May 14 2020, 2:10 PM
jaz_semihalf.com updated this revision to Diff 71770.
jaz_semihalf.com added a reviewer: pdk_semihalf.com.

Align to new OCF

jaz_semihalf.com updated this revision to Diff 76980.Sep 13 2020, 5:43 PM
jaz_semihalf.com edited the summary of this revision. (Show Details)
jaz_semihalf.com added a reviewer: jhb.Sep 24 2020, 4:22 PM
jhb added inline comments.Sep 24 2020, 10:17 PM
sys/crypto/aesni/aesni.c
256 ↗(On Diff #76980)

I'd probably just leave this spelled out in probesession.

873 ↗(On Diff #76980)

Woo, nice it was this easy to add!

jhb accepted this revision.Sep 24 2020, 10:18 PM
jhb added a parent revision: D24838: Prepare crypto framework for IPSec ESN support.
This revision is now accepted and ready to land.Sep 24 2020, 10:18 PM
Closed by commit rS366754: Add support for ESN in AES-NI crypto driver (authored by mw). · Explain WhyOct 16 2020, 11:22 AM
This revision was automatically updated to reflect the committed changes.
mw added a commit: rS366754: Add support for ESN in AES-NI crypto driver.

Revision Contents
Changeset List

PathSize
head/
sys/
crypto/
aesni/
9 lines

Diff 78303

View Options

head/sys/crypto/aesni/aesni.c

Loading...