Page MenuHomeFreeBSD
Differential D30001

aesni: Avoid modifying session keys in hmac_update()
ClosedPublic
Actions

Authored by markj on Apr 27 2021, 12:19 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Mar 24, 4:47 AM
Unknown Object (File)
Mon, Mar 23, 6:42 PM
Unknown Object (File)
Thu, Mar 19, 9:07 PM
Unknown Object (File)
Sat, Mar 14, 3:00 PM
Unknown Object (File)
Sat, Mar 14, 3:32 AM
Unknown Object (File)
Feb 12 2026, 9:38 PM
Unknown Object (File)
Feb 8 2026, 1:46 PM
Unknown Object (File)
Feb 7 2026, 5:10 PM
View All Files
Subscribers
None

Details

Reviewers
kib
jhb
cem
Commits
rG62e32cf9140e: aesni: Avoid modifying session keys in hmac_update()
Summary

Otherwise aesni_process() is not thread-safe for AES+SHA-HMAC
transforms, since hmac_update() updates the caller-supplied key directly
to create the derived key. Use a buffer on the stack to store a copy of
the key used for computing inner and outer digests.

Note that this applies to stable/12 only.

Diff Detail

Repository
rG FreeBSD src repository
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 38878
Build 35767: arc lint + arc unit

Event Timeline

markj requested review of this revision.Apr 27 2021, 12:19 AM
markj created this revision.
Harbormaster completed remote builds in B38878: Diff 88218.Apr 27 2021, 12:19 AM
kib accepted this revision.Apr 27 2021, 2:09 PM
This revision is now accepted and ready to land.Apr 27 2021, 2:09 PM
Closed by commit rG62e32cf9140e: aesni: Avoid modifying session keys in hmac_update() (authored by markj). · Explain WhyApr 27 2021, 7:16 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG62e32cf9140e: aesni: Avoid modifying session keys in hmac_update().

Revision Contents
Changeset List

PathSize
sys/
crypto/
aesni/
5 lines
18 lines

Diff 88218

View Options

sys/crypto/aesni/aesni.h

Loading...
View Options

sys/crypto/aesni/aesni.c

Loading...