Diffusion FreeBSD src repository - subversion rS366677

Add support to the KTLS OCF module for AES-CBC MTE ciphersuites.
rS366677
Actions

Description

Add support to the KTLS OCF module for AES-CBC MTE ciphersuites.

This is a simplistic approach which encrypts each TLS record in two
separate passes: one to generate the MAC and a second to encrypt.
This supports TLS 1.0 connections with implicit IVs as well as TLS
1.1+ with explicit IVs.

Reviewed by: gallatin
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D26730

Details

Provenance

jhb	Authored on

Reviewer

gallatin

Differential Revision

D26730: Add support to the KTLS OCF module for AES-CBC MTE ciphersuites.

Parents

rS366676: ctl.conf(5): fix LUN size in UCL format example.

Branches

Unknown

Tags

Unknown

Event Timeline

jhb committed rS366677: Add support to the KTLS OCF module for AES-CBC MTE ciphersuites..Oct 13 2020, 6:04 PM

jhb added an edge: D26730: Add support to the KTLS OCF module for AES-CBC MTE ciphersuites..

Changes (1)

Path

Size

head/

sys/

opencrypto/

ktls_ocf.c

rS366677

View Options

head/sys/opencrypto/ktls_ocf.c