| 9039a0fa | 06-Oct-2021 |
John Baldwin <[email protected]> |
cryptosoft: Fix support for variable tag lengths in AES-CCM.
The tag length is included as one of the values in the flags byte of
block 0 passed to CBC_MAC, so merely copying the first N bytes is
in
cryptosoft: Fix support for variable tag lengths in AES-CCM.
The tag length is included as one of the values in the flags byte of
block 0 passed to CBC_MAC, so merely copying the first N bytes is
insufficient.
To avoid adding more sideband data to the CBC MAC software context,
pull the generation of block 0, the AAD length, and AAD padding out of
cbc_mac.c and into cryptosoft.c. This matches how GCM/GMAC are
handled where the length block is constructed in cryptosoft.c and
passed as an input to the Update callback. As a result, the CBC MAC
Update() routine is now much simpler and simply performs the
XOR-and-encrypt step on each input block.
While here, avoid a copy to the staging block in the Update routine
when one or more full blocks are passed as input to the Update
callback.
Reviewed by: sef
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32120
(cherry picked from commit 4361c4eb6e3620e68d005c1671fdbf60b1fe83c6)
show more ...
|
| 12d5e71f | 06-Oct-2021 |
John Baldwin <[email protected]> |
ccr: Support AES-CCM requests with truncated tags.
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D32117
(cherry picked from commit e148e407df5c8b1c83bcd44d
ccr: Support AES-CCM requests with truncated tags.
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D32117
(cherry picked from commit e148e407df5c8b1c83bcd44da9f4837d94431d02)
show more ...
|
| d1d4ac2d | 06-Oct-2021 |
John Baldwin <[email protected]> |
cryptosoft, ccr: Use crp_iv directly for AES-CCM and AES-GCM.
Rather than copying crp_iv to a local array on the stack that is then
passed to xform reinit routines, pass crp_iv directly and remove t
cryptosoft, ccr: Use crp_iv directly for AES-CCM and AES-GCM.
Rather than copying crp_iv to a local array on the stack that is then
passed to xform reinit routines, pass crp_iv directly and remove the
local copy.
Reviewed by: markj
Sponsored by: Chelsio Communications, The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32106
(cherry picked from commit 5ae5ed5b8fd2955378ab67ba127cad8c981678ab)
show more ...
|
| c0b22e14 | 12-Mar-2021 |
John Baldwin <[email protected]> |
ccr: Disable requests on port 1 when needed to workaround a firmware bug.
Completions for crypto requests on port 1 can sometimes return a stale
cookie value due to a firmware bug. Disable requests
ccr: Disable requests on port 1 when needed to workaround a firmware bug.
Completions for crypto requests on port 1 can sometimes return a stale
cookie value due to a firmware bug. Disable requests on port 1 by
default on affected firmware.
Sponsored by: Chelsio Communications
(cherry picked from commit 5fe0cd6503d34d23c98e9e1ff7bf10340218a5ec)
show more ...
|