d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

KTLS: Construct IV directly in crp.crp_iv for TLS 1.3 AEAD encryption.

Browse Source 
Previously this used a temporary nonce[] buffer.  The decrypt hook for
TLS 1.3 as well as the hooks for TLS 1.2 already constructed the IV
directly in crp.crp_iv.

Reviewed by:	hselasky
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D35027
This commit is contained in:
John Baldwin 2022-04-22 15:52:27 -07:00
parent a4c5d490f6
commit 663ae8f7f9
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/opencrypto/ktls_ocf.c
View File

@ -564,7 +564,6 @@ ktls_ocf_tls13_aead_encrypt(struct ktls_ocf_encrypt_state *state,
struct tls_aead_data_13 *ad;
struct cryptop *crp;
struct ktls_ocf_session *os;
char nonce[12];
int error;
os = tls->ocf_session;
@ -575,8 +574,8 @@ ktls_ocf_tls13_aead_encrypt(struct ktls_ocf_encrypt_state *state,
crypto_initreq(crp, os->sid);
/* Setup the nonce. */
memcpy(nonce, tls->params.iv, tls->params.iv_len);
*(uint64_t *)(nonce + 4) ^= htobe64(m->m_epg_seqno);
memcpy(crp->crp_iv, tls->params.iv, tls->params.iv_len);
*(uint64_t *)(crp->crp_iv + 4) ^= htobe64(m->m_epg_seqno);
/* Setup the AAD. */
ad = &state->aead13;
@ -614,8 +613,6 @@ ktls_ocf_tls13_aead_encrypt(struct ktls_ocf_encrypt_state *state,
crp->crp_op = CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST;
crp->crp_flags = CRYPTO_F_CBIMM | CRYPTO_F_IV_SEPARATE;
memcpy(crp->crp_iv, nonce, sizeof(nonce));
if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
counter_u64_add(ocf_tls13_gcm_encrypts, 1);
else