a8280123e4
When using NIC TLS RX, packets that are dropped and retransmitted are not decrypted by the NIC but are passed along as-is. As a result, a received TLS record might contain a mix of encrypted and decrypted data. If this occurs, the already-decrypted data needs to be re-encrypted so that the resulting record can then be decrypted normally. Add support for this for sessions using AES-GCM with TLS 1.2 or TLS 1.3. For the recrypt operation, allocate a temporary buffer and encrypt the the payload portion of the TLS record with AES-CTR with an initial IV constructed from the AES-GCM nonce. Then fixup the original mbuf chain by copying the results from the temporary buffer back into the original mbufs for any mbufs containing decrypted data. Once it has been recrypted, the mbuf chain can then be decrypted via the normal software decryption path. Co-authored by: Hans Petter Selasky <hselasky@FreeBSD.org> Reviewed by: hselasky Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D35012 |
||
---|---|---|
.. | ||
_cryptodev.h | ||
cbc_mac.c | ||
cbc_mac.h | ||
criov.c | ||
crypto.c | ||
cryptodeflate.c | ||
cryptodev_if.m | ||
cryptodev.c | ||
cryptodev.h | ||
cryptosoft.c | ||
deflate.h | ||
gfmult.c | ||
gfmult.h | ||
gmac.c | ||
gmac.h | ||
ktls_ocf.c | ||
ktls.h | ||
rmd160.c | ||
rmd160.h | ||
xform_aes_cbc.c | ||
xform_aes_icm.c | ||
xform_aes_xts.c | ||
xform_auth.h | ||
xform_cbc_mac.c | ||
xform_chacha20_poly1305.c | ||
xform_cml.c | ||
xform_comp.h | ||
xform_deflate.c | ||
xform_enc.h | ||
xform_gmac.c | ||
xform_null.c | ||
xform_poly1305.c | ||
xform_rmd160.c | ||
xform_sha1.c | ||
xform_sha2.c | ||
xform.h |