d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
eb5a54f880
freebsd-dev/sys/crypto/aesni
History
Marcin Wojtas efac54cb2f Add support for ESN in AES-NI crypto driver 
This patch adds support for IPsec ESN (Extended Sequence Numbers) in
encrypt and authenticate mode (eg. AES-CBC and SHA256) and combined mode
(eg. AES-GCM).

For the encrypt and authenticate mode the ESN is stored in separate
crp_esn buffer because the high-order 32 bits of the sequence number are
appended after the Next Header (RFC 4303).

For the combined modes the high-order 32 bits of the sequence number
[e.g.  RFC 4106, Chapter 5 AAD Construction] are part of crp_aad
(prepared by netipsec layer in case of ESN support enabled), therefore
non visible diff around combined modes.

Submitted by:           Grzegorz Jaszczyk <jaz@semihalf.com>
                        Patryk Duda <pdk@semihalf.com>
Reviewed by:            jhb
Differential revision:  https://reviews.freebsd.org/D22365
Obtained from:          Semihalf
Sponsored by:           Stormshield
2020-10-16 11:21:56 +00:00
..
aesencdec.h
aeskeys_amd64.S
aeskeys_i386.S
aesni_ccm.c Fix AES-CCM requests with an AAD size smaller than a single block. 2020-06-12 21:33:02 +00:00
aesni_ghash.c
aesni_os.h
aesni_wrap.c
aesni.c Add support for ESN in AES-NI crypto driver 2020-10-16 11:21:56 +00:00
aesni.h Add a <machine/fpu.h> for i386 that includes <machine/npx.h>. 2020-10-13 17:26:12 +00:00
intel_sha1.c
intel_sha256.c
sha_sse.h