freebsd-nq/sys/opencrypto
John Baldwin 4361c4eb6e cryptosoft: Fix support for variable tag lengths in AES-CCM.
The tag length is included as one of the values in the flags byte of
block 0 passed to CBC_MAC, so merely copying the first N bytes is
insufficient.

To avoid adding more sideband data to the CBC MAC software context,
pull the generation of block 0, the AAD length, and AAD padding out of
cbc_mac.c and into cryptosoft.c.  This matches how GCM/GMAC are
handled where the length block is constructed in cryptosoft.c and
passed as an input to the Update callback.  As a result, the CBC MAC
Update() routine is now much simpler and simply performs the
XOR-and-encrypt step on each input block.

While here, avoid a copy to the staging block in the Update routine
when one or more full blocks are passed as input to the Update
callback.

Reviewed by:	sef
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32120
2021-10-06 14:08:48 -07:00
..
_cryptodev.h
cbc_mac.c cryptosoft: Fix support for variable tag lengths in AES-CCM. 2021-10-06 14:08:48 -07:00
cbc_mac.h cryptosoft: Fix support for variable tag lengths in AES-CCM. 2021-10-06 14:08:48 -07:00
criov.c crypto: Remove now-unused crypto_cursor_seg{base,len}. 2021-06-16 15:23:16 -07:00
crypto.c crypto: Support multiple nonce lengths for AES-CCM. 2021-10-06 14:08:47 -07:00
cryptodeflate.c Replace some K&R function definitions with ANSI C. 2020-11-03 22:32:30 +00:00
cryptodev_if.m OCF: Remove support for asymmetric cryptographic operations. 2021-04-12 14:28:43 -07:00
cryptodev.c cryptodev: Allow some CIOCCRYPT operations with an empty payload. 2021-10-06 14:08:47 -07:00
cryptodev.h crypto: Support multiple nonce lengths for AES-CCM. 2021-10-06 14:08:47 -07:00
cryptosoft.c cryptosoft: Fix support for variable tag lengths in AES-CCM. 2021-10-06 14:08:48 -07:00
deflate.h Consistently use C99 fixed-width types in the in-kernel crypto code. 2020-11-03 22:27:54 +00:00
gfmult.c Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
gfmult.h Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
gmac.c Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
gmac.h Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
ktls_ocf.c ktls: Support asynchronous dispatch of AEAD ciphers. 2021-08-30 13:11:52 -07:00
ktls.h ktls: Support asynchronous dispatch of AEAD ciphers. 2021-08-30 13:11:52 -07:00
rmd160.c Consistently use C99 fixed-width types in the in-kernel crypto code. 2020-11-03 22:27:54 +00:00
rmd160.h Consistently use C99 fixed-width types in the in-kernel crypto code. 2020-11-03 22:27:54 +00:00
xform_aes_icm.c crypto: Support multiple nonce lengths for AES-CCM. 2021-10-06 14:08:47 -07:00
xform_aes_xts.c crypto: Permit variable-sized IVs for ciphers with a reinit hook. 2021-10-06 14:08:46 -07:00
xform_auth.h crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_cbc_mac.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_chacha20_poly1305.c crypto: Permit variable-sized IVs for ciphers with a reinit hook. 2021-10-06 14:08:46 -07:00
xform_cml.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_comp.h crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_deflate.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_enc.h crypto: Permit variable-sized IVs for ciphers with a reinit hook. 2021-10-06 14:08:46 -07:00
xform_gmac.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_null.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_poly1305.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_rijndael.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_rmd160.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_sha1.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform_sha2.c crypto: Constify all transform descriptors 2021-07-26 16:41:05 -04:00
xform.c Remove MD5 HMAC from OCF. 2020-05-11 22:08:08 +00:00
xform.h Remove MD5 HMAC from OCF. 2020-05-11 22:08:08 +00:00