John Baldwin 42dcd39528 crypto: Support Chacha20-Poly1305 with a nonce size of 8 bytes. ...

This is useful for WireGuard which uses a nonce of 8 bytes rather
than the 12 bytes used for IPsec and TLS.

Note that this also fixes a (should be) harmless bug in ossl(4) where
the counter was incorrectly treated as a 64-bit counter instead of a
32-bit counter in terms of wrapping when using a 12 byte nonce.
However, this required a single message (TLS record) longer than 64 *
(2^32 - 1) bytes (about 256 GB) to trigger.

Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32122

2021-10-06 14:08:49 -07:00

..

aesni

aesni: Support AES-CCM requests with a truncated tag.

2021-10-06 14:08:48 -07:00

armv8

Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights

2021-08-08 10:42:24 -04:00

blake2

crypto: Constify all transform descriptors

2021-07-26 16:41:05 -04:00

camellia

crypto(4): Fix a few typos in camellia.c

2021-09-04 13:02:11 +02:00

ccp

ccp, ccr: Simplify drivers to assume an AES-GCM IV length of 12.

2021-10-06 14:08:46 -07:00

chacha20

crypto: Permit variable-sized IVs for ciphers with a reinit hook.

2021-10-06 14:08:46 -07:00

des

Add CFI start/end proc directives to arm64, i386, and ppc

2020-12-05 00:33:28 +00:00

libsodium

…

openssl

crypto: Support Chacha20-Poly1305 with a nonce size of 8 bytes.

2021-10-06 14:08:49 -07:00

rc4

…

rijndael

Consistently use C99 fixed-width types in the in-kernel crypto code.

2020-11-03 22:27:54 +00:00

sha2

Use arm64 sha256 intrinsics in libmd

2021-08-11 10:20:48 +00:00

siphash

…

skein

Consistently use C99 fixed-width types in the in-kernel crypto code.

2020-11-03 22:27:54 +00:00

via

crypto: Constify all transform descriptors

2021-07-26 16:41:05 -04:00

intake.h

…

sha1.c

Replace some K&R function definitions with ANSI C.

2020-11-03 22:32:30 +00:00

sha1.h

Consistently use C99 fixed-width types in the in-kernel crypto code.

2020-11-03 22:27:54 +00:00