diff --git a/share/man/man9/crypto_request.9 b/share/man/man9/crypto_request.9 index 8ba075b06cf0..6253e49dfb32 100644 --- a/share/man/man9/crypto_request.9 +++ b/share/man/man9/crypto_request.9 @@ -302,6 +302,24 @@ as a single buffer pointed to by In either case, .Fa crp_aad_length always indicates the amount of AAD in bytes. +.Ss Request ESN +IPsec requests may optionally include Extended Sequence Numbers (ESN). +ESN may either be supplied in +.Fa crp_esn +or as part of the AAD pointed to by +.Fa crp_aad . +.Pp +If the ESN is stored in +.Fa crp_esn , +.Dv CSP_F_ESN +should be set in +.Fa csp_flags . +This use case is dedicated for encrypt and authenticate mode, since the +high-order 32 bits of the sequence number are appended after the Next Header +(RFC 4303). +.Pp +AEAD modes supply the ESN in a separate AAD buffer (see e.g. RFC 4106, Chapter 5 +AAD Construction). .Ss Request IV and/or Nonce Some cryptographic operations require an IV or nonce as an input. An IV may be stored either in the IV region of the data buffer or in diff --git a/share/man/man9/crypto_session.9 b/share/man/man9/crypto_session.9 index c370039a51d1..78bc5e736655 100644 --- a/share/man/man9/crypto_session.9 +++ b/share/man/man9/crypto_session.9 @@ -201,6 +201,15 @@ Sessions with this flag set permit requests with AAD passed in either in a region of the input buffer or in a single, virtually-contiguous buffer. Sessions without this flag only permit requests with AAD passed in as a region in the input buffer. +.It Dv CSP_F_ESN +Support requests that use a separate buffer for IPsec ESN (Extended Sequence +Numbers). +.Pp +Sessions with this flag set permit requests with IPsec ESN passed in special +buffer. +It is required for IPsec ESN support of encrypt and authenticate mode where +the high-order 32 bits of the sequence number are appended after the Next +Header (RFC 4303). .El .It Fa csp_ivlen If either the cipher or authentication algorithms require an explicit diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c index b4e0f06f3588..dd20e64df4fa 100644 --- a/sys/opencrypto/crypto.c +++ b/sys/opencrypto/crypto.c @@ -743,6 +743,8 @@ alg_is_aead(int alg) return (alg_type(alg) == ALG_AEAD); } +#define SUPPORTED_SES (CSP_F_SEPARATE_OUTPUT | CSP_F_SEPARATE_AAD | CSP_F_ESN) + /* Various sanity checks on crypto session parameters. */ static bool check_csp(const struct crypto_session_params *csp) @@ -750,8 +752,7 @@ check_csp(const struct crypto_session_params *csp) struct auth_hash *axf; /* Mode-independent checks. */ - if ((csp->csp_flags & ~(CSP_F_SEPARATE_OUTPUT | CSP_F_SEPARATE_AAD)) != - 0) + if ((csp->csp_flags & ~(SUPPORTED_SES)) != 0) return (false); if (csp->csp_ivlen < 0 || csp->csp_cipher_klen < 0 || csp->csp_auth_klen < 0 || csp->csp_auth_mlen < 0) diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h index 2f2963edcb51..de85fff925ab 100644 --- a/sys/opencrypto/cryptodev.h +++ b/sys/opencrypto/cryptodev.h @@ -377,6 +377,7 @@ struct crypto_session_params { #define CSP_F_SEPARATE_OUTPUT 0x0001 /* Requests can use separate output */ #define CSP_F_SEPARATE_AAD 0x0002 /* Requests can use separate AAD */ +#define CSP_F_ESN 0x0004 /* Requests can use seperate ESN field */ int csp_ivlen; /* IV length in bytes. */ @@ -485,6 +486,8 @@ struct cryptop { void *crp_aad; /* AAD buffer. */ int crp_aad_start; /* Location of AAD. */ int crp_aad_length; /* 0 => no AAD. */ + uint8_t crp_esn[4]; /* high-order ESN */ + int crp_iv_start; /* Location of IV. IV length is from * the session. */