d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0dc7076037
freebsd-skq/sys/crypto
History
Mark Johnston 0dc7076037 armv8crypto: Fix some edge cases in the AES-GCM implementation 
- We were only hashing up to the first 16 bytes of the AAD.
- When computing the digest during decryption, handle the case where
  len == trailer, i.e., len < AES_BLOCK_LEN, properly.

While here:

- trailer is always smaller than AES_BLOCK_LEN, so remove a pair of
  unnecessary modulus operations.
- Replace some byte-by-byte loops with memcpy() and memset() calls.
  In particular, zero the full block before copying a partial block into
  it since we do that elsewhere and it means that the memset() length is
  known at compile time.

Reviewed by:	jhb
Sponsored by:	Ampere Computing
Submitted by:	Klara, Inc.
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D28501
2021-02-08 09:19:07 -05:00
..
aesni aesni: Ensure that key schedules are aligned 2021-01-18 17:07:56 -05:00
armv8 armv8crypto: Fix some edge cases in the AES-GCM implementation 2021-02-08 09:19:07 -05:00
blake2 Add a <machine/fpu.h> for i386 that includes <machine/npx.h>. 2020-10-13 17:26:12 +00:00
camellia
ccp Revert r366943. It did not work as expected. 2020-12-11 00:42:53 +00:00
chacha20 Consistently use C99 fixed-width types in the in-kernel crypto code. 2020-11-03 22:27:54 +00:00
des Add CFI start/end proc directives to arm64, i386, and ppc 2020-12-05 00:33:28 +00:00
libsodium Bring in compatibility glue for libsodium 2018-08-17 00:27:56 +00:00
openssl Merge OpenSSL 1.1.1i. 2020-12-09 02:05:14 +00:00
rc4
rijndael Consistently use C99 fixed-width types in the in-kernel crypto code. 2020-11-03 22:27:54 +00:00
sha2 libmd: Always erase context in _Final method, and when doing 2018-07-20 07:01:28 +00:00
siphash
skein Consistently use C99 fixed-width types in the in-kernel crypto code. 2020-11-03 22:27:54 +00:00
via Add a <machine/fpu.h> for i386 that includes <machine/npx.h>. 2020-10-13 17:26:12 +00:00
intake.h
sha1.c Replace some K&R function definitions with ANSI C. 2020-11-03 22:32:30 +00:00
sha1.h Consistently use C99 fixed-width types in the in-kernel crypto code. 2020-11-03 22:27:54 +00:00