git: 663ae8f7f949 - main - KTLS: Construct IV directly in crp.crp_iv for TLS 1.3 AEAD encryption.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 22 Apr 2022 22:55:22 UTC
The branch main has been updated by jhb:
URL: https://cgit.FreeBSD.org/src/commit/?id=663ae8f7f949b4d4fc0c91d8e9b2a01f56e40dc5
commit 663ae8f7f949b4d4fc0c91d8e9b2a01f56e40dc5
Author: John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2022-04-22 22:52:27 +0000
Commit: John Baldwin <jhb@FreeBSD.org>
CommitDate: 2022-04-22 22:52:27 +0000
KTLS: Construct IV directly in crp.crp_iv for TLS 1.3 AEAD encryption.
Previously this used a temporary nonce[] buffer. The decrypt hook for
TLS 1.3 as well as the hooks for TLS 1.2 already constructed the IV
directly in crp.crp_iv.
Reviewed by: hselasky
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35027
---
sys/opencrypto/ktls_ocf.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/sys/opencrypto/ktls_ocf.c b/sys/opencrypto/ktls_ocf.c
index 575a91f9fe3f..3b330bf7061c 100644
--- a/sys/opencrypto/ktls_ocf.c
+++ b/sys/opencrypto/ktls_ocf.c
@@ -564,7 +564,6 @@ ktls_ocf_tls13_aead_encrypt(struct ktls_ocf_encrypt_state *state,
struct tls_aead_data_13 *ad;
struct cryptop *crp;
struct ktls_ocf_session *os;
- char nonce[12];
int error;
os = tls->ocf_session;
@@ -575,8 +574,8 @@ ktls_ocf_tls13_aead_encrypt(struct ktls_ocf_encrypt_state *state,
crypto_initreq(crp, os->sid);
/* Setup the nonce. */
- memcpy(nonce, tls->params.iv, tls->params.iv_len);
- *(uint64_t *)(nonce + 4) ^= htobe64(m->m_epg_seqno);
+ memcpy(crp->crp_iv, tls->params.iv, tls->params.iv_len);
+ *(uint64_t *)(crp->crp_iv + 4) ^= htobe64(m->m_epg_seqno);
/* Setup the AAD. */
ad = &state->aead13;
@@ -614,8 +613,6 @@ ktls_ocf_tls13_aead_encrypt(struct ktls_ocf_encrypt_state *state,
crp->crp_op = CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST;
crp->crp_flags = CRYPTO_F_CBIMM | CRYPTO_F_IV_SEPARATE;
- memcpy(crp->crp_iv, nonce, sizeof(nonce));
-
if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
counter_u64_add(ocf_tls13_gcm_encrypts, 1);
else