upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-04-22 06:39:32 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/crypto
History
Marcin Wojtas efac54cb2f Add support for ESN in AES-NI crypto driver 
This patch adds support for IPsec ESN (Extended Sequence Numbers) in
encrypt and authenticate mode (eg. AES-CBC and SHA256) and combined mode
(eg. AES-GCM).

For the encrypt and authenticate mode the ESN is stored in separate
crp_esn buffer because the high-order 32 bits of the sequence number are
appended after the Next Header (RFC 4303).

For the combined modes the high-order 32 bits of the sequence number
[e.g.  RFC 4106, Chapter 5 AAD Construction] are part of crp_aad
(prepared by netipsec layer in case of ESN support enabled), therefore
non visible diff around combined modes.

Submitted by:           Grzegorz Jaszczyk <jaz@semihalf.com>
                        Patryk Duda <pdk@semihalf.com>
Reviewed by:            jhb
Differential revision:  https://reviews.freebsd.org/D22365
Obtained from:          Semihalf
Sponsored by:           Stormshield
2020-10-16 11:21:56 +00:00
..
aesni Add support for ESN in AES-NI crypto driver 2020-10-16 11:21:56 +00:00
armv8 Don't return errors from the cryptodev_process() method. 2020-09-08 22:41:35 +00:00
blake2 Add a <machine/fpu.h> for i386 that includes <machine/npx.h>. 2020-10-13 17:26:12 +00:00
camellia
ccp crypto(9): add CRYPTO_BUF_VMPAGE 2020-08-26 02:37:42 +00:00
chacha20 Improve support for stream ciphers in the software encryption interface. 2020-05-22 16:29:09 +00:00
des Stop using des_cblock * for arguments to DES functions. 2019-08-26 17:25:07 +00:00
libsodium Bring in compatibility glue for libsodium 2018-08-17 00:27:56 +00:00
rc4
rijndael rijndael (AES): Avoid leaking sensitive data on kernel stack 2018-10-26 20:53:01 +00:00
sha2 libmd: Always erase context in _Final method, and when doing 2018-07-20 07:01:28 +00:00
siphash Fix C++ includability of crypto headers with static array sizes 2016-10-18 23:20:49 +00:00
skein [skein] Fix compile issue with unknown symbol SKEIN_ASM_UNROLL1024 2020-10-14 20:55:31 +00:00
via Add a <machine/fpu.h> for i386 that includes <machine/npx.h>. 2020-10-13 17:26:12 +00:00
intake.h Implement boot-time encryption key passing (keybuf) 2017-04-01 05:05:22 +00:00
sha1.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
sha1.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00