src - FreeBSD source tree

diff options

author	Marcin Wojtas <mw@FreeBSD.org>	2020-10-16 11:21:56 +0000
committer	Marcin Wojtas <mw@FreeBSD.org>	2020-10-16 11:21:56 +0000
commit	efac54cb2fb640f6bbbea2d38d5cad0d484d2338 (patch)
tree	9a325d21f311eaf8d8d8f1b4cfb69c5690a6430a /sys/net
parent	6038018ab16a448e5a791febb69283991bf4c4db (diff)
download	src-efac54cb2fb640f6bbbea2d38d5cad0d484d2338.tar.gz src-efac54cb2fb640f6bbbea2d38d5cad0d484d2338.zip

Add support for ESN in AES-NI crypto driver

This patch adds support for IPsec ESN (Extended Sequence Numbers) in encrypt and authenticate mode (eg. AES-CBC and SHA256) and combined mode (eg. AES-GCM). For the encrypt and authenticate mode the ESN is stored in separate crp_esn buffer because the high-order 32 bits of the sequence number are appended after the Next Header (RFC 4303). For the combined modes the high-order 32 bits of the sequence number [e.g. RFC 4106, Chapter 5 AAD Construction] are part of crp_aad (prepared by netipsec layer in case of ESN support enabled), therefore non visible diff around combined modes. Submitted by: Grzegorz Jaszczyk <jaz@semihalf.com> Patryk Duda <pdk@semihalf.com> Reviewed by: jhb Differential revision: https://reviews.freebsd.org/D22365 Obtained from: Semihalf Sponsored by: Stormshield

Notes

Notes: svn path=/head/; revision=366754

Diffstat (limited to 'sys/net')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: