path: root/sys/opencrypto
diff options
authorMark Johnston <markj@FreeBSD.org>2021-02-08 14:19:07 +0000
committerMark Johnston <markj@FreeBSD.org>2021-02-08 14:19:07 +0000
commit0dc7076037a87100060309f7179ef6a01f32f99e (patch)
tree86d6cb8a8510129977a4de5b96b3e5e512267108 /sys/opencrypto
parentb5aa9ad43aead288dca0eb94fb4621991917f4e1 (diff)
armv8crypto: Fix some edge cases in the AES-GCM implementation
- We were only hashing up to the first 16 bytes of the AAD. - When computing the digest during decryption, handle the case where len == trailer, i.e., len < AES_BLOCK_LEN, properly. While here: - trailer is always smaller than AES_BLOCK_LEN, so remove a pair of unnecessary modulus operations. - Replace some byte-by-byte loops with memcpy() and memset() calls. In particular, zero the full block before copying a partial block into it since we do that elsewhere and it means that the memset() length is known at compile time. Reviewed by: jhb Sponsored by: Ampere Computing Submitted by: Klara, Inc. MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D28501
Diffstat (limited to 'sys/opencrypto')
0 files changed, 0 insertions, 0 deletions