Page MenuHomeFreeBSD
Differential D37371

ktls: Add tests for software AES-CBC decryption for TLS 1.1+.
ClosedPublic
Actions

Authored by jhb on Nov 12 2022, 12:02 AM.
Tags
None
Referenced Files
F98735529: D37371.diff
Fri, Oct 4, 1:25 PM
Unknown Object (File)
Mon, Sep 30, 11:10 PM
Unknown Object (File)
Fri, Sep 20, 3:20 PM
Unknown Object (File)
Fri, Sep 20, 6:15 AM
Unknown Object (File)
Wed, Sep 18, 5:14 PM
Unknown Object (File)
Mon, Sep 16, 9:26 AM
Unknown Object (File)
Sat, Sep 14, 11:04 PM
Unknown Object (File)
Thu, Sep 5, 4:31 AM
View All 52 Files
Subscribers
imp
np

Details

Reviewers
markj
Commits
rG64811651aa7c: ktls: Add tests for software AES-CBC decryption for TLS 1.1+.
Summary

Sponsored by: Chelsio Communications

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 48315
Build 45201: arc lint + arc unit

Event Timeline

jhb created this revision.Nov 12 2022, 12:02 AM
Herald added a subscriber: imp. · View Herald TranscriptNov 12 2022, 12:02 AM
jhb requested review of this revision.Nov 12 2022, 12:02 AM
Harbormaster completed remote builds in B48315: Diff 113031.Nov 12 2022, 12:02 AM
jhb added a parent revision: D37370: ktls: Add software support for AES-CBC decryption for TLS 1.1+..Nov 12 2022, 12:02 AM
jhb added a child revision: D37372: ktls_ocf: Reject encrypted TLS records using AEAD that are too small..
markj accepted this revision.Nov 14 2022, 2:59 PM
markj added inline comments.
tests/sys/kern/ktls_test.c
273

It might be worthwhile to keep the cbc_encrypt() and _decrypt() functions as wrappers. Then it's easier to read the callers since one doesn't have to remember what the bool parameter means.

893

The comment didn't move along with the old function. A comment for the new function should also explain "padding".

This revision is now accepted and ready to land.Nov 14 2022, 2:59 PM
jhb marked an inline comment as done.Nov 14 2022, 5:54 PM
jhb added inline comments.
tests/sys/kern/ktls_test.c
893

The comment is for the group of functions that encrypt TLS records (there is a similar pattern for the decrypt_tls_* functions). But yes, padding is worth documenting.

jhb marked an inline comment as done.Nov 14 2022, 6:11 PM
jhb updated this revision to Diff 113088.Nov 14 2022, 6:13 PM

Review feedback

This revision now requires review to proceed.Nov 14 2022, 6:13 PM
Harbormaster completed remote builds in B48331: Diff 113088.Nov 14 2022, 6:13 PM
markj accepted this revision.Nov 15 2022, 2:20 PM
This revision is now accepted and ready to land.Nov 15 2022, 2:20 PM
Closed by commit rG64811651aa7c: ktls: Add tests for software AES-CBC decryption for TLS 1.1+. (authored by jhb). · Explain WhyNov 15 2022, 8:04 PM
This revision was automatically updated to reflect the committed changes.
jhb added a commit: rG64811651aa7c: ktls: Add tests for software AES-CBC decryption for TLS 1.1+..

Revision Contents
Changeset List

PathSize
tests/
sys/
kern/
219 lines

Diff 113031

View Options

tests/sys/kern/ktls_test.c

Loading...