Page MenuHomeFreeBSD

ossl: Add a fallback AES-GCM implementation using AES-NI
ClosedPublic

Authored by markj on May 4 2023, 7:10 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jan 23, 6:34 PM
Unknown Object (File)
Mon, Jan 13, 7:34 PM
Unknown Object (File)
Sat, Jan 11, 10:37 AM
Unknown Object (File)
Mon, Jan 6, 1:42 AM
Unknown Object (File)
Dec 19 2024, 10:13 AM
Unknown Object (File)
Nov 29 2024, 5:11 PM
Unknown Object (File)
Nov 29 2024, 5:11 PM
Unknown Object (File)
Nov 29 2024, 3:40 PM
Subscribers

Details

Summary

This lets one use ossl(4) for AES-GCM operations on contemporary
amd64 platforms.

Bulk processing is done in aesni-gcm-x86_64.S, the rest is handled in a
C wrapper ported from OpenSSL's gcm128.c.

Sponsored by: Stormshield
Sponsored by: Klara, Inc.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 51346
Build 48237: arc lint + arc unit

Event Timeline

markj requested review of this revision.May 4 2023, 7:10 PM

Does the man page need an update to mention AES?

  • Mention AES-GCM in ossl.4.

Port gcm128_(en|de)crypt_ctr32() as well, this includes loop unrolling which
helps throughput with small (< ~256) buffers that are not handled by the
bulk processing done in aesni_gcm_(en|de)crypt().

This revision is now accepted and ready to land.May 8 2023, 6:03 PM