HomeFreeBSD
Diffusion FreeBSD src repository 6113a08b98e4

cryptosoft: Fully support per-operation keys for auth algorithms.
6113a08b98e4
Actions

Description

cryptosoft: Fully support per-operation keys for auth algorithms.

Only pre-allocate auth contexts when a session-wide key is provided or
for sessions without keys. For sessions with per-operation keys,
always initialize the on-stack context directly rather than
initializing the session context in swcr_authprepare (now removed) and
then copying that session context into the on-stack context.

This approach permits parallel auth operations without needing a
serializing lock. In addition, the previous code assumed that auth
sessions always provided an initial key unlike cipher sessions which
assume either an initial key or per-op keys.

While here, fix the Blake2 auth transforms to function like other auth
transforms where Setkey is invoked after Init rather than before.

Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33316

Details

Provenance
jhbAuthored on Dec 9 2021, 7:52 PM
Reviewer
markj
Differential Revision
D33316: cryptosoft: Fully support per-operation keys for auth algorithms.
Parents
rGb54d12841e1a: cryptosoft: Allocate cipher contexts on the stack during operations.
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
sys/
crypto/
blake2/
opencrypto/

rG6113a08b98e4

View Options

sys/crypto/blake2/blake2-sw.c

Loading...
View Options

sys/opencrypto/cryptosoft.c

Loading...