Date: Tue, 20 Jun 2023 14:54:08 GMT From: John Baldwin <jhb@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 474d9290eb9e - main - ossl: Don't try to initialize the cipher for Chacha20+Poly1305. Message-ID: <202306201454.35KEs8LQ095322@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=474d9290eb9e9f0e636c7f814d0d10ba5147149f commit 474d9290eb9e9f0e636c7f814d0d10ba5147149f Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2023-06-20 14:53:50 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2023-06-20 14:53:50 +0000 ossl: Don't try to initialize the cipher for Chacha20+Poly1305. Chacha20+Poly1305 doesn't use an ossl_cipher instance the way AES-GCM does, so ossl_lookup_cipher() failed causing ossl_newsession() to always fail for Chacha20+Poly1305 sessions. Reported by: gallatin (ktls_test fails with ossl.ko loaded) Fixes: 9a3444d91c70 ossl: Add a VAES-based AES-GCM implementation for amd64 Tested by: gallatin Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D40580 --- sys/crypto/openssl/ossl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/crypto/openssl/ossl.c b/sys/crypto/openssl/ossl.c index 723d1a80543d..25897cae0dca 100644 --- a/sys/crypto/openssl/ossl.c +++ b/sys/crypto/openssl/ossl.c @@ -301,7 +301,8 @@ ossl_newsession(device_t dev, crypto_session_t cses, error = ossl_newsession_cipher(s, csp); break; case CSP_MODE_AEAD: - error = ossl_newsession_cipher(s, csp); + if (csp->csp_cipher_alg != CRYPTO_CHACHA20_POLY1305) + error = ossl_newsession_cipher(s, csp); break; default: __assert_unreachable();
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202306201454.35KEs8LQ095322>