diff options
author | Andrew Gallatin <gallatin@gmail.com> | 2018-10-22 11:02:19 -0400 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-10-31 10:24:32 +0000 |
commit | 2111f5c2834a838c4fc1ca981fddf80cbc589dfc (patch) | |
tree | f818b3f6a402ec5948107eea9ce7a691db00789f /ssl/t1_enc.c | |
parent | 181ea366f67f46cab093d6a7bbb1b2f35125b9f2 (diff) |
Add support for in-kernel TLS (KTLS) on FreeBSD.
- Check for the <sys/ktls.h> header to determine if KTLS support
is available.
- Populate a tls_enable structure with session key material for
supported algorithms. At present, AES-GCM128/256 and AES-CBC128/256
with SHA1 and SHA2-256 HMACs are supported. For AES-CBC, only MtE
is supported.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10045)
Diffstat (limited to 'ssl/t1_enc.c')
-rw-r--r-- | ssl/t1_enc.c | 45 |
1 files changed, 44 insertions, 1 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 64806a333c..09bfb45884 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -151,11 +151,15 @@ int tls1_change_cipher_state(SSL *s, int which) size_t n, i, j, k, cl; int reuse_dd = 0; #ifndef OPENSSL_NO_KTLS +# ifdef __FreeBSD__ + struct tls_enable crypto_info; +# else struct tls12_crypto_info_aes_gcm_128 crypto_info; - BIO *bio; unsigned char geniv[12]; int count_unprocessed; int bit; +# endif + BIO *bio; #endif c = s->s3.tmp.new_sym_enc; @@ -387,6 +391,42 @@ int tls1_change_cipher_state(SSL *s, int which) if (ssl_get_max_send_fragment(s) != SSL3_RT_MAX_PLAIN_LENGTH) goto skip_ktls; +# ifdef __FreeBSD__ + memset(&crypto_info, 0, sizeof(crypto_info)); + switch (s->s3.tmp.new_cipher->algorithm_enc) { + case SSL_AES128GCM: + case SSL_AES256GCM: + crypto_info.cipher_algorithm = CRYPTO_AES_NIST_GCM_16; + crypto_info.iv_len = EVP_GCM_TLS_FIXED_IV_LEN; + break; + case SSL_AES128: + case SSL_AES256: + if (s->ext.use_etm) + goto skip_ktls; + switch (s->s3.tmp.new_cipher->algorithm_mac) { + case SSL_SHA1: + crypto_info.auth_algorithm = CRYPTO_SHA1_HMAC; + break; + case SSL_SHA256: + crypto_info.auth_algorithm = CRYPTO_SHA2_256_HMAC; + break; + default: + goto skip_ktls; + } + crypto_info.cipher_algorithm = CRYPTO_AES_CBC; + crypto_info.iv_len = EVP_CIPHER_iv_length(c); + crypto_info.auth_key = ms; + crypto_info.auth_key_len = *mac_secret_size; + break; + default: + goto skip_ktls; + } + crypto_info.cipher_key = key; + crypto_info.cipher_key_len = EVP_CIPHER_key_length(c); + crypto_info.iv = iv; + crypto_info.tls_vmajor = (s->version >> 8) & 0x000000ff; + crypto_info.tls_vminor = (s->version & 0x000000ff); +# else /* check that cipher is AES_GCM_128 */ if (EVP_CIPHER_nid(c) != NID_aes_128_gcm || EVP_CIPHER_mode(c) != EVP_CIPH_GCM_MODE @@ -396,6 +436,7 @@ int tls1_change_cipher_state(SSL *s, int which) /* check version is 1.2 */ if (s->version != TLS1_2_VERSION) goto skip_ktls; +# endif if (which & SSL3_CC_WRITE) bio = s->wbio; @@ -422,6 +463,7 @@ int tls1_change_cipher_state(SSL *s, int which) goto err; } +# ifndef __FreeBSD__ memset(&crypto_info, 0, sizeof(crypto_info)); crypto_info.info.cipher_type = TLS_CIPHER_AES_GCM_128; crypto_info.info.version = s->version; @@ -455,6 +497,7 @@ int tls1_change_cipher_state(SSL *s, int which) count_unprocessed--; } } +# endif /* ktls works with user provided buffers directly */ if (BIO_set_ktls(bio, &crypto_info, which & SSL3_CC_WRITE)) { |