#
aebcea9c |
| 06-Feb-2024 |
Aaron LI <aly@aaronly.me> |
crypto: Add two comments to _chacha20poly1305_final()
It's actually not hard to understand, but add comments to make it quite clear.
|
#
117b0b40 |
| 08-Jan-2024 |
Aaron LI <aly@aaronly.me> |
crypto/chachapoly: Allow output be NULL in decrypting empty plaintext
Don't distinguish the input cipher data from AD by checking whether the output buffer is NULL, because it's actually valid to pa
crypto/chachapoly: Allow output be NULL in decrypting empty plaintext
Don't distinguish the input cipher data from AD by checking whether the output buffer is NULL, because it's actually valid to pass it as NULL when to decrypt a message of empty plaintext. And it's really used by WireGuard.
So separate the AD process code into a separate helper function named _chacha20poly1305_update_ad(). Update the assertions to not blindly assert 'out != NULL'. Also add a note about this special case to the header file.
show more ...
|
#
37273911 |
| 24-Nov-2023 |
Aaron LI <aly@aaronly.me> |
crypto: Implement chacha20poly1305 in-place process for mbuf chains
Implement the chacha20poly1305_{encrypt,decrypt}_mbuf() functions that performs in-place encryption and decryption for data in an
crypto: Implement chacha20poly1305 in-place process for mbuf chains
Implement the chacha20poly1305_{encrypt,decrypt}_mbuf() functions that performs in-place encryption and decryption for data in an mbuf chain.
The in-kernel WireGuard will use these two functions to encrypt/decrypt packets.
show more ...
|
#
59e2d684 |
| 23-Nov-2023 |
Aaron LI <aly@aaronly.me> |
crypto: Refactor the chacha20poly1305 code to be more flexible
Introduce the 'chacha20poly1305_ctx' struct to hold the context, and implement the _init()/_update()/_final() functions as the building
crypto: Refactor the chacha20poly1305 code to be more flexible
Introduce the 'chacha20poly1305_ctx' struct to hold the context, and implement the _init()/_update()/_final() functions as the building blocks to perform encryption/decryption in a more generic way.
The main intention is to help implement the in-place encryption and decryption of data in an mbuf chain. That would reduce the unnecessary memory allocations and data copies in packet manipulations, as needed by the in-kernel WireGuard. This API will be done in a later commit.
Rewrite the original chacha20poly1305_{encrypt,decrypt}() functions using the new blocks.
show more ...
|
#
6f63b8fa |
| 22-Nov-2023 |
Aaron LI <aly@aaronly.me> |
crypto: Add ChaCha20-Poly1305 and XChaCha20-Poly1305 AEAD
Derived from OpenBSD with significant modifications by me:
- Removed unused code to hook into the cryptosoft framework. - Adjusted the inte
crypto: Add ChaCha20-Poly1305 and XChaCha20-Poly1305 AEAD
Derived from OpenBSD with significant modifications by me:
- Removed unused code to hook into the cryptosoft framework. - Adjusted the interface to align with the IETF RFC document (e.g., make the nonce a byte string other than a uint64_t), so that the code becomes more generic.
References: - RFC 8439: ChaCha20 and Poly1305 for IETF Protocols - RFC draft: XChaCha: eXtended-nonce ChaCha and AEAD_XChaCha20_Poly1305
show more ...
|