Dear list,
I would like to enhance drivers/crypto/mv_cesa.c by an AEAD algorithm
(at least authenc(hmac(sha1),cbc(aes))), since the driver is able to do
both operations in one go.
Unfortunately, I have found little information about this task in
Documentation/ or the web. Am I missing something? It would be really
great if you could point me to the right direction here.
Greetings, Phil
On Mon, 4 Apr 2011 19:03:37 +0200
Phil Sutter <[email protected]> wrote:
> I would like to enhance drivers/crypto/mv_cesa.c by an AEAD algorithm
> (at least authenc(hmac(sha1),cbc(aes))), since the driver is able to do
> both operations in one go.
>
> Unfortunately, I have found little information about this task in
> Documentation/ or the web. Am I missing something? It would be really
> great if you could point me to the right direction here.
use existing drivers for guidance. The following drivers implement
those types of algorithms:
drivers/crypto/caam/caamalg.c*
drivers/crypto/ixp4xx_crypto.c
drivers/crypto/picoxcell_crypto.c
drivers/crypto/talitos.c
Kim
* only available in Herbert's cryptodev-2.6 tree
Hi,
On Mon, Apr 04, 2011 at 08:35:43PM -0500, Kim Phillips wrote:
> On Mon, 4 Apr 2011 19:03:37 +0200
> Phil Sutter <[email protected]> wrote:
>
> > I would like to enhance drivers/crypto/mv_cesa.c by an AEAD algorithm
> > (at least authenc(hmac(sha1),cbc(aes))), since the driver is able to do
> > both operations in one go.
> >
> > Unfortunately, I have found little information about this task in
> > Documentation/ or the web. Am I missing something? It would be really
> > great if you could point me to the right direction here.
>
> use existing drivers for guidance. The following drivers implement
> those types of algorithms:
Thanks for the hint, although I've already found the "sample code". ;)
Was rather looking for something telling me what is crucial and what
options there are. Concrete code tends to just show the solution of a
specific problem. (My five cents to the question why code is often, but
seldomly good documentation.)
Grepping reveals IPSec (i.e., esp{4,6}.c) as the only user of AEAD so
far. Is this correct?
Greetings, Phil
On Tue, 5 Apr 2011 15:04:35 +0200
Phil Sutter <[email protected]> wrote:
> Hi,
>
> On Mon, Apr 04, 2011 at 08:35:43PM -0500, Kim Phillips wrote:
> > On Mon, 4 Apr 2011 19:03:37 +0200
> > Phil Sutter <[email protected]> wrote:
> >
> > > I would like to enhance drivers/crypto/mv_cesa.c by an AEAD algorithm
> > > (at least authenc(hmac(sha1),cbc(aes))), since the driver is able to do
> > > both operations in one go.
> > >
> > > Unfortunately, I have found little information about this task in
> > > Documentation/ or the web. Am I missing something? It would be really
> > > great if you could point me to the right direction here.
> >
> > use existing drivers for guidance. The following drivers implement
> > those types of algorithms:
>
> Thanks for the hint, although I've already found the "sample code". ;)
> Was rather looking for something telling me what is crucial and what
> options there are. Concrete code tends to just show the solution of a
> specific problem. (My five cents to the question why code is often, but
> seldomly good documentation.)
>
> Grepping reveals IPSec (i.e., esp{4,6}.c) as the only user of AEAD so
> far. Is this correct?
yep.
I started to add test vectors from [1] to crypto/testmgr.c, but it
required that drivers not assume associated data, iv, and cipher data
were contiguous in memory, and since some of them do, I don't know if
such a contribution would be acceptable upstream.
then there's the rtnetlink dependencies I mention in [2] that
also make drivers fail AEAD testmgr tests in their setkey()
implementations, IIRC, because testmgr keys aren't RTA_OK.
Kim
[1] http://grouper.ieee.org/groups/1619/email/msg01966.html
[2] http://www.mail-archive.com/[email protected]/msg05533.html
Kim Phillips <[email protected]> wrote:
>
> I started to add test vectors from [1] to crypto/testmgr.c, but it
> required that drivers not assume associated data, iv, and cipher data
> were contiguous in memory, and since some of them do, I don't know if
> such a contribution would be acceptable upstream.
Such drivers are broken and should be fixed.
> then there's the rtnetlink dependencies I mention in [2] that
> also make drivers fail AEAD testmgr tests in their setkey()
> implementations, IIRC, because testmgr keys aren't RTA_OK.
Can you elaborate on this problem?
Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Fri, 8 Apr 2011 08:55:33 +0800
Herbert Xu <[email protected]> wrote:
> Kim Phillips <[email protected]> wrote:
> >
> > I started to add test vectors from [1] to crypto/testmgr.c, but it
> > required that drivers not assume associated data, iv, and cipher data
> > were contiguous in memory, and since some of them do, I don't know if
> > such a contribution would be acceptable upstream.
>
> Such drivers are broken and should be fixed.
ok.
> > then there's the rtnetlink dependencies I mention in [2] that
> > also make drivers fail AEAD testmgr tests in their setkey()
> > implementations, IIRC, because testmgr keys aren't RTA_OK.
>
> Can you elaborate on this problem?
the following conditions in a driver setkey fail:
if (!RTA_OK(rta, keylen))
goto badkey;
if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
goto badkey;
because testmgr keys are plain strings, not rtattr structs.
Kim
On Fri, Apr 08, 2011 at 03:44:01PM -0500, Kim Phillips wrote:
> the following conditions in a driver setkey fail:
>
> if (!RTA_OK(rta, keylen))
> goto badkey;
>
> if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
> goto badkey;
>
> because testmgr keys are plain strings, not rtattr structs.
There is no reason why an authenc test vector can't use an rtattr.
The key value is a char *, so you can point it to a struct quite
easily.
Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt