2011-04-01 08:07:28

by Vladimir Zapolskiy

[permalink] [raw]
Subject: crypto_alg and alignment

Hello Herbert,

I'm trying to implement a driver for one hardware crypto engine, and
on the current stage I work with AES algorithm, and I have a couple of
open questions.

1) What shall be guaranteed from crypto engine by providing
cra_blocksize and cra_alignmask values in crypto_alg definition? If
they are provided, can I rely that in ablkcipher request I get
aligned source and destination, and size of each chunk in sglist is
aligned to cra_blocksize?

2) I've taken a look at
http://www.mail-archive.com/[email protected]/msg04903.html
and I wonder, is someone working with SOCK_STREAM protocol
realization for AF_ALG? And is there some planned activities about
implementing setsockopt support for ALG_SET_IV, ALG_SET_OP etc. in
algif_skcipher?

Thank you in advance.

With best wishes,
Vladimir


2011-04-02 14:41:48

by Herbert Xu

[permalink] [raw]
Subject: Re: crypto_alg and alignment

Vladimir Zapolskiy <[email protected]> wrote:
>
> I'm trying to implement a driver for one hardware crypto engine, and
> on the current stage I work with AES algorithm, and I have a couple of
> open questions.
>
> 1) What shall be guaranteed from crypto engine by providing
> cra_blocksize and cra_alignmask values in crypto_alg definition? If
> they are provided, can I rely that in ablkcipher request I get
> aligned source and destination, and size of each chunk in sglist is
> aligned to cra_blocksize?

The block size is that of the underlying block cipher algorithm,
e.g., 16 for AES. The alignmask is the required alignment minus 1.

Unlike skcipher which gets preprocessed input data that is always
aligned, ablkcipher gets the raw input (apart from setkey which
will ensure that the key is aligned).

However, the ablkcipher helpers in crypto/ablkcipher.c will help
you to align things where necessary.

> 2) I've taken a look at
> http://www.mail-archive.com/[email protected]/msg04903.html
> and I wonder, is someone working with SOCK_STREAM protocol
> realization for AF_ALG? And is there some planned activities about
> implementing setsockopt support for ALG_SET_IV, ALG_SET_OP etc. in
> algif_skcipher?

It's already in the kernel as of 2.6.38.

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt