linux-toradex.git/crypto/gcm.c, branch v3.2.1 Linux kernel for Apalis and Colibri modules crypto: Use scatterwalk_crypto_chain 2010-12-02T06:47:16+00:00 Steffen Klassert steffen.klassert@secunet.com 2010-11-22T10:26:54+00:00 c920fa6051c1e7eb3733eaefd01e5bcdddb3d4c8 Use scatterwalk_crypto_chain in favor of locally defined chaining functions. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Use scatterwalk_crypto_chain in favor of locally defined chaining functions.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: gcm - Add RFC4543 wrapper for GCM 2010-01-17T10:52:11+00:00 Tobias Brunner tobias@strongswan.org 2010-01-17T10:52:11+00:00 73c89c15b959adf06366722c4be8d2eddec0a529 This patch adds the RFC4543 (GMAC) wrapper for GCM similar to the existing RFC4106 wrapper. The main differences between GCM and GMAC are the contents of the AAD and that the plaintext is empty for the latter. Signed-off-by: Tobias Brunner <tobias@strongswan.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds the RFC4543 (GMAC) wrapper for GCM similar to the
existing RFC4106 wrapper. The main differences between GCM and GMAC are
the contents of the AAD and that the plaintext is empty for the latter.

Signed-off-by: Tobias Brunner <tobias@strongswan.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: gcm - fix another complete call in complete fuction 2009-11-16T13:52:22+00:00 Huang Ying ying.huang@intel.com 2009-11-16T13:52:22+00:00 62c5593aea4b71d61dc0f37fea96c556c158a042 The flow of the complete function (xxx_done) in gcm.c is as follow: void complete(struct crypto_async_request *areq, int err) { struct aead_request *req = areq->data; if (!err) { err = async_next_step(); if (err == -EINPROGRESS || err == -EBUSY) return; } complete_for_next_step(areq, err); } But *areq may be destroyed in async_next_step(), this makes complete_for_next_step() can not work properly. To fix this, one of following methods is used for each complete function. - Add a __complete() for each complete(), which accept struct aead_request *req instead of areq, so avoid using areq after it is destroyed. - Expand complete_for_next_step(). The fixing method is based on the idea of Herbert Xu. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The flow of the complete function (xxx_done) in gcm.c is as follow:

void complete(struct crypto_async_request *areq, int err)
{
	struct aead_request *req = areq->data;

	if (!err) {
		err = async_next_step();
		if (err == -EINPROGRESS || err == -EBUSY)
			return;
	}

	complete_for_next_step(areq, err);
}

But *areq may be destroyed in async_next_step(), this makes
complete_for_next_step() can not work properly. To fix this, one of
following methods is used for each complete function.

- Add a __complete() for each complete(), which accept struct
  aead_request *req instead of areq, so avoid using areq after it is
  destroyed.

- Expand complete_for_next_step().

The fixing method is based on the idea of Herbert Xu.

Signed-off-by: Huang Ying <ying.huang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: gcm - Use GHASH digest algorithm 2009-08-06T05:34:26+00:00 Huang Ying ying.huang@intel.com 2009-08-06T05:34:26+00:00 9382d97af586a47dad312765e35c61aa7ad7fcdd Remove the dedicated GHASH implementation in GCM, and uses the GHASH digest algorithm instead. This will make GCM uses hardware accelerated GHASH implementation automatically if available. ahash instead of shash interface is used, because some hardware accelerated GHASH implementation needs asynchronous interface. Signed-off-by: Huang Ying <ying.huang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Remove the dedicated GHASH implementation in GCM, and uses the GHASH
digest algorithm instead. This will make GCM uses hardware accelerated
GHASH implementation automatically if available.

ahash instead of shash interface is used, because some hardware
accelerated GHASH implementation needs asynchronous interface.

Signed-off-by: Huang Ying <ying.huang@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] gcm: Introduce rfc4106 2008-01-10T21:16:56+00:00 Herbert Xu herbert@gondor.apana.org.au 2007-12-17T07:33:17+00:00 dadbc53d0bbde0e84c40b9f6bc5c50eb9eb7352a This patch introduces the rfc4106 wrapper for GCM just as we have an rfc4309 wrapper for CCM. The purpose of the wrapper is to include part of the IV in the key so that it can be negotiated by IPsec. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch introduces the rfc4106 wrapper for GCM just as we have an
rfc4309 wrapper for CCM.  The purpose of the wrapper is to include part
of the IV in the key so that it can be negotiated by IPsec.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] gcm: Use crypto_grab_skcipher 2008-01-10T21:16:47+00:00 Herbert Xu herbert@gondor.apana.org.au 2007-12-07T11:26:11+00:00 1472e5ebaac14dafbc0f978b5e951f1e9ca0b251 This patch converts the gcm algorithm over to crypto_grab_skcipher which is a prerequisite for IV generation. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch converts the gcm algorithm over to crypto_grab_skcipher
which is a prerequisite for IV generation.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] gcm: Allow block cipher parameter 2008-01-10T21:16:47+00:00 Herbert Xu herbert@gondor.apana.org.au 2007-12-07T12:31:10+00:00 d00aa19b507b39ee9a680d0d2ac2ae483686453a This patch adds the gcm_base template which takes a block cipher parameter instead of cipher. This allows the user to specify a specific CTR implementation. This also fixes a leak of the cipher algorithm that was previously looked up but never freed. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds the gcm_base template which takes a block cipher
parameter instead of cipher.  This allows the user to specify a
specific CTR implementation.

This also fixes a leak of the cipher algorithm that was previously
looked up but never freed.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] gcm: Add support for async ciphers 2008-01-10T21:16:42+00:00 Herbert Xu herbert@gondor.apana.org.au 2007-12-17T13:42:08+00:00 84c911523020a2e39b307a2da26ee1886b7214fe This patch adds the necessary changes for GCM to be used with async ciphers. This would allow it to be used with hardware devices that support CTR. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds the necessary changes for GCM to be used with async
ciphers.  This would allow it to be used with hardware devices that
support CTR.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] ctr: Refactor into ctr and rfc3686 2008-01-10T21:16:41+00:00 Herbert Xu herbert@gondor.apana.org.au 2007-12-17T13:34:32+00:00 5311f248b7764ba8b59e6d477355f766e5609686 As discussed previously, this patch moves the basic CTR functionality into a chainable algorithm called ctr. The IPsec-specific variant of it is now placed on top with the name rfc3686. So ctr(aes) gives a chainable cipher with IV size 16 while the IPsec variant will be called rfc3686(ctr(aes)). This patch also adjusts gcm accordingly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
As discussed previously, this patch moves the basic CTR functionality
into a chainable algorithm called ctr.  The IPsec-specific variant of
it is now placed on top with the name rfc3686.

So ctr(aes) gives a chainable cipher with IV size 16 while the IPsec
variant will be called rfc3686(ctr(aes)).  This patch also adjusts
gcm accordingly.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] gcm: Fix request context alignment 2008-01-10T21:16:40+00:00 Herbert Xu herbert@gondor.apana.org.au 2007-12-12T11:16:38+00:00 2589469d7bc69bdfad4e05d88a0d2748f92ef0f3 This patch fixes the request context alignment so that it is actually aligned to the value required by the algorithm. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch fixes the request context alignment so that it is actually
aligned to the value required by the algorithm.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>