1. 11 1月, 2008 8 次提交
    • H
      [CRYPTO] authenc: Fix typo in ivsize · c2c61f51
      Herbert Xu 提交于
      The ivsize should be fetched from ablkcipher, not blkcipher.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      c2c61f51
    • H
      [CRYPTO] scatterwalk: Move scatterwalk.h to linux/crypto · 42c271c6
      Herbert Xu 提交于
      The scatterwalk infrastructure is used by algorithms so it needs to
      move out of crypto for future users that may live in drivers/crypto
      or asm/*/crypto.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      42c271c6
    • H
      [CRYPTO] aead: Return EBADMSG for ICV mismatch · fe70f5df
      Herbert Xu 提交于
      This patch changes gcm/authenc to return EBADMSG instead of EINVAL for
      ICV mismatches.  This convention has already been adopted by IPsec.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      fe70f5df
    • H
      [CRYPTO] authenc: Fix hash verification · 481f34ae
      Herbert Xu 提交于
      The previous code incorrectly included the hash in the verification which
      also meant that we'd crash and burn when it comes to actually verifying
      the hash since we'd go past the end of the SG list.
      
      This patch fixes that by subtracting authsize from cryptlen at the start.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      481f34ae
    • H
      [CRYPTO] authenc: Move enckeylen into key itself · e236d4a8
      Herbert Xu 提交于
      Having enckeylen as a template parameter makes it a pain for hardware
      devices that implement ciphers with many key sizes since each one would
      have to be registered separately.
      
      Since the authenc algorithm is mainly used for legacy purposes where its
      key is going to be constructed out of two separate keys, we can in fact
      embed this value into the key itself.
      
      This patch does this by prepending an rtnetlink header to the key that
      contains the encryption key length.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      e236d4a8
    • H
      [CRYPTO] aead: Make authsize a run-time parameter · 7ba683a6
      Herbert Xu 提交于
      As it is authsize is an algorithm paramter which cannot be changed at
      run-time.  This is inconvenient because hardware that implements such
      algorithms would have to register each authsize that they support
      separately.
      
      Since authsize is a property common to all AEAD algorithms, we can add
      a function setauthsize that sets it at run-time, just like setkey.
      
      This patch does exactly that and also changes authenc so that authsize
      is no longer a parameter of its template.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      7ba683a6
    • H
      [CRYPTO] authenc: Use or instead of max on alignment masks · e29bc6ad
      Herbert Xu 提交于
      Since alignment masks are always one less than a power of two, we can
      use binary or to find their maximum.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      e29bc6ad
    • H
      [CRYPTO] ablkcipher: Add distinct ABLKCIPHER type · 332f8840
      Herbert Xu 提交于
      Up until now we have ablkcipher algorithms have been identified as
      type BLKCIPHER with the ASYNC bit set.  This is suboptimal because
      ablkcipher refers to two things.  On the one hand it refers to the
      top-level ablkcipher interface with requests.  On the other hand it
      refers to and algorithm type underneath.
      
      As it is you cannot request a synchronous block cipher algorithm
      with the ablkcipher interface on top.  This is a problem because
      we want to be able to eventually phase out the blkcipher top-level
      interface.
      
      This patch fixes this by making ABLKCIPHER its own type, just as
      we have distinct types for HASH and DIGEST.  The type it associated
      with the algorithm implementation only.
      
      Which top-level interface is used for synchronous block ciphers is
      then determined by the mask that's used.  If it's a specific mask
      then the old blkcipher interface is given, otherwise we go with the
      new ablkcipher interface.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      332f8840
  2. 23 11月, 2007 1 次提交
  3. 11 10月, 2007 2 次提交
    • H
      [CRYPTO] authenc: Kill spaces in algorithm names · e4c5c6c9
      Herbert Xu 提交于
      We do not allow spaces in algorithm names or parameters.  Thanks to Joy Latten
      for pointing this out.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      e4c5c6c9
    • H
      [CRYPTO] aead: Add authenc · 3c09f17c
      Herbert Xu 提交于
      This patch adds the authenc algorithm which constructs an AEAD algorithm
      from an asynchronous block cipher and a hash.  The construction is done
      by concatenating the encrypted result from the cipher with the output
      from the hash, as is used by the IPsec ESP protocol.
      
      The authenc algorithm exists as a template with four parameters:
      
      	authenc(auth, authsize, enc, enckeylen).
      
      The authentication algorithm, the authentication size (i.e., truncating
      the output of the authentication algorithm), the encryption algorithm,
      and the encryption key length.  Both the size field and the key length
      field are in bytes.  For example, AES-128 with SHA1-HMAC would be
      represented by
      
      	authenc(hmac(sha1), 12, cbc(aes), 16)
      
      The key for the authenc algorithm is the concatenation of the keys for
      the authentication algorithm with the encryption algorithm.  For the
      above example, if a key of length 36 bytes is given, then hmac(sha1)
      would receive the first 20 bytes while the last 16 would be given to
      cbc(aes).
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      3c09f17c