* aead: driver side documentation
@ 2011-04-04 17:03 Phil Sutter
2011-04-05 1:35 ` Kim Phillips
0 siblings, 1 reply; 7+ messages in thread
From: Phil Sutter @ 2011-04-04 17:03 UTC (permalink / raw)
To: linux-crypto
Dear list,
I would like to enhance drivers/crypto/mv_cesa.c by an AEAD algorithm
(at least authenc(hmac(sha1),cbc(aes))), since the driver is able to do
both operations in one go.
Unfortunately, I have found little information about this task in
Documentation/ or the web. Am I missing something? It would be really
great if you could point me to the right direction here.
Greetings, Phil
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: aead: driver side documentation
2011-04-04 17:03 aead: driver side documentation Phil Sutter
@ 2011-04-05 1:35 ` Kim Phillips
2011-04-05 13:04 ` Phil Sutter
0 siblings, 1 reply; 7+ messages in thread
From: Kim Phillips @ 2011-04-05 1:35 UTC (permalink / raw)
To: Phil Sutter; +Cc: linux-crypto
On Mon, 4 Apr 2011 19:03:37 +0200
Phil Sutter <phil@nwl.cc> wrote:
> I would like to enhance drivers/crypto/mv_cesa.c by an AEAD algorithm
> (at least authenc(hmac(sha1),cbc(aes))), since the driver is able to do
> both operations in one go.
>
> Unfortunately, I have found little information about this task in
> Documentation/ or the web. Am I missing something? It would be really
> great if you could point me to the right direction here.
use existing drivers for guidance. The following drivers implement
those types of algorithms:
drivers/crypto/caam/caamalg.c*
drivers/crypto/ixp4xx_crypto.c
drivers/crypto/picoxcell_crypto.c
drivers/crypto/talitos.c
Kim
* only available in Herbert's cryptodev-2.6 tree
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: aead: driver side documentation
2011-04-05 1:35 ` Kim Phillips
@ 2011-04-05 13:04 ` Phil Sutter
2011-04-06 0:21 ` Kim Phillips
0 siblings, 1 reply; 7+ messages in thread
From: Phil Sutter @ 2011-04-05 13:04 UTC (permalink / raw)
To: Kim Phillips; +Cc: linux-crypto
Hi,
On Mon, Apr 04, 2011 at 08:35:43PM -0500, Kim Phillips wrote:
> On Mon, 4 Apr 2011 19:03:37 +0200
> Phil Sutter <phil@nwl.cc> wrote:
>
> > I would like to enhance drivers/crypto/mv_cesa.c by an AEAD algorithm
> > (at least authenc(hmac(sha1),cbc(aes))), since the driver is able to do
> > both operations in one go.
> >
> > Unfortunately, I have found little information about this task in
> > Documentation/ or the web. Am I missing something? It would be really
> > great if you could point me to the right direction here.
>
> use existing drivers for guidance. The following drivers implement
> those types of algorithms:
Thanks for the hint, although I've already found the "sample code". ;)
Was rather looking for something telling me what is crucial and what
options there are. Concrete code tends to just show the solution of a
specific problem. (My five cents to the question why code is often, but
seldomly good documentation.)
Grepping reveals IPSec (i.e., esp{4,6}.c) as the only user of AEAD so
far. Is this correct?
Greetings, Phil
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: aead: driver side documentation
2011-04-05 13:04 ` Phil Sutter
@ 2011-04-06 0:21 ` Kim Phillips
2011-04-08 0:55 ` Herbert Xu
0 siblings, 1 reply; 7+ messages in thread
From: Kim Phillips @ 2011-04-06 0:21 UTC (permalink / raw)
To: Phil Sutter; +Cc: linux-crypto
On Tue, 5 Apr 2011 15:04:35 +0200
Phil Sutter <phil@nwl.cc> wrote:
> Hi,
>
> On Mon, Apr 04, 2011 at 08:35:43PM -0500, Kim Phillips wrote:
> > On Mon, 4 Apr 2011 19:03:37 +0200
> > Phil Sutter <phil@nwl.cc> wrote:
> >
> > > I would like to enhance drivers/crypto/mv_cesa.c by an AEAD algorithm
> > > (at least authenc(hmac(sha1),cbc(aes))), since the driver is able to do
> > > both operations in one go.
> > >
> > > Unfortunately, I have found little information about this task in
> > > Documentation/ or the web. Am I missing something? It would be really
> > > great if you could point me to the right direction here.
> >
> > use existing drivers for guidance. The following drivers implement
> > those types of algorithms:
>
> Thanks for the hint, although I've already found the "sample code". ;)
> Was rather looking for something telling me what is crucial and what
> options there are. Concrete code tends to just show the solution of a
> specific problem. (My five cents to the question why code is often, but
> seldomly good documentation.)
>
> Grepping reveals IPSec (i.e., esp{4,6}.c) as the only user of AEAD so
> far. Is this correct?
yep.
I started to add test vectors from [1] to crypto/testmgr.c, but it
required that drivers not assume associated data, iv, and cipher data
were contiguous in memory, and since some of them do, I don't know if
such a contribution would be acceptable upstream.
then there's the rtnetlink dependencies I mention in [2] that
also make drivers fail AEAD testmgr tests in their setkey()
implementations, IIRC, because testmgr keys aren't RTA_OK.
Kim
[1] http://grouper.ieee.org/groups/1619/email/msg01966.html
[2] http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg05533.html
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: aead: driver side documentation
2011-04-06 0:21 ` Kim Phillips
@ 2011-04-08 0:55 ` Herbert Xu
2011-04-08 20:44 ` Kim Phillips
0 siblings, 1 reply; 7+ messages in thread
From: Herbert Xu @ 2011-04-08 0:55 UTC (permalink / raw)
To: Kim Phillips; +Cc: phil, linux-crypto
Kim Phillips <kim.phillips@freescale.com> wrote:
>
> I started to add test vectors from [1] to crypto/testmgr.c, but it
> required that drivers not assume associated data, iv, and cipher data
> were contiguous in memory, and since some of them do, I don't know if
> such a contribution would be acceptable upstream.
Such drivers are broken and should be fixed.
> then there's the rtnetlink dependencies I mention in [2] that
> also make drivers fail AEAD testmgr tests in their setkey()
> implementations, IIRC, because testmgr keys aren't RTA_OK.
Can you elaborate on this problem?
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: aead: driver side documentation
2011-04-08 0:55 ` Herbert Xu
@ 2011-04-08 20:44 ` Kim Phillips
2011-04-15 8:46 ` Herbert Xu
0 siblings, 1 reply; 7+ messages in thread
From: Kim Phillips @ 2011-04-08 20:44 UTC (permalink / raw)
To: Herbert Xu; +Cc: phil, linux-crypto
On Fri, 8 Apr 2011 08:55:33 +0800
Herbert Xu <herbert@gondor.apana.org.au> wrote:
> Kim Phillips <kim.phillips@freescale.com> wrote:
> >
> > I started to add test vectors from [1] to crypto/testmgr.c, but it
> > required that drivers not assume associated data, iv, and cipher data
> > were contiguous in memory, and since some of them do, I don't know if
> > such a contribution would be acceptable upstream.
>
> Such drivers are broken and should be fixed.
ok.
> > then there's the rtnetlink dependencies I mention in [2] that
> > also make drivers fail AEAD testmgr tests in their setkey()
> > implementations, IIRC, because testmgr keys aren't RTA_OK.
>
> Can you elaborate on this problem?
the following conditions in a driver setkey fail:
if (!RTA_OK(rta, keylen))
goto badkey;
if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
goto badkey;
because testmgr keys are plain strings, not rtattr structs.
Kim
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: aead: driver side documentation
2011-04-08 20:44 ` Kim Phillips
@ 2011-04-15 8:46 ` Herbert Xu
0 siblings, 0 replies; 7+ messages in thread
From: Herbert Xu @ 2011-04-15 8:46 UTC (permalink / raw)
To: Kim Phillips; +Cc: phil, linux-crypto
On Fri, Apr 08, 2011 at 03:44:01PM -0500, Kim Phillips wrote:
> the following conditions in a driver setkey fail:
>
> if (!RTA_OK(rta, keylen))
> goto badkey;
>
> if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
> goto badkey;
>
> because testmgr keys are plain strings, not rtattr structs.
There is no reason why an authenc test vector can't use an rtattr.
The key value is a char *, so you can point it to a struct quite
easily.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2011-04-15 8:46 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-04-04 17:03 aead: driver side documentation Phil Sutter
2011-04-05 1:35 ` Kim Phillips
2011-04-05 13:04 ` Phil Sutter
2011-04-06 0:21 ` Kim Phillips
2011-04-08 0:55 ` Herbert Xu
2011-04-08 20:44 ` Kim Phillips
2011-04-15 8:46 ` Herbert Xu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.