From: Pascal Van Leeuwen <pvanleeuwen@verimatrix.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Pascal van Leeuwen <pascalvanl@gmail.com>
Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
Antoine Tenart <antoine.tenart@bootlin.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Subject: RE: [PATCH 1/3] crypto: inside-secure - Added support for authenc HMAC-SHA1/DES-CBC
Date: Fri, 13 Sep 2019 16:17:08 +0000 [thread overview]
Message-ID: <MN2PR20MB2973F80500C43C22E05B2332CAB30@MN2PR20MB2973.namprd20.prod.outlook.com> (raw)
In-Reply-To: <CAKv+Gu_qMDxNDYnMOmV1mA4+JwX3eAB3B-4aC=YJ07oZrz+wCg@mail.gmail.com>
> -----Original Message-----
> From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Sent: Friday, September 13, 2019 5:27 PM
> To: Pascal van Leeuwen <pascalvanl@gmail.com>
> Cc: open list:HARDWARE RANDOM NUMBER GENERATOR CORE <linux-crypto@vger.kernel.org>;
> Antoine Tenart <antoine.tenart@bootlin.com>; Herbert Xu <herbert@gondor.apana.org.au>;
> David S. Miller <davem@davemloft.net>; Pascal Van Leeuwen <pvanleeuwen@verimatrix.com>
> Subject: Re: [PATCH 1/3] crypto: inside-secure - Added support for authenc HMAC-
> SHA1/DES-CBC
>
> On Fri, 13 Sep 2019 at 16:06, Pascal van Leeuwen <pascalvanl@gmail.com> wrote:
> >
> > This patch adds support for the authenc(hmac(sha1),cbc(des)) aead
> >
> > Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
>
> Please make sure your code is based on cryptodev/master before sending
> it to the list.
>
Looks like with this patchset and the previous (SHA3) patchset I forgot
to add the disclaimer that it applies on top of the previous patchset.
Mea culpa.
So there you go: "Added support for authenc HMAC-SHA1/DES-CBC" applies
on top of "Added (HMAC) SHA3 support", which applies on top of
"Add support for SM4 ciphers".
> --
> Ard.
>
> > ---
> > drivers/crypto/inside-secure/safexcel.c | 1 +
> > drivers/crypto/inside-secure/safexcel.h | 1 +
> > drivers/crypto/inside-secure/safexcel_cipher.c | 45 ++++++++++++++++++++++++++
> > 3 files changed, 47 insertions(+)
> >
> > diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-
> secure/safexcel.c
> > index 12cb939..617c70b 100644
> > --- a/drivers/crypto/inside-secure/safexcel.c
> > +++ b/drivers/crypto/inside-secure/safexcel.c
> > @@ -1195,6 +1195,7 @@ static int safexcel_request_ring_irq(void *pdev, int irqid,
> > &safexcel_alg_hmac_sha3_256,
> > &safexcel_alg_hmac_sha3_384,
> > &safexcel_alg_hmac_sha3_512,
> > + &safexcel_alg_authenc_hmac_sha1_cbc_des,
> > };
> >
> > static int safexcel_register_algorithms(struct safexcel_crypto_priv *priv)
> > diff --git a/drivers/crypto/inside-secure/safexcel.h b/drivers/crypto/inside-
> secure/safexcel.h
> > index 82953b3..b020e27 100644
> > --- a/drivers/crypto/inside-secure/safexcel.h
> > +++ b/drivers/crypto/inside-secure/safexcel.h
> > @@ -895,5 +895,6 @@ int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned
> int keylen,
> > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_256;
> > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_384;
> > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_512;
> > +extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des;
> >
> > #endif
> > diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-
> secure/safexcel_cipher.c
> > index bf2b1f9..435f184 100644
> > --- a/drivers/crypto/inside-secure/safexcel_cipher.c
> > +++ b/drivers/crypto/inside-secure/safexcel_cipher.c
> > @@ -348,6 +348,7 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8
> *key,
> > struct safexcel_crypto_priv *priv = ctx->priv;
> > struct crypto_authenc_keys keys;
> > struct crypto_aes_ctx aes;
> > + u32 tmp[DES_EXPKEY_WORDS];
> > u32 flags;
> > int err = -EINVAL;
> >
> > @@ -367,6 +368,16 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const
> u8 *key,
> >
> > /* Encryption key */
> > switch (ctx->alg) {
> > + case SAFEXCEL_DES:
> > + if (keys.enckeylen != DES_KEY_SIZE)
> > + goto badkey;
> > + err = des_ekey(tmp, key);
> > + if (unlikely(!err && (tfm->crt_flags &
> > + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) {
> > + tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
> > + goto badkey_expflags;
> > + }
> > + break;
> > case SAFEXCEL_3DES:
> > if (keys.enckeylen != DES3_EDE_KEY_SIZE)
> > goto badkey;
> > @@ -1854,6 +1865,40 @@ struct safexcel_alg_template
> safexcel_alg_authenc_hmac_sha1_cbc_des3_ede = {
> > },
> > };
> >
> > +static int safexcel_aead_sha1_des_cra_init(struct crypto_tfm *tfm)
> > +{
> > + struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> > +
> > + safexcel_aead_sha1_cra_init(tfm);
> > + ctx->alg = SAFEXCEL_DES; /* override default */
> > + return 0;
> > +}
> > +
> > +struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des = {
> > + .type = SAFEXCEL_ALG_TYPE_AEAD,
> > + .algo_mask = SAFEXCEL_ALG_DES | SAFEXCEL_ALG_SHA1,
> > + .alg.aead = {
> > + .setkey = safexcel_aead_setkey,
> > + .encrypt = safexcel_aead_encrypt,
> > + .decrypt = safexcel_aead_decrypt,
> > + .ivsize = DES_BLOCK_SIZE,
> > + .maxauthsize = SHA1_DIGEST_SIZE,
> > + .base = {
> > + .cra_name = "authenc(hmac(sha1),cbc(des))",
> > + .cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-des",
> > + .cra_priority = SAFEXCEL_CRA_PRIORITY,
> > + .cra_flags = CRYPTO_ALG_ASYNC |
> > + CRYPTO_ALG_KERN_DRIVER_ONLY,
> > + .cra_blocksize = DES_BLOCK_SIZE,
> > + .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
> > + .cra_alignmask = 0,
> > + .cra_init = safexcel_aead_sha1_des_cra_init,
> > + .cra_exit = safexcel_aead_cra_exit,
> > + .cra_module = THIS_MODULE,
> > + },
> > + },
> > +};
> > +
> > static int safexcel_aead_sha1_ctr_cra_init(struct crypto_tfm *tfm)
> > {
> > struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> > --
> > 1.8.3.1
> >
Regards,
Pascal van Leeuwen
Silicon IP Architect, Multi-Protocol Engines @ Verimatrix
www.insidesecure.com
next prev parent reply other threads:[~2019-09-13 16:17 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-13 14:03 [PATCH 0/3] crypto: inside-secure - Added more authenc w/ (3)DES Pascal van Leeuwen
2019-09-13 14:03 ` [PATCH 1/3] crypto: inside-secure - Added support for authenc HMAC-SHA1/DES-CBC Pascal van Leeuwen
2019-09-13 15:26 ` Ard Biesheuvel
2019-09-13 16:17 ` Pascal Van Leeuwen [this message]
2019-09-13 16:23 ` Ard Biesheuvel
2019-09-13 16:32 ` Pascal Van Leeuwen
2019-09-13 14:03 ` [PATCH 2/3] crypto: inside-secure - Added support for authenc HMAC-SHA2/3DES-CBC Pascal van Leeuwen
2019-09-13 14:03 ` [PATCH 3/3] crypto: inside-secure - Added support for authenc HMAC-SHA2/DES-CBC Pascal van Leeuwen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=MN2PR20MB2973F80500C43C22E05B2332CAB30@MN2PR20MB2973.namprd20.prod.outlook.com \
--to=pvanleeuwen@verimatrix.com \
--cc=antoine.tenart@bootlin.com \
--cc=ard.biesheuvel@linaro.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=pascalvanl@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).