Re: [BUGFIX] crypto: Fix ctr(aes) testing by specifying geniv
On Thu, Aug 13, 2009 at 02:53:00PM +1000, Herbert Xu wrote: I'll look into it. Oh I see what's going on. It's the switch from chainiv to eseqiv that created the error. I'll apply your patch. Thanks, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: crypto: ansi_cprng - Do not select FIPS
On Fri, Jun 19, 2009 at 08:55:00AM -0400, Neil Horman wrote: Thanks! Thats definately an oversight. Likely I included it because I was implementing it as part of the FIPS effort. The CPRNG definately works fine, even if fips is disabled. Although I think the relationship should be reversed, not just removed, as FIPS support requires the use of the CPRNG. Something like this: commit d9645d88d97e81c6528f311ee126df79a0d27501 Author: Neil Horman nhor...@tuxdriver.com Date: Fri Jun 19 08:52:37 2009 -0400 Fix CPRNG/FIPS dependency The ANSI CPRNG has no dependence on FIPS support. FIPS support however, requires the use of the CPRNG. Adjust that depedency relationship in Kconfig Signed-off-by: Neil Horman nhor...@tuxdriver.com Hmm, I just noticed that all my crypto modules have been marked as built-in again because of this patch. As you're selecting a tristate from a bool, it causes CPRNG and everything under it to be built-in. I'm going to revert this patch. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [BUGFIX] crypto: Fix ctr(aes) testing by specifying geniv
On Thu, Aug 13, 2009 at 05:39:10PM +1000, Herbert Xu wrote: Oh I see what's going on. It's the switch from chainiv to eseqiv that created the error. I'll apply your patch. Actually we can't use seqiv on raw counter mode because it cannot guarantee IV uniqueness. I think reverting to chainiv is the safer option. commit aef27136b8b5e526f2e96ca1caa30a6d07e70f42 Author: Herbert Xu herb...@gondor.apana.org.au Date: Thu Aug 13 23:10:39 2009 +1000 crypto: ctr - Use chainiv on raw counter mode Raw counter mode only works with chainiv, which is no longer the default IV generator on SMP machines. This broke raw counter mode as it can no longer instantiate as a givcipher. This patch fixes it by always picking chainiv on raw counter mode. This is based on the diagnosis and a patch by Huang Ying. Signed-off-by: Herbert Xu herb...@gondor.apana.org.au diff --git a/crypto/ctr.c b/crypto/ctr.c index 2d7425f..6c3bfab 100644 --- a/crypto/ctr.c +++ b/crypto/ctr.c @@ -219,6 +219,8 @@ static struct crypto_instance *crypto_ctr_alloc(struct rtattr **tb) inst-alg.cra_blkcipher.encrypt = crypto_ctr_crypt; inst-alg.cra_blkcipher.decrypt = crypto_ctr_crypt; + inst-alg.cra_blkcipher.geniv = chainiv; + out: crypto_mod_put(alg); return inst; Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: crypto: ansi_cprng - Do not select FIPS
On Thu, Aug 13, 2009 at 09:29:55PM +1000, Herbert Xu wrote: On Fri, Jun 19, 2009 at 08:55:00AM -0400, Neil Horman wrote: Thanks! Thats definately an oversight. Likely I included it because I was implementing it as part of the FIPS effort. The CPRNG definately works fine, even if fips is disabled. Although I think the relationship should be reversed, not just removed, as FIPS support requires the use of the CPRNG. Something like this: commit d9645d88d97e81c6528f311ee126df79a0d27501 Author: Neil Horman nhor...@tuxdriver.com Date: Fri Jun 19 08:52:37 2009 -0400 Fix CPRNG/FIPS dependency The ANSI CPRNG has no dependence on FIPS support. FIPS support however, requires the use of the CPRNG. Adjust that depedency relationship in Kconfig Signed-off-by: Neil Horman nhor...@tuxdriver.com Hmm, I just noticed that all my crypto modules have been marked as built-in again because of this patch. As you're selecting a tristate from a bool, it causes CPRNG and everything under it to be built-in. I'm going to revert this patch. Is there a good way to select a tristate from a bool? The logic is the right thing to do above, it just seems the mechanism comes up a bit short Neil Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [BUGFIX] crypto: Fix ctr(aes) testing by specifying geniv
On Thu, 2009-08-13 at 21:12 +0800, Herbert Xu wrote: On Thu, Aug 13, 2009 at 05:39:10PM +1000, Herbert Xu wrote: Oh I see what's going on. It's the switch from chainiv to eseqiv that created the error. I'll apply your patch. Actually we can't use seqiv on raw counter mode because it cannot guarantee IV uniqueness. I think reverting to chainiv is the safer option. I see seqiv is used in rfc3686 mode, it means seqiv can not be used on raw counter mode but can be used for rfc3686? Best Regards, Huang Ying -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [BUGFIX] crypto: Fix ctr(aes) testing by specifying geniv
On Fri, Aug 14, 2009 at 09:01:07AM +0800, Huang Ying wrote: I see seqiv is used in rfc3686 mode, it means seqiv can not be used on raw counter mode but can be used for rfc3686? Yeah, with rfc3686 a portion of the counter is available for counting bytes within each request. This allows a sequential IV to be safely used as each IV is essentially 2^32 blocks apart. With raw counter mode as soon as you process two blocks in one request the next IV would collide with one that has alreay been used. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC PATCH v2] Add VMAC(AES) to Linux for intel_txt support
On Tue, Aug 11, 2009 at 01:05:57AM +0800, Shane Wang wrote: For the comment This is unnecessary. Please use the standard kernel helpers from asm/byteorder.h (which you get by including linux/kernel.h). The current code distinguishes some macro implementations according to different platforms to improve the MACing speed, which is one of the reasons VMAC is very fast for MACing. Do we need to give these up? I'm talking about your macros such as get64BE/get64LE. We have identical standard kernel helpers be64_to_cpu/le64_to_cpu which should already be optimal. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmVHI~} herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-crypto in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html