Re: Test AEAD/authenc algorithms from userspace

On 21-12-2016 14:24, Herbert Xu wrote: > On Mon, Dec 19, 2016 at 04:08:11PM +0530, Harsh Jain wrote: >> Hi Herbert, >> >> TLS default mode of operation is MAC-then-Encrypt for Authenc algos. >> Currently framework only supports EtM used in IPSec. User space >> programs like openssl cannot use

Re: Test AEAD/authenc algorithms from userspace

On Mon, Dec 19, 2016 at 04:08:11PM +0530, Harsh Jain wrote: > Hi Herbert, > > TLS default mode of operation is MAC-then-Encrypt for Authenc algos. > Currently framework only supports EtM used in IPSec. User space > programs like openssl cannot use af-alg interface to encrypt/decrypt > in TLS

Re: Test AEAD/authenc algorithms from userspace

Hi Herbert, TLS default mode of operation is MAC-then-Encrypt for Authenc algos. Currently framework only supports EtM used in IPSec. User space programs like openssl cannot use af-alg interface to encrypt/decrypt in TLS mode. Are we going to support Mac-then-Encrypt mode in future kernel

Re: Test AEAD/authenc algorithms from userspace

Am Dienstag, 31. Mai 2016, 17:22:12 schrieb Harsh Jain: Hi Harsh, > Hi, > > 1) User can use libkcapi to write program for finup/digest. > 2) No, kernel test for finup (not sure). > 3) We can test all callback of new hash tfm drivers added in kernel. > 4) My driver had issue in finup path which

Re: Test AEAD/authenc algorithms from userspace

Hi, 1) User can use libkcapi to write program for finup/digest. 2) No, kernel test for finup (not sure). 3) We can test all callback of new hash tfm drivers added in kernel. 4) My driver had issue in finup path which is not caught by kcapi test program :) regards Harsh Jain regards Harsh Jain

Re: Test AEAD/authenc algorithms from userspace

Am Dienstag, 31. Mai 2016, 16:28:14 schrieb Harsh Jain: Hi Harsh, > Hi Stephen, > > Yes ,It's for Hash. The available API in library for hash update > "_kcapi_md_update" uses "MSG_MORE" flag always set. It will not > trigger driver's digest/finup implementation. We need something like > that >

Re: Test AEAD/authenc algorithms from userspace

Hi Stephen, Yes ,It's for Hash. The available API in library for hash update "_kcapi_md_update" uses "MSG_MORE" flag always set. It will not trigger driver's digest/finup implementation. We need something like that _kcapi_common_accept() send(handle->opfd, buffer, len, 0); ==> flag = 0. It

Re: Test AEAD/authenc algorithms from userspace

Am Dienstag, 31. Mai 2016, 14:45:27 schrieb Harsh Jain: Hi Harsh, > Hi, > > Thanks Stephen, I will check the same.1 suggestion for kcapi tool. Add > some switch cases in tool to test digest and finup path of crypto > driver. Current implementation triggers only init/update/final. You mean for

Re: Test AEAD/authenc algorithms from userspace

Hi, Thanks Stephen, I will check the same.1 suggestion for kcapi tool. Add some switch cases in tool to test digest and finup path of crypto driver. Current implementation triggers only init/update/final. Regards Harsh Jain On Tue, May 31, 2016 at 2:29 PM, Stephan Mueller

Re: Test AEAD/authenc algorithms from userspace

Am Dienstag, 31. Mai 2016, 14:10:20 schrieb Harsh Jain: Hi Harsh, > Hi, > > You means to say like this > > ./kcapi -x 2 -e -c "authenc(hmac(sha1),cbc(aes))" -p > 48981da18e4bb9ef7e2e3162d16b19108b19050f66582cb7f7e4b6c873819b71 -k >

Re: Test AEAD/authenc algorithms from userspace

Hi, You means to say like this ./kcapi -x 2 -e -c "authenc(hmac(sha1),cbc(aes))" -p 48981da18e4bb9ef7e2e3162d16b19108b19050f66582cb7f7e4b6c873819b71 -k 8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -i 7fbc02ebf5b93322329df9bfccb635af -a afcd7202d621e06ca53b70c2bdff7fb2 -l

Re: Test AEAD/authenc algorithms from userspace

Am Dienstag, 31. Mai 2016, 12:31:16 schrieb Harsh Jain: Hi Harsh, > Hi All, > > How can we open socket of type "authenc(hmac(sha256),cbc(aes))" from > userspace program.I check libkcapi library. It has test programs for > GCM/CCM. There are 3 types of approaches to Authenticated Encryption, >

Test AEAD/authenc algorithms from userspace

Hi All, How can we open socket of type "authenc(hmac(sha256),cbc(aes))" from userspace program.I check libkcapi library. It has test programs for GCM/CCM. There are 3 types of approaches to Authenticated Encryption, Which of them is supported in crypto framework. 1) Encrypt-then-MAC (EtM)