Re: [PATCH] crypto: x86/aes-ni - fix build error following fpu template removal
On Fri, Oct 05, 2018 at 10:13:06AM -0700, Eric Biggers wrote: > From: Eric Biggers > > aesni-intel_glue.c still calls crypto_fpu_init() and crypto_fpu_exit() > to register/unregister the "fpu" template. But these functions don't > exist anymore, causing a build error. Remove the calls to them. > > Fixes: 944585a64f5e ("crypto: x86/aes-ni - remove special handling of AES in > PCBC mode") > Signed-off-by: Eric Biggers > --- > arch/x86/crypto/aesni-intel_glue.c | 13 + > 1 file changed, 1 insertion(+), 12 deletions(-) Patch applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
On Tue, Oct 02, 2018 at 10:22:15PM -0700, Eric Biggers wrote: > From: Eric Biggers > > In the new arm64 CTS-CBC implementation, return an error code rather > than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set > cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to > indicate the minimum input size. > > Fixes: dd597fb33ff0 ("crypto: arm64/aes-blk - add support for CTS-CBC mode") > Signed-off-by: Eric Biggers Patch applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH 0/3] crypto: mxs-dcp - Fix tcrypt on imx6
On Tue, Oct 02, 2018 at 07:01:46PM +, Leonard Crestez wrote: > The mxs-dcp driver currently fails to probe on imx6. Fix the whole thing > by porting a cleaned/squashed version of fixes carried in the NXP vendor > tree. > > Tested with "modprobe tcrypt" and CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=n > on imx6sl imx6sll imx6ull: no failures. > > I'm not very familiar with crypto and did not write write these fixes so > a skeptical review would be appreciated. > > Previously: > https://lore.kernel.org/patchwork/patch/989652/ > > Dan Douglass (1): > crypto: mxs-dcp - Implement sha import/export > > Radu Solea (2): > crypto: mxs-dcp - Fix SHA null hashes and output length > crypto: mxs-dcp - Fix AES issues > > drivers/crypto/mxs-dcp.c | 121 --- > 1 file changed, 101 insertions(+), 20 deletions(-) All applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: caam/qi2 - avoid double export
On Tue, Oct 02, 2018 at 10:56:19PM +0200, Arnd Bergmann wrote: > Both the caam ctrl file and dpaa2_caam export a couple of flags. They > use an #ifdef check to make sure that each flag is only built once, > but this fails if they are both loadable modules: > > WARNING: drivers/crypto/caam/dpaa2_caam: 'caam_little_end' exported twice. > Previous export was in drivers/crypto/caam/caam.ko > WARNING: drivers/crypto/caam/dpaa2_caam: 'caam_imx' exported twice. Previous > export was in drivers/crypto/caam/caam.ko > > Change the #ifdef to an IS_ENABLED() check in order to make it work in > all configurations. It may be better to redesign this aspect of the > two drivers in a cleaner way. > > Fixes: 8d818c105501 ("crypto: caam/qi2 - add DPAA2-CAAM driver") > Signed-off-by: Arnd Bergmann > --- > drivers/crypto/caam/caamalg_qi2.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Patch applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH v2 0/2] crypto - fix aegis/morus for big endian systems
On Mon, Oct 01, 2018 at 10:36:36AM +0200, Ard Biesheuvel wrote: > Some bug fixes for issues that I stumbled upon while working on other > stuff. > > Changes since v1: > - add Ondrej's ack to #1 > - simplify #2 and drop unrelated performance tweak > > Ard Biesheuvel (2): > crypto: morus/generic - fix for big endian systems > crypto: aegis/generic - fix for big endian systems > > crypto/aegis.h | 20 +--- > crypto/morus1280.c | 7 ++- > crypto/morus640.c | 16 > 3 files changed, 15 insertions(+), 28 deletions(-) All applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: cavium/nitrox - Fix format strings
On Tue, Oct 02, 2018 at 11:00:03PM +0200, Arnd Bergmann wrote: > The return type of atomic64_read() is unfortunately architecture > specific, it can be 'long', 'long long', or 's64'. When it is 'long', > we get a build warning: > > drivers/crypto/cavium/nitrox/nitrox_debugfs.c: In function 'stats_show': > drivers/crypto/cavium/nitrox/nitrox_debugfs.c:62:30: error: format '%lld' > expects argument of type 'long long int', but argument 3 has type 'long int' > [-Werror=format=] > seq_printf(s, " Posted: %lld\n", atomic64_read(&ndev->stats.posted)); >~~~^ >%ld > drivers/crypto/cavium/nitrox/nitrox_debugfs.c:63:33: error: format '%lld' > expects argument of type 'long long int', but argument 3 has type 'long int' > [-Werror=format=] > seq_printf(s, " Completed: %lld\n", > ~~~^ > %ld > drivers/crypto/cavium/nitrox/nitrox_debugfs.c:65:31: error: format '%lld' > expects argument of type 'long long int', but argument 3 has type 'long int' > [-Werror=format=] > > Add an explicit cast to 's64' to get a consistent behavior on all > architectures here during compile testing. > > Fixes: 2a8780be9c26 ("crypto: cavium/nitrox - updated debugfs information.") > Signed-off-by: Arnd Bergmann This patch doesn't apply to cryptodev because the bug has already been fixed by another patch. Thanks, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] drivers: crypto: caam: kconfig: create menu for CAAM
Franck LENORMAND wrote: > The CAAM driver has multiple configuration and all are listed > in the crypto menu. > > This patch create a menu dedicated to the Freescale CAAM driver. > > Signed-off-by: Franck LENORMAND > --- > drivers/crypto/caam/Kconfig | 4 > 1 file changed, 4 insertions(+) > > diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig > index 1eb8527..fb87245 100644 > --- a/drivers/crypto/caam/Kconfig > +++ b/drivers/crypto/caam/Kconfig > @@ -1,3 +1,5 @@ > +menu "Freescale CAAM" > + > config CRYPTO_DEV_FSL_CAAM >tristate "Freescale CAAM-Multicore driver backend" >depends on FSL_SOC || ARCH_MXC || ARCH_LAYERSCAPE > @@ -152,3 +154,5 @@ config CRYPTO_DEV_FSL_CAAM_DEBUG > config CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC >def_tristate (CRYPTO_DEV_FSL_CAAM_CRYPTO_API || \ > CRYPTO_DEV_FSL_CAAM_CRYPTO_API_QI) > + > +endmenu Please rebase this on the current cryptodev tree as it doesn't apply. Thanks, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
WE NOTICED
I am contacting you because my office noticed you have an unclaimed Inheritance contact me immediately for further details.
[PATCH] crypto/testmgr.c: fix sizeof() on COMP_BUF_SIZE
After allocation, output and decomp_output both point to memory chunks of size COMP_BUF_SIZE. Then, only the first bytes are zeroed out using sizeof(COMP_BUF_SIZE) as parameter to memset(), because sizeof(COMP_BUF_SIZE) provides the size of the constant and not the size of allocated memory. Instead, the whole allocated memory is meant to be zeroed out. Use COMP_BUF_SIZE as parameter to memset() directly in order to accomplish this. Fixes: 336073840a872 ("crypto: testmgr - Allow different compression results") Signed-off-by: Michael Schupikov --- crypto/testmgr.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index a1d42245082a..790aa3536631 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -1400,8 +1400,8 @@ static int test_comp(struct crypto_comp *tfm, int ilen; unsigned int dlen = COMP_BUF_SIZE; - memset(output, 0, sizeof(COMP_BUF_SIZE)); - memset(decomp_output, 0, sizeof(COMP_BUF_SIZE)); + memset(output, 0, COMP_BUF_SIZE); + memset(decomp_output, 0, COMP_BUF_SIZE); ilen = ctemplate[i].inlen; ret = crypto_comp_compress(tfm, ctemplate[i].input, @@ -1445,7 +1445,7 @@ static int test_comp(struct crypto_comp *tfm, int ilen; unsigned int dlen = COMP_BUF_SIZE; - memset(decomp_output, 0, sizeof(COMP_BUF_SIZE)); + memset(decomp_output, 0, COMP_BUF_SIZE); ilen = dtemplate[i].inlen; ret = crypto_comp_decompress(tfm, dtemplate[i].input, -- 2.19.0
[PATCH 1/2] crypto: streebog - add Streebog hash function
Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986) generic hash transformation. Signed-off-by: Vitaly Chikunov --- crypto/Kconfig| 12 + crypto/Makefile |1 + crypto/streebog_generic.c | 1142 + include/crypto/streebog.h | 34 ++ 4 files changed, 1189 insertions(+) create mode 100644 crypto/streebog_generic.c create mode 100644 include/crypto/streebog.h diff --git a/crypto/Kconfig b/crypto/Kconfig index f3e40ac56d93..587c32f65cfe 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -986,6 +986,18 @@ config CRYPTO_SM3 http://www.oscca.gov.cn/UpFile/20101222141857786.pdf https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash +config CRYPTO_STREEBOG + tristate "Streebog Hash Function" + select CRYPTO_HASH + help + Streebog Hash Function (GOST R 34.11-2012, RFC 6986) is one of the Russian + cryptographic standard algorithms (called GOST algorithms). + This setting enables two hash algorithms with 256 and 512 bits output. + + References: + https://tc26.ru/upload/iblock/fed/feddbb4d26b685903faa2ba11aea43f6.pdf + https://tools.ietf.org/html/rfc6986 + config CRYPTO_TGR192 tristate "Tiger digest algorithms" select CRYPTO_HASH diff --git a/crypto/Makefile b/crypto/Makefile index 6d1d40eeb964..65be945da35c 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -70,6 +70,7 @@ obj-$(CONFIG_CRYPTO_SHA256) += sha256_generic.o obj-$(CONFIG_CRYPTO_SHA512) += sha512_generic.o obj-$(CONFIG_CRYPTO_SHA3) += sha3_generic.o obj-$(CONFIG_CRYPTO_SM3) += sm3_generic.o +obj-$(CONFIG_CRYPTO_STREEBOG) += streebog_generic.o obj-$(CONFIG_CRYPTO_WP512) += wp512.o CFLAGS_wp512.o := $(call cc-option,-fno-schedule-insns) # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79149 obj-$(CONFIG_CRYPTO_TGR192) += tgr192.o diff --git a/crypto/streebog_generic.c b/crypto/streebog_generic.c new file mode 100644 index ..d1cb3c6b74c5 --- /dev/null +++ b/crypto/streebog_generic.c @@ -0,0 +1,1142 @@ +// SPDX-License-Identifier: GPL-2.0+ OR BSD-2-Clause +/* + * Streebog hash function as specified by GOST R 34.11-2012 and + * described at https://tools.ietf.org/html/rfc6986 + * + * Copyright (c) 2013 Alexey Degtyarev + * Copyright (c) 2018 Vitaly Chikunov + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define X(x, y, z) { \ + (z)->qword[0] = (x)->qword[0] ^ (y)->qword[0]; \ + (z)->qword[1] = (x)->qword[1] ^ (y)->qword[1]; \ + (z)->qword[2] = (x)->qword[2] ^ (y)->qword[2]; \ + (z)->qword[3] = (x)->qword[3] ^ (y)->qword[3]; \ + (z)->qword[4] = (x)->qword[4] ^ (y)->qword[4]; \ + (z)->qword[5] = (x)->qword[5] ^ (y)->qword[5]; \ + (z)->qword[6] = (x)->qword[6] ^ (y)->qword[6]; \ + (z)->qword[7] = (x)->qword[7] ^ (y)->qword[7]; \ +} + +#define XLPS(x, y, data) { \ + register u64 r0, r1, r2, r3, r4, r5, r6, r7; \ + int _i; \ + \ + r0 = le64_to_cpu((x)->qword[0] ^ (y)->qword[0]); \ + r1 = le64_to_cpu((x)->qword[1] ^ (y)->qword[1]); \ + r2 = le64_to_cpu((x)->qword[2] ^ (y)->qword[2]); \ + r3 = le64_to_cpu((x)->qword[3] ^ (y)->qword[3]); \ + r4 = le64_to_cpu((x)->qword[4] ^ (y)->qword[4]); \ + r5 = le64_to_cpu((x)->qword[5] ^ (y)->qword[5]); \ + r6 = le64_to_cpu((x)->qword[6] ^ (y)->qword[6]); \ + r7 = le64_to_cpu((x)->qword[7] ^ (y)->qword[7]); \ + \ + for (_i = 0; _i <= 7; _i++) { \ + (data)->qword[_i] = cpu_to_le64(Ax[0][r0 & 0xFF]); \ + (data)->qword[_i] ^= cpu_to_le64(Ax[1][r1 & 0xFF]); \ + (data)->qword[_i] ^= cpu_to_le64(Ax[2][r2 & 0xFF]); \ + (data)->qword[_i] ^= cpu_to_le64(Ax[3][r3 & 0xFF]); \ + (data)->qword[_i] ^= cpu_to_le64(Ax[4][r4 & 0xFF]); \ + (data)->qword[_i] ^= cpu_to_le64(Ax[5][r5 & 0xFF]); \ + (data)->qword[_i] ^= cpu_to_le64(Ax[6][r6 & 0xFF]); \ + (data)->qword[_i] ^= cpu_to_le64(Ax[7][r7 & 0xFF]); \ + r0 >>= 8; \ + r1 >>= 8; \ + r2 >>= 8; \ + r3 >>= 8; \ + r4 >>= 8; \ + r5 >>= 8; \ + r6 >>= 8; \ + r7 >>= 8; \ + } \ +} + +#define ROUND(i, Ki, data) { \ + XLPS(Ki, &C[i], Ki); \ + XLPS(Ki, data, data); \ +} + +static const struct streebog_uint512 buffer0 = { { + 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL +} }; + +static const struct streebog_uint512 buffer512 = { { + cpu_to_le64(0x200ULL), + 0ULL, 0ULL, 0UL
[PATCH 2/2] crypto: streebog - add Streebog test vectors
Add testmgr and tcrypt tests and vectors for Streebog hash function from RFC 6986 and GOST R 34.11-2012. Signed-off-by: Vitaly Chikunov --- crypto/tcrypt.c | 27 + crypto/testmgr.c | 12 ++ crypto/testmgr.h | 71 3 files changed, 110 insertions(+) diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index bdde95e8d369..d66cb167daa2 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c @@ -77,6 +77,7 @@ static char *check[] = { "khazad", "wp512", "wp384", "wp256", "tnepres", "xeta", "fcrypt", "camellia", "seed", "salsa20", "rmd128", "rmd160", "rmd256", "rmd320", "lzo", "cts", "zlib", "sha3-224", "sha3-256", "sha3-384", "sha3-512", + "sb256", "sb512", NULL }; @@ -1914,6 +1915,14 @@ static int do_test(const char *alg, u32 type, u32 mask, int m, u32 num_mb) ret += tcrypt_test("sm3"); break; + case 53: + ret += tcrypt_test("sb256"); + break; + + case 54: + ret += tcrypt_test("sb512"); + break; + case 100: ret += tcrypt_test("hmac(md5)"); break; @@ -2392,6 +2401,14 @@ static int do_test(const char *alg, u32 type, u32 mask, int m, u32 num_mb) test_hash_speed("sm3", sec, generic_hash_speed_template); if (mode > 300 && mode < 400) break; /* fall through */ + case 327: + test_hash_speed("sb256", sec, generic_hash_speed_template); + if (mode > 300 && mode < 400) break; + /* fall through */ + case 328: + test_hash_speed("sb512", sec, generic_hash_speed_template); + if (mode > 300 && mode < 400) break; + /* fall through */ case 399: break; @@ -2505,6 +2522,16 @@ static int do_test(const char *alg, u32 type, u32 mask, int m, u32 num_mb) num_mb); if (mode > 400 && mode < 500) break; /* fall through */ + case 426: + test_mb_ahash_speed("sb256", sec, generic_hash_speed_template, + num_mb); + if (mode > 400 && mode < 500) break; + /* fall through */ + case 427: + test_mb_ahash_speed("sb512", sec, generic_hash_speed_template, + num_mb); + if (mode > 400 && mode < 500) break; + /* fall through */ case 499: break; diff --git a/crypto/testmgr.c b/crypto/testmgr.c index a1d42245082a..6efb0a218b41 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -3428,6 +3428,18 @@ static const struct alg_test_desc alg_test_descs[] = { .cipher = __VECS(salsa20_stream_tv_template) } }, { + .alg = "sb256", + .test = alg_test_hash, + .suite = { + .hash = __VECS(sb256_tv_template) + } + }, { + .alg = "sb512", + .test = alg_test_hash, + .suite = { + .hash = __VECS(sb512_tv_template) + } + }, { .alg = "sha1", .test = alg_test_hash, .fips_allowed = 1, diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 173111c70746..9f9b7d6e4072 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -2309,6 +2309,77 @@ static const struct hash_testvec crct10dif_tv_template[] = { } }; +/* + * Streebog test vectors from RFC 6986 and GOST R 34.11-2012 + */ +static const struct hash_testvec sb256_tv_template[] = { + { /* M1 */ + .plaintext = "012345678901234567890123456789012345678901234567890123456789012", + .psize = 63, + .digest = + "\x9d\x15\x1e\xef\xd8\x59\x0b\x89" + "\xda\xa6\xba\x6c\xb7\x4a\xf9\x27" + "\x5d\xd0\x51\x02\x6b\xb1\x49\xa4" + "\x52\xfd\x84\xe5\xe5\x7b\x55\x00", + }, + { /* M2 */ + .plaintext = + "\xd1\xe5\x20\xe2\xe5\xf2\xf0\xe8" + "\x2c\x20\xd1\xf2\xf0\xe8\xe1\xee" + "\xe6\xe8\x20\xe2\xed\xf3\xf6\xe8" + "\x2c\x20\xe2\xe5\xfe\xf2\xfa\x20" + "\xf1\x20\xec\xee\xf0\xff\x20\xf1" + "\xf2\xf0\xe5\xeb\xe0\xec\xe8\x20" + "\xed\xe0\x20\xf5\xf0\xe0\xe1\xf0" + "\xfb\xff\x20\xef\xeb\xfa\xea\xfb" + "\x20\xc8\xe3\xee\xf0\xe5\xe2\xfb", + .psize = 72, + .digest = + "\x9d\xd2\xfe\x4e\x90\x40\x9e\x5d" + "\xa8\x7f\x53\x97\x6d\x74\x05\xb0" + "\xc0\xca\xc6\x28\xfc\x
[PATCH 0/2] crypto: streebog - add Streebog hash function
Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986) generic hash transformation with appropriate testmgr and tcrypt tests and vectors. Streebog Hash Function (GOST R 34.11-2012, RFC 6986) is one of the Russian cryptographic standard algorithms (called GOST algorithms). References: https://tc26.ru/upload/iblock/fed/feddbb4d26b685903faa2ba11aea43f6.pdf https://tools.ietf.org/html/rfc6986 Tested using testmgr and tcrypt on x86_64. Vitaly Chikunov (2): crypto: streebog - add Streebog hash function crypto: streebog - add Streebog test vectors crypto/Kconfig| 12 + crypto/Makefile |1 + crypto/streebog_generic.c | 1142 + crypto/tcrypt.c | 27 ++ crypto/testmgr.c | 12 + crypto/testmgr.h | 71 +++ include/crypto/streebog.h | 34 ++ 7 files changed, 1299 insertions(+) create mode 100644 crypto/streebog_generic.c create mode 100644 include/crypto/streebog.h -- 2.11.0