This series does some basic cleanup and adds support for
AES GCM mode for omap aes driver.
Changes since v1:
- Switched GCM to new AEAD interface
Lokesh Vutla (7):
crypto: omap-aes: Fix CTR mode
crypto: omap-aes: Increase priority of hw accelerator
crypto: omap-aes: Fix configuring of AES
AES_CTRL_REG is used to configure AES mode. Before configuring
any mode we need to make sure all other modes are reset or else
driver will misbehave. So mask all modes before configuring
any AES mode.
Signed-off-by: Lokesh Vutla lokeshvu...@ti.com
---
drivers/crypto/omap-aes.c | 13 +
The AEAD speed tests doesn't do a wait_for_completition,
if the return value is EINPROGRESS or EBUSY.
Fixing it here.
Also add a test case for gcm(aes).
Signed-off-by: Lokesh Vutla lokeshvu...@ti.com
---
crypto/tcrypt.c | 65 ++---
1 file
Algo self tests are failing for CTR mode with omap-aes driver,
giving the following error:
[ 150.053644] omap_aes_crypt: request size is not exact amount of AES
blocks
[ 150.061262] alg: skcipher: encryption failed on test 5 for ctr-aes-omap:
ret=22
This is because the input length is
This patch series adds both ChaCha20 and Poly1305 specific ciphers for
x86_64 using SSE2/SSSE3 and AVX2 instructions. The idea is to have a drop-in
replacement for AESNI/CLMUL-accelerated AES-GCM providing at least somewhat
comparable performance, refer to RFC7539 for details. It is based
on
Implements an x86_64 assembler driver for the ChaCha20 stream cipher. This
single block variant works on a single state matrix using SSE instructions.
It requires SSSE3 due the use of pshufb for efficient 8/16-bit rotate
operations.
For large messages, throughput increases by ~65% compared to
Extends the x86_64 SSE2 Poly1305 authenticator by a function processing two
consecutive Poly1305 blocks in parallel using a derived key r^2. Loop
unrolling can be more effectively mapped to SSE instructions, further
increasing throughput.
For large messages, throughput increases by ~45-65%
Extends the x86_64 Poly1305 authenticator by a function processing four
consecutive Poly1305 blocks in parallel using AVX2 instructions.
For large messages, throughput increases by ~15-45% compared to two
block SSE2:
testing speed of poly1305 (poly1305-simd)
test 0 ( 96 byte blocks, 16
As architecture specific drivers need a software fallback, export Poly1305
init/update/final functions together with some helpers in a header file.
Signed-off-by: Martin Willi mar...@strongswan.org
---
crypto/chacha20poly1305.c | 4 +--
crypto/poly1305_generic.c | 73
Extends the x86_64 ChaCha20 implementation by a function processing eight
ChaCha20 blocks in parallel using AVX2.
For large messages, throughput increases by ~55-70% compared to four block
SSSE3:
testing speed of chacha20 (chacha20-simd) encryption
test 0 (256 bit key, 16 byte blocks): 4164293
The AVX2 variant of ChaCha20 is used only for messages with = 512 bytes
length. With the existing test vectors, the implementation could not be
tested. Due that lack of such a long official test vector, this one is
self-generated using chacha20-generic.
Signed-off-by: Martin Willi
Implements an x86_64 assembler driver for the Poly1305 authenticator. This
single block variant holds the 130-bit integer in 5 32-bit words, but uses
SSE to do two multiplications/additions in parallel.
When calling updates with small blocks, the overhead for kernel_fpu_begin/
kernel_fpu_end()
Adds individual ChaCha20 and Poly1305 and a combined rfc7539esp AEAD speed
test using mode numbers 214, 321 and 213. For Poly1305 we add a specific
speed template, as it expects the key prepended to the input data.
Signed-off-by: Martin Willi mar...@strongswan.org
---
crypto/tcrypt.c | 15
Increasing the priority of omap-aes hw algos, in order to take
precedence over sw algos.
Signed-off-by: Lokesh Vutla lokeshvu...@ti.com
---
drivers/crypto/omap-aes.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-aes.c
Add aead_request_cast() api to get pointer to aead_request
from cryto_async_request.
Signed-off-by: Lokesh Vutla lokeshvu...@ti.com
---
include/crypto/internal/aead.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/include/crypto/internal/aead.h b/include/crypto/internal/aead.h
index
Use BIT()/GENMASK() macros for all register definitions instead of
hand-writing bit masks.
Signed-off-by: Lokesh Vutla lokeshvu...@ti.com
---
drivers/crypto/omap-aes.c | 34 +-
1 file changed, 17 insertions(+), 17 deletions(-)
diff --git
OMAP AES hw supports AES-GCM mode.
Adding support for GCM mode in omap-aes driver.
Signed-off-by: Lokesh Vutla lokeshvu...@ti.com
---
drivers/crypto/Kconfig| 1 +
drivers/crypto/Makefile | 3 +-
drivers/crypto/omap-aes-gcm.c | 376 ++
On Tue, Jul 07, 2015 at 09:36:46PM +0200, Martin Willi wrote:
poly1305-generic:
testing speed of rfc7539esp(chacha20,poly1305)
(rfc7539esp(chacha20-generic,poly1305-generic)) encryption
test 0 (288 bit key, 16 byte blocks): 902007 operations in 1 seconds
(14432112 bytes)
test 1 (288 bit
On Tue, Jul 07, 2015 at 03:48:37PM -0300, Leonidas S. Barbosa wrote:
On Tue, Jul 07, 2015 at 05:30:25PM +0800, Herbert Xu wrote:
The crypto API allows a single transform to be used by multiple
threads simultaneously. For example, IPsec will use a single tfm
to process packets for a given
On Mon, 2015-07-06 at 10:06 -0700, Nishanth Aravamudan wrote:
On 03.07.2015 [11:30:32 +1000], Michael Ellerman wrote:
On Thu, 2015-07-02 at 15:40 -0700, Nishanth Aravamudan wrote:
While we never would successfully load on the wrong machine type, there
is extra output by default regardless
On Mon, Jul 06, 2015 at 01:37:33PM +0200, LABBE Corentin wrote:
All tests for cbc(aes) use only blocks of data with a multiple of 4.
This test adds a test with some odd SG size.
Signed-off-by: LABBE Corentin clabbe.montj...@gmail.com
Applied.
--
Email: Herbert Xu herb...@gondor.apana.org.au
On Mon, Jul 06, 2015 at 10:06:21AM -0700, Nishanth Aravamudan wrote:
v2:
Rather than not loading, just reduce the verbosity
Applied.
--
Email: Herbert Xu herb...@gondor.apana.org.au
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To
On Mon, Jul 06, 2015 at 09:10:47PM +0200, LABBE Corentin wrote:
+int sun4i_hash_init(struct ahash_request *areq)
+{
+ const char *hash_type;
+ struct sun4i_req_ctx *op = ahash_request_ctx(areq);
+ struct crypto_ahash *tfm = crypto_ahash_reqtfm(areq);
+ struct ahash_alg *alg
The function __crypto_dequeue_request is completely unused.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
diff --git a/crypto/algapi.c b/crypto/algapi.c
index 3c079b7..ceebfcf 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -892,7 +892,7 @@ out:
}
This patch adds a type-safe queueing interface for AEAD.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
diff --git a/include/crypto/internal/aead.h b/include/crypto/internal/aead.h
index 4b25471..8f3b93b 100644
--- a/include/crypto/internal/aead.h
+++ b/include/crypto/internal/aead.h
@@
This version adds aead_get_backlog.
---8---
This patch adds a type-safe queueing interface for AEAD.
Signed-off-by: Herbert Xu herb...@gondor.apana.org.au
diff --git a/include/crypto/internal/aead.h b/include/crypto/internal/aead.h
index 4b25471..c3942f4 100644
---
On Tue, Jul 07, 2015 at 09:01:47PM +0530, Lokesh Vutla wrote:
Add aead_request_cast() api to get pointer to aead_request
from cryto_async_request.
Signed-off-by: Lokesh Vutla lokeshvu...@ti.com
---
include/crypto/internal/aead.h | 6 ++
1 file changed, 6 insertions(+)
diff --git
On Tue, Jul 07, 2015 at 09:01:48PM +0530, Lokesh Vutla wrote:
+static int omap_aes_gcm_copy_buffers(struct omap_aes_dev *dd,
+ struct aead_request *req)
+{
+ void *buf_in;
+ int pages, alen, clen, cryptlen, nsg;
+ struct crypto_aead *aead =
28 matches
Mail list logo