linux-stable.git/crypto/seqiv.c, branch v4.2.4 Linux kernel stable tree crypto: seqiv - Add compatibility support without RNG 2015-06-22T07:49:28+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-06-21T11:11:49+00:00 eeee12aa34d840c6c99051f0ff85a9ffa1badd07 When seqiv is used in compatibility mode, this patch allows it to function even when an RNG Is not available. It also changes the RNG allocation for the new explicit seqiv interface so that we only hold a reference to the RNG during initialisation. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
When seqiv is used in compatibility mode, this patch allows it
to function even when an RNG Is not available.  It also changes
the RNG allocation for the new explicit seqiv interface so that
we only hold a reference to the RNG during initialisation.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Move IV seeding into init function 2015-06-04T07:05:01+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-06-03T06:49:27+00:00 b7dcfab4a7cdc3103c7560cd2386036266b2740e We currently do the IV seeding on the first givencrypt call in order to conserve entropy. However, this does not work with DRBG which cannot be called from interrupt context. In fact, with DRBG we don't need to conserve entropy anyway. So this patch moves the seeding into the init function. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
We currently do the IV seeding on the first givencrypt call in
order to conserve entropy.  However, this does not work with
DRBG which cannot be called from interrupt context.  In fact,
with DRBG we don't need to conserve entropy anyway.  So this
patch moves the seeding into the init function.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Fix module unload/reload crash 2015-05-28T03:23:19+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-27T06:37:40+00:00 056c04ba8bbad4c563c05306cc8a8c66e713f280 On module unload we weren't unregistering the seqniv template, thus leading to a crash the next time someone walks the template list. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
On module unload we weren't unregistering the seqniv template,
thus leading to a crash the next time someone walks the template
list.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Fix IV size in context size calculation 2015-05-28T03:23:19+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-27T06:37:39+00:00 ccdb8a038451e5f8d62c786591902f08308be524 This patch fixes a bug in the context size calculation where we were still referring to the old cra_aead. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch fixes a bug in the context size calculation where we
were still referring to the old cra_aead.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Use common IV generation code 2015-05-28T03:23:18+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-27T06:37:37+00:00 661cfd0e5ed22cfd89a09c5f371d8fcb7d302547 This patch makes use of the new common IV generation code. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch makes use of the new common IV generation code.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Copy AD along with plain/cipher text 2015-05-28T03:23:18+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-27T06:37:36+00:00 d0ad1b246dc3d77df9a931c4a7852ff72e84ce4d As the AD does not necessarily exist in the destination buffer it must be copied along with the plain/cipher text. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
As the AD does not necessarily exist in the destination buffer
it must be copied along with the plain/cipher text.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: aead - Remove unused cryptoff parameter 2015-05-25T10:41:32+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-23T07:41:57+00:00 374d4ad18a0c4bc844dee42b3b43916e5f46608d This patch removes the cryptoff parameter now that all users set it to zero. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch removes the cryptoff parameter now that all users
set it to zero.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Stop using cryptoff 2015-05-25T10:41:31+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-23T07:41:56+00:00 dd04446e48e859c913a395497ba1a289e707269a The cryptoff parameter was added to facilitate the skipping of IVs that sit between the AD and the plain/cipher text. However, it was never implemented correctly as and we do not handle users such as IPsec setting cryptoff. It is simply ignored. Implementing correctly is in fact more trouble than what it's worth. This patch removes the uses of cryptoff by moving the AD forward to fill the gap left by the IV. The AD is moved back after the underlying AEAD processing is finished. This is in fact beter than the cryptoff solution because it allows algorithms that use seqniv (i.e., GCM and CCM) to hash the whole packet as a single piece, while cryptoff meant that there was guaranteed to be a gap. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The cryptoff parameter was added to facilitate the skipping of
IVs that sit between the AD and the plain/cipher text.  However,
it was never implemented correctly as and we do not handle users
such as IPsec setting cryptoff.  It is simply ignored.

Implementing correctly is in fact more trouble than what it's
worth.

This patch removes the uses of cryptoff by moving the AD forward
to fill the gap left by the IV.  The AD is moved back after the
underlying AEAD processing is finished.

This is in fact beter than the cryptoff solution because it allows
algorithms that use seqniv (i.e., GCM and CCM) to hash the whole
packet as a single piece, while cryptoff meant that there was
guaranteed to be a gap.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Use aead_register_instance 2015-05-25T10:41:30+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-23T07:41:51+00:00 0677157b2b0458c7c906b063e4504d9e24ed8e8a New style AEAD instances must use aead_register_instance. This worked by chance because aead_geniv_alloc is still setting things the old way. This patch converts the template over to the create model where we are responsible for instance registration so that we can call the correct function. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
New style AEAD instances must use aead_register_instance.  This
worked by chance because aead_geniv_alloc is still setting things
the old way.

This patch converts the template over to the create model where
we are responsible for instance registration so that we can call
the correct function.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: seqiv - Add seqniv 2015-05-22T03:25:56+00:00 Herbert Xu herbert@gondor.apana.org.au 2015-05-21T07:11:14+00:00 3c08fee7b5ce471a7114478ac8c6e546787bd8c2 This patch adds a new IV generator seqniv which is identical to seqiv except that it skips the IV when authenticating. This is intended to be used by algorithms such as rfc4106 that does the IV authentication implicitly. Note that the code used for seqniv is in fact identical to the compatibility case for seqiv. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds a new IV generator seqniv which is identical to
seqiv except that it skips the IV when authenticating.  This is
intended to be used by algorithms such as rfc4106 that does the
IV authentication implicitly.

Note that the code used for seqniv is in fact identical to the
compatibility case for seqiv.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>