linux.git/crypto/Makefile, branch v2.6.29 Linux kernel source tree crypto: hash - Add shash interface 2008-12-25T00:01:26+00:00 Herbert Xu herbert@gondor.apana.org.au 2008-08-31T05:47:27+00:00 7b5a080b3c46f0cac71c0d0262634c6517d4ee4f The shash interface replaces the current synchronous hash interface. It improves over hash in two ways. Firstly shash is reentrant, meaning that the same tfm may be used by two threads simultaneously as all hashing state is stored in a local descriptor. The other enhancement is that shash no longer takes scatter list entries. This is because shash is specifically designed for synchronous algorithms and as such scatter lists are unnecessary. All existing hash users will be converted to shash once the algorithms have been completely converted. There is also a new finup function that combines update with final. This will be extended to ahash once the algorithm conversion is done. This is also the first time that an algorithm type has their own registration function. Existing algorithm types will be converted to this way in due course. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The shash interface replaces the current synchronous hash interface.
It improves over hash in two ways.  Firstly shash is reentrant,
meaning that the same tfm may be used by two threads simultaneously
as all hashing state is stored in a local descriptor.

The other enhancement is that shash no longer takes scatter list
entries.  This is because shash is specifically designed for
synchronous algorithms and as such scatter lists are unnecessary.

All existing hash users will be converted to shash once the
algorithms have been completely converted.

There is also a new finup function that combines update with final.
This will be extended to ahash once the algorithm conversion is
done.

This is also the first time that an algorithm type has their own
registration function.  Existing algorithm types will be converted
to this way in due course.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Disallow cryptomgr as a module if algorithms are built-in 2008-12-10T12:29:44+00:00 Herbert Xu herbert@gondor.apana.org.au 2008-12-10T12:29:44+00:00 6a0fcbb4dad15f02ca8f8ae6324fcd3fc43b9d35 If we have at least one algorithm built-in then it no longer makes sense to have the testing framework, and hence cryptomgr to be a module. It should be either on or off, i.e., built-in or disabled. This just happens to stop a potential runaway modprobe loop that seems to trigger on at least one distro. With fixes from Evgeniy Polyakov. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
If we have at least one algorithm built-in then it no longer makes
sense to have the testing framework, and hence cryptomgr to be a
module.  It should be either on or off, i.e., built-in or disabled.

This just happens to stop a potential runaway modprobe loop that
seems to trigger on at least one distro.

With fixes from Evgeniy Polyakov.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: rng - RNG interface and implementation 2008-08-29T05:50:04+00:00 Neil Horman nhorman@tuxdriver.com 2008-08-14T12:15:52+00:00 17f0f4a47df9aea9ee26c939f8057c35e0be1847 This patch adds a random number generator interface as well as a cryptographic pseudo-random number generator based on AES. It is meant to be used in cases where a deterministic CPRNG is required. One of the first applications will be as an input in the IPsec IV generation process. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds a random number generator interface as well as a
cryptographic pseudo-random number generator based on AES.  It is
meant to be used in cases where a deterministic CPRNG is required.

One of the first applications will be as an input in the IPsec IV
generation process.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: api - Add fips_enable flag 2008-08-29T05:50:02+00:00 Neil Horman nhorman@tuxdriver.com 2008-08-05T06:13:08+00:00 ccb778e1841ce04b4c10b39f0dd2558ab2c6dcd4 Add the ability to turn FIPS-compliant mode on or off at boot In order to be FIPS compliant, several check may need to be preformed that may be construed as unusefull in a non-compliant mode. This patch allows us to set a kernel flag incating that we are running in a fips-compliant mode from boot up. It also exports that mode information to user space via a sysctl (/proc/sys/crypto/fips_enabled). Tested successfully by me. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Add the ability to turn FIPS-compliant mode on or off at boot

In order to be FIPS compliant, several check may need to be preformed that may
be construed as unusefull in a non-compliant mode.  This patch allows us to set
a kernel flag incating that we are running in a fips-compliant mode from boot
up.  It also exports that mode information to user space via a sysctl
(/proc/sys/crypto/fips_enabled).

Tested successfully by me.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: skcipher - Move IV generators into their own modules 2008-08-29T05:50:00+00:00 Herbert Xu herbert@gondor.apana.org.au 2008-08-17T08:04:30+00:00 5be5e667a9a5d8d5553e009e67bc692d95e5916a This patch moves the default IV generators into their own modules in order to break a dependency loop between cryptomgr, rng, and blkcipher. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch moves the default IV generators into their own modules
in order to break a dependency loop between cryptomgr, rng, and
blkcipher.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: cryptomgr - Add test infrastructure 2008-08-29T05:49:55+00:00 Herbert Xu herbert@gondor.apana.org.au 2008-07-31T09:08:25+00:00 da7f033ddc9fdebb3223b0bf88a2a2ab5b797608 This patch moves the newly created alg_test infrastructure into cryptomgr. This shall allow us to use it for testing at algorithm registrations. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch moves the newly created alg_test infrastructure into
cryptomgr.  This shall allow us to use it for testing at algorithm
registrations.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Revert crypto: prng - Deterministic CPRNG 2008-07-15T15:46:24+00:00 Herbert Xu herbert@gondor.apana.org.au 2008-07-15T15:46:24+00:00 7890ea1f95fa8968fa6f5bb5860e6632932abfd3 This patch is clearly not ready yet for prime time. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch is clearly not ready yet for prime time.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: prng - Deterministic CPRNG 2008-07-10T12:35:18+00:00 Neil Horman nhorman@tuxdriver.com 2008-07-07T14:41:31+00:00 b8454eebe380677789735fd6bad368af2e6b2d1e This patch adds a cryptographic pseudo-random number generator based on CTR(AES-128). It is meant to be used in cases where a deterministic CPRNG is required. One of the first applications will be as an input in the IPsec IV generation process. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds a cryptographic pseudo-random number generator
based on CTR(AES-128).  It is meant to be used in cases where a
deterministic CPRNG is required.

One of the first applications will be as an input in the IPsec IV
generation process.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] hash: Add asynchronous hash support 2008-07-10T12:35:13+00:00 Loc Ho lho@amcc.com 2008-05-14T12:41:47+00:00 004a403c2e954734090a69aedc7f4f822bdcc142 This patch adds asynchronous hash and digest support. Signed-off-by: Loc Ho <lho@amcc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds asynchronous hash and digest support.

Signed-off-by: Loc Ho <lho@amcc.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
[CRYPTO] ripemd: Add support for RIPEMD-256 and RIPEMD-320 2008-07-10T12:35:13+00:00 Adrian-Ken Rueegsegger rueegsegger@swiss-it.ch 2008-05-09T13:27:02+00:00 c555c28d9da517579085a00fc80e725b0b5d9fce This patch adds support for the extended RIPEMD hash algorithms RIPEMD-256 and RIPEMD-320. Signed-off-by: Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds support for the extended RIPEMD hash
algorithms RIPEMD-256 and RIPEMD-320.

Signed-off-by: Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>