- 10 Jul, 2008 3 commits
-
-
Patrick McHardy authored
Check whether the destination buffer is written to beyond the last byte contained in the scatterlist. Also change IDX1 of the cross-page access offsets to a multiple of 4. This triggers a corruption in the HIFN driver and doesn't seem to negatively impact other testcases. Signed-off-by:Patrick McHardy <kaber@trash.net> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
-
Herbert Xu authored
Change logs should be kept in source control systems, not the source. This patch removes the change log from tcrpyt to stop people from extending it any more. Signed-off-by: -
Adrian-Ken Rueegsegger authored
This patch adds test vectors for RIPEMD-128 and RIPEMD-160 hash algorithms and digests (HMAC). The test vectors are taken from ISO:IEC 10118-3 (2004) and RFC2286. Signed-off-by:
Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch> Signed-off-by:
-
- 08 Jul, 2008 1 commit
-
-
Darren Jenkins authored
Coverity CID: 2306 & 2307 RESOURCE_LEAK In the second for loop in test_cipher(), data is allocated space with kzalloc() and is only ever freed in an error case. Looking at this loop, data is written to this memory but nothing seems to read from it. So here is a patch removing the allocation, I think this is the right fix. Only compile tested. Signed-off-by:
Darren Jenkins <darrenrjenkins@gmailcom> Signed-off-by:
-
- 20 Apr, 2008 5 commits
-
-
Kamalesh Babulal authored
On Thu, Mar 27, 2008 at 03:40:36PM +0100, Bodo Eggert wrote: > Kamalesh Babulal <kamalesh@linux.vnet.ibm.com> wrote: > > > This patch cleanups the crypto code, replaces the init() and fini() > > with the <algorithm name>_init/_fini > > This part ist OK. > > > or init/fini_<algorithm name> (if the > > <algorithm name>_init/_fini exist) > > Having init_foo and foo_init won't be a good thing, will it? I'd start > confusing them. > > What about foo_modinit instead? Thanks for the suggestion, the init() is replaced with <algorithm name>_mod_init () and fini () is replaced with <algorithm name>_mod_fini. Signed-off-by:
Kamalesh Babulal <kamalesh@linux.vnet.ibm.com> Signed-off-by:
-
Kevin Coffman authored
Implement CTS wrapper for CBC mode required for support of AES encryption support for Kerberos (rfc3962). Signed-off-by:
Kevin Coffman <kwc@citi.umich.edu> Signed-off-by:
-
Sebastian Siewior authored
The test routines (test_{cipher,hash,aead}) are makeing a copy of the test template and are processing the encryption process in place. This patch changes the creation of the copy so it will work even if the source address of the input data isn't an array inside of the template but a pointer. Signed-off-by:Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by:
-
Sebastian Siewior authored
The speed templates as it look always the same. The key size is repeated for each block size and we test always the same block size. The addition of one inner loop makes it possible to get rid of the struct and it is possible to use a tiny u8 array :) Signed-off-by:
-
Sebastian Siewior authored
Some crypto ciphers which are impleneted support similar key sizes (16,24 & 32 byte). They can be grouped together and use a common templatte instead of their own which contains the same data. Signed-off-by:
-
- 10 Jan, 2008 17 commits
-
-
Herbert Xu authored
Currently the gcm(aes) tests have to be taken together with all other algorithms. This patch makes it available by itself at number 106. Signed-off-by: -
Herbert Xu authored
The axbuf buffer is used by test_aead and therefore should be zeroed there instead of in test_hash. Signed-off-by: -
Joy Latten authored
This patch adds 7 test vectors to tcrypt for CCM. The test vectors are from rfc 3610. There are about 10 more test vectors in RFC 3610 and 4 or 5 more in NIST. I can add these as time permits. I also needed to set authsize. CCM has a prerequisite of authsize. Signed-off-by:
Joy Latten <latten@austin.ibm.com> Signed-off-by:
-
Herbert Xu authored
As discussed previously, this patch moves the basic CTR functionality into a chainable algorithm called ctr. The IPsec-specific variant of it is now placed on top with the name rfc3686. So ctr(aes) gives a chainable cipher with IV size 16 while the IPsec variant will be called rfc3686(ctr(aes)). This patch also adjusts gcm accordingly. Signed-off-by: -
Tan Swee Heng authored
This patch adds a simple speed test for salsa20. Usage: modprobe tcrypt mode=206 Signed-of-by:
Tan Swee Heng <thesweeheng@gmail.com> Signed-off-by:
-
Zoltan Sogor authored
Add LZO compression algorithm support Signed-off-by:
Zoltan Sogor <weth@inf.u-szeged.hu> Signed-off-by:
-
Zoltan Sogor authored
Add common compression tester function Modify deflate test case to use the common compressor test function Signed-off-by:
-
Herbert Xu authored
The crypto_aead convention for ICVs is to include it directly in the output. If we decided to change this in future then we would make the ICV (if the algorithm has an explicit one) available in the request itself. For now no algorithm needs this so this patch changes gcm to conform to this convention. It also adjusts the tcrypt aead tests to take this into account. Signed-off-by: -
Herbert Xu authored
Currently the gcm(aes) tests have to be taken together with all other ciphers. This patch makes it available by itself at number 35. Signed-off-by: -
Denis Cheng authored
These utilities implemented in lib/hexdump.c are more handy, please use this. Signed-off-by:
Denis Cheng <crquan@gmail.com> Signed-off-by:
-
Tan Swee Heng authored
Currently the number of entries in a cipher test vector template is limited by TVMEMSIZE/sizeof(struct cipher_testvec). This patch circumvents the problem by pointing cipher_tv to each entry in the template, rather than the template itself. Signed-off-by:
-
Mikko Herranen authored
Add GCM/GMAC support to cryptoapi. GCM (Galois/Counter Mode) is an AEAD mode of operations for any block cipher with a block size of 16. The typical example is AES-GCM. Signed-off-by:
Mikko Herranen <mh1@iki.fi> Reviewed-by:
Mika Kukkonen <mika.kukkonen@nsn.com> Signed-off-by:
-
Mikko Herranen authored
Add AEAD support to tcrypt, needed by GCM. Signed-off-by:
-
Tan Swee Heng authored
This patch implements the Salsa20 stream cipher using the blkcipher interface. The core cipher code comes from Daniel Bernstein's submission to eSTREAM: http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ref/ The test vectors comes from: http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ It has been tested successfully with "modprobe tcrypt mode=34" on an UML instance. Signed-off-by:
-
Jonathan Lynch authored
Resubmitting this patch which extends sha256_generic.c to support SHA-224 as described in FIPS 180-2 and RFC 3874. HMAC-SHA-224 as described in RFC4231 is then supported through the hmac interface. Patch includes test vectors for SHA-224 and HMAC-SHA-224. SHA-224 chould be chosen as a hash algorithm when 112 bits of security strength is required. Patch generated against the 2.6.24-rc1 kernel and tested against 2.6.24-rc1-git14 which includes fix for scatter gather implementation for HMAC. Signed-off-by:
Jonathan Lynch <jonathan.lynch@intel.com> Signed-off-by:
-
Joy Latten authored
This patch adds countersize to CTR mode. The template is now ctr(algo,noncesize,ivsize,countersize). For example, ctr(aes,4,8,4) indicates the counterblock will be composed of a salt/nonce that is 4 bytes, an iv that is 8 bytes and the counter is 4 bytes. When noncesize + ivsize < blocksize, CTR initializes the last block - ivsize - noncesize portion of the block to zero. Otherwise the counter block is composed of the IV (and nonce if necessary). If noncesize + ivsize == blocksize, then this indicates that user is passing in entire counterblock. Thus countersize indicates the amount of bytes in counterblock to use as the counter for incrementing. CTR will increment counter portion by 1, and begin encryption with that value. Note that CTR assumes the counter portion of the block that will be incremented is stored in big endian. Signed-off-by:
-
Joy Latten authored
This patch implements CTR mode for IPsec. It is based off of RFC 3686. Please note: 1. CTR turns a block cipher into a stream cipher. Encryption is done in blocks, however the last block may be a partial block. A "counter block" is encrypted, creating a keystream that is xor'ed with the plaintext. The counter portion of the counter block is incremented after each block of plaintext is encrypted. Decryption is performed in same manner. 2. The CTR counterblock is composed of, nonce + IV + counter The size of the counterblock is equivalent to the blocksize of the cipher. sizeof(nonce) + sizeof(IV) + sizeof(counter) = blocksize The CTR template requires the name of the cipher algorithm, the sizeof the nonce, and the sizeof the iv. ctr(cipher,sizeof_nonce,sizeof_iv) So for example, ctr(aes,4,8) specifies the counterblock will be composed of 4 bytes from a nonce, 8 bytes from the iv, and 4 bytes for counter since aes has a blocksize of 16 bytes. 3. The counter portion of the counter block is stored in big endian for conformance to rfc 3686. Signed-off-by:
-
- 27 Oct, 2007 1 commit
-
-
Herbert Xu authored
This patch moves the sg_init_table out of the timing loops for hash algorithms so that it doesn't impact on the speed test results. Signed-off-by:
David S. Miller <davem@davemloft.net>
-
- 26 Oct, 2007 1 commit
-
-
David S. Miller authored
Use sg_init_one() and sg_init_table() as needed. Signed-off-by:
-
- 22 Oct, 2007 1 commit
-
-
Jens Axboe authored
Signed-off-by:Jens Axboe <jens.axboe@oracle.com>
-
- 10 Oct, 2007 2 commits
-
-
Rik Snel authored
XTS currently considered to be the successor of the LRW mode by the IEEE1619 workgroup. LRW was discarded, because it was not secure if the encyption key itself is encrypted with LRW. XTS does not have this problem. The implementation is pretty straightforward, a new function was added to gf128mul to handle GF(128) elements in ble format. Four testvectors from the specification http://grouper.ieee.org/groups/1619/email/pdf00086.pdf were added, and they verify on my system. Signed-off-by:
Rik Snel <rsnel@cube.dyndns.org> Signed-off-by:
-
Hye-Shik Chang authored
This patch adds support for the SEED cipher (RFC4269). This patch have been used in few VPN appliance vendors in Korea for several years. And it was verified by KISA, who developed the algorithm itself. As its importance in Korean banking industry, it would be great if linux incorporates the support. Signed-off-by:
Hye-Shik Chang <perky@FreeBSD.org> Signed-off-by:
-
- 18 May, 2007 1 commit
-
-
Herbert Xu authored
The return value of crypto_hash_final isn't checked in test_hash_cycles. This patch corrects this. Thanks to Eric Sesterhenn for reporting this. Signed-off-by:
-
- 02 May, 2007 1 commit
-
-
Herbert Xu authored
This patch converts the tcrypt module to use the asynchronous block cipher interface. As all synchronous block ciphers can be used through the async interface, tcrypt is still able to test them. Signed-off-by:
-
- 20 Mar, 2007 1 commit
-
-
Sebastian Siewior authored
This patch fixes loading the tcrypt module while deflate isn't available at all (isn't build). Signed-off-by:
Sebastian Siewior <linux-crypto@ml.breakpoint.cc> Signed-off-by:
-
- 06 Feb, 2007 4 commits
-
-
Noriaki TAKAMIYA authored
This patch adds the code of Camellia code for testing module. Signed-off-by:
Noriaki TAKAMIYA <takamiya@po.ntts.co.jp> Signed-off-by:
-
Herbert Xu authored
The crypto_comp conversion missed the last remaining crypto_alloc_tfm call. This patch replaces it with crypto_alloc_comp. Signed-off-by: -
David Howells authored
Add a crypto module to provide FCrypt encryption as used by RxRPC. Signed-Off-By:
David Howells <dhowells@redhat.com> Signed-off-by:
-
Andrew Donofrio authored
This patch adds tests for SHA384 HMAC and SHA512 HMAC to the tcrypt module. Test data was taken from RFC4231. This patch is a follow-up to the discovery (bug 7646) that the kernel SHA384 HMAC implementation was not generating proper SHA384 HMACs. Signed-off-by:
Andrew Donofrio <linuxbugzilla@kriptik.org> Signed-off-by:
-
- 06 Dec, 2006 2 commits
-
-
Rik Snel authored
Do modprobe tcrypt mode=10 to check the included test vectors, they are from: http://grouper.ieee.org/groups/1619/email/pdf00017.pdf and from http://www.mail-archive.com/stds-p1619@listserv.ieee.org/msg00173.html . To make the last test vector fit, I had to increase the buffer size of input and result to 512 bytes. Signed-off-by:
-
Kazunori MIYAZAWA authored
est vectors of XCBC with AES-128. Signed-off-by:
Kazunori MIYAZAWA <miyazawa@linux-ipv6.org> Signed-off-by:
-
