Re: [PATCH] crypto: x86/aes-ni - fix build error following fpu template removal
On Fri, Oct 05, 2018 at 10:13:06AM -0700, Eric Biggers wrote:
> From: Eric Biggers
>
> aesni-intel_glue.c still calls crypto_fpu_init() and crypto_fpu_exit()
> to register/unregister the "fpu" template. But these functions don't
> exist anymore, causing a build error. Remove the calls to them.
>
> Fixes: 944585a64f5e ("crypto: x86/aes-ni - remove special handling of AES in
> PCBC mode")
> Signed-off-by: Eric Biggers
> ---
> arch/x86/crypto/aesni-intel_glue.c | 13 +
> 1 file changed, 1 insertion(+), 12 deletions(-)
Patch applied. Thanks.
--
Email: Herbert Xu
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: caam/qi2 - avoid double export
On Tue, Oct 02, 2018 at 10:56:19PM +0200, Arnd Bergmann wrote:
> Both the caam ctrl file and dpaa2_caam export a couple of flags. They
> use an #ifdef check to make sure that each flag is only built once,
> but this fails if they are both loadable modules:
>
> WARNING: drivers/crypto/caam/dpaa2_caam: 'caam_little_end' exported twice.
> Previous export was in drivers/crypto/caam/caam.ko
> WARNING: drivers/crypto/caam/dpaa2_caam: 'caam_imx' exported twice. Previous
> export was in drivers/crypto/caam/caam.ko
>
> Change the #ifdef to an IS_ENABLED() check in order to make it work in
> all configurations. It may be better to redesign this aspect of the
> two drivers in a cleaner way.
>
> Fixes: 8d818c105501 ("crypto: caam/qi2 - add DPAA2-CAAM driver")
> Signed-off-by: Arnd Bergmann
> ---
> drivers/crypto/caam/caamalg_qi2.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Patch applied. Thanks.
--
Email: Herbert Xu
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
On Tue, Oct 02, 2018 at 10:22:15PM -0700, Eric Biggers wrote:
> From: Eric Biggers
>
> In the new arm64 CTS-CBC implementation, return an error code rather
> than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set
> cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to
> indicate the minimum input size.
>
> Fixes: dd597fb33ff0 ("crypto: arm64/aes-blk - add support for CTS-CBC mode")
> Signed-off-by: Eric Biggers
Patch applied. Thanks.
--
Email: Herbert Xu
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH 0/3] crypto: mxs-dcp - Fix tcrypt on imx6
On Tue, Oct 02, 2018 at 07:01:46PM +, Leonard Crestez wrote: > The mxs-dcp driver currently fails to probe on imx6. Fix the whole thing > by porting a cleaned/squashed version of fixes carried in the NXP vendor > tree. > > Tested with "modprobe tcrypt" and CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=n > on imx6sl imx6sll imx6ull: no failures. > > I'm not very familiar with crypto and did not write write these fixes so > a skeptical review would be appreciated. > > Previously: > https://lore.kernel.org/patchwork/patch/989652/ > > Dan Douglass (1): > crypto: mxs-dcp - Implement sha import/export > > Radu Solea (2): > crypto: mxs-dcp - Fix SHA null hashes and output length > crypto: mxs-dcp - Fix AES issues > > drivers/crypto/mxs-dcp.c | 121 --- > 1 file changed, 101 insertions(+), 20 deletions(-) All applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH v2 0/2] crypto - fix aegis/morus for big endian systems
On Mon, Oct 01, 2018 at 10:36:36AM +0200, Ard Biesheuvel wrote: > Some bug fixes for issues that I stumbled upon while working on other > stuff. > > Changes since v1: > - add Ondrej's ack to #1 > - simplify #2 and drop unrelated performance tweak > > Ard Biesheuvel (2): > crypto: morus/generic - fix for big endian systems > crypto: aegis/generic - fix for big endian systems > > crypto/aegis.h | 20 +--- > crypto/morus1280.c | 7 ++- > crypto/morus640.c | 16 > 3 files changed, 15 insertions(+), 28 deletions(-) All applied. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: cavium/nitrox - Fix format strings
On Tue, Oct 02, 2018 at 11:00:03PM +0200, Arnd Bergmann wrote:
> The return type of atomic64_read() is unfortunately architecture
> specific, it can be 'long', 'long long', or 's64'. When it is 'long',
> we get a build warning:
>
> drivers/crypto/cavium/nitrox/nitrox_debugfs.c: In function 'stats_show':
> drivers/crypto/cavium/nitrox/nitrox_debugfs.c:62:30: error: format '%lld'
> expects argument of type 'long long int', but argument 3 has type 'long int'
> [-Werror=format=]
> seq_printf(s, " Posted: %lld\n", atomic64_read(&ndev->stats.posted));
>~~~^
>%ld
> drivers/crypto/cavium/nitrox/nitrox_debugfs.c:63:33: error: format '%lld'
> expects argument of type 'long long int', but argument 3 has type 'long int'
> [-Werror=format=]
> seq_printf(s, " Completed: %lld\n",
> ~~~^
> %ld
> drivers/crypto/cavium/nitrox/nitrox_debugfs.c:65:31: error: format '%lld'
> expects argument of type 'long long int', but argument 3 has type 'long int'
> [-Werror=format=]
>
> Add an explicit cast to 's64' to get a consistent behavior on all
> architectures here during compile testing.
>
> Fixes: 2a8780be9c26 ("crypto: cavium/nitrox - updated debugfs information.")
> Signed-off-by: Arnd Bergmann
This patch doesn't apply to cryptodev because the bug has already
been fixed by another patch.
Thanks,
--
Email: Herbert Xu
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] drivers: crypto: caam: kconfig: create menu for CAAM
Franck LENORMAND wrote: > The CAAM driver has multiple configuration and all are listed > in the crypto menu. > > This patch create a menu dedicated to the Freescale CAAM driver. > > Signed-off-by: Franck LENORMAND > --- > drivers/crypto/caam/Kconfig | 4 > 1 file changed, 4 insertions(+) > > diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig > index 1eb8527..fb87245 100644 > --- a/drivers/crypto/caam/Kconfig > +++ b/drivers/crypto/caam/Kconfig > @@ -1,3 +1,5 @@ > +menu "Freescale CAAM" > + > config CRYPTO_DEV_FSL_CAAM >tristate "Freescale CAAM-Multicore driver backend" >depends on FSL_SOC || ARCH_MXC || ARCH_LAYERSCAPE > @@ -152,3 +154,5 @@ config CRYPTO_DEV_FSL_CAAM_DEBUG > config CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC >def_tristate (CRYPTO_DEV_FSL_CAAM_CRYPTO_API || \ > CRYPTO_DEV_FSL_CAAM_CRYPTO_API_QI) > + > +endmenu Please rebase this on the current cryptodev tree as it doesn't apply. Thanks, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
WE NOTICED
I am contacting you because my office noticed you have an unclaimed Inheritance contact me immediately for further details.
[PATCH] crypto/testmgr.c: fix sizeof() on COMP_BUF_SIZE
After allocation, output and decomp_output both point to memory chunks of
size COMP_BUF_SIZE. Then, only the first bytes are zeroed out using
sizeof(COMP_BUF_SIZE) as parameter to memset(), because
sizeof(COMP_BUF_SIZE) provides the size of the constant and not the size of
allocated memory.
Instead, the whole allocated memory is meant to be zeroed out. Use
COMP_BUF_SIZE as parameter to memset() directly in order to accomplish
this.
Fixes: 336073840a872 ("crypto: testmgr - Allow different compression results")
Signed-off-by: Michael Schupikov
---
crypto/testmgr.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a1d42245082a..790aa3536631 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1400,8 +1400,8 @@ static int test_comp(struct crypto_comp *tfm,
int ilen;
unsigned int dlen = COMP_BUF_SIZE;
- memset(output, 0, sizeof(COMP_BUF_SIZE));
- memset(decomp_output, 0, sizeof(COMP_BUF_SIZE));
+ memset(output, 0, COMP_BUF_SIZE);
+ memset(decomp_output, 0, COMP_BUF_SIZE);
ilen = ctemplate[i].inlen;
ret = crypto_comp_compress(tfm, ctemplate[i].input,
@@ -1445,7 +1445,7 @@ static int test_comp(struct crypto_comp *tfm,
int ilen;
unsigned int dlen = COMP_BUF_SIZE;
- memset(decomp_output, 0, sizeof(COMP_BUF_SIZE));
+ memset(decomp_output, 0, COMP_BUF_SIZE);
ilen = dtemplate[i].inlen;
ret = crypto_comp_decompress(tfm, dtemplate[i].input,
--
2.19.0
[PATCH 1/2] crypto: streebog - add Streebog hash function
Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986)
generic hash transformation.
Signed-off-by: Vitaly Chikunov
---
crypto/Kconfig| 12 +
crypto/Makefile |1 +
crypto/streebog_generic.c | 1142 +
include/crypto/streebog.h | 34 ++
4 files changed, 1189 insertions(+)
create mode 100644 crypto/streebog_generic.c
create mode 100644 include/crypto/streebog.h
diff --git a/crypto/Kconfig b/crypto/Kconfig
index f3e40ac56d93..587c32f65cfe 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -986,6 +986,18 @@ config CRYPTO_SM3
http://www.oscca.gov.cn/UpFile/20101222141857786.pdf
https://datatracker.ietf.org/doc/html/draft-shen-sm3-hash
+config CRYPTO_STREEBOG
+ tristate "Streebog Hash Function"
+ select CRYPTO_HASH
+ help
+ Streebog Hash Function (GOST R 34.11-2012, RFC 6986) is one of the
Russian
+ cryptographic standard algorithms (called GOST algorithms).
+ This setting enables two hash algorithms with 256 and 512 bits output.
+
+ References:
+ https://tc26.ru/upload/iblock/fed/feddbb4d26b685903faa2ba11aea43f6.pdf
+ https://tools.ietf.org/html/rfc6986
+
config CRYPTO_TGR192
tristate "Tiger digest algorithms"
select CRYPTO_HASH
diff --git a/crypto/Makefile b/crypto/Makefile
index 6d1d40eeb964..65be945da35c 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -70,6 +70,7 @@ obj-$(CONFIG_CRYPTO_SHA256) += sha256_generic.o
obj-$(CONFIG_CRYPTO_SHA512) += sha512_generic.o
obj-$(CONFIG_CRYPTO_SHA3) += sha3_generic.o
obj-$(CONFIG_CRYPTO_SM3) += sm3_generic.o
+obj-$(CONFIG_CRYPTO_STREEBOG) += streebog_generic.o
obj-$(CONFIG_CRYPTO_WP512) += wp512.o
CFLAGS_wp512.o := $(call cc-option,-fno-schedule-insns) #
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79149
obj-$(CONFIG_CRYPTO_TGR192) += tgr192.o
diff --git a/crypto/streebog_generic.c b/crypto/streebog_generic.c
new file mode 100644
index ..d1cb3c6b74c5
--- /dev/null
+++ b/crypto/streebog_generic.c
@@ -0,0 +1,1142 @@
+// SPDX-License-Identifier: GPL-2.0+ OR BSD-2-Clause
+/*
+ * Streebog hash function as specified by GOST R 34.11-2012 and
+ * described at https://tools.ietf.org/html/rfc6986
+ *
+ * Copyright (c) 2013 Alexey Degtyarev
+ * Copyright (c) 2018 Vitaly Chikunov
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#define X(x, y, z) { \
+ (z)->qword[0] = (x)->qword[0] ^ (y)->qword[0]; \
+ (z)->qword[1] = (x)->qword[1] ^ (y)->qword[1]; \
+ (z)->qword[2] = (x)->qword[2] ^ (y)->qword[2]; \
+ (z)->qword[3] = (x)->qword[3] ^ (y)->qword[3]; \
+ (z)->qword[4] = (x)->qword[4] ^ (y)->qword[4]; \
+ (z)->qword[5] = (x)->qword[5] ^ (y)->qword[5]; \
+ (z)->qword[6] = (x)->qword[6] ^ (y)->qword[6]; \
+ (z)->qword[7] = (x)->qword[7] ^ (y)->qword[7]; \
+}
+
+#define XLPS(x, y, data) { \
+ register u64 r0, r1, r2, r3, r4, r5, r6, r7; \
+ int _i; \
+ \
+ r0 = le64_to_cpu((x)->qword[0] ^ (y)->qword[0]); \
+ r1 = le64_to_cpu((x)->qword[1] ^ (y)->qword[1]); \
+ r2 = le64_to_cpu((x)->qword[2] ^ (y)->qword[2]); \
+ r3 = le64_to_cpu((x)->qword[3] ^ (y)->qword[3]); \
+ r4 = le64_to_cpu((x)->qword[4] ^ (y)->qword[4]); \
+ r5 = le64_to_cpu((x)->qword[5] ^ (y)->qword[5]); \
+ r6 = le64_to_cpu((x)->qword[6] ^ (y)->qword[6]); \
+ r7 = le64_to_cpu((x)->qword[7] ^ (y)->qword[7]); \
+ \
+ for (_i = 0; _i <= 7; _i++) { \
+ (data)->qword[_i] = cpu_to_le64(Ax[0][r0 & 0xFF]); \
+ (data)->qword[_i] ^= cpu_to_le64(Ax[1][r1 & 0xFF]); \
+ (data)->qword[_i] ^= cpu_to_le64(Ax[2][r2 & 0xFF]); \
+ (data)->qword[_i] ^= cpu_to_le64(Ax[3][r3 & 0xFF]); \
+ (data)->qword[_i] ^= cpu_to_le64(Ax[4][r4 & 0xFF]); \
+ (data)->qword[_i] ^= cpu_to_le64(Ax[5][r5 & 0xFF]); \
+ (data)->qword[_i] ^= cpu_to_le64(Ax[6][r6 & 0xFF]); \
+ (data)->qword[_i] ^= cpu_to_le64(Ax[7][r7 & 0xFF]); \
+ r0 >>= 8; \
+ r1 >>= 8; \
+ r2 >>= 8; \
+ r3 >>= 8; \
+ r4 >>= 8; \
+ r5 >>= 8; \
+ r6 >>= 8; \
+ r7 >>= 8; \
+ } \
+}
+
+#define ROUND(i, Ki, data) { \
+ XLPS(Ki, &C[i], Ki); \
+ XLPS(Ki, data, data); \
+}
+
+static const struct streebog_uint512 buffer0 = { {
+ 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL, 0ULL
+} };
+
+static const struct streebog_uint512 buffer512 = { {
+ cpu_to_le64(0x200ULL),
+ 0ULL, 0ULL, 0UL
[PATCH 2/2] crypto: streebog - add Streebog test vectors
Add testmgr and tcrypt tests and vectors for Streebog hash function
from RFC 6986 and GOST R 34.11-2012.
Signed-off-by: Vitaly Chikunov
---
crypto/tcrypt.c | 27 +
crypto/testmgr.c | 12 ++
crypto/testmgr.h | 71
3 files changed, 110 insertions(+)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index bdde95e8d369..d66cb167daa2 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -77,6 +77,7 @@ static char *check[] = {
"khazad", "wp512", "wp384", "wp256", "tnepres", "xeta", "fcrypt",
"camellia", "seed", "salsa20", "rmd128", "rmd160", "rmd256", "rmd320",
"lzo", "cts", "zlib", "sha3-224", "sha3-256", "sha3-384", "sha3-512",
+ "sb256", "sb512",
NULL
};
@@ -1914,6 +1915,14 @@ static int do_test(const char *alg, u32 type, u32 mask,
int m, u32 num_mb)
ret += tcrypt_test("sm3");
break;
+ case 53:
+ ret += tcrypt_test("sb256");
+ break;
+
+ case 54:
+ ret += tcrypt_test("sb512");
+ break;
+
case 100:
ret += tcrypt_test("hmac(md5)");
break;
@@ -2392,6 +2401,14 @@ static int do_test(const char *alg, u32 type, u32 mask,
int m, u32 num_mb)
test_hash_speed("sm3", sec, generic_hash_speed_template);
if (mode > 300 && mode < 400) break;
/* fall through */
+ case 327:
+ test_hash_speed("sb256", sec, generic_hash_speed_template);
+ if (mode > 300 && mode < 400) break;
+ /* fall through */
+ case 328:
+ test_hash_speed("sb512", sec, generic_hash_speed_template);
+ if (mode > 300 && mode < 400) break;
+ /* fall through */
case 399:
break;
@@ -2505,6 +2522,16 @@ static int do_test(const char *alg, u32 type, u32 mask,
int m, u32 num_mb)
num_mb);
if (mode > 400 && mode < 500) break;
/* fall through */
+ case 426:
+ test_mb_ahash_speed("sb256", sec, generic_hash_speed_template,
+ num_mb);
+ if (mode > 400 && mode < 500) break;
+ /* fall through */
+ case 427:
+ test_mb_ahash_speed("sb512", sec, generic_hash_speed_template,
+ num_mb);
+ if (mode > 400 && mode < 500) break;
+ /* fall through */
case 499:
break;
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a1d42245082a..6efb0a218b41 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -3428,6 +3428,18 @@ static const struct alg_test_desc alg_test_descs[] = {
.cipher = __VECS(salsa20_stream_tv_template)
}
}, {
+ .alg = "sb256",
+ .test = alg_test_hash,
+ .suite = {
+ .hash = __VECS(sb256_tv_template)
+ }
+ }, {
+ .alg = "sb512",
+ .test = alg_test_hash,
+ .suite = {
+ .hash = __VECS(sb512_tv_template)
+ }
+ }, {
.alg = "sha1",
.test = alg_test_hash,
.fips_allowed = 1,
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 173111c70746..9f9b7d6e4072 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -2309,6 +2309,77 @@ static const struct hash_testvec crct10dif_tv_template[]
= {
}
};
+/*
+ * Streebog test vectors from RFC 6986 and GOST R 34.11-2012
+ */
+static const struct hash_testvec sb256_tv_template[] = {
+ { /* M1 */
+ .plaintext =
"012345678901234567890123456789012345678901234567890123456789012",
+ .psize = 63,
+ .digest =
+ "\x9d\x15\x1e\xef\xd8\x59\x0b\x89"
+ "\xda\xa6\xba\x6c\xb7\x4a\xf9\x27"
+ "\x5d\xd0\x51\x02\x6b\xb1\x49\xa4"
+ "\x52\xfd\x84\xe5\xe5\x7b\x55\x00",
+ },
+ { /* M2 */
+ .plaintext =
+ "\xd1\xe5\x20\xe2\xe5\xf2\xf0\xe8"
+ "\x2c\x20\xd1\xf2\xf0\xe8\xe1\xee"
+ "\xe6\xe8\x20\xe2\xed\xf3\xf6\xe8"
+ "\x2c\x20\xe2\xe5\xfe\xf2\xfa\x20"
+ "\xf1\x20\xec\xee\xf0\xff\x20\xf1"
+ "\xf2\xf0\xe5\xeb\xe0\xec\xe8\x20"
+ "\xed\xe0\x20\xf5\xf0\xe0\xe1\xf0"
+ "\xfb\xff\x20\xef\xeb\xfa\xea\xfb"
+ "\x20\xc8\xe3\xee\xf0\xe5\xe2\xfb",
+ .psize = 72,
+ .digest =
+ "\x9d\xd2\xfe\x4e\x90\x40\x9e\x5d"
+ "\xa8\x7f\x53\x97\x6d\x74\x05\xb0"
+ "\xc0\xca\xc6\x28\xfc\x
[PATCH 0/2] crypto: streebog - add Streebog hash function
Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986) generic hash transformation with appropriate testmgr and tcrypt tests and vectors. Streebog Hash Function (GOST R 34.11-2012, RFC 6986) is one of the Russian cryptographic standard algorithms (called GOST algorithms). References: https://tc26.ru/upload/iblock/fed/feddbb4d26b685903faa2ba11aea43f6.pdf https://tools.ietf.org/html/rfc6986 Tested using testmgr and tcrypt on x86_64. Vitaly Chikunov (2): crypto: streebog - add Streebog hash function crypto: streebog - add Streebog test vectors crypto/Kconfig| 12 + crypto/Makefile |1 + crypto/streebog_generic.c | 1142 + crypto/tcrypt.c | 27 ++ crypto/testmgr.c | 12 + crypto/testmgr.h | 71 +++ include/crypto/streebog.h | 34 ++ 7 files changed, 1299 insertions(+) create mode 100644 crypto/streebog_generic.c create mode 100644 include/crypto/streebog.h -- 2.11.0
