On Mon, 21 Oct 2019 at 14:40, Pascal Van Leeuwen
wrote:
>
> > -Original Message-
> > From: Ard Biesheuvel
> > Sent: Monday, October 21, 2019 1:59 PM
> > To: Pascal Van Leeuwen
> > Cc: linux-crypto@vger.kernel.org; herb...@gondor.apana.org.au
> >
On Mon, 21 Oct 2019 at 14:08, Pascal Van Leeuwen
wrote:
>
> And now that we've opened Pandora's box of "ellendianness" (as we
> say here - a combination of the Dutch word "ellende", for misery,
> and endianness ;-):
>
> The inside-secure driver uses several packed bitfield structures
> (that are a
On Fri, 18 Oct 2019 at 15:00, David Sterba wrote:
>
> On Thu, Oct 17, 2019 at 12:22:57PM +0200, Ard Biesheuvel wrote:
> > On Mon, 14 Oct 2019 at 11:17, David Sterba wrote:
> > >
> > > Test vectors for blake2b with various digest sizes. As the algorithm is
&
On Mon, 21 Oct 2019 at 12:05, Krzysztof Kozlowski wrote:
>
> On Mon, Oct 14, 2019 at 02:18:52PM +0200, Ard Biesheuvel wrote:
> > Commit 7a7ffe65c8c5 ("crypto: skcipher - Add top-level skcipher interface")
> > dated 20 august 2015 introduced the new skcipher API whic
On Mon, 21 Oct 2019 at 12:56, Pascal Van Leeuwen
wrote:
>
> Another endianness question:
>
> I have some data structure that can be either little or big endian,
> depending on the exact use case. Currently, I have it defined as u32.
> This causes sparse errors when accessing it using cpu_to_Xe32()
On Fri, 18 Oct 2019 at 16:15, Hook, Gary wrote:
>
> On 10/14/19 7:18 AM, Ard Biesheuvel wrote:
> > Commit 7a7ffe65c8c5 ("crypto: skcipher - Add top-level skcipher interface")
> > dated 20 august 2015 introduced the new skcipher API which is supposed to
> > rep
On Sat, 19 Oct 2019 at 00:07, Sasha Levin wrote:
>
> From: Ard Biesheuvel
>
> [ Upstream commit f703964fc66804e6049f2670fc11045aa8359b1a ]
>
> The ARM accelerated AES driver depends on the new AES library for
> its non-SIMD fallback so express this in its Kconfig declarati
son A. Donenfeld
Signed-off-by: Ard Biesheuvel
---
arch/arm/crypto/curve25519-core.S | 2105
1 file changed, 2105 insertions(+)
diff --git a/arch/arm/crypto/curve25519-core.S
b/arch/arm/crypto/curve25519-core.S
new file mode 100644
index ..f33b85fef382
---
ell (which is the common case),
avoiding the need to walk the scatterlist and kmap() the page twice.
Signed-off-by: Ard Biesheuvel
---
include/crypto/chacha20poly1305.h | 11 ++
lib/crypto/chacha20poly1305-selftest.c | 45 ++
lib/crypto/chacha20poly1305.c | 150 +
c60798952f,
and already contains all the changes required to build it as part of a
Linux kernel module.
[0] https://github.com/dot-asm/cryptogams
Co-developed-by: Andy Polyakov
Signed-off-by: Andy Polyakov
Signed-off-by: Ard Biesheuvel
---
arch/arm/crypto/Kconfig |5 +
arch/
: René van Dorst
Signed-off-by: Ard Biesheuvel
---
arch/mips/crypto/Makefile | 14 +
arch/mips/crypto/poly1305-glue.c | 203
arch/mips/crypto/poly1305-mips.pl | 1273
crypto/Kconfig|5 +
lib/crypto/Kconfig|1 +
5 fil
luded in the
first place.
Cc: Masahiro Yamada
Signed-off-by: Ard Biesheuvel
---
arch/arm64/Kconfig | 2 +-
arch/riscv/Kconfig | 2 +-
arch/x86/Kconfig | 2 +-
crypto/ecc.c | 2 +-
init/Kconfig | 4
lib/ubsan.c| 2 +-
lib/ubsan.h| 2 +-
7 files changed, 10 inser
into lib/crypto framework
- implement crypto API KPP hooks ]
Signed-off-by: Ard Biesheuvel
---
arch/arm/crypto/Kconfig | 6 +
arch/arm/crypto/Makefile | 2 +
arch/arm/crypto/curve25519-core.S | 347 +---
arch/arm/crypto/curve25519-glue.c | 136
4 fil
into lib/crypto framework
- implement crypto API KPP hooks ]
Signed-off-by: Ard Biesheuvel
---
arch/x86/crypto/Makefile|1 +
arch/x86/crypto/curve25519-x86_64.c | 2480
crypto/Kconfig |6 +
crypto/curve25519-generic.c |
by: Samuel Neves
Co-developed-by: Samuel Neves
[ardb: move to arch/x86/crypto, wire into lib/crypto framework]
Signed-off-by: Ard Biesheuvel
---
arch/x86/crypto/Makefile | 2 +
arch/x86/crypto/blake2s-core.S | 685
arch/x86/crypto/blake2s-glue.c | 235 +++
cryp
ludes with Kconfig based object selection
- drop simd handling and simplify support for per-arch versions ]
Signed-off-by: Ard Biesheuvel
---
include/crypto/curve25519.h| 71 ++
lib/crypto/Kconfig | 25 +
lib/crypto/Makefile| 5 +
lib/crypto/curve25519-fiat
Expose the generic Curve25519 library via the crypto API KPP interface.
Signed-off-by: Ard Biesheuvel
---
crypto/Kconfig | 5 ++
crypto/Makefile | 1 +
crypto/curve25519-generic.c | 93
3 files changed, 99 insertions(+)
diff --git a/crypto
The Curve25519 drivers we will be implementing will perform validation
of the inputs, and in order to ensure that these checks work as expected,
we need to be able to test for expected errors. So implement this in the
KPP test routines in the testmgr framework.
Signed-off-by: Ard Biesheuvel
n=]
Let's give some hints to the compiler regarding which routines should
not be inlined, to prevent it from running out of registers and spilling
to the stack. The resulting code performs identically under both GCC
and Clang, and makes the warning go away.
Suggested-by: Arnd Bergmann
Sig
In preparation of introducing KPP implementations of Curve25519, import
the set of test cases proposed by the Zinc patch set, but converted to
the KPP format.
Signed-off-by: Ard Biesheuvel
---
crypto/testmgr.c |6 +
crypto/testmgr.h | 1603
2 files changed, 1609
into the header file.
Information: https://blake2.net/
Signed-off-by: Jason A. Donenfeld
Signed-off-by: Samuel Neves
Co-developed-by: Samuel Neves
[ardb: move from lib/zinc to lib/crypto and remove simd handling]
Signed-off-by: Ard Biesheuvel
---
include/crypto/blake2s.h | 108 +
inc
arch-specific version in the future.
Signed-off-by: Ard Biesheuvel
---
crypto/poly1305_generic.c | 22 +-
include/crypto/poly1305.h | 38 +-
lib/crypto/Kconfig| 26 +++
lib/crypto/poly1305.c | 74
4 files changed, 138 insertions(+), 22 deletions(-)
Now that all users of generic ChaCha code have moved to the core library,
there is no longer a need for the generic ChaCha skcpiher driver to
export parts of it implementation for reuse by other drivers. So drop
the exports, and make the symbols static.
Signed-off-by: Ard Biesheuvel
---
crypto
recent FPU handling changes
on x86.
Since this removes the last remaining user of the routines exported
by the generic shash driver, unexport them and make them static.
Signed-off-by: Ard Biesheuvel
---
arch/x86/crypto/poly1305_glue.c| 66
crypto/Kconfig
generic library with
init/update/final routines so that Poyl1305 algorithm can be used
directly without the need for using the crypto API's shash abstraction.
Signed-off-by: Ard Biesheuvel
---
arch/x86/crypto/poly1305_glue.c| 2 +-
crypto/Kconfig | 5 +-
crypto/adian
Implement the arch init/update/final Poly1305 library routines in the
accelerated SIMD driver for x86 so they are accessible to users of
the Poly1305 library interface as well.
Signed-off-by: Ard Biesheuvel
---
arch/x86/crypto/poly1305_glue.c | 57 ++--
crypto/Kconfig
c60798952f,
and already contains all the changes required to build it as part of a
Linux kernel module.
[0] https://github.com/dot-asm/cryptogams
Co-developed-by: Andy Polyakov
Signed-off-by: Andy Polyakov
Signed-off-by: Ard Biesheuvel
---
arch/arm64/crypto/Kconfig | 6 +
In preparation of exposing a Poly1305 library interface directly from
the accelerated x86 driver, align the state descriptor of the x86 code
with the one used by the generic driver. This is needed to make the
library interface unified between all implementations.
Signed-off-by: Ard Biesheuvel
In preparation of introducing a set of crypto library interfaces, tidy
up the Makefile and split off the Kconfig symbols into a separate file.
Signed-off-by: Ard Biesheuvel
---
crypto/Kconfig | 13 +
lib/crypto/Kconfig | 15 +++
lib/crypto/Makefile | 16
l.org/pub/scm/linux/kernel/git/ardb/linux.git/log/?h=wireguard-crypto-library-api-v4
Cc: Herbert Xu
Cc: David Miller
Cc: Jason A. Donenfeld
Cc: Samuel Neves
Cc: Arnd Bergmann
Cc: Eric Biggers
Cc: Andy Lutomirski
Cc: Martin Willi
Cc: Rene van Dorst
Cc: David Sterba
Ard Biesheuvel (28):
klen=0 klen=1
len=256 | klen=32 klen=0 klen=1 klen=16
Cc: David Sterba
Cc: Eric Biggers
Signed-off-by: Ard Biesheuvel
---
crypto/testmgr.c | 24 ++
crypto/testmgr.h | 251
2 files changed, 275 insertions(+)
diff --git a/crypto/testmgr.c b/crypto
Wire up our newly added Blake2s implementation via the shash API.
Signed-off-by: Ard Biesheuvel
---
crypto/Kconfig| 4 +
crypto/Makefile | 1 +
crypto/blake2s-generic.c | 171
include/crypto/internal/blake2s.h | 5 +
4
argument rather
than hardcoding it to 20.
Co-developed-by: René van Dorst
Signed-off-by: René van Dorst
Signed-off-by: Ard Biesheuvel
---
arch/mips/Makefile | 2 +-
arch/mips/crypto/Makefile | 4 +
arch/mips/crypto/chacha-core.S | 159 +--
arch/mips/crypto/chacha
From: "Jason A. Donenfeld"
This imports the accelerated MIPS 32r2 ChaCha20 implementation from the
Zinc patch set.
Co-developed-by: René van Dorst
Signed-off-by: René van Dorst
Signed-off-by: Jason A. Donenfeld
Signed-off-by: Ard Biesheuvel
---
arch/mips/crypto/chacha-co
mode.
Signed-off-by: Ard Biesheuvel
---
arch/x86/crypto/chacha_glue.c | 98 +---
crypto/Kconfig| 2 +-
2 files changed, 46 insertions(+), 54 deletions(-)
diff --git a/arch/x86/crypto/chacha_glue.c b/arch/x86/crypto/chacha_glue.c
index bc62daa8dafd..a264dcc64679
module.
Signed-off-by: Ard Biesheuvel
---
arch/arm/crypto/Kconfig | 4 +-
arch/arm/crypto/Makefile | 3 +-
arch/arm/crypto/chacha-glue.c| 316
arch/arm/crypto/chacha-neon-glue.c | 202 -
arch/arm/crypto/chacha-scalar-core.S
available (which may be none
at all, in which case we defer to the generic implementation for
all invocations).
Signed-off-by: Ard Biesheuvel
---
arch/arm/crypto/Kconfig | 1 +
arch/arm/crypto/chacha-glue.c | 41 +++-
2 files changed, 41 insertions(+), 1 deletion(-)
diff
select the optimal implementation available (which may be none
at all, in which case we defer to the generic implementation for
all invocations).
Signed-off-by: Ard Biesheuvel
---
arch/x86/crypto/chacha_glue.c | 91 ++--
crypto/Kconfig| 1 +
include/crypto
prefer the scalar code on short inputs.
Turning the NEON on and off is cheap these days, and one major use case
for ChaCha20 is ChaCha20-Poly1305, which is guaranteed to hit the scalar
path upon every invocation (when doing the Poly1305 nonce generation)
Signed-off-by: Ard Biesheuvel
---
arch/arm64
Signed-off-by: Ard Biesheuvel
---
arch/arm/crypto/chacha-scalar-core.S | 461
1 file changed, 461 insertions(+)
diff --git a/arch/arm/crypto/chacha-scalar-core.S
b/arch/arm/crypto/chacha-scalar-core.S
new file mode 100644
index ..2140319b64a0
--- /dev/null
available (which may be none
at all, in which case we defer to the generic implementation for
all invocations).
Signed-off-by: Ard Biesheuvel
---
arch/arm64/crypto/Kconfig| 1 +
arch/arm64/crypto/chacha-neon-glue.c | 46 ++--
2 files changed, 43 insertions(+), 4
cture specific one if provided.
So move the streamcipher code into a separate module in lib/crypto,
and expose the init() and crypt() routines to users of the library.
Signed-off-by: Ard Biesheuvel
---
arch/arm/crypto/chacha-neon-glue.c | 2 +-
arch/arm64/crypto/chacha-neon-glue.c | 2 +-
arch/x86/c
On Thu, 17 Oct 2019 at 17:18, Kamil Konieczny wrote:
>
> Hi,
>
> On 14.10.2019 14:18, Ard Biesheuvel wrote:
> > Commit 7a7ffe65c8c5 ("crypto: skcipher - Add top-level skcipher interface")
> > dated 20 august 2015 introduced the new skcipher API which is supposed
On Thu, 17 Oct 2019 at 13:25, Tero Kristo wrote:
>
> On 17/10/2019 13:45, Ard Biesheuvel wrote:
> > On Thu, 17 Oct 2019 at 12:25, Tero Kristo wrote:
> >>
> >> On 15/10/2019 20:28, Tony Lindgren wrote:
> >>> * Ard Biesheuvel [191014 12:20]:
> >>
On Thu, 17 Oct 2019 at 12:25, Tero Kristo wrote:
>
> On 15/10/2019 20:28, Tony Lindgren wrote:
> > * Ard Biesheuvel [191014 12:20]:
> >> Commit 7a7ffe65c8c5 ("crypto: skcipher - Add top-level skcipher interface")
> >> dated 20 august 2015 introduced t
On Mon, 14 Oct 2019 at 11:17, David Sterba wrote:
>
> Test vectors for blake2b with various digest sizes. As the algorithm is
> the same up to the digest calculation, the key and input data length is
> distributed in a way that tests all combinanions of the two over the
> digest sizes.
>
> Based o
ll ppc_aes_setkey(), rather than
> creating a separate expand_key() function. This keeps the code
> shorter.
>
> Eric Biggers (3):
> crypto: powerpc - don't unnecessarily use atomic scatterwalk
> crypto: powerpc - don't set ivsize for AES-ECB
> cryp
On Tue, 15 Oct 2019 at 12:17, wrote:
>
> Hi, Ard,
>
> Thanks for working on this.
>
> On 10/14/2019 03:18 PM, Ard Biesheuvel wrote:
> > Commit 7a7ffe65c8c5 ("crypto: skcipher - Add top-level skcipher interface")
> > dated 20 august 2015 introduced t
On Tue, 15 Oct 2019 at 12:00, Martin Willi wrote:
>
> Hi Ard,
>
> > Since turning the FPU on and off is cheap these days, simplify the
> > SIMD routine by dropping the per-page yield, which makes for a
> > cleaner switch to the library API as well.
>
> In my measurements that lazy FPU restore work
Add the logic to deal with input sizes that are not a round multiple
of the AES block size, as described by the XTS spec. This brings the
SPE implementation in line with other kernel drivers that have been
updated recently to take this into account.
Cc: Eric Biggers
Signed-off-by: Ard Biesheuvel
On Mon, 14 Oct 2019 at 19:38, Eric Biggers wrote:
>
> On Mon, Oct 14, 2019 at 10:45:22AM +0200, Ard Biesheuvel wrote:
> > Hi Eric,
> >
> > On Sat, 12 Oct 2019 at 04:32, Eric Biggers wrote:
> > >
> > > From: Eric Biggers
> > >
> > >
Instead of passing around an ops structure with function pointers,
which forces indirect calls to be used, refactor the code slightly
so we can use ordinary function calls. At the same time, switch to
a static key to decide whether or not the SIMD code path may be used.
Signed-off-by: Ard
() routine
Cc: Ondrej Mosnacek
Ard Biesheuvel (2):
crypto: aegis128 - avoid function pointers for parameterization
crypto: aegis128 - duplicate init() and final() hooks in SIMD code
crypto/aegis128-core.c | 125 ++--
crypto/aegis128-neon-inner.c | 50
crypto
In order to speed up aegis128 processing even more, duplicate the init()
and final() routines as SIMD versions in their entirety. This results
in a 2x speedup on ARM Cortex-A57 for ~1500 byte packets (using AES
instructions).
Signed-off-by: Ard Biesheuvel
---
crypto/aegis128-core.c | 38
On Mon, 14 Oct 2019 at 16:14, Jason A. Donenfeld wrote:
>
> Hi Ard,
>
> On Mon, Oct 7, 2019 at 6:46 PM Ard Biesheuvel
> wrote:
> > Arnd reports that the 32-bit generic library code for Curve25119 ends
> > up using an excessive amount of stack space when built with
On Fri, 11 Oct 2019 at 18:46, Jason A. Donenfeld wrote:
>
> On Thu, Oct 10, 2019 at 11:02:32PM -0700, Eric Biggers wrote:
> > FYI, I had left a few review comments on Jason's last version of this patch
> > (https://lkml.kernel.org/linux-crypto/20190326173759.GA607@zzz.localdomain/),
> > some of wh
o so.
>
> Eric Biggers (3):
> crypto: s390/aes - convert to skcipher API
> crypto: s390/paes - convert to skcipher API
> crypto: s390/des - convert to skcipher API
>
These look fine to me:
Reviewed-by: Ard Biesheuvel
but i cannot test them either.
moved.
>
> Signed-off-by: Eric Biggers
Reviewed-by: Ard Biesheuvel
> ---
> drivers/crypto/nx/nx-aes-ctr.c | 84 +++---
> drivers/crypto/nx/nx.c | 25 +++---
> drivers/crypto/nx/nx.h | 4 +-
> 3 files changed, 46 insertions(+), 67 d
moved.
>
> Signed-off-by: Eric Biggers
Reviewed-by: Ard Biesheuvel
> ---
> drivers/crypto/nx/nx-aes-cbc.c | 78 ++
> drivers/crypto/nx/nx.c | 11 ++---
> drivers/crypto/nx/nx.h | 4 +-
> 3 files changed, 41 insertions(+), 52 del
moved.
>
> Signed-off-by: Eric Biggers
Reviewed-by: Ard Biesheuvel
> ---
> drivers/crypto/nx/nx-aes-ecb.c | 76 ++
> drivers/crypto/nx/nx.c | 28 ++---
> drivers/crypto/nx/nx.h | 5 ++-
> 3 files changed, 58 insertions(+)
re is part of the "blkcipher"
> API, which is deprecated and will be removed.
>
> Just pass around the IV directly instead.
>
> Signed-off-by: Eric Biggers
Reviewed-by: Ard Biesheuvel
> ---
> drivers/crypto/nx/nx-aes-cbc.c | 5 +++--
> drivers/crypto/nx/nx-aes-ccm.
moved.
>
> Signed-off-by: Eric Biggers
Reviewed-by: Ard Biesheuvel
> ---
>
> This is compile-tested only, as I don't have this hardware.
> If anyone has this hardware, please test it with
> CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y.
>
> drivers/crypto/padlock
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Signed-off-by: Ard Biesheuvel
---
drivers/crypto
ernel Team
Cc: Fabio Estevam
Cc: NXP Linux Team
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/mxs-dcp.c | 140 +---
1 file changed, 65 insertions(+), 75 deletions(-)
diff --git a/drivers/crypto/mxs-dcp.c b/drivers/crypto/mxs-dcp.c
index bf8d2197bc11..f438b425c655 100644
---
Cc: Kamil Konieczny
Cc: linux-samsung-...@vger.kernel.org
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/s5p-sss.c | 191 ++--
1 file changed, 91 insertions(+), 100 deletions(-)
diff --git a/drivers/crypto/s5p-sss.c b/drivers/crypto/s5p-sss.c
index 010f1bb20dad..e6f1d4d5186c 10
radead.org
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/mediatek/mtk-aes.c | 248 +---
1 file changed, 116 insertions(+), 132 deletions(-)
diff --git a/drivers/crypto/mediatek/mtk-aes.c
b/drivers/crypto/mediatek/mtk-aes.c
index 90c9644fb8a8..d3416020669f 100644
--- a/driv
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Signed-off-by: Ard Biesheuvel
---
drivers/
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Cc: Linus Walleij
Signed-off-by: Ard Biesheuvel
--
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/omap-aes.c | 208 +-
drivers/crypto/omap-aes.h | 4 +-
drivers/crypto/omap-des.c | 232 +---
3 files changed, 206 insertions(+), 238 deletions(-)
diff --git a/drivers/crypto/omap-aes.c b/drivers/crypto/omap-a
ller"
Cc: Eric Biggers
Cc: linux-arm-ker...@lists.infradead.org
Ard Biesheuvel (25):
crypto: virtio - implement missing support for output IVs
crypto: virtio - deal with unsupported input sizes
crypto: virtio - switch to skcipher API
crypto: ccp - switch from ablkcipher to skcipher
c
: add virtio-crypto driver")
Cc: "Michael S. Tsirkin"
Cc: Jason Wang
Cc: Gonglei
Cc: virtualizat...@lists.linux-foundation.org
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/virtio/virtio_crypto_algs.c | 9 +
1 file changed, 9 insertions(+)
diff --git a/d
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Signed-off-by: Ard Biesheuvel
---
drivers/crypto
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Signed-off-by: Ard Biesheuvel
---
drivers/crypt
tof Halasa
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/ixp4xx_crypto.c | 228 ++--
1 file changed, 108 insertions(+), 120 deletions(-)
diff --git a/drivers/crypto/ixp4xx_crypto.c b/drivers/crypto/ixp4xx_crypto.c
index 9181523ba760..391e3b4df364 100644
--- a/drivers/crypto/ixp4x
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/h
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Cc: Atul Gupta
Signed-off-by: Ard Biesheuvel
--
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Cc: Giovanni Cabiddu
Signed-off-by: Ard
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Cc: Heiko Stuebner
Signed-off-by: Ard
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Cc: Maxime Coquelin
Cc: Alexandre Torgue
Signed-o
Setting the cra_type field is not necessary for skciphers, and ablkcipher
will be removed, so drop the assignment from the nitrox driver.
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/cavium/nitrox/nitrox_skcipher.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/drivers/crypto/cavium
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Signed-off-by: Ard Biesheuvel
---
drivers/cryp
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Cc: Jamie Iles
Signed-off-by: Ard Biesheuvel
--
rypto: add virtio-crypto driver")
Cc: "Michael S. Tsirkin"
Cc: Jason Wang
Cc: Gonglei
Cc: virtualizat...@lists.linux-foundation.org
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/virtio/virtio_crypto_algs.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
di
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/
c: Ludovic Desroches
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/atmel-tdes.c | 433 ++--
1 file changed, 207 insertions(+), 226 deletions(-)
diff --git a/drivers/crypto/atmel-tdes.c b/drivers/crypto/atmel-tdes.c
index 1a6c86ae6148..d29051d28dad 100644
--- a/drivers/crypto/atmel-td
n, forcing
us to keep the ablkcipher support routines alive, along with the matching
code to expose [a]blkciphers via the skcipher API.
So switch this driver to the skcipher API, allowing us to finally drop the
blkcipher code in the near future.
Cc: Tom Lendacky
Cc: Gary Hook
Signed-off-by: Ard
c: Ludovic Desroches
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/atmel-aes.c | 507 ++--
1 file changed, 244 insertions(+), 263 deletions(-)
diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index 00920a2b95ce..21be3cb06a96 100644
--- a/drivers/crypto/atmel-a
ang
Cc: Gonglei
Cc: virtualizat...@lists.linux-foundation.org
Signed-off-by: Ard Biesheuvel
---
drivers/crypto/virtio/virtio_crypto_algs.c | 187 ++--
drivers/crypto/virtio/virtio_crypto_common.h | 2 +-
2 files changed, 92 insertions(+), 97 deletions(-)
diff --git a/d
Hi Eric,
On Sat, 12 Oct 2019 at 04:32, Eric Biggers wrote:
>
> From: Eric Biggers
>
> Convert the glue code for the PowerPC SPE implementations of AES-ECB,
> AES-CBC, AES-CTR, and AES-XTS from the deprecated "blkcipher" API to the
> "skcipher" API.
>
> Tested with:
>
> export ARCH=powerp
On Sun, 13 Oct 2019 at 20:56, Eric Biggers wrote:
>
> On Sun, Oct 13, 2019 at 05:31:31PM +0200, Ard Biesheuvel wrote:
> > On Sun, 13 Oct 2019 at 08:29, Ard Biesheuvel
> > wrote:
> > >
> > > On Sun, 13 Oct 2019 at 06:40, Eric Biggers wrote:
> > > &g
On Sun, 13 Oct 2019 at 08:29, Ard Biesheuvel wrote:
>
> On Sun, 13 Oct 2019 at 06:40, Eric Biggers wrote:
> >
> > This series converts the PowerPC Nest (NX) implementations of AES modes
> > from the deprecated "blkcipher" API to the "skcipher" API. T
On Sun, 13 Oct 2019 at 06:40, Eric Biggers wrote:
>
> This series converts the PowerPC Nest (NX) implementations of AES modes
> from the deprecated "blkcipher" API to the "skcipher" API. This is
> needed in order for the blkcipher API to be removed.
>
> This patchset is compile-tested only, as I
In order to speed up aegis128 processing even more, duplicate the init()
and final() routines as SIMD versions in their entirety. This results
in a 2x speedup on ARM Cortex-A57 for ~1500 byte inputs (using AES
instructions).
Signed-off-by: Ard Biesheuvel
---
crypto/aegis128-core.c | 38
Instead of passing around an ops structure with function pointers,
which forces indirect calls to be used, refactor the code slightly
so we can use ordinary function calls. At the same time, switch to
a static key to decide whether or not the SIMD code path may be used.
Signed-off-by: Ard
Refactor the aegis128 code to get rid of indirect calls, and implement
SIMD versions of the init() and final() hooks. This results in a ~2x
speedup on ARM Cortex-A57 for ~1500 byte inputs.
Cc: Ondrej Mosnacek
Ard Biesheuvel (2):
crypto: aegis128 - avoid function pointers for parameterization
this in version 10 and later.
Signed-off-by: Ard Biesheuvel
---
arch/arm/crypto/Kconfig | 14 +++--
arch/arm/crypto/Makefile| 32 ++---
arch/arm/crypto/aes-ce-core.S | 1 +
arch/arm/crypto/crct10dif-ce-core.S | 2 +-
arch/arm/crypto/ghas
On Thu, 10 Oct 2019 at 16:09, David Sterba wrote:
>
> The patch brings support of several BLAKE2 variants (2b with various
> digest lengths). The keyed digest is supported, using tfm->setkey call.
> The in-tree user will be btrfs (for checksumming), we're going to use
> the BLAKE2b-256 variant.
>
On Thu, 10 Oct 2019 at 01:39, Eric Biggers wrote:
>
> From: Eric Biggers
>
> Instead of open-coding the calculations for ESSIV handling, use an ESSIV
> skcipher which does all of this under the hood. ESSIV was added to the
> crypto API in v5.4.
>
> This is based on a p
Hi David,
I have a couple more comments - apologies for not spotting these the
first time around.
On Fri, 4 Oct 2019 at 12:24, David Sterba wrote:
>
> The patch brings support of several BLAKE2 variants (2b with various
> digest lengths). The in-tree user will be btrfs (for checksumming),
> we'r
On Sat, 5 Oct 2019 at 18:15, Gert Robben wrote:
>
> Op 05-10-2019 om 11:11 schreef Ard Biesheuvel:
> > Commit 79c65d179a40e145 ("crypto: cbc - Convert to skcipher") updated
> > the generic CBC template wrapper from a blkcipher to a skcipher algo,
> > to get
601 - 700 of 2556 matches
Mail list logo