Re: GCM counter inc

Can someone verify if it is a bug? Thanks On Wed, Jun 20, 2012 at 11:44 AM, Ronen Shitrit wrote: > Hi > > According to the GCM NIST publication, the counter increment should be > module 32 bit. > Looking into the crypto code, I can see that when using gcm(aes) the > gcm wil

GCM counter inc

Hi According to the GCM NIST publication, the counter increment should be module 32 bit. Looking into the crypto code, I can see that when using gcm(aes) the gcm will use the ctr over aes, ctr.c is using the crypto_inc with size of blocksize, which is 16 for AES. in case crypto_inc will overflow i

RE: [WIP] crypto: add support for Orion5X crypto engine

. This does not alter my key at all. Point 1 on the next side is referring to the AesKeyRdMode bit which must be set prior reading the key. I can't find a definition of this bit so I guess the spec is out of date here. [Ronen Shitrit] you are right, this should be fix accordingly: " To decr

RE: [PATCH 8/8] [CRYPTO] aead: Add authenc

run the encryption and authentication as one operation? BTW: will the kernel IPsec patch that uses this AEAD API will be submitted on this mailing list as well? Thanks Ronen Shitrit > -Original Message- > From: [EMAIL PROTECTED] [mailto:linux-crypto- > [EMAIL PROTECTED] On

RE: status of async crypto

Hi Herbert I found a mailing thread discussing "combined mode algorithms", I think that this is the main missing link for good async support. Are you planning that this combined alg mode will support the async API? Is there any progress on this direction? Regards Ronen Shitrit >

RE: status of async crypto

Wow, I thought that there was more progress ... BTW: I know that the OCF support the OpenSWAN, does it also support the KLIPS by now? I also noticed that the Acrypto have a patch to support KLIPS, does it also support the OpenSWAN? Regards Ronen Shitrit > -Original Message- >

status of async crypto

development of the async crypto support? Thanks for your advice Ronen Shitrit - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html

RE: alignment exception on MD5 code.

Tested, works fine. I found in some manual that when using aligned without a specific size, then "it will be aligned to the largest strict alignment for any natural type (that is, integral or real) that can be handled on the target machine." Which is 8 for the Xscale ;) Regards Ron

RE: alignment exception on MD5 code.

latest CSL compiler with the new ARM EABI. Regards Ronen Shitrit -Original Message- From: Herbert Xu [mailto:[EMAIL PROTECTED] Sent: Sunday, January 22, 2006 12:41 PM To: Ronen Shitrit Cc: linux-crypto@vger.kernel.org Subject: Re: alignment exception on MD5 code. On Sun, Jan 22, 2006 at 11:27:

RE: alignment exception on MD5 code.

You are right in a 64 bit processor we should not find this issue. But on ARM926 (32 bit) we definitely have a problem. Regards, Ronen Shitrit -Original Message- From: Herbert Xu [mailto:[EMAIL PROTECTED] Sent: Friday, January 20, 2006 4:03 AM To: Ronen Shitrit Cc: linux-crypto

RE: alignment exception on MD5 code.

kernel 2.6.12. I took a look on 2.6.15, and I think we have the same problem there. Regards Ronen Shitrit -Original Message- From: David S. Miller [mailto:[EMAIL PROTECTED] Sent: Friday, January 20, 2006 7:49 AM To: Ronen Shitrit Cc: linux-crypto@vger.kernel.org Subject: Re: alignment

AH mode for OpenSwan with OCF.

should be applied after the OCF patch for OpenSwan, it includes: Add support for tasklet, Fix for using OpenSwan in AH mode Fix for using the OCF with OpenSwan in AH mode. Regards Ronen Shitrit - > >Hi > >I'm using the Op

RE: OCF/KLIPS: Badness in local_bh_enable

ipsec ocf callback. Crypto.patch - to add option to call callback through a tasklet and not through a waiting Q (although gives good performance for IPsec) Regards Ronen Shitrit -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ronen Shitrit Sent: Sunday, December

RE: OCF/KLIPS: Badness in local_bh_enable

Hi I had the same problem, I set USE_CBIMM to one and USETASKQ to 1, since I don't want 2 task to be created for each completion -> and it works :) Just one little thing: In ipsec_ocf.c need to fix typo: shedule_work to schedule_work. Regards Ronen Shitrit -Original Message--

RE: ocf-linux-20051110 - Asynchronous Crypto support for linux

readme describing this patch?? Is there any working going on, for porting the OCF to the kernel IPsec?? Regards Ronen Shitrit -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David McCullough Sent: Thursday, November 10, 2005 2:37 PM To: linux-crypto

OCF: few patches

only if cipher (digest add padding of zeros) Check space for digest only if, digest buffer is not specified by crp_mac. Previous fix for Digest /HMAC- Digest. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd hw_cryptodev.patch Description

RE: OCF cryptosoft MD5 Vs HMAC MD5

Hi I'm trying to add support for digest to the OpenSSL cryptodev, And I found that in the kernel cryptodev, user cryptotest and in the cryptosoft driver, we act as MD5 and SHA1 (Hash only not Hmac) are using keys, any special reason for this?!?! Regards Ronen Shitrit - To unsubscribe

RE: OCF cryptosoft MD5 Vs HMAC MD5

Hi I tested it and it seems fine now. Before I got same digest for MD5 and HMAC MD5. Regards Ronen Shitrit -Original Message- From: David McCullough [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 22, 2005 12:31 PM To: Ronen Shitrit Cc: linux-crypto@vger.kernel.org Subject: Re: OCF

OCF OpenSSL authentication

Hi Beside, is there any special reason why the OpenSSL OCF engine is not supporting Authentication?? Regards Ronen Shitrit Marvell Semiconductor Israel Ltd - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to [EMAIL PROTECTED] More

OCF cryptosoft MD5 Vs HMAC MD5

Hi In the current OCF cryptosoft, MD5 and HMAC-MD5 are using HMAC algorithm. See patch attached fixing this issue. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd cryptosoft.patch Description: cryptosoft.patch

RE: Applications using OCF with OpenSSL

tion should be checked to support engine use. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: David McCullough [mailto:[EMAIL PROTECTED] Sent: Friday, November 18, 2005 12:30 AM To: Ronen Shitrit Cc: linux-crypto@vger.kernel.org Subject: Re: Applications usi

Applications using OCF with OpenSSL

e the Rsync Application?? Is there any patch which cause the OpenSSL to use the OCF crypto dev engine by default (if possible) and if not then Go to the other engines or the OpenSSL integrated SW crypto?? Any other suggestions?? Regards Ronen Shitrit Marvell Semiconductor Israel Ltd - To unsubscribe

RE: OpenSSL with OCF

ompletely solve the hang issue, and I can see that when using multi-thread (more then 6) with buffer bigger then 512 bytes the OCF gets better performance then with the openssl crypto. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: [EMAIL PROTECTED]

RE: OpenSSL with OCF

be fix in the OCF release. Now I still get hang when multi is bigger then 2, I can see that part of the threads didn't finish?! Any suggestions?? Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Beha

OpenSSL with OCF

/dev/cryptodev and the copying of the buffers from user to kernel space each time. Any other suggestions?? Is it possible that we will skip the copy to kernel, and use direct mode?? Regards Ronen Shitrit Marvell Semiconductor Israel Ltd - To unsubscribe from this list: send the line "unsubscribe

RE: Dm-crypt patch for OCF

y). See attached. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: Evgeniy Polyakov [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 07, 2005 11:19 AM To: Ronen Shitrit Cc: [EMAIL PROTECTED]; linux-crypto@vger.kernel.org Subject: Re: Dm-crypt patch for

RE: Dm-crypt patch for OCF

-> I assume that the order of the insertion to the OCF Qs, is the order of the completion. If I'm wrong please point me in the code, sorry. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: Evgeniy Polyakov [mailto:[EMAIL PROTECTED] Sent: Wednesd

RE: Dm-crypt patch for OCF

r) which I moved to the read callback. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: Evgeniy Polyakov [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 07, 2005 10:36 AM To: Ronen Shitrit Cc: [EMAIL PROTECTED]; linux-crypto@vger.kernel.org Subject: Re

RE: Dm-crypt patch for OCF

This change affected the write performance only in a bit, less then 1%. btw - this patch is a patch for kernel 2.6.12, with OCF 20050630 patch applied on it. same tests were used as for the first patch. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message

Dm-crypt patch for OCF

ypto patch reference. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd ocf_dm_crypt.patch Description: ocf_dm_crypt.patch

Two

contiguous buffers, it will be very nice, if the OCF will also support scatter list. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to [EMAIL PROTECTED] More majordomo inf

RE: [ACRYPTO] dm-crypt ported to acrypto.

mance seems better. But If I let the limit to get to more then 100 pending requests, then I get memory corruption probably cause of some overrun. I'm not sure if any pending requests is allowed at all, I will need to investigate it more. Regards Ronen Shitrit Marvell Semiconductor

RE: OCF or Acrypto for IPSec and dm-crypt

line_, then I will need to re-evaluate my decision for going with the OCF, since the "big guys here likes to go with the mainline". Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: Herbert Xu [mailto:[EMAIL PROTECTED] Sent: Monday, September 0

RE: [ACRYPTO] dm-crypt ported to acrypto.

since currently the patch is not handling buffers correctly for this case: the write task Believe that the write was done, and it frees the buffers. (If I understood it correctly) ??? I will send a patch, once the dm_crypt will be stable with the OCF. Ronen Shitrit Marvell Semiconductor Isr

RE: [ACRYPTO] dm-crypt ported to acrypto.

ocked it is queued and we return to the user, before the encrypt is completed. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: Evgeniy Polyakov [mailto:[EMAIL PROTECTED] Sent: Sunday, September 04, 2005 10:50 PM To: Ronen Shitrit Cc: [EMAIL PROTECTED];

RE: [ACRYPTO] dm-crypt ported to acrypto.

ers reading through the dm_crypt. ->I think that we might have a problem if a write operation will be processed in parallel to a read operation, the read might wait for the write to complete, and the dm_async_pending might also get wrong values??? Regards Ronen Shitrit Marvell Semiconductor Isra

RE: OCF or Acrypto for IPSec and dm-crypt

which might be a set of operation) but still it is a new session. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: Evgeniy Polyakov [mailto:[EMAIL PROTECTED] Sent: Thursday, September 01, 2005 10:42 PM To: Ronen Shitrit Cc: [EMAIL PROTECTED]; linux-c

RE: OCF or Acrypto for IPSec and dm-crypt

mean by: "Next pont is to support in-kernel input IPsec processing" ? Isn't the patch for IPsec from the Acrypto patch enough ? What kind of development is done, on the application area? Thanks Ronen Shitrit Marvell Semiconductor Israel Ltd -Original Message- From: E

OCF or Acrypto for IPSec and dm-crypt

uggestion which framework should be used? Any idea which framework is going to be integrated to the kernel mainline? Any suggestion which framework is easier for use? or more stable? Any patch for using the dm-crypt with any of the above framework? Any help will be appreciated. Regards Ronen S