On 21-12-2016 14:24, Herbert Xu wrote:
> On Mon, Dec 19, 2016 at 04:08:11PM +0530, Harsh Jain wrote:
>> Hi Herbert,
>>
>> TLS default mode of operation is MAC-then-Encrypt for Authenc algos.
>> Currently framework only supports EtM used in IPSec. User space
>> programs like openssl cannot use af-
On Mon, Dec 19, 2016 at 04:08:11PM +0530, Harsh Jain wrote:
> Hi Herbert,
>
> TLS default mode of operation is MAC-then-Encrypt for Authenc algos.
> Currently framework only supports EtM used in IPSec. User space
> programs like openssl cannot use af-alg interface to encrypt/decrypt
> in TLS mode.
Hi Herbert,
TLS default mode of operation is MAC-then-Encrypt for Authenc algos.
Currently framework only supports EtM used in IPSec. User space
programs like openssl cannot use af-alg interface to encrypt/decrypt
in TLS mode.
Are we going to support Mac-then-Encrypt mode in future kernel releases
Am Dienstag, 31. Mai 2016, 17:22:12 schrieb Harsh Jain:
Hi Harsh,
> Hi,
>
> 1) User can use libkcapi to write program for finup/digest.
> 2) No, kernel test for finup (not sure).
> 3) We can test all callback of new hash tfm drivers added in kernel.
> 4) My driver had issue in finup path which i
Hi,
1) User can use libkcapi to write program for finup/digest.
2) No, kernel test for finup (not sure).
3) We can test all callback of new hash tfm drivers added in kernel.
4) My driver had issue in finup path which is not caught by kcapi test
program :)
regards
Harsh Jain
regards
Harsh Jain
O
Am Dienstag, 31. Mai 2016, 16:28:14 schrieb Harsh Jain:
Hi Harsh,
> Hi Stephen,
>
> Yes ,It's for Hash. The available API in library for hash update
> "_kcapi_md_update" uses "MSG_MORE" flag always set. It will not
> trigger driver's digest/finup implementation. We need something like
> that
>
Hi Stephen,
Yes ,It's for Hash. The available API in library for hash update
"_kcapi_md_update" uses "MSG_MORE" flag always set. It will not
trigger driver's digest/finup implementation. We need something like
that
_kcapi_common_accept()
send(handle->opfd, buffer, len, 0); ==> flag = 0.
It will
Am Dienstag, 31. Mai 2016, 14:45:27 schrieb Harsh Jain:
Hi Harsh,
> Hi,
>
> Thanks Stephen, I will check the same.1 suggestion for kcapi tool. Add
> some switch cases in tool to test digest and finup path of crypto
> driver. Current implementation triggers only init/update/final.
You mean for h
Hi,
Thanks Stephen, I will check the same.1 suggestion for kcapi tool. Add
some switch cases in tool to test digest and finup path of crypto
driver. Current implementation triggers only init/update/final.
Regards
Harsh Jain
On Tue, May 31, 2016 at 2:29 PM, Stephan Mueller wrote:
> Am Dienstag,
Am Dienstag, 31. Mai 2016, 14:10:20 schrieb Harsh Jain:
Hi Harsh,
> Hi,
>
> You means to say like this
>
> ./kcapi -x 2 -e -c "authenc(hmac(sha1),cbc(aes))" -p
> 48981da18e4bb9ef7e2e3162d16b19108b19050f66582cb7f7e4b6c873819b71 -k
> 8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb42
Hi,
You means to say like this
./kcapi -x 2 -e -c "authenc(hmac(sha1),cbc(aes))" -p
48981da18e4bb9ef7e2e3162d16b19108b19050f66582cb7f7e4b6c873819b71 -k
8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -i
7fbc02ebf5b93322329df9bfccb635af -a afcd7202d621e06ca53b70c2bdff7fb2
-l 16f4a
Am Dienstag, 31. Mai 2016, 12:31:16 schrieb Harsh Jain:
Hi Harsh,
> Hi All,
>
> How can we open socket of type "authenc(hmac(sha256),cbc(aes))" from
> userspace program.I check libkcapi library. It has test programs for
> GCM/CCM. There are 3 types of approaches to Authenticated Encryption,
> Wh
Hi All,
How can we open socket of type "authenc(hmac(sha256),cbc(aes))" from
userspace program.I check libkcapi library. It has test programs for
GCM/CCM. There are 3 types of approaches to Authenticated Encryption,
Which of them is supported in crypto framework.
1) Encrypt-then-MAC (EtM)
Th
13 matches
Mail list logo
