> > Also, I wonder if we shouldn't simply change the chacha code to use
> > unaligned loads for the state array, as it likely makes very little
> > difference in practice (the state is not accessed from inside the
> > round processing loop)
>
> I am seeing a 0.25% slowdown on 1k blocks in the SS
On Tue, Jul 07, 2020 at 09:31:55AM +0300, Ard Biesheuvel wrote:
> Even though the sun8i-ce driver implements asynchronous versions of
> ecb(aes) and cbc(aes), the fallbacks it allocates are required to be
> synchronous. Given that SIMD based software implementations are usually
> asynchronous as we
Some asymmetric algorithms will get different ciphertext after
each encryption, such as SM2, and let testmgr support the testing
of such algorithms.
In struct akcipher_testvec, set c and c_size to be empty, skip
the comparison of the ciphertext, and compare the decrypted
plaintext with m to achiev
Hello all,
This new module implement the OSCCA certificate and SM2 public key
algorithm. It was published by State Encryption Management Bureau, China.
List of specifications for OSCCA certificate and SM2 elliptic curve
public key cryptography:
* GM/T 0003.1-2012
* GM/T 0003.2-2012
* GM/T 0003.3-
Asymmetric digsig supports SM2-with-SM3 algorithm combination,
so that IMA can also verify SM2's signature data.
Signed-off-by: Tianjia Zhang
---
security/integrity/digsig_asymmetric.c | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/security/integrity/digsig_a
The digital certificate format based on SM2 crypto algorithm as
specified in GM/T 0015-2012. It was published by State Encryption
Management Bureau, China.
The method of generating Other User Information is defined as
ZA=H256(ENTLA || IDA || a || b || xG || yG || xA || yA), it also
specified in ht
The implementation of EC is introduced from libgcrypt as the
basic algorithm of elliptic curve, which can be more perfectly
integrated with MPI implementation.
Some other algorithms will be developed based on mpi ecc, such as SM2.
Signed-off-by: Tianjia Zhang
---
include/linux/mpi.h | 105 +++
This new module implement the SM2 public key algorithm. It was
published by State Encryption Management Bureau, China.
List of specifications for SM2 elliptic curve public key cryptography:
* GM/T 0003.1-2012
* GM/T 0003.2-2012
* GM/T 0003.3-2012
* GM/T 0003.4-2012
* GM/T 0003.5-2012
IETF: https:
The digital certificate format based on SM2 crypto algorithm as
specified in GM/T 0015-2012. It was published by State Encryption
Management Bureau, China.
This patch adds the OID object identifier defined by OSCCA. The
x509 certificate supports sm2-with-sm3 type certificate parsing.
It uses the s
Expand the mpi library based on libgcrypt, and the ECC algorithm of
mpi based on libgcrypt requires these functions.
Some other algorithms will be developed based on mpi ecc, such as SM2.
Signed-off-by: Tianjia Zhang
---
include/linux/mpi.h| 88 +++
lib/mpi/Makefile | 5 +
l
Both crypto_sm3_update and crypto_sm3_finup have been
exported, exporting crypto_sm3_final, to avoid having to
use crypto_sm3_finup(desc, NULL, 0, dgst) to calculate
the hash in some cases.
Signed-off-by: Tianjia Zhang
---
crypto/sm3_generic.c | 7 ---
include/crypto/sm3.h | 2 ++
2 files ch
Hi,
I have a question on behalf of a customer of ours trying to use the
inside-secure crypto
API driver. They are experiencing issues with result data not arriving in the
result buffer.
This seems to have something to do with not being able to DMA to said buffer,
as they
can workaround the issu
Due to the fact that the x86 port does not support allocating objects
on the stack with an alignment that exceeds 8 bytes, we have a rather
ugly hack in the x86 code for ChaCha to ensure that the state array is
aligned to 16 bytes, allowing the SSE3 implementation of the algorithm
to use aligned lo
On Wed, 8 Jul 2020 at 11:56, Van Leeuwen, Pascal wrote:
>
> Hi,
>
> I have a question on behalf of a customer of ours trying to use the
> inside-secure crypto
> API driver. They are experiencing issues with result data not arriving in the
> result buffer.
> This seems to have something to do wit
On Wed 2020-07-08 08:52:23, Petr Mladek wrote:
>
> PS: BTW: The livepatch selftests fail in Linus's master now. But it
> seems to be for another reason. I am going to dig into it.
JFYI, the livepatch selftests are actually working. I have messed
the testing here. I am sorry for the noise.
Best Re
Hi,
On 7/7/20 8:58 PM, Eric Biggers wrote:
This series adds a function sha256() to the sha256 library so that users
who want to compute a hash in one step can just call sha256() instead of
sha256_init() + sha256_update() + sha256_final().
Patches 2-4 then convert some users to use it.
Eric Big
Hi Eric,
On 07/07/2020 20:58, Eric Biggers wrote:
From: Eric Biggers
Now that there's a function that calculates the SHA-256 digest of a
buffer in one step, use it instead of sha256_init() + sha256_update() +
sha256_final().
Cc: mp...@lists.01.org
Cc: Mat Martineau
Cc: Matthieu Baerts
Signe
> Due to the fact that the x86 port does not support allocating objects
> on the stack with an alignment that exceeds 8 bytes, we have a rather
> ugly hack in the x86 code for ChaCha to ensure that the state array
> is aligned to 16 bytes, allowing the SSE3 implementation of the
> algorithm to us
Hi Ard,
Thanks for responding!
> > For the situation where this problem is occuring, the actual buffers are
> > stored inside
> > the ahash_req structure. So my question is: is there any reason why this
> > structure may
> > not be DMA-able on some systems? (as I have a hunch that may be the pr
On Wed, 8 Jul 2020 at 16:35, Van Leeuwen, Pascal wrote:
>
> Hi Ard,
>
> Thanks for responding!
>
> > > For the situation where this problem is occuring, the actual buffers are
> > > stored inside
> > > the ahash_req structure. So my question is: is there any reason why this
> > > structure may
>
On 2020-07-08 00:52:10 [+1200], Barry Song wrote:
…
> @@ -127,9 +129,17 @@ module_param_named(same_filled_pages_enabled,
> zswap_same_filled_pages_enabled,
> * data structures
> **/
>
> +struct crypto_acomp_ctx {
> + struct crypto_acomp *acomp;
> + struc
From: Sven Auhagen
---
drivers/crypto/inside-secure/safexcel.h| 1 +
drivers/crypto/inside-secure/safexcel_cipher.c | 6 +-
drivers/crypto/inside-secure/safexcel_hash.c | 6 ++
3 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/inside-secure/safexcel.
Balance the irqs of the inside secure driver over all
available cpus.
Currently all interrupts are handled by the first CPU.
>From my testing with IPSec AES-GCM 256
on my MCbin with 4 Cores I get a 50% speed increase:
Before the patch: 99.73 Kpps
With the patch: 151.25 Kpps
Signed-off-by: Sven A
Hi,
I am sorry, please ignore this email.
It was send by mistake.
Best
Sven
On Wed, Jul 08, 2020 at 05:06:05PM +0200, sven.auha...@voleatech.de wrote:
> From: Sven Auhagen
>
> ---
> drivers/crypto/inside-secure/safexcel.h| 1 +
> drivers/crypto/inside-secure/safexcel_cipher.c | 6
On Wed, Jul 08, 2020 at 12:11:18PM +0300, Ard Biesheuvel wrote:
> Due to the fact that the x86 port does not support allocating objects
> on the stack with an alignment that exceeds 8 bytes, we have a rather
> ugly hack in the x86 code for ChaCha to ensure that the state array is
> aligned to 16 by
On 7/6/2020 4:43 PM, Ard Biesheuvel wrote:
> On Sun, 5 Jul 2020 at 22:11, Horia Geantă wrote:
>>
>> On 7/2/2020 7:36 AM, Herbert Xu wrote:
>>> The arc4 algorithm requires storing state in the request context
>>> in order to allow more than one encrypt/decrypt operation. As this
>>> driver does no
From: Eric Biggers
Add a function sha256() which computes a SHA-256 digest in one step,
combining sha256_init() + sha256_update() + sha256_final().
This is similar to how we also have blake2s().
Reviewed-by: Ard Biesheuvel
Tested-by: Hans de Goede
Signed-off-by: Eric Biggers
---
include/cry
From: Eric Biggers
To avoid a naming collision when we add a sha256() library function,
rename the "sha256" static variable in sha256_glue.c to "sha256_alg".
For consistency, also rename "sha224" to "sha224_alg".
Reported-by: kernel test robot
Cc: sparcli...@vger.kernel.org
Signed-off-by: Eric
This series adds a function sha256() to the sha256 library so that users
who want to compute a hash in one step can just call sha256() instead of
sha256_init() + sha256_update() + sha256_final().
Patches 3-5 then convert some users to use it.
Changed v1 => v2:
- Added sparc patch to fix a build
From: Eric Biggers
Now that there's a function that calculates the SHA-256 digest of a
buffer in one step, use it instead of sha256_init() + sha256_update() +
sha256_final().
Reviewed-by: Ard Biesheuvel
Acked-by: Matthieu Baerts
Cc: mp...@lists.01.org
Cc: Mat Martineau
Cc: Matthieu Baerts
Si
From: Eric Biggers
Now that there's a function that calculates the SHA-256 digest of a
buffer in one step, use it instead of sha256_init() + sha256_update() +
sha256_final().
Reviewed-by: Ard Biesheuvel
Tested-by: Hans de Goede
Cc: linux-...@vger.kernel.org
Cc: Ard Biesheuvel
Cc: Hans de Goed
From: Eric Biggers
Now that there's a function that calculates the SHA-256 digest of a
buffer in one step, use it instead of sha256_init() + sha256_update() +
sha256_final().
Also simplify the code by inlining calculate_sha256() into its caller
and switching a debug log statement to use %*phN in
(I was away for a while)
On Thu, Jul 02, 2020 at 11:55:48AM -0400, Nico Pache wrote:
> Allow padata_do_multithreaded function to be called after bootstrap.
The functions are __init because they're currently only needed during boot, and
using __init allows the text to be freed once it's over, savi
> -Original Message-
> From: linux-crypto-ow...@vger.kernel.org
> [mailto:linux-crypto-ow...@vger.kernel.org] On Behalf Of Sebastian Andrzej
> Siewior
> Sent: Thursday, July 9, 2020 3:00 AM
> To: Song Bao Hua (Barry Song)
> Cc: a...@linux-foundation.org; herb...@gondor.apana.org.au;
> da
On Wed, Jul 08, 2020 at 07:24:08PM +0300, Horia Geantă wrote:
>
> I think the commit message should be updated to reflect this logic:
> indeed, caam's implementation of ecb(arc4) is broken,
> but instead of fixing it, crypto API-based ecb(arc4)
> is removed completely from the kernel (hence from c
> -Original Message-
> From: linux-crypto-ow...@vger.kernel.org
> [mailto:linux-crypto-ow...@vger.kernel.org] On Behalf Of Sebastian Andrzej
> Siewior
> Sent: Thursday, July 9, 2020 3:00 AM
> To: Song Bao Hua (Barry Song)
> Cc: a...@linux-foundation.org; herb...@gondor.apana.org.au;
> da
Eric Biggers wrote:
>
> @@ -875,14 +873,21 @@ static void cbcmac_exit_tfm(struct crypto_tfm *tfm)
>
> static int cbcmac_create(struct crypto_template *tmpl, struct rtattr **tb)
> {
> + struct crypto_attr_type *algt;
>struct shash_instance *inst;
>struct crypto_cipher_spawn *
On Wed, Jul 01, 2020 at 03:19:54PM +0800, Yang Shen wrote:
> When the devices are removed or not existing, the corresponding algorithms
> which are registered by 'hisi-zip' driver can't be used.
>
> Move 'hisi_zip_register_to_crypto' from 'hisi_zip_init' to
> 'hisi_zip_probe'. The algorithms will
38 matches
Mail list logo
