Re: hmac(sha1)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dimitrios Siganos wrote:
Hi,

I am trying to write a hmac(sha1) algorithm and I have a few questions. I have a HW crypto accelerator that does the actual crypto work. I have already successfully implemented sha1 by creating a CRYPTO_ALG_TYPE_DIGEST algorithm.

1) Can I implement hmac(sha1) as a CRYPTO_ALG_TYPE_DIGEST algorithm (i.e. use very similar code to sha1)?

2) Do I need to create a CRYPTO_ALG_TYPE_HASH algorithm?

3) Is it possible to implement hmac(sha1) as both CRYPTO_ALG_TYPE_DIGEST and CRYPTO_ALG_TYPE_HASH?

4) If I use a CRYPTO_ALG_TYPE_HASH, I need to understand the scatterwalk api, is there any help on the subject?

Regards,
Dimitris

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
The answer to 1) is yes because I just did it and seems to work. Therefore the answer is to 2) is: No, it is not needed.

I believe the answer to 3) is: yes. I believe it is possible to implement hmac(sha1) as both CRYPTO_ALG_TYPE_DIGEST and CRYPTO_ALG_TYPE_HASH.

I would like to implement hmac(sha1) as a CRYPTO_ALG_TYPE_HASH but I do yet understand how to convert the scatterlists into virtual addresses. The HW crypto api that I use, hides the DMA details from me and expects me to pass it virtual addresses only. I can't see any examples of converting scatterlists to virtual addresses in a way that is safe for IPsec use (i.e. safe to be called from softirq context). Any help on this will be appreciated.

The ultimate goal of the project is to implement a authenc(hmac(sha1), cbc(aes)) algorithm (for IPsec use) that will offload the work to a HW crypto chip. In order to understand what I am doing, I am building slowly upwards. I have build aes as a CIPHER, cbc(aes) as a BLKCIPHER, sha1 as a digest and hmac(sha1) as a digest.

My next steps are to implement cbc(aes) using ABLKCIPHER and hmac(sha1) using HASH and AHASH. I am using linux version 2.6.28. I can see that the talitos driver implements algorithms at the authenc level but I don't completely understand the driver and I am hoping that after going through the exercise of building the smaller blocks I will understand the operation of the talitos driver.

Any help, especially pointers to relevant documentation or examples, will be appreciated.

Dimitris
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux