Herbert Xu wrote:
Dimitrios Siganos <dimitris@xxxxxxxxxxx> wrote:
Hi,
I am trying to write an ABLKCIPHER algorithm for my hardware crypto
engine and I have a few questions:
1) In struct ablkcipher_alg, what do these fields do? I see some
implementations use them and some not. Do I need to implement them?
int (*givencrypt)(struct skcipher_givcrypt_request *req);
int (*givdecrypt)(struct skcipher_givcrypt_request *req);
const char *geniv;
These do not have to be implemented, unless your hardware is
capable of generating initial IVs (e.g., through a secure RNG).
My hardware (Freescale i.MX51) has a random number generator. I think I
am confused about the giv..crypt concept in general. How is it supposed
to work?
Let's say I want to do the classic cbc(aes). The steps are:
1) allocate a tfm object
2) set the key
3) set the iv
4) encrypt as many times as needed
5) cleanup
I can do this without the giv functions. Do the giv apply in this case?
You said that with the giv functions, the hardware generates the iv
automatically. So if I used the giv functions, does the sequence of
steps above, become:
1) allocate a tfm object
2) set the key
4) givencrypt
5) read the generated iv (so it can somehow passed to the decryptor)
6) encrypt as many times as needed
7) cleanup
2) What is a CRYPTO_ALG_TYPE_GIVCIPHER? What does it do and how does it
interface to other algorithms?
That's the type to use if you do choose to provide givencrypt
and givdecrypt.
Can you point me to a simple example, if one exists?
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html