On Thu, 9 Oct 2014 17:54:09 +0300
Tudor Ambarus <tudor.ambarus@xxxxxxxxxxxxx> wrote:
> + /*
> + * Job Descriptor and Shared Descriptors
> + * must all fit into the 64-word Descriptor h/w Buffer
> + */
> + if (DESC_GCM_DEC_LEN + DESC_JOB_IO_LEN +
> + ctx->enckeylen <= CAAM_DESC_BYTES_MAX)
> + keys_fit_inline = true;
we need to reset the encrypt descriptor's keys_fit_inline setting to false before re-evaluating for decrypt.
[TA] Agreed.
> + /* Galois Counter Mode */
> + {
> + .name = "gcm(aes)",
> + .driver_name = "gcm-aes-caam",
> + .blocksize = 1,
> + .type = CRYPTO_ALG_TYPE_AEAD,
> + .template_aead = {
> + .setkey = gcm_setkey,
> + .setauthsize = gcm_setauthsize,
> + .encrypt = aead_encrypt,
> + .decrypt = aead_decrypt,
> + .givencrypt = NULL,
> + .geniv = "<built-in>",
> + .ivsize = 12,
> + .maxauthsize = 16,
AES_BLOCK_SIZE
[TA] I think we shall not change the blocksize value to AES_BLOCK_SIZE.
GCM uses a block cipher as a stream cipher. It generates encryption blocks, which are then XORed with the plaintext blocks to get the ciphertext. Just as with other stream ciphers, flipping a bit in the ciphertext produces a flipped bit in the plaintext at the same location.
Thanks,
Kim
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
