Re: IV generation in cryptographic driver in AEAD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Inline comments

________________________________________
From: Denis B <begun.denis@xxxxxxxxx>
Sent: Wednesday, May 18, 2016 5:21 PM
To: Catalin Vasile
Cc: linux-crypto@xxxxxxxxxxxxxxx
Subject: Re: IV generation in cryptographic driver in AEAD

Forgive my dumbness, but in:

      .cra_type = &crypto_aead_type,
      .cra_u = {
            .aead = {
                .setkey = pp_crypto_aead_setkey,
                .setauthsize = pp_crypto_aead_setauthsize,
                .decrypt = pp_crypto_aead_dec,
                .encrypt = pp_crypto_aead_enc,
                .givencrypt = pp_crypto_aead_genivencrypt,
                .givdecrypt = pp_crypto_aead_genivdecrypt,
                .ivsize = AES_BLOCK_SIZE,
                .maxauthsize = SHA256_DIGEST_SIZE,
            },
      },

Just delete the givencrypt and givdecrypt lines (or set to NULL)?
[Catalin Vasile]
You need to set it to NULL. If your struct is declared globally, the parts
that load your code will be set any uninitialized struct elements to NULL.

On Wed, May 18, 2016 at 4:56 PM, Catalin Vasile <cata.vasile@xxxxxxx> wrote:
> Inline comments.
>
> ________________________________________
> From: linux-crypto-owner@xxxxxxxxxxxxxxx <linux-crypto-owner@xxxxxxxxxxxxxxx> on behalf of Denis B <begun.denis@xxxxxxxxx>
> Sent: Wednesday, May 18, 2016 3:06 PM
> To: linux-crypto@xxxxxxxxxxxxxxx
> Subject: IV generation in cryptographic driver in AEAD
>
> Hello,
>
> In AEAD mode (or in any case, in IPSec ESP IPv4 – esp4.c), in kernel
> versions prior to 4.2 the cryptographic driver is expected to generate
> an IV.
>
> What if my driver is unable to generate an IV?
> [Catalin Vasile]
> Simple: You do not implement the givcrypt() primitive. The kernel will generate the IV in software and then call your encrypt() primitive.
>
> Thanks,
> Dennis.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux