Re: IV generation in cryptographic driver in AEAD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



My algs struct now looks like this:

static struct crypto_alg pp_crypto_algs[] = {
   {
      .cra_name = "authenc(hmac(sha256),cbc(aes))",
      .cra_driver_name = "pp_crypto_cbc_hmac_sha256",
      .cra_priority = 1, /**TODO set to highest values after
implementing encrypt decrypt functions */
      .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
      .cra_blocksize = AES_BLOCK_SIZE,
      .cra_ctxsize = sizeof(struct pp_crypto_aead_ctx),
      .cra_type = &crypto_nivaead_type,
      .cra_u = {
            .aead = {
                .setkey = pp_crypto_aead_setkey,
                .setauthsize = pp_crypto_aead_setauthsize,
                .decrypt = pp_crypto_aead_dec,
                .encrypt = pp_crypto_aead_enc,
                .givencrypt = NULL,
                .givdecrypt = NULL,
                .ivsize = AES_BLOCK_SIZE,
                .maxauthsize = SHA256_DIGEST_SIZE,
            },
      },
      .cra_init = pp_crypto_aead_sha256_init,
      .cra_exit = pp_crypto_aead_exit,
      .cra_module = THIS_MODULE,
   },
   {
      .cra_name = "authenc(hmac(sha512),cbc(aes))",
      .cra_driver_name = "pp_crypto_cbc_hmac_sha512",
      .cra_priority = 1, /**TODO set to highest values after
implementing encrypt decrypt functions */
      .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC,
      .cra_blocksize = AES_BLOCK_SIZE,
      .cra_ctxsize = sizeof(struct pp_crypto_aead_ctx),
      .cra_type = &crypto_nivaead_type,
      .cra_u = {
            .aead = {
                .setkey = pp_crypto_aead_setkey,
                .decrypt = pp_crypto_aead_dec,
                .encrypt = pp_crypto_aead_enc,
                .givencrypt = NULL,
                .givdecrypt = NULL,
                .ivsize = AES_BLOCK_SIZE,
                .maxauthsize = SHA512_DIGEST_SIZE,
            },
      },
      .cra_init = pp_crypto_aead_sha512_init,
      .cra_exit = pp_crypto_aead_exit,
      .cra_module = THIS_MODULE,
   }
};

I issue a ping and see esp_output() getting called. After that, I'm
used to seeing pp_crypto_givaead_enc() in my driver called. Now I see:

ping: sendto: Function not implemented


Please note that I am working with kernel 3.12, where in esp4.c line
266 we have:

err = crypto_aead_givencrypt(req);

On Thu, May 19, 2016 at 9:44 AM, Catalin Vasile <cata.vasile@xxxxxxx> wrote:
> Inline comments
>
> ________________________________________
> From: Denis B <begun.denis@xxxxxxxxx>
> Sent: Wednesday, May 18, 2016 5:21 PM
> To: Catalin Vasile
> Cc: linux-crypto@xxxxxxxxxxxxxxx
> Subject: Re: IV generation in cryptographic driver in AEAD
>
> Forgive my dumbness, but in:
>
>       .cra_type = &crypto_aead_type,
>       .cra_u = {
>             .aead = {
>                 .setkey = pp_crypto_aead_setkey,
>                 .setauthsize = pp_crypto_aead_setauthsize,
>                 .decrypt = pp_crypto_aead_dec,
>                 .encrypt = pp_crypto_aead_enc,
>                 .givencrypt = pp_crypto_aead_genivencrypt,
>                 .givdecrypt = pp_crypto_aead_genivdecrypt,
>                 .ivsize = AES_BLOCK_SIZE,
>                 .maxauthsize = SHA256_DIGEST_SIZE,
>             },
>       },
>
> Just delete the givencrypt and givdecrypt lines (or set to NULL)?
> [Catalin Vasile]
> You need to set it to NULL. If your struct is declared globally, the parts
> that load your code will be set any uninitialized struct elements to NULL.
>
> On Wed, May 18, 2016 at 4:56 PM, Catalin Vasile <cata.vasile@xxxxxxx> wrote:
>> Inline comments.
>>
>> ________________________________________
>> From: linux-crypto-owner@xxxxxxxxxxxxxxx <linux-crypto-owner@xxxxxxxxxxxxxxx> on behalf of Denis B <begun.denis@xxxxxxxxx>
>> Sent: Wednesday, May 18, 2016 3:06 PM
>> To: linux-crypto@xxxxxxxxxxxxxxx
>> Subject: IV generation in cryptographic driver in AEAD
>>
>> Hello,
>>
>> In AEAD mode (or in any case, in IPSec ESP IPv4 – esp4.c), in kernel
>> versions prior to 4.2 the cryptographic driver is expected to generate
>> an IV.
>>
>> What if my driver is unable to generate an IV?
>> [Catalin Vasile]
>> Simple: You do not implement the givcrypt() primitive. The kernel will generate the IV in software and then call your encrypt() primitive.
>>
>> Thanks,
>> Dennis.
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
>> the body of a message to majordomo@xxxxxxxxxxxxxxx
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux