My algs struct now looks like this: static struct crypto_alg pp_crypto_algs[] = { { .cra_name = "authenc(hmac(sha256),cbc(aes))", .cra_driver_name = "pp_crypto_cbc_hmac_sha256", .cra_priority = 1, /**TODO set to highest values after implementing encrypt decrypt functions */ .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct pp_crypto_aead_ctx), .cra_type = &crypto_nivaead_type, .cra_u = { .aead = { .setkey = pp_crypto_aead_setkey, .setauthsize = pp_crypto_aead_setauthsize, .decrypt = pp_crypto_aead_dec, .encrypt = pp_crypto_aead_enc, .givencrypt = NULL, .givdecrypt = NULL, .ivsize = AES_BLOCK_SIZE, .maxauthsize = SHA256_DIGEST_SIZE, }, }, .cra_init = pp_crypto_aead_sha256_init, .cra_exit = pp_crypto_aead_exit, .cra_module = THIS_MODULE, }, { .cra_name = "authenc(hmac(sha512),cbc(aes))", .cra_driver_name = "pp_crypto_cbc_hmac_sha512", .cra_priority = 1, /**TODO set to highest values after implementing encrypt decrypt functions */ .cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct pp_crypto_aead_ctx), .cra_type = &crypto_nivaead_type, .cra_u = { .aead = { .setkey = pp_crypto_aead_setkey, .decrypt = pp_crypto_aead_dec, .encrypt = pp_crypto_aead_enc, .givencrypt = NULL, .givdecrypt = NULL, .ivsize = AES_BLOCK_SIZE, .maxauthsize = SHA512_DIGEST_SIZE, }, }, .cra_init = pp_crypto_aead_sha512_init, .cra_exit = pp_crypto_aead_exit, .cra_module = THIS_MODULE, } }; I issue a ping and see esp_output() getting called. After that, I'm used to seeing pp_crypto_givaead_enc() in my driver called. Now I see: ping: sendto: Function not implemented Please note that I am working with kernel 3.12, where in esp4.c line 266 we have: err = crypto_aead_givencrypt(req); On Thu, May 19, 2016 at 9:44 AM, Catalin Vasile <cata.vasile@xxxxxxx> wrote: > Inline comments > > ________________________________________ > From: Denis B <begun.denis@xxxxxxxxx> > Sent: Wednesday, May 18, 2016 5:21 PM > To: Catalin Vasile > Cc: linux-crypto@xxxxxxxxxxxxxxx > Subject: Re: IV generation in cryptographic driver in AEAD > > Forgive my dumbness, but in: > > .cra_type = &crypto_aead_type, > .cra_u = { > .aead = { > .setkey = pp_crypto_aead_setkey, > .setauthsize = pp_crypto_aead_setauthsize, > .decrypt = pp_crypto_aead_dec, > .encrypt = pp_crypto_aead_enc, > .givencrypt = pp_crypto_aead_genivencrypt, > .givdecrypt = pp_crypto_aead_genivdecrypt, > .ivsize = AES_BLOCK_SIZE, > .maxauthsize = SHA256_DIGEST_SIZE, > }, > }, > > Just delete the givencrypt and givdecrypt lines (or set to NULL)? > [Catalin Vasile] > You need to set it to NULL. If your struct is declared globally, the parts > that load your code will be set any uninitialized struct elements to NULL. > > On Wed, May 18, 2016 at 4:56 PM, Catalin Vasile <cata.vasile@xxxxxxx> wrote: >> Inline comments. >> >> ________________________________________ >> From: linux-crypto-owner@xxxxxxxxxxxxxxx <linux-crypto-owner@xxxxxxxxxxxxxxx> on behalf of Denis B <begun.denis@xxxxxxxxx> >> Sent: Wednesday, May 18, 2016 3:06 PM >> To: linux-crypto@xxxxxxxxxxxxxxx >> Subject: IV generation in cryptographic driver in AEAD >> >> Hello, >> >> In AEAD mode (or in any case, in IPSec ESP IPv4 – esp4.c), in kernel >> versions prior to 4.2 the cryptographic driver is expected to generate >> an IV. >> >> What if my driver is unable to generate an IV? >> [Catalin Vasile] >> Simple: You do not implement the givcrypt() primitive. The kernel will generate the IV in software and then call your encrypt() primitive. >> >> Thanks, >> Dennis. >> -- >> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in >> the body of a message to majordomo@xxxxxxxxxxxxxxx >> More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html