RE: [PATCH 1/3] crypto: inside-secure - add support for authenc(hmac(sha1),cbc(des3_ede))

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Antoine,

> -----Original Message-----
> From: linux-crypto-owner@xxxxxxxxxxxxxxx <linux-crypto-owner@xxxxxxxxxxxxxxx> On Behalf Of Antoine Tenart
> Sent: Friday, July 26, 2019 2:20 PM
> To: Pascal van Leeuwen <pascalvanl@xxxxxxxxx>
> Cc: linux-crypto@xxxxxxxxxxxxxxx; antoine.tenart@xxxxxxxxxxx; herbert@xxxxxxxxxxxxxxxxxxx; davem@xxxxxxxxxxxxx; Pascal Van
> Leeuwen <pvanleeuwen@xxxxxxxxxxxxxx>
> Subject: Re: [PATCH 1/3] crypto: inside-secure - add support for authenc(hmac(sha1),cbc(des3_ede))
> 
> Hi Pascal,
> 
> On Fri, Jul 05, 2019 at 08:49:22AM +0200, Pascal van Leeuwen wrote:
> > Signed-off-by: Pascal van Leeuwen <pvanleeuwen@xxxxxxxxxxxxxx>
> 
> Could you provide a commit message, explaining briefly what the patch is
> doing?
> 
I initially figured that to be redundant if the subject already covered it completely.
But now that I think of it, it's possible the subject does not end up in the commit
at all ... if that is the case, would it work if I just copy-paste the relevant part of the
subject message? Or do I need to be more verbose?

> > @@ -199,6 +201,15 @@ static int safexcel_aead_aes_setkey(struct crypto_aead *ctfm, const u8 *key,
> >  		goto badkey;
> >
> >  	/* Encryption key */
> > +	if (ctx->alg == SAFEXCEL_3DES) {
> > +		flags = crypto_aead_get_flags(ctfm);
> > +		err = __des3_verify_key(&flags, keys.enckey);
> > +		crypto_aead_set_flags(ctfm, flags);
> 
> You could use directly des3_verify_key() which does exactly this.
> 
Actually, I couldn't due to des3_verify_key expecting a struct crypto_skcipher as input,
and not a struct crypto_aead, that's why I had to do it this way ...

> > +struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des3_ede = {
> > +	.type = SAFEXCEL_ALG_TYPE_AEAD,
> 
> You either missed to fill .engines member of this struct, or this series
> is based on another one not merged yet.
> 
Yes, that happened in the patchset of which v2 did not make it to the mailing list ...

> > +	.alg.aead = {
> > +		.setkey = safexcel_aead_setkey,
> > +		.encrypt = safexcel_aead_encrypt_3des,
> > +		.decrypt = safexcel_aead_decrypt_3des,
> > +		.ivsize = DES3_EDE_BLOCK_SIZE,
> > +		.maxauthsize = SHA1_DIGEST_SIZE,
> > +		.base = {
> > +			.cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
> > +			.cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-des3_ede",
> 
> You could drop "_ede" here, or s/_/-/.
> 
Agree the underscore should not be there.
Our HW does not support any other form of 3DES so EDE doesn't
really add much here, therefore I will just remove "_ede" entirely.

> Apart from those small comments, the patch looks good.
> 
> Thanks!
> Antoine
> 
> --
> Antoine Ténart, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com

Regards,
Pascal van Leeuwen
Silicon IP Architect, Multi-Protocol Engines @ Verimatrix
www.insidesecure.com




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux