Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Aug 1, 2012
  1. Herbert Xu

    crypto: testmgr - add larger cast5 testvectors

    Johannes Goetzfried authored herbertx committed
    New ECB, CBC and CTR testvectors for cast5. We need larger testvectors to check
    parallel code paths in the optimized implementation. Tests have also been added
    to the tcrypt module.
    
    Signed-off-by: Johannes Goetzfried <Johannes.Goetzfried@informatik.stud.uni-erlangen.de>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Nov 9, 2011
  1. Jussi Kivilinna Herbert Xu

    crypto: tcrypt - add xts(serpent) tests

    jkivilin authored herbertx committed
    Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. Jussi Kivilinna Herbert Xu

    crypto: tcrypt - add lrw(serpent) tests

    jkivilin authored herbertx committed
    Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Mar 10, 2010
  1. Herbert Xu

    crypto: tcrypt - Speed testing support for ghash

    Huang Ying authored herbertx committed
    Because ghash needs setkey, the setkey and keysize template support
    for test_hash_speed is added.
    
    Signed-off-by: Huang Ying <ying.huang@intel.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Aug 29, 2008
  1. Herbert Xu

    crypto: cryptomgr - Add test infrastructure

    herbertx authored
    This patch moves the newly created alg_test infrastructure into
    cryptomgr.  This shall allow us to use it for testing at algorithm
    registrations.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. Herbert Xu

    crypto: tcrypt - Avoid using contiguous pages

    herbertx authored
    If tcrypt is to be used as a run-time integrity test, it needs to be
    more resilient in a hostile environment.  For a start allocating 32K
    of physically contiguous memory is definitely out.
    
    This patch teaches it to use separate pages instead.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jul 10, 2008
  1. Herbert Xu

    [CRYPTO] tcrypt: Add self test for des3_ebe cipher operating in cbc mode

    Neil Horman authored herbertx committed
    Patch to add checking  of DES3 test vectors using CBC mode.  FIPS-140-2
    compliance mandates that any supported mode of operation must include a self
    test.  This satisfies that requirement for cbc(des3_ede).  The included test
    vector was generated by me using openssl.  Key/IV was generated with the
    following command:
    
    	openssl enc -des_ede_cbc -P
    
    input and output values were generated by repeating the string "Too many
    secrets" a few times over, truncating it to 128 bytes, and encrypting it with
    openssl using the aformentioned key.  Tested successfully by myself
    
    Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
    Acked-by: Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. Herbert Xu

    [CRYPTO] tcrypt: Add test vectors for RIPEMD-256 and RIPEMD-320

    Adrian-Ken Rueegsegger authored herbertx committed
    This patch adds test vectors for RIPEMD-256 and
    RIPEMD-320 hash algorithms.
    
    The test vectors are taken from
    <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
    
    Signed-off-by: Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  3. Herbert Xu

    [CRYPTO] tcrpyt: Get rid of change log in source

    herbertx authored
    Change logs should be kept in source control systems, not the source.
    This patch removes the change log from tcrpyt to stop people from
    extending it any more.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  4. Herbert Xu

    [CRYPTO] tcrypt: Add test vectors for RIPEMD-128 and RIPEMD-160

    Adrian-Ken Rueegsegger authored herbertx committed
    This patch adds test vectors for RIPEMD-128 and
    RIPEMD-160 hash algorithms and digests (HMAC).
    
    The test vectors are taken from ISO:IEC 10118-3 (2004)
    and RFC2286.
    
    Signed-off-by: Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Apr 21, 2008
  1. Herbert Xu

    [CRYPTO] cts: Add CTS mode required for Kerberos AES support

    Kevin Coffman authored herbertx committed
    Implement CTS wrapper for CBC mode required for support of AES
    encryption support for Kerberos (rfc3962).
    
    Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. Herbert Xu

    [CRYPTO] tcrypt: Change the XTEA test vectors

    Sebastian Siewior authored herbertx committed
    The third test vector of ECB-XTEA-ENC fails for me all other
    are fine. I could not find a RFC or something else where they
    are defined. The test vector has not been modified since git
    started recording histrory. The implementation is very close
    (not to say equal) to what is available as Public Domain (they
    recommend 64 rounds and the in kernel uses 32). Therefore I
    belive that there is typo somewhere and tcrypt reported always
    *fail* instead of *okey*.
    This patch replaces input + result of the third test vector with
    result + input from the third decryption vector. The key is the
    same, the other three test vectors are also the reverse.
    
    Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  3. Herbert Xu

    [CRYPTO] tcrypt: Shrink the tcrypt module

    Sebastian Siewior authored herbertx committed
    Currently the tcrypt module is about 2 MiB on x86-32. The
    main reason for the huge size is the data segment which contains
    all the test vectors for each algorithm. The test vectors are
    staticly allocated in an array and the size of the array has been
    drastically increased by the merge of the Salsa20 test vectors.
    
    With a hint from Benedigt Spranger I found a way how I could
    convert those fixed-length arrays to strings which are flexible
    in size. VIM and regex were also very helpfull :)
    So, I am talking about a shrinking of ~97% on x86-32:
    
       text    data     bss     dec     hex filename
      18309 2039708      20 2058037  1f6735 tcrypt-b4.ko
      45628   23516      80   69224   10e68 tcrypt.ko
    
    Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  4. Herbert Xu

    [CRYPTO] tcrypt: Shrink speed templates

    Sebastian Siewior authored herbertx committed
    The speed templates as it look always the same. The key size
    is repeated for each block size and we test always the same
    block size. The addition of one inner loop makes it possible
    to get rid of the struct and it is possible to use a tiny
    u8 array :)
    
    Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  5. Herbert Xu

    [CRYPTO] tcrypt: Group common speed templates

    Sebastian Siewior authored herbertx committed
    Some crypto ciphers which are impleneted support similar key sizes
    (16,24 & 32 byte). They can be grouped together and use a common
    templatte instead of their own which contains the same data.
    
    Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Jan 10, 2008
  1. Herbert Xu

    [CRYPTO] tcrypt: Add CCM vectors

    Joy Latten authored herbertx committed
    This patch adds 7 test vectors to tcrypt for CCM.
    The test vectors are from rfc 3610.
    There are about 10 more test vectors in RFC 3610
    and 4 or 5 more in NIST. I can add these as time permits.
    
    I also needed to set authsize. CCM has a prerequisite of
    authsize. 
    
    Signed-off-by: Joy Latten <latten@austin.ibm.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. Herbert Xu

    [CRYPTO] tcrypt: Added salsa20 speed test

    Tan Swee Heng authored herbertx committed
    This patch adds a simple speed test for salsa20.
    Usage: modprobe tcrypt mode=206
    
    Signed-of-by: Tan Swee Heng <thesweeheng@gmail.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  3. Herbert Xu

    [CRYPTO] lzo: Add LZO compression algorithm support

    Zoltan Sogor authored herbertx committed
    Add LZO compression algorithm support
    
    Signed-off-by: Zoltan Sogor <weth@inf.u-szeged.hu>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  4. Herbert Xu

    [CRYPTO] tcrypt: Salsa20 large test vector

    Tan Swee Heng authored herbertx committed
    This is a large test vector for Salsa20 that crosses the 4096-bytes
    page boundary.
    
    Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  5. Herbert Xu

    [CRYPTO] gcm: Fix ICV handling

    herbertx authored
    The crypto_aead convention for ICVs is to include it directly in the
    output.  If we decided to change this in future then we would make
    the ICV (if the algorithm has an explicit one) available in the
    request itself.
    
    For now no algorithm needs this so this patch changes gcm to conform
    to this convention.  It also adjusts the tcrypt aead tests to take
    this into account.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  6. Herbert Xu

    [CRYPTO] tcrypt: AES CBC test vectors from NIST SP800-38A

    Jan Glauber authored herbertx committed
    Add test vectors to tcrypt for AES in CBC mode for key sizes 192 and 256.
    The test vectors are copied from NIST SP800-38A.
    
    Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  7. Herbert Xu

    [CRYPTO] tcrypt: AES CTR large test vector

    Tan Swee Heng authored herbertx committed
    This patch adds a large AES CTR mode test vector. The test vector is
    4100 bytes in size. It was generated using a C++ program that called
    Crypto++.
    
    Note that this patch increases considerably the size of "struct
    cipher_testvec" and hence the size of tcrypt.ko.
    
    Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  8. Herbert Xu

    [CRYPTO] gcm: New algorithm

    Mikko Herranen authored herbertx committed
    Add GCM/GMAC support to cryptoapi.
    
    GCM (Galois/Counter Mode) is an AEAD mode of operations for any block cipher
    with a block size of 16.  The typical example is AES-GCM.
    
    Signed-off-by: Mikko Herranen <mh1@iki.fi>
    Reviewed-by: Mika Kukkonen <mika.kukkonen@nsn.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  9. Herbert Xu

    [CRYPTO] tcrypt: Add aead support

    Mikko Herranen authored herbertx committed
    Add AEAD support to tcrypt, needed by GCM.
    
    Signed-off-by: Mikko Herranen <mh1@iki.fi>
    Reviewed-by: Mika Kukkonen <mika.kukkonen@nsn.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  10. Herbert Xu

    [CRYPTO] salsa20: Salsa20 stream cipher

    Tan Swee Heng authored herbertx committed
    This patch implements the Salsa20 stream cipher using the blkcipher interface.
    
    The core cipher code comes from Daniel Bernstein's submission to eSTREAM:
      http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ref/
    
    The test vectors comes from:
      http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/
    
    It has been tested successfully with "modprobe tcrypt mode=34" on an
    UML instance.
    
    Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  11. Herbert Xu

    [CRYPTO] sha256-generic: Extend sha256_generic.c to support SHA-224

    Jonathan Lynch authored herbertx committed
    Resubmitting this patch which extends sha256_generic.c to support SHA-224 as
    described in FIPS 180-2 and RFC 3874. HMAC-SHA-224 as described in RFC4231
    is then supported through the hmac interface.
    
    Patch includes test vectors for SHA-224 and HMAC-SHA-224.
    
    SHA-224 chould be chosen as a hash algorithm when 112 bits of security
    strength is required.
    
    Patch generated against the 2.6.24-rc1 kernel and tested against
    2.6.24-rc1-git14 which includes fix for scatter gather implementation for HMAC.
    
    Signed-off-by: Jonathan Lynch <jonathan.lynch@intel.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  12. Herbert Xu

    [CRYPTO] ctr: Add CTR (Counter) block cipher mode

    Joy Latten authored herbertx committed
    This patch implements CTR mode for IPsec.
    It is based off of RFC 3686.
    
    Please note:
    1. CTR turns a block cipher into a stream cipher.
    Encryption is done in blocks, however the last block
    may be a partial block.
    
    A "counter block" is encrypted, creating a keystream
    that is xor'ed with the plaintext. The counter portion
    of the counter block is incremented after each block
    of plaintext is encrypted.
    Decryption is performed in same manner.
    
    2. The CTR counterblock is composed of,
            nonce + IV + counter
    
    The size of the counterblock is equivalent to the
    blocksize of the cipher.
            sizeof(nonce) + sizeof(IV) + sizeof(counter) = blocksize
    
    The CTR template requires the name of the cipher
    algorithm, the sizeof the nonce, and the sizeof the iv.
            ctr(cipher,sizeof_nonce,sizeof_iv)
    
    So for example,
            ctr(aes,4,8)
    specifies the counterblock will be composed of 4 bytes
    from a nonce, 8 bytes from the iv, and 4 bytes for counter
    since aes has a blocksize of 16 bytes.
    
    3. The counter portion of the counter block is stored
    in big endian for conformance to rfc 3686.
    
    Signed-off-by: Joy Latten <latten@austin.ibm.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Oct 10, 2007
  1. [CRYPTO] xts: XTS blockcipher mode implementation without partial blocks

    Rik Snel authored David S. Miller committed
    XTS currently considered to be the successor of the LRW mode by the IEEE1619
    workgroup. LRW was discarded, because it was not secure if the encyption key
    itself is encrypted with LRW.
    
    XTS does not have this problem. The implementation is pretty straightforward,
    a new function was added to gf128mul to handle GF(128) elements in ble format.
    Four testvectors from the specification
    	http://grouper.ieee.org/groups/1619/email/pdf00086.pdf
    were added, and they verify on my system.
    
    Signed-off-by: Rik Snel <rsnel@cube.dyndns.org>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. [CRYPTO] seed: New cipher algorithm

    Hye-Shik Chang authored David S. Miller committed
    This patch adds support for the SEED cipher (RFC4269).
    
    This patch have been used in few VPN appliance vendors in Korea for
    several years.  And it was verified by KISA, who developed the
    algorithm itself.
    
    As its importance in Korean banking industry, it would be great
    if linux incorporates the support.
    
    Signed-off-by: Hye-Shik Chang <perky@FreeBSD.org>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Feb 6, 2007
  1. Herbert Xu

    [CRYPTO] camellia: added the testing code of Camellia cipher

    Noriaki TAKAMIYA authored herbertx committed
    This patch adds the code of Camellia code for testing module.
    
    Signed-off-by: Noriaki TAKAMIYA <takamiya@po.ntts.co.jp>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. Herbert Xu

    [CRYPTO] fcrypt: Add FCrypt from RxRPC

    David Howells authored herbertx committed
    Add a crypto module to provide FCrypt encryption as used by RxRPC.
    
    Signed-Off-By: David Howells <dhowells@redhat.com>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  3. Herbert Xu

    [CRYPTO] tcrypt: Added test vectors for sha384/sha512

    Andrew Donofrio authored herbertx committed
    This patch adds tests for SHA384 HMAC and SHA512 HMAC to the tcrypt module. Test data was taken from
    RFC4231. This patch is a follow-up to the discovery (bug 7646) that the kernel SHA384 HMAC
    implementation was not generating proper SHA384 HMACs.
    
    Signed-off-by: Andrew Donofrio <linuxbugzilla@kriptik.org>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Dec 7, 2006
  1. [CRYPTO] tcrypt: LRW test vectors

    Rik Snel authored David S. Miller committed
    Do modprobe tcrypt mode=10 to check the included test vectors, they are
    from: http://grouper.ieee.org/groups/1619/email/pdf00017.pdf and from
    http://www.mail-archive.com/stds-p1619@listserv.ieee.org/msg00173.html.
    
    To make the last test vector fit, I had to increase the buffer size of
    input and result to 512 bytes.
    
    Signed-off-by: Rik Snel <rsnel@cube.dyndns.org>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  2. [CRYPTO] tcrypt: Add test vectors of AES_XCBC

    Kazunori MIYAZAWA authored David S. Miller committed
    est vectors of XCBC with AES-128.
    
    Signed-off-by: Kazunori MIYAZAWA <miyazawa@linux-ipv6.org>
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commits on Sep 21, 2006
  1. Herbert Xu

    [CRYPTO] tcrypt: Use HMAC template and hash interface

    herbertx authored
    This patch converts tcrypt to use the new HMAC template rather than the
    hard-coded version of HMAC.  It also converts all digest users to use
    the new cipher interface.
    
    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: David S. Miller <davem@davemloft.net>
Something went wrong with that request. Please try again.