* [PATCH] crypto: caam - fix IV loading for authenc (giv)decryption
@ 2016-08-26 14:13 Horia Geantă
2016-08-26 14:39 ` Herbert Xu
0 siblings, 1 reply; 2+ messages in thread
From: Horia Geantă @ 2016-08-26 14:13 UTC (permalink / raw)
To: Herbert Xu; +Cc: linux-crypto, David S. Miller
For algorithms that implement IV generators before the crypto ops,
the IV needed for decryption is initially located in req->src
scatterlist, not in req->iv.
aead_givdecrypt() is updated to put the IV in place.
Cc: <stable@vger.kernel.org> # 4.3+
Fixes: 479bcc7c5b9e ("crypto: caam - Convert authenc to new AEAD interface")
Suggested-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
---
Herbert, as you suggested, aead_givdecrypt() is now setting the IV.
In terms of optimizations, would it be safe to assume all "geniv" authenc
algorithms - {echainiv, seqiv}(authenc) - get assoc,iv,ciphertext in
req->src for decryption?
The idea would be to avoid copying IV into req->iv and instruct
the crypto engine to access it directly from req->src scatterlist.
drivers/crypto/caam/caamalg.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 6dc597126b79..78be2bea1273 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -2545,6 +2545,7 @@ static int aead_givdecrypt(struct aead_request *req)
if (req->cryptlen < ivsize)
return -EINVAL;
+ scatterwalk_map_and_copy(req->iv, req->src, req->assoclen, ivsize, 0);
req->cryptlen -= ivsize;
req->assoclen += ivsize;
--
2.4.4
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH] crypto: caam - fix IV loading for authenc (giv)decryption
2016-08-26 14:13 [PATCH] crypto: caam - fix IV loading for authenc (giv)decryption Horia Geantă
@ 2016-08-26 14:39 ` Herbert Xu
0 siblings, 0 replies; 2+ messages in thread
From: Herbert Xu @ 2016-08-26 14:39 UTC (permalink / raw)
To: Horia Geantă; +Cc: linux-crypto, David S. Miller
On Fri, Aug 26, 2016 at 05:13:42PM +0300, Horia Geantă wrote:
>
> In terms of optimizations, would it be safe to assume all "geniv" authenc
> algorithms - {echainiv, seqiv}(authenc) - get assoc,iv,ciphertext in
> req->src for decryption?
Yes. They all get the raw IPsec packet, apart from the ESN munging.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-08-26 14:40 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-26 14:13 [PATCH] crypto: caam - fix IV loading for authenc (giv)decryption Horia Geantă
2016-08-26 14:39 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox