[PATCH 0/4] crypto: switch to crypto API for EBOIV generation

public inbox for linux-crypto@vger.kernel.org
 help / color / mirror / Atom feed

From: Gilad Ben-Yossef <gilad@benyossef.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>,
	Song Liu <song@kernel.org>, Alasdair Kergon <agk@redhat.com>,
	Mike Snitzer <snitzer@redhat.com>,
	dm-devel@redhat.com
Cc: Ofir Drang <ofir.drang@arm.com>,
	linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-raid@vger.kernel.org
Subject: [PATCH 0/4] crypto: switch to crypto API for EBOIV generation
Date: Mon, 26 Oct 2020 15:04:43 +0200	[thread overview]
Message-ID: <20201026130450.6947-1-gilad@benyossef.com> (raw)

This series creates an EBOIV template that produces a skcipher
transform which passes through all operations to the skcipher, while
using the same skcipher and key to encrypt the input IV, which is
assumed to be a sector offset, although this is not enforced.

This matches dm-crypt use of EBOIV to provide BitLocker support,
and so it is proposed as a replacement in patch #3.

Replacing the dm-crypt specific EBOIV implementation to a Crypto
API based one allows us to save a memory allocation per
each request, as well as opening the way for use of compatible
alternative transform providers, one of which, based on the
Arm TrustZone CryptoCell hardware, is proposed as patch #4.

Future potential work to allow encapsulating the handling of
multiple subsequent blocks by the Crypto API may also
benefit from this work.

The code has been tested on both x86_64 virtual machine
with the dm-crypt test suite and on an arm 32 bit board
with the CryptoCell hardware.

Since no offical source for eboiv test vectors is known,
the test vectors supplied as patch #2 are derived from
sectors which are part of the dm-crypt test suite.

Gilad Ben-Yossef (4):
  crypto: add eboiv as a crypto API template
  crypto: add eboiv(cbc(aes)) test vectors
  dm crypt: switch to EBOIV crypto API template
  crypto: ccree: re-introduce ccree eboiv support

 crypto/Kconfig                       |  21 ++
 crypto/Makefile                      |   1 +
 crypto/eboiv.c                       | 295 +++++++++++++++++++++++++++
 crypto/tcrypt.c                      |   9 +
 crypto/testmgr.c                     |   6 +
 crypto/testmgr.h                     | 279 +++++++++++++++++++++++++
 drivers/crypto/ccree/cc_cipher.c     | 130 ++++++++----
 drivers/crypto/ccree/cc_crypto_ctx.h |   1 +
 drivers/md/Kconfig                   |   1 +
 drivers/md/dm-crypt.c                |  61 ++----
 10 files changed, 725 insertions(+), 79 deletions(-)
 create mode 100644 crypto/eboiv.c

-- 
2.28.0

next             reply	other threads:[~2020-10-26 13:05 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-26 13:04 Gilad Ben-Yossef [this message]
2020-10-26 13:04 ` [PATCH 1/4] crypto: add eboiv as a crypto API template Gilad Ben-Yossef
2020-10-26 18:24   ` Eric Biggers
2020-10-26 18:26     ` Eric Biggers
2020-10-27  6:53       ` Gilad Ben-Yossef
2020-10-26 13:04 ` [PATCH 2/4] crypto: add eboiv(cbc(aes)) test vectors Gilad Ben-Yossef
2020-10-26 13:04 ` [PATCH 3/4] dm crypt: switch to EBOIV crypto API template Gilad Ben-Yossef
2020-10-26 17:52   ` Eric Biggers
2020-10-26 18:29     ` Milan Broz
2020-10-26 18:39       ` Eric Biggers
2020-10-26 18:41         ` Herbert Xu
2020-10-26 18:44           ` Herbert Xu
2020-10-28 11:41             ` Gilad Ben-Yossef
2020-10-29  3:54               ` Herbert Xu
2020-10-26 19:04         ` Milan Broz
2020-10-27  6:59           ` Gilad Ben-Yossef
2020-10-27 13:05             ` Milan Broz
2020-10-26 18:19   ` kernel test robot
2020-10-26 13:04 ` [PATCH 4/4] crypto: ccree: re-introduce ccree eboiv support Gilad Ben-Yossef
2020-10-26 21:47   ` kernel test robot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201026130450.6947-1-gilad@benyossef.com \
    --to=gilad@benyossef.com \
    --cc=agk@redhat.com \
    --cc=davem@davemloft.net \
    --cc=dm-devel@redhat.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-raid@vger.kernel.org \
    --cc=ofir.drang@arm.com \
    --cc=snitzer@redhat.com \
    --cc=song@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox