summaryrefslogtreecommitdiffstats
path: root/crypto/Kconfig
AgeCommit message (Collapse)AuthorFilesLines
2008-12-25crypto: tgr192 - Switch to shashAdrian-Ken Rueegsegger1-1/+1
This patch changes tgr192, tgr160 and tgr128 to the new shash interface. Signed-off-by: Adrian-Ken Rueegsegger <ken@codelabs.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: sha256 - Switch to shashAdrian-Ken Rueegsegger1-1/+1
This patch changes sha256 and sha224 to the new shash interface. Signed-off-by: Adrian-Ken Rueegsegger <ken@codelabs.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: md5 - Switch to shashAdrian-Ken Rueegsegger1-1/+1
This patch changes md5 to the new shash interface. Signed-off-by: Adrian-Ken Rueegsegger <ken@codelabs.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: md4 - Switch to shashAdrian-Ken Rueegsegger1-1/+1
This patch changes md4 to the new shash interface. Signed-off-by: Adrian-Ken Rueegsegger <ken@codelabs.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: sha1 - Switch to shashAdrian-Ken Rueegsegger1-1/+1
This patch changes sha1 to the new shash interface. Signed-off-by: Adrian-Ken Rueegsegger <ken@codelabs.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: rmd320 - Switch to shashHerbert Xu1-1/+1
This patch changes rmd320 to the new shash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: rmd256 - Switch to shashHerbert Xu1-1/+1
This patch changes rmd256 to the new shash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: rmd160 - Switch to shashHerbert Xu1-1/+1
This patch changes rmd160 to the new shash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: rmd128 - Switch to shashHerbert Xu1-1/+1
This patch changes rmd128 to the new shash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25crypto: null - Switch to shashHerbert Xu1-0/+1
This patch changes digest_null to the new shash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25libcrc32c: Move implementation to crypto crc32cHerbert Xu1-3/+1
This patch swaps the role of libcrc32c and crc32c. Previously the implementation was in libcrc32c and crc32c was a wrapper. Now the code is in crc32c and libcrc32c just calls the crypto layer. The reason for the change is to tap into the algorithm selection capability of the crypto API so that optimised implementations such as the one utilising Intel's CRC32C instruction can be used where available. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-10crypto: api - Disallow cryptomgr as a module if algorithms are built-inHerbert Xu1-4/+32
If we have at least one algorithm built-in then it no longer makes sense to have the testing framework, and hence cryptomgr to be a module. It should be either on or off, i.e., built-in or disabled. This just happens to stop a potential runaway modprobe loop that seems to trigger on at least one distro. With fixes from Evgeniy Polyakov. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-08-29crypto: skcipher - Use RNG interface instead of get_random_bytesHerbert Xu1-0/+2
This patch makes the IV generators use the new RNG interface so that the user can pick an RNG other than the default get_random_bytes. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-08-29crypto: rng - RNG interface and implementationNeil Horman1-0/+16
This patch adds a random number generator interface as well as a cryptographic pseudo-random number generator based on AES. It is meant to be used in cases where a deterministic CPRNG is required. One of the first applications will be as an input in the IPsec IV generation process. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-08-29crypto: api - Add fips_enable flagNeil Horman1-0/+8
Add the ability to turn FIPS-compliant mode on or off at boot In order to be FIPS compliant, several check may need to be preformed that may be construed as unusefull in a non-compliant mode. This patch allows us to set a kernel flag incating that we are running in a fips-compliant mode from boot up. It also exports that mode information to user space via a sysctl (/proc/sys/crypto/fips_enabled). Tested successfully by me. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-08-29crypto: cryptomgr - Add test infrastructureHerbert Xu1-4/+4
This patch moves the newly created alg_test infrastructure into cryptomgr. This shall allow us to use it for testing at algorithm registrations. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-08-29crypto: crc32c - Use Intel CRC32 instructionAustin Zhang1-0/+12
From NHM processor onward, Intel processors can support hardware accelerated CRC32c algorithm with the new CRC32 instruction in SSE 4.2 instruction set. The patch detects the availability of the feature, and chooses the most proper way to calculate CRC32c checksum. Byte code instructions are used for compiler compatibility. No MMX / XMM registers is involved in the implementation. Signed-off-by: Austin Zhang <austin.zhang@intel.com> Signed-off-by: Kent Liu <kent.liu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-08-29crypto: Kconfig - Replace leading spaces with tabsAdrian Bunk1-39/+42
Instead of tabs there were two spaces. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-15Revert crypto: prng - Deterministic CPRNGHerbert Xu1-9/+0
This patch is clearly not ready yet for prime time. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10crypto: crc32c - Add ahash implementationHerbert Xu1-1/+1
This patch reimplements crc32c using the ahash interface. This allows one tfm to be used by an unlimited number of users provided that they all use the same key (which all current crc32c users do). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10crypto: prng - Deterministic CPRNGNeil Horman1-0/+9
This patch adds a cryptographic pseudo-random number generator based on CTR(AES-128). It is meant to be used in cases where a deterministic CPRNG is required. One of the first applications will be as an input in the IPsec IV generation process. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10[CRYPTO] cryptd: Add asynchronous hash supportLoc Ho1-0/+1
This patch adds asynchronous hash support to crypto daemon. Signed-off-by: Loc Ho <lho@amcc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10[CRYPTO] ripemd: Add Kconfig entries for extended RIPEMD hash algorithmsAdrian-Ken Rueegsegger1-0/+25
This patch adds Kconfig entries for RIPEMD-256 and RIPEMD-320. Signed-off-by: Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-07-10[CRYPTO] ripemd: Add Kconfig entries for RIPEMD hash algorithmsAdrian-Ken Rueegsegger1-0/+26
This patch adds Kconfig entries for RIPEMD-128 and RIPEMD-160. Signed-off-by: Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-04-21[CRYPTO] kconfig: Ordering cleanupSebastian Siewior1-316/+329
Ciphers, block modes, name it, are grouped together and sorted. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-04-21[CRYPTO] api: Make the crypto subsystem fully modularSebastian Siewior1-1/+1
Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-04-21[CRYPTO] cts: Add CTS mode required for Kerberos AES supportKevin Coffman1-0/+11
Implement CTS wrapper for CBC mode required for support of AES encryption support for Kerberos (rfc3962). Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-02-23[CRYPTO] authenc: Add missing Kconfig dependency on BLKCIPHERHerbert Xu1-0/+1
The authenc algorithm requires BLKCIPHER to be present. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-02-18[CRYPTO] null: Add missing Kconfig dependency on BLKCIPHERAdrian Bunk1-0/+1
This patch fixes the following build error caused by commit 3631c650c495d61b1dabf32eb26b46873636e918: <-- snip --> ... LD .tmp_vmlinux1 crypto/built-in.o: In function `skcipher_null_crypt': crypto_null.c:(.text+0x3d14): undefined reference to `blkcipher_walk_virt' crypto_null.c:(.text+0x3d14): relocation truncated to fit: R_MIPS_26 against `blkcipher_walk_virt' crypto/built-in.o: In function `$L32': crypto_null.c:(.text+0x3d54): undefined reference to `blkcipher_walk_done' crypto_null.c:(.text+0x3d54): relocation truncated to fit: R_MIPS_26 against `blkcipher_walk_done' crypto/built-in.o:(.data+0x2e8): undefined reference to `crypto_blkcipher_type' make[1]: *** [.tmp_vmlinux1] Error 1 <-- snip --> Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-02-15[CRYPTO] tcrypt: Add missing Kconfig dependency on BLKCIPHERFrederik Deweerdt1-0/+1
Building latest git fails with the following error: ERROR: "crypto_alloc_ablkcipher" [crypto/tcrypt.ko] undefined! This appears to happen because CONFIG_CRYPTO_TEST is set while CONFIG_CRYPTO_BLKCIPHER is not. The following patch fixes the problem for me. Signed-off-by: Frederik Deweerdt <frederik.deweerdt@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] salsa20-asm: Remove unnecessary dependency on CRYPTO_SALSA20Tan Swee Heng1-2/+0
Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] tcrypt: Add select of AEADSebastian Siewior1-0/+1
ERROR: "crypto_aead_setauthsize" [crypto/tcrypt.ko] undefined! ERROR: "crypto_alloc_aead" [crypto/tcrypt.ko] undefined! Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] salsa20: Add x86-64 assembly versionTan Swee Heng1-0/+15
This is the x86-64 version of the Salsa20 stream cipher algorithm. The original assembly code came from <http://cr.yp.to/snuffle/salsa20/amd64-3/salsa20.s>. It has been reformatted for clarity. Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] salsa20_i586: Salsa20 stream cipher algorithm (i586 version)Tan Swee Heng1-0/+15
This patch contains the salsa20-i586 implementation. The original assembly code came from <http://cr.yp.to/snuffle/salsa20/x86-pm/salsa20.s>. I have reformatted it (added indents) so that it matches the other algorithms in arch/x86/crypto. Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] seqiv: Add select AEAD in KconfigHerbert Xu1-0/+1
Now that seqiv supports AEAD algorithms it needs to select the AEAD option. Thanks to Erez Zadok for pointing out the problem. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] ccm: Added CCM modeJoy Latten1-0/+7
This patch adds Counter with CBC-MAC (CCM) support. RFC 3610 and NIST Special Publication 800-38C were referenced. Signed-off-by: Joy Latten <latten@austin.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] seqiv: Add Sequence Number IV GeneratorHerbert Xu1-0/+9
This generator generates an IV based on a sequence number by xoring it with a salt. This algorithm is mainly useful for CTR and similar modes. This patch also sets it as the default IV generator for ctr. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] blkcipher: Merge ablkcipher and blkcipher into one option/moduleHerbert Xu1-5/+1
With the impending addition of the givcipher type, both blkcipher and ablkcipher algorithms will use it to create givcipher objects. As such it no longer makes sense to split the system between ablkcipher and blkcipher. In particular, both ablkcipher.c and blkcipher.c would need to use the givcipher type which has to reside in ablkcipher.c since it shares much code with it. This patch merges the two Kconfig options as well as the modules into one. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] authenc: Select HASH in KconfigBorislav Petkov1-0/+1
i get here: ---- LD vmlinux SYSMAP System.map SYSMAP .tmp_System.map Building modules, stage 2. MODPOST 226 modules ERROR: "crypto_hash_type" [crypto/authenc.ko] undefined! make[1]: *** [__modpost] Error 1 make: *** [modules] Error 2 --- which fails because crypto_hash_type is declared in crypto/hash.c. You might wanna fix it like so: Signed-off-by: Borislav Petkov <bbpetkov@yahoo.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] lzo: Add LZO compression algorithm supportZoltan Sogor1-0/+8
Add LZO compression algorithm support Signed-off-by: Zoltan Sogor <weth@inf.u-szeged.hu> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] gcm: New algorithmMikko Herranen1-0/+9
Add GCM/GMAC support to cryptoapi. GCM (Galois/Counter Mode) is an AEAD mode of operations for any block cipher with a block size of 16. The typical example is AES-GCM. Signed-off-by: Mikko Herranen <mh1@iki.fi> Reviewed-by: Mika Kukkonen <mika.kukkonen@nsn.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] salsa20: Salsa20 stream cipherTan Swee Heng1-0/+12
This patch implements the Salsa20 stream cipher using the blkcipher interface. The core cipher code comes from Daniel Bernstein's submission to eSTREAM: http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ref/ The test vectors comes from: http://www.ecrypt.eu.org/stream/svn/viewcvs.cgi/ecrypt/trunk/submissions/salsa20/full/ It has been tested successfully with "modprobe tcrypt mode=34" on an UML instance. Signed-off-by: Tan Swee Heng <thesweeheng@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] sha256-generic: Extend sha256_generic.c to support SHA-224Jonathan Lynch1-1/+4
Resubmitting this patch which extends sha256_generic.c to support SHA-224 as described in FIPS 180-2 and RFC 3874. HMAC-SHA-224 as described in RFC4231 is then supported through the hmac interface. Patch includes test vectors for SHA-224 and HMAC-SHA-224. SHA-224 chould be chosen as a hash algorithm when 112 bits of security strength is required. Patch generated against the 2.6.24-rc1 kernel and tested against 2.6.24-rc1-git14 which includes fix for scatter gather implementation for HMAC. Signed-off-by: Jonathan Lynch <jonathan.lynch@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] aes-i586: Remove setkeySebastian Siewior1-0/+1
The setkey() function can be shared with the generic algorithm. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] ctr: Remove default MSebastian Siewior1-1/+0
NO other block mode is M by default. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] aes-x86-64: Remove setkeySebastian Siewior1-0/+1
The setkey() function can be shared with the generic algorithm. Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-01-11[CRYPTO] ctr: Add CTR (Counter) block cipher modeJoy Latten1-0/+9
This patch implements CTR mode for IPsec. It is based off of RFC 3686. Please note: 1. CTR turns a block cipher into a stream cipher. Encryption is done in blocks, however the last block may be a partial block. A "counter block" is encrypted, creating a keystream that is xor'ed with the plaintext. The counter portion of the counter block is incremented after each block of plaintext is encrypted. Decryption is performed in same manner. 2. The CTR counterblock is composed of, nonce + IV + counter The size of the counterblock is equivalent to the blocksize of the cipher. sizeof(nonce) + sizeof(IV) + sizeof(counter) = blocksize The CTR template requires the name of the cipher algorithm, the sizeof the nonce, and the sizeof the iv. ctr(cipher,sizeof_nonce,sizeof_iv) So for example, ctr(aes,4,8) specifies the counterblock will be composed of 4 bytes from a nonce, 8 bytes from the iv, and 4 bytes for counter since aes has a blocksize of 16 bytes. 3. The counter portion of the counter block is stored in big endian for conformance to rfc 3686. Signed-off-by: Joy Latten <latten@austin.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-10-10[CRYPTO] xts: XTS blockcipher mode implementation without partial blocksRik Snel1-0/+11
XTS currently considered to be the successor of the LRW mode by the IEEE1619 workgroup. LRW was discarded, because it was not secure if the encyption key itself is encrypted with LRW. XTS does not have this problem. The implementation is pretty straightforward, a new function was added to gf128mul to handle GF(128) elements in ble format. Four testvectors from the specification http://grouper.ieee.org/groups/1619/email/pdf00086.pdf were added, and they verify on my system. Signed-off-by: Rik Snel <rsnel@cube.dyndns.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-10-10[CRYPTO] aead: Add authencHerbert Xu1-0/+8
This patch adds the authenc algorithm which constructs an AEAD algorithm from an asynchronous block cipher and a hash. The construction is done by concatenating the encrypted result from the cipher with the output from the hash, as is used by the IPsec ESP protocol. The authenc algorithm exists as a template with four parameters: authenc(auth, authsize, enc, enckeylen). The authentication algorithm, the authentication size (i.e., truncating the output of the authentication algorithm), the encryption algorithm, and the encryption key length. Both the size field and the key length field are in bytes. For example, AES-128 with SHA1-HMAC would be represented by authenc(hmac(sha1), 12, cbc(aes), 16) The key for the authenc algorithm is the concatenation of the keys for the authentication algorithm with the encryption algorithm. For the above example, if a key of length 36 bytes is given, then hmac(sha1) would receive the first 20 bytes while the last 16 would be given to cbc(aes). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-10-10[CRYPTO] api: Add aead crypto typeHerbert Xu1-0/+4
This patch adds crypto_aead which is the interface for AEAD (Authenticated Encryption with Associated Data) algorithms. AEAD algorithms perform authentication and encryption in one step. Traditionally users (such as IPsec) would use two different crypto algorithms to perform these. With AEAD this comes down to one algorithm and one operation. Of course if traditional algorithms were used we'd still be doing two operations underneath. However, real AEAD algorithms may allow the underlying operations to be optimised as well. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>