summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorMarcelo Cerri2013-08-29 16:36:39 +0200
committerHerbert Xu2013-09-02 12:32:55 +0200
commitdec0ed6c1b2c8c2aa37c04feccaf4784764c95f1 (patch)
tree8d49a66edd8468c22598ae8aa13af9c6aae799f1 /crypto
parentcrypto: nx - fix XCBC for zero length messages (diff)
downloadkernel-qcow2-linux-dec0ed6c1b2c8c2aa37c04feccaf4784764c95f1.tar.gz
kernel-qcow2-linux-dec0ed6c1b2c8c2aa37c04feccaf4784764c95f1.tar.xz
kernel-qcow2-linux-dec0ed6c1b2c8c2aa37c04feccaf4784764c95f1.zip
crypto: nx - fix GCM for zero length messages
The NX CGM implementation doesn't support zero length messages and the current implementation has two flaws: - When the input data length is zero, it ignores the associated data. - Even when both lengths are zero, it uses the Crypto API to encrypt a zeroed block using ctr(aes) and because of this it allocates a new transformation and sets the key for this new tfm. Both operations are intended to be used only in user context, while the cryptographic operations can be called in both user and softirq contexts. This patch replaces the nested Crypto API use and adds two special cases: - When input data and associated data lengths are zero: it uses NX ECB mode to emulate the encryption of a zeroed block using ctr(aes). - When input data is zero and associated data is available: it uses NX GMAC mode to calculate the associated data MAC. Reviewed-by: Joy Latten <jmlatten@linux.vnet.ibm.com> Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
0 files changed, 0 insertions, 0 deletions