summaryrefslogtreecommitdiffstats
path: root/crypto/testmgr.c
Commit message (Collapse)AuthorAgeFilesLines
* crypto: testmgr - don't print info about missing test for gcm-aes-aesniTadeusz Struk2015-06-251-0/+4
| | | | | | | | | | | Don't print info about missing test for the internal helper __driver-gcm-aes-aesni changes in v2: - marked test as fips allowed Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - add tests vectors for RSATadeusz Struk2015-06-171-0/+158
| | | | | | | New test vectors for RSA algorithm. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Revert "crypto: testmgr - Disable rfc4543 test"Herbert Xu2015-06-171-1/+1
| | | | | | | | | This reverts commit 9b9f9296a7b73fbafe0a0a6f2494eaadd97f9f73 as all in-kernel implementations of GCM have been converted to the new AEAD interface, meaning that they should now pass the updated rfc4543 test. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Disable rfc4543 testHerbert Xu2015-06-171-1/+1
| | | | | | | | Because the old rfc4543 implementation always injected an IV into the AD, while the new one does not, we have to disable the test while it is converted over to the new AEAD interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Add draft-ietf-ipsecme-chacha20-poly1305 test vectorMartin Willi2015-06-041-0/+15
| | | | | | Signed-off-by: Martin Willi <martin@strongswan.org> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Add ChaCha20-Poly1305 test vectors from RFC7539Martin Willi2015-06-041-0/+15
| | | | | | Signed-off-by: Martin Willi <martin@strongswan.org> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Add Poly1305 test vectors from RFC7539Martin Willi2015-06-041-0/+9
| | | | | | Signed-off-by: Martin Willi <martin@strongswan.org> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Add ChaCha20 test vectors from RFC7539Martin Willi2015-06-041-0/+15
| | | | | | | | | | We explicitly set the Initial block Counter by prepending it to the nonce in Little Endian. The same test vector is used for both encryption and decryption, ChaCha20 is a cipher XORing a keystream. Signed-off-by: Martin Willi <martin@strongswan.org> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Switch to new AEAD interfaceHerbert Xu2015-05-281-39/+48
| | | | | | | This patch makes use of the new AEAD interface which uses a single SG list instead of separate lists for the AD and plain text. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: jitterentropy - add jitterentropy RNGStephan Mueller2015-05-271-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CPU Jitter RNG provides a source of good entropy by collecting CPU executing time jitter. The entropy in the CPU execution time jitter is magnified by the CPU Jitter Random Number Generator. The CPU Jitter Random Number Generator uses the CPU execution timing jitter to generate a bit stream which complies with different statistical measurements that determine the bit stream is random. The CPU Jitter Random Number Generator delivers entropy which follows information theoretical requirements. Based on these studies and the implementation, the caller can assume that one bit of data extracted from the CPU Jitter Random Number Generator holds one bit of entropy. The CPU Jitter Random Number Generator provides a decentralized source of entropy, i.e. every caller can operate on a private state of the entropy pool. The RNG does not have any dependencies on any other service in the kernel. The RNG only needs a high-resolution time stamp. Further design details, the cryptographic assessment and large array of test results are documented at http://www.chronox.de/jent.html. CC: Andreas Steffen <andreas.steffen@strongswan.org> CC: Theodore Ts'o <tytso@mit.edu> CC: Sandy Harris <sandyinchina@gmail.com> Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - add test cases for CRC32Ard Biesheuvel2015-05-111-0/+9
| | | | | | | | | | This adds a couple of test cases for CRC32 (not CRC32c) to ensure that the generic and arch specific implementations are in sync. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Acked-by: Steve Capper <steve.capper@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Include crypto/aead.hHerbert Xu2015-04-231-0/+1
| | | | | | | | All users of AEAD should include crypto/aead.h instead of include/linux/crypto.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: David S. Miller <davem@davemloft.net>
* crypto: testmgr - Include linux/fips.h for fips_enabledHerbert Xu2015-04-231-0/+1
| | | | | | | All users of fips_enabled should include linux/fips.h directly instead of getting it through internal.h. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - use CRYPTO_ALG_INTERNALStephan Mueller2015-03-311-7/+7
| | | | | | | | | | Allocate the ciphers irrespectively if they are marked as internal or not. As all ciphers, including the internal ciphers will be processed by the testmgr, it needs to be able to allocate those ciphers. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - fix RNG return code enforcementStephan Mueller2015-03-131-5/+5
| | | | | | | | | | Due to the change to RNGs to always return zero in success case, the invocation of the RNGs in the test manager must be updated as otherwise the RNG self tests are not properly executed any more. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Alexander Bergmann <abergmann@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - limit IV copy length in aead testsCristian Stoica2015-02-041-3/+4
| | | | | | | | | | The working copy of IV is the same size as the transformation's IV. It is not necessary to copy more than that from the template since iv_len is usually less than MAX_IVLEN and the rest of the copied data is garbage. Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - mark rfc4106(gcm(aes)) as fips_allowedJarod Wilson2015-01-261-0/+1
| | | | | | | | | | | | This gcm variant is popular for ipsec use, and there are folks who would like to use it while in fips mode. Mark it with fips_allowed=1 to facilitate that. CC: LKML <linux-kernel@vger.kernel.org> CC: Stephan Mueller <smueller@atsec.com> Signed-off-by: Jarod Wilson <jarod@redhat.com> Acked-by: Stephan Mueller <smueller@atsec.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - don't use interruptible wait in testsRabin Vincent2015-01-131-28/+22
| | | | | | | | | | | | | tcrypt/testmgr uses wait_for_completion_interruptible() everywhere when it waits for a request to be completed. If it's interrupted, then the test is aborted and the request is freed. However, if any of these calls actually do get interrupted, the result will likely be a kernel crash, when the driver handles the now-freed request. Use wait_for_completion() instead. Signed-off-by: Rabin Vincent <rabin.vincent@axis.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Remove unnecessary KERN_INFO from testmgr.cMasanari Iida2014-10-241-2/+1
| | | | | | | | This patch remove unncessary KERN_INFO from pr_info within testmgr.c Signed-off-by: Masanari Iida <standby24x7@gmail.com> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: LLVMLinux: Remove VLAIS usage from crypto/testmgr.cJan-Simon Möller2014-10-141-8/+6
| | | | | | | | | | | | | | Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Jan-Simon Möller <dl9pf@gmx.de> Signed-off-by: Behan Webster <behanw@converseincode.com> Reviewed-by: Mark Charlebois <charlebm@gmail.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Cc: pageexec@freemail.hu
* crypto: testmgr - add test for lz4 and lz4hcKOVACS Krisztian2014-08-291-0/+32
| | | | | | | | This patch adds a simple test vector for the lz4 and lz4hc compression algorithms. Signed-off-by: KOVACS Krisztian <hidden@sch.bme.hu> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - remove unused function argumentCristian Stoica2014-08-251-11/+5
| | | | | | | | | The argument "req" of do_one_async_hash_op is not used by the function. This patch removes this argument and renames the function to match more closely its purpose. Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - delay execution of set-up codeCristian Stoica2014-08-251-8/+6
| | | | | | | Prepare IV array only if the dependent code is executed. Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - white space removal on __test_skcipherCristian Stoica2014-08-251-149/+138
| | | | | | | | This patch inverts two if conditions to remove code blocks indentation. Several white space clean-ups follow. Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - white space removal on __test_hashCristian Stoica2014-08-251-63/+60
| | | | | | | | This patch inverts one if condition to remove code block indentation. Several white space clean-ups follow. Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - white space fix-ups on test_aeadCristian Stoica2014-08-251-256/+242
| | | | | | | | This patch inverts two if conditions and allows removal of one tab-stop in their code-blocks. Only white-space clean-up follows. Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - add missing spaces to drbg error stringsJarod Wilson2014-08-011-3/+3
| | | | | | | | | | | There are a few missing spaces in the error text strings for drbg_cavs_test, trivial fix. CC: "David S. Miller" <davem@davemloft.net> CC: linux-crypto@vger.kernel.org Signed-off-by: Jarod Wilson <jarod@redhat.com> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - avoid DMA mapping from text, rodata, stackHoria Geanta2014-07-231-8/+49
| | | | | | | | | | | | | | | | | With DMA_API_DEBUG set, following warnings are emitted (tested on CAAM accelerator): DMA-API: device driver maps memory from kernel text or rodata DMA-API: device driver maps memory from stack and the culprits are: -key in __test_aead and __test_hash -result in __test_hash MAX_KEYLEN is changed to accommodate maximum key length from existing test vectors in crypto/testmgr.h (131 bytes) and rounded. Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Acked-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: drbg - Add DRBG test code to testmgrStephan Mueller2014-06-201-0/+247
| | | | | | | | | | | | | | | The DRBG test code implements the CAVS test approach. As discussed for the test vectors, all DRBG types are covered with testing. However, not every backend cipher is covered with testing. To prevent the testmgr from logging missing testing, the NULL test is registered for all backend ciphers not covered with specific test cases. All currently implemented DRBG types and backend ciphers are defined in SP800-90A. Therefore, the fips_allowed flag is set for all. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - add aead cbc des, des3_ede testsNitesh Lal2014-05-221-12/+162
| | | | | | | | | | | | | | | | | | | | | | | Test vectors were taken from existing test for CBC(DES3_EDE). Associated data has been added to test vectors. HMAC computed with Crypto++ has been used. Following algos have been covered. (a) "authenc(hmac(sha1),cbc(des))" (b) "authenc(hmac(sha1),cbc(des3_ede))" (c) "authenc(hmac(sha224),cbc(des))" (d) "authenc(hmac(sha224),cbc(des3_ede))" (e) "authenc(hmac(sha256),cbc(des))" (f) "authenc(hmac(sha256),cbc(des3_ede))" (g) "authenc(hmac(sha384),cbc(des))" (h) "authenc(hmac(sha384),cbc(des3_ede))" (i) "authenc(hmac(sha512),cbc(des))" (j) "authenc(hmac(sha512),cbc(des3_ede))" Signed-off-by: Vakul Garg <vakul@freescale.com> [NiteshNarayanLal@freescale.com: added hooks for the missing algorithms test and tested the patch] Signed-off-by: Nitesh Lal <NiteshNarayanLal@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Fix DMA-API warningTadeusz Struk2014-05-221-2/+5
| | | | | | | With DMA-API debug enabled testmgr triggers a "DMA-API: device driver maps memory from stack" warning, when tested on a crypto HW accelerator. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - add aead null encryption test vectorsHoria Geanta2014-03-211-0/+32
| | | | | | | | | Add test vectors for aead with null encryption and md5, respectively sha1 authentication. Input data is taken from test vectors listed in RFC2410. Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - fix sglen in test_aead for case 'dst != src'Horia Geanta2013-11-281-14/+12
| | | | | | | | | | | | | | Commit d8a32ac25698cd60b02bed2100379803c7f964e3 (crypto: testmgr - make test_aead also test 'dst != src' code paths) added support for different source and destination buffers in test_aead. This patch modifies the source and destination buffer lengths accordingly: the lengths are not equal since encryption / decryption adds / removes the ICV. Cc: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* tree-wide: use reinit_completion instead of INIT_COMPLETIONWolfram Sang2013-11-151-6/+6
| | | | | | | | | | | | Use this new function to make code more comprehensible, since we are reinitialzing the completion, not initializing. [akpm@linux-foundation.org: linux-next resyncs] Signed-off-by: Wolfram Sang <wsa@the-dreams.de> Acked-by: Linus Walleij <linus.walleij@linaro.org> (personally at LCE13) Cc: Ingo Molnar <mingo@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto ↵Herbert Xu2013-09-071-0/+10
| | | | | | | | | | | | | | | | transform framework" This patch reinstates commits 67822649d7305caf3dd50ed46c27b99c94eff996 39761214eefc6b070f29402aa1165f24d789b3f7 0b95a7f85718adcbba36407ef88bba0a7379ed03 31d939625a9a20b1badd2d4e6bf6fd39fa523405 2d31e518a42828df7877bca23a958627d60408bc Now that module softdeps are in the kernel we can use that to resolve the boot issue which cause the revert. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linuxHerbert Xu2013-09-071-10/+0
|\ | | | | | | Merge upstream tree in order to reinstate crct10dif.
| * Revert "crypto: crct10dif - Wrap crc_t10dif function all to use crypto ↵Herbert Xu2013-07-241-10/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | transform framework" This reverts commits 67822649d7305caf3dd50ed46c27b99c94eff996 39761214eefc6b070f29402aa1165f24d789b3f7 0b95a7f85718adcbba36407ef88bba0a7379ed03 31d939625a9a20b1badd2d4e6bf6fd39fa523405 2d31e518a42828df7877bca23a958627d60408bc Unfortunately this change broke boot on some systems that used an initrd which does not include the newly created crct10dif modules. As these modules are required by sd_mod under certain configurations this is a serious problem. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: testmgr - remove double execution of the same test suiteCristian Stoica2013-08-011-1/+1
|/ | | | | | | | | | | This patch removes redundant execution of the same test suite in cases where alg and driver variables are the same (e.g. when alg_test is called from tcrypt_test) Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> Reviewed-by: Horia Geanta <horia.geanta@freescale.com> Reviewed-by: Ruchika Gupta <ruchika.gupta@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - test hash implementations with unaligned buffersJussi Kivilinna2013-06-211-2/+39
| | | | | | | | | | | | This patch adds unaligned buffer tests for hashes. The first new test is with one byte offset and the second test checks if cra_alignmask for driver is big enough; for example, for testing a case where cra_alignmask is set to 7, but driver really needs buffers to be aligned to 16 bytes. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - test AEADs with unaligned buffersJussi Kivilinna2013-06-211-6/+31
| | | | | | | | | | | | This patch adds unaligned buffer tests for AEADs. The first new test is with one byte offset and the second test checks if cra_alignmask for driver is big enough; for example, for testing a case where cra_alignmask is set to 7, but driver really needs buffers to be aligned to 16 bytes. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - test skciphers with unaligned buffersJussi Kivilinna2013-06-211-4/+29
| | | | | | | | | | | | This patch adds unaligned buffer tests for blkciphers. The first new test is with one byte offset and the second test checks if cra_alignmask for driver is big enough; for example, for testing a case where cra_alignmask is set to 7, but driver really needs buffers to be aligned to 16 bytes. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - check that entries in alg_test_descs are in correct orderJussi Kivilinna2013-06-211-0/+31
| | | | | | | | Patch adds check for alg_test_descs list order, so that accidentically misplaced entries are found quicker. Duplicate entries are also checked for. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Revert "crypto: twofish - add AVX2/x86_64 assembler implementation of ↵Jussi Kivilinna2013-06-211-12/+0
| | | | | | | | | | | | | | | | | twofish cipher" This reverts commit cf1521a1a5e21fd1e79a458605c4282fbfbbeee2. Instruction (vpgatherdd) that this implementation relied on turned out to be slow performer on real hardware (i5-4570). The previous 8-way twofish/AVX implementation is therefore faster and this implementation should be removed. Converting this implementation to use the same method as in twofish/AVX for table look-ups would give additional ~3% speed up vs twofish/AVX, but would hardly be worth of the added code and binary size. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Revert "crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipher"Jussi Kivilinna2013-06-211-12/+0
| | | | | | | | | | | This reverts commit 604880107010a1e5794552d184cd5471ea31b973. Instruction (vpgatherdd) that this implementation relied on turned out to be slow performer on real hardware (i5-4570). The previous 4-way blowfish implementation is therefore faster and this implementation should be removed. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: crct10dif - Simple correctness and speed test for CRCT10DIF hashTim Chen2013-05-241-0/+10
| | | | | | | | | | | | | | | These are simple tests to do sanity check of CRC T10 DIF hash. The correctness of the transform can be checked with the command modprobe tcrypt mode=47 The speed of the transform can be evaluated with the command modprobe tcrypt mode=320 Set the cpu frequency to constant and turn turbo off when running the speed test so the frequency governor will not tweak the frequency and affects the measurements. Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: camellia - add AVX2/AES-NI/x86_64 assembler implementation of ↵Jussi Kivilinna2013-04-251-0/+12
| | | | | | | | | | | | | | camellia cipher Patch adds AVX2/AES-NI/x86-64 implementation of Camellia cipher, requiring 32 parallel blocks for input (512 bytes). Compared to AVX implementation, this version is extended to use the 256-bit wide YMM registers. For AES-NI instructions data is split to two 128-bit registers and merged afterwards. Even with this additional handling, performance should be higher compared to the AES-NI/AVX implementation. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: serpent - add AVX2/x86_64 assembler implementation of serpent cipherJussi Kivilinna2013-04-251-0/+15
| | | | | | | | | | | Patch adds AVX2/x86-64 implementation of Serpent cipher, requiring 16 parallel blocks for input (256 bytes). Implementation is based on the AVX implementation and extends to use the 256-bit wide YMM registers. Since serpent does not use table look-ups, this implementation should be close to two times faster than the AVX implementation. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: twofish - add AVX2/x86_64 assembler implementation of twofish cipherJussi Kivilinna2013-04-251-0/+12
| | | | | | | | | | | Patch adds AVX2/x86-64 implementation of Twofish cipher, requiring 16 parallel blocks for input (256 bytes). Table look-ups are performed using vpgatherdd instruction directly from vector registers and thus should be faster than earlier implementations. Implementation also uses 256-bit wide YMM registers, which should give additional speed up compared to the AVX implementation. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipherJussi Kivilinna2013-04-251-0/+12
| | | | | | | | | | Patch adds AVX2/x86-64 implementation of Blowfish cipher, requiring 32 parallel blocks for input (256 bytes). Table look-ups are performed using vpgatherdd instruction directly from vector registers and thus should be faster than earlier implementations. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: add CMAC support to CryptoAPIJussi Kivilinna2013-04-251-0/+18
| | | | | | | | | | | | Patch adds support for NIST recommended block cipher mode CMAC to CryptoAPI. This work is based on Tom St Denis' earlier patch, http://marc.info/?l=linux-crypto-vger&m=135877306305466&w=2 Cc: Tom St Denis <tstdenis@elliptictech.com> Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>