Re: [PATCH 1/5] crypto: talitos - add hmac algorithms

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Wed, Nov 16, 2011 at 6:19 PM, Kim Phillips
<kim.phillips@xxxxxxxxxxxxx> wrote:
> From: Lee Nipper <lee.nipper@xxxxxxxxx>
>
> Add these hmac algorithms to talitos:
>    hmac(md5),
>    hmac(sha1),
>    hmac(sha224),
>    hmac(sha256),
>    hmac(sha384),
>    hmac(sha512).
> These are all type ahash.
>
> Signed-off-by: Lee Nipper <lee.nipper@xxxxxxxxx>
>
> Fixed up to not register HMAC algorithms on sec2.0 devices.
> Rationale (from Lee):
>
> on an 8349E Rev1.1, there's a problem with hmac for any talitos
> hmac sequence requiring an intermediate hash context (Pointer
> DWORD 1); the result is an incorrect hmac.  An intermediate hash
> context is required for something longer than (65536-blocksize),
> and for other cases when update/finup/final are used inefficiently.
> Interestingly, a normal hash (without hmac) works perfectly
> when using an intermediate context.
>
> Signed-off-by: Kim Phillips <kim.phillips@xxxxxxxxxxxxx>

Thanks Kim for re-submitting this patch, and the fix for avoiding
sec2.0 problem.

Since I don't have sec2.1+ h/w, I won't be able to hammer test it. :(
Does AH IPsec now function with talitos hmac with this patch ?

Cheers,
Lee
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

Add to Google