linux-dev/arch/sparc/crypto, branch masterLinux kernel development work - see feature brancheshttps://git.zx2c4.com/linux-dev/atom/arch/sparc/crypto?h=master2022-08-26T10:50:43Zcrypto: Kconfig - simplify cipher entries2022-08-26T10:50:43ZRobert Elliottelliott@hpe.com2022-08-20T18:41:50Zurn:sha1:cf514b2a5902ee4f93e9636ace5228fed27f23bb
Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
"hardware acceleration", or "optimized"
Simplify help text descriptions, update references, and ensure that
https references are still valid.
Signed-off-by: Robert Elliott <elliott@hpe.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: Kconfig - simplify hash entries2022-08-26T10:50:43ZRobert Elliottelliott@hpe.com2022-08-20T18:41:48Zurn:sha1:3f342a23257df99b792c1edb1236e85badc157de
Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
"hardware acceleration", or "optimized"
Simplify help text descriptions, update references, and ensure that
https references are still valid.
Signed-off-by: Robert Elliott <elliott@hpe.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: Kconfig - simplify CRC entries2022-08-26T10:50:42ZRobert Elliottelliott@hpe.com2022-08-20T18:41:46Zurn:sha1:ec84348da449d96ce5be47f7d00221cb8374f462
Shorten menu titles and make them consistent:
- acronym
- name
- architecture features in parenthesis
- no suffixes like "<something> algorithm", "support", or
"hardware acceleration", or "optimized"
Simplify help text descriptions, update references, and ensure that
https references are still valid.
Signed-off-by: Robert Elliott <elliott@hpe.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: Kconfig - move sparc entries to a submenu2022-08-26T10:50:41ZRobert Elliottelliott@hpe.com2022-08-20T18:41:38Zurn:sha1:0e9f9ea6e21f7e0b2a25abf01140315e36e95d1d
Move CPU-specific crypto/Kconfig entries to arch/xxx/crypto/Kconfig
and create a submenu for them under the Crypto API menu.
Suggested-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Robert Elliott <elliott@hpe.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: sparc/sha - remove duplicate hash init function2021-12-31T07:10:55ZTianjia Zhangtianjia.zhang@linux.alibaba.com2021-12-20T09:23:17Zurn:sha1:e0583b6acb92683ba192c745f12ef31997e9b8b1
sha*_base_init() series functions has implemented the initialization
of the hash context, this commit use sha*_base_init() function to
replace repeated implementations.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: sparc - Fix sparse endianness warnings2020-11-27T06:13:42ZHerbert Xuherbert@gondor.apana.org.au2020-11-20T06:41:26Zurn:sha1:6cf1a144d3f5752400cad99d9142fba668cc4ddb
This patch fixes a coulpe of sparse endianness warnings.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: sha - split sha.h into sha1.h and sha2.h2020-11-20T03:45:33ZEric Biggersebiggers@google.com2020-11-13T05:20:21Zurn:sha1:a24d22b225ce158651378869a6b88105c4bdb887
Currently <crypto/sha.h> contains declarations for both SHA-1 and SHA-2,
and <crypto/sha3.h> contains declarations for SHA-3.
This organization is inconsistent, but more importantly SHA-1 is no
longer considered to be cryptographically secure. So to the extent
possible, SHA-1 shouldn't be grouped together with any of the other SHA
versions, and usage of it should be phased out.
Therefore, split <crypto/sha.h> into two headers <crypto/sha1.h> and
<crypto/sha2.h>, and make everyone explicitly specify whether they want
the declarations for SHA-1, SHA-2, or both.
This avoids making the SHA-1 declarations visible to files that don't
want anything to do with SHA-1. It also prepares for potentially moving
sha1.h into a new insecure/ or dangerous/ directory.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: sparc - rename sha256 to sha256_alg2020-07-16T11:49:04ZEric Biggersebiggers@google.com2020-07-08T16:39:39Zurn:sha1:6e8f972fc3fb03797abb88feee6704dccada93f6
To avoid a naming collision when we add a sha256() library function,
rename the "sha256" static variable in sha256_glue.c to "sha256_alg".
For consistency, also rename "sha224" to "sha224_alg".
Reported-by: kernel test robot <lkp@intel.com>
Cc: sparclinux@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: lib/sha1 - remove unnecessary includes of linux/cryptohash.h2020-05-08T05:32:17ZEric Biggersebiggers@google.com2020-05-02T18:24:26Zurn:sha1:2aaba014b55be46affcae78edff356c5e3389081
<linux/cryptohash.h> sounds very generic and important, like it's the
header to include if you're doing cryptographic hashing in the kernel.
But actually it only includes the library implementation of the SHA-1
compression function (not even the full SHA-1). This should basically
never be used anymore; SHA-1 is no longer considered secure, and there
are much better ways to do cryptographic hashing in the kernel.
Most files that include this header don't actually need it. So in
preparation for removing it, remove all these unneeded includes of it.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN2020-01-09T03:30:53ZEric Biggersebiggers@google.com2019-12-31T03:19:36Zurn:sha1:674f368a952c48ede71784935a799a5205b92b6c
The CRYPTO_TFM_RES_BAD_KEY_LEN flag was apparently meant as a way to
make the ->setkey() functions provide more information about errors.
However, no one actually checks for this flag, which makes it pointless.
Also, many algorithms fail to set this flag when given a bad length key.
Reviewing just the generic implementations, this is the case for
aes-fixed-time, cbcmac, echainiv, nhpoly1305, pcrypt, rfc3686, rfc4309,
rfc7539, rfc7539esp, salsa20, seqiv, and xcbc. But there are probably
many more in arch/*/crypto/ and drivers/crypto/.
Some algorithms can even set this flag when the key is the correct
length. For example, authenc and authencesn set it when the key payload
is malformed in any way (not just a bad length), the atmel-sha and ccree
drivers can set it if a memory allocation fails, and the chelsio driver
sets it for bad auth tag lengths, not just bad key lengths.
So even if someone actually wanted to start checking this flag (which
seems unlikely, since it's been unused for a long time), there would be
a lot of work needed to get it working correctly. But it would probably
be much better to go back to the drawing board and just define different
return values, like -EINVAL if the key is invalid for the algorithm vs.
-EKEYREJECTED if the key was rejected by a policy like "no weak keys".
That would be much simpler, less error-prone, and easier to test.
So just remove this flag.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>