Daniel Pouzzner
|
d0e73783f1
wolfcrypt/src/aes.c and wolfssl/wolfcrypt/aes.h: add FIPS_AES_XTS_MAX_BYTES_PER_TWEAK and struct XtsAesStreamData, with improved error checking on streaming AES-XTS APIs;
|
6 maanden geleden |
Daniel Pouzzner
|
6d0f611ab5
AES-XTS: add wc_AesXtsEncryptFinal() and wc_AesXtsDecryptFinal() for API consistency, and add error-checking (block alignment check) to wc_AesXtsEncryptUpdate() and wc_AesXtsDecryptUpdate().
|
6 maanden geleden |
Daniel Pouzzner
|
1469aab109
linuxkm/lkcapi_glue.c: add native test coverage for WOLFSSL_AESXTS_STREAM.
|
6 maanden geleden |
Daniel Pouzzner
|
2fe366cc74
wolfcrypt/test/test.c: add test coverage for WOLFSSL_AESXTS_STREAM.
|
6 maanden geleden |
Daniel Pouzzner
|
4f1f7b3a4d
linuxkm/lkcapi_glue.c: update names of wc_AesXts{En,De}cryptInit().
|
6 maanden geleden |
Daniel Pouzzner
|
f874d8753d
AES-XTS-streaming: refactor API to eliminate caller-supplied tweak_block. instead, caller-supplied iv is used as a readwrite buffer.
|
6 maanden geleden |
Daniel Pouzzner
|
3ad5ec4e0a
make --enable-linuxkm-lkcapi-register require --enable-experimental, except for the known-good --enable-linuxkm-lkcapi-register="xts(aes)".
|
6 maanden geleden |
Daniel Pouzzner
|
70d7b6e48b
add WOLFSSL_AESXTS_STREAM, --enable-aesxts-stream, wc_AesXtsEncryptStart(), wc_AesXtsDecryptStart(), wc_AesXtsEncryptUpdate(), wc_AesXtsDecryptUpdate(), and implement fixes in linuxkm/lkcapi_glue.c to use the streaming API when needed. also added support for 2*192 bit AES-XTS, needed for Linux kernel.
|
6 maanden geleden |
Daniel Pouzzner
|
bc8664164b
linuxkm: move the *SAVE_VECTOR_REGISTERS* code from linuxkm/linuxkm_memory.c to linuxkm/x86_vector_register_glue.c, to move various fidgity/unstable kernel function calls outside the PIE wolfCrypt container.
|
6 maanden geleden |
Daniel Pouzzner
|
4cc27fa58b
rename WC_AES_C_DYNAMIC_FALLBACK to WC_C_DYNAMIC_FALLBACK.
|
6 maanden geleden |
Daniel Pouzzner
|
b1edb08119
linuxkm/linuxkm_wc_port.h:
|
8 maanden geleden |
Daniel Pouzzner
|
63fe12efe3
wolfcrypt/src/aes.c: fix WOLFSSL_AESGCM_STREAM && WC_AES_C_DYNAMIC_FALLBACK: establish AESNI status dynamically at time of wc_AesGcmSetKey(), and stick to it (or return failure) until the next wc_AesGcmSetKey(). this matches the semantics of the Linux kernel in-tree implementation, allowing safe registration of the wolfCrypt AESNI implementation with the LKCAPI.
|
9 maanden geleden |
Daniel Pouzzner
|
10645de648
linuxkm: various tweaks:
|
9 maanden geleden |
Daniel Pouzzner
|
e1ee5e4421
linuxkm: spruce up arch-dependent CFLAGS setup in linuxkm/Kbuild; add "failed:" to error messages in km_AesGcmEncrypt() and km_AesGcmDecrypt().
|
9 maanden geleden |
Daniel Pouzzner
|
f228a85cee
AES-XTS: fix FIPS gating to use defined(HAVE_FIPS), not defined(HAVE_FIPS_VERSION).
|
9 maanden geleden |
Daniel Pouzzner
|
6261108d49
linuxkm: fix line lengths throughout; in linuxkm/lkcapi_glue.c: fix/harmonize error catching, reporting, and error codes; further address peer review feedback.
|
9 maanden geleden |
Daniel Pouzzner
|
1fc67183a5
linuxkm: address peer review:
|
9 maanden geleden |
Daniel Pouzzner
|
957fc7460c
linuxkm/lkcapi_glue.c: refactor AES-CBC, AES-CFB, and AES-GCM glue around struct km_AesCtx with separate aes_encrypt and aes_decrypt Aes pointers, and no cached key, to avoid AesSetKey operations at encrypt/decrypt time.
|
9 maanden geleden |
Daniel Pouzzner
|
b1e5d0f9bb
linuxkm: completion and stabilization of LKCAPI integration for AES-CBC, AES-CFB, AES-GCM, and AES-XTS:
|
9 maanden geleden |
Daniel Pouzzner
|
ec60f91b4a
linuxkm: add linuxkm/lkcapi_glue.c.
|
9 maanden geleden |