Hi all, One of the function of this patch is to add MD5 authentication support in Kernel2.6.35. Another is when user set a specific IPSEC encryption and authentication, it will display the information through console. BTW, I'm using P1010RDB for verification. Share with you guys~ 1. drivers\crypto\caam\Algapi.c + #define printf(args...) printk(args) + #define printf(args...) printk(args) . . . 164 switch (authsize * 😎 { 165 case 96: 166 - if (ctx->alg_op != OP_ALG_ALGSEL_SHA1) { 167 - dev_err(dev, "h/w doesn't support %d-bit ICV trunc." 168 - " length with chosen authentication algorithm", 169 - authsize * 8); 170 - return -EOPNOTSUPP; 171 - } 172 - ctx->class2_alg_type = AUTH_TYPE_IPSEC_SHA1HMAC_96; + if (ctx->alg_op == OP_ALG_ALGSEL_MD5){ + ctx->class2_alg_type = AUTH_TYPE_IPSEC_MD5HMAC_96; + printf("AUTH_TYPE : MD5\n"); + if (ctx->class1_alg_type == CIPHER_TYPE_IPSEC_AESCBC) + printf("ALO_TYPE : AES\n"); + else if (ctx->class1_alg_type == CIPHER_TYPE_IPSEC_3DESCBC) + printf("ALO_TYPE : 3DES\n"); + else if (ctx->class1_alg_type == CIPHER_TYPE_IPSEC_DESCBC) + printf("ALO_TYPE : DES\n"); + } + else if (ctx->alg_op == OP_ALG_ALGSEL_SHA1){ + ctx->class2_alg_type = AUTH_TYPE_IPSEC_SHA1HMAC_96; + printf("AUTH_TYPE : SHA1\n"); + if (ctx->class1_alg_type == CIPHER_TYPE_IPSEC_AESCBC) + printf("ALO_TYPE : AES\n"); + else if (ctx->class1_alg_type == CIPHER_TYPE_IPSEC_3DESCBC) + printf("ALO_TYPE : 3DES\n"); + else if (ctx->class1_alg_type == CIPHER_TYPE_IPSEC_DESCBC) + printf("ALO_TYPE : DES\n"); + } + else { + dev_err(dev, "h/w doesn't support %d-bit ICV trunc." + " length with chosen authentication algorithm", + authsize * 8); + return -EOPNOTSUPP; + } break; . . . 1243 static struct caam_alg_template driver_algs[] = { 1244 /* single-pass ipsec_esp descriptor */ + { + .name = "authenc(hmac(md5),cbc(aes))", + .driver_name = "authenc-hmac-md5-cbc-aes-caam", + .blocksize = AES_BLOCK_SIZE, + .aead = { + .setkey = aead_authenc_setkey, + .setauthsize = aead_authenc_setauthsize, + .encrypt = aead_authenc_encrypt_first, + .decrypt = aead_authenc_decrypt_first, + .givencrypt = aead_authenc_givencrypt_first, + .geniv = "<built-in>", + .ivsize = AES_BLOCK_SIZE, + .maxauthsize = MD5_DIGEST_SIZE, + }, + .class1_alg_type = CIPHER_TYPE_IPSEC_AESCBC, + .class2_alg_type = AUTH_TYPE_IPSEC_MD5HMAC_96, + .alg_op = OP_ALG_ALGSEL_MD5, + }, + { + .name = "authenc(hmac(md5),cbc(des3_ede))", + .driver_name = "authenc-hmac-md5-cbc-des3_ede-caam", + .blocksize = DES3_EDE_BLOCK_SIZE, + .aead = { + .setkey = aead_authenc_setkey, + .setauthsize = aead_authenc_setauthsize, + .encrypt = aead_authenc_encrypt_first, + .decrypt = aead_authenc_decrypt_first, + .givencrypt = aead_authenc_givencrypt_first, + .geniv = "<built-in>", + .ivsize = DES3_EDE_BLOCK_SIZE, + .maxauthsize = MD5_DIGEST_SIZE, + }, + .class1_alg_type = CIPHER_TYPE_IPSEC_3DESCBC, + .class2_alg_type = AUTH_TYPE_IPSEC_MD5HMAC_96, + .alg_op = OP_ALG_ALGSEL_MD5, + }, + { + .name = "authenc(hmac(md5),cbc(des))", + .driver_name = "authenc-hmac-md5-cbc-des-caam", + .blocksize = DES_BLOCK_SIZE, + .aead = { + .setkey = aead_authenc_setkey, + .setauthsize = aead_authenc_setauthsize, + .encrypt = aead_authenc_encrypt_first, + .decrypt = aead_authenc_decrypt_first, + .givencrypt = aead_authenc_givencrypt_first, + .geniv = "<built-in>", + .ivsize = DES_BLOCK_SIZE, + .maxauthsize = MD5_DIGEST_SIZE, + }, + .class1_alg_type = CIPHER_TYPE_IPSEC_DESCBC, + .class2_alg_type = AUTH_TYPE_IPSEC_MD5HMAC_96, + .alg_op = OP_ALG_ALGSEL_MD5, + }, 1245 { 1246 .name = "authenc(hmac(sha1),cbc(aes))", 1247 .driver_name = "authenc-hmac-sha1-cbc-aes-caam", . . 2. drivers\crypto\caam\compat.h 58 #include <crypto/algapi.h> 59 #include <crypto/aes.h> 60 #include <crypto/des.h> 61 #include <crypto/sha.h> + #include <crypto/md5.h> 62 #include <crypto/aead.h> 63 #include <crypto/authenc.h> 64 #include <crypto/scatterwalk.h>
View full article