linux/crypto
Jarod Wilson 09fbf7c0f2 crypto: ansi_cprng - fix inverted DT increment routine
The ANSI X9.31 PRNG docs aren't particularly clear on how to increment DT,
but empirical testing shows we're incrementing from the wrong end. A 10,000
iteration Monte Carlo RNG test currently winds up not getting the expected
result.

From http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS.pdf :

# CAVS 4.3
# ANSI931 MCT
[X9.31]
[AES 128-Key]

COUNT = 0
Key = 9f5b51200bf334b5d82be8c37255c848
DT = 6376bbe52902ba3b67c925fa701f11ac
V = 572c8e76872647977e74fbddc49501d1
R = 48e9bd0d06ee18fbe45790d5c3fc9b73

Currently, we get 0dd08496c4f7178bfa70a2161a79459a after 10000 loops.

Inverting the DT increment routine results in us obtaining the expected result
of 48e9bd0d06ee18fbe45790d5c3fc9b73. Verified on both x86_64 and ppc64.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2008-12-25 11:01:49 +11:00
..
async_tx async_xor: dma_map destination DMA_BIDIRECTIONAL 2008-12-08 13:46:00 -07:00
Kconfig libcrc32c: Move implementation to crypto crc32c 2008-12-25 11:01:40 +11:00
Makefile crypto: hash - Add shash interface 2008-12-25 11:01:26 +11:00
ablkcipher.c [CRYPTO] skcipher: Move chainiv/seqiv into crypto_blkcipher module 2008-02-23 11:12:06 +08:00
aead.c [CRYPTO] api: Show async type 2008-01-11 08:16:56 +11:00
aes_generic.c [CRYPTO] aes: Export generic setkey 2008-04-21 10:19:34 +08:00
ahash.c crypto: hash - Export shash through hash 2008-12-25 11:01:33 +11:00
algapi.c crypto: api - Use test infrastructure 2008-08-29 15:49:57 +10:00
algboss.c crypto: cryptomgr - Test ciphers using ECB 2008-08-29 15:49:58 +10:00
ansi_cprng.c crypto: ansi_cprng - fix inverted DT increment routine 2008-12-25 11:01:49 +11:00
anubis.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
api.c crypto: api - Rebirth of crypto_alloc_tfm 2008-12-25 11:01:24 +11:00
arc4.c [CRYPTO] api: Get rid of flags argument to setkey 2006-09-21 11:41:02 +10:00
authenc.c crypto: hash - Export shash through hash 2008-12-25 11:01:33 +11:00
blkcipher.c crypto: skcipher - Move IV generators into their own modules 2008-08-29 15:50:00 +10:00
blowfish.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
camellia.c crypto: camellia - use kernel-provided bitops, unaligned access 2008-12-25 11:01:15 +11:00
cast5.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
cast6.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
cbc.c Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) 2008-02-07 08:42:26 -08:00
ccm.c [CRYPTO] ccm: Added CCM mode 2008-01-11 08:16:53 +11:00
chainiv.c crypto: skcipher - Use RNG interface instead of get_random_bytes 2008-08-29 15:50:06 +10:00
cipher.c [CRYPTO] api: Add missing headers for setkey_unaligned 2007-10-10 16:55:40 -07:00
compress.c cleanup asm/scatterlist.h includes 2007-11-02 08:47:06 +01:00
crc32c.c libcrc32c: Move implementation to crypto crc32c 2008-12-25 11:01:40 +11:00
cryptd.c crypto: hash - Move ahash functions into crypto/hash.h 2008-07-10 20:35:18 +08:00
crypto_null.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
ctr.c [CRYPTO] seqiv: Add Sequence Number IV Generator 2008-01-11 08:16:48 +11:00
cts.c [CRYPTO] cts: Init SG tables 2008-06-02 15:46:51 +10:00
deflate.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
des_generic.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
digest.c crypto: hash - Fix digest size check for digest type 2008-08-13 20:08:38 +10:00
ecb.c Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) 2008-02-07 08:42:26 -08:00
eseqiv.c crypto: skcipher - Use RNG interface instead of get_random_bytes 2008-08-29 15:50:06 +10:00
fcrypt.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
fips.c crypto: api - Add fips_enable flag 2008-08-29 15:50:02 +10:00
gcm.c [CRYPTO] gcm: Introduce rfc4106 2008-01-11 08:16:56 +11:00
gf128mul.c [CRYPTO] xts: XTS blockcipher mode implementation without partial blocks 2007-10-10 16:55:45 -07:00
hash.c crypto: hash - Move ahash functions into crypto/hash.h 2008-07-10 20:35:18 +08:00
hmac.c crypto: hash - Export shash through hash 2008-12-25 11:01:33 +11:00
internal.h crypto: api - Rebirth of crypto_alloc_tfm 2008-12-25 11:01:24 +11:00
khazad.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
krng.c crypto: rng - RNG interface and implementation 2008-08-29 15:50:04 +10:00
lrw.c [CRYPTO] lrw: Replace all adds to big endians variables with be*_add_cpu 2008-04-21 10:19:22 +08:00
lzo.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
md4.c crypto: md4 - Use ARRAY_SIZE 2008-12-25 11:01:45 +11:00
md5.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
michael_mic.c [PATCH] Update my email address from jkmaline@cc.hut.fi to j@w1.fi 2007-04-28 11:01:01 -04:00
pcbc.c Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) 2008-02-07 08:42:26 -08:00
proc.c crypto: api - Call type show function before legacy for proc 2008-12-25 11:01:32 +11:00
ripemd.h [CRYPTO] ripemd: Put all common RIPEMD values in header file 2008-07-10 20:35:12 +08:00
rmd128.c crypto: rmd128 - sparse annotations 2008-07-10 20:35:17 +08:00
rmd160.c crypto: rmd - sparse annotations 2008-07-10 20:35:17 +08:00
rmd256.c crypto: rmd - sparse annotations 2008-07-10 20:35:17 +08:00
rmd320.c crypto: rmd - sparse annotations 2008-07-10 20:35:17 +08:00
rng.c crypto: rng - RNG interface and implementation 2008-08-29 15:50:04 +10:00
salsa20_generic.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
scatterwalk.c [CRYPTO] scatterwalk: Handle zero nbytes in scatterwalk_map_and_copy 2008-01-11 08:16:54 +11:00
seed.c [CRYPTO] seed: New cipher algorithm 2007-10-10 16:55:38 -07:00
seqiv.c crypto: skcipher - Use RNG interface instead of get_random_bytes 2008-08-29 15:50:06 +10:00
serpent.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
sha1_generic.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
sha256_generic.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
sha512_generic.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
shash.c crypto: hash - Export shash through hash 2008-12-25 11:01:33 +11:00
tcrypt.c crypto: cryptomgr - Add test infrastructure 2008-08-29 15:49:55 +10:00
tcrypt.h crypto: cryptomgr - Add test infrastructure 2008-08-29 15:49:55 +10:00
tea.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
testmgr.c crypto: crc32c - Test descriptor context format 2008-12-25 11:01:38 +11:00
testmgr.h crypto: cryptomgr - Add test infrastructure 2008-08-29 15:49:55 +10:00
tgr192.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
twofish.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
twofish_common.c [CRYPTO] twofish: Do not unroll big stuff in twofish key setup 2008-01-11 08:16:06 +11:00
wp512.c [CRYPTO] all: Clean up init()/fini() 2008-04-21 10:19:34 +08:00
xcbc.c [CRYPTO] xcbc: Fix crash when ipsec uses xcbc-mac with big data chunk 2008-04-02 14:36:09 +08:00
xor.c async_tx: add the async_tx api 2007-07-13 08:06:14 -07:00
xts.c [CRYPTO] xts: Use proper alignment 2008-03-06 18:56:19 +08:00