diff options
| author | Nathan Huckleberry <nhuck@google.com> | 2022-05-20 18:14:53 +0000 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2022-06-10 16:40:16 +0800 |
| commit | 880d1ee81cdf5f2a4e070beab419c17865edfd24 (patch) | |
| tree | 84b588ccaa880cac924dafcd6d613afbc1d6ca8b /crypto/tcrypt.c | |
| parent | 7fae17ead59ccd7e244e0871c8130951b138115f (diff) | |
| download | linux-crypto-880d1ee81cdf5f2a4e070beab419c17865edfd24.tar.gz linux-crypto-880d1ee81cdf5f2a4e070beab419c17865edfd24.zip | |
crypto: xctr - Add XCTR support
Add a generic implementation of XCTR mode as a template. XCTR is a
blockcipher mode similar to CTR mode. XCTR uses XORs and little-endian
addition rather than big-endian arithmetic which has two advantages: It
is slightly faster on little-endian CPUs and it is less likely to be
implemented incorrect since integer overflows are not possible on
practical input sizes. XCTR is used as a component to implement HCTR2.
More information on XCTR mode can be found in the HCTR2 paper:
https://eprint.iacr.org/2021/1441.pdf
Signed-off-by: Nathan Huckleberry <nhuck@google.com>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/tcrypt.c')
| -rw-r--r-- | crypto/tcrypt.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index 2bacf838..fd671d0e 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c @@ -1556,6 +1556,7 @@ static int do_test(const char *alg, u32 type, u32 mask, int m, u32 num_mb) ret += tcrypt_test("rfc3686(ctr(aes))"); ret += tcrypt_test("ofb(aes)"); ret += tcrypt_test("cfb(aes)"); + ret += tcrypt_test("xctr(aes)"); break; case 11: |