UPSTREAM: crypto: x86/aesni-xctr - Add accelerated implementation of XCTR

Add hardware accelerated version of XCTR for x86-64 CPUs with AESNI support. More information on XCTR can be found in the HCTR2 paper: "Length-preserving encryption with HCTR2": https://eprint.iacr.org/2021/1441.pdf Signed-off-by: Nathan Huckleberry <nhuck@google.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Bug: 233652475 Link: https://lore.kernel.org/linux-arm-kernel/20220520181501.2159644-4-nhuck@google.com/T/ (cherry picked from commit fd94fcf09957a75e25941f7dbfc84d30a63817ac) Change-Id: I04bcbe4b1f5f63fc98f634b44651e1a621e5656e Signed-off-by: Nathan Huckleberry <nhuck@google.com>
2022-05-20 18:14:56 +00:00
parent d672bb9c20
commit 37915fdb0d
3 changed files with 266 additions and 82 deletions
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -1170,7 +1170,7 @@ config CRYPTO_AES_NI_INTEL
 	  In addition to AES cipher algorithm support, the acceleration
 	  for some popular block cipher mode is supported too, including
 	  ECB, CBC, LRW, XTS. The 64 bit version has additional
-	  acceleration for CTR.
+	  acceleration for CTR and XCTR.

 config CRYPTO_AES_SPARC64
 	tristate "AES cipher algorithms (SPARC64)"