The function drbg_generate_long slices the request into 2**16 byte
or smaller chunks. However, the loop, however invokes the random number
generation function with zero bytes when the request size is a multiple
of 2**16 bytes. The fix prevents zero bytes requests.
Signed-off-by: Stephan Mueller
-
On 07/29/2014 02:32 AM, Cristian Stoica wrote:
> This patch adds kernel support for encryption/decryption of TLS 1.0
> records using block ciphers. Implementation is similar to authenc in
> the sense that the base algorithms (AES, SHA1) are combined in a
> template to produce TLS encapsulation fram
On 07/29/2014 02:32 AM, Cristian Stoica wrote:
> Hi all,
>
> This set of patches introduces support for TLS 1.0 record layer
> encryption/decryption with a corresponding algorithm called
> tls10(hmac(),cbc()).
>
> Similarly to authenc.c on which it is based, this module mixes the base
> algorithm
This patch introduces the data structures and prototypes of functions
needed for computing SHA1 hash using multi-buffer. Included are the
structures of the multi-buffer SHA1 job, job scheduler in C and x86
assembly.
Signed-off-by: Tim Chen
---
arch/x86/crypto/sha-mb/sha1_mb_mgr_datastruct.S | 2
This patch introduces the routines used to submit and flush buffers
belonging to SHA1 crypto jobs to the SHA1 multibuffer algorithm. It is
implemented mostly in assembly optimized with AVX2 instructions.
Signed-off-by: Tim Chen
---
arch/x86/crypto/sha-mb/sha1_mb_mgr_flush_avx2.S | 327
This function will help an async task processing batched jobs from
workqueue decide if it wants to keep processing on more chunks of batched
work that can be delayed, or to accumulate more work for more efficient
batched processing later.
If no other tasks are running on the cpu, the batching proc
This patch introduces the multi-buffer job manager which is responsible
for submitting scatter-gather buffers from several SHA1 jobs to the
multi-buffer algorithm. It also contains the flush routine to that's
called by the crypto daemon to complete the job when no new jobs arrive
before the deadli
This patch introduces the assembly routines to do SHA1 computation on
buffers belonging to serveral jobs at once. The assembly routines are
optimized with AVX2 instructions that have 8 data lanes and using AVX2
registers.
Signed-off-by: Tim Chen
---
arch/x86/crypto/sha-mb/sha1_x8_avx2.S | 472 +
This patch introduces the multi-buffer crypto daemon which is responsible
for submitting crypto jobs in a work queue to the responsible multi-buffer
crypto algorithm. The idea of the multi-buffer algorihtm is to put
data streams from multiple jobs in a wide (AVX2) register and then
take advantage
Herbert,
I've updated the patches from v5 with the multi-buffer infrastructure
patch contained within the same patch and some patch subject
and comments clean up per Peter's feedback.
Please note also that a separate bug fix to the crypto scatter gather list walk
for the null string needs to be
Dan Carpenter wrote:
>193if (x509->issuer)
>
> Check.
>
>194pr_debug("- issuer %s\n", x509->issuer);
Actually, x509->subject and x509->issuer are mandatory in the ASN.1 definition
and point
Hi Linus:
This push adds missing SELinux labeling to AF_ALG sockets which
apparently causes SELinux (or at least the SELinux people) to
misbehave :)
Please pull from
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git
or
master.kernel.org:/pub/scm/linux/kernel/git/herbert/cryp
On Tue, Jul 29, 2014 at 06:41:09PM +, Milan Broz wrote:
> Th AF_ALG socket was missing a security label (e.g. SELinux)
> which means that socket was in "unlabeled" state.
>
> This was recently demonstrated in the cryptsetup package
> (cryptsetup v1.6.5 and later.)
> See https://bugzilla.redhat
Hello David Howells,
This is a semi-automatic email about new static checker warnings.
The patch 8c76d79393cc: "PKCS#7: Verify internal certificate chain"
from Jul 1, 2014, leads to the following Smatch complaint:
crypto/asymmetric_keys/pkcs7_verify.c:200 pkcs7_verify_sig_chain()
error
On Don, 2014-07-31 at 00:18 +0200, Pavel Machek wrote:
> On Wed 2014-07-30 16:40:52, Bernd Petrovitsch wrote:
> > On Mit, 2014-07-30 at 07:56 -0600, Bob Beck wrote:
> > > Pavel. I have bit 'ol enterprise daemon running with established file
> > > descriptors serving thousands of connections
> > > w
15 matches
Mail list logo
