Enable compilation of the RNG AF_ALG support and provide a Kconfig
option to compile the RNG AF_ALG support.
Signed-off-by: Stephan Mueller
---
crypto/Kconfig | 9 +
crypto/Makefile | 1 +
2 files changed, 10 insertions(+)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 87bbc9c..e12
This patch adds the AEAD support for AF_ALG.
The AEAD implementation uses the entire memory handling and
infrastructure of the existing skcipher implementation.
To use AEAD, the user space consumer has to use the salg_type named
"aead". The AEAD extension only uses the bind callback as the key
di
To avoid excessive branches and cluttering the code, all kernel crypto
API calls are extracted into separate inline functions. These functions
invoke either the ablkcipher or the aead crypto API function calls, as
necessary.
Signed-off-by: Stephan Mueller
---
crypto/algif_skcipher.c | 141 ++
This patch adds the random number generator support for AF_ALG.
A random number generator's purpose is to generate data without
requiring the caller to provide any data. Therefore, the AF_ALG
interface handler for RNGs only implements a callback handler for
recvmsg.
The following parameters provi
The data structure holding the state of an ongoing symmetric cipher
operation is extended by the data variables needed for AEAD.
The request data structures are encapsulated by a union as the symmetric
cipher implementation is either exclusively used for "normal" symmetric
ciphers or for AEAD ciph
The AF_ALG interface allows normal cipher (hash, encrypt, decrypt).
However, it does not allow user space to obtain the following generic
information about the currently active cipher:
* block size of the cipher
* IV size of the cipher
* for AEAD, the maximum authenticati
AEAD requires the following data in addition to normal symmetric
ciphers:
* Associated authentication data of arbitrary length
* Authentication tag for decryption
* Length of authentication tag for encryption
The authentication tag data is communicated as part of the act
Hi,
This patch set adds AEAD and RNG support to the AF_ALG interface
exported by the kernel crypto API. By extending AF_ALG with AEAD and RNG
support, all cipher types the kernel crypto API allows access to are
now accessible from userspace.
The RNG support is stand-alone.
The AEAD implementatio
The current AF_ALG implementation requires that a userspace interface
implementation must provide a callback for setkey. Such a call is not
appliable to random number generators.
To prepare AF_ALG for the addition of a random number generator user
space interface, this function callback invocation
So far, the encryption/decryption are asynchronously processed in
softirq and cryptd which would result in a implicit order of data,
therefore leads IPSec stack also out of order while encapsulating
or decapsulating packets.
Consider the following scenario:
DECRYPTION INBOUND
The API function calls exported by the kernel crypto API for
signle block ciphers to be used by consumers are documented.
Signed-off-by: Stephan Mueller
---
include/linux/crypto.h | 89 ++
1 file changed, 89 insertions(+)
diff --git a/include/linu
The API function calls exported by the kernel crypto API for
asynchronous block ciphers to be used by consumers are documented.
Signed-off-by: Stephan Mueller
---
include/linux/crypto.h | 206 +
1 file changed, 206 insertions(+)
diff --git a/inclu
The API function calls exported by the kernel crypto API for
synchronous block ciphers to be used by consumers are documented.
Signed-off-by: Stephan Mueller
---
include/linux/crypto.h | 188 +
1 file changed, 188 insertions(+)
diff --git a/includ
The API function calls exported by the kernel crypto API for RNGs to
be used by consumers are documented.
Signed-off-by: Stephan Mueller
---
include/crypto/rng.h | 80
1 file changed, 80 insertions(+)
diff --git a/include/crypto/rng.h b/inclu
Hi,
The following patch set adds documentation files under Documentation/crypto/
covering the high-level description of the API. In addition, it contains
source code comments added to the header files of the kernel crypto API
documenting the API functions.
The documentation is provided in a DocBo
The design of the kernel crypto API as well as hints to program with
the kernel crypto API are given.
The documentation contains:
* design aspects of crypto API
* develper specific hints
* references to the API function description
* source code examples
CC: Marek Vasut
Signed-off-by: Stepha
The API function calls exported by the kernel crypto API for AHASHes
to be used by consumers are documented.
Signed-off-by: Stephan Mueller
---
include/crypto/hash.h | 228 ++
1 file changed, 228 insertions(+)
diff --git a/include/crypto/hash.h b/
The API function calls exported by the kernel crypto API for SHASHes
to be used by consumers are documented.
Signed-off-by: Stephan Mueller
---
include/crypto/hash.h | 164 ++
1 file changed, 164 insertions(+)
diff --git a/include/crypto/hash.h b/
The data structure of struct crypto_alg together with various other
data structures needed by cipher developers is documented wit all
parameters that can be set by a developer of a transformation. All
parameters that are internal to the crypto API are marked as such.
Signed-off-by: Stephan Mueller
The userspace interface of the kernel crypto API is documented with
* a general explanation
* a discussion of the memory in-place operation
* the description of the message digest API
* the description of the symmetric cipher API
The documentation refers to libkcapi as a working example on how
Add the crypto API documentation into the DocBook Makefile to allow it
being compiled
Signed-off-by: Stephan Mueller
---
Documentation/DocBook/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Documentation/DocBook/Makefile b/Documentation/DocBook/Makefile
index bec066
The hash data structures needed to be filled in by cipher developers are
documented.
Signed-off-by: Stephan Mueller
---
include/crypto/hash.h | 95 +++
1 file changed, 95 insertions(+)
diff --git a/include/crypto/hash.h b/include/crypto/hash.h
ind
The API function calls exported by the kernel crypto API for
message digests to be used by consumers are documented.
Signed-off-by: Stephan Mueller
---
include/linux/crypto.h | 119 +
1 file changed, 119 insertions(+)
diff --git a/include/linux/cr
The API function calls exported by the kernel crypto API for AEAD
ciphers to be used by consumers are documented.
Signed-off-by: Stephan Mueller
---
include/linux/crypto.h | 251 +
1 file changed, 251 insertions(+)
diff --git a/include/linux/crypt
On Tue, Nov 11, 2014 at 08:04:03PM +0200, Nicolae Rosia wrote:
> On Fri, May 30, 2014 at 4:41 PM, Herbert Xu
> wrote:
>
> > [...]
> > This is because the user is supposed to back off once they get
> > EBUSY, until they're notified once the backlog entry is popped
> > off (but not processed, it mu
Hi, Herbert:
I've figured out a new patch for this issue reported by me previously,
the basic idea is adding a cryptd_flush_queue function fixing it by
being called from softirq to flush all previous queued elements before
processing a new one, and it works very well so far per my test, would
Hi Vladimir
> -Original Message-
> From: linux-crypto-ow...@vger.kernel.org [mailto:linux-crypto-
> ow...@vger.kernel.org] On Behalf Of Vladimir Zapolskiy
> Sent: 11 November 2014 15:12
> To: James Hartley; grant.lik...@linaro.org; robh...@kernel.org;
> a...@linux-foundation.org
> Cc: herb
Hi James,
On 11.11.2014 16:59, James Hartley wrote:
> Hi Vladimir, thanks for the review!
>
>> -Original Message-
>> From: Vladimir Zapolskiy [mailto:vladimir_zapols...@mentor.com]
>> Sent: 10 November 2014 15:10
>> To: James Hartley; herb...@gondor.apana.org.au; da...@davemloft.net;
>>
On Mon, Nov 10, 2014 at 12:16:51PM -0600, Tom Lendacky wrote:
> Hi Herbert,
>
> Is the PCOMPRESS algorithm supposed to support asynchronous
> implementations? In other words, are callers expected to handle the
> -EINPROGRESS or -EAGAIN return codes that can be returned by an
> asynchronous impleme
Hi Vladimir, thanks for the review!
> -Original Message-
> From: Vladimir Zapolskiy [mailto:vladimir_zapols...@mentor.com]
> Sent: 10 November 2014 15:10
> To: James Hartley; herb...@gondor.apana.org.au; da...@davemloft.net;
> grant.lik...@linaro.org; robh...@kernel.org; a...@linux-founda
Merge DES Cipher Block Chaining mode (CBC) and Triple DES Cipher Block
Chaining mode (CBC) algorithms from ablkcipher to givencrypt.
Signed-off-by: Catalin Vasile
---
drivers/crypto/caam/caamalg.c | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/caam/
Hi Stephan,
On 11/11/2014 05:37 AM, Stephan Mueller wrote:
Zeroize the buffer holding the message digest calculated for the
consumer before the buffer is released by the hash AF_ALG interface
handler.
Signed-off-by: Stephan Mueller
---
crypto/algif_hash.c | 2 ++
1 file changed, 2 insertion
On 11/11/2014 05:16 AM, Stephan Mueller wrote:
...
That is a good idea.
Herbert: I can prepare a patch that uses memzero_explicit. However, your
current tree does not yet implement that function as it was added to Linus'
tree after you pulled from it.
Yep, Ted took it [1] on top of the random
33 matches
Mail list logo
