[PATCH v9 4/7] crypto: and expose ecc curves

Move 'ecc_get_curve' to 'include/crypto/ecc_curve.h', so everyone in kernel tree can easily get ecc curve params; Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c | 5 - crypto/ecc.h | 37 ++-- include/crypto/ecc_curve.h

[PATCH v9 7/7] crypto: hisilicon/hpre - add 'CURVE25519' algorithm

Enable 'CURVE25519' algorithm in Kunpeng 930. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu Reported-by: kernel test robot --- drivers/crypto/hisilicon/Kconfig| 1 + drivers/crypto/hisilicon/hpre/hpre.h| 2 + drivers/crypto/hisilicon/hpre/hpre_crypto.c | 366

[PATCH v9 5/7] crypto: hisilicon/hpre - add 'ECDH' algorithm

1. Enable 'ECDH' algorithm in Kunpeng 930; 2. HPRE ECDH Support: ecdh-nist-p192, ecdh-nist-p256. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 2 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 515 +++- drivers/crypto/

[PATCH v9 0/7] add ECDH and CURVE25519 algorithms support for Kunpeng 930

1. Move curve ID from the key into the algorithm name (like 'ecdh-nist-pxxx' so we get its tfm like 'crypto_alloc_kpp("ecdh-nist-p256", 0, 0)'), in 'crypto/ecc.c' (has been verified by testmgr) and 'crypto/atmel-ecc.c' (only compiled, not do test), and modify 'testmgr.c' and 'net/bluetoo

[PATCH v9 6/7] crypto: add curve25519 params and expose them

1. Add curve 25519 parameters in 'crypto/ecc_curve_defs.h'; 2. Add curve25519 interface 'ecc_get_curve25519_param' in 'include/crypto/ecc_curve.h', to make its parameters be exposed to everyone in kernel tree. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- crypto/ecc.c |

[PATCH v9 2/7] crypto: hisilicon/hpre - add algorithm type

Algorithm type is brought in to get hardware HPRE queue to support different algorithms. Signed-off-by: Meng Yu Reviewed-by: Zaibo Xu --- drivers/crypto/hisilicon/hpre/hpre.h| 10 +- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 12 ++-- drivers/crypto/hisilicon/hpre/hpr

[PATCH v9 1/7] crypto: hisilicon/hpre - add version adapt to new algorithms

A new generation of accelerator Kunpeng930 has appeared, and the corresponding driver needs to be updated to support some new algorithms of Kunpeng930. To be compatible with Kunpeng920, we add parameter 'struct hisi_qm *qm' to sec_algs_(un)register to identify the chip's version. Signed-off-by: Me

[PATCH v9 3/7] crypto: move curve_id of ECDH from the key to algorithm name

1. crypto and crypto/atmel-ecc: Move curve id of ECDH from the key into the algorithm name instead in crypto and atmel-ecc, so ECDH algorithm name change form 'ecdh' to 'ecdh-nist-pxxx', and we cannot use 'curve_id' in 'struct ecdh'; 2. crypto/testmgr and net/bluetooth: Modify 'testmgr.

[PATCH] crypto: testmgr - delete some redundant code

Delete sg_data function, because sg_data function definition same as sg_virt(), so need to delete it and use sg_virt() replace to sg_data(). Signed-off-by: Kai Ye --- crypto/testmgr.c | 11 +++ 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/crypto/testmgr.c b/crypto/testmg

[PATCH] crypto: jitterentropy: Add automatically deoptimization.

This is needed to compile with `CFLAGS_KERNEL=-O2`. Due to `CFLAGS_jitterentropy.o = -O0` comes after `CFLAGS_KERNEL` the code is still optimized and gives an error. This patch deoptimizes the code despite any `CFLAGS`. Signed-off-by: dm9pZCAq --- crypto/jitterentropy.c | 9 - 1 file ch

Re: [PATCH v2 1/3] add params and ids to support nist_p384

On 2/22/21 12:58 PM, Saulo Alessandre wrote: From: Saulo Alessandre * crypto/asymmetric_keys/x509_cert_parser.c - prepare x509 parser to load nist_secp384r1 * crypto/ecc_curve_defs.h - add nist_p384 params * include/crypto/ecdh.h - add ECC_CURVE_NIST_P384 * include/linux/oid_registr

[PATCH v3] hwrng: bcm2835: set quality

This allows devices without a high precission timer to speed up boot from more than 100s to lest than 30s. BCM2835 rngtest: root@OpenWrt:/# cat /dev/hwrng | rngtest -c 1000 rngtest 6.10 Copyright (c) 2004 by Henrique de Moraes Holschuh This is free software; see the source for copying conditions.

[PATCH] hwrng: bcm2835: add reset support

BCM6368 devices need to reset the in order to generate true random numbers. This is what BCM6368 produces without a reset: root@OpenWrt:/# cat /dev/hwrng | rngtest -c 1000 rngtest 6.10 Copyright (c) 2004 by Henrique de Moraes Holschuh This is free software; see the source for copying conditions. T

Re: [PATCH v2] hwrng: iproc: set quality to 1024

Hi, Am 20.02.21 um 21:01 schrieb Álvaro Fernández Rojas: > This allows khwrngd to make use of iproc-rng200. > > Justification: > cat /dev/hwrng | rngtest -c 1000 > rngtest 6.10 > Copyright (c) 2004 by Henrique de Moraes Holschuh > This is free software; see the source for copying conditions. Ther

[PATCH v2 1/3] add params and ids to support nist_p384

From: Saulo Alessandre * crypto/asymmetric_keys/x509_cert_parser.c - prepare x509 parser to load nist_secp384r1 * crypto/ecc_curve_defs.h - add nist_p384 params * include/crypto/ecdh.h - add ECC_CURVE_NIST_P384 * include/linux/oid_registry.h - reorder OID_id_ecdsa_with_sha1 - add OID

[PATCH v2 2/3] adds math to support nist_p384 fast and changes routines to pass forward ecc_curve

From: Saulo Alessandre * crypto/ecc.c - change ecc_get_curve to accept nist_p384 - add vli_mmod_fast_384 - change some routines to pass ecc_curve forward until vli_mmod_fast * crypto/ecc.h - add ECC_CURVE_NIST_P384_DIGITS Signed-off-by: Saulo Alessandre --- crypto/ecc.c | 265 +++

[PATCH v2 3/3] adds nist_p384 register and unregister to support nist_p384 and tests

From: Saulo Alessandre * crypto/ecdsa.c - add ecdsa_nist_p384_init_tfm - register and unregister p384 tfm * crypto/testmgr.c - add test vector for p384 on vector of tests * crypto/testmgr.h - add test vector params for p384(sha1, sha224, sha256, sha384 and sha512) Signed-off-by: Saulo

Re: [PATCH v6 0/5] Enable root to update the blacklist keyring

> On Feb 21, 2021, at 4:17 AM, Mickaël Salaün wrote: > > David, Eric, what is the status of this patch series? All the previous issues I had identified have been resolved, so LGTM. > On 10/02/2021 13:04, Mickaël Salaün wrote: >> This new patch series is a rebase on David Howells's keys-misc b

Re: [PATCH v2] hwrng: iproc: set quality to 1024

Looks ok to me. On 2021-02-20 12:01 p.m., Álvaro Fernández Rojas wrote: > This allows khwrngd to make use of iproc-rng200. > > Justification: > cat /dev/hwrng | rngtest -c 1000 > rngtest 6.10 > Copyright (c) 2004 by Henrique de Moraes Holschuh > This is free software; see the source for copying c

Re: [PATCH 4/4] Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU

Hi, On 2/21/21 10:42 PM, Lee, Chun-Yi wrote: > Add an openssl command option example for generating CodeSign extended > key usage in X.509 when CONFIG_CHECK_CODESIGN_EKU is enabled. > > Signed-off-by: "Lee, Chun-Yi" > --- > Documentation/admin-guide/module-signing.rst | 6 ++ > 1 file chang

Re: [PATCH 00/20] Manual replacement of all strlcpy in favor of strscpy

On 2/22/21 8:12 AM, Romain Perier wrote: strlcpy() copy a C-String into a sized buffer, the result is always a valid NULL-terminated that fits in the buffer, howerver it has severals issues. It reads the source buffer first, which is dangerous if it is non NULL-terminated or if the corresponding

[PATCH 00/20] Manual replacement of all strlcpy in favor of strscpy

strlcpy() copy a C-String into a sized buffer, the result is always a valid NULL-terminated that fits in the buffer, howerver it has severals issues. It reads the source buffer first, which is dangerous if it is non NULL-terminated or if the corresponding buffer is unbounded. Its safe replacement i

[PATCH 02/20] crypto: Manual replacement of the deprecated strlcpy() with return values

The strlcpy() reads the entire source buffer first, it is dangerous if the source buffer lenght is unbounded or possibility non NULL-terminated. It can lead to linear read overflows, crashes, etc... As recommended in the deprecated interfaces [1], it should be replaced by strscpy. This commit rep