Stefan,
On Sat, Mar 06, 2021 at 06:29:18PM -0500, Stefan Berger wrote:
> On 3/6/21 2:25 PM, Vitaly Chikunov wrote:
> >
> > On Thu, Mar 04, 2021 at 07:51:57PM -0500, Stefan Berger wrote:
> > > From: Saulo Alessandre
> > >
> > > * crypto/ecc.c
> >
Stefan,
On Thu, Mar 04, 2021 at 07:51:57PM -0500, Stefan Berger wrote:
> From: Saulo Alessandre
>
> * crypto/ecc.c
> - add vli_mmod_fast_384
> - change some routines to pass ecc_curve forward until vli_mmod_fast
>
> * crypto/ecc.h
> - add ECC_CURVE_NIST_P384_DIGITS
> - change ECC_MAX_DI
Jarkko,
On Fri, Mar 05, 2021 at 07:05:39PM +0200, Jarkko Sakkinen wrote:
> > +// SPDX-License-Identifier: GPL-2.0+
> > +/*
> > + * Copyright (c) 2021 IBM Corporation
> > + *
> > + * Redistribution and use in source and binary forms, with or without
> > + * modification, are permitted provided that
Jarkko,
On Fri, Mar 05, 2021 at 07:05:39PM +0200, Jarkko Sakkinen wrote:
> On Thu, Mar 04, 2021 at 07:51:55PM -0500, Stefan Berger wrote:
> > +module_exit(ecdsa_exit);
> > +
> > +MODULE_LICENSE("GPL");
> > +MODULE_AUTHOR("Stefan Berger ");
>
> Remove MODULE_AUTHOR(). It's redundant because of Git
Ard,
On Mon, Feb 08, 2021 at 07:47:44AM +0100, Ard Biesheuvel wrote:
> On Mon, 8 Feb 2021 at 07:37, Vitaly Chikunov wrote:
> >
> > Herbert,
> >
> > On Fri, Jan 29, 2021 at 02:00:04PM +1100, Herbert Xu wrote:
> > > On Thu, Jan 28, 2021 at 09:49:41PM -0500, Ste
Herbert,
On Fri, Jan 29, 2021 at 02:00:04PM +1100, Herbert Xu wrote:
> On Thu, Jan 28, 2021 at 09:49:41PM -0500, Stefan Berger wrote:
> >
> > In my patch series I initially had registered the akciphers under the names
> > ecc-nist-p192 and ecc-nist-p256 but now, in V4, joined them together as
> >
Herbert,
On Tue, Feb 02, 2021 at 04:10:03PM +1100, Herbert Xu wrote:
> On Fri, Jan 29, 2021 at 06:25:35PM -0300, Saulo Alessandre wrote:
> > From: Saulo Alessandre
> >
> > * Documentation/admin-guide/module-signing.rst
> > - Documents how to generate certificate and signature for (ECDSA).
> >
Meng,
It looks like not just definitions but some static data is moved to
includes. Why?
Thanks,
On Fri, Dec 11, 2020 at 02:30:32PM +0800, Meng Yu wrote:
> Move elliptic curves definition to 'include/crypto/ecc_curve_defs.h',
> so all can use it,
>
> Signed-off-by: Meng Yu
> Reviewed-by: Zaibo
n512C, /* 1.2.643.7.1.2.1.2.3 */
>
> + /* OSCCA */
> + OID_sm2,/* 1.2.156.10197.1.301 */
> + OID_sm3,/* 1.2.156.10197.1.401 */
> + OID_sm2_with_sm3, /* 1.2.156.10197.1.501 */
> + OID_sm3WithRSAEncryption, /* 1.2.156.10197.1.504 */
OID_sm3WithRSAEncryption identifier is unused and this mode looks not
implemented. But, this is probably ok for possible future extension.
Reviewed-by: Vitaly Chikunov
Thanks,
> +
> OID__NR
> };
>
ion Office,
such as sm3.
Reviewed-by: Vitaly Chikunov
Thanks,
> ---
> security/integrity/digsig_asymmetric.c | 14 +++---
> 1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/security/integrity/digsig_asymmetric.c
> b/security/integrity/digsig_asymme
gt; reversed. In addition, the sensitive variables of priv and rand_z are
> zeroized.
>
> Signed-off-by: Stephan Mueller
> ---
> crypto/ecc.c | 11 ---
> 1 file changed, 8 insertions(+), 3 deletions(-)
This patch seems not changed from v2, thus
Reviewed-by: Vitaly Chiku
On Mon, Jul 13, 2020 at 07:04:39AM +0200, Stephan Mueller wrote:
> Am Sonntag, 12. Juli 2020, 20:06:13 CEST schrieb Vitaly Chikunov:
>
> Hi Vitaly,
>
> > Stephan,
> >
> > On Sun, Jul 12, 2020 at 06:42:14PM +0200, Stephan Müller wrote:
> > > After the gene
Stephan,
On Sun, Jul 12, 2020 at 06:42:14PM +0200, Stephan Müller wrote:
> After the generation of a local public key, SP800-56A rev 3 section
> 5.6.2.1.3 mandates a validation of that key with a full validation
> compliant to section 5.6.2.3.3.
>
> Only if the full validation passes, the key is
gt; reversed. In addition, the sensitive variables of priv and rand_z are
Reviewed-by: Vitaly Chikunov
> zeroized.
>
> Signed-off-by: Stephan Mueller
> ---
> crypto/ecc.c | 11 ---
> 1 file changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/crypto/ecc.c
Tianjia,
On Tue, Jun 09, 2020 at 09:48:47PM +0800, Tianjia Zhang wrote:
> Hello all,
>
> This new module implement the OSCCA certificate and SM2 public key
> algorithm. It was published by State Encryption Management Bureau, China.
> List of specifications for OSCCA certificate and SM2 elliptic c
er used, so can be removed.
>
> Reported-by: Hulk Robot
> Signed-off-by: YueHaibing
Reviewed-by: Vitaly Chikunov
> ---
> crypto/streebog_generic.c | 46 --
> 1 file changed, 46 deletions(-)
>
> diff --git a/crypto/streebog_gen
Denis, Herbert,
On Thu, Apr 11, 2019 at 12:18:36PM -0500, Denis Kenzior wrote:
> Hi Vitaly,
>
> On 04/11/2019 10:51 AM, Vitaly Chikunov wrote:
> > Some public key algorithms (like EC-DSA) keep in parameters field
> > important data such as digest and curve OIDs (possibly m
Eric,
On Mon, Apr 01, 2019 at 12:47:19AM +0300, Vitaly Chikunov wrote:
> On Sun, Mar 31, 2019 at 01:04:19PM -0700, Eric Biggers wrote:
> > From: Eric Biggers
> >
> > Don't cast the data buffer directly to streebog_uint512, as this
> > violates alignment rul
Eric,
On Sun, Mar 31, 2019 at 03:43:30PM -0700, Eric Biggers wrote:
> On Mon, Mar 25, 2019 at 09:00:41AM +0300, Vitaly Chikunov wrote:
> > Theodore,
> >
> > On Mon, Mar 25, 2019 at 12:45:50AM -0400, Theodore Ts'o wrote:
> > > Given the precedent that has been
Eric,
On Sun, Mar 31, 2019 at 01:04:19PM -0700, Eric Biggers wrote:
> From: Eric Biggers
>
> Don't cast the data buffer directly to streebog_uint512, as this
> violates alignment rules.
>
> Fixes: fe18957e8e87 ("crypto: streebog - add Streebog hash function"
On Tue, Mar 26, 2019 at 03:58:36PM +0300, Vitaly Chikunov wrote:
> Treat (struct public_key_signature)'s digest same as its signature (s).
> Since digest should be already in the kmalloc'd memory do not kmemdup
> digest value before calling {public,tpm}_key_verify_signature.
Theodore,
On Mon, Mar 25, 2019 at 12:45:50AM -0400, Theodore Ts'o wrote:
> Given the precedent that has been established for removing the SPECK
As far as I know Speck is removed because:
| commit 578bdaabd015b9b164842c3e8ace9802f38e7ecc
| Author: Jason A. Donenfeld
| Date: Tue Aug 7 08:22:25
ecc.c have algorithms that could be used togeter by ecdh and ecrdsa.
Make it separate module. Add CRYPTO_ECC into Kconfig. EXPORT_SYMBOL and
document to what seems appropriate. Move structs ecc_point and ecc_curve
from ecc_curve_defs.h into ecc.h.
No code changes.
Signed-off-by: Vitaly Chikunov
data is: (u32) algo OID, (u32) parameters length, parameters
data.
This does not affect current akcipher API nor RSA ciphers (they could
ignore it). Idea of appending parameters to the key stream is by Herbert
Xu.
Cc: David Howells
Cc: keyri...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
Group RSA, DH, and ECDH into Public-key cryptography config section.
Signed-off-by: Vitaly Chikunov
---
crypto/Kconfig | 48 +---
1 file changed, 25 insertions(+), 23 deletions(-)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index bbab6bf33519
ls.
- Test vectors are added and tests are passing.
- Curves/parameters definitions are split from ecrdsa.c into ecrdsa_defs.h.
- Integration with IMA in asymmetric_verify(). Userspace ima-evm-utils already
have a patch in the queue to support this. Tested on x86_64.
Vitaly Chikunov (11):
KEYS:
PKCS1 driver provides.
Cc: Giovanni Cabiddu
Cc: qat-li...@intel.com
Cc: Tom Lendacky
Cc: Gary Hook
Cc: Horia Geantă
Cc: Aymen Sghaier
Signed-off-by: Vitaly Chikunov
---
crypto/rsa-pkcs1pad.c | 4 +-
crypto/rsa.c | 109
id Howells
Cc: David Howells
Cc: keyri...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/asym_tpm.c | 10 +-
crypto/asymmetric_keys/public_key.c | 9 +
2 files changed, 2 insertions(+), 17 deletions(-)
diff --git a/crypto/asymmetric_keys/asym_tpm.c
Because with introduction of EC-RDSA and change in workings of RSA in
regard to sign/verify, akcipher could have not all callbacks defined,
check the presence of callbacks before calling them to increase
robustness.
Signed-off-by: Vitaly Chikunov
---
include/crypto/akcipher.h | 25
Allow to use EC-RDSA signatures for IMA by determining signature type by
the hash algorithm name. This works good for EC-RDSA since Streebog and
EC-RDSA should always be used together.
Cc: Mimi Zohar
Cc: Dmitry Kasatkin
Cc: linux-integr...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
Add testmgr test vectors for EC-RDSA algorithm for every of five
supported parameters (curves). Because there are no officially published
test vectors for the curves, the vectors are generated by gost-engine.
Signed-off-by: Vitaly Chikunov
---
crypto/testmgr.c | 6 +++
crypto/testmgr.h | 154
ff-by: Vitaly Chikunov
---
crypto/Kconfig| 11 +
crypto/Makefile | 8 +
crypto/asymmetric_keys/x509_cert_parser.c | 26 +-
crypto/ecc.c | 392 +-
crypto/ecc.h
p level verification only crypto_akcipher_verify() needs
to be called.
Make sure that `digest' is in kmalloc'd memory (in place of `output`) in
{public,tpm}_key_verify_signature() as insisted by Herbert Xu, and will
be changed in the following commit.
Cc: David Howells
Cc: keyri...@vg
-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/public_key.c | 16 +++-
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/crypto/asymmetric_keys/public_key.c
b/crypto/asymmetric_keys/public_key.c
index f5d85b47fcc6..c2e4e73fcf06 100644
--- a/crypto/asymmetric_keys
Herbert,
On Thu, Feb 28, 2019 at 06:37:15PM +0800, Herbert Xu wrote:
> On Thu, Feb 28, 2019 at 01:33:37PM +0300, Vitaly Chikunov wrote:
> >
> > To make the same for set_{pub,priv}_key it will require patching RSA
> > drivers anyway, since length of the key is store
ri, Feb 01, 2019 at 10:09:23AM +0300, Vitaly Chikunov wrote:
| > On Fri, Feb 01, 2019 at 02:26:55PM +0800, Herbert Xu wrote:
| > >
| > > It's not clear that sig->digest is guaranteed to be kmalloc memory.
| > > In any case, it's best not to mix unrelated changes in a si
David,
On Thu, Feb 28, 2019 at 06:18:54PM +, David Howells wrote:
> Vitaly Chikunov wrote:
>
> > + digest = kmemdup(sig->digest, sig->digest_size, GFP_KERNEL);
> > + if (!digest)
>
> You shouldn't need to copy the digest. It's being passed in
On Thu, Feb 28, 2019 at 05:01:25PM +0800, Herbert Xu wrote:
> On Thu, Feb 28, 2019 at 11:28:01AM +0300, Vitaly Chikunov wrote:
> > On Thu, Feb 28, 2019 at 03:51:41PM +0800, Herbert Xu wrote:
> > > On Thu, Feb 28, 2019 at 10:04:49AM +0300, Vitaly Chikunov wrote:
> > > &
On Thu, Feb 28, 2019 at 03:51:41PM +0800, Herbert Xu wrote:
> On Thu, Feb 28, 2019 at 10:04:49AM +0300, Vitaly Chikunov wrote:
> >
> > It seems that you insist on set_params to be removed and both key and
> > params to be passed into set_{pub,priv}_key. This means reworking
On Thu, Feb 28, 2019 at 10:04:49AM +0300, Vitaly Chikunov wrote:
> Herbert,
>
> On Thu, Feb 28, 2019 at 02:14:44PM +0800, Herbert Xu wrote:
> > On Sun, Feb 24, 2019 at 09:48:40AM +0300, Vitaly Chikunov wrote:
> > >
> > > If we pass SubjectPublicKeyInf
Herbert,
On Thu, Feb 28, 2019 at 02:14:44PM +0800, Herbert Xu wrote:
> On Sun, Feb 24, 2019 at 09:48:40AM +0300, Vitaly Chikunov wrote:
> >
> > If we pass SubjectPublicKeyInfo into set_pub_key itself (making
> > set_params not needed) we will break ABI and compatibility
On Wed, Feb 27, 2019 at 06:28:37PM -0500, Mimi Zohar wrote:
>
> On Sun, 2019-02-24 at 09:08 +0300, Vitaly Chikunov wrote:
> > Previous akcipher .verify() just `decrypts' (using RSA encrypt which is
> > using public key) signature to uncover message hash, which was then
>
Allow to use EC-RDSA signatures for IMA by determining signature type by
the hash algorithm name. This works good for EC-RDSA since Streebog and
EC-RDSA should always be used together.
Cc: Mimi Zohar
Cc: Dmitry Kasatkin
Cc: linux-integr...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
Thiago,
On Mon, Feb 25, 2019 at 06:20:49PM -0300, Thiago Jung Bauermann wrote:
> Vitaly Chikunov writes:
>
> > Allow to use EC-RDSA signatures for IMA by determining signature type by
> > the hash algorithm name. This works good for EC-RDSA since Streebog and
> > EC-RD
Herbert,
On Tue, Feb 19, 2019 at 12:37:32PM +0800, Herbert Xu wrote:
> On Sun, Feb 10, 2019 at 09:46:28PM +0300, Vitaly Chikunov wrote:
> >
> > >From the other point of view, set_params may never be called or
> > implemented. So, making it called first and move memory zer
Because with introduction of EC-RDSA and change in workings of RSA in
regard to sign/verify, akcipher could have not all callbacks defined,
check the presence of callbacks before calling them to increase
robustness.
Signed-off-by: Vitaly Chikunov
---
include/crypto/akcipher.h | 25
Add testmgr test vectors for EC-RDSA algorithm for every of five
supported parameters (curves). Because there are no officially published
test vectors for the curves, the vectors are generated by gost-engine.
Signed-off-by: Vitaly Chikunov
---
crypto/testmgr.c | 6 +++
crypto/testmgr.h | 154
driver doesn't need
parameters, it may not implement it, such as for RSA drivers.
Cc: David Howells
Cc: keyri...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/public_key.c | 13
crypto/asymmetric_keys/x509.asn1 | 2 +-
crypto/asymmetric
PKCS1 driver provides.
Cc: Giovanni Cabiddu
Cc: qat-li...@intel.com
Cc: Tom Lendacky
Cc: Gary Hook
Cc: Horia Geantă
Cc: Aymen Sghaier
Signed-off-by: Vitaly Chikunov
---
crypto/rsa-pkcs1pad.c | 4 +-
crypto/rsa.c | 109
pport this. Tested on x86_64.
---
Vitaly Chikunov (10):
KEYS: report to keyctl only actually supported key ops
crypto: akcipher - check the presence of callback before the call
crypto: rsa - unimplement sign/verify for raw RSA backends
crypto: akcipher - new verify API for public key algorithm
-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/public_key.c | 16 +++-
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/crypto/asymmetric_keys/public_key.c
b/crypto/asymmetric_keys/public_key.c
index f5d85b47fcc6..c2e4e73fcf06 100644
--- a/crypto/asymmetric_keys
ecc.c have algorithms that could be used togeter by ecdh and ecrdsa.
Make it separate module. Add CRYPTO_ECC into Kconfig. EXPORT_SYMBOL and
document to what seems appropriate. Move structs ecc_point and ecc_curve
from ecc_curve_defs.h into ecc.h.
No code changes.
Signed-off-by: Vitaly Chikunov
p level verification only crypto_akcipher_verify() needs
to be called.
Cc: David Howells
Cc: keyri...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/asym_tpm.c | 34 -
crypto/asymmetric_keys/public_key.c | 34 ---
Group RSA, DH, and ECDH into Public-key cryptography config section.
Signed-off-by: Vitaly Chikunov
---
crypto/Kconfig | 48 +---
1 file changed, 25 insertions(+), 23 deletions(-)
diff --git a/crypto/Kconfig b/crypto/Kconfig
index bbab6bf33519
Allow to use EC-RDSA signatures for IMA by determining signature type by
the hash algorithm name. This works good for EC-RDSA since Streebog and
EC-RDSA should always be used together.
Cc: Mimi Zohar
Cc: Dmitry Kasatkin
Cc: linux-integr...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
ff-by: Vitaly Chikunov
---
crypto/Kconfig| 11 +
crypto/Makefile | 8 +
crypto/asymmetric_keys/x509_cert_parser.c | 26 +-
crypto/ecc.c | 392 +-
crypto/ecc.h
On Sun, Feb 10, 2019 at 12:42:40AM +0300, Vitaly Chikunov wrote:
> On Sun, Jan 06, 2019 at 04:36:05PM +0300, Vitaly Chikunov wrote:
> > Some public key algorithms (like ECDSA) keep in parameters field
> > important data such as digest and curve OIDs (possibly more for
> > dif
On Sun, Jan 06, 2019 at 04:36:05PM +0300, Vitaly Chikunov wrote:
> Some public key algorithms (like ECDSA) keep in parameters field
> important data such as digest and curve OIDs (possibly more for
> different ECDSA variants). Thus, just setting a public key (as
> for RSA) i
Herbert,
On Fri, Feb 01, 2019 at 10:09:23AM +0300, Vitaly Chikunov wrote:
> On Fri, Feb 01, 2019 at 02:26:55PM +0800, Herbert Xu wrote:
> > On Fri, Jan 25, 2019 at 09:01:16PM +0300, Vitaly Chikunov wrote:
> > >
> > > @@ -781,36 +780,17 @@ static int tpm_key_ve
Herbert,
On Fri, Feb 01, 2019 at 02:26:55PM +0800, Herbert Xu wrote:
> On Fri, Jan 25, 2019 at 09:01:16PM +0300, Vitaly Chikunov wrote:
> >
> > @@ -781,36 +780,17 @@ static int tpm_key_verify_signature(const struct key
> > *key,
> > if (!req)
> >
ly crypto_akcipher_verify() needs
to be called.
Tested on x86_64.
Signed-off-by: Vitaly Chikunov
---
This should be applied over cryptodev tree.
Changes since v3:
- remove verify_rsa API from RSA backends.
- digest is appended to akcipher_request->src SG.
- pkcs1pad calls encrypt/decrypt for
On Fri, Jan 25, 2019 at 06:09:29PM +0800, Herbert Xu wrote:
> On Fri, Jan 18, 2019 at 11:58:46PM +0300, Vitaly Chikunov wrote:
> > Previous akcipher .verify() just `decrypts' (using RSA encrypt which is
> > using public key) signature to uncover message hash, which was then
&
p level verification only crypto_akcipher_verify() needs
to be called.
For pkcs1pad crypto_akcipher_verify_rsa() is introduced which directly
calls .verify_rsa() for its backend. Without this api PKCS1 can not be
implemented.
Tested on x86_64.
Signed-off-by: Vitaly Chikunov
---
This should be ap
David,
On Wed, Jan 16, 2019 at 09:27:19PM +0300, Vitaly Chikunov wrote:
> On Wed, Jan 16, 2019 at 05:12:20PM +, David Howells wrote:
> > Umm... What do I apply this patch to?
>
> This should go over "crypto: testmgr - split akcipher tests by a key type"
> which
David,
On Wed, Jan 16, 2019 at 05:12:20PM +, David Howells wrote:
> Umm... What do I apply this patch to?
This should go over "crypto: testmgr - split akcipher tests by a key type"
which I sent at 20190107 to linux-crypto. Sorry for the mess.
> In your modified public_key_verify_signature()
tly calls
.verify_rsa() for use by PKCS1 driver to call its backend.
Signed-off-by: Vitaly Chikunov
---
crypto/akcipher.c | 53 +++
crypto/asymmetric_keys/public_key.c | 19 +++---
crypto/rsa-pkcs1pad.c
y_vec` and `siggen_sigver_test'.
No tests were missed since there is only one sign/verify test (which
have `siggen_sigver_test' set to true) and it has a private key, but
future tests could benefit from this improvement.
Signed-off-by: Vitaly Chikunov
---
c
Stephan,
On Mon, Jan 07, 2019 at 09:31:40AM +0100, Stephan Mueller wrote:
> Am Montag, 7. Januar 2019, 09:07:10 CET schrieb Vitaly Chikunov:
>
> > > Why do you manually parse the ASN.1 structure instead of using the ASN.1
> > > parser?
> >
> > I am not su
Stephan,
On Sun, Jan 06, 2019 at 07:11:50PM +0100, Stephan Müller wrote:
> Am Sonntag, 6. Januar 2019, 14:36:08 CET schrieb Vitaly Chikunov:
>
> > Add Elliptic Curve Russian Digital Signature Algorithm (GOST R
> > 34.10-2012, RFC 7091, ISO/IEC 14888-3) is one of the Russian (
ally since they are limited to use by
EC-RDSA. (Possible by ECDH too, though.)
- Only signature verification is implemented.
Signed-off-by: Vitaly Chikunov
---
crypto/Kconfig| 63 ++--
crypto/Makefile | 5 +-
crypto/asymmetric_keys/x50
-engine generated certificates.
Vitaly Chikunov (4):
X.509: Parse public key parameters from x509 for akcipher
akcipher: Introduce verify2 for public key algorithms
KEYS: set correct flags for keyctl if encrypt is not supported
crypto: Add EC-RDSA algorithm
crypto/Kconfig
rify2() operation).
If .verify2() call is present, it should be used in place of .verify().
Signed-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/public_key.c | 57 -
include/crypto/akcipher.h | 54 +--
2 files change
Signed-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/public_key.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/crypto/asymmetric_keys/public_key.c
b/crypto/asymmetric_keys/public_key.c
index 51dc1c858c7c..382cf67f510e 100644
--- a/crypto/asymmetric_keys
) parser, which is
called multiple times, as it's used multiple times in X.509
certificate), to distinguish a public key call from a signature call.
Signed-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/public_key.c | 16 +
crypto/asymmetric_keys/x509.asn1
On Thu, Dec 13, 2018 at 06:12:33PM +0800, Herbert Xu wrote:
> Vitaly Chikunov wrote:
> > Current akcipher .verify() just decrypts signature to uncover message
> > hash, which is then verified in upper level public_key_verify_signature
> > by memcmp with the expected sign
Tudor,
On Thu, Dec 13, 2018 at 10:26:53AM +, tudor.amba...@microchip.com wrote:
>
> On 12/11/2018 06:59 PM, Vitaly Chikunov wrote:
> > Current akcipher .verify() just decrypts signature to uncover message
> > hash, which is then verified in upper level public_key_verif
rify2() operation).
If .verify2() call is present, it should be used in place of .verify().
Signed-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/public_key.c | 57 -
include/crypto/akcipher.h | 54 +--
2 files change
On Sun, Dec 09, 2018 at 04:55:48PM +0300, Vitaly Chikunov wrote:
> Some public key algorithms (like ECDSA) keep in parameters field
> important data such as digest and curve OIDs (possibly more for
> different ECDSA variants). Thus, just setting a public key (as
> for RSA) i
) parser, which is
called multiple times, as it's used multiple times in X.509
certificate), to distinguish a public key call from a signature call.
Signed-off-by: Vitaly Chikunov
---
crypto/asymmetric_keys/public_key.c | 16 +++
crypto/asymmetric_keys/x509
ature (Bernstein, D. J., & Lange,
T. (2017). Montgomery curves and the Montgomery ladder. (Cryptology
ePrint Archive; Vol. 2017/293). s.l.: IACR. Chapter 4.6.2.)
Signed-off-by: Vitaly Chikunov
Cc: kernel-harden...@lists.openwall.com
---
Changes from v1:
- No code changes, only description upda
Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986)
generic hash transformation.
Cc: linux-integr...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
---
crypto/Kconfig| 12 +
crypto/Makefile |1 +
crypto/streebog_generic.c | 1140
Add testmgr and tcrypt tests and vectors for Streebog hash function
from RFC 6986 and GOST R 34.11-2012, for HMAC-Streebog vectors are
from RFC 7836 and R 50.1.113-2016.
Cc: linux-integr...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
Acked-by: Ard Biesheuvel
---
crypto/tcrypt.c | 37
Register Streebog hash function in Hash Info arrays to let IMA use
it for its purposes.
Cc: linux-integr...@vger.kernel.org
Signed-off-by: Vitaly Chikunov
Reviewed-by: Mimi Zohar
---
crypto/hash_info.c | 4
include/crypto/hash_info.h | 1 +
include/uapi/linux/hash_info.h
all static functions names with streebog_.
Vitaly Chikunov (3):
crypto: streebog - add Streebog hash function
crypto: streebog - register Streebog in hash info for IMA
crypto: streebog - add Streebog test vectors
crypto/Kconfig | 12 +
crypto/Makefile|1
Ard,
On Mon, Nov 05, 2018 at 02:22:21PM +0100, Ard Biesheuvel wrote:
>
> > +static const struct streebog_uint512 buffer512 = { {
> > + cpu_to_le64(0x200ULL),
>
> Can we keep the memory representation in native endianness, and only
> swab the in/output [where needed]?
I hope you do not ins
Ard,
I will address your suggestions in v4. And below is my comments for a
few of them.
On Mon, Nov 05, 2018 at 02:22:21PM +0100, Ard Biesheuvel wrote:
> > +static const struct streebog_uint512 buffer512 = { {
> > + cpu_to_le64(0x200ULL),
>
> Can we keep the memory representation in native
Mimi,
On Mon, Nov 05, 2018 at 07:48:33AM -0500, Mimi Zohar wrote:
> On Sat, 2018-11-03 at 08:51 +0300, Vitaly Chikunov wrote:
> > On Wed, Oct 17, 2018 at 02:08:51PM +0800, Herbert Xu wrote:
> > > On Fri, Oct 12, 2018 at 09:41:05AM +0300, Vitaly Chikunov wrote:
> > > >
Currently used scalar multiplication algorithm (Matthieu Rivain, 2011)
have invalid values for scalar == 1, n-1, and for regularized version
n-2, which was previously not checked. Verify that they are not used as
private keys.
Signed-off-by: Vitaly Chikunov
---
crypto/ecc.c | 42
ation step
is forgotten.
Regularization step is based on micro-ecc by Kenneth MacKay.
Signed-off-by: Vitaly Chikunov
---
crypto/ecc.c | 16
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/crypto/ecc.c b/crypto/ecc.c
index 8facafd67802..adcce310f646 100644
--- a/c
Herbert,
On Wed, Oct 17, 2018 at 02:08:51PM +0800, Herbert Xu wrote:
> On Fri, Oct 12, 2018 at 09:41:05AM +0300, Vitaly Chikunov wrote:
> >
> > It is the first part of attempts to add to the Integrity subsystem
> > ability of verifying file and module signatures by Russia
Register Streebog hash function in Hash Info arrays to let IMA use
it for its purposes.
Signed-off-by: Vitaly Chikunov
---
crypto/hash_info.c | 4
include/crypto/hash_info.h | 1 +
include/uapi/linux/hash_info.h | 2 ++
3 files changed, 7 insertions(+)
diff --git a/crypto
Add testmgr and tcrypt tests and vectors for Streebog hash function
from RFC 6986 and GOST R 34.11-2012, for HMAC-Streebog vectors are
from R 50.1.113-2016.
Signed-off-by: Vitaly Chikunov
---
crypto/tcrypt.c | 35 +
crypto/testmgr.c | 24
crypto/testmgr.h | 114
Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986)
generic hash transformation.
Signed-off-by: Vitaly Chikunov
---
crypto/Kconfig| 12 +
crypto/Makefile |1 +
crypto/streebog_generic.c | 1142 +
include
and 32-bit.
Changes from v2:
- Register hash in Hash Info for use by IMA.
- Add hmac() tests.
Vitaly Chikunov (3):
crypto: streebog - add Streebog hash function
crypto: streebog - register Streebog in hash info for IMA
crypto: streebog - add Streebog test vectors
crypto/Kconfig
On Wed, Oct 10, 2018 at 03:12:51PM +0300, Vitaly Chikunov wrote:
> Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986)
> generic hash transformation.
>
> Signed-off-by: Vitaly Chikunov
> ---
> crypto/Kconfig| 12 +
> crypto/Makefile
On Wed, Oct 10, 2018 at 03:12:52PM +0300, Vitaly Chikunov wrote:
> Add testmgr and tcrypt tests and vectors for Streebog hash function
> from RFC 6986 and GOST R 34.11-2012.
>
> Signed-off-by: Vitaly Chikunov
> ---
> crypto/tcrypt.c | 27 +
>
On Fri, Oct 12, 2018 at 02:16:59PM +0800, Herbert Xu wrote:
> On Wed, Oct 10, 2018 at 03:12:50PM +0300, Vitaly Chikunov wrote:
> > Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986)
> > generic hash transformation with appropriate testmgr and tcrypt
> &
Add GOST/IETF Streebog hash function (GOST R 34.11-2012, RFC 6986)
generic hash transformation.
Signed-off-by: Vitaly Chikunov
---
crypto/Kconfig| 12 +
crypto/Makefile |1 +
crypto/streebog_generic.c | 1142 +
include
Add testmgr and tcrypt tests and vectors for Streebog hash function
from RFC 6986 and GOST R 34.11-2012.
Signed-off-by: Vitaly Chikunov
---
crypto/tcrypt.c | 27 +
crypto/testmgr.c | 12 ++
crypto/testmgr.h | 71
and 32-bit.
Vitaly Chikunov (2):
crypto: streebog - add Streebog hash function
crypto: streebog - add Streebog test vectors
crypto/Kconfig| 12 +
crypto/Makefile |1 +
crypto/streebog_generic.c | 1142 +
crypto/tcrypt.c
1 - 100 of 104 matches
Mail list logo
