Jean Delvare wrote:
> > This patch should go to David Howells
>
> Why? How could I find out?
Try "git log".
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo
Dmitry Kasatkin wrote:
> When ASYMMETRIC_KEYS=y, but depends on CRYPTO=m, selections will be also
> modules.
> In random config case OID_REGISTRY, MPILIB and ASN1 became modules producing
> build
> break. This patch removes asymmetric keys dependency from CRYPTO, but instead
> selects CRYPTO an
Dmitry Kasatkin wrote:
> When SIGNATURE=y but depends on CRYPTO=m, it selects MPILIB as module
> producing build break. This patch makes digsig to select crypto for
> correcting dependency.
I'll apply this one.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
ion for keys-next local branch)
Keyrings for linux-next
Keyrings patches
----
David Howells (34):
X.509: Add bits needed for PKCS#7
X.509: Export certificate parse and free functions
KEYS: Provide a generic instantiation function
KEYS: struct key_preparsed_payload should have two p
Stephen Rothwell wrote:
> I hate to be a pest, but this whole branch has only your signed off by
> and no indication that any of it has been reviewed/tested by anyone
> else ...
Okay, I've got at least one review for most of the patches. I'll try and get
some more, but it probably won't be till
#x27;keys-fixes' into keys-next (2014-07-22 21:55:45 +0100)
(from the branch description for keys-next local branch)
Keyrings for linux-next
Keyrings patches
--------
David Ho
from the branch description for keys-next local branch)
Keyrings for linux-next
Keyrings patches
--------
David Howells (1):
PKCS#7: Missing inclusion of linux/err.h
crypto/asymmetric_keys/pkcs7_key_type.c | 1 +
1 file changed, 1 ins
weiyj...@163.com wrote:
> From: Wei Yongjun
>
> Fixes the following sparse warnings:
>
> crypto/asymmetric_keys/pkcs7_key_type.c:73:17: warning:
> symbol 'key_type_pkcs7' was not declared. Should it be static?
>
> Signed-off-by: Wei Yongjun
Applied.
--
To unsubscribe from this list: send th
Dan Carpenter wrote:
>193if (x509->issuer)
>
> Check.
>
>194pr_debug("- issuer %s\n", x509->issuer);
Actually, x509->subject and x509->issuer are mandatory in the ASN.1 definition
and point
Arnd Bergmann wrote:
> Not sure who would be the best person to pick this patch up.
I can pick it up, but I wonder if the MPI asm bits should be distributed to
asm/mpilib.h headers rather than being in the lib/ directory.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-
comparison [-Wlogical-not-parentheses]
if (!ret == template[i].fail) {
^
By converting the 'fail' member of struct aead_testvec and struct
cipher_testvec to a bool, we can get rid of the warnings.
Signed-off-by: David Howells
---
crypto/testmgr.h |6 +++---
1 file c
ing: initialization discards 'const'
qualifier from pointer target type [-Wdiscarded-array-qualifiers]
.params = &deflate_decomp_params,
^
Fix this by making the parameters pointer const and constifying the things
that use it.
Signed-off-by: David Howells
---
cry
0x199/0x2a0
[] entry_SYSCALL_64_fastpath+0x1e/0xad
Fixes: db6c43bd2132 ("crypto: KEYS: convert public key and digsig asym to the
akcipher api")
Signed-off-by: Andrey Ryabinin
Cc:
Signed-off-by: David Howells
---
crypto/asymmetric_keys/x509_cert_parser.c |1 -
1 file changed
atch;h=6e1adb05d290aeeb1c230c763970695f4a538526
Fixes: cdec9cb5167a ("crypto: GnuPG based MPI lib - source files (part 1)")
Signed-off-by: Andrey Ryabinin
Signed-off-by: David Howells
cc: Dmitry Kasatkin
cc: linux-ima-de...@lists.sourceforge.net
cc: sta...@vger.kernel.org
---
lib/mpi/mpi-pow.c |7 ++-
Hi James,
Can you pull these patches please and pass them on to Linus? They include
the following:
(1) Fix mpi_powm()'s handling of a number with a zero exponent [CVE-2016-8650].
(2) Fix double free in X.509 error handling.
Ver #3:
- Integrate my and Andrey's patches for mpi_powm() and us
Pan Bian wrote:
> outlen = crypto_akcipher_maxsize(tfm);
> output = kmalloc(outlen, GFP_KERNEL);
> - if (!output)
> + if (!output) {
> + ret = -ENOMEM;
> goto error_free_req;
> + }
This is preferred:
+ ret = -ENOMEM;
outlen = crypt
Andy Lutomirski wrote:
> +static const char zero_pad[16] = {0};
Isn't there a global page of zeros or something that we can share? Also, you
shouldn't explicitly initialise it so that it stays in .bss.
> - sg_set_buf(&sg_out[1], pad, sizeof pad);
> + sg_set_buf(&sg_out[1], zero_pad, si
-off-by: Pan Bian
Signed-off-by: David Howells
---
crypto/asymmetric_keys/public_key.c |1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/asymmetric_keys/public_key.c
b/crypto/asymmetric_keys/public_key.c
index fd76b5fc3b3a..d3a989e718f5 100644
--- a/crypto/asymmetric_keys
buf, sizeof(buf))),
n > 0) {
ERR(BIO_write(bd, buf, n) < 0, "%s", dest_name);
}
...
Signed-off-by: Alex Yashchenko
Signed-off-by: David Howells
---
scripts/sign-file.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scri
Andy Lutomirski wrote:
> After all, rodata is ordinary memory, is backed by struct page, etc.
Is that actually true? I thought some arches excluded the kernel image from
the page struct array to make the array consume less memory.
David
--
To unsubscribe from this list: send the line "unsubscr
Andy Lutomirski wrote:
> I don't know whether you're right, but that sounds a bit silly to me.
> This is a *tiny* amount of memory.
Assuming a 1MiB kernel image in 4K pages, that gets you back a couple of pages
I think - useful if you've only got a few MiB of RAM.
David
--
To unsubscribe from t
Andy Lutomirski wrote:
> > - sg_set_buf(&sg_out[1], pad, sizeof pad);
> > + sg_set_buf(&sg_out[1], empty_zero_page, 16);
>
> My fix here is obviously bogus (I meant to use ZERO_PAGE(0)), but what
> exactly is the code trying to do? The old code makes no sense. It's
> setting the *o
Andy Lutomirski wrote:
> David, are these encrypted keys ever exported anywhere? If not, could
> the code use a mode that doesn't need padding?
ecryptfs uses them, I think.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vg
Wei Yongjun wrote:
> --- a/crypto/asymmetric_keys/public_key.c
> +++ b/crypto/asymmetric_keys/public_key.c
> @@ -184,8 +184,10 @@ static int software_key_eds_op(struct kernel_pkey_params
> *params,
> return PTR_ERR(tfm);
>
> req = akcipher_request_alloc(tfm, GFP_KERNEL);
>
Hi James,
Can you pull these and pass them on to Linus. There are two sets of
patches here:
(1) A bunch of core keyrings bug fixes from Eric Biggers.
(2) Fixing big_key to use safe crypto from Jason A. Donenfeld.
There are more patches to come from Eric, but I haven't reviewed at them
yet, s
Tudor Ambarus wrote:
> -static inline int dh_data_size(const struct dh *p)
> +static inline unsigned int dh_data_size(const struct dh *p)
> {
> return p->key_size + p->p_size + p->g_size;
> }
If this is a problem, do you need to do range checking?
David
oducer is attached
> syzkaller reproducer is attached. See https://goo.gl/kgGztJ
> for information about syzkaller reproducers
Does the attached patch fix it for you?
David
---
commit 41f31a32d918a97dba2ec589d24b52527c8f35b6
Author: David Howells
Date: Mon Nov 6 21:44:00 2017 +
as
Eric Biggers wrote:
> Hi David, you just beat me to it, but I don't think this is the best way to
> fix the problem. The length check just needs to be rewritten to not
> overflow. Also it seems there is another broken length check later in the
> function. How about this:
Okay, fair enough. D
Eric Biggers wrote:
> On a non-preemptible kernel, if KEYCTL_DH_COMPUTE is called with the
> largest permitted inputs (16384 bits), the kernel spends 10+ seconds
> doing modular exponentiation in mpi_powm() without rescheduling. If all
> threads do it, it locks up the system. Moreover, it can c
Eric Biggers wrote:
> This probably should be grouped with my series "crypto: dh - input validation
> fixes", as this is also a fix for Diffie-Hellman. I was actually expecting
> Herbert Xu to take these patches, as Diffie-Hellman is now part of the crypto
> API (crypto/dh.c); none of the patche
Hi Herbert,
Are you going to take this?
David
Eric Biggers wrote:
> In rsa_get_n(), if the buffer contained all 0's and "FIPS mode" is
> enabled, we would read one byte past the end of the buffer while
> scanning the leading zeroes. Fix it by checking 'n_sz' before '!*ptr'.
Reviewed-by: David Howells
Eric Biggers wrote:
> if (strcmp(x509->pub->pkey_algo, sinfo->sig->pkey_algo))
Can you make this strcmp(...) != 0? I know it may seem picky, but checking
strcmp() in this way kind of inverts the true/false thing.
Thanks,
David
I wonder if all -EBADMSG returns here should just print "(badoid)" into the
buffer.
David
Mat Martineau wrote:
> Since this fixes the bug for the asymmetric key type and ensures that other
> key types won't make the same mistake, I agree this is the way to fix it. I
> did not find any issues in the patch.
Can I put that down as a Reviewed-by?
David
Herbert Xu wrote:
> Applied.
Hmmm... That means that the crypto branch and the security branch are going
to conflict.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kerne
Herbert Xu wrote:
> > Hmmm... That means that the crypto branch and the security branch are going
> > to conflict.
>
> I thought you were OK with it going in now as you said that you'll
> fix it up later. Sorry for the misunderstanding. Do you want me to
> revert?
Ummm. I did say I'd take i
Herbert Xu wrote:
> > Hmmm... That means that the crypto branch and the security branch are going
> > to conflict.
>
> I thought you were OK with it going in now as you said that you'll
> fix it up later. Sorry for the misunderstanding. Do you want me to
> revert?
If you can back them out, I
Herbert Xu wrote:
> > > If you can back them out, I'll apply them to my keys-next branch. Unless
> > > James is willing to rebase security/next on top of your crypto branch?
> > >
> >
> > I don't want to rebase my tree.
>
> OK, I've just reverted the patches and pushed it out.
Thanks. Can I
Are these in a public git branch somewhere that I can just merge?
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Why didn't you put the RSA signature parsing - ie. where the OID and the other
bits are checked - into crypto/rsa.c?
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org
Tadeusz Struk wrote:
> > Why didn't you put the RSA signature parsing - ie. where the OID and the
> > other
> > bits are checked - into crypto/rsa.c?
> >
>
> Do you want to get rid of the crypto/asymmetric_keys/rsa.c completely?
> I wanted to make the conversion churn as small as possible.
> I
David Howells wrote:
> Tadeusz Struk wrote:
>
> > > Why didn't you put the RSA signature parsing - ie. where the OID and the
> > > other
> > > bits are checked - into crypto/rsa.c?
> > >
> >
> > Do you want to get rid of the crypto
Tadeusz Struk wrote:
> I wonder if this should be merged with the crypto/rsa-pkcs1pad.c template
> that we already have. Looks like the two do the same padding now.
> Should we merge then and pass the hash param as a separate template param,
> e.g the public_key would allocate "pkcs1pad(rsa, sha1
Tadeusz Struk wrote:
> > Ummm... Possibly. Is that how it's used?
> >
> > warthog>git grep pkcs1pad -- Documentation
> > warthog1>
>
> Yes, no docs. Sorry.
Can I suggest you at least stick a quick usage summary in the banner comment
at the top of the file?
> > Anyway, the problem I
Andrew Zaborowski wrote:
> AIUI Tadeusz is proposing adding the hashing as a new feature. Note
> though that the hash paremeter won't make sense for the encrypt,
> decrypt or verify operations.
The hash parameter is necessary for the verify operation. From my
perspective, I want a verify opera
Hi Michal,
I have the attached patch already in my queue.
David
---
commit d19fcb825912c67e09e0575b95accaa42899e07f
Author: David Howells
Date: Wed Feb 24 14:37:54 2016 +
X.509: Don't treat self-signed keys specially
Trust for a self-signed certificate can normally on
Tadeusz Struk wrote:
> I have converted the software_pkey to make use of the pkcs1pad
> template. The rsa.c is reverted back to what it was i.e. just
> math primitives and all padding is done in rsa-pkcs1padd.c
> software_pkey.c just allocates pksc1padd(alg,hash)
Okay, thanks - I'll take a look
Andrew Zaborowski wrote:
> Without overhauling akcipher you could modify pkcs1pad so that sign
> takes the hash as input, adds the DER struct in front of it to build
> the signature, and the verify operation could at most check that the
> DER string matches the hash type and return the hash. But
Tadeusz Struk wrote:
> + if (memcmp(sig->digest, output, sig->digest_size) ||
I've added " != 0" after the memcmp().
> + req->dst_len != sig->digest_size)
> + ret = -EBADMSG;
Btw, this has to be -EKEYREJECTED; -EBADMSG would indicate that the con
Tadeusz Struk wrote:
> + if (memcmp(sig->digest, output, sig->digest_size) ||
> + req->dst_len != sig->digest_size)
You must always do the size check first!
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to m
From: Tadeusz Struk
This adds hash param to pkcs1pad.
The pkcs1pad template can work with or without the hash.
When hash param is provided then the verify operation will
also verify the output against the known digest.
Signed-off-by: Tadeusz Struk
Signed-off-by: David Howells
---
crypto/rsa
a module in this set, but they're prerequisites for this.
David
---
David Howells (2):
akcipher: Move the RSA DER encoding check to the crypto layer
X.509: Make algo identifiers text instead of enum
Tadeusz Struk (1):
crypto: Add hash param to pkcs1pad
crypto/asymmetric_keys/
From: Tadeusz Struk
This adds hash param to pkcs1pad.
The pkcs1pad template can work with or without the hash.
When hash param is provided then the verify operation will
also verify the output against the known digest.
Signed-off-by: Tadeusz Struk
Signed-off-by: David Howells
---
crypto/rsa
Make the identifier public key and digest algorithm fields text instead of
enum.
Signed-off-by: David Howells
---
crypto/asymmetric_keys/mscode_parser.c| 14 +++---
crypto/asymmetric_keys/pkcs7_parser.c | 18 -
crypto/asymmetric_keys/pkcs7_verify.c
f the code?
Signed-off-by: David Howells
Signed-off-by: Tadeusz Struk
---
crypto/asymmetric_keys/Kconfig |7 -
crypto/asymmetric_keys/Makefile|1
crypto/asymmetric_keys/public_key.c| 104 +--
crypto/asymmetric_keys/rsa.c
Herbert Xu wrote:
> David Howells wrote:
> >
> > Here's a set of patches that change the software public key asymmetric key
> > subtype to use the RSA pkcs1pad module in the crypto layer. I've merged
> > together mine and Tadeusz's patches.
>
Colin King wrote:
> The boolean want is not initialized and hence garbage. The default should
> be false (later it is only set to true on tne sinfo->authattrs check).
>
> Found with static analysis using CoverityScan
>
> Signed-off-by: Colin Ian King
Applied.
--
To unsubscribe from this list:
next
Arnd Bergmann (1):
modsign: hide openssl output in silent builds
Codarren Velvindron (1):
v2 linux-next scripts/sign-file.c Fix LibreSSL support
Colin Ian King (1):
PKCS#7: fix unitialized boolean 'want'
David Howells (10):
KEYS: Add an
Andreas Ziegler wrote:
> As the corresponding option is gone, the select statement can safely be
> removed. Should I prepare a simple patch for that?
Please.
> I detected this by using scripts/checkkconfigsymbols on today's and
> yesterday's linux-next trees (i.e., "./scripts/checkkconfigsymbol
Andreas Ziegler wrote:
> Commit d43de6c780a8 ("akcipher: Move the RSA DER encoding check to
> the crypto layer") removed the Kconfig option PUBLIC_KEY_ALGO_RSA,
> but forgot to remove a 'select' to this option in the definition of
> INTEGRITY_ASYMMETRIC_KEYS.
>
> Let's remove the select, as it's
Tadeusz Struk wrote:
> + keyring = request_key(&key_type_asymmetric, key_name, NULL);
> +
> + err = -ENOKEY;
> + if (IS_ERR(keyring))
> + goto out;
> +
> + pkey = keyring->payload.data[asym_crypto];
NAK. This is liable to crash in future. You may not assume that you
KCS#7: Add OIDs for sha224, sha284 and sha512 hash
> algos and use them")
> Cc: # 4.2+
> Signed-off-by: Colin Ian King
Acked-by: David Howells
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.
Tadeusz Struk wrote:
> +/**
> + * asymmetric_key_verify_signature - invoke verify signature operation on a
> key
> + *of the asymmetric subtype
> + * @key: key from the system keyring
> + * @sig: signature to verify
> + *
> + * return: 0 on success or errno on fai
Hi James, Herbert,
Since the actual crypto bits (RSA) have been extracted from the asymmetric
keys code and moved to base crypto, shall I move the asymmetric_keys/ subdir
over to security/keys/?
If so, how best to do it? I'm thinking that it might be best for me to create
a git branch that effec
out about the key.
Not-yet-signed-off-by: David Howells
---
Documentation/security/keys.txt | 105 +
crypto/asymmetric_keys/pkcs7_parser.c |1
crypto/asymmetric_keys/public_key.c | 38 +++
crypto/asymmetric_keys/signature.c| 150 +
crypto
Tadeusz Struk wrote:
> > --- a/crypto/asymmetric_keys/signature.c
> > +++ b/crypto/asymmetric_keys/signature.c
>
> Since this file implements the enc/dec operations also
> should it be renamed to crypto/asymmetric_keys/public_key_ops.c
> or something similar? signature.c is a bit confusing now.
Mat Martineau wrote:
> > The interface for the active ops is a bit clunky as the syscall interface
> > doesn't provide sufficient argument space to pass everything I need to
> > specify. Some basic integer arguments are specified in a struct and more
> > complex options through a string of key=v
Here's v2 of the patch with the reported errors fixed. It's still untested by
me, however.
David
---
KEYS: Provide keyctls to do public key operations
From: David Howells
Provide keyctl functions to do public key operations (sign, verify, encrypt
and decrypt) if the target key sup
Jamie Heilman wrote:
> I usually build my kernels to require module signatures and use
> automatic signing. As of v4.6-rc1 I'm getting this on boot:
>
> Problem loading in-kernel X.509 certificate (-2)
>
> I bisected that to commit d43de6c780a84def056afaf4fb3e66bdaa1efc00
> (akcipher: Move the
> Problem loading in-kernel X.509 certificate (-2)
ENOENT? Hmmm... The only place that is generated is in the crypto layer.
That suggests missing crypto of some sort.
The attached patch enables some debugging in some relevant files if you can
try applying it to your kernel.
David
---
diff --gi
(cc'ing Tadeusz as he did the pkcs1 padding function)
Jamie Heilman wrote:
> > > Problem loading in-kernel X.509 certificate (-2)
> >
> > ENOENT? Hmmm... The only place that is generated is in the crypto layer.
> > That suggests missing crypto of some sort.
> >
> > The attached patch enables
Tadeusz Struk wrote:
> I think the problem is that pkcs1pad template needs CRYPTO_MANAGER, but
> your configuration doesn't enable CRYPTO_MANAGER. Could you try this
> please:
>
> diff --git a/crypto/Kconfig b/crypto/Kconfig
> index 93a1fdc..1d33beb 100644
> --- a/crypto/Kconfig
> +++ b/crypto/K
I've pushed a fix to #include in keyctl_pkey.c into the git
tree.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Tudor Ambarus wrote:
> A kernel taint results when loading the rsa_generic module:
>
> root@(none):~# modprobe rsa_generic
> asn1_decoder: module license 'unspecified' taints kernel.
> Disabling lock debugging due to kernel taint
>
> "Tainting" of the kernel is (usually) a way of indicating tha
Tadeusz Struk wrote:
> > (2) rsa-pkcs1pad needs to indicate what the maximum content size is, given
> > the minimum possible padding for the specified hash type (ie. a
> > particular OID).
>
> The user needs to use crypto_akcipher_maxsize(tfm) to get the required buffer
> size for a g
eyutils changes needed can be found here:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/log/?h=pkey
David
---
David Howells (8):
KEYS: Provide key type operations for asymmetric key ops
KEYS: Provide keyctls to drive the new key type ops for asymmetric ke
Provide a query function for the software public key implementation. This
permits information about such a key to be obtained using
query_asymmetric_key() or KEYCTL_PKEY_QUERY.
Signed-off-by: David Howells
---
crypto/asymmetric_keys/public_key.c | 96 ++-
1
then
need to select the appropriate crypto function to set the key.
Signed-off-by: David Howells
---
crypto/asymmetric_keys/public_key.c | 14 --
include/crypto/public_key.h |1 +
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/crypto/asymmetric
DER | \
keyctl padd asymmetric foo @s
Signed-off-by: David Howells
---
Documentation/crypto/asymmetric-keys.txt |2
crypto/asymmetric_keys/Kconfig | 10 ++
crypto/asymmetric_keys/Makefile | 13 ++
crypto/asymmetric_keys/pkcs8.asn1| 24
crypto
t;/tmp/dec
# cmp data /tmp/dec
# keyctl pkey_sign $j 0 data enc=pkcs1 hash=sha1 >/tmp/sig
# keyctl pkey_verify $j 0 data /tmp/sig enc=pkcs1 hash=sha1
#
Signed-off-by: David Howells
---
crypto/asymmetric_keys/public_key.c | 89 ++
can be used to pass a pointer to a logon key carrying a
password to unlock the key.
Signed-off-by: David Howells
---
Documentation/crypto/asymmetric-keys.txt | 31 +++-
crypto/asymmetric_keys/asymmetric_keys.h |3 +
crypto/asymmetric_keys/asymmetric_type.c | 60 ++--
crypto
. Verification returns 0 on success.
Signed-off-by: David Howells
---
Documentation/security/keys.txt | 111 +
include/uapi/linux/keyctl.h | 26 +++
security/keys/Makefile |1
security/keys/compat.c | 15 ++
security/keys/internal.h| 39
Make the X.509 and PKCS7 parsers fill in the signature encoding type field
recently added to the public_key_signature struct.
Signed-off-by: David Howells
---
crypto/asymmetric_keys/pkcs7_parser.c |1 +
crypto/asymmetric_keys/x509_cert_parser.c | 21 +
2 files
supply the data and the signature instead
and get an error value (or 0) as the only result on the expectation that
this may well be how a hardware crypto device may work.
Signed-off-by: David Howells
---
Documentation/security/keys.txt | 113 +++
include/linux/
Tadeusz Struk wrote:
> This is the same v5 version as before rebased on top of
> http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-asym-keyctl
I've just reposted this. The interface you're using should be the same, I
think, but the details underneath have changed.
A
Mat Martineau wrote:
> > + If the key must be unlocked with a password before it can be used,
> > + password_id should point to a logon-type key that holds this.
>
> It should be noted that the password_id should be 0 if no password is to be
> used.
Currently I'm just ignoring it if I d
Mat Martineau wrote:
> > + len = crypto_akcipher_maxsize(tfm);
> > + info->key_size = len * 8;
> > + info->max_data_size = len;
> > + info->max_sig_size = len;
> > + info->max_enc_size = len;
> > + info->max_dec_size = len;
>
> If len > UINT16_MAX, should UINT16_MAX be reported as th
Mat Martineau wrote:
> > # PKCS#7 message handling
>
> Update to PKCS#8
I guess I've typed PKCS#7 too many times :-)
David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel
Stephan Mueller wrote:
> With the new DH support for the key retention service, support for DH derived
> keys pops up.
>
> The implementation in security/keys/dh.c returns the DH shared secret
> straight
> to the user space caller.
>
> I implemented a KDF with that exact scenario already in
Stephan Mueller wrote:
> The KDF patches are fully tested. All that would be needed on the key
> retention side after the shared secret generation are the following calls:
>
> kdf = crypto_alloc_rng(NAME, 0, 0);
>
> crypto_rng_reset(kdf, , sizeof());
>
> crypto_rng_generate(kdf, LABEL, sizeof
Mat Martineau wrote:
> Since the KDF patches are not yet merged, I'm not sure of the best way to
> accomodate the future feature. We could future-proof KEYCTL_DH_COMPUTE by
> adding a 5th arg, an optional pointer to KDF configuration (NAME and
> LABEL).
If we want to do this, it needs to be done
Mat Martineau wrote:
> +struct keyctl_kdf_params {
> + char *name;
> + __u8 reserved[32]; /* Reserved for future use, must be 0 */
> +};
> +
> #endif /* _LINUX_KEYCTL_H */
> diff --git a/security/keys/compat.c b/security/keys/compat.c
> index c8783b3..36c80bf 100644
> --- a/security/key
ineau
Signed-off-by: Stephan Mueller
Signed-off-by: David Howells
---
Documentation/security/keys.txt |5 -
security/keys/compat.c |2 +-
security/keys/dh.c |8 +++-
security/keys/internal.h|5 +++--
security/keys/keyctl.c |4 ++
Hi James,
> Could you pass this along to Linus as soon as possible, please? This
> alters a new keyctl function added in the current merge window to allow for
> a future extension planned for the next merge window.
Is this likely to go to Linus before -rc2? If not, we'll need to do things
diffe
cryptodev so I can carry on with the removal of blkcipher.
As long as it only touches the big_key code inside keyrings, I think that's
fine.
Acked-by: David Howells
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@v
ta and the signature instead
and get an error value (or 0) as the only result on the expectation that
this may well be how a hardware crypto device may work.
Signed-off-by: David Howells
---
Documentation/security/keys.txt | 106 +++
include/linux/
/keyutils.git/log/?h=pkey
David
---
David Howells (8):
KEYS: Provide key type operations for asymmetric key ops
KEYS: Provide keyctls to drive the new key type ops for asymmetric keys
KEYS: Provide missing asymmetric key subops for new key type ops
KEYS: Make the X.509 and PKCS7 pars
t;/tmp/dec
# cmp data /tmp/dec
# keyctl pkey_sign $j 0 data enc=pkcs1 hash=sha1 >/tmp/sig
# keyctl pkey_verify $j 0 data /tmp/sig enc=pkcs1 hash=sha1
#
Signed-off-by: David Howells
---
crypto/asymmetric_keys/public_key.c | 89 ++
DER | \
keyctl padd asymmetric foo @s
Signed-off-by: David Howells
---
Documentation/crypto/asymmetric-keys.txt |2
crypto/asymmetric_keys/Kconfig | 10 ++
crypto/asymmetric_keys/Makefile | 13 ++
crypto/asymmetric_keys/pkcs8.asn1| 24
crypto
1 - 100 of 439 matches
Mail list logo
