covered with specific test cases.
All currently implemented DRBG types and backend ciphers are defined
in SP800-90A. Therefore, the fips_allowed flag is set for all.
Signed-off-by: Stephan Mueller
---
crypto/testmgr.c | 248 +++
1 file changed
of SHA-512.
Signed-off-by: Stephan Mueller
---
crypto/testmgr.h | 843 +++
1 file changed, 843 insertions(+)
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 3db83db..0030ff5 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -92,6
Signed-off-by: Stephan Mueller
---
crypto/Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/Makefile b/crypto/Makefile
index 38e64231..bfa94fa 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -92,6 +92,7 @@ obj-$(CONFIG_CRYPTO_842) += 842.o
obj-$(CONFIG_CRYPTO_RNG2
The different DRBG types of CTR, Hash, HMAC can be enabled or disabled
at compile time. At least one DRBG type shall be selected.
The default is the HMAC DRBG as its code base is smallest.
Signed-off-by: Stephan Mueller
---
crypto/Kconfig | 36 +++-
1 file
G type and backend cipher
* getter functions for data from struct drbg_core
Signed-off-by: Stephan Mueller
---
include/crypto/drbg.h | 291 ++
1 file changed, 291 insertions(+)
create mode 100644 include/crypto/drbg.h
diff --git a/include/crypto/drbg.h
defined in SP800-131A, the ANSI X9.31 DRNG is to be sunset by the end of
this year for official uses, including FIPS 140-2 compliance.
Additional tests including the CAVS test framework are available at [1].
[1] http://www.chronox.de/drbg.html
Stephan Mueller (6):
SP800-90A Deterministic Random
Am Mittwoch, 21. Mai 2014, 06:18:58 schrieb Stephan Mueller:
Hi,
> +/*
> + * Tests as defined in 11.3.2 in addition to the cipher tests: testing
> + * of the error handling.
> + *
> + * Note: testing of failing seed source as defined in 11.3.2 is not
> applicable + *
Am Samstag, 24. Mai 2014, 05:14:59 schrieb Herbert Xu:
Hi Herbert,
> Stephan Mueller wrote:
> > Hi,
> >
> > the following set of patches implements the deterministic random bit
> > generator (DRBG) specified by SP800-90A.
> >
> > The DRBG implementation
Am Samstag, 24. Mai 2014, 05:10:07 schrieb Herbert Xu:
Hi Herbert,
> Stephan Mueller wrote:
> > + memset(&drbg_algs[i], 0, sizeof(struct crypto_alg));
> > + if (pr) {
> > + memcpy(drbg_algs[i].cra_name, "drbg(pr(", 8);
>
The drbg.stdrng kernel command line flag allows the selection of the
DRBG used as stdrng.
Signed-off-by: Stephan Mueller
---
Documentation/kernel-parameters.txt | 10 ++
1 file changed, 10 insertions(+)
diff --git a/Documentation/kernel-parameters.txt
b/Documentation/kernel
not covered with specific test cases.
All currently implemented DRBG types and backend ciphers are defined
in SP800-90A. Therefore, the fips_allowed flag is set for all.
Signed-off-by: Stephan Mueller
---
crypto/testmgr.c | 247 +++
1 file
of SHA-512.
Signed-off-by: Stephan Mueller
---
crypto/testmgr.h | 843 +++
1 file changed, 843 insertions(+)
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 3db83db..0030ff5 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -92,6
Signed-off-by: Stephan Mueller
---
crypto/Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/Makefile b/crypto/Makefile
index 38e64231..bfa94fa 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -92,6 +92,7 @@ obj-$(CONFIG_CRYPTO_842) += 842.o
obj-$(CONFIG_CRYPTO_RNG2
The different DRBG types of CTR, Hash, HMAC can be enabled or disabled
at compile time. At least one DRBG type shall be selected.
The default is the HMAC DRBG as its code base is smallest.
Signed-off-by: Stephan Mueller
---
crypto/Kconfig | 36 +++-
1 file
G type and backend cipher
* getter functions for data from struct drbg_core
Signed-off-by: Stephan Mueller
---
include/crypto/drbg.h | 289 ++
1 file changed, 289 insertions(+)
create mode 100644 include/crypto/drbg.h
diff --git a/include/crypto/drbg.h
/kernel-parameters.txt
* rebase patch to 3.15-rc7
Stephan Mueller (7):
SP800-90A Deterministic Random Bit Generator
header file for DRBG
DRBG kernel configuration options
compile the DRBG code
DRBG testmgr test vectors
Add DRBG test code to testmgr
Add documentation of drbg.stdrng
Am Freitag, 30. Mai 2014, 17:05:48 schrieb Herbert Xu:
Hi Herbert,
> On Mon, May 26, 2014 at 07:42:57AM +0200, Stephan Mueller wrote:
> > A second aspect is the implementation of the stdrng. Currently, the
> > offered
> > patch does not include the stdrng selection. I am cur
covered with specific test cases.
All currently implemented DRBG types and backend ciphers are defined
in SP800-90A. Therefore, the fips_allowed flag is set for all.
Signed-off-by: Stephan Mueller
---
crypto/testmgr.c | 247 +++
1 file changed
of SHA-512.
Signed-off-by: Stephan Mueller
---
crypto/testmgr.h | 843 +++
1 file changed, 843 insertions(+)
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 3db83db..0030ff5 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -92,6
The different DRBG types of CTR, Hash, HMAC can be enabled or disabled
at compile time. At least one DRBG type shall be selected.
The default is the HMAC DRBG as its code base is smallest.
Signed-off-by: Stephan Mueller
---
crypto/Kconfig | 36 +++-
1 file
Signed-off-by: Stephan Mueller
---
crypto/Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/Makefile b/crypto/Makefile
index 38e64231..bfa94fa 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -92,6 +92,7 @@ obj-$(CONFIG_CRYPTO_842) += 842.o
obj-$(CONFIG_CRYPTO_RNG2
G type and backend cipher
* getter functions for data from struct drbg_core
Signed-off-by: Stephan Mueller
---
include/crypto/drbg.h | 289 ++
1 file changed, 289 insertions(+)
create mode 100644 include/crypto/drbg.h
diff --git a/include/crypto/drbg.h
FIPS mode, the DRBG is
chosen as stdrng, in non-fips mode, the krng).
Stephan Mueller (6):
SP800-90A Deterministic Random Bit Generator
header file for DRBG
DRBG kernel configuration options
compile the DRBG code
DRBG testmgr test vectors
Add DRBG test code to testmgr
crypto
Am Freitag, 6. Juni 2014, 13:59:00 schrieb Pavel Machek:
Hi Pavel,
>On Mon 2014-05-12 00:36:01, Stephan Mueller wrote:
>> Hi,
>>
>> as discussed in thread [1], an in-kernel equivalent to the blocking
>> /dev/random device behavior is suggested. This in-kernel blocki
Am Donnerstag, 26. Juni 2014, 14:45:42 schrieb Herbert Xu:
Hi Herbert,
>On Wed, Jun 25, 2014 at 05:08:28PM +0800, Herbert Xu wrote:
>> On Mon, Jun 23, 2014 at 09:11:29AM +0200, Stephan Mueller wrote:
>> > As reported by a static code analyzer, the code for the ordering of
&g
. This information is
provided with the reseed parameter to the update function.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 41 ++---
1 file changed, 22 insertions(+), 19 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 4593b3c..53ff20d
The initial format strings caused warnings on several architectures. The
updated format strings now match the variable types.
Reported-by: kbuild test robot
Reported-by: Randy Dunlap
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions
favor of an init function reporting the erroneous built of
the DRBG.
Lastly, a fix of the use use of CONFIG_CRYPTO_DRBG_HASH has been
applied.
Reported-by: kbuild test robot
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 43 +++
1 file changed, 31
robot
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 233 +++---
include/crypto/drbg.h | 7 +-
2 files changed, 128 insertions(+), 112 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 99fa8f8..6679a26 100644
--- a/crypto
Hi,
The following patches cover requested changes based on the sparse tool test
run and suggestions by peer reviewers.
In addition, a patch to make the CTR DRBG more efficient is added.
Stephan Mueller (4):
DRBG: use of kernel linked list
DRBG: cleanup of preprocessor macros
DRBG: Fix
Am Sonntag, 29. Juni 2014, 12:24:02 schrieb Stephen Rothwell:
Hi Stephen,
> Hi Stephan,
>
> On Sat, 28 Jun 2014 22:01:46 +0200 Stephan Mueller
wrote:
> > @@ -1987,8 +1987,9 @@ static int __init drbg_init(void)
> >
> > if (ARRAY_SIZE(drbg_cores)
Am Samstag, 28. Juni 2014, 20:53:19 schrieb Joe Perches:
Hi Joe,
> On Sun, 2014-06-29 at 05:46 +0200, Stephan Mueller wrote:
> > Am Sonntag, 29. Juni 2014, 12:24:02 schrieb Stephen Rothwell:
> >
> > Hi Stephen,
> >
> > > Hi Stephan,
> > >
>
Am Sonntag, 29. Juni 2014, 12:20:15 schrieb Stephen Rothwell:
Hi Stephen,
> Hi Stephan,
>
> On Sat, 28 Jun 2014 22:00:07 +0200 Stephan Mueller
wrote:
> > diff --git a/crypto/drbg.c b/crypto/drbg.c
> > index 6679a26..03a230e 100644
> > --- a/crypto/drbg.c
> >
Am Sonntag, 29. Juni 2014, 00:41:22 schrieb Randy Dunlap:
Hi Randy,
> On 06/28/14 22:07, Stephan Mueller wrote:
> > Am Sonntag, 29. Juni 2014, 12:20:15 schrieb Stephen Rothwell:
> >
> > Hi Stephen,
> >
> >> Hi Stephan,
> >>
> >&
Am Sonntag, 29. Juni 2014, 22:52:46 schrieb Fengguang Wu:
Hi Fengguang,
> Greetings,
>
> 0day kernel testing robot got the below dmesg and the first bad commit is
May I ask whether there is anything special in your kernel config?
This very bug should have been triggered already in all previous
Am Montag, 30. Juni 2014, 13:31:26 schrieb Fengguang Wu:
Hi Fengguang,
>Hi Stephan,
>
>On Sun, Jun 29, 2014 at 09:45:48PM +0200, Stephan Mueller wrote:
>> Am Sonntag, 29. Juni 2014, 22:52:46 schrieb Fengguang Wu:
>>
>> Hi Fengguang,
>>
>> > Greetings
The patch corrects the security strength of the HMAC-SHA1 DRBG to 128
bits. This strength defines the size of the seed required for the DRBG.
Thus, the patch lowers the seeding requirement from 256 bits to 128 bits
for HMAC-SHA1.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 2 +-
1 file
len to
drbg_statelen + drbg_blocklen to have sufficient space.
Reported-by: Fengguang Wu
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 86d483f..c2f02b7 100644
--- a/crypto/
additional information string implies
that now all generate functions must be capable to process a linked
list with additional information strings instead of a scalar.
CC: Rafael Aquini
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 59
++
DRBG.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 53ff20d..14495df 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1764,7 +1764,7 @@ static int drbg_kcapi_init(struct crypto_tfm *tfm
Hi,
the following fixes cover comments from code reviewers. The patch set
is an addition to the patch set offered several days ago [1].
[1] https://lkml.org/lkml/2014/6/28/497
Stephan Mueller (4):
DRBG: Select correct DRBG core for stdrng
DRBG: Mix a time stamp into DRBG state
DRBG: fix
NFIG_CRYPTO_FIPS dependent on CONFIG_MODULE_SIG, as this is
>> entirely necessary for FIPS mode.
>>
>> v2: remove extraneous blank line, perform checks in static inline
>> function, drop no longer necessary fips.h include.
>>
>> CC: Herbert Xu
>
Am Freitag, 4. Juli 2014, 11:08:10 schrieb Herbert Xu:
Hi Herbert,
> On Tue, Jul 01, 2014 at 05:08:48PM +0200, Stephan Mueller wrote:
> > For the CTR DRBG, the drbg_state->scratchpad temp buffer (i.e. the
> > memory location immediately before the drbg_state->tfm variable
&
Am Freitag, 4. Juli 2014, 11:12:35 schrieb Herbert Xu:
Hi Herbert,
> On Tue, Jul 01, 2014 at 05:08:48PM +0200, Stephan Mueller wrote:
> > For the CTR DRBG, the drbg_state->scratchpad temp buffer (i.e. the
> > memory location immediately before the drbg_state->tfm variable
&
Am Freitag, 4. Juli 2014, 09:57:20 schrieb Joe Perches:
Hi Joe,
> On Fri, 2014-07-04 at 14:21 +0300, Dan Carpenter wrote:
> > On Sat, Jun 28, 2014 at 08:53:19PM -0700, Joe Perches wrote:
> > > On Sun, 2014-06-29 at 05:46 +0200, Stephan Mueller wrote:
> > > > Am So
Am Freitag, 4. Juli 2014, 13:50:03 schrieb Dan Carpenter:
Hi Dan,
> On Wed, Jun 25, 2014 at 05:06:46PM +0800, Herbert Xu wrote:
> > On Sat, Jun 21, 2014 at 02:26:29PM +0200, Stephan Mueller wrote:
> > > The handling of additional input data / personalization string data may
>
Am Freitag, 4. Juli 2014, 22:15:41 schrieb Herbert Xu:
Hi Herbert,
> On Sun, Jun 29, 2014 at 01:37:05PM +0200, Stephan Mueller wrote:
> > When looking into the documentation and trying it I found:
> >
> > - bool choices allow me to only select one option, and only on
Am Freitag, 4. Juli 2014, 17:09:33 schrieb Joe Perches:
Hi Joe,
> On Sat, 2014-07-05 at 01:57 +0200, Stephan Mueller wrote:
> > And I also get the same output. Yet I am not sure how that code can be
> > compared to the code in the kernel.
>
> What that code shows is that
Am Freitag, 4. Juli 2014, 17:24:09 schrieb Joe Perches:
Hi Joe,
> On Sat, 2014-07-05 at 02:15 +0200, Stephan Mueller wrote:
> > Am Freitag, 4. Juli 2014, 17:09:33 schrieb Joe Perches:
> > > On Sat, 2014-07-05 at 01:57 +0200, Stephan Mueller wrote:
> > > > And I also
The patch corrects the security strength of the HMAC-SHA1 DRBG to 128
bits. This strength defines the size of the seed required for the DRBG.
Thus, the patch lowers the seeding requirement from 256 bits to 128 bits
for HMAC-SHA1.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 2 +-
1 file
additional information string implies
that now all generate functions must be capable to process a linked
list with additional information strings instead of a scalar.
CC: Rafael Aquini
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 59 ++
DRBG.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index dba5ed2..2a7860f 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1761,7 +1761,7 @@ static int drbg_kcapi_init(struct crypto_tfm *tfm
. This information is
provided with the reseed parameter to the update function.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 41 ++---
1 file changed, 22 insertions(+), 19 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index c9b4c49..dba5ed2
The initial format strings caused warnings on several architectures. The
updated format strings now match the variable types.
Reported-by: kbuild test robot
Reported-by: Randy Dunlap
CC: Joe Perches
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 4 ++--
1 file changed, 2 insertions(+), 2
The structure used to construct the module description line was marked
problematic by the sparse code analysis tool. The module line
description now does not contain any ifdefs to prevent error reports
from sparse.
Reported-by: kbuild test robot
Signed-off-by: Stephan Mueller
---
crypto/drbg.c
Hi,
This patchset superseeds the patch sets submitted with [1] and [2]. It
rebases all non-applied patches to the current Herbert Xu's
cryptodev-2.6 tree.
[1] https://lkml.org/lkml/2014/6/28/497
[2] https://lkml.org/lkml/2014/7/1/332
Stephan Mueller (6):
DRBG: cleanup of preprocessor m
Am Dienstag, 29. Juli 2014, 15:47:56 schrieb Jarod Wilson:
Hi Jarod,
>There are a few missing spaces in the error text strings for
>drbg_cavs_test, trivial fix.
Thanks a lot.
>
>CC: Stephan Mueller
>CC: Herbert Xu
>CC: "David S. Miller"
>CC: linux-crypto@vger.k
The function drbg_generate_long slices the request into 2**16 byte
or smaller chunks. However, the loop, however invokes the random number
generation function with zero bytes when the request size is a multiple
of 2**16 bytes. The fix prevents zero bytes requests.
Signed-off-by: Stephan Mueller
During creation of the DRBG shadow state, it is ensured that the DRBG
state structure is already allocated. Thus, a sanity check for verifying
that the structure is allocated is removed.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a
.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 33 -
include/crypto/drbg.h | 19 ++-
2 files changed, 6 insertions(+), 46 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index f74859d..a556180 100644
--- a/crypto/drbg.c
+++ b/crypto
The crypto_init and crypto_fini functions are always implemented. Thus,
there is no need for a protecting check.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 16 ++--
1 file changed, 6 insertions(+), 10 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 8a95ca8
When allocating V, C, the zeroization is only needed when
allocating a new instance of the DRBG, i.e. when performing an
initial seeding. For all other allocations, the memcpy implemented in
drbg_copy_drbg ensures that the memory is filled with the correct
information.
Signed-off-by: Stephan
Remove memset(0) which is not needed due to the kzalloc of the memory.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 89d732b..d13f588 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
The drbg_make_shadow function contains sanity checks which are not
needed as the function is invoked at times where it is ensured that the
checked-for variables are available.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 9 -
1 file changed, 9 deletions(-)
diff --git a/crypto
cpu_to_be kernel function together with a type cast is
used to convert an integer into its string representation. This patch
increases the speed of the DRBG by 10%.
Stephan Mueller (8):
DRBG: replace int2byte with cpu_to_be
DRBG: kzfree does not need a check for NULL pointer
DRBG: remove
not require such conversion) is about 10% faster (or requires less
computing power, respectively).
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 34 ++
1 file changed, 18 insertions(+), 16 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index ff975d9
The kzfree function already performs the NULL pointer check. Therefore,
the DRBG code does not need to implement such check.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 18 ++
1 file changed, 6 insertions(+), 12 deletions(-)
diff --git a/crypto/drbg.c b/crypto/drbg.c
Hi,
during playing around with the kernel crypto API, I implemented a performance
measurement tool kit for the various kernel crypto API cipher types. The
cryptoperf tool kit is provided in [1].
Comments are welcome.
In general, the results are as expected, i.e. the assembler implementations
Am Dienstag, 19. August 2014, 10:17:36 schrieb Jussi Kivilinna:
Hi Jussi,
> Hello,
>
> On 2014-08-17 18:55, Stephan Mueller wrote:
> > Hi,
> >
> > during playing around with the kernel crypto API, I implemented a
> > performance measurement tool kit for the
The sparse tool complained that the cpu_to_be[32|64] functions return
__be[32|64] instead of __u32 or __u64. The patch replaces the __u32 and
__u64 with __be32 and __be64.
Reported-by: kbuild test robot
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 4 ++--
1 file changed, 2 insertions
Am Dienstag, 26. August 2014, 12:03:31 schrieb Randy Dunlap:
Hi Randy,
> On 08/26/14 00:34, Stephen Rothwell wrote:
> > Hi all,
> >
> > Changes since 20140825:
> >
> > The net tree gained a build failure for which I reverted a commit.
> >
> > The mfd tree still had its build failure so I used
generation and performing hashing as well as encryption and
decryption in user space.
Signed-off-by: Stephan Mueller
---
Documentation/crypto/crypto-API-spec.txt | 2110 ++
1 file changed, 2110 insertions(+)
create mode 100644 Documentation/crypto/crypto-API-spec.txt
diff
The DRBG internal buffer addition function is replaced with crypto_inc when
a buffer is to be incremented by one.
The function drbg_add_buf is moved to the CONFIG_CRYPTO_DRBG_HASH ifdef
area as it is now only needed for the Hash DRBG.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c | 79
Am Dienstag, 14. Oktober 2014, 21:46:50 schrieb Stephan Mueller:
Hi,
> The update adds a complete interface documentation of the kernel crypto
> API. All cipher types supported by the kernel crypto API are documented.
>
> In addition, kernel and user space example code is provided
Am Mittwoch, 15. Oktober 2014, 13:58:00 schrieb Jason Cooper:
Hi Jason,
> Stephan,
>
> Wow. This is very thorough. Herbert and others will be making the
> final call on this, but if I may make a suggestion:
Thanks.
>
> On Tue, Oct 14, 2014 at 09:46:50PM +0200, Stephan Muel
kernel.org/r/7502136.9bkwhtz...@myon.chronox.de
> >
> > On Thu, Oct 16, 2014 at 09:19:08AM +0200, Stephan Mueller wrote:
> > > Am Mittwoch, 15. Oktober 2014, 13:58:00 schrieb Jason Cooper:
> > > > On Tue, Oct 14, 2014 at 09:46:50PM +0200, Stephan Mueller wrote:
> .
Am Freitag, 31. Oktober 2014, 10:09:52 schrieb Marek Vasut:
Hi Marek,
> On Friday, October 31, 2014 at 08:23:53 AM, Herbert Xu wrote:
> > On Fri, Oct 31, 2014 at 04:01:04AM +0100, Marek Vasut wrote:
> > > I can share the last state of the document I wrote. Currently,
> > > it is not possible for
The API function calls exported by the kernel crypto API for
message digests to be used by consumers are documented.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/linux/crypto.h | 117 +
1 file changed, 117 insertions(+)
diff --git
The API function calls exported by the kernel crypto API for RNGs to
be used by consumers are documented.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/crypto/rng.h | 113 +++
1 file changed, 113 insertions(+)
diff --git a/include
The API function calls exported by the kernel crypto API for SHASHes
to be used by consumers are documented.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/crypto/hash.h | 197 ++
1 file changed, 197 insertions(+)
diff --git a
The API function calls exported by the kernel crypto API for
asynchronous block ciphers to be used by consumers are documented.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/linux/crypto.h | 349 +
1 file changed, 349 insertions
The design of the kernel crypto API as well as hints to program with
the kernel crypto API are given.
The documentation contains:
* design aspects of crypto API
* develper specific hints
* references to the API function description
Signed-off-by: Stephan Mueller
CC: Marek Vasut
The API function calls exported by the kernel crypto API for AHASHes
to be used by consumers are documented.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/crypto/hash.h | 224 ++
1 file changed, 224 insertions(+)
diff --git a
The data structure of struct crypto_alg is documented for all parameters
that can be set by a developer of a transformation. All parameters that
are internal to the crypto API are marked as such.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/linux/crypto.h | 157
memset(0) to the user space example code.
* Move the API function call documentation into the header files in the hope
for a better maintainability.
* Merge the developer-related documentation from Marek Vasut
Stephan Mueller (11):
crypto: Documentation - crypto API high level spec
crypto
used as
a library is added as well.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
Documentation/crypto/crypto-API-userspace.txt | 662 ++
1 file changed, 662 insertions(+)
create mode 100644 Documentation/crypto/crypto-API-userspace.txt
diff --git a/Documentation
The API function calls exported by the kernel crypto API for
signle block ciphers to be used by consumers are documented.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/linux/crypto.h | 89 ++
1 file changed, 89 insertions(+)
diff
The API function calls exported by the kernel crypto API for
synchronous block ciphers to be used by consumers are documented.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/linux/crypto.h | 268 +
1 file changed, 268 insertions
The API function calls exported by the kernel crypto API for AEAD
ciphers to be used by consumers are documented.
Signed-off-by: Stephan Mueller
CC: Marek Vasut
---
include/linux/crypto.h | 259 +
1 file changed, 259 insertions(+)
diff --git a
Am Montag, 3. November 2014, 08:34:39 schrieb Jonathan Corbet:
Hi Jonathan,
> On Sun, 02 Nov 2014 21:35:11 +0100
>
> Stephan Mueller wrote:
> > The design of the kernel crypto API as well as hints to program with
> > the kernel crypto API are given.
>
> Cool t
The kernel module drbg.ko is currently not loaded automatically when a
DRBG is requested by a consumer. This is due to missing MODULE_ALIAS
flags for each of the implemented DRBG types.
This patch adds aliases for each of the 22 defined DRBGs.
Signed-off-by: Stephan Mueller
---
crypto/drbg.c
Hi Herbert,
I am in the process to extend algif_skcipher to support AEAD ciphers as well.
The code already works but I want to run final tests before releasing it.
In the course of the development I stumbled over the following code:
static int skcipher_sendmsg(struct kiocb *unused, struct socke
Hi,
The Linux kernel exports a Netlink interface of type AF_ALG to allow user
space to utilize the kernel crypto API.
libkcapi uses this Netlink interface and exports easy to use APIs so that
a developer does not need to consider the low-level Netlink interface
handling. Its first release is ava
Hi Herbert,
while working on the AF_ALG interface, I saw no active zeroizations of memory
that may hold sensitive data that is maintained outside the kernel crypto API
cipher handles. I think the following memory segments fall under that
category:
* message digest
* IV
Am Mittwoch, 5. November 2014, 18:15:12 schrieb Tadeusz Struk:
Hi Tadeusz,
> Hi,
>
> On 11/02/2014 12:35 PM, Stephan Mueller wrote:
> > + * type:
> > + - blkcipher for symmetric block ciphers
>
> blkcipher for synchronous block ciphers
>
> > +
Am Montag, 10. November 2014, 22:05:18 schrieb Herbert Xu:
Hi Herbert,
> On Sun, Nov 09, 2014 at 11:33:52PM +0100, Stephan Mueller wrote:
> > while working on the AF_ALG interface, I saw no active zeroizations of
> > memory that may hold sensitive data that is maintained out
Am Montag, 10. November 2014, 21:55:43 schrieb Sandy Harris:
Hi Sandy, Herbert,
> On Sun, Nov 9, 2014 at 5:33 PM, Stephan Mueller wrote:
> > while working on the AF_ALG interface, I saw no active zeroizations of
> > memory that may hold sensitive data that is maintained out
Zeroize the buffer holding the IV used for the completed
cipher operation before the buffer is released by the
skcipher AF_ALG interface handler.
Signed-off-by: Stephan Mueller
---
crypto/algif_skcipher.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/algif_skcipher.c b/crypto
Hi Herbert,
as discussed, these patches use the memzero_explicit function that is
yet to be integrated into the cryptodev-2.6 tree.
Stephan Mueller (2):
crypto: AF_ALG - zeroize message digest buffer
crypto: AF_ALG - zeroize IV buffer
crypto/algif_hash.c | 2 ++
crypto/algif_skcipher.c
Zeroize the buffer holding the message digest calculated for the
consumer before the buffer is released by the hash AF_ALG interface
handler.
Signed-off-by: Stephan Mueller
---
crypto/algif_hash.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
1 - 100 of 1554 matches
Mail list logo
