Re: [PATCH] crypto: fix a memory leak in rsa-kcs1pad's encryption mode

On 9/17/18 3:04 PM, Dan Aloni wrote: > That's also true, but what I still don't understand is how > pkcs1pad_decrypt_complete() would be called when a higher layer calls to > *encrypt* in roughly this API call sequence: > >ak_tfm = crypto_alloc_akcipher("pkcs1pad(rsa,sha256)", 0, 0); >

Re: [PATCH] crypto: fix a memory leak in rsa-kcs1pad's encryption mode

On 9/17/18 1:28 PM, Dan Aloni wrote: > On Mon, Sep 17, 2018 at 12:52:44PM -0700, Tadeusz Struk wrote: >> On 9/17/18 10:24 AM, Dan Aloni wrote: >>> The encryption mode of pkcs1pad never uses out_sg and out_buf, so >>> there's no need to allocate the buffer, which pres

Re: [PATCH] crypto: fix a memory leak in rsa-kcs1pad's encryption mode

On 9/17/18 10:24 AM, Dan Aloni wrote: > The encryption mode of pkcs1pad never uses out_sg and out_buf, so > there's no need to allocate the buffer, which presently is not even > being freed. It is used and freed in pkcs1pad_decrypt_complete(). -- Tadeusz

Re: Problem with RSA test from testmgr

On 03/01/2017 10:21 PM, Corentin Labbe wrote: > I am finishing a patch that made testmgr test both (padded and unpadded). Even if you patch the test vectors there is no guarantee that a user of the API will always have the plain text padded. It can be anything between 1 and the key size. This

Re: Problem with RSA test from testmgr

Hi Stephan, On 03/01/2017 10:08 PM, Stephan Müller wrote: >> memset(ptextp, 0, 256); >> memcpy(ptextp + 64 - 8, ptext_ex, plen); > I actually have tested that and it did not return the data the kernel > implementation would return It did for me: Result 64 plen=8 63 1c cd 7b e1 7e e4 de

Re: Problem with RSA test from testmgr

Hi Corentin, On 03/01/2017 04:04 AM, Corentin Labbe wrote: >> I would think the issue is that the OpenSSL BIGNUM lib has some issues: when >> calculating m^e mod n, m has to be equal to the key size. The kernel's MPI >> code handles the case where m is smaller than the key size. >> >> Note, in

Re: a few questions on AF_ALG specification (AEAD, socket/connection, ...)

Hi, On 07/26/2016 04:54 AM, Stephan Mueller wrote: >> > Is it true that the key (defined via setsockopt) is common to all the >> > connections but the IV (defined through message control header) is >> > specific to each connection ? > Yes. I think that's not correct. Please define a "connection".

Re: [PATCH] crypto: rsa-pkcs1pad - Fix akcipher request allocation

wrong is that the child_req should be at the end of the structure. This is build tested only. ---8<--- From: Tadeusz Struk <tadeusz.st...@intel.com> Subject: [PATCH] crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct To allow for child request context the struct akcipher_request

Re: [PATCH v8 6/6] crypto: AF_ALG - add support for key_id

On 07/08/2016 09:38 AM, Mat Martineau wrote: > Are the inputs and outputs defined for ALG_OP_VERIFY in SET_KEY mode > going to work for hardware keys (like TPM) in SET_KEY_ID mode? That's > needed if the verify SET_KEY_ID mode is to be added later. Yes, we will just need to change the

Re: [PATCH v8 6/6] crypto: AF_ALG - add support for key_id

Hi Mat, On 07/06/2016 12:38 PM, Mat Martineau wrote: >> So it looks like the only thing that we need to return to the user in >> this case is the return code. Do you agree? > > The way verify_signature is implemented today, the only output is the > return code. For verify, maybe no read is

Re: [PATCH v8 6/6] crypto: AF_ALG - add support for key_id

Hi Mat, On 06/29/2016 11:43 AM, Mat Martineau wrote: >> +ret = verify_signature(key, ); >> +if (!ret) { >> +req->dst_len = sizeof(digest); > > I think you fixed the BUG_ON() problem but there's still an issue with > the handling of the digest. Check the use of sig->digest in >

Re: crypto: rsa - Do not gratuitously drop leading zeroes

On 06/24/2016 07:28 AM, Herbert Xu wrote: > Didn't we add mpi_read_buffer specifically for akcipher before > we switched over to SGs? If nobody is using it we should just > delete it. Yes, but now mpi_get_buffer() calls mpi_read_buffer() and it is also used by security/keys/dh.c Thanks, -- TS --

[PATCH] MAINTAINERS: update maintainer for qat

Add Giovanni and Salvatore who will take over the qat maintenance. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- MAINTAINERS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/MAINTAINERS b/MAINTAINERS index f4a9c13..5d813a3 100644 --- a/MAINTAINERS

[PATCH v8 5/6] crypto: algif_akcipher - add ops_nokey

Similar to algif_skcipher and algif_hash, algif_akcipher needs to prevent user space from using the interface in an improper way. This patch adds nokey ops handlers, which do just that. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c

[PATCH v8 3/6] crypto: AF_ALG -- add asymmetric cipher interface

n also removes the constrain on the output buffer size. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c | 531 +++ 1 file changed, 531 insertions(+) create

[PATCH v8 2/6] crypto: AF_ALG -- add setpubkey setsockopt call

From: Stephan Mueller <smuel...@chronox.de> For supporting asymmetric ciphers, user space must be able to set the public key. The patch adds a new setsockopt call for setting the public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk

[PATCH v8 6/6] crypto: AF_ALG - add support for key_id

or invoke operations defined by a given subtype, depending on the key type. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/af_alg.c | 10 ++ crypto/algif_akcipher.c | 212 ++- include/crypto/if_alg.h |1 i

[PATCH v8 4/6] crypto: algif_akcipher - enable compilation

From: Stephan Mueller <smuel...@chronox.de> Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/Kconfig |9 + crypto/Ma

[PATCH v8 1/6] crypto: AF_ALG -- add sign/verify API

From: Stephan Mueller <smuel...@chronox.de> Add the flags for handling signature generation and signature verification. Also, the patch adds the interface for setting a public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.

[PATCH v8 0/6] crypto: algif - add akcipher

compilation Tadeusz Struk (2): crypto: algif_akcipher - add ops_nokey crypto: AF_ALG - add support for key_id crypto/Kconfig |9 crypto/Makefile |1 crypto/af_alg.c | 28 + crypto/algif_akcipher.c | 878

Re: crypto: rsa - Do not gratuitously drop leading zeroes

Hi Herbert, On 06/22/2016 03:14 AM, Herbert Xu wrote: > This was prompted by the caam RSA submission where a lot of work > was done just to strip the RSA output of leading zeroes. This is > in fact completely pointless because the only user of RSA in the > kernel then promptly puts them back. >

Re: [PATCH v6 3/6] crypto: AF_ALG -- add asymmetric cipher interface

On 06/09/2016 11:36 AM, Stephan Mueller wrote: > Am Donnerstag, 9. Juni 2016, 11:27:13 schrieb Mat Martineau: > > Hi Mat, Tadeusz, > >> On Thu, 9 Jun 2016, Stephan Mueller wrote: >>> Am Donnerstag, 9. Juni 2016, 11:18:04 schrieb Mat Martineau: >>> >>> Hi Mat, >>> > Or is your concern that

Re: [PATCH v6 6/6] crypto: AF_ALG - add support for key_id

Hi Mat, On 05/25/2016 05:45 PM, Mat Martineau wrote: > > On Sat, 14 May 2016, Tadeusz Struk wrote: > >> diff --git a/crypto/algif_akcipher.c b/crypto/algif_akcipher.c >> index e00793d..6733df1 100644 >> --- a/crypto/algif_akcipher.c >> +++ b/crypto/algif_akcipher

Re: Typos and RSA

On 05/18/2016 08:57 AM, Gary R Hook wrote: > Yes, thank you. After spending more time wandering through rsa.c & > rsa_helper.c > I have come to realize that I have been laboring under a paradigm imposed by > my implementation requirements. Now that I have that cleared up, the answer to > my

Re: Typos and RSA

On 05/17/2016 03:16 PM, Stephan Mueller wrote: >> I am working on hooking up RSA functionality to the akcipher API. It appears >> > that no other code, to date, uses this API. Can anyone confirm or deny that >> > conclusion? > This is not correct. The asymmetric key API uses that code. So does the

[PATCH] crypto: qat - fix typos sizeof for ctx

The sizeof(*ctx->dec_cd) and sizeof(*ctx->enc_cd) are equal, but we should use the correct one for freeing memory anyway. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_common/qat_algs.c | 8 1 file changed, 4 insertions(+), 4 deletions(-)

Re: [PATCH v6 0/6] crypto: algif - add akcipher

On 05/14/2016 09:16 PM, Tadeusz Struk wrote: > First four patches are a resend of the v3 algif_akcipher from > Stephan Mueller, with minor changes after rebase on top of 4.6-rc1. > > The next three patches add support for keys stored in system > keyring subsystem. >

Re: [PATCH RESEND v5 6/6] crypto: AF_ALG - add support for key_id

Hi Mat, On 05/13/2016 04:32 PM, Mat Martineau wrote: > >> +params.data_len = req->src_len; >> +params.enc_len = req->dst_len; Thanks for info. I have sent an update for this. > > The params member names have changed (now in_len and out_len). >> +ret = encrypt_blob(, in, out); > >

[PATCH v6 1/6] crypto: AF_ALG -- add sign/verify API

From: Stephan Mueller <smuel...@chronox.de> Add the flags for handling signature generation and signature verification. Also, the patch adds the interface for setting a public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.

[PATCH v6 5/6] crypto: algif_akcipher - add ops_nokey

Similar to algif_skcipher and algif_hash, algif_akcipher needs to prevent user space from using the interface in an improper way. This patch adds nokey ops handlers, which do just that. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c

[PATCH v6 2/6] crypto: AF_ALG -- add setpubkey setsockopt call

From: Stephan Mueller For supporting asymmetric ciphers, user space must be able to set the public key. The patch adds a new setsockopt call for setting the public key. Signed-off-by: Stephan Mueller --- crypto/af_alg.c | 18

[PATCH v6 3/6] crypto: AF_ALG -- add asymmetric cipher interface

ed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c | 542 +++ 1 file changed, 542 insertions(+) create mode 100644 crypto/algif_akcipher.c diff --git a/crypto/algif_a

[PATCH v6 6/6] crypto: AF_ALG - add support for key_id

akcipher api or invoke operations defined by a given subtype, depending on the key type. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/af_alg.c | 10 ++ crypto/algif_akcipher.c | 207 ++- include/crypto/if

[PATCH v6 4/6] crypto: algif_akcipher - enable compilation

From: Stephan Mueller <smuel...@chronox.de> Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/Kconfig |9 + crypto/Ma

[PATCH v6 0/6] crypto: algif - add akcipher

): crypto: AF_ALG -- add sign/verify API crypto: AF_ALG -- add setpubkey setsockopt call crypto: AF_ALG -- add asymmetric cipher interface crypto: algif_akcipher - enable compilation Tadeusz Struk (2): crypto: algif_akcipher - add ops_nokey crypto: AF_ALG - add

Re: [RFC PATCH 5/8] KEYS: Provide software public key query function [ver 3]

On 05/11/2016 04:50 PM, Mat Martineau wrote: > >> +len = crypto_akcipher_maxsize(tfm); >> +info->key_size = len * 8; >> +info->max_data_size = len; >> +info->max_sig_size = len; >> +info->max_enc_size = len; >> +info->max_dec_size = len; > > If len > UINT16_MAX, should

Re: RSA/MPI handling issues and keyctl access to public key keyrings

On 05/11/2016 06:55 AM, David Howells wrote: > Tadeusz Struk <tadeusz.st...@intel.com> wrote: > >>> (2) rsa-pkcs1pad needs to indicate what the maximum content size is, given >>> the minimum possible padding for the specified hash type (ie. a >>>

Re: [PATCH] crypto: qat: remove unused vairable.

change the adf_ctl_stop_devices to void Change the adf_ctl_stop_devices to a void function. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_common/adf_ctl_drv.c | 9 +++-- 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/drivers/crypto/qat/qat_common/adf_ctl_drv.

Re: RSA/MPI handling issues and keyctl access to public key keyrings

Hi David, On 05/09/2016 02:13 AM, David Howells wrote: > Hi Tadeusz, Andrzej, > > If you look here: > > http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git > > you will see a branch labelled 'pkey'. This, so far, provides query support > through keyctl: > >

Re: pkcs1pad_verify_complete: decoding missing?

On 05/09/2016 12:24 PM, Stephan Mueller wrote: > Am Montag, 9. Mai 2016, 12:17:21 schrieb Tadeusz Struk: > > Hi Tadeusz, > >> On 05/09/2016 12:02 PM, Stephan Mueller wrote: >>> One followup: is the final memcmp() between the decrypted hash and the >>> hash o

Re: pkcs1pad_verify_complete: decoding missing?

On 05/09/2016 12:02 PM, Stephan Mueller wrote: > One followup: is the final memcmp() between the decrypted hash and the hash > of > the message implemented in the RSA verify code path? At least I do not see it > right away. It's in line #549 -- TS -- To unsubscribe from this list: send the

Re: pkcs1pad_verify_complete: decoding missing?

On 05/09/2016 11:50 AM, Stephan Mueller wrote: > I think I see my error: pkcs1pad(rsa,HASH) -- I missed the hash part that > activates the decoding. Thank you for the pointer. > > Once I completed my testing, I think I need to beef up the documentation a > bit. Right, this can work in two

Re: pkcs1pad_verify_complete: decoding missing?

Hi Strphan, On 05/09/2016 03:24 AM, Stephan Mueller wrote: > Hi, > > I am experimenting with pkcs1pad(rsa-generic) signature verify. The following > numbers shall serve as examples -- using other valid signatures, similar > results are visible. > > All signatures are correct. > > The result

[PATCH RESEND v5 3/6] crypto: AF_ALG -- add asymmetric cipher interface

ed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c | 542 +++ 1 file changed, 542 insertions(+) create mode 100644 crypto/algif_akcipher.c diff --git a/crypto/algif_a

[PATCH RESEND v5 4/6] crypto: algif_akcipher - enable compilation

From: Stephan Mueller <smuel...@chronox.de> Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/Kconfig |9 + crypto/Ma

[PATCH RESEND v5 1/6] crypto: AF_ALG -- add sign/verify API

From: Stephan Mueller <smuel...@chronox.de> Add the flags for handling signature generation and signature verification. Also, the patch adds the interface for setting a public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.

[PATCH RESEND v5 5/6] crypto: algif_akcipher - add ops_nokey

Similar to algif_skcipher and algif_hash, algif_akcipher needs to prevent user space from using the interface in an improper way. This patch adds nokey ops handlers, which do just that. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c

[PATCH RESEND v5 6/6] crypto: AF_ALG - add support for key_id

akcipher api or invoke operations defined by a given subtype, depending on the key type. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/af_alg.c | 10 ++ crypto/algif_akcipher.c | 207 ++- include/crypto/if

[PATCH RESEND v5 2/6] crypto: AF_ALG -- add setpubkey setsockopt call

From: Stephan Mueller For supporting asymmetric ciphers, user space must be able to set the public key. The patch adds a new setsockopt call for setting the public key. Signed-off-by: Stephan Mueller --- crypto/af_alg.c | 18

[PATCH RESEND v5 0/6] crypto: algif - add akcipher

-- add setpubkey setsockopt call crypto: AF_ALG -- add asymmetric cipher interface crypto: algif_akcipher - enable compilation Tadeusz Struk (2): crypto: algif_akcipher - add ops_nokey crypto: AF_ALG - add support for key_id crypto/Kconfig |9 crypto/Makefile

Re: [crypto / sparc64] cryptomgr_test OOPS

On 05/05/2016 02:50 AM, Herbert Xu wrote: > On Thu, May 05, 2016 at 12:40:18PM +0300, Anatoly Pugachev wrote: >> >> sure, based on your cryptodev git, just tried 4.3 (6a13feb , good) >> kernel in attempt to find (bisect) when RSA code break, already tested >> 4.5 (44d1b6d , bad) , 4.4 (afd2ff9 ,

Re: [crypto / sparc64] cryptomgr_test OOPS

On 05/05/2016 08:31 AM, Anatoly Pugachev wrote: > On Thu, May 5, 2016 at 6:00 PM, Tadeusz Struk <tadeusz.st...@intel.com> wrote: >> On 05/05/2016 02:40 AM, Anatoly Pugachev wrote: >>> sure, based on your cryptodev git, just tried 4.3 (6a13feb , good) >>> kernel in

Re: [crypto / sparc64] cryptomgr_test OOPS

On 05/05/2016 02:40 AM, Anatoly Pugachev wrote: > sure, based on your cryptodev git, just tried 4.3 (6a13feb , good) > kernel in attempt to find (bisect) when RSA code break, already tested > 4.5 (44d1b6d , bad) , 4.4 (afd2ff9 , bad). > Going to try your patch soon (when I'm back home). > So far

Re: [crypto / sparc64] cryptomgr_test OOPS

Hi Anatoly, On 05/04/2016 12:10 PM, Anatoly Pugachev wrote: > we're using 4.5.2 debian kernel here without this problem. I'm not > sure I would be able to bisect, never did it before, but I could > try... On 4.5.2 could you try "modprobe rsa" -- TS -- To unsubscribe from this list: send the

Re: v4.6-rc1 regression bisected, Problem loading in-kernel X.509 certificate (-2)

pkcs1pad template needs CRYPTO_MANAGER so it needs to be explicitly selected by CRYPTO_RSA. Reported-by: Jamie Heilman <ja...@audible.transient.net> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/Kco

Re: v4.6-rc1 regression bisected, Problem loading in-kernel X.509 certificate (-2)

On 05/03/2016 07:26 PM, Jamie Heilman wrote: >>> Alrighty, presumably relevant bits: >>> > > >>> > > X.509: Cert Issuer: Build time autogenerated kernel key >>> > > X.509: Cert Subject: Build time autogenerated kernel key >>> > > X.509: Cert Key Algo: rsa >>> > > X.509: Cert Valid period:

Re: v4.6-rc1 regression bisected, Problem loading in-kernel X.509 certificate (-2)

Hi Jamie, On 05/03/2016 01:35 PM, David Howells wrote: > (cc'ing Tadeusz as he did the pkcs1 padding function) > > Jamie Heilman wrote: > Problem loading in-kernel X.509 certificate (-2) >>> >>> ENOENT? Hmmm... The only place that is generated is in the

[PATCH 1/2] crypto: qat - Fix typo in comments

Fix copy and paste typo adf_isr.c Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_common/adf_isr.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/qat/qat_common/adf_isr.c b/drivers/crypto/qat/qat_common/adf_isr.c

[PATCH 2/2] crypto: qat - make adf_vf_isr.c dependant on IOV config

The adf_vf_isr.c should only be build if CONFIG_PCI_IOV is enabled Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_common/Makefile | 4 ++-- drivers/crypto/qat/qat_common/adf_common_drv.h | 14 -- 2 files changed, 14 insertions

[PATCH] crypto: qat - fix adf_ctl_drv.c:undefined reference to adf_init_pf_wq

Fix undefined reference issue reported by kbuild test robot. Reported-by: kbuild test robot <fengguang...@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_common/adf_common_drv.h | 13 +++-- 1 file changed, 11 insertions(+),

[PATCH] crypto: qat - fix invalid pf2vf_resp_wq logic

The pf2vf_resp_wq is a global so it has to be created at init and destroyed at exit, instead of per device. Cc: <sta...@vger.kernel.org> Tested-by: Suresh Marikkannu <sureshx.marikka...@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/cry

Re: [PATCH v5 6/6] crypto: AF_ALG - add support for key_id

; > url: > https://github.com/0day-ci/linux/commits/Tadeusz-Struk/crypto-algif-add-akcipher/20160416-043207 > base: > https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git > master > config: i386-allmodconfig (attached as .config) > reproduce: >

Re: [cryptodev:master 43/49] WARNING: drivers/crypto/qat/qat_common/intel_qat.o(.init.text+0x30d): Section mismatch in reference from the function init_module() to the function .exit.text:adf_exit_vf_

On 04/15/2016 12:52 PM, kbuild test robot wrote: > tree: > https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git > master > head: 5f575efea79caae69b81f922d99b221302a2c003 > commit: d6064165ba4449ea085a389724d728258a3180ec [43/49] crypto: qat - > adf_dev_stop should not

[PATCH v5 2/6] crypto: AF_ALG -- add setpubkey setsockopt call

From: Stephan Mueller <smuel...@chronox.de> For supporting asymmetric ciphers, user space must be able to set the public key. The patch adds a new setsockopt call for setting the public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk

[PATCH v5 4/6] crypto: algif_akcipher - enable compilation

From: Stephan Mueller <smuel...@chronox.de> Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/Kconfig |9 + crypto/Ma

[PATCH v5 3/6] crypto: AF_ALG -- add asymmetric cipher interface

ed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c | 542 +++ 1 file changed, 542 insertions(+) create mode 100644 crypto/algif_akcipher.c diff --git a/crypto/algif_a

[PATCH v5 1/6] crypto: AF_ALG -- add sign/verify API

From: Stephan Mueller <smuel...@chronox.de> Add the flags for handling signature generation and signature verification. Also, the patch adds the interface for setting a public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.

[PATCH v5 5/6] crypto: algif_akcipher - add ops_nokey

Similar to algif_skcipher and algif_hash, algif_akcipher needs to prevent user space from using the interface in an improper way. This patch adds nokey ops handlers, which do just that. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c

[PATCH v5 0/6] crypto: algif - add akcipher

--- Stephan Mueller (4): crypto: AF_ALG -- add sign/verify API crypto: AF_ALG -- add setpubkey setsockopt call crypto: AF_ALG -- add asymmetric cipher interface crypto: algif_akcipher - enable compilation Tadeusz Struk (2): crypto: algif_akcipher - add ops_nokey

[PATCH v5 6/6] crypto: AF_ALG - add support for key_id

or invoke operations defined by a given subtype, depending on the key type. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/af_alg.c | 10 ++ crypto/algif_akcipher.c | 207 ++- include/crypto/if_alg.h |1 i

Re: [RFC PATCH] KEYS: Provide keyctls to do public key operations

Hi David, On 04/14/2016 03:00 PM, David Howells wrote: > diff --git a/crypto/asymmetric_keys/signature.c > b/crypto/asymmetric_keys/signature.c > index 11b7ba170904..8ecbeda16b53 100644 > --- a/crypto/asymmetric_keys/signature.c > +++ b/crypto/asymmetric_keys/signature.c Since this file

[PATCH] crypto: qat - fix section mismatch warning

Subject: [PATCH] crypto: qat - fix section mismatch warning Fix Section mismatch warinig in adf_exit_vf_wq() Reported-by: kbuild test robot <fengguang...@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_common/adf_vf_isr.c | 2 +- 1 fil

[PATCH 2/3] crypto: qat - check if PF is running

Before VF sends a signal to PF it should check if PF is still running. Tested-by: Suman Bangalore Sathyanarayana <sumanx.bangalore.sathyanaray...@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_c3xxxvf/adf_drv.c | 2 ++ driver

[PATCH 3/3] crypto: qat - interrupts need to be enabled when VFs are disabled

IRQs need to be enabled when VFs go down in case some VF to PF comms happens. Tested-by: Suman Bangalore Sathyanarayana <sumanx.bangalore.sathyanaray...@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_common/adf_init.c | 3 ++- 1 fil

[PATCH 1/3] crypto: qat - move vf2pf_init and vf2pf_exit to common

The vf2pf_init and vf2pf_exit are exactly the same for all VFs so move them to common and reuse. Tested-by: Suman Bangalore Sathyanarayana <sumanx.bangalore.sathyanaray...@intel.com> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- .../crypto/qat/qat_c3xxxvf/adf_c3xxx

Re: [PATCH 0/3] crypto: af_alg - add TLS type encryption

Hi Fridolin, On 04/12/2016 04:13 AM, Fridolin Pokorny wrote: > we were experimenting with this. We have a prove of concept of a kernel > TLS type socket, so called AF_KTLS, which is based on Dave Watson's > RFC5288 patch. It handles both TLS and DTLS, unfortunately it is not > ready now to be

Re: [PATCH v4 6/7] crypto: KEYS - add generic handlers to symmetric key type

On 04/12/2016 03:10 PM, David Howells wrote: >> +/** >> > + * asymmetric_key_verify_signature - invoke verify signature operation on >> > a key >> > + * of the asymmetric subtype >> > + * @key: key from the system keyring >> > + * @sig: signature to verify >> >

[PATCH] crypto: rsa - fix dst len

The output buffer length has to be at least as big as the key_size. It is then updated to the actual output size by the implementation. Cc: <sta...@vger.kernel.org> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/rsa-pkcs1pad.c | 12 ++-- 1 file changed,

[PATCH v2] crypto: qat - adf_dev_stop should not be called in atomic context

work queue. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_common/adf_common_drv.h |2 + drivers/crypto/qat/qat_common/adf_ctl_drv.c|6 ++ drivers/crypto/qat/qat_common/adf_vf_isr.c | 59 +++- 3 files changed, 64

Re: [PATCH 0/3] crypto: af_alg - add TLS type encryption

Hi Herbert, On 04/05/2016 04:29 AM, Herbert Xu wrote: > On Sat, Mar 05, 2016 at 05:20:44PM -0800, Tadeusz Struk wrote: >> > Hi, >> > The following series adds TLS type authentication. To do this a new >> > template, encauth, is introduced. It is derived from the

Re: [PATCH] crypto: qat - adf_dev_stop should not be called in atomic context

Hi Herbert, On 03/29/2016 10:20 AM, Tadeusz Struk wrote: > VFs call adf_dev_stop() from a PF to VF interrupt bottom half. > This causes an oops "scheduling while atomic", because it tries > to aquire a mutex to unregister crypto algorithms. > This patch fixes the issue b

[PATCH v4 2/7] crypto: AF_ALG -- add setpubkey setsockopt call

From: Stephan Mueller <smuel...@chronox.de> For supporting asymmetric ciphers, user space must be able to set the public key. The patch adds a new setsockopt call for setting the public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk

[PATCH v4 6/7] crypto: KEYS - add generic handlers to symmetric key type

This adds generic sign, verify, encrypt, decrypt accessor functions to the asymmetric key type. These will be defined by asymmetric subtypes, similarly to how public_key currently defines the verify_signature function. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> ---

[PATCH v4 5/7] crypto: algif_akcipher - add ops_nokey

Similar to algif_skcipher and algif_hash, algif_akcipher needs to prevent user space from using the interface in an improper way. This patch adds nokey ops handlers, which do just that. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c

[PATCH v4 7/7] crypto: AF_ALG - add support for key_id

or invoke operations defined by a given subtype, depending on the key type. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/af_alg.c | 10 +++ crypto/algif_akcipher.c | 146 ++- include/crypto/if_alg.h |1 i

[PATCH v4 3/7] crypto: AF_ALG -- add asymmetric cipher interface

ed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c | 542 +++ 1 file changed, 542 insertions(+) create mode 100644 crypto/algif_akcipher.c diff --git a/crypto/algif_a

[PATCH v4 4/7] crypto: algif_akcipher - enable compilation

From: Stephan Mueller <smuel...@chronox.de> Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/Kconfig |9 + crypto/Ma

[PATCH v4 1/7] crypto: AF_ALG -- add sign/verify API

From: Stephan Mueller <smuel...@chronox.de> Add the flags for handling signature generation and signature verification. Also, the patch adds the interface for setting a public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.

[PATCH v4 0/7] crypto: algif - add akcipher

to base_req - dropped 3/3 --- Stephan Mueller (4): crypto: AF_ALG -- add sign/verify API crypto: AF_ALG -- add setpubkey setsockopt call crypto: AF_ALG -- add asymmetric cipher interface crypto: algif_akcipher - enable compilation Tadeusz Struk (3): crypto: algif_akcipher

Re: [PATCH v3 7/7] crypto: AF_ALG - add support for key_id

Hi David, On 03/30/2016 09:31 AM, David Howells wrote: >> +keyring = request_key(_type_asymmetric, key_name, NULL); >> > + >> > + err = -ENOKEY; >> > + if (IS_ERR(keyring)) >> > + goto out; >> > + >> > + pkey = keyring->payload.data[asym_crypto]; > NAK. This is liable to crash in

Re: [PATCH v3 7/7] crypto: AF_ALG - add support for key_id

improving the system] > > url: > https://github.com/0day-ci/linux/commits/Tadeusz-Struk/crypto-algif-add-akcipher/20160330-090754 > config: i386-randconfig-i1-03292045 (attached as .config) > reproduce: > # save the attached .config to linux build tree > make AR

[PATCH v3 3/7] crypto: AF_ALG -- add asymmetric cipher interface

ed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c | 542 +++ 1 file changed, 542 insertions(+) create mode 100644 crypto/algif_akcipher.c diff --git a/crypto/algif_a

[PATCH v3 7/7] crypto: AF_ALG - add support for key_id

crypto API functions, either the crypto_akcipher_set_priv_key or the crypto_akcipher_set_pub_key, depending on the used option. Subsequently the asymmetric key will be freed and return code returned back to the user. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/af

[PATCH v3 5/7] crypto: algif_akcipher - add ops_nokey

Similar to algif_skcipher and algif_hash, algif_akcipher needs to prevent user space from using the interface in an improper way. This patch adds nokey ops handlers, which do just that. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/algif_akcipher.c

[PATCH v3 1/7] crypto: AF_ALG -- add sign/verify API

From: Stephan Mueller <smuel...@chronox.de> Add the flags for handling signature generation and signature verification. Also, the patch adds the interface for setting a public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.

[PATCH v3 6/7] crypto: KEYS - add public_key info query

it, etc. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/asymmetric_keys/x509_cert_parser.c |1 + include/crypto/public_key.h | 31 + 2 files changed, 32 insertions(+) diff --git a/crypto/asymmetric_keys/x509_cert_parse

[PATCH v3 4/7] crypto: algif_akcipher - enable compilation

From: Stephan Mueller <smuel...@chronox.de> Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- crypto/Kconfig |9 + crypto/Ma

[PATCH v3 2/7] crypto: AF_ALG -- add setpubkey setsockopt call

From: Stephan Mueller <smuel...@chronox.de> For supporting asymmetric ciphers, user space must be able to set the public key. The patch adds a new setsockopt call for setting the public key. Signed-off-by: Stephan Mueller <smuel...@chronox.de> Signed-off-by: Tadeusz Struk

[PATCH v3 0/7] crypto: algif - add akcipher

API crypto: AF_ALG -- add setpubkey setsockopt call crypto: AF_ALG -- add asymmetric cipher interface crypto: algif_akcipher - enable compilation Tadeusz Struk (3): crypto: algif_akcipher - add ops_nokey crypto: KEYS - add public_key info query crypto: AF_ALG

[PATCH] crypto: qat - changed adf_dev_stop to void

It returns always zero anyway. Signed-off-by: Tadeusz Struk <tadeusz.st...@intel.com> --- drivers/crypto/qat/qat_c3xxx/adf_drv.c |4 +--- drivers/crypto/qat/qat_c3xxxvf/adf_drv.c |4 +--- drivers/crypto/qat/qat_c62x/adf_drv.c |4 +--- drivers/cryp

  1   2   3   4   5   6   >