Question About Asymmetric Crypto

2009-12-09 Thread Leo Yan 
Hi, all

Sorry for that I have to ask the question once more for asymmetric crypto. 
And another question is about FIPS.

My problem is our SOC chip is the application processor, and provide the Crypto 
hardware engine with hash, symmetric crypto (aes, 3des, etc) and asymmetric 
crypto (PKCS-RSA, ECC, etc). 

We want use the Linux CryptoAPI to enable the crypto engine. But now Linux 
CryptoAPI has supported (a)hash and (a)blockcipher well, but can NOT support 
asymmetric crypto.

So question is: Does Linux CryptoAPI will be a general crypto engine 
accelerator framework for Linux platform, or just only dedicated for Linux 
Kernel?
Like the thread has discussed, 
http://osdir.com/ml/linux.kernel.cryptoapi/2007/msg00307.html,
Some guys think that nobody wants to use RSA in the kernel, but if Linux 
CryptoAPI wants support user space (As Herbert has mentioned it in the 
September's conference), then the scenario is changing.
For example, if the browsers use the OpenSSL, and OpenSSL can call the Linux 
CryptoAPI to get the HW acceleration, and eventually optimize its performance.

So I want get more clearly for this point. Any comment is appreciated. Thanks a 
lot.

 
Best Regards,
Leo Yan

 
Best Regards,
Leo Yan
 
Ext: 24880
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto/testmgr: fix uninitialized warning from gcc

2009-12-09 Thread Mike Frysinger 
Since err is not set to a value if tcount is 0, gcc issues a warning:
crypto/testmgr.c: In function ‘test_cprng’:
crypto/testmgr.c:1204: warning: ‘err’ may be used uninitialized in this function

Since this is test code, forcing initialized sanity should be fine.

Signed-off-by: Mike Frysinger vap...@gentoo.org
---
 crypto/testmgr.c |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 7620bfc..90c4254 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1214,6 +1214,7 @@ static int test_cprng(struct crypto_rng *tfm, struct 
cprng_testvec *template,
return -ENOMEM;
}
 
+   err = 0; /* sanity in case tcount is 0 */
for (i = 0; i  tcount; i++) {
memset(result, 0, 32);
 
-- 
1.6.5.5

--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] xfrm: Fix truncation length of authentication algorithms installed via PF_KEY

2009-12-09 Thread Martin Willi 
Commit 4447bb33f09444920a8f1d89e1540137429351b6 breaks installation of
authentication algorithms via PF_KEY, as the state specific truncation
length is not installed with the algorithms default truncation length.
This patch initializes state properly to the default if installed via
PF_KEY.

Signed-off-by: Martin Willi mar...@strongswan.org
---
 net/key/af_key.c |1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/net/key/af_key.c b/net/key/af_key.c
index 84209fb..76fa6fe 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -1193,6 +1193,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct 
net *net,
x-aalg-alg_key_len = key-sadb_key_bits;
memcpy(x-aalg-alg_key, key+1, keysize);
}
+   x-aalg-alg_trunc_len = a-uinfo.auth.icv_truncbits;
x-props.aalgo = sa-sadb_sa_auth;
/* x-algo.flags = sa-sadb_sa_flags; */
}
-- 
1.6.3.3

--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 3/12] crypto: Correct size given to memset

2009-12-09 Thread Julia Lawall 
From: Julia Lawall ju...@diku.dk

Memset should be given the size of the structure, not the size of the pointer.

The semantic patch that makes this change is as follows:
(http://coccinelle.lip6.fr/)

// smpl
@@
type T;
T *x;
expression E;
@@

memset(x, E, sizeof(
+ *
 x))
// /smpl

Signed-off-by: Julia Lawall ju...@diku.dk

---
 crypto/gf128mul.c |4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff -u -p a/crypto/gf128mul.c b/crypto/gf128mul.c
--- a/crypto/gf128mul.c
+++ b/crypto/gf128mul.c
@@ -182,7 +182,7 @@ void gf128mul_lle(be128 *r, const be128 
for (i = 0; i  7; ++i)
gf128mul_x_lle(p[i + 1], p[i]);
 
-   memset(r, 0, sizeof(r));
+   memset(r, 0, sizeof(*r));
for (i = 0;;) {
u8 ch = ((u8 *)b)[15 - i];
 
@@ -220,7 +220,7 @@ void gf128mul_bbe(be128 *r, const be128 
for (i = 0; i  7; ++i)
gf128mul_x_bbe(p[i + 1], p[i]);
 
-   memset(r, 0, sizeof(r));
+   memset(r, 0, sizeof(*r));
for (i = 0;;) {
u8 ch = ((u8 *)b)[i];
 
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html