Re: [PATCH v8 0/4] crypto: add algif_akcipher user space API

Hi, Marcel, On 08/30/2017 10:21 AM, Marcel Holtmann wrote: you still need to get the public key out of the kernel if you want to use it from user space. Or feed the remote public key if you plan to use some sort of key derivation function. The crypto hardware that I'm working on, generates

Re: [PATCH v8 0/4] crypto: add algif_akcipher user space API

7 04:17 PM, Tudor Ambarus wrote: Hi, all, On 08/11/2017 07:05 PM, Marcel Holtmann wrote: Hi Stephan, AF_ALG is best suited for crypto use cases where a socket is set up once and there are lots of reads and writes to justify the setup cost. With asymmetric crypto, the setup cost is high when

Re: [PATCH 7/8] crypto: ecdh - constify key

/crypto/ecdh.h @@ -40,7 +40,7 @@ */ struct ecdh { unsigned short curve_id; - char *key; + const char *key; unsigned short key_size; }; I just came across this and remembered that Stephan already made a patch, so: Acked-by: Tudor Ambarus

Re: [PATCH 0/6] Add support for ECDSA algorithm

Hi, Sandy, On 08/22/2017 08:22 PM, Sandy Harris wrote: On Tue, Aug 22, 2017 at 12:14 PM, Tudor Ambarus wrote: Hi, Herbert, On 02/02/2017 03:57 PM, Herbert Xu wrote: Yes but RSA had an in-kernel user in the form of module signature verification. We don't add algorithms to the k

Re: Re: [PATCH 0/6] Add support for ECDSA algorithm

Hi, Herbert, On 02/02/2017 03:57 PM, Herbert Xu wrote: Yes but RSA had an in-kernel user in the form of module signature verification. We don't add algorithms to the kernel without actual users. So this patch-set needs to come with an actual in-kernel user of ECDSA. ECDSA can be used by the

Re: [PATCH v8 3/4] crypto: AF_ALG -- add asymmetric cipher

On 08/21/2017 11:55 AM, Tudor Ambarus wrote: Hi, Stephan, +static int akcipher_setprivkey(void *private, const u8 *key, + unsigned int keylen) +{ +struct akcipher_tfm *tfm = private; +struct crypto_akcipher *akcipher = tfm->akcipher; +int err; + +

Re: [PATCH v8 3/4] crypto: AF_ALG -- add asymmetric cipher

Hi, Stephan, +static int akcipher_setprivkey(void *private, const u8 *key, + unsigned int keylen) +{ + struct akcipher_tfm *tfm = private; + struct crypto_akcipher *akcipher = tfm->akcipher; + int err; + + err = crypto_akcipher_set_priv_key(ak

Re: [PATCH v8 0/4] crypto: add algif_akcipher user space API

Hi, all, On 08/11/2017 07:05 PM, Marcel Holtmann wrote: Hi Stephan, AF_ALG is best suited for crypto use cases where a socket is set up once and there are lots of reads and writes to justify the setup cost. With asymmetric crypto, the setup cost is high when you might only use the socket for a

Re: [PATCH v8 4/4] crypto: algif_akcipher - enable compilation

Hi, Stephan, On 08/10/2017 09:40 AM, Stephan Müller wrote: Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller --- crypto/Kconfig | 9 + crypto/Makefile | 1 + 2 files changed, 10 insertions(+) Any reason why you keep this p

Re: [PATCH v8 3/4] crypto: AF_ALG -- add asymmetric cipher

Hi, Stephan, On 08/10/2017 09:40 AM, Stephan Müller wrote: This patch adds the user space interface for asymmetric ciphers. The interface allows the use of sendmsg as well as vmsplice to provide data. The akcipher interface implementation uses the common AF_ALG interface code regarding TX and R

Re: [PATCH v8 1/4] crypto: AF_ALG -- add sign/verify API

On 08/10/2017 04:03 PM, Stephan Mueller wrote: Is there a style requirement for that? checkpatch.pl does not complain. I thought that one liners in a conditional should not have braces? Linux coding style requires braces in both branches when you have a branch with a statement and the other w

Re: [PATCH v8 1/4] crypto: AF_ALG -- add sign/verify API

Hi, Stephan, On 08/10/2017 09:39 AM, Stephan Müller wrote: Add the flags for handling signature generation and signature verification. The af_alg helper code as well as the algif_skcipher and algif_aead code must be changed from a boolean indicating the cipher operation to an integer because th

Re: KPP questions and confusion

Hi, Marcel, Kyle, On 07/17/2017 09:17 PM, Marcel Holtmann wrote: Hi Kyle, I am confused about several things in the new key agreement code. net/bluetooth/smp.c in two places generates random bytes for the private_key argument to net/bluetooth/ecdh_helper.c:generate_ecdh_keys, which suggests t

[PATCH] crypto: atmel-ecc: fix signed integer to u8 assignment

er Signed-off-by: Tudor Ambarus --- drivers/crypto/atmel-ecc.c | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/atmel-ecc.c b/drivers/crypto/atmel-ecc.c index 66ab1021..647a994 100644 --- a/drivers/crypto/atmel-ecc.c +++ b/drivers/crypto/atmel-ecc.

[PATCH] crypto: ecdh: fix concurrency on shared secret and pubkey

-request dynamically allocated shared secret and public key. Signed-off-by: Tudor Ambarus --- crypto/ecdh.c | 51 +-- 1 file changed, 33 insertions(+), 18 deletions(-) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 61c7708..4271fc7 100644 --- a/crypto

Re: [PATCH] Crypto: atmel-ecc: Make a couple of local functions static

7; was not declared. Should it be static? symbol 'atmel_ecc_i2c_client_free' was not declared. Should it be static? Signed-off-by: Colin Ian King Acked-by: Tudor Ambarus Thanks, ta

Re: [v3 RFC PATCH 2/2] crypto: ecc: use caller's GFP flags

Hi, Herbert, On 07/18/2017 08:52 AM, Herbert Xu wrote: On Wed, Jun 28, 2017 at 05:08:36PM +0300, Tudor Ambarus wrote: Using GFP_KERNEL when allocating data and implicitly assuming that we can sleep was wrong because the caller could be in atomic context. Let the caller decide whether sleeping

Re: [v3 RFC PATCH 1/2] crypto: ecdh: fix concurrency on ecdh_ctx

Hi, Herbert, On 07/18/2017 08:50 AM, Herbert Xu wrote: On Wed, Jun 28, 2017 at 05:08:35PM +0300, Tudor Ambarus wrote: ecdh_ctx contained static allocated data for the shared secret, for the public and private key. When talking about shared secret and public key, they were doomed to

Re: [PATCH 0/3] crypto: introduce Microchip / Atmel ECC driver

Hi, Marcel, On 05.07.2017 13:54, Marcel Holtmann wrote: Hi Tudor, This patch set introduces Microchip / Atmel ECC driver. The first patch adds some helpers that will be used by fallbacks to kpp software implementations. The second patch adds ECDH support for the ATECC508A (I2C) cryptographic

[PATCH 2/3] crypto: introduce Microchip / Atmel ECC driver

ensure that the private key can never be known outside of the device. If the user wants to use its own private keys, the driver will fallback to the ecdh software implementation. Signed-off-by: Tudor Ambarus --- .../devicetree/bindings/crypto/atmel-crypto.txt| 13 + drivers/crypto/Kconfig

[PATCH 0/3] crypto: introduce Microchip / Atmel ECC driver

never be known outside of the device. If the user wants to use its own private keys, the driver will fallback to the ecdh software implementation. Tudor Ambarus (3): crypto: kpp: add get/set_flags helpers crypto: introduce Microchip / Atmel ECC driver MAINTAINERS: add a maintainer for

[PATCH 3/3] MAINTAINERS: add a maintainer for Microchip / Atmel ECC driver

A new cryptographic engine driver was added in drivers/crypto/atmel-ecc.*. Add myself as a maintainer for this driver. Signed-off-by: Tudor Ambarus --- MAINTAINERS | 6 ++ 1 file changed, 6 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index a24eb8c..d55b983 100644 --- a/MAINTAINERS

[PATCH 1/3] crypto: kpp: add get/set_flags helpers

These helpers will be used for fallbacks to kpp software implementations. Signed-off-by: Tudor Ambarus --- include/crypto/kpp.h | 10 ++ 1 file changed, 10 insertions(+) diff --git a/include/crypto/kpp.h b/include/crypto/kpp.h index 2133d17..1bde0a6 100644 --- a/include/crypto/kpp.h

Re: wait in atomic context for an i2c crypto device to finish its execution

On 29.06.2017 13:12, Gilad Ben-Yossef wrote: Perhaps I missed something but it sounds like a classic case to use a work queue: Makes sense, thanks! ta

wait in atomic context for an i2c crypto device to finish its execution

Hi, Herbert, all, I need an advice. I'm writing a driver for a crypto device that communicates over I2C. Reads and writes from/to the i2c device are sequential, I use a lock to synchronize the requests. There are no interrupts for the i2c client. Each request has to send a command, to wait for a

[v3 RFC PATCH 0/2] crypto: ecdh, ecc fixes

user decide if sleeping is permitted - kmalloc instead of kzalloc for the private key - add "crypto: ecc: use caller's GFP flags" patch v1 can be found at: http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg26149.html Tudor Ambarus (2): crypto: ecdh: fix concurre

[v3 RFC PATCH 1/2] crypto: ecdh: fix concurrency on ecdh_ctx

this, the private key will always point to a valid key, but to what setkey call it belongs, is the responsibility of the caller, as it is now in all crypto framework. Signed-off-by: Tudor Ambarus --- crypto/ecc.h | 2 -- crypto/ecdh.c | 96

[v3 RFC PATCH 2/2] crypto: ecc: use caller's GFP flags

: Tudor Ambarus --- crypto/ecc.c | 22 +++--- crypto/ecc.h | 6 -- crypto/ecdh.c | 4 ++-- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index 633a9bc..9501a56 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -52,14 +52,14

[v2 RFC PATCH 1/2] crypto: ecdh: fix concurrency on ecdh_ctx

From: Tudor Ambarus ecdh_ctx contained static allocated data for the shared secret, for the public and private key. When talking about shared secret and public key, they were doomed to concurrency issues because they could be shared by multiple crypto requests. The requests were generating

[v2 RFC PATCH 2/2] crypto: ecc: use caller's GFP flags

: Tudor Ambarus --- crypto/ecc.c | 22 +++--- crypto/ecc.h | 6 -- crypto/ecdh.c | 4 ++-- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index 633a9bc..9501a56 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -52,14 +52,14

[v2 RFC PATCH 0/2] crypto: ecdh, ecc fixes

for the private key - add "crypto: ecc: use caller's GFP flags" patch v1 can be found at: http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg26149.html Tudor Ambarus (2): crypto: ecdh: fix concurrency on ecdh_ctx crypto: ecc: use caller's GFP flags

Re: [RFC PATCH] crypto: ecdh: fix concurrency on ecdh_ctx

Hi, On 22.06.2017 14:03, Tudor Ambarus wrote: ecdh_ctx contained static allocated data for the shared secret, for the public and private key. When talking about shared secret and public key, they were doomed to concurrency issues because they could be shared by multiple crypto requests. The

[RFC PATCH] crypto: ecdh: fix concurrency on ecdh_ctx

this, the private key will always point to a valid key, but to what setkey call it belongs, is the responsibility of the caller, as it is now in all crypto framework. Signed-off-by: Tudor Ambarus --- crypto/ecc.h | 2 -- crypto/ecdh.c | 93

[PATCH] crypto: vmx: remove unnecessary check

You can't reach init() if parent alg_name is invalid. Moreover, cypto_alloc_base() will return ENOENT if alg_name is NULL. Found while grasping the fallback mechanism. Signed-off-by: Tudor Ambarus --- drivers/crypto/vmx/aes.c | 7 +-- drivers/crypto/vmx/aes_cbc.c | 7 +-- dr

Re: [cryptodev:master 62/75] crypto/rsa-pkcs1pad.c:680:21: error: assignment from incompatible pointer type

Hi, Herbert, Sorry, I thought that is better to make a patch for each driver. Bisectibility is affected because I changed the declaration of max_size function to return an unsigned int instead of an int, but I updated each driver that uses this function in a different patch. Bisectibility will

Re: [PATCH v3 1/2] crypto: ecdh - add privkey generation support

Hi, Stephan, On 30.05.2017 18:10, Stephan Müller wrote: Am Dienstag, 30. Mai 2017, 16:52:48 CEST schrieb Tudor Ambarus: Hi Tudor, + if (!params.key || !params.key_size) + return ecc_gen_privkey(ctx->curve_id, ctx->ndigits, +

[PATCH v3 2/2] crypto: testmgr - add genkey kpp test

opied from the previous test vector. Signed-off-by: Tudor Ambarus --- crypto/testmgr.c | 76 crypto/testmgr.h | 47 +++ 2 files changed, 112 insertions(+), 11 deletions(-) diff --git a/crypto/testmgr.c b/c

[PATCH v3 1/2] crypto: ecdh - add privkey generation support

kernel will generate it and further use it for ecdh. Move ecdh's object files below drbg's. drbg must be present in the kernel at the time of calling. Signed-off-by: Tudor Ambarus --- crypto/Kconfig | 1 + crypto/Makefile | 9 + crypto/ecc

[PATCH v3 0/2] crypto: ecdh - add privkey generation support

g/msg25193.html Tudor Ambarus (2): crypto: ecdh - add privkey generation support crypto: testmgr - add genkey kpp test crypto/Kconfig | 1 + crypto/Makefile | 9 --- crypto/ecc.c | 56 + crypto/ecc.h | 14 +++ crypto/ecdh.c|

[PATCH v5 04/14] crypto: ecc - rename ecdh_make_pub_key()

Rename ecdh_make_pub_key() to ecc_make_pub_key(). ecdh_make_pub_key() is not dh specific and the reference to dh is wrong. Signed-off-by: Tudor Ambarus --- v5 updates the description of the function by replacing "ecdh_make_pub_key()" with "ecc_make_pub_key()". I also update

Re: [PATCH v4 04/14] crypto: ecc - don't be selfish on pubkeys

Hi, Horia, On 28.05.2017 20:22, Horia Geantă wrote: On 5/25/2017 10:18 AM, Tudor Ambarus wrote: Rename ecdh_make_pub_key() to ecc_make_pub_key(). This function might as well be used by ecdsa. Where exactly is ecdsa used in the kernel? https://www.mail-archive.com/linux-crypto@vger.kernel.org

Re: [RFC PATCH v2 1/4] crypto: ecc - add privkey generation support

Hi, Stephan, On 29.05.2017 12:56, Stephan Müller wrote: Am Montag, 29. Mai 2017, 11:47:48 CEST schrieb Tudor Ambarus: Hi Tudor, Hm, there should be no blocking for the DRBG to initialize. What happens if you compile that as a module and insmod it at runtime? We will have a nop: #ifdef

Re: [RFC PATCH v2 1/4] crypto: ecc - add privkey generation support

Hi, Stephan, On 29.05.2017 12:23, Stephan Müller wrote: Am Montag, 29. Mai 2017, 11:08:38 CEST schrieb Tudor Ambarus: Hi Tudor, + unsigned int nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT; + + get_random_bytes(priv, nbytes); Can you please use crypto_get_defau

Re: [RFC PATCH v2 1/4] crypto: ecc - add privkey generation support

Hi, Stephan, Thank you for the review. Please see inline. On 28.05.2017 21:44, Stephan Müller wrote: Am Mittwoch, 17. Mai 2017, 17:26:50 CEST schrieb Tudor Ambarus: Hi Tudor, Add support for generating ecc private keys. Generation of ecc private keys is helpful in a user-space to kernel

Re: [RFC PATCH v2 4/4] crypto: testmgr - add genkey kpp test

On 17.05.2017 18:26, Tudor Ambarus wrote: The test considers a party that already has a private-public key pair and a party that provides a NULL key. The kernel will generate the private-public key pair for the latter, computes the shared secret on both ends and verifies it it's the same.

[PATCH v4 12/14] crypto: caampkc - comply with crypto_akcipher_maxsize()

crypto_akcipher_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. Signed-off-by: Tudor Ambarus --- drivers/crypto/caam/caampkc.c | 5 ++--- 1 file changed, 2 insertions(+), 3

[PATCH v4 11/14] crypto: rsa - comply with crypto_akcipher_maxsize()

crypto_akcipher_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. Signed-off-by: Tudor Ambarus --- crypto/rsa.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff

[PATCH v4 13/14] crypto: qat - comply with crypto_akcipher_maxsize()

crypto_akcipher_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. Signed-off-by: Tudor Ambarus --- drivers/crypto/qat/qat_common/qat_asym_algs.c | 4 ++-- 1 file changed, 2

[PATCH v4 14/14] crypto: pkcs1pad - comply with crypto_akcipher_maxsize()

crypto_akcipher_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. crypto_akcipher_maxsize() now returns an unsigned int. Remove the unnecessary check. Signed-off-by: Tudor

[PATCH v4 01/14] crypto: kpp, (ec)dh - fix typos

While here, add missing argument description (ndigits). Signed-off-by: Tudor Ambarus --- crypto/dh.c | 4 ++-- crypto/dh_helper.c| 4 ++-- crypto/ecc.h | 8 +--- crypto/ecdh.c | 4 ++-- crypto/ecdh_helper.c | 4 ++-- include/crypto/dh.h | 4 ++-- include

[PATCH v4 09/14] crypto: qat - comply with crypto_kpp_maxsize()

crypto_kpp_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. Signed-off-by: Tudor Ambarus --- drivers/crypto/qat/qat_common/qat_asym_algs.c | 4 ++-- 1 file changed, 2

[PATCH v4 08/14] crypto: ecdh - comply with crypto_kpp_maxsize()

crypto_kpp_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. nbytes has no sense now, remove it and directly return the maxsize. Signed-off-by: Tudor Ambarus --- crypto

[PATCH v4 05/14] crypto: dh - fix memleak in setkey

setkey can be called multiple times during the existence of the transformation object. In case of multiple setkey calls, the old key was not freed and we leaked memory. Free the old MPI key if any. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 3 +++ 1 file changed, 3 insertions(+) diff --git

[PATCH v4 02/14] crypto: ecc - remove unused function arguments

Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 8 +++- crypto/ecc.h | 13 +++-- crypto/ecdh.c | 11 +-- 3 files changed, 11 insertions(+), 21 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index 414c78a..69b4cc4 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c

[PATCH v4 03/14] crypto: ecc - remove unnecessary casts

ecc software implementation works with chunks of u64 data. There were some unnecessary casts to u8 and then back to u64 for the ecc keys. This patch removes the unnecessary casts. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 28 +--- crypto/ecc.h | 8

[PATCH v4 07/14] crypto: dh - comply with crypto_kpp_maxsize()

crypto_kpp_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a

[PATCH v4 04/14] crypto: ecc - don't be selfish on pubkeys

Rename ecdh_make_pub_key() to ecc_make_pub_key(). This function might as well be used by ecdsa. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 4 ++-- crypto/ecc.h | 4 ++-- crypto/ecdh.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c

[PATCH v4 06/14] crypto: kpp: maxsize() - assume key is already set

this function is called after a successful setkey of the transformation. kpp algorithm implementations will remove the check if key is not NULL and directly return the max size. Signed-off-by: Tudor Ambarus --- include/crypto/kpp.h | 11 ++- 1 file changed, 6 insertions(+), 5 deletions

[PATCH v4 10/14] crypto: akcipher: maxsize() - assume key is already set

assume that this function is called after a successful setkey of the transformation. akcipher algorithm implementations will remove the check if key is not NULL and directly return the max size. Signed-off-by: Tudor Ambarus --- include/crypto/akcipher.h | 11 ++- 1 file changed, 6 insertions

[PATCH v4 00/14] fixes for kpp and akcipher

Hi, These are various fixes that I made while reading kpp and akcipher implementations. Changes in v4: - assume key is already set when calling crypto_akcipher/kpp_maxsize() v3 can be found at: http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg25312.html Tudor Ambarus (14): crypto

[PATCH v3 09/11] crypto: KEYS: check err on akcipher maxsize

crypto_akcipher_maxsize() returns minimum length for output buffer or error code if key hasn't been set. Check for error before allocating memory. Signed-off-by: Tudor Ambarus --- crypto/asymmetric_keys/public_key.c | 5 + 1 file changed, 5 insertions(+) diff --git a/crypto/asymmetric

[PATCH v3 11/11] crypto: dh - fix memleak in setkey

setkey can be called multiple times during the existence of the transformation object. In case of multiple setkey calls, the old key was not freed and we leaked memory. Free the old MPI key if any. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 3 +++ 1 file changed, 3 insertions(+) diff --git

[PATCH v3 10/11] crypto: ecc - don't be selfish on pubkeys

Rename ecdh_make_pub_key() to ecc_make_pub_key(). This function might as well be used by ecdsa. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 4 ++-- crypto/ecc.h | 4 ++-- crypto/ecdh.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c

[PATCH v3 08/11] crypto: testmgr - check err on akcipher maxsize

crypto_akcipher_maxsize() returns minimum length for output buffer or error code if key hasn't been set. Check for error before allocating memory. Signed-off-by: Tudor Ambarus --- crypto/testmgr.c | 5 + 1 file changed, 5 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c

[PATCH v3 07/11] crypto: testmgr - check err on kpp maxsize

crypto_kpp_maxsize() returns minimum length for output buffer or error code if key hasn't been set. Check for error before allocating memory. Signed-off-by: Tudor Ambarus --- crypto/testmgr.c | 5 + 1 file changed, 5 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c

[PATCH v3 00/11] fixes for ecc, ec(dh), rsa & testmgr

om/linux-crypto@vger.kernel.org/msg25139.html Tudor Ambarus (11): crypto: kpp, (ec)dh - fix typos crypto: ecc - remove unused function arguments crypto: ecc - remove unnecessary casts crypto: dh - fix dh_max_size crypto: ecdh - fix ecdh_max_size crypto: rsa - change err code in rsa_max_size crypto:

[PATCH v3 06/11] crypto: rsa - change err code in rsa_max_size

If key was not successfully set, return -ENOKEY instead of -EINVAL. Signed-off-by: Tudor Ambarus --- crypto/rsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rsa.c b/crypto/rsa.c index 4c280b6..3cf640e 100644 --- a/crypto/rsa.c +++ b/crypto/rsa.c @@ -341,7 +341,7

[PATCH v3 01/11] crypto: kpp, (ec)dh - fix typos

While here, add missing argument description (ndigits). Signed-off-by: Tudor Ambarus --- crypto/dh.c | 4 ++-- crypto/dh_helper.c| 4 ++-- crypto/ecc.h | 8 +--- crypto/ecdh.c | 4 ++-- crypto/ecdh_helper.c | 4 ++-- include/crypto/dh.h | 4 ++-- include

[PATCH v3 02/11] crypto: ecc - remove unused function arguments

Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 8 +++- crypto/ecc.h | 13 +++-- crypto/ecdh.c | 11 +-- 3 files changed, 11 insertions(+), 21 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index 414c78a..69b4cc4 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c

[PATCH v3 04/11] crypto: dh - fix dh_max_size

If someone called this function before a successful setkey, we would end up in a NULL dereference. The function should return minimum size for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 2 +- 1 file changed, 1 insertion(+), 1 del

[PATCH v3 03/11] crypto: ecc - remove unnecessary casts

ecc software implementation works with chunks of u64 data. There were some unnecessary casts to u8 and then back to u64 for the ecc keys. This patch removes the unnecessary casts. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 28 +--- crypto/ecc.h | 8

[PATCH v3 05/11] crypto: ecdh - fix ecdh_max_size

If someone called this function before a successful setkey, we would end up in a NULL dereference. The function should return minimum size for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/ecdh.c | 6 +++--- 1 file changed, 3 insertions(

Re: [PATCH v2 08/11] crypto: testmgr - check err on akcipher maxsize

On 23.05.2017 07:08, Herbert Xu wrote: On Wed, May 17, 2017 at 06:00:35PM +0300, Tudor Ambarus wrote: crypto_akcipher_maxsize() returns minimum length for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/testmgr.c | 5 + 1 file chang

Re: ecdh: generation and retention of ecc privkey in kernel/hardware

On 23.05.2017 06:58, Herbert Xu wrote: On Thu, Apr 27, 2017 at 05:17:58PM +0300, Tudor Ambarus wrote: Hi, Herbert, I'm working with a crypto accelerator that is capable of generating and retaining ecc private keys in hardware and further use them for ecdh. The private keys can not be

[RFC PATCH v2 3/4] crypto: dh - allow user to provide NULL privkey

If the user provides a NULL private key, the kernel will generate it and further use it for dh. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 21 + 1 file changed, 21 insertions(+) diff --git a/crypto/dh.c b/crypto/dh.c index 87e3542..7b4ac5b 100644 --- a/crypto/dh.c +++ b

[RFC PATCH v2 4/4] crypto: testmgr - add genkey kpp test

opied from the previous test vectors. Signed-off-by: Tudor Ambarus --- crypto/testmgr.c | 76 +++ crypto/testmgr.h | 155 +++ 2 files changed, 220 insertions(+), 11 deletions(-) diff --git a/crypto/testmgr.c b/c

[RFC PATCH v2 2/4] crypto: ecdh - allow user to provide NULL privkey

If the user provides a NULL ecc private key, the kernel will generate it and further use it for ecdh. Signed-off-by: Tudor Ambarus --- crypto/ecdh.c | 4 1 file changed, 4 insertions(+) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 63ca337..f28f5b5 100644 --- a/crypto/ecdh.c +++ b

[RFC PATCH v2 1/4] crypto: ecc - add privkey generation support

Add support for generating ecc private keys. Generation of ecc private keys is helpful in a user-space to kernel ecdh offload because the keys are not revealed to user-space. Private key generation is also helpful to implement forward secrecy. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 20

[RFC PATCH v2 0/4] crypto: (ec)dh - add privkey generation support

case of error - code defensively in testmgr: use sizeof(*ptr) while in memcpy v1 can be found at: http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg25176.html Tudor Ambarus (4): crypto: ecc - add privkey generation support crypto: ecdh - allow user to provide NULL privkey crypt

[PATCH v2 09/11] crypto: testmgr - check err on kpp maxsize

crypto_kpp_maxsize() returns minimum length for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/testmgr.c | 5 + 1 file changed, 5 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 87a4abd..0bf9a00 100644 --- a/crypto/test

[PATCH v2 11/11] crypto: rsa - do checks before allocating data

Signed-off-by: Tudor Ambarus --- crypto/rsa.c | 16 ++-- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/crypto/rsa.c b/crypto/rsa.c index 4c280b6..a80f76d 100644 --- a/crypto/rsa.c +++ b/crypto/rsa.c @@ -279,6 +279,9 @@ static int rsa_set_pub_key(struct

[PATCH v2 10/11] crypto: KEYS: check err on akcipher maxsize

crypto_akcipher_maxsize() returns minimum length for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/asymmetric_keys/public_key.c | 5 + 1 file changed, 5 insertions(+) diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric

[PATCH v2 07/11] crypto: dh - fix memleak in setkey

setkey can be called multiple times during the existence of the transformation object. Free the old MPI key if any. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/crypto/dh.c b/crypto/dh.c index 325a5dd..b55b03d 100644 --- a/crypto/dh.c +++ b

[PATCH v2 08/11] crypto: testmgr - check err on akcipher maxsize

crypto_akcipher_maxsize() returns minimum length for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/testmgr.c | 5 + 1 file changed, 5 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 6f5f3ed..87a4abd 100644 --- a/c

[PATCH v2 02/11] crypto: ecc - remove unused function arguments

Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 8 +++- crypto/ecc.h | 13 +++-- crypto/ecdh.c | 11 +-- 3 files changed, 11 insertions(+), 21 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index 414c78a..69b4cc4 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c

[PATCH v2 05/11] crypto: ecdh - fix ecdh_max_size

The function should return minimum size for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/ecdh.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index c1f0163..830dfb6 100644 --- a/c

[PATCH v2 06/11] crypto: ecc - don't be selfish on pubkeys

Rename ecdh_make_pub_key() to ecc_make_pub_key(). This function might as well be used by ecdsa. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 4 ++-- crypto/ecc.h | 4 ++-- crypto/ecdh.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c

[PATCH v2 04/11] crypto: dh - fix dh_max_size

The function should return minimum size for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/dh.c b/crypto/dh.c index 7cec0498..325a5dd 100644 --- a/crypto/dh.c

[PATCH v2 00/11] fixes for ecc, ec(dh), rsa & testmgr

found at: http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg25139.html Tudor Ambarus (11): crypto: kpp, (ec)dh - fix typos crypto: ecc - remove unused function arguments crypto: ecc - remove unnecessary casts crypto: dh - fix dh_max_size crypto: ecdh - fix ecdh_max_size crypto

[PATCH v2 01/11] crypto: kpp, (ec)dh - fix typos

While here, add missing argument description (ndigits). Signed-off-by: Tudor Ambarus --- crypto/dh.c | 4 ++-- crypto/dh_helper.c| 4 ++-- crypto/ecc.h | 8 +--- crypto/ecdh.c | 4 ++-- crypto/ecdh_helper.c | 4 ++-- include/crypto/dh.h | 4 ++-- include

[PATCH v2 03/11] crypto: ecc - remove unnecessary casts

ecc software implementation works with chunks of u64 data. There were some unnecessary casts to u8 and then back to u64 for the ecc keys. This patch removes the unnecessary casts. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 28 +--- crypto/ecc.h | 8

[RFC PATCH 4/4] crypto: testmgr - add genkey kpp test

opied from the previous test vectors. Signed-off-by: Tudor Ambarus --- crypto/testmgr.c | 77 +++ crypto/testmgr.h | 155 +++ 2 files changed, 221 insertions(+), 11 deletions(-) diff --git a/crypto/testmgr.c b/c

[RFC PATCH 2/4] crypto: ecdh - allow user to provide NULL privkey

If the user provides a NULL ecc private key, the kernel will generate it and further use it for ecdh. Signed-off-by: Tudor Ambarus --- crypto/ecdh.c | 4 1 file changed, 4 insertions(+) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 63ca337..f28f5b5 100644 --- a/crypto/ecdh.c +++ b

[RFC PATCH 3/4] crypto: dh - allow user to provide NULL privkey

If the user provides a NULL private key, the kernel will generate it and further use it for dh. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 18 ++ 1 file changed, 18 insertions(+) diff --git a/crypto/dh.c b/crypto/dh.c index 87e3542..33df165 100644 --- a/crypto/dh.c +++ b

[RFC PATCH 0/4] crypto: (ec)dh - add privkey generation support

;t be able to decrypt it with possession of a long-term key. There are crypto accelerators that are capable of generating and retaining private keys without revealing them to software. This patch set is a prerequisite for hardware private key generation support. Tudor Ambarus (4): crypto: ecc

[RFC PATCH 1/4] crypto: ecc - add privkey generation support

Add support for generating ecc private keys. Generation of ecc private keys is helpful in a user-space to kernel ecdh offload because the keys are not revealed to user-space. Private key generation is also helpful to implement forward secrecy. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 20

[PATCH 5/8] crypto: ecc - remove casts in ecc_is_key_valid

ecc software implementation works with chunks of u64 data. There were some unnecessary casts to u8 and then back to u64 for the ecc keys. This patch removes the unnecessary casts. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 6 +++--- crypto/ecc.h | 2 +- crypto/ecdh.c | 2 +- 3 files

[PATCH 6/8] crypto: dh - fix dh_max_size

The function should return minimum size for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/dh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/dh.c b/crypto/dh.c index 7cec0498..325a5dd 100644 --- a/crypto/dh.c

[PATCH 8/8] crypto: ecc - don't be selfish on pubkeys

Rename ecdh_make_pub_key() to ecc_make_pub_key(). This function might as well be used by ecdsa. Signed-off-by: Tudor Ambarus --- crypto/ecc.c | 4 ++-- crypto/ecc.h | 4 ++-- crypto/ecdh.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c

[PATCH 7/8] crypto: ecdh - fix ecdh_max_size

The function should return minimum size for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus --- crypto/ecdh.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index c1f0163..830dfb6 100644 --- a/c

<    1   2   3   >