Re: Doing crypto in small stack buffers (bluetooth vs vmalloc-stack crash, etc)

On Thu, Jun 23, 2016 at 11:48:25AM +0800, Herbert Xu wrote: > > No we never had such an API in the kernel. However, I see that > rxkad does some pretty silly things and we should be able to avoid > using the stack in pretty much all cases. Let me try to come up with > something. Here it is:

Re: [PATCH v6 2/8] crypto: add driver-side scomp interface

On Wed, Jun 22, 2016 at 04:53:50PM +0100, Giovanni Cabiddu wrote: > On Mon, Jun 13, 2016 at 04:56:12PM +0800, Herbert Xu wrote: > > The backup path is also very unlikely to work because we'll be > > hitting this with 64K sizes and this just won't work with a 4K > > page size. > Is

Re: [PATCH v11 0/3] Key-agreement Protocol Primitives (KPP) API

On Wed, Jun 22, 2016 at 05:49:12PM +0100, Salvatore Benedetto wrote: > Hi Herb, > > the following patchset introduces a new API for abstracting key-agreement > protocols such as DH and ECDH. It provides the primitives required for > implementing > the protocol, thus the name KPP (Key-agreement

Re: [PATCH] crypto: user - re-add size check for CRYPTO_MSG_GETALG

On Wed, Jun 22, 2016 at 08:29:37PM +0200, Mathias Krause wrote: > Commit 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG") > accidentally removed the minimum size check for CRYPTO_MSG_GETALG > netlink messages. This allows userland to send a truncated > CRYPTO_MSG_GETALG message as short as a

Re: [PATCH] crypto : async implementation for sha1-mb

On Tue, Jun 21, 2016 at 06:21:46PM -0700, Megha Dey wrote: > From: Megha Dey > > Herbert wants the sha1-mb algorithm to have an async implementation: > https://lkml.org/lkml/2016/4/5/286. > Currently, sha1-mb uses an async interface for the outer algorithm > and a sync

Re: [PATCH v3 02/10] crypto: marvell: Check engine is not already running when enabling a req

On Wed, Jun 22, 2016 at 01:23:39PM +0200, Romain Perier wrote: > Hello, > > Le 22/06/2016 12:33, Herbert Xu a écrit : > >Romain Perier wrote: > >>Add a BUG_ON() call when the driver tries to launch a crypto request > >>while the engine is still processing the

[PATCH 7/8] KEYS: Implement encrypt, decrypt and sign for software asymmetric key [ver #2]

Implement the encrypt, decrypt and sign operations for the software asymmetric key subtype. This mostly involves offloading the call to the crypto layer. Note that the decrypt and sign operations require a private key to be supplied. Encrypt (and also verify) will work with either a public or a

[PATCH 8/8] KEYS: Implement PKCS#8 RSA Private Key parser [ver #2]

Implement PKCS#8 RSA Private Key format [RFC 5208] parser for the asymmetric key type. For the moment, this will only support unencrypted DER blobs. PEM and decryption can be added later. PKCS#8 keys can be loaded like this: openssl pkcs8 -in private_key.pem -topk8 -nocrypt -outform

[PATCH 6/8] KEYS: Allow the public_key struct to hold a private key [ver #2]

Put a flag in the public_key struct to indicate if the structure is holding a private key. The private key must be held ASN.1 encoded in the format specified in RFC 3447 A.1.2. This is the form required by crypto/rsa.c. The software encryption subtype's verification and query functions then

[PATCH 5/8] KEYS: Provide software public key query function [ver #2]

Provide a query function for the software public key implementation. This permits information about such a key to be obtained using query_asymmetric_key() or KEYCTL_PKEY_QUERY. Signed-off-by: David Howells --- crypto/asymmetric_keys/public_key.c | 96

[PATCH 4/8] KEYS: Make the X.509 and PKCS7 parsers supply the sig encoding type [ver #2]

Make the X.509 and PKCS7 parsers fill in the signature encoding type field recently added to the public_key_signature struct. Signed-off-by: David Howells --- crypto/asymmetric_keys/pkcs7_parser.c |1 + crypto/asymmetric_keys/x509_cert_parser.c | 21

Re: [PATCH v6 3/6] crypto: AF_ALG -- add asymmetric cipher interface

Hi Stephan, >> This brings me to another proposal for read buffer sizing: AF_ALG akcipher can guarantee that partial reads (where the read buffer is shorter than the output of the crypto op) will work using the same semantics as SOCK_DGRAM/SOCK_SEQPACKET. With those sockets, as much data as

Re: crypto: rsa - Do not gratuitously drop leading zeroes

Hi Herbert, On 06/22/2016 03:14 AM, Herbert Xu wrote: > This was prompted by the caam RSA submission where a lot of work > was done just to strip the RSA output of leading zeroes. This is > in fact completely pointless because the only user of RSA in the > kernel then promptly puts them back. >

[PATCH 3/8] KEYS: Provide missing asymmetric key subops for new key type ops [ver #2]

Provide the missing asymmetric key subops for new key type ops. This include query, encrypt, decrypt and create signature. Verify signature already exists. Also provided are accessor functions for this: int query_asymmetric_key(const struct key *key,

[PATCH 2/8] KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]

Provide five keyctl functions that permit userspace to make use of the new key type ops for accessing and driving asymmetric keys. (*) Query an asymmetric key. long keyctl(KEYCTL_PKEY_QUERY, key_serial_t key, unsigned long reserved, struct

[PATCH 0/8] KEYS: keyctl operations for asymmetric keys [ver #2]

Here's a set of patches that provides keyctl access for asymmetric keys, including a query function, and functions to do encryption, decryption, signature creation and signature verification. I've added a PKCS#8 asymmetric key parser so that you can load an RSA private key into the kernel.

[PATCH 0/8] KEYS: keyctl operations for asymmetric keys

Here's a set of patches that provides keyctl access for asymmetric keys, including a query function, and functions to do encryption, decryption, signature creation and signature verification. I've added a PKCS#8 asymmetric key parser so that you can load an RSA private key into the kernel.

Re: [PATCH 5/8] KEYS: Provide software public key query function [ver #2]

David, On Thu, 23 Jun 2016, David Howells wrote: Provide a query function for the software public key implementation. This permits information about such a key to be obtained using query_asymmetric_key() or KEYCTL_PKEY_QUERY. Signed-off-by: David Howells ---

Re: [PATCH] crypto: user - re-add size check for CRYPTO_MSG_GETALG

Am Donnerstag, 23. Juni 2016, 18:43:57 schrieb Herbert Xu: Hi Herbert, > On Wed, Jun 22, 2016 at 08:29:37PM +0200, Mathias Krause wrote: > > Commit 9aa867e46565 ("crypto: user - Add CRYPTO_MSG_DELRNG") > > accidentally removed the minimum size check for CRYPTO_MSG_GETALG > > netlink messages.

[cryptodev:master 79/79] (.text+0x330de0): multiple definition of `ecdh_shared_secret'

tree: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git master head: 3c4b23901a0c766879dff680cd6bdab47bcdbbd2 commit: 3c4b23901a0c766879dff680cd6bdab47bcdbbd2 [79/79] crypto: ecdh - Add ECDH software support config: i386-allyesconfig (attached as .config) compiler:

[PATCH v8 3/6] crypto: AF_ALG -- add asymmetric cipher interface

From: Stephan Mueller This patch adds the user space interface for asymmetric ciphers. The interface allows the use of sendmsg as well as vmsplice to provide data. This version has been rebased on top of 4.7 and a few chackpatch issues have been fixed. This version also

[PATCH v8 2/6] crypto: AF_ALG -- add setpubkey setsockopt call

From: Stephan Mueller For supporting asymmetric ciphers, user space must be able to set the public key. The patch adds a new setsockopt call for setting the public key. Signed-off-by: Stephan Mueller Signed-off-by: Tadeusz Struk

[PATCH v8 6/6] crypto: AF_ALG - add support for key_id

This patch adds support for asymmetric key type to AF_ALG. It will work as follows: A new PF_ALG socket options are added on top of existing ALG_SET_KEY and ALG_SET_PUBKEY, namely ALG_SET_KEY_ID and ALG_SET_PUBKEY_ID for setting public and private keys respectively. When these new options will be

Re: Doing crypto in small stack buffers (bluetooth vs vmalloc-stack crash, etc)

On Wed, Jun 22, 2016 at 11:41 PM, Herbert Xu wrote: > On Thu, Jun 23, 2016 at 11:48:25AM +0800, Herbert Xu wrote: >> >> No we never had such an API in the kernel. However, I see that >> rxkad does some pretty silly things and we should be able to avoid >> using the

[PATCH v8 5/6] crypto: algif_akcipher - add ops_nokey

Similar to algif_skcipher and algif_hash, algif_akcipher needs to prevent user space from using the interface in an improper way. This patch adds nokey ops handlers, which do just that. Signed-off-by: Tadeusz Struk --- crypto/algif_akcipher.c | 159

[PATCH v8 1/6] crypto: AF_ALG -- add sign/verify API

From: Stephan Mueller Add the flags for handling signature generation and signature verification. Also, the patch adds the interface for setting a public key. Signed-off-by: Stephan Mueller Signed-off-by: Tadeusz Struk ---

[PATCH v8 4/6] crypto: algif_akcipher - enable compilation

From: Stephan Mueller Add the Makefile and Kconfig updates to allow algif_akcipher to be compiled. Signed-off-by: Stephan Mueller Signed-off-by: Tadeusz Struk --- crypto/Kconfig |9 + crypto/Makefile |1 + 2

[PATCH v8 0/6] crypto: algif - add akcipher

First four patches are a resend algif_akcipher from Stephan Mueller, with minor changes after rebase on top of 4.7-rc1. The next three patches add support for keys stored in system keyring subsystem. First patch adds algif_akcipher nokey hadlers. Second patch adds generic sign, verify, encrypt,

Re: [PATCH] crypto: user - re-add size check for CRYPTO_MSG_GETALG

On Thu, Jun 23, 2016 at 04:46:26PM +0200, Stephan Mueller wrote: > > Please revert my patch eed1e1afd8d542d9644534c1b712599b5d680007 as requested > by Matthias. It's already done. Thanks. -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP

[PATCH 0/7] crypto: SHA256 multibuffer implementation

From: Megha Dey In this patch series, we introduce the multi-buffer crypto algorithm on x86_64 and apply it to SHA256 hash computation. The multi-buffer technique takes advantage of the 8 data lanes in the AVX2 registers and allows computation to be performed on data

Re: [PATCH v8 6/6] crypto: AF_ALG - add support for key_id

Hi, [auto build test ERROR on cryptodev/master] [also build test ERROR on v4.7-rc4 next-20160623] [if your patch is applied to the wrong git tree, please drop us a note to help improve the system] url: https://github.com/0day-ci/linux/commits/Tadeusz-Struk/crypto-algif-add-akcipher/20160624

[PATCH 4/7] crypto: sha256-mb - Algorithm data structures

This patch introduces the data structures and prototypes of functions needed for computing SHA256 hash using multi-buffer. Included are the structures of the multi-buffer SHA256 job, job scheduler in C and x86 assembly. Signed-off-by: Megha Dey Reviewed-by: Fenghua Yu

[PATCH 7/7] crypto: sha1-mb - rename sha-mb to sha1-mb

From: Megha Dey Until now, there was only support for the SHA1 multibuffer algorithm. Hence, there was just one sha-mb folder. Now, with the introduction of the SHA256 multi-buffer algorithm , it is logical to name the existing folder as sha1-mb. Signed-off-by: Megha

[PATCH 5/7] crypto: sha256-mb - Crypto computation (x8 AVX2)

This patch introduces the assembly routines to do SHA256 computation on buffers belonging to several jobs at once. The assembly routines are optimized with AVX2 instructions that have 8 data lanes and using AVX2 registers. Signed-off-by: Megha Dey Reviewed-by: Fenghua

[PATCH 2/7] crypto: sha256-mb - Enable multibuffer support

Add the config CRYPTO_SHA256_MB which will enable the computation using the SHA256 multi-buffer algorithm. Signed-off-by: Megha Dey Reviewed-by: Fenghua Yu Reviewed-by: Tim Chen --- crypto/Kconfig | 16

[PATCH 1/7] crypto: sha256-mb - SHA256 multibuffer job manager and glue code

This patch introduces the multi-buffer job manager which is responsible for submitting scatter-gather buffers from several SHA256 jobs to the multi-buffer algorithm. It also contains the flush routine to that's called by the crypto daemon to complete the job when no new jobs arrive before the

[PATCH 6/7] crypto: tcrypt - Add speed tests for SHA multibuffer algorithms

From: Megha Dey The existing test suite to calculate the speed of the SHA algorithms assumes serial (single buffer)) computation of data. With the SHA multibuffer algorithms, we work on 8 lanes of data in parallel. Hence, the need to introduce a new test suite to

[PATCH 3/7] crypto: sha256-mb - submit/flush routines for AVX2

This patch introduces the routines used to submit and flush buffers belonging to SHA256 crypto jobs to the SHA256 multibuffer algorithm. It is implemented mostly in assembly optimized with AVX2 instructions. Signed-off-by: Megha Dey Reviewed-by: Fenghua Yu