On Mon, 2010-11-15 at 16:18 +, David Howells wrote:
> Mimi Zohar wrote:
> > > But if you're going to use a user-defined key, you really need to prefix
> > > the description with something suitable.
> >
> > Agreed. So instead of:
> > keyctl add encrypted name "new master-key-name keylen"
Mimi Zohar wrote:
> > I thought that might be the case. In which case, it might be better to
> > allow someone to add a trusted key, supplying both encrypted and
> > unencrypted versions of the data so that the TPM need not be consulted.
> > You might want to mark such a key so that it can be se
> This patch adds the af_alg plugin for hash, corresponding to
> the ahash kernel operation type.
Tested-by: Martin Willi
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.
> This patch creates the backbone of the user-space interface for
> the Crypto API, through a new socket family AF_ALG.
Tested-by: Martin Willi
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info a
> This patch adds the af_alg plugin for symmetric key ciphers,
> corresponding to the ablkcipher kernel operation type.
I can confirm that the newest patch fixes the page leak.
Tested-by: Martin Willi
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a m
On Mon, 2010-11-15 at 19:58 +0800, Herbert Xu wrote:
> Tomas Mraz wrote:
> >
> > This would not be a 'hashing' algorithm but a simple block encryption
> > algorithm in the ECB mode with the random key initialized at boot. The
> > problem here is that the standard block ciphers have at least 64 bi
Tomas Mraz wrote:
>
> This would not be a 'hashing' algorithm but a simple block encryption
> algorithm in the ECB mode with the random key initialized at boot. The
> problem here is that the standard block ciphers have at least 64 bit
> block length as smaller block length ciphers would not be se
crypto: algif_skcipher - User-space interface for skcipher operations
This patch adds the af_alg plugin for symmetric key ciphers,
corresponding to the ablkcipher kernel operation type.
Keys can optionally be set through the setsockopt interface.
Once a sendmsg call occurs without MSG_MORE no fu
crypto: algif_hash - User-space interface for hash operations
This patch adds the af_alg plugin for hash, corresponding to
the ahash kernel operation type.
Keys can optionally be set through the setsockopt interface.
Each sendmsg call will finalise the hash unless sent with a MSG_MORE
flag.
Par
crypto: af_alg - User-space interface for Crypto API
This patch creates the backbone of the user-space interface for
the Crypto API, through a new socket family AF_ALG.
Each session corresponds to one or more connections obtained from
that socket. The number depends on the number of inputs/outpu
net - Add AF_ALG macros
This patch adds the socket family/level macros for the yet-to-be-born
AF_ALG family. The AF_ALG family provides the user-space interface
for the kernel crypto API.
Signed-off-by: Herbert Xu
Acked-by: David S. Miller
---
include/linux/socket.h |5 -
1 file chan
On Mon, Nov 08, 2010 at 10:10:20AM +0100, Martin Willi wrote:
>
> The test program below runs 1000 encryptions:
>
> # grep nr_free /proc/vmstat
> nr_free_pages 11031
> # ./test
Thanks, Miroslav identified a bogosity where if we're not doing
a whole page then the last sgl pointer is off by one w
On Mon, Nov 15, 2010 at 09:43:12AM +0100, Tomas Mraz wrote:
> On Fri, 2010-11-12 at 08:32 -0500, Dan Rosenberg wrote:
> > Hi Crypto people,
> >
> > I'm planning on submitting a patch that introduces a new %p format
> > specifier that obfuscates kernel pointers depending on privileges. This
> > c
On Fri, 2010-11-12 at 08:32 -0500, Dan Rosenberg wrote:
> Hi Crypto people,
>
> I'm planning on submitting a patch that introduces a new %p format
> specifier that obfuscates kernel pointers depending on privileges. This
> change is for security reasons - many networking protocols expose
> point
14 matches
Mail list logo