Add PCBC crypto template support as used by RxRPC.
Signed-Off-By: David Howells [EMAIL PROTECTED]
---
crypto/Kconfig |9 +
crypto/Makefile |1
crypto/pcbc.c | 348 +++
3 files changed, 358 insertions(+), 0 deletions(-)
diff --git
Linus Torvalds [EMAIL PROTECTED] wrote:
(1) A cut-down MPI library derived from GPG with error handling added.
Do we really need to add this?
I presume you mean the MPI library specifically? If so, then yes. It's
necessary to do DSA signature verification (or RSA for that matter).
Michael Halcrow [EMAIL PROTECTED] wrote:
Right now, eCryptfs just delegates its modular exponentiation
operations to a userspace daemon. If RSA ever finds its way into the
kernel, I might tweak eCryptfs to use that instead for some of the
public key operations.
Am I right in thinking that
Linus Torvalds torva...@linux-foundation.org wrote:
People always think that their magical code is so important. I tell
you up-front that is absolutely is not. Just remove the crap entirely,
please.
Even if he does remove it, that still leaves the problem that modprobe can be
invoked and fail
Herbert Xu herb...@gondor.hengli.com.au wrote:
This patch should do the trick:
commit 326a6346ffb5b19eb593530d9d3096d409e46f62
Author: Herbert Xu herb...@gondor.apana.org.au
Date: Fri Aug 6 09:40:28 2010 +0800
crypto: testmgr - Fix test disabling option
It does work.
David
--
To
Nikos Mavrogiannopoulos n...@gnutls.org wrote:
It is not that simple. My understanding of the keyring API is that it
allows exporting of the keys to user-space and this crypto API
explicitly prevents that
That's simple. Don't provide a read() key type operation, then.
David
--
To
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
--- a/lib/hexdump.c
+++ b/lib/hexdump.c
@@ -34,6 +34,22 @@ int hex_to_bin(char ch)
EXPORT_SYMBOL(hex_to_bin);
/**
+ * hex2bin - convert an ascii hexadecimal string to its binary representation
+ * @mem: result
+ * @buf: ascii hexadecimal
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
Reviewd-by: Mimi Zohar zo...@watson.ibm.com
You've missed an 'e'.
+int tpm_send(u32 chip_num, char *cmd, int buflen)
+{
...
+ rc = transmit_cmd(chip, (struct tpm_cmd_t *)cmd, buflen,
+ attempting tpm_cmd);
Make cmd
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+void hex2bin(unsigned char *mem, char *buf, int count)
I think this needs a little adjustment. I would recommend something like the
following declaration:
void hex2bin(u8 *buf, const char *data, size_t count)
since the output data is binary
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
Defines a new kernel key-type called 'trusted'. Trusted keys are
random number symmetric keys, generated and RSA-sealed by the TPM.
The TPM only unseals the keys, if the boot PCRs and other criteria
match. Userspace can only ever see encrypted
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+ module_put(chip-dev-driver-owner);
Where's the corresponding module_get()? I suspect this should be wrapped to
match tpm_chip_find_get().
David
The module_get() is in tpm_chip_find_get(), which is just a helper.
(It's used this way
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+enum {
+ Opt_err = -1,
+ Opt_new = 1, Opt_load, Opt_update,
+ Opt_keyhandle, Opt_keyauth, Opt_blobauth,
+ Opt_pcrinfo, Opt_pcrlock, Opt_migratable
+};
The compiler can generate slightly more efficient code if you don't skip 0 in
David Safford saff...@watson.ibm.com wrote:
+#define TPM_DEBUG 0
The TPM_DEBUG stuff should probably be in the directory with the sources,
not in a directory for others to include.
Maybe some confusion here - trusted_defined.h is in the sources - only
trusted-type.h is public in
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
Defines a new kernel key-type called 'encrypted'. Encrypted keys are
Many of the comments I made against patch #3 also apply here. Use 'Define'
rather than 'Defines' here for example.
index 000..e2312e0
--- /dev/null
+++
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
Why do you allow the master key to be supplied by a user-defined key rather
than requiring a trusted-key unconditionally?
This is for systems without a TPM. The logic needs to exist, whether it
is here or in EVM. By doing it here, a user could
David Safford saff...@watson.ibm.com wrote:
David, does this look ok to you? If so, I will do two patches, one to
fix the helper name throughout the existing tpm.c, and then a new
version of the tpm_send patch which uses the new name.
I prefer my suggestion: Wrapping the module_put() up so
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
I thought that might be the case. In which case, it might be better to
allow someone to add a trusted key, supplying both encrypted and
unencrypted versions of the data so that the TPM need not be consulted.
You might want to mark such a key so
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
I actually like keyctl requiring 'trusted:' or 'user:'. Forcing the
user to indicate which type of key they want, is actually good - no
misunderstandings.
You still need to prefix the description of a user-defined key so that you
don't collide with
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
No, this just updates the name of the key used to encrypt/decrypt the
encrypted key. For example, the encrypted key evm-key is initially
encrypted/decrypted using 'kmk-trusted'. After the update, it is
encrypted/decrypted with 'kmk'. Both now are
comment)
- Replace int with size_t (based on David Howell's comment)
Signed-off-by: Mimi Zohar zo...@us.ibm.com
Acked-by: Serge E. Hallyn se...@hallyn.com
Acked-by: David Howells dhowe...@redhat.com
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
For readability, define a tpm_chip_put() wrapper to call module_put().
Replace existing module_put() calls with the wrapper.
(Change based on trusted/encrypted patchset review by David Howells.)
Signed-off-by: Mimi Zohar zo...@us.ibm.com
Signed
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+int tpm_send(u32 chip_num, void *cmd, int buflen)
I'd recommend size_t for buflen; apart from that:
Acked-by: David Howells dhowe...@redhat.com
--
To unsubscribe from this list: send the line unsubscribe linux-crypto in
the body of a message
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+keyctl print returns an ascii hex copy of the sealed key, which is in
standard
I'd quote 'keyctl print' just so it's obvious where the command ends and the
descriptive text starts.
+Usage:
+ keyctl add encrypted name new key-type:master-key-name
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+static int datablob_format(char __user *buffer,
+struct encrypted_key_payload *epayload,
+int asciiblob_len)
size_t? There are other instances where you should be using size_t too.
+ index =
David Safford saff...@watson.ibm.com wrote:
Currently transmit_command() in tpm.c expects an int,
but it changes it to size_t for the actual tpm_transmit().
We will work with Rajiv to do a cleanup, as this touches
a number of calls.
You can pass a size_t value to an int. The compiler will
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
Am assuming you mean something like this:
keyctl add encrypted name new trusted:master-key-name keylen ring
keyctl add encrypted name new user:master-key-name keylen ring
and, as you said, works without changing the API.
No, that's not what I
Serge Hallyn serge.hal...@canonical.com wrote:
+int tpm_send(u32 chip_num, void *cmd, size_t buflen)
Hate to nit-pick, but any particular reason you're not following the
rest of the file and using 'struct tpm_cmd_t *cmd' here?
Ummm... Something else I've just noticed...
static
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+#define KEY_TRUSTED_PREFIX trusted:
+#define KEY_TRUSTED_PREFIX_LEN (sizeof (KEY_TRUSTED_PREFIX) - 1)
+#define KEY_USER_PREFIX user:
+#define KEY_USER_PREFIX_LEN (sizeof (KEY_USER_PREFIX) - 1)
I'd recommend using static const char arrays.
+static
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
+static struct key *request_trusted_key(const char *trusted_desc,
+u8 **master_key,
+unsigned int *master_keylen)
You need to annotate the function with an __acquires() to
James Morris jmor...@namei.org wrote:
+MPI mpi_alloc(unsigned nlimbs)
+{
+ MPI a;
+
+ a = (MPI) kmalloc(sizeof *a, GFP_KERNEL);
Generally, typedef structs are frowned upon in the kernel. I'd prefer to
see this (and any others) changed to a normal type.
In this case, however,
Create a key type that can be used for general cryptographic operations, such
as encryption, decryption, signature generation and signature verification.
The key type is crypto and can provide access to a variety of cryptographic
algorithms.
Signed-off-by: David Howells dhowe...@redhat.com
Add a key subtype for handling DSA crypto keys. For the moment it only
provides a signature verification facility.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/Kconfig | 10 +
security/keys/Makefile |2
security/keys/crypto_dsa.h
Add a key subtype for handling RSA crypto keys. For the moment it only
provides a signature verification facility.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/Kconfig |9 +
security/keys/Makefile |1
security/keys/crypto_rsa.c | 394
Add a facility whereby a key subtype may be asked to verify a signature against
the data it is purported to have signed.
Signed-off-by: David Howells dhowe...@redhat.com
---
Documentation/security/keys-crypto.txt | 106 +++-
include/keys/crypto-subtype.h
.
Signed-off-by: David Howells dhowe...@redhat.com
---
Documentation/security/keys-crypto.txt | 12
include/keys/crypto-type.h |3 +
security/keys/Makefile |2 -
security/keys/crypto_request.c | 94
4 files changed
Export some more symbols for use by the DSA key subtype.
Signed-off-by: David Howells dhowe...@redhat.com
---
lib/mpi/mpi-cmp.c |2 ++
lib/mpi/mpi-div.c |1 +
lib/mpi/mpi-inv.c |1 +
lib/mpi/mpi-mpow.c |1 +
lib/mpi/mpi-mul.c |1 +
5 files changed, 6 insertions(+), 0
Permit key_serial() to be called with a const key pointer.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/key.h |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/include/linux/key.h b/include/linux/key.h
index 183a6af..f87b51b 100644
--- a/include
*data,
size_t datalen);
};
int pgp_parse_packets(const u8 *data, size_t datalen,
struct pgp_parse_context *ctx);
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/pgp.h | 230
will be
returned and a message will be logged to the kernel log.
Signed-Off-By: David Howells dhowe...@redhat.com
---
init/Kconfig | 11 +
kernel/Makefile|2
kernel/module-verify-elf.c | 344
kernel/module-verify.c | 41
Signature verification routines for DSA crypto key subtype.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Makefile|2
security/keys/crypto_dsa.h| 11 +
security/keys/crypto_dsa_verify.c | 375 +
3 files changed
:
24460d1c I- 1 perm 3f01 0 0 cryptomodsign.0: dsa
5acc2142 []
3ca85723 I- 1 perm 1f01 0 0 keyring .module_sign: 1/4
Signed-off-by: David Howells dhowe...@redhat.com
---
Documentation/security/keys-crypto.txt | 19
include/keys/crypto-type.h
) A function to parse out basic signature parameters from any PGP signature
such that the algorithms and public key can be selected:
int pgp_parse_sig_params(const u8 **_data, size_t *_datalen,
struct pgp_sig_parameters *p);
Signed-off-by: David Howells dhowe
Here are a set of patches that create a framework for using cryptographic keys
within the kernel. The basic crypto key has no requirements as to how the key
is implemented; it's basically a jump table for the operations and an anchor
for any relevant data.
I have provided a couple of subtypes:
debugging code.
(*) Updated documentation.
David
---
David Howells (16):
MODSIGN: Apply signature checking to modules on module load
MODSIGN: Module ELF verifier
MODSIGN: Add indications of module ELF types
KEYS: Provide a function to load keys from a PGP keyring blob
Permit key_serial() to be called with a const key pointer.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/key.h |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/include/linux/key.h b/include/linux/key.h
index 183a6af..f87b51b 100644
--- a/include
:
24460d1c I- 1 perm 3f01 0 0 cryptomodsign.0: dsa
5acc2142 []
3ca85723 I- 1 perm 1f01 0 0 keyring .module_sign: 1/4
Signed-off-by: David Howells dhowe...@redhat.com
---
Documentation/security/keys-crypto.txt | 19 +
include/keys/crypto-type.h
Add a facility whereby a key subtype may be asked to verify a signature against
the data it is purported to have signed.
Signed-off-by: David Howells dhowe...@redhat.com
---
Documentation/security/keys-crypto.txt | 106 +++-
include/keys/crypto-subtype.h
Signature verification routines for RSA crypto key subtype.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Makefile |2
security/keys/crypto_rsa.h | 11 +
security/keys/crypto_rsa_subtype.c | 15 +
security/keys/crypto_rsa_verify.c | 519
.
Signed-off-by: David Howells dhowe...@redhat.com
---
Documentation/security/keys-crypto.txt | 12
include/keys/crypto-type.h |3 +
security/keys/Makefile |2 -
security/keys/crypto_request.c | 87
4 files changed
Signature verification routines for DSA crypto key subtype.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Makefile|2
security/keys/crypto_dsa.h| 11 +
security/keys/crypto_dsa_verify.c | 384 +
3 files changed
) A function to parse out basic signature parameters from any PGP signature
such that the algorithms and public key can be selected:
int pgp_parse_sig_params(const u8 **_data, size_t *_datalen,
struct pgp_sig_parameters *p);
Signed-off-by: David Howells dhowe
Add per-arch indications of module ELF types and relocation table entry types.
Signed-Off-By: David Howells dhowe...@redhat.com
---
arch/alpha/include/asm/module.h |3 +++
arch/arm/include/asm/module.h |5 +
arch/cris/include/asm/module.h|5 +
arch/h8300/include
Create a key type that can be used for general cryptographic operations, such
as encryption, decryption, signature generation and signature verification.
The key type is crypto and can provide access to a variety of cryptographic
algorithms.
Signed-off-by: David Howells dhowe...@redhat.com
Add a missing ENOMEM check.
Signed-off-by: David Howells dhowe...@redhat.com
---
lib/mpi/mpicoder.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/lib/mpi/mpicoder.c b/lib/mpi/mpicoder.c
index fe84bb9..6e225a8 100644
--- a/lib/mpi/mpicoder.c
+++ b/lib/mpi/mpicoder.c
Add a key subtype for handling DSA crypto keys. For the moment it only
provides a signature verification facility.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/Kconfig | 10 +
security/keys/Makefile |2
security/keys/crypto_dsa.h
will be
returned and a message will be logged to the kernel log.
Signed-Off-By: David Howells dhowe...@redhat.com
---
init/Kconfig | 11 +
kernel/Makefile|2
kernel/module-verify-elf.c | 344
kernel/module-verify.c | 41
*data,
size_t datalen);
};
int pgp_parse_packets(const u8 *data, size_t datalen,
struct pgp_parse_context *ctx);
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/pgp.h | 230
Serge Hallyn serge.hal...@canonical.com wrote:
p = buffer = kmalloc(n, GFP_KERNEL);
+ if (p 0)
+ return NULL;
Sorry, maybe i'm having a confused morning, but shouldn't this check be for
p==NULL rather than p0?
Bah. You are, of course, right. Updated for the next
---
David Howells (21):
MODSIGN: Apply signature checking to modules on module load
MODSIGN: Module ELF verifier
MODSIGN: Add indications of module ELF types
KEYS: Provide a function to load keys from a PGP keyring blob
KEYS: PGP format signature parser
KEYS: PGP-based
Add a missing ENOMEM check.
Signed-off-by: David Howells dhowe...@redhat.com
---
lib/mpi/mpicoder.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/lib/mpi/mpicoder.c b/lib/mpi/mpicoder.c
index fe84bb9..716802b 100644
--- a/lib/mpi/mpicoder.c
+++ b/lib/mpi/mpicoder.c
Announce the (un)registration of a key type in the core key code rather than
in the callers.
Signed-off-by: David Howells dhowe...@redhat.com
---
net/dns_resolver/dns_key.c |5 -
security/keys/key.c|3 +++
2 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/net
Add a subtype for supporting asymmetric public-key encryption algorithms such
as DSA (FIPS-186) and RSA (PKCS#1 / RFC1337).
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Kconfig |9
security/keys/Makefile |1
security/keys/public_key.c | 55
Implement the RSA algorithm (PKCS#1 / RFC3447). At this time, only signature
verification is supported. This uses the asymmetric public key subtype to hold
its key data.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Kconfig |6 +
security/keys/Makefile |1
will indicate that the verification failed and 0 will indicate success.
Other errors are also possible.
(4) void verify_sig_cancel(struct crypto_key_verify_context *ctx);
Cancel the verification process.
Signed-off-by: David Howells dhowe...@redhat.com
---
Documentation/security/keys
Reorganise the keys directory Makefile to put all the core bits together and
the type-specific bits after.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Makefile | 12 +---
1 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/security/keys/Makefile b
Implement the DSA algorithm (FIPS-186). At this time, only signature
verification is supported. This uses the asymmetric public key subtype to hold
its key data.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Kconfig |7 ++
security/keys/Makefile |1
,
struct pgp_parse_context *ctx);
This is configured on with CONFIG_PGP_LIBRARY.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/pgp.h | 25
security/keys/Kconfig |6 +
security/keys/Makefile |1
security/keys/pgp_library.c | 254
) A function to parse out basic signature parameters from any PGP signature
such that the algorithms and public key can be selected:
int pgp_parse_sig_params(const u8 **_data, size_t *_datalen,
struct pgp_sig_parameters *p);
Signed-off-by: David Howells dhowe
Provide some useful PGP definitions from RFC 4880. These describe details of
public key crypto as used by crypto keys for things like signature
verification.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/pgp.h | 206 +++
1
, it will set up a public_key subtype payload with
appropriate handler routines (DSA or RSA) and attach it to the key.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Kconfig | 12 +
security/keys/Makefile |4
security/keys/pgp_key_parser.c | 342
to process.
This requires glue logic putting on top to make use of it - something the next
patch provides.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys/Makefile |3
security/keys/pgp_parser.h |6 +
security/keys/pgp_pubkey_sig.c | 323
Implement a signature parser that will attempt to parse a signature blob as a
PGP packet format message. If it can, it will find an appropriate crypto key
and set the public-key algorithm according to the data in the signature.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/keys
:
24460d1c I- 1 perm 3f01 0 0 cryptomodsign.0: dsa
5acc2142 []
3ca85723 I- 1 perm 1f01 0 0 keyring .module_sign: 1/4
Signed-off-by: David Howells dhowe...@redhat.com
---
Documentation/security/keys-crypto.txt | 20 +++
include/keys/crypto-type.h
Add per-arch indications of module ELF types and relocation table entry types.
Signed-Off-By: David Howells dhowe...@redhat.com
---
arch/alpha/include/asm/module.h |3 +++
arch/arm/include/asm/module.h |5 +
arch/cris/include/asm/module.h|5 +
arch/h8300/include
will be
returned and a message will be logged to the kernel log.
Signed-Off-By: David Howells dhowe...@redhat.com
---
init/Kconfig | 11 +
kernel/Makefile|2
kernel/module-verify-elf.c | 344
kernel/module-verify.c | 41
Export some more symbols for use by the DSA key subtype.
Signed-off-by: David Howells dhowe...@redhat.com
---
lib/mpi/mpi-cmp.c |2 ++
lib/mpi/mpi-div.c |1 +
lib/mpi/mpi-inv.c |1 +
lib/mpi/mpi-mpow.c |1 +
lib/mpi/mpi-mul.c |1 +
5 files changed, 6 insertions(+), 0
Permit key_serial() to be called with a const key pointer.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/key.h |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/include/linux/key.h b/include/linux/key.h
index 183a6af..f87b51b 100644
--- a/include
Move the key config into security/keys/Kconfig as there are going to be a lot
of key-related options.
Signed-off-by: David Howells dhowe...@redhat.com
---
security/Kconfig | 68 +--
security/keys/Kconfig | 71
Ben Hutchings b...@decadent.org.uk wrote:
I'm a little uneasy about these structure definitions. There have been
C ABIs that set the structure alignment to at least 4 by default. It
may be better to play safe by declaring them '__packed'.
Yeah. I'll add that.
David
--
To unsubscribe from
H. Peter Anvin h.peter.an...@intel.com wrote:
Do we really need the complexity of a full OpenPGP parser? Parsers are
notorious security problems.
Actually, I don't have a full PGP parser. I only handle the minimum I need.
It can parse the packet stream, public key packets and signature
James Morris jmor...@namei.org wrote:
However, we don't have to include the DSA stuff in the kernel; I can always
discard that patch from the upstream-aimed patchset.
I'd encourage dropping DSA, as there appears to be no legacy justification
for its inclusion.
Okay, done that.
David
Rusty Russell ru...@ozlabs.org wrote:
And adds a great deal of code in a supposedly security-sensitive path to
achieve it.
How about simply append a signature to the module? That'd be about 20 lines
of code to carefully check the bounds of the module to figure out where the
signature is.
Rusty Russell ru...@ozlabs.org wrote:
Sure, you now need to re-append that after stripping, but that's not the
kernel's problem.
You may also have to remove the signature before passing it to any
binutils tool lest it malfunction on the trailer
Well, you're already on your own if
Rusty Russell ru...@ozlabs.org wrote:
I think you misunderstand, I'm talking about the modinfo command, not
the .modinfo section.
Sorry, yes. But why do you need to enhance modinfo?
But I need to know exactly what these version-dependent mangling of
modules is. Is it real? Is it more
Rusty Russell ru...@ozlabs.org wrote:
OK, then you need to generate stripped modules as part of the build,
too. It's a bit of a pain, sure, but hardly a showstopper.
They'd have to be maximally stripped so that mkinitrd doesn't do anything to
them, but you'd then get the debuginfo from them
Rusty Russell ru...@ozlabs.org wrote:
We can have false positives, but at worst that make us report EINVAL
(bad signature) instead of ENOENT (no signature).
EKEYREJECTED please; that way it's the same as RHEL does now.
OK, sure (who knew that was there?).
Second paragraph in the
Mimi Zohar zo...@linux.vnet.ibm.com wrote:
Nice! Basically the 'crypto' key type ties crypto/ with security/keys.
Other than the posted pgp key parser used for verifying kernel module
signatures, I assume another use case could be to expose kernel
cryptography to userspace. As there was a
Kasatkin, Dmitry dmitry.kasat...@intel.com wrote:
It would also nice to have an API to supply pre-computed data hash. For
example IMA uses the same functionality to compute the hash of the file
content, and then, based on security.ima type decided either verify it using
just hash, or use
Kasatkin, Dmitry dmitry.kasat...@intel.com wrote:
Synchronous hash SHASH is used only for software hash implementation...
HW acceleration is not supported by this hash.
It is good for short data.
But when calculating a hash over long data as files can be,
async hash AHASH is a preferred
Kasatkin, Dmitry dmitry.kasat...@intel.com wrote:
Yes. it is clear...
Would it be possible to have pass data (uncompleted) hash?
Yes, provided it's not finalised. Also, with the current code it would have
to be a shash, but I think I should be able to support the passing in of an
async hash
Kasatkin, Dmitry dmitry.kasat...@intel.com wrote:
I thought about export/import.
But I think export/Import is hash driver implementation specific...
Cannot use ahash state for shash...
Yeah... I'll have to consult Herbert Xu about that.
As you said in repose to later patch, you could
the registry enum representing the OID if found or
OID__NR if not.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/oid_registry.h | 90 ++
lib/.gitignore |2
lib/Kconfig |5 +
lib/Makefile | 16 +++
lib
would be produced or more than 256 actions have been specified as it uses
8-bit jump values and action indices to keep space usage down.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/asn1.h | 67 ++
include/linux/asn1_ber_bytecode.h | 87 ++
init/Kconfig
void *, size_t);
This is useful for reading ASN.1 integer primitives where the length is encoded
in the ASN.1 metadata.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/mpi.h |1 +
lib/mpi/mpicoder.c | 55 +++
2 files
: X509.RSA 0c688c7b []
Signed-off-by: David Howells dhowe...@redhat.com
---
crypto/asymmetric_keys/.gitignore |1
crypto/asymmetric_keys/Kconfig| 10 +
crypto/asymmetric_keys/Makefile | 17 +
crypto/asymmetric_keys/x509.asn1 | 60 +++
crypto
Add a subtype for supporting asymmetric public-key encryption algorithms such
as DSA (FIPS-186) and RSA (PKCS#1 / RFC1337).
Signed-off-by: David Howells dhowe...@redhat.com
---
crypto/asymmetric_keys/Kconfig |8 +++
crypto/asymmetric_keys/Makefile |2 +
crypto/asymmetric_keys
Reinstate and export mpi_cmp() and mpi_cmp_ui() from the MPI library for use by
RSA signature verification as per RFC3447 section 5.2.2 step 1.
Signed-off-by: David Howells dhowe...@redhat.com
---
lib/mpi/Makefile |1 +
lib/mpi/mpi-cmp.c | 70
Implement RSA public key cryptography [PKCS#1 / RFC3447]. At this time, only
the signature verification algorithm is supported. This uses the asymmetric
public key subtype to hold its key data.
Signed-off-by: David Howells dhowe...@redhat.com
---
crypto/asymmetric_keys/Kconfig |7
code.
Thanks to Tomas Mraz and Miloslav Trmac for help.
Signed-off-by: Milan Broz mb...@redhat.com
Signed-off-by: David Howells dhowe...@redhat.com
---
crypto/asymmetric_keys/rsa.c | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/crypto/asymmetric_keys/rsa.c
construct. Similarly, the decoder is limited to a maximum of 10 levels
of constructed data outside of a leaf node also in an effort to keep stack
usage down.
These restrictions can be raised if necessary.
Signed-off-by: David Howells dhowe...@redhat.com
---
include/linux/asn1_decoder.h | 24
1 - 100 of 302 matches
Mail list logo