- "Stefan Richter" wrote:
> Miloslav Trmač wrote:
> > --- /dev/null
> > +++ b/crypto/userspace/utils.c
> [...]
> > +#ifdef CONFIG_COMPAT
> > +/* max() is too clever for compile-time constants */
> > +#define CONST_MAX(A, B) ((A) > (B) ? (A) : (B))
> > +
> > +#define MAX_SESSION_INPUT_DATA_SIZE
On Fri, Aug 20, 2010 at 07:03:18PM +0200, Nikos Mavrogiannopoulos wrote:
> On 08/20/2010 03:56 PM, Ted Ts'o wrote:
> > On Fri, Aug 20, 2010 at 10:45:43AM +0200, Miloslav Trmač wrote:
> >> Hello, following is a patchset providing an user-space interface to
> >> the kernel crypto API. It is based on
On Fri, 20 Aug 2010 10:45:44 +0200 Miloslav Trmač wrote:
> +#define NCRIO_KEY_INIT _IO('c', 204)
> +/* generate a secret key */
> +#define NCRIO_KEY_GENERATE _IOWR('c', 205, struct ncr_key_generate)
> +/* generate a public key pair */
> +#define NCRIO_KEY_GENERATE_P
On 08/20/2010 03:56 PM, Ted Ts'o wrote:
> On Fri, Aug 20, 2010 at 10:45:43AM +0200, Miloslav Trmač wrote:
>> Hello, following is a patchset providing an user-space interface to
>> the kernel crypto API. It is based on the older, BSD-compatible,
>> implementation, but the user-space interface is di
On Fri, Aug 20, 2010 at 10:45:43AM +0200, Miloslav Trmač wrote:
> Hello, following is a patchset providing an user-space interface to
> the kernel crypto API. It is based on the older, BSD-compatible,
> implementation, but the user-space interface is different.
What's the goal of exporting the ke
This set of patches provides implementation of the driver for
OMAP2/3 AES hw accelerator.
Dmitry Kasatkin (2):
crypto: updates to enable omap aes
crypto: omap-aes: OMAP2/3 AES hw accelerator driver
arch/arm/mach-omap2/clock2420_data.c |2 +-
arch/arm/mach-omap2/clock2430_data.c |2 +-
Signed-off-by: Dmitry Kasatkin
---
drivers/crypto/Kconfig|8 +
drivers/crypto/Makefile |1 +
drivers/crypto/omap-aes.c | 948 +
3 files changed, 957 insertions(+), 0 deletions(-)
create mode 100644 drivers/crypto/omap-aes.c
diff --git a
Signed-off-by: Dmitry Kasatkin
---
arch/arm/mach-omap2/clock2420_data.c |2 +-
arch/arm/mach-omap2/clock2430_data.c |2 +-
arch/arm/mach-omap2/clock3xxx_data.c |2 +-
arch/arm/mach-omap2/devices.c| 71 ++
4 files changed, 74 insertions(+), 3 d
Miloslav Trmač wrote:
> --- /dev/null
> +++ b/crypto/userspace/utils.c
[...]
> +#ifdef CONFIG_COMPAT
> +/* max() is too clever for compile-time constants */
> +#define CONST_MAX(A, B) ((A) > (B) ? (A) : (B))
> +
> +#define MAX_SESSION_INPUT_DATA_SIZE \
> + (CONS
Miloslav Trmač wrote:
> --- /dev/null
> +++ b/include/linux/ncr.h
[...]
> +struct ncr_session_input_data {
> + const void __user *data;
> + __kernel_size_t data_size;
> +};
> +
> +struct ncr_session_output_buffer {
> + void __user *buffer;
> + __kernel_size_t buffer_size;
> + __
Not a good patch to start with, but the header file dependencies do not
allow otherwise.
(Reviewing this in detail is probably premature, we are considering
replacing the implementation by something based on libgcrypt, which is
more actively maintained and has been probably more thorouhgly examine
Pointers to this table are used to identify algorithms throughout the
code.
---
crypto/userspace/Makefile |2 +-
crypto/userspace/ncr-sessions.c | 150 +++
2 files changed, 151 insertions(+), 1 deletions(-)
create mode 100644 crypto/userspace/ncr-ses
Posted separately for review on linux-audit
---
include/linux/audit.h | 38 ++
kernel/auditfilter.c |2 +
kernel/auditsc.c | 136 +
3 files changed, 176 insertions(+), 0 deletions(-)
diff --git a/include/linux/audit.h b/incl
Add basic Diffie-Hellman implementation, because it is not provided by
libtomcrypt.
Finally, add an algorithm-independent pubkey interface that encapsulates
the separate pubkey algorithm implementations.
---
crypto/userspace/Makefile |2 +-
crypto/userspace/ncr-dh.c | 282 +++
This includes:
- ncr_key_init
- ncr_key_deinit
- ncr_key_export (as plaintext)
- ncr_key_import
- ncr_key_generate
- ncr_key_generate_pair
- ncr_key_derive
- ncr_key_get_info
and supporting infrastructure.
---
crypto/userspace/Makefile |2 +-
crypto/userspace/ncr-key.c | 689
---
crypto/userspace/cryptodev_main.c | 87 +
1 files changed, 87 insertions(+), 0 deletions(-)
diff --git a/crypto/userspace/cryptodev_main.c
b/crypto/userspace/cryptodev_main.c
index c6419f4..a6712db 100644
--- a/crypto/userspace/cryptodev_main.c
+++ b/cry
This includes:
- ncr_key_wrap
- ncr_key_unwrap
- ncr_key_storage_wrap
- ncr_key_storage_unwrap
---
crypto/userspace/Makefile |5 +-
crypto/userspace/ncr-key-storage.c | 136 +++
crypto/userspace/ncr-key-wrap.c| 763
crypto/userspace/ncr.c
This includes:
- ncr_session_init
- ncr_session_update
- ncr_session_final
- ncr_session_once
The ncr_session_*_from_nla() functions are separate from the main
session code because they belong into ncr.c along with other code that
deals directly with user-space data structures and handles
CONFIG_C
Add ioctl and compat_ioctl handling. This is the only file that
directly accesses structured data from userspace (other files may access
unformated data such as cipher input or multiple-precision integers).
Also add the last operation, ncr_master_key_set.
---
crypto/userspace/ncr.c | 405 ++
---
crypto/userspace/cryptodev_main.c | 130 +
1 files changed, 130 insertions(+), 0 deletions(-)
diff --git a/crypto/userspace/cryptodev_main.c
b/crypto/userspace/cryptodev_main.c
index a6712db..6ba9bd6 100644
--- a/crypto/userspace/cryptodev_main.c
+++ b/cr
Same as the previous patch - the header file dependencies do not allow
otherwise.
(Reviewing this in detail is probably premature, we are considering
replacing the implementation by something based on libgcrypt, which is
more actively maintained and has been probably more thorouhgly examined
for v
Main entry points:
NCR_GET_INPUT_ARGS:
Read a fixed struct and any attached attributes from userspace
NCR_GET_INPUT_ARGS_NO_OUTPUT:
Same as above, and inform the users the kernel will attach no
additional attributes.
NCR_OUT_INIT/ncr_out_free:
Allocate and free a
This encapsulates allocation/deallocation of all necessary objects,
dealing with the asynchronous nature of ablkcipher/ahash.
Long term, I'm not quite sure this layer makes sense; For now, it
provides a truly simple API for internal callers in libtomcrypt, at
least.
---
crypto/userspace/Makefile
Right now only key objects, not crypto sessions, are limited.
---
crypto/userspace/Makefile |2 +-
crypto/userspace/ncr-limits.c | 247 +
2 files changed, 248 insertions(+), 1 deletions(-)
create mode 100644 crypto/userspace/ncr-limits.c
diff --gi
That's it, .c files will finally follow in the next patch.
---
crypto/userspace/cryptodev_int.h | 82 +
crypto/userspace/ncr-dh.h| 25
crypto/userspace/ncr-int.h | 245 ++
crypto/userspace/ncr-pk.h| 55 +
4 f
---
crypto/Kconfig|5 +
crypto/Makefile |2 ++
crypto/userspace/Makefile |1 +
3 files changed, 8 insertions(+), 0 deletions(-)
create mode 100644 crypto/userspace/Makefile
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 81c185a..022768a 100644
--- a/cryp
This patch introduces the new user-space API, .
Quick overview:
* open("/dev/crypto") to get a FD, which acts as a namespace for key and
session identifiers.
* ioctl(NCRIO_KEY_INIT) to allocate a key object; then generate the key
material inside the kernel, load a plaintext key, unwrap a key
Hello,
following is a patchset providing an user-space interface to the kernel crypto
API. It is based on the older, BSD-compatible, implementation, but the
user-space interface is different.
Major changes since the previous post:
* "struct nlattr"-based extensible attributes used for extensibili
28 matches
Mail list logo