Re: [PATCH] talitos: handle descriptor not found in error path

2011-10-19 Thread Herbert Xu 
On Tue, Oct 18, 2011 at 11:17:00AM -0500, Kim Phillips wrote:
>
> http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg05996.html
> 
> It makes IPSec AH work for async crypto implementations.

This needs to go through net...@vger.kernel.org.

Thanks,
-- 
Email: Herbert Xu 
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2.2 4/7] crypto: GnuPG based MPI lib - additional sources (part 4)

2011-10-19 Thread Dmitry Kasatkin 
Adds the multi-precision-integer maths library which was originally taken
from GnuPG and ported to the kernel by (among others) David Howells.
This version is taken from Fedora kernel 2.6.32-71.14.1.el6.
The difference is that checkpatch reported errors and warnings have been fixed.

This library is used to implemenet RSA digital signature verification
used in IMA/EVM integrity protection subsystem.

Due to patch size limitation, the patch is divided into 4 parts.

This code is unnecessary for RSA digital signature verification,
but for completeness it is included here and can be compiled,
if CONFIG_MPILIB_EXTRA is enabled.

Signed-off-by: Dmitry Kasatkin 

Signed-off-by: Dmitry Kasatkin 
---
 lib/Kconfig|   10 ++
 lib/mpi/Makefile   |   11 ++
 lib/mpi/generic_mpi-asm-defs.h |4 +
 lib/mpi/mpi-add.c  |  234 
 lib/mpi/mpi-cmp.c  |   68 
 lib/mpi/mpi-div.c  |  333 
 lib/mpi/mpi-gcd.c  |   59 +++
 lib/mpi/mpi-inline.c   |   31 
 lib/mpi/mpi-inv.c  |  187 ++
 lib/mpi/mpi-mpow.c |  133 
 lib/mpi/mpi-mul.c  |  194 +++
 lib/mpi/mpi-scan.c |  136 
 12 files changed, 1400 insertions(+), 0 deletions(-)
 create mode 100644 lib/mpi/generic_mpi-asm-defs.h
 create mode 100644 lib/mpi/mpi-add.c
 create mode 100644 lib/mpi/mpi-cmp.c
 create mode 100644 lib/mpi/mpi-div.c
 create mode 100644 lib/mpi/mpi-gcd.c
 create mode 100644 lib/mpi/mpi-inline.c
 create mode 100644 lib/mpi/mpi-inv.c
 create mode 100644 lib/mpi/mpi-mpow.c
 create mode 100644 lib/mpi/mpi-mul.c
 create mode 100644 lib/mpi/mpi-scan.c

diff --git a/lib/Kconfig b/lib/Kconfig
index f69ce08..b5dd7ef 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -286,4 +286,14 @@ config MPILIB
  It is used to implement RSA digital signature verification,
  which is used by IMA/EVM digital signature extension.
 
+config MPILIB_EXTRA
+   bool "Multiprecision maths library - additional sources"
+   depends on MPILIB
+   help
+ Multiprecision maths library from GnuPG.
+ It is used to implement RSA digital signature verification,
+ which is used by IMA/EVM digital signature extension.
+ This code in unnecessary for RSA digital signature verification,
+ and can be compiled if needed.  
+
 endmenu
diff --git a/lib/mpi/Makefile b/lib/mpi/Makefile
index 0c1c6c3..5756716 100644
--- a/lib/mpi/Makefile
+++ b/lib/mpi/Makefile
@@ -20,3 +20,14 @@ mpi-y = \
mpi-pow.o   \
mpiutil.o
 
+mpi-$(CONFIG_MPILIB_EXTRA) += \
+   mpi-add.o   \
+   mpi-div.o   \
+   mpi-cmp.o   \
+   mpi-gcd.o   \
+   mpi-inline.o\
+   mpi-inv.o   \
+   mpi-mpow.o  \
+   mpi-mul.o   \
+   mpi-scan.o  \
+
diff --git a/lib/mpi/generic_mpi-asm-defs.h b/lib/mpi/generic_mpi-asm-defs.h
new file mode 100644
index 000..047d1f5
--- /dev/null
+++ b/lib/mpi/generic_mpi-asm-defs.h
@@ -0,0 +1,4 @@
+/* This file defines some basic constants for the MPI machinery.  We
+ * need to define the types on a per-CPU basis, so it is done with
+ * this file here.  */
+#define BYTES_PER_MPI_LIMB  (SIZEOF_UNSIGNED_LONG)
diff --git a/lib/mpi/mpi-add.c b/lib/mpi/mpi-add.c
new file mode 100644
index 000..f56b9ba
--- /dev/null
+++ b/lib/mpi/mpi-add.c
@@ -0,0 +1,234 @@
+/* mpi-add.c  -  MPI functions
+ * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1994, 1996 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ *
+ * Note: This code is heavily based on the GNU MP Library.
+ *  Actually it's the same code with only minor changes in the
+ *  way the data is stored; this is to support the abstraction
+ *  of an optional secure memory allocation which may be used
+ *  to avoid revealing of sensitive data due to paging etc.
+ *  The GNU MP Library itself

[PATCH v2.2 5/7] crypto: digital signature verification support

2011-10-19 Thread Dmitry Kasatkin 
This patch implements RSA digital signature verification using GnuPG library.

The format of the signature and the public key is defined by their respective
headers. The signature header contains version information, algorithm,
and keyid, which was used to generate the signature.
The key header contains version and algorythim type.
The payload of the signature and the key are multi-precision integers.

The signing and key management utilities evm-utils provide functionality
to generate signatures and load keys into the kernel keyring.
When the key is added to the kernel keyring, the keyid defines the name
of the key.

Signed-off-by: Dmitry Kasatkin 
Acked-by: Mimi Zohar 
---
 Documentation/digsig.txt |   97 
 include/linux/digsig.h   |   64 +++
 lib/Kconfig  |8 ++
 lib/Makefile |1 +
 lib/digsig.c |  283 ++
 5 files changed, 453 insertions(+), 0 deletions(-)
 create mode 100644 Documentation/digsig.txt
 create mode 100644 include/linux/digsig.h
 create mode 100644 lib/digsig.c

diff --git a/Documentation/digsig.txt b/Documentation/digsig.txt
new file mode 100644
index 000..17dd866
--- /dev/null
+++ b/Documentation/digsig.txt
@@ -0,0 +1,97 @@
+Digital Signature Verification API
+
+CONTENTS
+
+1. Introduction
+2. API
+3. User-space utilities
+
+
+1. Introduction
+
+Digital signature verification API provides a method to verify digital 
signature.
+Currently digital signatures are used by the IMA/EVM integrity protection 
subsystem.
+
+Digital signature verification is implemented using cut-down kernel port of
+GnuPG multi-precision integers (MPI) library. The kernel port provides
+memory allocation errors handling, has been refactored according to kernel
+coding style, and checkpatch.pl reported errors and warnings have been fixed.
+
+Public key and signature consist of header and MPIs.
+
+struct pubkey_hdr {
+   uint8_t version;/* key format version */
+   time_t  timestamp;  /* key made, always 0 for now */
+   uint8_t algo;
+   uint8_t nmpi;
+   charmpi[0];
+} __packed;
+
+struct signature_hdr {
+   uint8_t version;/* signature format version */
+   time_t  timestamp;  /* signature made */
+   uint8_t algo;
+   uint8_t hash;
+   uint8_t keyid[8];
+   uint8_t nmpi;
+   charmpi[0];
+} __packed;
+
+keyid equals to SHA1[12-19] over the total key content.
+Signature header is used as an input to generate a signature.
+Such approach insures that key or signature header could not be changed.
+It protects timestamp from been changed and can be used for rollback
+protection.
+
+2. API
+
+API currently includes only 1 function:
+
+   digsig_verify() - digital signature verification with public key
+   
+
+/**
+ * digsig_verify() - digital signature verification with public key
+ * @keyring:   keyring to search key in
+ * @sig:   digital signature
+ * @sigen: length of the signature
+ * @data:  data
+ * @datalen:   length of the data
+ * @return:0 on success, -EINVAL otherwise
+ *
+ * Verifies data integrity against digital signature.
+ * Currently only RSA is supported.
+ * Normally hash of the content is used as a data for this function.
+ *
+ */
+int digsig_verify(struct key *keyring, const char *sig, int siglen,
+   const char *data, int datalen);
+
+3. User-space utilities
+
+The signing and key management utilities evm-utils provide functionality
+to generate signatures, to load keys into the kernel keyring.
+Keys can be in PEM or converted to the kernel format.
+When the key is added to the kernel keyring, the keyid defines the name
+of the key: 5D2B05FC633EE3E8 in the example bellow.
+
+Here is example output of the keyctl utility.
+
+$ keyctl show
+Session Keyring
+   -3 --alswrv  0 0  keyring: _ses
+603976250 --alswrv  0-1   \_ keyring: _uid.0
+81377 --alswrv  0 0   \_ user: kmk
+891974900 --alswrv  0 0   \_ encrypted: evm-key
+170323636 --alswrv  0 0   \_ keyring: _module
+548221616 --alswrv  0 0   \_ keyring: _ima
+128198054 --alswrv  0 0   \_ keyring: _evm
+
+$ keyctl list 128198054
+1 key in keyring:
+620789745: --alswrv 0 0 user: 5D2B05FC633EE3E8
+
+
+Dmitry Kasatkin
+06.10.2011
+
diff --git a/include/linux/digsig.h b/include/linux/digsig.h
new file mode 100644
index 000..efae755
--- /dev/null
+++ b/include/linux/digsig.h
@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2011 Nokia Corporation
+ * Copyright (C) 2011 Intel Corporation
+ *
+ * Author:
+ * Dmitry Kasatkin 
+ * 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Founda

[PATCH v2.2 3/7] crypto: GnuPG based MPI lib - make files (part 3)

2011-10-19 Thread Dmitry Kasatkin 
Adds the multi-precision-integer maths library which was originally taken
from GnuPG and ported to the kernel by (among others) David Howells.
This version is taken from Fedora kernel 2.6.32-71.14.1.el6.
The difference is that checkpatch reported errors and warnings have been fixed.

This library is used to implemenet RSA digital signature verification
used in IMA/EVM integrity protection subsystem.

Due to patch size limitation, the patch is divided into 4 parts.

Signed-off-by: Dmitry Kasatkin 
---
 lib/Kconfig  |7 +++
 lib/Makefile |2 ++
 lib/mpi/Makefile |   22 ++
 3 files changed, 31 insertions(+), 0 deletions(-)
 create mode 100644 lib/mpi/Makefile

diff --git a/lib/Kconfig b/lib/Kconfig
index 6c695ff..f69ce08 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -279,4 +279,11 @@ config CORDIC
 config LLIST
bool
 
+config MPILIB
+   tristate "Multiprecision maths library"
+   help
+ Multiprecision maths library from GnuPG.
+ It is used to implement RSA digital signature verification,
+ which is used by IMA/EVM digital signature extension.
+
 endmenu
diff --git a/lib/Makefile b/lib/Makefile
index d5d175c..97705ae 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -117,6 +117,8 @@ obj-$(CONFIG_CORDIC) += cordic.o
 
 obj-$(CONFIG_LLIST) += llist.o
 
+obj-$(CONFIG_MPILIB) += mpi/
+
 hostprogs-y:= gen_crc32table
 clean-files:= crc32table.h
 
diff --git a/lib/mpi/Makefile b/lib/mpi/Makefile
new file mode 100644
index 000..0c1c6c3
--- /dev/null
+++ b/lib/mpi/Makefile
@@ -0,0 +1,22 @@
+#
+# MPI multiprecision maths library (from gpg)
+#
+
+obj-$(CONFIG_MPILIB) = mpi.o
+
+mpi-y = \
+   generic_mpih-lshift.o   \
+   generic_mpih-mul1.o \
+   generic_mpih-mul2.o \
+   generic_mpih-mul3.o \
+   generic_mpih-rshift.o   \
+   generic_mpih-sub1.o \
+   generic_mpih-add1.o \
+   mpicoder.o  \
+   mpi-bit.o   \
+   mpih-cmp.o  \
+   mpih-div.o  \
+   mpih-mul.o  \
+   mpi-pow.o   \
+   mpiutil.o
+
-- 
1.7.4.1

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2.2 7/7] evm: digital signature verification support

2011-10-19 Thread Dmitry Kasatkin 
This patch adds support for digital signature verification to EVM.
With this feature file metadata can be protected using digital
signature instead of an HMAC. When building an image,
which has to be flashed to different devices, an HMAC cannot
be used to sign file metadata, because the HMAC key should be
different on every device.

Signed-off-by: Dmitry Kasatkin 
Acked-by: Mimi Zohar 
---
 security/integrity/evm/evm.h|   12 +
 security/integrity/evm/evm_crypto.c |   66 ++--
 security/integrity/evm/evm_main.c   |   94 ++-
 3 files changed, 142 insertions(+), 30 deletions(-)

diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h
index d320f51..c885247 100644
--- a/security/integrity/evm/evm.h
+++ b/security/integrity/evm/evm.h
@@ -12,14 +12,21 @@
  * File: evm.h
  *
  */
+
+#ifndef __INTEGRITY_EVM_H
+#define __INTEGRITY_EVM_H
+
 #include 
 #include 
+
 #include "../integrity.h"
 
 extern int evm_initialized;
 extern char *evm_hmac;
+extern char *evm_hash;
 
 extern struct crypto_shash *hmac_tfm;
+extern struct crypto_shash *hash_tfm;
 
 /* List of EVM protected security xattrs */
 extern char *evm_config_xattrnames[];
@@ -32,7 +39,12 @@ extern int evm_update_evmxattr(struct dentry *dentry,
 extern int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
 const char *req_xattr_value,
 size_t req_xattr_value_len, char *digest);
+extern int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
+const char *req_xattr_value,
+size_t req_xattr_value_len, char *digest);
 extern int evm_init_hmac(struct inode *inode, const struct xattr *xattr,
 char *hmac_val);
 extern int evm_init_secfs(void);
 extern void evm_cleanup_secfs(void);
+
+#endif
diff --git a/security/integrity/evm/evm_crypto.c 
b/security/integrity/evm/evm_crypto.c
index 5dd5b140..847a2d7 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -26,34 +26,48 @@ static unsigned char evmkey[MAX_KEY_SIZE];
 static int evmkey_len = MAX_KEY_SIZE;
 
 struct crypto_shash *hmac_tfm;
+struct crypto_shash *hash_tfm;
 
-static struct shash_desc *init_desc(void)
+static struct shash_desc *init_desc(const char type)
 {
int rc;
+   char *algo;
+   struct crypto_shash **tfm;
struct shash_desc *desc;
 
-   if (hmac_tfm == NULL) {
-   hmac_tfm = crypto_alloc_shash(evm_hmac, 0, CRYPTO_ALG_ASYNC);
-   if (IS_ERR(hmac_tfm)) {
+   if (type == EVM_XATTR_HMAC) {
+   tfm = &hmac_tfm;
+   algo = evm_hmac;
+   } else {
+   tfm = &hash_tfm;
+   algo = evm_hash;
+   }
+
+   if (*tfm == NULL) {
+   *tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC);
+   if (IS_ERR(*tfm)) {
pr_err("Can not allocate %s (reason: %ld)\n",
-  evm_hmac, PTR_ERR(hmac_tfm));
-   rc = PTR_ERR(hmac_tfm);
-   hmac_tfm = NULL;
+  algo, PTR_ERR(*tfm));
+   rc = PTR_ERR(*tfm);
+   *tfm = NULL;
return ERR_PTR(rc);
}
}
 
-   desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(hmac_tfm),
+   desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm),
GFP_KERNEL);
if (!desc)
return ERR_PTR(-ENOMEM);
 
-   desc->tfm = hmac_tfm;
+   desc->tfm = *tfm;
desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
 
-   rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len);
-   if (rc)
-   goto out;
+   if (type == EVM_XATTR_HMAC) {
+   rc = crypto_shash_setkey(*tfm, evmkey, evmkey_len);
+   if (rc)
+   goto out;
+   }
+
rc = crypto_shash_init(desc);
 out:
if (rc) {
@@ -97,9 +111,11 @@ static void hmac_add_misc(struct shash_desc *desc, struct 
inode *inode,
  * the hmac using the requested xattr value. Don't alloc/free memory for
  * each xattr, but attempt to re-use the previously allocated memory.
  */
-int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
- const char *req_xattr_value, size_t req_xattr_value_len,
- char *digest)
+static int evm_calc_hmac_or_hash(struct dentry *dentry,
+   const char *req_xattr_name,
+   const char *req_xattr_value,
+   size_t req_xattr_value_len,
+   char type, char *digest)
 {
struct inode *inode = dentry->d_inode;
struct shash_desc *desc;
@@ -111,7 +127,7 @@ int evm_calc_hmac(struct dentry *dentry, const char 
*req_xattr_name,
 
if (!inode->i_op || !inode->i_op->g

[PATCH v2.2 6/7] integrity: digital signature verification using multiple keyrings

2011-10-19 Thread Dmitry Kasatkin 
Define separate keyrings for each of the different use cases - evm, ima,
and modules. Using different keyrings improves search performance, and also
allows "locking" specific keyring to prevent adding new keys.
This is useful for evm and module keyrings, when keys are usually only
added from initramfs.

Signed-off-by: Dmitry Kasatkin 
---
 security/integrity/Kconfig |   14 +++
 security/integrity/Makefile|1 +
 security/integrity/digsig.c|   48 
 security/integrity/integrity.h |   20 
 4 files changed, 83 insertions(+), 0 deletions(-)
 create mode 100644 security/integrity/digsig.c

diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 4bf00ac..d87fa2a 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -3,5 +3,19 @@ config INTEGRITY
def_bool y
depends on IMA || EVM
 
+config INTEGRITY_DIGSIG
+   boolean "Digital signature verification using multiple keyrings"
+   depends on INTEGRITY
+   default n
+   select DIGSIG
+   help
+ This option enables digital signature verification support
+ using multiple keyrings. It defines separate keyrings for each
+ of the different use cases - evm, ima, and modules.
+ Different keyrings improves search performance, but also allow
+ to "lock" certain keyring to prevent adding new keys.
+ This is useful for evm and module keyrings, when keys are
+ usually only added from initramfs.
+
 source security/integrity/ima/Kconfig
 source security/integrity/evm/Kconfig
diff --git a/security/integrity/Makefile b/security/integrity/Makefile
index 0ae44ae..bece056 100644
--- a/security/integrity/Makefile
+++ b/security/integrity/Makefile
@@ -3,6 +3,7 @@
 #
 
 obj-$(CONFIG_INTEGRITY) += integrity.o
+obj-$(CONFIG_INTEGRITY_DIGSIG) += digsig.o
 
 integrity-y := iint.o
 
diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
new file mode 100644
index 000..b5d1e01
--- /dev/null
+++ b/security/integrity/digsig.c
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2011 Intel Corporation
+ *
+ * Author:
+ * Dmitry Kasatkin 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2 of the License.
+ *
+ */
+
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
+#include 
+#include 
+#include 
+#include 
+
+#include "integrity.h"
+
+static struct key *keyring[INTEGRITY_KEYRING_MAX];
+
+static const char *keyring_name[INTEGRITY_KEYRING_MAX] = {
+   "_evm",
+   "_module",
+   "_ima",
+};
+
+int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
+   const char *digest, int digestlen)
+{
+   if (id >= INTEGRITY_KEYRING_MAX)
+   return -EINVAL;
+
+   if (!keyring[id]) {
+   keyring[id] =
+   request_key(&key_type_keyring, keyring_name[id], NULL);
+   if (IS_ERR(keyring[id])) {
+   pr_err("no %s keyring: %ld\n", keyring_name[id],
+   PTR_ERR(keyring[id]));
+   keyring[id] = NULL;
+   return PTR_ERR(keyring[id]);
+   }
+   }
+
+   return digsig_verify(keyring[id], sig, siglen, digest, digestlen);
+}
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index e898094..9fc723b 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -51,5 +51,25 @@ struct integrity_iint_cache {
 struct integrity_iint_cache *integrity_iint_insert(struct inode *inode);
 struct integrity_iint_cache *integrity_iint_find(struct inode *inode);
 
+#define INTEGRITY_KEYRING_EVM  0
+#define INTEGRITY_KEYRING_MODULE   1
+#define INTEGRITY_KEYRING_IMA  2
+#define INTEGRITY_KEYRING_MAX  3
+
+#ifdef CONFIG_INTEGRITY_DIGSIG
+
+int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
+   const char *digest, int digestlen);
+
+#else
+
+static inline int integrity_digsig_verify(const unsigned int id, const char 
*sig, int siglen,
+   const char *digest, int digestlen)
+{
+   return -EOPNOTSUPP;
+}
+
+#endif /* CONFIG_INTEGRITY_DIGSIG */
+
 /* set during initialization */
 extern int iint_initialized;
-- 
1.7.4.1

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2.2 0/7] evm: digital signature verification extension

2011-10-19 Thread Dmitry Kasatkin 
Hello,

Changes in version 2.2:
* uses EXPORT_SYMBOL_GPL
* disabled code removed
* removed casting after kmalloc

Changes to version 2.1:
* MPI lib moved to /lib directory.
* added configuration option CONFIG_MPILIB_EXTRA to exclude building
  a part of MPI library, which is not used in RSA impelementation.
* added API documentation
* added Documentation for digsig
* splitted evm digital signature verification patch into 2.
  Common code will be used by IMA digital singnature verification.

Changes to version 2.0:
* MPI patch has been split to smaller in order to go to mailing lists.
  First 2 patches include only source and header files which are needed
  to build ksign verification. Headers and sources are split just to
  meet 100k kernel.org limit.
  Last patch adds all rest soures from original ported MPI library.
  
Changes to version 1.1:
* GnuPG MPI library has been refactored with lindent and checkpatch errors
  and warnings has been fixed.
* creation of evm keyring has been remove. It is done now in user space.
* related ksign and evm patches has been squashed.
* patch descriptions has been updated.
 
As EVM patches were recently merged to security-testing-2.6#next,
it is a good time to resend evm signature verification patches for active
discussion. Last time I forgot --cc linux-crypto. Here it is.

This patchset introduces digital signature extensions for the IMA/EVM kernel
integrity subsystem and is applied on the top of the EVM patches posted to
LSM mailing list earlier.

Currently EVM stores the HMAC in security.evm to verify integrity of the
file's metadata. This is quite sufficient for individually installed systems,
where a system unique HMAC key can be provisioned and the initial filesystem
labeling can be done.

Software installation for consumer electronics or embedded devices is usually
done via flashing a filesystem image. Initial filesystem image labeling is done
during image creation process. It either has to be done (1) using a system
unique HMAC key or (2) using an image specific HMAC key. In first case, those
keys are either unknown, or a unique image has to be created for thousand or
millions of devices, which is not feasible. The second case, using an image
specific HMAC key, would require (2.1) provisioning of the key to millions of
devices, which is not easily feasible or (2.1) encrypting the key with a shared
symmetric key which is not a strong security measure.

Digital signature extension for EVM provides a solution to perform labeling of
the image using a single digital private key and use a known public key to
verify the signature. For performance reasons, after verification, signature is
replaced with local HMAC.

Digital signature verification uses RSA algorithm, implemented using cut-down
port of multi-precision integers (MPI) library from GnuPG and has been taken
from RedHat Enterprise Linux kernel (MODSIGN patches). Decision to use this
library was made, because its performance was 2 times better than other ports
such as libtommath library.

The GnuPG MPI library patch was posted here on linux-crypto back in
http://www.mail-archive.com/linux-crypto@vger.kernel.org/msg05613.html.
Reason for upstreaming was that it to be a solid in-kernel user of the API.
Now with the recent merging of the EVM patches in linux-next via
security-testing-2.6/#next, MPI library is required for EVM digital signature
verification extension.

The motivation for integrity protection, in general, is to protect against
offline modifications. The runtime protection is ensured via access control
mechanisms.  Of particular importance is protecting users or owners from being
sold or given tampered devices, which can do nasty things such as spying or
stealing personal data. Integrity protection ensures that modifications of the
system will not remain undetected. The EVM digital signature extension makes
this feasible for consumerelectronics/embedded devices.

There is also a second patchset which implements digital signature support for
IMA-appraisal patchset, which is planned to be reviewed right after the
IMA-appaisal review.

All patches on the top of ima-2.6 (3.x.x) kernel are available here:
git://git.kernel.org/pub/scm/linux/kernel/git/kasatkin/ima-ksign.git
http://meego.gitorious.org/meego-platform-security/ima-ksign

Supporting utility for key handling and signing is available here:
http://meego.gitorious.org/meego-platform-security/evm-utils

Regards,
Dmitry

Dmitry Kasatkin (7):
  crypto: GnuPG based MPI lib - source files (part 1)
  crypto: GnuPG based MPI lib - header files (part 2)
  crypto: GnuPG based MPI lib - make files (part 3)
  crypto: GnuPG based MPI lib - additional sources (part 4)
  crypto: digital signature verification support
  integrity: digital signature verification using multiple keyrings
  evm: digital signature verification support

 Documentation/digsig.txt|   97 +++
 include/linux/digsig.h  |   64 ++
 include/linux/mpi.h |