,Your urgent confirmation

Attn: Beneficiary, We have contacted the Federal Ministry of Finance on your Behalf and they have brought a solution to your problem by coordinating your payment in total (10,000,000.00) Ten Million Dollars in an atm card which you can use to withdraw money from any ATM MACHINE CENTER anywhere in

[RFC v2 5/5] tpm2-sessions: NOT FOR COMMITTING add sessions testing

>From f69d2ec1bdddefa87c7130699c797cd5e24fcaf2 Mon Sep 17 00:00:00 2001 This runs through a preset sequence using sessions to demonstrate that the session handling code functions. It does both HMAC, encryption and decryption by testing an encrypted sealing operation with authority and proving

[RFC v2 3/5] tpm2: add hmac checks to tpm2_pcr_extend()

We use tpm2_pcr_extend() in trusted keys to extend a PCR to prevent a key from being re-loaded until the next reboot. To use this functionality securely, that extend must be protected by a session hmac. Signed-off-by: James Bottomley ---

[RFC v2 2/5] tpm2-sessions: Add full HMAC and encrypt/decrypt session handling

This code adds true session based HMAC authentication plus parameter decryption and response encryption using AES. The basic design of this code is to segregate all the nasty crypto, hash and hmac code into tpm2-sessions.c and export a usable API. The API first of all starts off by gaining a

[RFC v2 1/5] tpm-buf: create new functions for handling TPM buffers

This separates out the old tpm_buf_... handling functions from static inlines into tpm.h and makes them their own tpm-buf.c file. It also adds handling for tpm2b structures and also incremental pointer advancing parsers. Signed-off-by: James Bottomley ---

[RFC 0/5] add integrity and security to TPM2 transactions

By now, everybody knows we have a problem with the TPM2_RS_PW easy button on TPM2 in that transactions on the TPM bus can be intercepted and altered.  The way to fix this is to use real sessions for HMAC capabilities to ensure integrity and to use parameter and response encryption to ensure

[PATCH] crypto/ecc: Remove stack VLA usage

On the quest to remove all VLAs from the kernel[1], this switches to a pair of kmalloc regions instead of using the stack. This also moves the get_random_bytes() after all allocations (and drops the needless "nbytes" variable). [1] https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Kees Cook

Re: [PATCH v3 3/4] crypto: jz4780-rng: Add RNG node to jz4780.dtsi

On Wed, Mar 7, 2018 at 8:54 AM, PrasannaKumar Muralidharan wrote: > Hi Rob, > > On 6 March 2018 at 19:25, Rob Herring wrote: >> On Tue, Mar 6, 2018 at 3:32 AM, James Hogan wrote: >>> On Mon, Sep 18, 2017 at 07:32:40PM +0530,

Re: [PATCH v3 3/4] crypto: jz4780-rng: Add RNG node to jz4780.dtsi

Hi PrasannaKumar, Le 2018-03-07 15:51, PrasannaKumar Muralidharan a écrit : Hi Paul, On 7 March 2018 at 04:31, Paul Cercueil wrote: Le 2018-03-06 10:32, James Hogan a écrit : On Mon, Sep 18, 2017 at 07:32:40PM +0530, PrasannaKumar Muralidharan wrote: Add RNG node to

Re: [PATCH] X.509: unpack RSA signatureValue field from BIT STRING

On 07.03.2018 16:44, David Howells wrote: > Maciej S. Szmigiero wrote: > >> +if (!strcmp(ctx->cert->sig->pkey_algo, "rsa")) { > > I'm going to change this to '== 0' rather than '!'. No problem. > David > Thanks, Maciej

[PATCH] crypto/ccp - Fill the result buffer only on digest, finup, and final ops

Any change to the result buffer should only happen on final, finup and digest operations. Changes to the buffer for update, import, export, etc, are not allowed. Fixes: 66d7b9f6175e ("crypto: testmgr - test misuse of result in ahash") Signed-off-by: Gary R Hook Cc:

[PATCH] crypto/ccp: Validate buffer lengths for copy operations

The CCP driver copies data between scatter/gather lists and DMA buffers. The length of the requested copy operation must be checked against the available destination buffer length. Reported-by: Maciej S. Szmigiero Signed-off-by: Gary R Hook --- 0

Re: [PATCH v2 2/2] hwrng: mxc-rnga - add driver support on boards with device tree

On Tue, 6 Mar 2018 00:21:00 +0200 Vladimir Zapolskiy wrote: > The driver works well on i.MX31 powered boards with device description > taken from board device tree, the only change to add to the driver is > the missing OF device id, the affected list of included headers and >

Re: [PATCH] X.509: unpack RSA signatureValue field from BIT STRING

Maciej S. Szmigiero wrote: > + if (!strcmp(ctx->cert->sig->pkey_algo, "rsa")) { I'm going to change this to '== 0' rather than '!'. David

Re: [PATCH v9 crypto 08/12] chtls: Key program

2018-03-06, 21:09:27 +0530, Atul Gupta wrote: [snip] > +static int chtls_set_tcb_field(struct sock *sk, u16 word, u64 mask, u64 val) > +{ > + struct chtls_sock *csk = rcu_dereference_sk_user_data(sk); > + struct sk_buff *skb; > + struct cpl_set_tcb_field *req; > + struct

Re: [PATCH v3 3/4] crypto: jz4780-rng: Add RNG node to jz4780.dtsi

Hi Rob, On 6 March 2018 at 19:25, Rob Herring wrote: > On Tue, Mar 6, 2018 at 3:32 AM, James Hogan wrote: >> On Mon, Sep 18, 2017 at 07:32:40PM +0530, PrasannaKumar Muralidharan wrote: >>> Add RNG node to jz4780 dtsi. This driver uses registers that are

Re: [PATCH v3 3/4] crypto: jz4780-rng: Add RNG node to jz4780.dtsi

Hi Paul, On 7 March 2018 at 04:31, Paul Cercueil wrote: > Le 2018-03-06 10:32, James Hogan a écrit : >> >> On Mon, Sep 18, 2017 at 07:32:40PM +0530, PrasannaKumar Muralidharan >> wrote: >>> >>> Add RNG node to jz4780 dtsi. This driver uses registers that are part of >>> the

Re: [PATCH v3 0/4] crypto: AF_ALG AIO improvements

On Tue, Feb 27, 2018 at 03:08:58PM +0100, Stephan Müller wrote: > Am Freitag, 23. Februar 2018, 13:00:26 CET schrieb Herbert Xu: > > Hi Herbert, > > > On Fri, Feb 23, 2018 at 09:33:33AM +0100, Stephan Müller wrote: > > > A simple copy operation, however, will imply that in one AIO recvmsg > > >

Re: [PATCH v9 crypto 06/12] cxgb4: LLD driver changes to enable TLS

2018-03-06, 21:09:25 +0530, Atul Gupta wrote: > Read FW capability. Read key area size. Dump the TLS record count. That's not a really helpful commit message. Have a look at other commit messages and try to be more descriptive. It's also not clear if those changes belong together in one patch,

Re: [PATCH v9 crypto 02/12] ethtool: enable Inline TLS in HW

On 3/7/2018 6:05 PM, Sabrina Dubroca wrote: > Since you're saying the driver supports offloading TLS records to the > HW, why not call the feature "record offloading"? With, for example, > NETIF_F_HW_TLS_RECORD as the feature, and maybe "tls-hw-record" for > the ethtool string. This "Inline

Re: [PATCH v9 crypto 02/12] ethtool: enable Inline TLS in HW

Since you're saying the driver supports offloading TLS records to the HW, why not call the feature "record offloading"? With, for example, NETIF_F_HW_TLS_RECORD as the feature, and maybe "tls-hw-record" for the ethtool string. This "Inline TLS" name sounds rather like marketing to me.

Re: [RESEND PATCH v3] crypto: add zBeWalgo compression for zram

Hi Eric, On 06.03.2018 at 23:13, Eric Biggers wrote: > > Hi Benjamin, > > On Tue, Mar 06, 2018 at 09:23:08PM +0100, Benjamin Warnke wrote: >> Currently ZRAM uses compression-algorithms from the crypto-api. ZRAM >> compresses each page individually. As a result the compression algorithm is >>

Re: [PATCH v9 crypto 00/12] Chelsio Inline TLS

On 3/7/2018 3:53 PM, Sabrina Dubroca wrote: > 2018-03-06, 21:05:23 +0530, Atul Gupta wrote: >> Series for Chelsio Inline TLS driver (chtls) >> >> Use tls ULP infrastructure to register chtls as Inline TLS driver. >> Chtls use TCP Sockets to transmit and receive TLS record. TCP proto_ops is >>

Re: [PATCH v9 crypto 01/12] tls: tls_device struct to register TLS drivers

On 3/7/2018 3:46 PM, Sabrina Dubroca wrote: > Hello Atul, > > One quick note before you start replying: please fix your email > client, as you've been told before. Quoting has to add a quoting > marker (the '>' character) at the beginning of the line, otherwise > it's impossible to separate your

Re: [RESEND PATCH v3] crypto: add zBeWalgo compression for zram

Hello, On(07/03/2018 03:12),Sergey Senozhatsky wrote: > > Hello, > > On (03/06/18 20:59), Benjamin Warnke wrote: >> Currently ZRAM uses compression-algorithms from the crypto-api. ZRAM >> compresses each page individually. As a result the compression algorithm >> is >> forced to use a

[PATCH v2] crypto: hash.h: Prevent use of req->result in ahash update

Prevent improper use of req->result field in ahash update, init, export and import functions in drivers code. A driver should use ahash request context if it needs to save internal state. Signed-off-by: Kamil Konieczny --- version 2: Change req->digest to

Re: [PATCH] crypto: hash.h: Prevent use of req->digest in ahash update

On 06.03.2018 19:04, Tom Lendacky wrote: > On 3/6/2018 5:45 AM, Kamil Konieczny wrote: >> Prevent improper use of req->digest field in ahash update, init, export and > > Shouldn't that be req->result (here and below)? Yes, it should, I will send version 2 soon, thank you. Best regards, Kamil

Re: [PATCH v9 crypto 01/12] tls: tls_device struct to register TLS drivers

Hello Atul, One quick note before you start replying: please fix your email client, as you've been told before. Quoting has to add a quoting marker (the '>' character) at the beginning of the line, otherwise it's impossible to separate your reply from the email you're quoting. 2018-03-06,