From: Stephan Mueller <smueller@chronox.de>
To: herbert@gondor.apana.org.au
Cc: Daniel Borkmann <dborkman@redhat.com>,
'Quentin Gouchet' <quentin.gouchet@gmail.com>,
'LKML' <linux-kernel@vger.kernel.org>,
linux-crypto@vger.kernel.org, linux-api@vger.kernel.org
Subject: [PATCH v4 0/5] crypto: AF_ALG: add AEAD and RNG support
Date: Wed, 03 Dec 2014 20:54:09 +0100 [thread overview]
Message-ID: <2105559.EmODblLYuY@tachyon.chronox.de> (raw)
Hi,
This patch set adds AEAD and RNG support to the AF_ALG interface
exported by the kernel crypto API. By extending AF_ALG with AEAD and RNG
support, all cipher types the kernel crypto API allows access to are
now accessible from userspace.
Both, AEAD and RNG implementations are stand-alone and do not depend
other AF_ALG interfaces (like hash or skcipher).
The AEAD implementation uses the same approach as provided with
skcipher by offering the following interfaces:
* sendmsg and recvmsg interfaces allowing multiple
invocations supporting a threaded user space. To support
multi-threaded user space, kernel-side buffering
is implemented similarly to skcipher.
* splice / vmsplice interfaces allowing a zero-copy
invocation
The RNG interface only implements the recvmsg interface as
zero-copy is not applicable.
The new AEAD and RNG interfaces are fully tested with the test application
provided at [1]. That test application exercises all newly added user space
interfaces. The testing covers:
* use of the sendmsg/recvmsg interface
* use of the splice / vmsplice interface
* invocation of all AF_ALG types (aead, rng, skcipher, hash)
* using all types of operation (encryption, decryption, keyed MD,
MD, random numbers, AEAD decryption with positive and negative
authentication verification)
* stress testing by running all tests for 30 minutes in an
endless loop
* test execution on 64 bit and 32 bit
[1] http://www.chronox.de/libkcapi.html
Changes v2:
* rebase to current cryptodev-2.6 tree
* use memzero_explicit to zeroize AEAD associated data
* use sizeof for determining length of AEAD associated data
* update algif_rng.c covering all suggestions from Daniel Borkmann
<dborkman@redhat.com>
* addition of patch 9: add digestsize interface for hashes
* addition of patch to update documentation covering the userspace interface
* change numbers of getsockopt options: separate them from sendmsg interface
definitions
Changes v3:
* remove getsockopt interface
* AEAD: associated data is set prepended to the plain/ciphertext
* AEAD: allowing arbitrary associated data lengths
* remove setkey patch as protection was already in the existing code
Changes v4:
* stand-alone implementation of AEAD
* testing of all interfaces offered by AEAD
* stress testing of AEAD and RNG
Stephan Mueller (5):
crypto: AF_ALG: add user space interface for AEAD
crypto: AF_ALG: add AEAD support
crypto: AF_ALG: enable AEAD interface compilation
crypto: AF_ALG: add random number generator support
crypto: AF_ALG: enable RNG interface compilation
crypto/Kconfig | 18 ++
crypto/Makefile | 2 +
crypto/af_alg.c | 6 +
crypto/algif_aead.c | 668 ++++++++++++++++++++++++++++++++++++++++++++
crypto/algif_rng.c | 186 ++++++++++++
include/crypto/if_alg.h | 1 +
include/uapi/linux/if_alg.h | 2 +
7 files changed, 883 insertions(+)
create mode 100644 crypto/algif_aead.c
create mode 100644 crypto/algif_rng.c
--
2.1.0
next reply other threads:[~2014-12-03 19:54 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-03 19:54 Stephan Mueller [this message]
2014-12-03 19:55 ` [PATCH v4 1/5] crypto: AF_ALG: add user space interface for AEAD Stephan Mueller
[not found] ` <4746255.Vltg6sM4x3-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-05 16:01 ` Herbert Xu
[not found] ` <2105559.EmODblLYuY-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-03 19:57 ` [PATCH v4 2/5] crypto: AF_ALG: add AEAD support Stephan Mueller
2014-12-05 15:46 ` Herbert Xu
2014-12-05 21:51 ` Stephan Mueller
2014-12-06 20:08 ` Stephan Mueller
[not found] ` <1677221.HN3xC7fa4q-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-06 23:27 ` Herbert Xu
[not found] ` <45756810.oFuGYtKPb9-PJstQz4BMNNP20K/wil9xYQuADTiUCJX@public.gmane.org>
2014-12-06 23:28 ` Herbert Xu
[not found] ` <20141205154606.GA30180-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2014-12-07 12:56 ` Stephan Mueller
2014-12-03 19:58 ` [PATCH v4 3/5] crypto: AF_ALG: enable AEAD interface compilation Stephan Mueller
2014-12-03 19:59 ` [PATCH v4 4/5] crypto: AF_ALG: add random number generator support Stephan Mueller
2014-12-05 15:53 ` Herbert Xu
[not found] ` <20141205155359.GA30224-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2014-12-05 22:02 ` Stephan Mueller
2014-12-03 19:59 ` [PATCH v4 5/5] crypto: AF_ALG: enable RNG interface compilation Stephan Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2105559.EmODblLYuY@tachyon.chronox.de \
--to=smueller@chronox.de \
--cc=dborkman@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-api@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=quentin.gouchet@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).