Index: src/aureport-output.c
===================================================================
--- src/aureport-output.c	(revision 400)
+++ src/aureport-output.c	(working copy)
@@ -600,7 +600,7 @@
 			// auid type success event
 			printf("%s %s %s %lu\n",
 				aulookup_uid(l->s.loginuid, name, sizeof(name)),
-				audit_msg_type_to_name(l->head->type),
+				audit_msg_type_to_name(l->cur->type),
 				aulookup_success(l->s.success),
 				l->e.serial);
 			break;
Index: src/ausearch-llist.c
===================================================================
--- src/ausearch-llist.c	(revision 400)
+++ src/ausearch-llist.c	(working copy)
@@ -245,3 +245,22 @@
 	return NULL;
 }
 
+
+lnode *list_find_next_msg_range(llist *l, int low, int high)
+{
+        register lnode *window;
+
+	if (high <= low)
+		return NULL;
+
+       	window = l->cur->next;
+	while (window) {
+		if (window->type >= low && window->type <= high) {
+			l->cur = window;
+			return window;
+		} else
+			window = window->next;
+	}
+	return NULL;
+}
+
Index: src/aureport-scan.c
===================================================================
--- src/aureport-scan.c	(revision 400)
+++ src/aureport-scan.c	(working copy)
@@ -420,8 +420,12 @@
 		case RPT_CRYPTO:
 			if (list_find_msg_range(l, AUDIT_FIRST_KERN_CRYPTO_MSG,
 						AUDIT_LAST_KERN_CRYPTO_MSG)) {
-				ilist_add_if_uniq(&sd.crypto_list, 
-							l->head->type, 0);
+				do
+					ilist_add_if_uniq(&sd.crypto_list,
+							  l->cur->type, 0);
+				while (list_find_next_msg_range(l,
+						AUDIT_FIRST_KERN_CRYPTO_MSG,
+						AUDIT_LAST_KERN_CRYPTO_MSG));
 			} else {
 				if (list_find_msg_range(l, 
 					AUDIT_FIRST_CRYPTO_MSG,
@@ -663,7 +667,11 @@
 				if (list_find_msg_range(l, 
 						AUDIT_FIRST_KERN_CRYPTO_MSG,
 						AUDIT_LAST_KERN_CRYPTO_MSG)) {
-					print_per_event_item(l);
+					do
+						print_per_event_item(l);
+					while (list_find_next_msg_range(l,
+						AUDIT_FIRST_KERN_CRYPTO_MSG,
+						AUDIT_LAST_KERN_CRYPTO_MSG));
 					rc = 1;
 				} else {
 					if (list_find_msg_range(l, 
Index: src/ausearch-llist.h
===================================================================
--- src/ausearch-llist.h	(revision 400)
+++ src/ausearch-llist.h	(working copy)
@@ -107,5 +107,8 @@
 /* Given two message types, find the first matching node */
 lnode *list_find_msg_range(llist *l, int low, int high);
 
+/* Given two message types, find the next matching node */
+lnode *list_find_next_msg_range(llist *l, int low, int high);
+
 #endif
 
Index: lib/errormsg.h
===================================================================
--- lib/errormsg.h	(revision 400)
+++ lib/errormsg.h	(working copy)
@@ -54,5 +54,6 @@
     { -19,    0,    "Key field needs a watch or syscall given prior to it" },
     { -20,    2,    "-F missing value after operation for" },
     { -21,    2,    "-F value should be number for" },
-    { -22,    2,    "-F missing field name before operator for" }
+    { -22,    2,    "-F missing field name before operator for" },
+    { -23,    2,    "-F unknown crypto_op - " }
 };
Index: lib/fieldtab.h
===================================================================
--- lib/fieldtab.h	(revision 400)
+++ lib/fieldtab.h	(working copy)
@@ -45,6 +45,7 @@
 _S(AUDIT_OBJ_TYPE,     "obj_type"     )
 _S(AUDIT_OBJ_LEV_LOW,  "obj_lev_low"  )
 _S(AUDIT_OBJ_LEV_HIGH, "obj_lev_high" )
+_S(AUDIT_CRYPTO_OP,    "crypto_op"    )
 
 _S(AUDIT_DEVMAJOR,     "devmajor"     )
 _S(AUDIT_DEVMINOR,     "devminor"     )
Index: lib/msg_typetab.h
===================================================================
--- lib/msg_typetab.h	(revision 400)
+++ lib/msg_typetab.h	(working copy)
@@ -122,6 +122,9 @@
 _S(AUDIT_MAC_IPSEC_EVENT,            "MAC_IPSEC_EVENT"               )
 _S(AUDIT_MAC_UNLBL_STCADD,           "MAC_UNLBL_STCADD"              )
 _S(AUDIT_MAC_UNLBL_STCDEL,           "MAC_UNLBL_STCDEL"              )
+_S(AUDIT_CRYPTO_STORAGE_KEY,         "CRYPTO_STORAGE_KEY"            )
+_S(AUDIT_CRYPTO_USERSPACE_OP,        "CRYPTO_USERSPACE_OP"           )
+_S(AUDIT_CRYPTO_KEY_VALUE,           "CRYPTO_KEY_VALUE"              )
 _S(AUDIT_ANOM_PROMISCUOUS,           "ANOM_PROMISCUOUS"              )
 _S(AUDIT_ANOM_ABEND,                 "ANOM_ABEND"                    )
 _S(AUDIT_INTEGRITY_DATA,             "INTEGRITY_DATA"                )
Index: lib/libaudit.c
===================================================================
--- lib/libaudit.c	(revision 400)
+++ lib/libaudit.c	(working copy)
@@ -38,6 +38,8 @@
 #include <fcntl.h>	/* O_NOFOLLOW needs gnu defined */
 #include <limits.h>	/* for PATH_MAX */
 
+#include "gen_tables.h"
+#include "crypto_ops.h"
 #include "libaudit.h"
 #include "private.h"
 #include "errormsg.h"
@@ -1109,6 +1111,21 @@
 			else 
 				return -21;
 			break;
+		case AUDIT_CRYPTO_OP:
+			if (flags != AUDIT_FILTER_EXIT)
+				return -7;
+			if (isdigit((unsigned char)*v))
+				rule->values[rule->field_count] =
+					strtoul(v, NULL, 0);
+			else {
+				int op;
+
+				if (crypto_op_s2i(v, &op) != 0)
+					rule->values[rule->field_count] = op;
+				else
+					return -23;
+			}
+			break;
 		case AUDIT_DEVMAJOR...AUDIT_INODE:
 		case AUDIT_SUCCESS:
 			if (flags != AUDIT_FILTER_EXIT)
Index: lib/libaudit.h
===================================================================
--- lib/libaudit.h	(revision 400)
+++ lib/libaudit.h	(working copy)
@@ -118,6 +118,11 @@
 #endif
 
 #define AUDIT_FIRST_KERN_CRYPTO_MSG	1600
+#define AUDIT_CRYPTO_STORAGE_KEY	1600 /* Key storage key configured */
+#define AUDIT_CRYPTO_USERSPACE_OP	1601 /* User-space crypto operation */
+#define AUDIT_CRYPTO_KEY_VALUE		1602 /* Public values of a key,
+						immediatelly follows
+						USERSPACE_OP. */
 #define AUDIT_LAST_KERN_CRYPTO_MSG	1699
 
 #define AUDIT_FIRST_KERN_ANOM_MSG	1700
@@ -201,7 +206,22 @@
 #define AUDIT_LAST_USER_MSG2   2999
 #endif
 
+#define AUDIT_CRYPTO_OP	24
 
+#define AUDIT_CRYPTO_OP_CONTEXT_NEW	1
+#define AUDIT_CRYPTO_OP_CONTEXT_DEL	2
+#define AUDIT_CRYPTO_OP_SESSION_INIT	3
+#define AUDIT_CRYPTO_OP_SESSION_OP	4
+#define AUDIT_CRYPTO_OP_SESSION_FINAL	5
+#define AUDIT_CRYPTO_OP_KEY_IMPORT	6
+#define AUDIT_CRYPTO_OP_KEY_EXPORT	7
+#define AUDIT_CRYPTO_OP_KEY_WRAP	8
+#define AUDIT_CRYPTO_OP_KEY_UNWRAP	9
+#define AUDIT_CRYPTO_OP_KEY_GEN		10
+#define AUDIT_CRYPTO_OP_KEY_DERIVE	11
+#define AUDIT_CRYPTO_OP_KEY_ZEROIZE	12
+#define AUDIT_CRYPTO_OP_KEY_GET_INFO	13
+
 /* This is related to the filterkey patch */
 #define AUDIT_KEY_SEPARATOR 0x01
 
Index: lib/crypto_ops_table.h
===================================================================
--- lib/crypto_ops_table.h	(revision 0)
+++ lib/crypto_ops_table.h	(revision 0)
@@ -0,0 +1,35 @@
+/* crypto_ops_table.h --
+ * Copyright 2010 Red Hat Inc., Durham, North Carolina.
+ * All Rights Reserved.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *
+ * Authors:
+ *      Miloslav Trmač <mitr@redhat.com>
+ */
+
+_S(AUDIT_CRYPTO_OP_CONTEXT_NEW,   "context_new")
+_S(AUDIT_CRYPTO_OP_CONTEXT_DEL,   "context_del")
+_S(AUDIT_CRYPTO_OP_SESSION_INIT,  "session_init")
+_S(AUDIT_CRYPTO_OP_SESSION_OP,    "session_op")
+_S(AUDIT_CRYPTO_OP_SESSION_FINAL, "session_final")
+_S(AUDIT_CRYPTO_OP_KEY_IMPORT,    "key_import")
+_S(AUDIT_CRYPTO_OP_KEY_EXPORT,    "key_export")
+_S(AUDIT_CRYPTO_OP_KEY_WRAP,      "key_wrap")
+_S(AUDIT_CRYPTO_OP_KEY_UNWRAP,    "key_unwrap")
+_S(AUDIT_CRYPTO_OP_KEY_GEN,       "key_gen")
+_S(AUDIT_CRYPTO_OP_KEY_DERIVE,    "key_derive")
+_S(AUDIT_CRYPTO_OP_KEY_ZEROIZE,   "key_zeroize")
+_S(AUDIT_CRYPTO_OP_KEY_GET_INFO,  "key_get_info")
Index: lib/Makefile.am
===================================================================
--- lib/Makefile.am	(revision 400)
+++ lib/Makefile.am	(working copy)
@@ -37,7 +37,7 @@
 libaudit_la_LDFLAGS = -Wl,-z,relro -version-info $(VERSION_INFO)
 nodist_libaudit_la_SOURCES = $(BUILT_SOURCES)
 
-BUILT_SOURCES = actiontabs.h errtabs.h fieldtabs.h flagtabs.h \
+BUILT_SOURCES = actiontabs.h crypto_ops.h errtabs.h fieldtabs.h flagtabs.h \
 	ftypetabs.h i386_tables.h ia64_tables.h machinetabs.h \
 	msg_typetabs.h optabs.h ppc_tables.h s390_tables.h \
 	s390x_tables.h x86_64_tables.h
@@ -47,8 +47,8 @@
 if USE_ARMEB
 BUILT_SOURCES += armeb_tables.h
 endif
-noinst_PROGRAMS = gen_actiontabs_h gen_errtabs_h gen_fieldtabs_h \
-	gen_flagtabs_h gen_ftypetabs_h gen_i386_tables_h \
+noinst_PROGRAMS = gen_actiontabs_h gen_crypto_ops_h gen_errtabs_h \
+	gen_fieldtabs_h gen_flagtabs_h gen_ftypetabs_h gen_i386_tables_h \
 	gen_ia64_tables_h gen_machinetabs_h gen_msg_typetabs_h \
 	gen_optabs_h gen_ppc_tables_h gen_s390_tables_h \
 	gen_s390x_tables_h gen_x86_64_tables_h
@@ -77,6 +77,11 @@
 	./gen_armeb_tables_h --lowercase --i2s --s2i armeb_syscall > $@
 endif
 
+gen_crypto_ops_h_SOURCES = gen_tables.c gen_tables.h crypto_ops_table.h
+gen_crypto_ops_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="crypto_ops_table.h"'
+crypto_ops.h: gen_crypto_ops_h Makefile
+	./gen_crypto_ops_h --lowercase --s2i crypto_op > $@
+
 gen_errtabs_h_SOURCES = gen_tables.c gen_tables.h errtab.h
 gen_errtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="errtab.h"'
 errtabs.h: gen_errtabs_h Makefile