From: Stephan Mueller <smueller@chronox.de>
To: herbert@gondor.apana.org.au
Cc: tadeusz.struk@intel.com, linux-crypto@vger.kernel.org
Subject: [PATCH 0/3] AF_ALG interface for akcipher
Date: Wed, 22 Jul 2015 00:12:29 +0200 [thread overview]
Message-ID: <3908391.JkjAozYBaW@tachyon.chronox.de> (raw)
Hi,
The patchset provides the implementation of the AF_ALG userspace interface
for the asymmetric cipher API of the kernel crypto API.
Unlike any other crypto API, the akcipher API operates on linear buffers.
This implies that the AF_ALG interface also only operates with linear buffers
by allocating a kernel internal buffer of the size of the modulus as follows:
* sendmsg: Copy in all user data until the kernel buffer is full or
recvmsg is called. Multiple invocations of sendmsg are allowed to
provide data until the buffer is full.
* sendpage: The caller is allowed to only make one invocation to provide
the input data. Any subsequent invocation fails until the recvmsg has
been invoked to obtain the result.
Recvmsg copies out the calculation result to user space. It only copies out
the exact size of the calculated data set. recvmsg returns the size of the
data in the return code to user space. That value may be smaller than the
buffer size the caller was required to provide.
Note, setkey requires the key in BER format.
The sig ver operation may return EBADMSG which is returned by recvmsg without
sending the calcuated data to user space. This error message indicates a
signature verification failure.
Please note that the DocBook documentation extension for this interface will
come with a future patch set as the DocBook needs a general update (AEAD update,
akcipher addition).
The test code can be obtained from [1]. The test code uses the same vectors
as the testmgr.h file for testing the generic RSA implementation.
[1] http://www.chronox.de/libkcapi.html
Stephan Mueller (3):
crypto: af_alg - add sig gen / verify API
crypto: algif_akcipher user space interface
crypto: algif_akcipher - enable compilation
crypto/Kconfig | 9 +
crypto/Makefile | 1 +
crypto/algif_akcipher.c | 480 ++++++++++++++++++++++++++++++++++++++++++++
include/uapi/linux/if_alg.h | 2 +
4 files changed, 492 insertions(+)
create mode 100644 crypto/algif_akcipher.c
--
2.4.3
next reply other threads:[~2015-07-21 22:14 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-21 22:12 Stephan Mueller [this message]
2015-07-21 22:12 ` [PATCH 1/3] crypto: af_alg - add sig gen / verify API Stephan Mueller
2015-07-21 22:13 ` [PATCH 2/3] crypto: algif_akcipher user space interface Stephan Mueller
2015-07-22 16:01 ` Tadeusz Struk
2015-07-22 18:55 ` Stephan Mueller
2015-07-22 22:04 ` Tadeusz Struk
2015-07-22 22:29 ` Stephan Mueller
2015-07-21 22:13 ` [PATCH 3/3] crypto: algif_akcipher - enable compilation Stephan Mueller
2015-07-22 1:32 ` [PATCH 0/3] AF_ALG interface for akcipher Herbert Xu
2015-07-22 4:19 ` Tadeusz Struk
2015-07-22 4:21 ` Herbert Xu
2015-07-22 11:58 ` Horia Geantă
2015-07-23 1:53 ` Herbert Xu
2015-07-23 5:14 ` Tadeusz Struk
2015-07-23 5:19 ` Herbert Xu
2015-07-23 10:16 ` Stephan Mueller
2015-07-22 7:14 ` Stephan Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3908391.JkjAozYBaW@tachyon.chronox.de \
--to=smueller@chronox.de \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=tadeusz.struk@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox