Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add some utilities to make examples nicerHEADmasterbugfixes | Miloslav Trmač | 2010-09-07 | 4 | -1147/+517 |
| | |||||
* | Examples directory renamed -> tests | Nikos Mavrogiannopoulos | 2010-09-07 | 8 | -2/+2 |
| | |||||
* | Simplified makefile | Nikos Mavrogiannopoulos | 2010-09-07 | 1 | -0/+3 |
| | |||||
* | Rename CONFIG_AS*YM*METRIC, push into headers | Miloslav Trmač | 2010-09-06 | 8 | -64/+58 |
| | |||||
* | Algorithm to OID discovery moved to a single place. | Nikos Mavrogiannopoulos | 2010-09-06 | 12 | -89/+96 |
| | |||||
* | Run Lindent on libtom(*) | Nikos Mavrogiannopoulos | 2010-09-06 | 152 | -7864/+8090 |
| | |||||
* | run scripts/Lindent. | Nikos Mavrogiannopoulos | 2010-09-06 | 23 | -3271/+3490 |
| | |||||
* | Fix DH test | Miloslav Trmač | 2010-09-06 | 1 | -1/+1 |
| | |||||
* | Added config flag CONFIG_ASSYMETRIC, that will disable all assymetric ↵ | Nikos Mavrogiannopoulos | 2010-09-06 | 6 | -15/+83 |
| | | | | algorithm support when building the module. As a side-effect (due to DER requirements) key wrapping is disabled as well. | ||||
* | Use the ncr_algorithm_t as an identifier for storage data. This will allow | Nikos Mavrogiannopoulos | 2010-09-05 | 4 | -17/+14 |
| | | | | | keys tied to RSA-transparent, to be used for RSA operations as well (once keys are made tied to an algorithm). | ||||
* | Added flag: NCR_KEY_FLAG_ALLOW_TRANSPARENT_HASH | Nikos Mavrogiannopoulos | 2010-09-05 | 4 | -9/+20 |
| | |||||
* | 3DES-ECB has also effective key length of 112. | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -1/+1 |
| | |||||
* | Run DH key exchange for 100 times for testing. | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -200/+226 |
| | |||||
* | DH key generation moved to a while loop... Just in case. | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -12/+14 |
| | |||||
* | Key wrapping is privileged. | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -0/+28 |
| | |||||
* | Added flag NCR_KEY_FLAG_HASHABLE and enforced it when reading a key for hashing. | Nikos Mavrogiannopoulos | 2010-09-05 | 3 | -1/+8 |
| | |||||
* | Rationalized the key wrapping format. It currently is: | Nikos Mavrogiannopoulos | 2010-09-05 | 3 | -76/+198 |
| | | | | | | | | | | | PackedData ::= SEQUENCE { version INTEGER { v1(0) } algorithm OBJECT IDENTIFIER, type INTEGER { secret_key(0), public(1), private(2) }, data OCTET STRING } Unfortunately there are not assigned OIDs for all algorithms we support. | ||||
* | Optimizations for 32bit machines by using a 64bit word type and 32bit digit. | Nikos Mavrogiannopoulos | 2010-09-03 | 4 | -7/+16 |
| | | | | Unfortunately we cannot do the same for 64bit since we don't have an 128bit type in kernel. | ||||
* | Added a FIXME on the used types. | Nikos Mavrogiannopoulos | 2010-09-02 | 1 | -0/+4 |
| | |||||
* | Use the linux kernel heapsort instead of including qsort. | Nikos Mavrogiannopoulos | 2010-09-02 | 6 | -252/+6 |
| | |||||
* | Removed unneeded code. | Nikos Mavrogiannopoulos | 2010-09-02 | 13 | -845/+5 |
| | |||||
* | Drop a redundant prototype. | Miloslav Trmač | 2010-09-02 | 1 | -2/+0 |
| | |||||
* | Added an emulation of a userspace application that provides encryption service. | Nikos Mavrogiannopoulos | 2010-09-01 | 4 | -0/+1623 |
| | |||||
* | export ncr_key_clear(). And disallow key derivation from wrapping keys. | Nikos Mavrogiannopoulos | 2010-08-31 | 1 | -0/+2 |
| | |||||
* | Prevent usage of wrapping keys for anything else except wrapping. | Nikos Mavrogiannopoulos | 2010-08-31 | 1 | -0/+8 |
| | |||||
* | Merge branch 'pk-transparent-hash' | Miloslav Trmač | 2010-08-27 | 5 | -14/+318 |
|\ | | | | | | | | | Conflicts: ncr-int.h | ||||
| * | Add transparent hash signature examples | Miloslav Trmač | 2010-08-27 | 1 | -0/+245 |
| | | |||||
| * | Allow sharing keys for "regular" and "transparent" algorithms | Miloslav Trmač | 2010-08-27 | 1 | -1/+3 |
| | | |||||
| * | Implement PK signatures with transparent hashes | Miloslav Trmač | 2010-08-27 | 3 | -13/+70 |
| | | |||||
* | | Merge branch 'session_update-iv' | Miloslav Trmač | 2010-08-27 | 2 | -0/+23 |
|\ \ | |||||
| * | | Add support for changing IVs in sessions | Miloslav Trmač | 2010-08-27 | 2 | -0/+23 |
| |/ | |||||
* | | Merge remote branch 'origin/newapi' | Miloslav Trmač | 2010-08-27 | 7 | -61/+194 |
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: examples/ncr.c examples/pk.c ncr-key-wrap.c ncr-key.c ncr.h | ||||
| * | | Unwrapping keys are restricted the same way as wrapping keys. | Nikos Mavrogiannopoulos | 2010-08-26 | 2 | -3/+3 |
| | | | |||||
| * | | enforce the key wrap version. | Nikos Mavrogiannopoulos | 2010-08-25 | 1 | -2/+10 |
| | | | |||||
| * | | Added ENCRYPT, UNWRAPPING and VERIFY key flags | Nikos Mavrogiannopoulos | 2010-08-25 | 5 | -6/+10 |
| | | | |||||
| * | | The RFC5649 wrapping algorithm now includes a DER encoding of the data to ↵ | Nikos Mavrogiannopoulos | 2010-08-25 | 3 | -27/+170 |
| | | | | | | | | | | | | distinguish between keys of different types. This prevents keys being unwrapped in a wrong type. | ||||
| * | | use the rfc3394 suffix. | Nikos Mavrogiannopoulos | 2010-08-25 | 1 | -2/+2 |
| | | | |||||
* | | | Merge branch 'bugfixes' | Miloslav Trmač | 2010-08-25 | 2 | -4/+4 |
|\ \ \ | |||||
| * | | | Make some objects static | Miloslav Trmač | 2010-08-25 | 2 | -4/+4 |
| | | | | |||||
* | | | | Merge branch 'clone-session' | Miloslav Trmač | 2010-08-25 | 7 | -15/+357 |
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: cryptodev_int.h ncr-sessions.c | ||||
| * | | | | Add hash cloning example. | Miloslav Trmač | 2010-08-25 | 1 | -0/+218 |
| | | | | | |||||
| * | | | | Implement cloning hash sessions | Miloslav Trmač | 2010-08-25 | 4 | -17/+134 |
| | | | | | |||||
| * | | | | Remove a redundant argument of cryptodev_hash_init | Miloslav Trmač | 2010-08-25 | 5 | -8/+8 |
| | | | | | |||||
| * | | | | Define session cloning interface | Miloslav Trmač | 2010-08-25 | 3 | -0/+7 |
| | | | | | |||||
* | | | | | Merge branch 'cleanups' | Miloslav Trmač | 2010-08-25 | 5 | -8/+8 |
|\ \ \ \ \ | |||||
| * | | | | | Remove a redundant argument of cryptodev_hash_init | Miloslav Trmač | 2010-08-25 | 5 | -8/+8 |
| | | | | | | |||||
* | | | | | | Merge branch 'ids-after-initialization' | Miloslav Trmač | 2010-08-25 | 1 | -121/+193 |
|\ \ \ \ \ \ | |/ / / / / |/| / / / / | |/ / / / | | | | | | Conflicts: ncr-sessions.c | ||||
| * | | | | Document locking. | Miloslav Trmač | 2010-08-25 | 1 | -16/+31 |
| | | | | | | | | | | | | | | | | | | | | | | | | | Document how members of session_item_st are protected, and what assumptions are made by internal functions. | ||||
| * | | | | Move session_item_st definition to ncr-sessions.c | Miloslav Trmač | 2010-08-25 | 2 | -26/+26 |
| | | | | | | | | | | | | | | | | | | | | It is not used anywhere else. | ||||
| * | | | | Unpublish session ID at start of ncr_session_final. | Miloslav Trmač | 2010-08-25 | 1 | -21/+28 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This means that ncr_session_final() can't be called on one ID twice, ensuring that the ID is still unique throughout the runtime of ncr_session_final(). (Note that this is not guaranteed for ncr_session_update(): a concurrent thread can call ncr_session_final() on the ID and reuse it before ncr_session_update() finishes.) |