Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Rename CONFIG_AS*YM*METRIC, push into headers | Miloslav Trmač | 2010-09-06 | 1 | -10/+7 |
| | |||||
* | run scripts/Lindent. | Nikos Mavrogiannopoulos | 2010-09-06 | 1 | -220/+252 |
| | |||||
* | Added config flag CONFIG_ASSYMETRIC, that will disable all assymetric ↵ | Nikos Mavrogiannopoulos | 2010-09-06 | 1 | -0/+10 |
| | | | | algorithm support when building the module. As a side-effect (due to DER requirements) key wrapping is disabled as well. | ||||
* | Key wrapping is privileged. | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -0/+28 |
| | |||||
* | Rationalized the key wrapping format. It currently is: | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -55/+34 |
| | | | | | | | | | | | PackedData ::= SEQUENCE { version INTEGER { v1(0) } algorithm OBJECT IDENTIFIER, type INTEGER { secret_key(0), public(1), private(2) }, data OCTET STRING } Unfortunately there are not assigned OIDs for all algorithms we support. | ||||
* | Merge remote branch 'origin/newapi' | Miloslav Trmač | 2010-08-27 | 1 | -26/+175 |
|\ | | | | | | | | | | | | | | | | | Conflicts: examples/ncr.c examples/pk.c ncr-key-wrap.c ncr-key.c ncr.h | ||||
| * | enforce the key wrap version. | Nikos Mavrogiannopoulos | 2010-08-25 | 1 | -2/+10 |
| | | |||||
| * | Added ENCRYPT, UNWRAPPING and VERIFY key flags | Nikos Mavrogiannopoulos | 2010-08-25 | 1 | -1/+1 |
| | | |||||
| * | The RFC5649 wrapping algorithm now includes a DER encoding of the data to ↵ | Nikos Mavrogiannopoulos | 2010-08-25 | 1 | -22/+169 |
| | | | | | | | | distinguish between keys of different types. This prevents keys being unwrapped in a wrong type. | ||||
| * | use the rfc3394 suffix. | Nikos Mavrogiannopoulos | 2010-08-25 | 1 | -2/+2 |
| | | |||||
* | | Merge branch 'bugfixes' | Miloslav Trmač | 2010-08-25 | 1 | -1/+1 |
|\ \ | |||||
| * | | Make some objects static | Miloslav Trmač | 2010-08-25 | 1 | -1/+1 |
| | | | |||||
* | | | Simplify key flag updates | Miloslav Trmač | 2010-08-25 | 1 | -14/+8 |
| | | | |||||
* | | | Merge branch 'bugfixes' into nlattr | Miloslav Trmač | 2010-08-25 | 1 | -6/+23 |
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: cryptodev_main.c examples/ncr.c examples/pk.c ncr-int.h ncr-key-wrap.c ncr-key.c ncr.c ncr.h | ||||
| * | | Make it possible to import private keys | Miloslav Trmač | 2010-08-24 | 1 | -7/+13 |
| | | | |||||
| * | | Reject prohibited key flags immediately | Miloslav Trmač | 2010-08-24 | 1 | -2/+11 |
| |/ | | | | | | | Silently ignoring user's requests is unexpected. | ||||
* | | Replace ncr_wrap_algorithm_t by NLA_NUL_STRING | Miloslav Trmač | 2010-08-25 | 1 | -23/+14 |
| | | |||||
* | | Convert *_KEY_STORAGE_UNWRAP | Miloslav Trmač | 2010-08-24 | 1 | -13/+6 |
| | | |||||
* | | Convert *_KEY_STORAGE_WRAP | Miloslav Trmač | 2010-08-24 | 1 | -13/+9 |
| | | |||||
* | | Convert *_KEY_UNWRAP | Miloslav Trmač | 2010-08-24 | 1 | -33/+56 |
| | | |||||
* | | Convert *_KEY_WRAP | Miloslav Trmač | 2010-08-24 | 1 | -21/+34 |
| | | |||||
* | | Drop <cryptodev.h> | Miloslav Trmač | 2010-08-24 | 1 | -1/+0 |
|/ | | | | Also drop implementation of its ioctls, examples, openssl patch. | ||||
* | Improvements in key wrapping. Allowed symmetric keys to wrap assymetric ones. | Nikos Mavrogiannopoulos | 2010-08-21 | 1 | -14/+141 |
| | |||||
* | Added KEY_WRAPPING flag that allows a key to be used for wrapping other keys. | Nikos Mavrogiannopoulos | 2010-08-19 | 1 | -8/+49 |
| | | | | | Only superuser can enable this flag. Prevent short keys to wrap longer ones. Added initial stuff for supporting wrapping of private and public keys. | ||||
* | Merge branch 'bugfixes' | Miloslav Trmač | 2010-08-07 | 1 | -2/+2 |
|\ | | | | | | | | | Conflicts: ncr-int.h | ||||
| * | Use <linux/uaccess.h> instead of <asm/uaccess.h> | Miloslav Trmač | 2010-08-07 | 1 | -1/+1 |
| | | | | | | | | Suggested by scripts/checkpatch.pl. | ||||
| * | Use <linux/ioctl.h> instead of <asm/ioctl.h> | Miloslav Trmač | 2010-08-07 | 1 | -1/+1 |
| | | | | | | | | Suggested by scripts/checkpatch.pl. | ||||
* | | Merge branch 'bugfixes' | Miloslav Trmač | 2010-08-05 | 1 | -0/+1 |
|\| | |||||
| * | Fix build with recent kernels | Jan Chadima | 2010-08-05 | 1 | -0/+1 |
| | | |||||
* | | Merge branch 'replace-lists' | Miloslav Trmač | 2010-07-31 | 1 | -10/+10 |
|\ \ | |/ |/| | |||||
| * | Merge branch 'master' into replace-lists | Miloslav Trmač | 2010-07-30 | 1 | -89/+91 |
| |\ | | | | | | | | | | | | | | | | | | | Conflicts: ncr-int.h ncr-key.c ncr.c | ||||
| * | | Use ncr_lists instead of list_sem_st in intefaces | Miloslav Trmač | 2010-07-27 | 1 | -10/+10 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Should result in no functionality change. This makes the code marginally more effective (reducing the number of "&lst->key" and "&lst->sessions" operations in the code, and moving them toward dereferences where they can be combined with member accesses), and more type-safe (prevents mixing the key and session list in most places because they the difference is only in the low-level accessor functions). Most importantly, this allows replacing list_sem_st without having to touch most of the functions again. | ||||
* | | | Fix error path in unwrap_aes | Miloslav Trmač | 2010-07-30 | 1 | -1/+1 |
| |/ |/| | |||||
* | | Use less stack and memory. | Nikos Mavrogiannopoulos | 2010-07-28 | 1 | -89/+91 |
|/ | |||||
* | Corrected copyright notices. | Nikos Mavrogiannopoulos | 2010-07-27 | 1 | -1/+3 |
| | |||||
* | relicensed under GNU GPLv2. | Nikos Mavrogiannopoulos | 2010-07-27 | 1 | -8/+9 |
| | |||||
* | Fix an error path in _unwrap_aes_rfc5649 | Miloslav Trmač | 2010-07-26 | 1 | -1/+1 |
| | |||||
* | ncr_int.h -> ncr-int.h | Nikos Mavrogiannopoulos | 2010-07-25 | 1 | -1/+1 |
| | |||||
* | Key wrapping operates directly to userspace data. No need to involve the ↵ | Nikos Mavrogiannopoulos | 2010-07-25 | 1 | -63/+108 |
| | | | | data_t structures. | ||||
* | Splitted key from key_params structure. Also separated dsa from rsa ↵ | Nikos Mavrogiannopoulos | 2010-07-23 | 1 | -6/+6 |
| | | | | structure in params. | ||||
* | Revert "initial support for userspace data." | Nikos Mavrogiannopoulos | 2010-07-23 | 1 | -48/+13 |
| | | | | This reverts commit e7828004e40592c8cffc9235f72440c802905e16. | ||||
* | Revert "Modified NCR-USER API to "simplify" and allow setting of size of ↵ | Nikos Mavrogiannopoulos | 2010-07-23 | 1 | -36/+8 |
| | | | | | | data structure without special system call." This reverts commit 5689c9734223fb349bba526d620823a803c3b67e. | ||||
* | Modified NCR-USER API to "simplify" and allow setting of size of data ↵ | Nikos Mavrogiannopoulos | 2010-07-21 | 1 | -8/+36 |
| | | | | structure without special system call. | ||||
* | initial support for userspace data. | Nikos Mavrogiannopoulos | 2010-07-21 | 1 | -13/+48 |
| | |||||
* | Represent ENOKEY as a negative value | Miloslav Trmač | 2010-07-19 | 1 | -2/+2 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | sparse: Avoid variable-length arrays | Miloslav Trmač | 2010-07-19 | 1 | -4/+21 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | Fix copy_{from,to}_user error handling | Miloslav Trmač | 2010-07-19 | 1 | -12/+8 |
| | | | | | | These functions return a positive number, not an error code, on failure. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | Fix error paths in ncr_key_storage_wrap | Miloslav Trmač | 2010-07-19 | 1 | -1/+2 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | Fix error paths in ncr_key_wrap | Miloslav Trmač | 2010-07-19 | 1 | -1/+2 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | Initial additions to have PK encryption/decryption. Separated operations | Nikos Mavrogiannopoulos | 2010-07-12 | 1 | -18/+16 |
| | | | | | on keys to read/write to prevent overwriting a key while using it. Several other cleanups. |