Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | run scripts/Lindent. | Nikos Mavrogiannopoulos | 2010-09-06 | 1 | -535/+580 |
| | |||||
* | Added config flag CONFIG_ASSYMETRIC, that will disable all assymetric ↵ | Nikos Mavrogiannopoulos | 2010-09-06 | 1 | -2/+30 |
| | | | | algorithm support when building the module. As a side-effect (due to DER requirements) key wrapping is disabled as well. | ||||
* | Use the ncr_algorithm_t as an identifier for storage data. This will allow | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -5/+2 |
| | | | | | keys tied to RSA-transparent, to be used for RSA operations as well (once keys are made tied to an algorithm). | ||||
* | Added flag: NCR_KEY_FLAG_ALLOW_TRANSPARENT_HASH | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -6/+16 |
| | |||||
* | Added flag NCR_KEY_FLAG_HASHABLE and enforced it when reading a key for hashing. | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -0/+6 |
| | |||||
* | Rationalized the key wrapping format. It currently is: | Nikos Mavrogiannopoulos | 2010-09-05 | 1 | -18/+144 |
| | | | | | | | | | | | PackedData ::= SEQUENCE { version INTEGER { v1(0) } algorithm OBJECT IDENTIFIER, type INTEGER { secret_key(0), public(1), private(2) }, data OCTET STRING } Unfortunately there are not assigned OIDs for all algorithms we support. | ||||
* | Prevent usage of wrapping keys for anything else except wrapping. | Nikos Mavrogiannopoulos | 2010-08-31 | 1 | -0/+8 |
| | |||||
* | Merge branch 'pk-transparent-hash' | Miloslav Trmač | 2010-08-27 | 1 | -12/+63 |
|\ | | | | | | | | | Conflicts: ncr-int.h | ||||
| * | Implement PK signatures with transparent hashes | Miloslav Trmač | 2010-08-27 | 1 | -12/+58 |
| | | |||||
* | | Merge branch 'session_update-iv' | Miloslav Trmač | 2010-08-27 | 1 | -0/+19 |
|\ \ | |||||
| * | | Add support for changing IVs in sessions | Miloslav Trmač | 2010-08-27 | 1 | -0/+19 |
| |/ | |||||
* | | Merge remote branch 'origin/newapi' | Miloslav Trmač | 2010-08-27 | 1 | -2/+2 |
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: examples/ncr.c examples/pk.c ncr-key-wrap.c ncr-key.c ncr.h | ||||
| * | | Unwrapping keys are restricted the same way as wrapping keys. | Nikos Mavrogiannopoulos | 2010-08-26 | 1 | -2/+2 |
| | | | |||||
* | | | Implement cloning hash sessions | Miloslav Trmač | 2010-08-25 | 1 | -14/+83 |
| | | | |||||
* | | | Remove a redundant argument of cryptodev_hash_init | Miloslav Trmač | 2010-08-25 | 1 | -3/+3 |
| | | | |||||
* | | | Document locking. | Miloslav Trmač | 2010-08-25 | 1 | -16/+31 |
| | | | | | | | | | | | | | | | Document how members of session_item_st are protected, and what assumptions are made by internal functions. | ||||
* | | | Move session_item_st definition to ncr-sessions.c | Miloslav Trmač | 2010-08-25 | 1 | -0/+26 |
| | | | | | | | | | | | | It is not used anywhere else. | ||||
* | | | Unpublish session ID at start of ncr_session_final. | Miloslav Trmač | 2010-08-25 | 1 | -21/+28 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This means that ncr_session_final() can't be called on one ID twice, ensuring that the ID is still unique throughout the runtime of ncr_session_final(). (Note that this is not guaranteed for ncr_session_update(): a concurrent thread can call ncr_session_final() on the ID and reuse it before ncr_session_update() finishes.) | ||||
* | | | Rename ncr_sessions_item_get() to session_get_ref() | Miloslav Trmač | 2010-08-25 | 1 | -4/+4 |
| | | | | | | | | | | | | ... for consistency with the other session ID handlers. | ||||
* | | | Simplify refcount handling in session_init | Miloslav Trmač | 2010-08-25 | 1 | -5/+4 |
| | | | |||||
* | | | Don't allocate session IDs for *_ONCE. | Miloslav Trmač | 2010-08-25 | 1 | -19/+2 |
| | | | | | | | | | | | | | | | Also skip locking the mutex - the session is private to the calling thread, nothing else can access it. | ||||
* | | | Move ID handling out of _ncr_session_init | Miloslav Trmač | 2010-08-25 | 1 | -22/+35 |
| | | | |||||
* | | | Move session lookup and locking out of _ncr_session_final | Miloslav Trmač | 2010-08-25 | 1 | -28/+46 |
| | | | |||||
* | | | Remove redundant deinitializations. | Miloslav Trmač | 2010-08-25 | 1 | -7/+0 |
| | | | | | | | | | | | | _ncr_sessions_item_put() clears this all on last put. | ||||
* | | | Avoid duplicit lookup and locking in _try_session_update | Miloslav Trmač | 2010-08-25 | 1 | -31/+11 |
| | | | |||||
* | | | Move session lookup and locking out of low-level functions | Miloslav Trmač | 2010-08-25 | 1 | -34/+49 |
| | | | | | | | | | | | | While doing this, also lock mem_mutex during _ncr_session_update_key. | ||||
* | | | Publish sessions only after initialization | Miloslav Trmač | 2010-08-25 | 1 | -2/+2 |
| | | | |||||
* | | | Separate session ID allocation from object creation | Miloslav Trmač | 2010-08-25 | 1 | -15/+57 |
| | | | |||||
* | | | Make some session functions static | Miloslav Trmač | 2010-08-25 | 1 | -3/+5 |
| |/ |/| | |||||
* | | Replace ncr_algorithm_t by NLA_NUL_STRING | Miloslav Trmač | 2010-08-24 | 1 | -40/+56 |
| | | |||||
* | | Convert *_SESSION_* | Miloslav Trmač | 2010-08-24 | 1 | -261/+253 |
| | | |||||
* | | Simplify algorithm lookup by nla | Miloslav Trmač | 2010-08-24 | 1 | -0/+8 |
| | | |||||
* | | Drop <cryptodev.h> | Miloslav Trmač | 2010-08-24 | 1 | -1/+0 |
|/ | | | | Also drop implementation of its ioctls, examples, openssl patch. | ||||
* | Prevent usage of wrapping keys for anything else except wrapping. | Nikos Mavrogiannopoulos | 2010-08-21 | 1 | -0/+17 |
| | |||||
* | Merge branch 'bugfixes' | Miloslav Trmač | 2010-08-07 | 1 | -5/+6 |
|\ | | | | | | | | | Conflicts: ncr-int.h | ||||
| * | Use a struct mutex for session_item_st.mem_mutex | Miloslav Trmač | 2010-08-07 | 1 | -5/+6 |
| | | | | | | | | Suggested by scripts/checkpatch.pl | ||||
* | | Merge branch 'master' into replace-lists | Miloslav Trmač | 2010-07-30 | 1 | -4/+7 |
|\| | | | | | | | | | | | | | Conflicts: ncr-int.h ncr-key.c ncr.c | ||||
| * | Don't access new objects when not holding a reference | Miloslav Trmač | 2010-07-28 | 1 | -1/+2 |
| | | |||||
| * | Fix error paths in _ncr_session_init | Miloslav Trmač | 2010-07-28 | 1 | -2/+4 |
| | | |||||
| * | Return ENOMEM on session allocation errors | Miloslav Trmač | 2010-07-28 | 1 | -1/+1 |
| | | |||||
* | | Use <linux/idr.h> for session ID allocation and lookup | Miloslav Trmač | 2010-07-28 | 1 | -64/+48 |
| | | |||||
* | | Use ncr_lists instead of list_sem_st in intefaces | Miloslav Trmač | 2010-07-27 | 1 | -24/+29 |
|/ | | | | | | | | | | | | | | Should result in no functionality change. This makes the code marginally more effective (reducing the number of "&lst->key" and "&lst->sessions" operations in the code, and moving them toward dereferences where they can be combined with member accesses), and more type-safe (prevents mixing the key and session list in most places because they the difference is only in the low-level accessor functions). Most importantly, this allows replacing list_sem_st without having to touch most of the functions again. | ||||
* | Added Diffie Hellman key generation. | Nikos Mavrogiannopoulos | 2010-07-27 | 1 | -0/+2 |
| | |||||
* | More copyright fixes. | Nikos Mavrogiannopoulos | 2010-07-27 | 1 | -0/+1 |
| | |||||
* | Corrected copyright notices. | Nikos Mavrogiannopoulos | 2010-07-27 | 1 | -1/+3 |
| | |||||
* | relicensed under GNU GPLv2. | Nikos Mavrogiannopoulos | 2010-07-27 | 1 | -8/+9 |
| | |||||
* | Don't leak memory on realloc failure. | Miloslav Trmač | 2010-07-26 | 1 | -21/+20 |
| | | | | | This guarantees ses->sg and ses->pages are non-NULL, so drop no longer necessary checks for NULL. | ||||
* | Don't duplicate expansion of session page pointers | Miloslav Trmač | 2010-07-26 | 1 | -32/+23 |
| | |||||
* | Set output size for symmetric encryption operations | Miloslav Trmač | 2010-07-26 | 1 | -2/+2 |
| | |||||
* | Make sure there is space for encryption output | Miloslav Trmač | 2010-07-26 | 1 | -0/+6 |
| |