22 Dec, 2015

1 commit

• 0c4c78de0   crypto: hash - add zero length message hash for shax and md5 ... Browse Code »

  Some crypto drivers cannot process empty data message and return a
  precalculated hash for md5/sha1/sha224/sha256.

  This patch add thoses precalculated hash in include/crypto.

  Signed-off-by: LABBE Corentin
  Signed-off-by: Herbert Xu

  LABBE Corentin

  2015-12-22 20:43:35 +0800  

10 Apr, 2015

1 commit

• a2e5ba4fe   crypto: sha256-generic - move to generic glue implementation ... Browse Code »

  This updates the generic SHA-256 implementation to use the
  new shared SHA-256 glue code.

  It also implements a .finup hook crypto_sha256_finup() and exports
  it to other modules. The import and export() functions and the
  .statesize member are dropped, since the default implementation
  is perfectly suitable for this module.

  Signed-off-by: Ard Biesheuvel
  Signed-off-by: Herbert Xu

  Ard Biesheuvel

  2015-04-10 21:39:41 +0800  

13 Jan, 2015

1 commit

• 3e14dcf7c   crypto: add missing crypto module aliases ... Browse Code »

  Commit 5d26a105b5a7 ("crypto: prefix module autoloading with "crypto-"")
  changed the automatic module loading when requesting crypto algorithms
  to prefix all module requests with "crypto-". This requires all crypto
  modules to have a crypto specific module alias even if their file name
  would otherwise match the requested crypto algorithm.

  Even though commit 5d26a105b5a7 added those aliases for a vast amount of
  modules, it was missing a few. Add the required MODULE_ALIAS_CRYPTO
  annotations to those files to make them get loaded automatically, again.
  This fixes, e.g., requesting 'ecb(blowfish-generic)', which used to work
  with kernels v3.18 and below.

  Also change MODULE_ALIAS() lines to MODULE_ALIAS_CRYPTO(). The former
  won't work for crypto modules any more.

  Fixes: 5d26a105b5a7 ("crypto: prefix module autoloading with "crypto-"")
  Cc: Kees Cook
  Signed-off-by: Mathias Krause
  Signed-off-by: Herbert Xu

  Mathias Krause

  2015-01-13 19:29:11 +0800  

24 Nov, 2014

1 commit

• 5d26a105b   crypto: prefix module autoloading with "crypto-" ... Browse Code »

  This prefixes all crypto module loading with "crypto-" so we never run
  the risk of exposing module auto-loading to userspace via a crypto API,
  as demonstrated by Mathias Krause:

  https://lkml.org/lkml/2013/3/4/70

  Signed-off-by: Kees Cook
  Signed-off-by: Herbert Xu

  Kees Cook

  2014-11-24 22:43:57 +0800  

25 Oct, 2014

1 commit

• 14d4cc088   Merge tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random ... Browse Code »

  Pull /dev/random updates from Ted Ts'o:
  "This adds a memzero_explicit() call which is guaranteed not to be
  optimized away by GCC. This is important when we are wiping
  cryptographically sensitive material"

  * tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
  crypto: memzero_explicit - make sure to clear out sensitive data
  random: add and use memzero_explicit() for clearing data

  Linus Torvalds

  2014-10-25 03:33:32 +0800  

17 Oct, 2014

1 commit

• 7185ad267   crypto: memzero_explicit - make sure to clear out sensitive data ... Browse Code »

  Recently, in commit 13aa93c70e71 ("random: add and use memzero_explicit()
  for clearing data"), we have found that GCC may optimize some memset()
  cases away when it detects a stack variable is not being used anymore
  and going out of scope. This can happen, for example, in cases when we
  are clearing out sensitive information such as keying material or any
  e.g. intermediate results from crypto computations, etc.

  With the help of Coccinelle, we can figure out and fix such occurences
  in the crypto subsytem as well. Julia Lawall provided the following
  Coccinelle program:

  @@
  type T;
  identifier x;
  @@

  T x;
  ... when exists
  when any
  -memset
  +memzero_explicit
  (&x,
  -0,
  ...)
  ... when != x
  when strict

  @@
  type T;
  identifier x;
  @@

  T x[...];
  ... when exists
  when any
  -memset
  +memzero_explicit
  (x,
  -0,
  ...)
  ... when != x
  when strict

  Therefore, make use of the drop-in replacement memzero_explicit() for
  exactly such cases instead of using memset().

  Signed-off-by: Daniel Borkmann
  Cc: Julia Lawall
  Cc: Herbert Xu
  Cc: Theodore Ts'o
  Cc: Hannes Frederic Sowa
  Acked-by: Hannes Frederic Sowa
  Acked-by: Herbert Xu
  Signed-off-by: Theodore Ts'o

  Daniel Borkmann

  2014-10-17 23:44:07 +0800  

02 Oct, 2014

1 commit

• be34c4ef6   crypto: sha - Handle unaligned input data in generic sha256 and sha512. ... Browse Code »

  Like SHA1, use get_unaligned_be*() on the raw input data.

  Reported-by: Bob Picco
  Signed-off-by: David S. Miller
  Signed-off-by: Herbert Xu

  David S. Miller

  2014-10-02 14:52:37 +0800  

03 Apr, 2013

1 commit

• 35d2c9d0c   crypto: sha256 - Expose SHA256 generic routine to be callable externally. ... Browse Code »

  Other SHA256 routine may need to use the generic routine when
  FPU is not available.

  Signed-off-by: Tim Chen
  Signed-off-by: Herbert Xu

  Tim Chen

  2013-04-03 09:06:31 +0800  

01 Aug, 2012

1 commit

• 6aeb49bc5   crypto: sha256 - use crypto_[un]register_shashes ... Browse Code »

  Combine all shash algs to be registered and use new crypto_[un]register_shashes
  functions. This simplifies init/exit code.

  Signed-off-by: Jussi Kivilinna
  Signed-off-by: Herbert Xu

  Jussi Kivilinna

  2012-08-01 17:47:26 +0800  

11 Jul, 2009

2 commits

• 9b2fda7b9   crypto: sha256_generic - Add export/import support ... Browse Code »

  This patch adds export/import support to sha256_generic. The exported
  type is defined by struct sha256_state, which is basically the entire
  descriptor state of sha256_generic.

  Signed-off-by: Herbert Xu

  Herbert Xu

  2009-07-11 18:23:34 +0800  
• 3d4d277cf   crypto: sha256_generic - Use 64-bit counter like sha1 ... Browse Code »

  This patch replaces the two 32-bit counter code in sha256_generic
  with the simpler 64-bit counter code from sha1.

  Signed-off-by: Herbert Xu

  Herbert Xu

  2009-07-11 18:23:33 +0800  

04 Mar, 2009

1 commit

• 8c882f641   crypto: Fix dead links ... Browse Code »

  Signed-off-by: Adrian-Ken Rueegsegger
  Signed-off-by: Herbert Xu

  Adrian-Ken Rueegsegger

  2009-03-04 14:43:52 +0800  

25 Dec, 2008

1 commit

• 50e109b5b   crypto: sha256 - Switch to shash ... Browse Code »

  This patch changes sha256 and sha224 to the new shash interface.

  Signed-off-by: Adrian-Ken Rueegsegger
  Signed-off-by: Herbert Xu

  Adrian-Ken Rueegsegger

  2008-12-25 08:02:19 +0800  

21 Apr, 2008

1 commit

• 3af5b90bd   [CRYPTO] all: Clean up init()/fini() ... Browse Code »

  On Thu, Mar 27, 2008 at 03:40:36PM +0100, Bodo Eggert wrote:
  > Kamalesh Babulal wrote:
  >
  > > This patch cleanups the crypto code, replaces the init() and fini()
  > > with the _init/_fini
  >
  > This part ist OK.
  >
  > > or init/fini_ (if the
  > > _init/_fini exist)
  >
  > Having init_foo and foo_init won't be a good thing, will it? I'd start
  > confusing them.
  >
  > What about foo_modinit instead?

  Thanks for the suggestion, the init() is replaced with

  _mod_init ()

  and fini () is replaced with _mod_fini.

  Signed-off-by: Kamalesh Babulal
  Signed-off-by: Herbert Xu

  Kamalesh Babulal

  2008-04-21 10:19:34 +0800  

11 Jan, 2008

1 commit

• cd12fb906   [CRYPTO] sha256-generic: Extend sha256_generic.c to support SHA-224 ... Browse Code »

  Resubmitting this patch which extends sha256_generic.c to support SHA-224 as
  described in FIPS 180-2 and RFC 3874. HMAC-SHA-224 as described in RFC4231
  is then supported through the hmac interface.

  Patch includes test vectors for SHA-224 and HMAC-SHA-224.

  SHA-224 chould be chosen as a hash algorithm when 112 bits of security
  strength is required.

  Patch generated against the 2.6.24-rc1 kernel and tested against
  2.6.24-rc1-git14 which includes fix for scatter gather implementation for HMAC.

  Signed-off-by: Jonathan Lynch
  Signed-off-by: Herbert Xu

  Jonathan Lynch

  2008-01-11 05:16:12 +0800  

02 Nov, 2007

1 commit

• 87ae9afdc   cleanup asm/scatterlist.h includes ... Browse Code »

  Not architecture specific code should not #include .

  This patch therefore either replaces them with
  #include or simply removes them if they were
  unused.

  Signed-off-by: Adrian Bunk
  Signed-off-by: Jens Axboe

  Adrian Bunk

  2007-11-02 15:47:06 +0800  

11 Oct, 2007

2 commits

• 5265eeb2b   [CRYPTO] sha: Add header file for SHA definitions ... Browse Code »

  There are currently several SHA implementations that all define their own
  initialization vectors and size values. Since this values are idential
  move them to a header file under include/crypto.

  Signed-off-by: Jan Glauber
  Signed-off-by: Herbert Xu

  Jan Glauber

  2007-10-11 07:55:50 +0800  
• ad5d27899   [CRYPTO] sha: Load the SHA[1|256] module by an alias ... Browse Code »

  Loading the crypto algorithm by the alias instead of by module directly
  has the advantage that all possible implementations of this algorithm
  are loaded automatically and the crypto API can choose the best one
  depending on its priority.

  Additionally it ensures that the generic implementation as well as the
  HW driver (if available) is loaded in case the HW driver needs the
  generic version as fallback in corner cases.

  Also remove the probe for sha1 in padlock's init code.

  Quote from Herbert:
  The probe is actually pointless since we can always probe when
  the algorithm is actually used which does not lead to dead-locks
  like this.

  Signed-off-by: Sebastian Siewior
  Signed-off-by: Herbert Xu

  Sebastian Siewior

  2007-10-11 07:55:50 +0800