| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Aug 2010 10:45:44 +0200
From: Miloslav Trmač <mitr@...hat.com>
To: Herbert Xu <herbert@...dor.hengli.com.au>
Cc: linux-crypto@...r.kernel.org,
Nikos Mavrogiannopoulos <n.mavrogiannopoulos@...il.com>,
Neil Horman <nhorman@...hat.com>, linux-kernel@...r.kernel.org,
Miloslav Trmač <mitr@...hat.com>
Subject: [PATCH 01/19] User-space API definition
This patch introduces the new user-space API, <ncr.h>.
Quick overview:
* open("/dev/crypto") to get a FD, which acts as a namespace for key and
session identifiers.
* ioctl(NCRIO_KEY_INIT) to allocate a key object; then generate the key
material inside the kernel, load a plaintext key, unwrap a key, or
derive a key. Similarly the key material can be copied out of the
kernel or wrapped.
* ioctl(NCRIO_SESSION_INIT) to allocate a crypto session (to encrypt,
decrypt, hash, sign, or verify signature), then
ioctl(NCRIO_SESSION_UPDATE) to act on chunks of data. Deallocate the
session, and optionally retrieve session results (e.g. hash or
signature), using ioctl(NCRIO_SESSION_FINAL).
There is also NCRIO_SESSION_ONCE for an one-shot crypto operation
using a single user->kernel context switch.
Full documentation of the interface is in
Documentation/crypto/userspace.txt .
---
Documentation/crypto/userspace.txt | 510 ++++++++++++++++++++++++++++++++++++
include/linux/Kbuild | 1 +
include/linux/ncr.h | 273 +++++++++++++++++++
3 files changed, 784 insertions(+), 0 deletions(-)
create mode 100644 Documentation/crypto/userspace.txt
create mode 100644 include/linux/ncr.h
diff --git a/Documentation/crypto/userspace.txt b/Documentation/crypto/userspace.txt
new file mode 100644
index 0000000..5839fda
--- /dev/null
+++ b/Documentation/crypto/userspace.txt
@@ -0,0 +1,510 @@
+CRYPTO(4) Linux Programmer’s Manual CRYPTO(4)
+
+NAME
+ /dev/crypto - kernel cryptographic module interface
+
+SYNOPSIS
+ #include <ncr.h>
+ int fd = open("/dev/crypto", O_RDWR);
+ int res = ioctl(fd, NCRIO..., &data);
+
+DESCRIPTION
+ The /dev/crypto device file provides an ioctl(2) interface to the ker-
+ nel-space crypto implementation.
+
+ Each open(2) of the /dev/crypto file establishes a separate namespace
+ within which crypto operations work. The namespace can be shared
+ across threads and processes by sharing the open file description.
+ Last close of the open file description automatically destroys all
+ objects allocated within the namespace.
+
+ All ioctl(2)s have the same form: The user sets up a data structure
+ with input data, and passes a pointer to the data structure as the
+ third parameter to ioctl(2). On success, output data is available in
+ the same structure.
+
+OPERATION ATTRIBUTES
+ In addition to the fixed members of data structures, a process can pass
+ additional attributes on input of most operations, and receive addi-
+ tional attributes back from the kernel. If this is supported by a spe-
+ cific operation, the fixed data structure members for this operation
+ include input_size and output_size.
+
+ The input attributes immediately follow the fixed data structure as a
+ sequence of correctly aligned (struct nlattr, attribute data) pairs,
+ using the same data layout and formatting rules as netlink(7) messages.
+ The input_size member must be initialized to the total length of input
+ (including both the fixed data structure and the attributes).
+
+ There is an (unspecified) upper limit on the total size of all
+ attributes, which should be large enough to accommodate any reasonable
+ application. If a larger input is provided nevertheless, the operation
+ will fail with EOVERFLOW.
+
+ Output attributes, if any, are written by the kernel in the same format
+ following the fixed data structure (overwriting input attributes, if
+ any). The output_size member must be initialized to the total space
+ available for output (including the fixed data structure and space for
+ attributes), and is updated by the kernel with the total space actually
+ used for attributes.
+
+ If the space available for output attributes is too small, the opera-
+ tion will fail with ERANGE.
+
+ As a special case, input_size may be zero to indicate no input
+ attributes are supplied. Similarly, output_size may be zero to indi-
+ cate no space for output attributes is provided; in such case out-
+ put_size is not overwritten by the kernel with the total space actually
+ used (which is equal to size of the fixed data structure) and remains
+ zero when the operation finishes.
+
+ The kernel accepts and silently ignores unknown attributes.
+
+ The kernel will not add new output attributes to existing operations in
+ future releases unless the new output attribute was explicitly
+ requested by the application. (Therefore, the application does not
+ have to allocate any extra space for output attributes it does not
+ expect.)
+
+ The following attributes are used in more than one operation:
+
+ NCR_ATTR_ALGORITHM
+ A NUL-terminated string specifying an algorithm (to be used in
+ an operation, or as a property of a key), using the Linux crypto
+ API algorithm names.
+
+ Three additional algorithm names are recognized: rsa, dsa, dh.
+
+ NCR_ATTR_IV
+ Unformatted binary data specifying an initialization vector,
+
+ NCR_ATTR_KEY_FLAGS
+ An 32-bit unsigned integer in native byte order specifying key
+ flags, a combination of NCR_KEY_FLAG_EXPORTABLE (the key mate-
+ rial can be exported in plaintext to user space) and
+ NCR_KEY_FLAG_WRAPPABLE (the key material can be wrapped and the
+ result made available to user space).
+
+ NCR_ATTR_KEY_ID
+ Arbitrary binary data which can be used by the application for
+ key identification.
+
+ NCR_ATTR_KEY_TYPE
+ An 32-bit unsigned integer in native byte order specifying key
+ type, one of NCR_KEY_TYPE_SECRET, NCR_KEY_TYPE_PUBLIC and
+ NCR_KEY_TYPE_PRIVATE.
+
+ NCR_ATTR_WRAPPING_ALGORITHM
+ A NUL-terminated string specifying a key wrapping algorithm.
+ The values walg-aes-rfc3394 and walg-aes-rfc5649 are currently
+ supported.
+
+OPERATIONS
+ The following operations are defined:
+
+ NCRIO_KEY_INIT
+ Allocate a kernel-space key object. The third ioctl(s) parame-
+ ter is ignored (key attributes are set later, when the key mate-
+ rial is initialized). Returns an ncr_key_t descriptor for the
+ key object (valid within the current /dev/crypto namespace) on
+ success.
+
+ There is a per-process and per-user (not per-namespace) limit on
+ the number key objects that can be allocated.
+
+ NCRIO_KEY_DEINIT
+ Deallocate a kernel-space key object. The parameter points to a
+ ncr_key_t descriptor of the key object. After all other opera-
+ tions using this key object (if any) terminate, the key material
+ will be cleared and the object will be freed. Note that this
+ may happen both before this operation returns, and after it
+ returns, depending on other references to this key object.
+
+ NCRIO_KEY_GENERATE
+ Clear existing key material in the specified key object, and
+ generate new key material.
+
+ The parameter points to struct ncr_key_generate, which specifies
+ the destination key object in its key member.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_ALGORITHM
+ Mandatory.
+
+ NCR_ATTR_KEY_FLAGS
+ Optional, flags are unchanged if not present.
+
+ NCR_ATTR_SECRET_KEY_BITS
+ Mandatory for symmetric keys. An 32-bit unsigned integer
+ in native byte order specifying key length in bits.
+
+ Only symmetric keys can be currently generated using this opera-
+ tion.
+
+ In addition to generating the key material, the "persistent" key
+ ID is reset to a random value.
+
+ NCRIO_KEY_GENERATE_PAIR
+ Similar to NCRIO_KEY_GENERATE, except that a pair of public/pri-
+ vate keys is generated.
+
+ The parameter points to struct ncr_key_generate_pair, which
+ specifies the destination key objects in its private_key and
+ public_key members.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_KEY_FLAGS
+ Optional, flags are unchanged if not present.
+
+ NCR_ATTR_RSA_E
+ For RSA keys, the public exponent as a big-endian multi-
+ ple-precision integer. Optional, defaults to 65537.
+
+ NCR_ATTR_RSA_MODULUS_BITS
+ Mandatory for RSA keys. An 32-bit unsigned integer in
+ native byte order specifying modulus length in bits.
+
+ NCR_ATTR_DSA_P_BITS
+ For DSA keys, length of the "p" key parameter in bits as
+ an 32-bit unsigned integer in native byte order.
+ Optional, defaults to 1024.
+
+ NCR_ATTR_DSA_Q_BITS
+ For DSA keys, length of the "q" key parameter in bits as
+ an 32-bit unsigned integer in native byte order.
+ Optional, defaults to 160.
+
+ NCR_ATTR_DH_BASE
+ Mandatory for D-H keys. The prime modulus of a D-H group
+ as a big-endian multiple-precision integer.
+
+ NCR_ATTR_DH_PRIME
+ Mandatory for D-H keys. The generator of a D-H group as
+ a big-endian multiple-precision integer.
+
+ The NCR_KEY_FLAG_EXPORTABLE and NCR_KEY_FLAG_WRAPPABLE flags are
+ automatically set on the public key.
+
+ In addition to generating the key material, the "persistent" key
+ ID of both keys is set to a same value derived from the public
+ key.
+
+ NCRIO_KEY_DERIVE
+ Derive a new key using one key and additional data.
+
+ The parameter points to struct ncr_key_derive, which specifies
+ the source and destination keys in the input_key and new_key
+ members.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_KEY_FLAGS
+ Optional, flags are unchanged if not present.
+
+ NCR_ATTR_DERIVATION_ALGORITHM
+ Mandatory. A NUL-terminated string specifying a key
+ derivation algorithm. Only dh is currently supported.
+
+ NCR_ATTR_DH_PUBLIC
+ Mandatory for D-H derivation. The peer’s public D-H
+ value as a big-endian multiple-precision integer.
+
+ NCRIO_KEY_EXPORT
+ Export key material in the specified key object to user space.
+ Only keys with the NCR_KEY_FLAG_EXPORTABLE flag can be exported
+ using this operation.
+
+ The parameter points to struct ncr_key_export, which specifies
+ the key to export in the key member, and a buffer for the
+ exported data in the buffer and buffer_size members.
+
+ On success, size of the exported key is returned.
+
+ Symmetric keys are written directly into the destination buffer.
+ Public and private keys are formatted using ASN.1, except for DH
+ public keys, which are written a raw binary number.
+
+ NCRIO_KEY_IMPORT
+ Clear existing key material in the specified key object, and
+ import key material from user space.
+
+ The parameter points to struct ncr_key_import, which specifies
+ the destination key in the key member, and the input data in the
+ data and data_size members.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_ALGORITHM
+ Mandatory.
+
+ NCR_ATTR_KEY_FLAGS
+ Optional, flags are unchanged if not present.
+
+ NCR_ATTR_KEY_ID
+ Optional, the "persistent" key ID is unchanged if not
+ present.
+
+ NCR_ATTR_KEY_TYPE
+ Mandatory.
+
+ The data format is the same as in the NCRIO_KEY_EXPORT opera-
+ tion.
+
+ NCRIO_KEY_GET_INFO
+ Get metadata of an existing key.
+
+ The parameter points to struct ncr_key_get_info, which specifies
+ key, the key descriptor.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_WANTED_ATTRS
+ An array of unsigned 16-bit integers in native byte
+ order, specifying the set of output attributes that
+ should be returned. NCR_ATTR_ALGORITHM,
+ NCR_ATTR_KEY_FLAGS and NCR_ATTR_KEY_TYPE are currently
+ supported. Unsupported attribute requests are silently
+ ignored
+
+ The output attributes explicitly requested in
+ NCR_ATTR_WANTED_ATTRS, and no other output attributes, are
+ returned.
+
+ NCRIO_KEY_WRAP
+ Wrap one key using another, and write the result to user space.
+ Only keys with the NCR_KEY_FLAG_WRAPPABLE flag can be wrapped
+ using this operation.
+
+ The parameter points to struct ncr_key_wrap, which specifies the
+ key to wrap in the source_key member, the wrapping key in the
+ wrapping_key member, and a buffer for the wrapped data in the
+ buffer and buffer_size members.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_IV
+ Optional, an empty IV is used if not present.
+
+ NCR_ATTR_WRAPPING_ALGORITHM
+ Mandatory.
+
+ Only secret keys can be currently wrapped.
+
+ On success, size of the wrapped key is returned.
+
+ NCRIO_KEY_UNWRAP
+ Unwrap user-space data into a kernel-space key using another
+ key.
+
+ The parameter points to struct ncr_key_unwrap, which specifies
+ the destination key in the dest_key member, the wrapping key in
+ the wrapping_key member, and the wrapped data in the data and
+ data_size members.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_IV
+ Optional, an empty IV is used if not present.
+
+ NCR_ATTR_WRAPPING_ALGORITHM
+ Mandatory.
+
+ The unwrapped key will have the NCR_KEY_FLAG_WRAPPABLE flag set,
+ and the NCR_KEY_FLAG_EXPORTABLE flag clear.
+
+ NCRIO_KEY_STORAGE_WRAP
+ Wrap a key object and associated metadata using the system-wide
+ storage master key, and write the result to user space.
+
+ Only keys with the NCR_KEY_FLAG_WRAPPABLE flag can be wrapped
+ using this operation.
+
+ The parameter points to struct ncr_key_storage_wrap, which spec-
+ ifies the key to wrap in the key member, and a buffer for the
+ wrapped data in the buffer and buffer_size members.
+
+ On success, size of the wrapped key is returned.
+
+ Both symmetric and asymmetric keys can be wrapped using this
+ operation. The wrapped data includes data corresponding the
+ NCR_ATTR_ALGORITHM, NCR_ATTR_KEY_FLAGS, NCR_ATTR_KEY_TYPE and
+ NCR_ATTR_KEY_ID attributes in addition to the raw key material:
+
+ NCRIO_KEY_STORAGE_UNWRAP
+ Unwrap key and associated metadata created using NCRIO_KEY_STOR-
+ AGE_WRAP, and restore the information into a specified key
+ object.
+
+ The parameter points to struct ncr_key_storage_unwrap, which
+ specifies the destination key in the key member and the wrapped
+ data in the data and data_size members.
+
+ See NCRIO_KEY_STORAGE_WRAP above for the list of attributes that
+ will be restored.
+
+ NCRIO_SESSION_INIT
+ Allocate a session for performing crypto operations.
+
+ The parameter points to struct ncr_session_init, which specifies
+ the operation to perform, one of NCR_OP_ENCRYPT, NCR_OP_DECRYPT,
+ NCR_OP_SIGN and NCR_OP_VERIFY, in the op member. Use
+ NCR_OP_SIGN for computing an unkeyed hash as well as keyed
+ hashes and signatures.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_ALGORITHM
+ Mandatory.
+
+ NCR_ATTR_IV
+ Mandatory for some operations and algorithms.
+
+ NCR_ATTR_KEY
+ Mandatory for some operations and algorithms. An 32-bit
+ unsigned integer in native byte order specifying the key
+ to use for the operation.
+
+ NCR_ATTR_RSA_ENCODING_METHOD
+ Mandatory for RSA. An 32-bit unsigned integer in native
+ byte order specifying a RSA encoding method, one of
+ RSA_PKCS1_V1_5, RSA_PKCS1_OAEP and RSA_PKCS1_PSS.
+
+ NCR_ATTR_RSA_OAEP_HASH_ALGORITHM
+ Mandatory for RSA with RSA_PKCS1_OAEP. A NUL-terminated
+ string specifying a hash algorithm used in the OAEP
+ encoding method.
+
+ NCR_ATTR_RSA_PSS_SALT_LENGTH
+ For RSA with RSA_PKCS1_PSS. An 32-bit unsigned integer
+ in native byte order specifying the PSS salt length.
+ Optional, defaults to 0.
+
+ NCR_ATTR_SIGNATURE_HASH_ALGORITHM
+ Mandatory for some operations and algorithms. A NUL-ter-
+ minated string specifying a hash algorithm underlying a
+ signature, using the same formats as NCR_ATTR_ALGORITHM.
+
+ On success, an integer descriptor for the created session (valid
+ within the current /dev/crypto namespace) is returned.
+
+ NCRIO_SESSION_UPDATE
+ Update an existing crypto session with new data (for operations,
+ such as hashing, for which data can be supplied in pieces), or
+ perform a single operation using the session context (for opera-
+ tions, such as public key encryption, that work on separate
+ units of data).
+
+ The parameter points to struct ncr_session_update, which speci-
+ fies the descriptor of the session in the ses member.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_UPDATE_INPUT_DATA
+ A struct ncr_session_input_data specifying input for the
+ operation in its data and data_size members.
+
+ NCR_ATTR_UPDATE_INPUT_KEY_AS_DATA
+ An 32-bit unsigned integer in native byte order specify-
+ ing the key descriptor serving as input for the opera-
+ tion. This can be currently used only to compute or ver-
+ ify a signature or hash of a symmetric key: the keying
+ material is directly used as input data for the underly-
+ ing hash.
+
+ NCR_ATTR_UPDATE_OUTPUT_BUFFER
+ Mandatory for some operations and algorithms. A struct
+ ncr_session_output_buffer specifying buffer for operation
+ output in its buffer and buffer_size members. On success
+ the size of output is written to the variable pointed to
+ by the result_size_ptr member.
+
+ It is mandatory to include one of the NCR_ATTR_UPDATE_INPUT_DATA
+ and NCR_ATTR_UPDATE_INPUT_KEY_AS_DATA attributes.
+
+ For the NCR_OP_ENCRYPT and NCR_OP_DECRYPT operations using sym-
+ metric ciphers, the operation is performed on the input data,
+ resulting in an output data block of the same size; for opera-
+ tions using public-key cryptography, a single operation is per-
+ formed on the input data, resulting in output data.
+
+ For the NCR_OP_SIGN and NCR_OP_VERIFY operations, the input data
+ is supplied to the underlying hash function; no output data is
+ produced.
+
+ NCRIO_SESSION_FINAL
+ Finalize an existing crypto session and deallocate it.
+
+ The parameter points to struct ncr_session_final, which speci-
+ fies the descriptor of the session in the ses member.
+
+ If one of the NCR_ATTR_UPDATE_INPUT_DATA and
+ NCR_ATTR_UPDATE_INPUT_KEY_AS_DATA attributes is present, all
+ attributes are first processed as if using NCRIO_SESSION_UPDATE;
+ thus, the last update operation can be performed together with
+ the finalization in one step.
+
+ The following input attributes are recognized:
+
+ NCR_ATTR_FINAL_INPUT_DATA
+ Mandatory for some operations and algorithms. A struct
+ ncr_session_input_data as described above, specifying
+ input for the operation.
+
+ NCR_ATTR_FINAL_OUTPUT_BUFFER
+ Mandatory for some operations and algorithms. A struct
+ ncr_session_output_buffer as described above, specifying
+ buffer for operation output.
+
+ There is no specific finalization operation performed for
+ NCR_OP_ENCRYPT and NCR_OP_DECRYPT.
+
+ For the NCR_OP_SIGN operation, the signature is created and
+ written as output data.
+
+ For the NCR_OP_VERIFY operation, a signature specified as input
+ is verified and the result of this operation is returned: non-
+ zero for a valid signature, zero for an invalid signature. Note
+ that the ioctl(2) operation return value will be non-negative,
+ i.e. "success", even if the signature verification fails, as
+ long all inputs were specified correctly.
+
+ The session will be deallocated even if the NCRIO_SESSION_FINAL
+ operation reports an error, as long as a valid session descrip-
+ tor was specified.
+
+ NCRIO_SESSION_ONCE
+ Perform an one-shot crypto operation, allocating a temporary
+ session, supplying a single instance of data, and finalizing the
+ session in one operation.
+
+ The parameter points to struct ncr_session_once, which specifies
+ the operation to perform in the op member.
+
+ The attributes handled as if by passing to a NCRIO_SESSION_INIT
+ operation followed by a NCRIO_SESSION_FINAL operation, and the
+ return value of the NCRIO_SESSION_FINAL is returned on success.
+
+ NCRIO_MASTER_KEY_SET
+ Set the system-wide storage master key. Only a process with
+ EUID 0 and the CAP_SYS_ADMIN capability is allowed to perform
+ this operation. Once a master key is set, it can be changed
+ only by rebooting the system and setting a different key.
+
+ The parameter points to struct ncr_master_key_set, which speci-
+ fies the key material in user space using the key and key_size
+ members.
+
+ Only an AES key with size 16, 24, or 32 bytes is currently
+ acceptable.
+
+CONFIGURATION
+ The NCRIO_KEY_STORAGE_WRAP and NCRIO_KEY_STORAGE_UNWRAP ioctl()s work
+ only after a storage master key is configured by the system administra-
+ tor. See NCRIO_MASTER_KEY_SET above.
+
+FILES
+ /dev/crypto
+
+Linux 2010-08-20 CRYPTO(4)
diff --git a/include/linux/Kbuild b/include/linux/Kbuild
index 756f831..41790cd 100644
--- a/include/linux/Kbuild
+++ b/include/linux/Kbuild
@@ -116,6 +116,7 @@ header-y += mmtimer.h
header-y += mqueue.h
header-y += mtio.h
header-y += ncp_no.h
+header-y += ncr.h
header-y += neighbour.h
header-y += net_dropmon.h
header-y += net_tstamp.h
diff --git a/include/linux/ncr.h b/include/linux/ncr.h
new file mode 100644
index 0000000..c288cb8
--- /dev/null
+++ b/include/linux/ncr.h
@@ -0,0 +1,273 @@
+#ifndef _LINUX_NCR_H
+#define _LINUX_NCR_H
+
+#include <linux/types.h>
+
+/* Serves to make sure the structure is suitably aligned to continue with
+ a struct nlattr without external padding.
+
+ 4 is NLA_ALIGNTO from <linux/netlink.h>, but if we
+ included <linux/netlink.h>, the user would have to include <sys/socket.h>
+ as well for no obvious reason. "4" is fixed by ABI. */
+#define __NL_ATTRIBUTES char __align[] __attribute__((aligned(4)))
+
+/* In all ioctls, input_size specifies size of the ncr_* structure and the
+ following attributes.
+
+ output_size specifies space available for returning output, including the
+ initial ncr_* structure, and is updated by the ioctl() with the space
+ actually used.
+
+ There are two special cases: input_size 0 means not attributes are supplied,
+ and is treated equivalent to sizeof(struct ncr_*). output_size 0 means no
+ space for output attributes is available, and is not updated. */
+
+/* FIXME: better names for algorithm parameters? */
+/* FIXME: Split key generation/derivation attributes to decrease the number
+ of attributes used for the frequent operations? */
+enum {
+ NCR_ATTR_UNSPEC, /* 0 is special in lib/nlattr.c. */
+ NCR_ATTR_ALGORITHM, /* NLA_NUL_STRING */
+ NCR_ATTR_DERIVATION_ALGORITHM, /* NLA_NUL_STRING - NCR_DERIVE_* */
+ NCR_ATTR_SIGNATURE_HASH_ALGORITHM, /* NLA_NUL_STRING */
+ NCR_ATTR_WRAPPING_ALGORITHM, /* NLA_NUL_STRING - NCR_WALG_* */
+ NCR_ATTR_UPDATE_INPUT_DATA, /* NLA_BINARY - ncr_session_input_data */
+ /* NLA_BINARY - ncr_session_output_buffer */
+ NCR_ATTR_UPDATE_OUTPUT_BUFFER,
+ NCR_ATTR_UPDATE_INPUT_KEY_AS_DATA, /* NLA_U32 - ncr_key_t */
+ NCR_ATTR_FINAL_INPUT_DATA, /* NLA_BINARY - ncr_session_input_data */
+ /* NLA_BINARY - ncr_session_output_buffer */
+ NCR_ATTR_FINAL_OUTPUT_BUFFER,
+ NCR_ATTR_KEY, /* NLA_U32 - ncr_key_t */
+ NCR_ATTR_KEY_FLAGS, /* NLA_U32 - NCR_KEY_FLAG_* */
+ NCR_ATTR_KEY_ID, /* NLA_BINARY */
+ NCR_ATTR_KEY_TYPE, /* NLA_U32 - ncr_key_type_t */
+ NCR_ATTR_IV, /* NLA_BINARY */
+ NCR_ATTR_SECRET_KEY_BITS, /* NLA_U32 */
+ NCR_ATTR_RSA_MODULUS_BITS, /* NLA_U32 */
+ NCR_ATTR_RSA_E, /* NLA_BINARY */
+ NCR_ATTR_RSA_ENCODING_METHOD, /* NLA_U32 - ncr_rsa_type_t */
+ NCR_ATTR_RSA_OAEP_HASH_ALGORITHM, /* NLA_NUL_STRING */
+ NCR_ATTR_RSA_PSS_SALT_LENGTH, /* NLA_U32 */
+ NCR_ATTR_DSA_P_BITS, /* NLA_U32 */
+ NCR_ATTR_DSA_Q_BITS, /* NLA_U32 */
+ NCR_ATTR_DH_PRIME, /* NLA_BINARY */
+ NCR_ATTR_DH_BASE, /* NLA_BINARY */
+ NCR_ATTR_DH_PUBLIC, /* NLA_BINARY */
+ NCR_ATTR_WANTED_ATTRS, /* NLA_BINARY - array of u16 IDs */
+
+ /* Add new attributes here */
+
+ NCR_ATTR_END__,
+ NCR_ATTR_MAX = NCR_ATTR_END__ - 1
+};
+
+#define NCR_CIPHER_MAX_BLOCK_LEN 32
+#define NCR_HASH_MAX_OUTPUT_SIZE 64
+
+#define NCR_WALG_AES_RFC3394 "walg-aes-rfc3394" /* for secret keys only */
+#define NCR_WALG_AES_RFC5649 "walg-aes-rfc5649" /* can wrap arbitrary key */
+
+typedef enum {
+ NCR_KEY_TYPE_INVALID,
+ NCR_KEY_TYPE_SECRET=1,
+ NCR_KEY_TYPE_PUBLIC=2,
+ NCR_KEY_TYPE_PRIVATE=3,
+} ncr_key_type_t;
+
+/* Key handling
+ */
+
+typedef __s32 ncr_key_t;
+
+#define NCR_KEY_INVALID ((ncr_key_t)-1)
+
+#define NCR_KEY_FLAG_EXPORTABLE 1
+#define NCR_KEY_FLAG_WRAPPABLE (1<<1)
+/* when generating a pair the flags correspond to private
+ * and public key usage is implicit. For example when private
+ * key can decrypt then public key can encrypt. If private key
+ * can sign then public key can verify.
+ */
+#define NCR_KEY_FLAG_DECRYPT (1<<2)
+#define NCR_KEY_FLAG_SIGN (1<<3)
+
+struct ncr_key_generate {
+ __u32 input_size, output_size;
+ ncr_key_t key;
+ __NL_ATTRIBUTES;
+};
+
+struct ncr_key_generate_pair {
+ __u32 input_size, output_size;
+ ncr_key_t private_key;
+ ncr_key_t public_key;
+ __NL_ATTRIBUTES;
+};
+
+typedef enum {
+ RSA_PKCS1_V1_5, /* both signatures and encryption */
+ RSA_PKCS1_OAEP, /* for encryption only */
+ RSA_PKCS1_PSS, /* for signatures only */
+} ncr_rsa_type_t;
+
+#define NCR_DERIVE_DH "dh"
+
+
+struct ncr_key_derive {
+ __u32 input_size, output_size;
+ ncr_key_t input_key;
+ ncr_key_t new_key;
+ __NL_ATTRIBUTES;
+};
+
+#define MAX_KEY_ID_SIZE 20
+
+struct ncr_key_get_info {
+ __u32 input_size, output_size;
+ ncr_key_t key;
+ __NL_ATTRIBUTES;
+};
+
+struct ncr_key_import {
+ __u32 input_size, output_size;
+ ncr_key_t key;
+ const void __user *data;
+ __u32 data_size;
+ __NL_ATTRIBUTES;
+};
+
+struct ncr_key_export {
+ __u32 input_size, output_size;
+ ncr_key_t key;
+ void __user *buffer;
+ int buffer_size;
+ __NL_ATTRIBUTES;
+};
+
+#define NCRIO_KEY_INIT _IO('c', 204)
+/* generate a secret key */
+#define NCRIO_KEY_GENERATE _IOWR('c', 205, struct ncr_key_generate)
+/* generate a public key pair */
+#define NCRIO_KEY_GENERATE_PAIR _IOWR('c', 206, struct ncr_key_generate_pair)
+/* derive a new key from an old one */
+#define NCRIO_KEY_DERIVE _IOWR('c', 207, struct ncr_key_derive)
+/* return information on a key */
+#define NCRIO_KEY_GET_INFO _IOWR('c', 208, struct ncr_key_get_info)
+/* export a secret key */
+#define NCRIO_KEY_EXPORT _IOWR('c', 209, struct ncr_key_export)
+/* import a secret key */
+#define NCRIO_KEY_IMPORT _IOWR('c', 210, struct ncr_key_import)
+
+#define NCRIO_KEY_DEINIT _IOR ('c', 215, ncr_key_t)
+
+/* Key wrap ioctls
+ */
+struct ncr_key_wrap {
+ __u32 input_size, output_size;
+ ncr_key_t wrapping_key;
+ ncr_key_t source_key;
+ void __user *buffer;
+ int buffer_size;
+ __NL_ATTRIBUTES;
+};
+
+struct ncr_key_unwrap {
+ __u32 input_size, output_size;
+ ncr_key_t wrapping_key;
+ ncr_key_t dest_key;
+ const void __user *data;
+ __u32 data_size;
+ __NL_ATTRIBUTES;
+};
+
+#define NCRIO_KEY_WRAP _IOWR('c', 250, struct ncr_key_wrap)
+#define NCRIO_KEY_UNWRAP _IOWR('c', 251, struct ncr_key_unwrap)
+
+/* Internal ops */
+struct ncr_master_key_set {
+ __u32 input_size, output_size;
+ const void __user *key;
+ __u32 key_size;
+ __NL_ATTRIBUTES;
+};
+
+#define NCRIO_MASTER_KEY_SET _IOWR('c', 260, struct ncr_master_key_set)
+
+/* These are similar to key_wrap and unwrap except that will store some extra
+ * fields to be able to recover a key */
+struct ncr_key_storage_wrap {
+ __u32 input_size, output_size;
+ ncr_key_t key;
+ void __user *buffer;
+ int buffer_size;
+ __NL_ATTRIBUTES;
+};
+
+struct ncr_key_storage_unwrap {
+ __u32 input_size, output_size;
+ ncr_key_t key;
+ const void __user *data;
+ __u32 data_size;
+ __NL_ATTRIBUTES;
+};
+
+#define NCRIO_KEY_STORAGE_WRAP _IOWR('c', 261, struct ncr_key_storage_wrap)
+#define NCRIO_KEY_STORAGE_UNWRAP _IOWR('c', 262, struct ncr_key_storage_wrap)
+
+/* Crypto Operations ioctls
+ */
+
+typedef enum {
+ NCR_OP_ENCRYPT=1,
+ NCR_OP_DECRYPT,
+ NCR_OP_SIGN,
+ NCR_OP_VERIFY,
+} ncr_crypto_op_t;
+
+typedef __s32 ncr_session_t;
+#define NCR_SESSION_INVALID ((ncr_session_t)-1)
+
+struct ncr_session_input_data {
+ const void __user *data;
+ __kernel_size_t data_size;
+};
+
+struct ncr_session_output_buffer {
+ void __user *buffer;
+ __kernel_size_t buffer_size;
+ __kernel_size_t __user *result_size_ptr;
+};
+
+struct ncr_session_init {
+ __u32 input_size, output_size;
+ __u32 op; /* ncr_crypto_op_t */
+ __NL_ATTRIBUTES;
+};
+
+struct ncr_session_update {
+ __u32 input_size, output_size;
+ ncr_session_t ses;
+ __NL_ATTRIBUTES;
+};
+
+struct ncr_session_final {
+ __u32 input_size, output_size;
+ ncr_session_t ses;
+ __NL_ATTRIBUTES;
+};
+
+struct ncr_session_once {
+ __u32 input_size, output_size;
+ ncr_crypto_op_t op;
+ __NL_ATTRIBUTES;
+};
+
+#define NCRIO_SESSION_INIT _IOWR('c', 300, struct ncr_session_init)
+#define NCRIO_SESSION_UPDATE _IOWR('c', 301, struct ncr_session_update)
+#define NCRIO_SESSION_FINAL _IOWR('c', 302, struct ncr_session_final)
+
+/* everything in one call */
+#define NCRIO_SESSION_ONCE _IOWR('c', 303, struct ncr_session_once)
+
+#endif
--
1.7.2.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists