lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20141016174245.GL17447@titan.lakedaemon.net>
Date:	Thu, 16 Oct 2014 13:42:45 -0400
From:	Jason Cooper <jason@...edaemon.net>
To:	Stephan Mueller <smueller@...onox.de>
Cc:	Grant Likely <grant.likely@...retlab.ca>,
	Geert Uytterhoeven <geert@...ux-m68k.org>,
	Herbert Xu <herbert@...dor.apana.org.au>,
	"David S. Miller" <davem@...emloft.net>,
	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] kernel crypto API interface specification

On Thu, Oct 16, 2014 at 06:50:58PM +0200, Stephan Mueller wrote:
> Am Donnerstag, 16. Oktober 2014, 11:06:05 schrieb Jason Cooper:
> 
> Hi Jason,
> 
> > On Thu, Oct 16, 2014 at 09:25:01AM -0400, Jason Cooper wrote:
> > > + Grant, Geert,
> > > 
> > > Stephan has created some great example code for both the kernel crypto
> > > API and the userspace crypto API.  As examples tend to bitrot, I was
> > > wondering if the code could serve as test code.  Then it would have a
> > > triple role: API regression testing, crypto test suite, and reference
> > > implementation.
> > > 
> > > Original patch is here:
> > >   https://lkml.kernel.org/r/7502136.9BkWHTZ0th@myon.chronox.de
> > > 
> > > On Thu, Oct 16, 2014 at 09:19:08AM +0200, Stephan Mueller wrote:
> > > > Am Mittwoch, 15. Oktober 2014, 13:58:00 schrieb Jason Cooper:
> > > > > On Tue, Oct 14, 2014 at 09:46:50PM +0200, Stephan Mueller wrote:
> > ...
> > 
> > > > > Perhaps the userspace API example should be a separate file with this
> > > > > text at the top?  Seems odd having it at the end.  Also, if you copied
> > > > > it from cryptsetup, is the copyright info correct?
> > > > 
> > > > I did not copy it from cryptsetup. I only used it as a basis, especially
> > > > with the data structure handling in _kcapi_cipher_crypt. But you are
> > > > right, I changed the license for the user space by taking the
> > > > cryptsetup license.> 
> > > Ok.  It looks like Geert and Grant took part in the kernel test
> > > unconference, so I'm adding them to the Cc.  I hope they can give us
> > > some pointers as to where we could hook in this code.  Then we can
> > > simply refer to it from the userspace API document.
> > 
> > tools/testing/selftests/crypto would be a good location for the example
> > code in the next version of this patch.  Make sure to take a look at
> > tools/testing/selftests/README.txt.
> 
> Well, I have written a FIPS 140-2 CAVS test harness covering all ciphers NIST 
> is interested. Maybe this can go there?

Assuming you own the code and are willing to license it under and
compatible license, then yes.  I would keep it a separate test from
other crypto tests, though.

There may be some push back wrt it being FIPS 140-2.  But I think it's
worth considering.

thx,

Jason.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ