Hi Herb, the following patchset introduces a new API for abstracting key-agreement protocols such as DH and ECDH. It provides the primitives required for implementing the protocol, thus the name KPP (Key-agreement Protocol Primitives). Regards, Salvatore Changes from v8: * set_secret accept a buffer packed and prefixed with a tiny header of 2 fields: type and len. Each kpp type define its own type and provide helper for user (encoder) and drivers (decoder) Changed from v7: * API change: merge set_param and set_key to set_key. Params and private key are now provided together. Params have always to be provided. * Merge generate_public_key and compute_shared_secret into compute_val. API stay as it is * Add ecc_is_key_valid to validate private key when set. Now that params and key are set together we can validate the key right away. Before the check was deferred to generate_public_key. Changes from v6: * Remove len parameter from crypto_kpp_set_params. Adjust rest of code accordingly * Remove the while loop in ecdh_make_pub_key as the private key is fixed and iterating is pointless. EAGAIN is now to returned to make the user aware that he needs to regenerate/reset the private key Changes from v5: * Fix ecdh loading in fips mode. Changes from v4: * If fips_enabled is set allow only P256 (or higher) as Stephan suggested * Pass ndigits as argument to ecdh_make_pub_key and ecdh_shared_secret so that VLA can be used like in the rest of the module Changes from v3: * Move curve ID definition to public header ecdh.h as users need to have access to those ids when selecting the curve Changes from v2: * Add support for ECDH (curve P192 and P256). I reused the ecc module already present in net/bluetooth and extended it in order to select different curves at runtime. Code for P192 was taken from tinycrypt. Changes from v1: * Change check in dh_check_params_length based on Stephan review Salvatore Benedetto (3): crypto: Key-agreement Protocol Primitives API (KPP) crypto: kpp - Add DH software implementation crypto: kpp - Add ECDH software support crypto/Kconfig | 23 + crypto/Makefile | 9 + crypto/crypto_user.c | 20 + crypto/dh.c | 189 ++++++++ crypto/dh_helper.c | 84 ++++ crypto/ecc.c | 1018 +++++++++++++++++++++++++++++++++++++++ crypto/ecc.h | 83 ++++ crypto/ecc_curve_defs.h | 57 +++ crypto/ecdh.c | 151 ++++++ crypto/ecdh_helper.c | 75 +++ crypto/kpp.c | 123 +++++ crypto/testmgr.c | 362 ++++++++++++++ crypto/testmgr.h | 286 +++++++++++ include/crypto/dh.h | 29 ++ include/crypto/ecdh.h | 30 ++ include/crypto/internal/kpp.h | 64 +++ include/crypto/kpp.h | 330 +++++++++++++ include/linux/crypto.h | 1 + include/uapi/linux/cryptouser.h | 5 + 19 files changed, 2939 insertions(+) create mode 100644 crypto/dh.c create mode 100644 crypto/dh_helper.c create mode 100644 crypto/ecc.c create mode 100644 crypto/ecc.h create mode 100644 crypto/ecc_curve_defs.h create mode 100644 crypto/ecdh.c create mode 100644 crypto/ecdh_helper.c create mode 100644 crypto/kpp.c create mode 100644 include/crypto/dh.h create mode 100644 include/crypto/ecdh.h create mode 100644 include/crypto/internal/kpp.h create mode 100644 include/crypto/kpp.h -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html