diff options
| author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2010-11-23 18:55:35 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-11-28 16:55:29 -0500 |
| commit | 7e70cb4978507cf31d76b90e4cfb4c28cad87f0c (patch) | |
| tree | c5df493eef8d30dcb40d647b0528970eb4a391c6 /security/Kconfig | |
| parent | d00a1c72f7f4661212299e6cb132dfa58030bcdb (diff) | |
keys: add new key-type encrypted
Define a new kernel key-type called 'encrypted'. Encrypted keys are kernel
generated random numbers, which are encrypted/decrypted with a 'trusted'
symmetric key. Encrypted keys are created/encrypted/decrypted in the kernel.
Userspace only ever sees/stores encrypted blobs.
Changelog:
- bug fix: replaced master-key rcu based locking with semaphore
(reported by David Howells)
- Removed memset of crypto_shash_digest() digest output
- Replaced verification of 'key-type:key-desc' using strcspn(), with
one based on string constants.
- Moved documentation to Documentation/keys-trusted-encrypted.txt
- Replace hash with shash (based on comments by David Howells)
- Make lengths/counts size_t where possible (based on comments by David Howells)
Could not convert most lengths, as crypto expects 'unsigned int'
(size_t: on 32 bit is defined as unsigned int, but on 64 bit is unsigned long)
- Add 'const' where possible (based on comments by David Howells)
- allocate derived_buf dynamically to support arbitrary length master key
(fixed by Roberto Sassu)
- wait until late_initcall for crypto libraries to be registered
- cleanup security/Kconfig
- Add missing 'update' keyword (reported/fixed by Roberto Sassu)
- Free epayload on failure to create key (reported/fixed by Roberto Sassu)
- Increase the data size limit (requested by Roberto Sassu)
- Crypto return codes are always 0 on success and negative on failure,
remove unnecessary tests.
- Replaced kzalloc() with kmalloc()
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: David Safford <safford@watson.ibm.com>
Reviewed-by: Roberto Sassu <roberto.sassu@polito.it>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/Kconfig')
| -rw-r--r-- | security/Kconfig | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index 24b8f9b491b8..95accd442d55 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
| @@ -36,6 +36,22 @@ config TRUSTED_KEYS | |||
| 36 | 36 | ||
| 37 | If you are unsure as to whether this is required, answer N. | 37 | If you are unsure as to whether this is required, answer N. |
| 38 | 38 | ||
| 39 | config ENCRYPTED_KEYS | ||
| 40 | tristate "ENCRYPTED KEYS" | ||
| 41 | depends on KEYS && TRUSTED_KEYS | ||
| 42 | select CRYPTO_AES | ||
| 43 | select CRYPTO_CBC | ||
| 44 | select CRYPTO_SHA256 | ||
| 45 | select CRYPTO_RNG | ||
| 46 | help | ||
| 47 | This option provides support for create/encrypting/decrypting keys | ||
| 48 | in the kernel. Encrypted keys are kernel generated random numbers, | ||
| 49 | which are encrypted/decrypted with a 'master' symmetric key. The | ||
| 50 | 'master' key can be either a trusted-key or user-key type. | ||
| 51 | Userspace only ever sees/stores encrypted blobs. | ||
| 52 | |||
| 53 | If you are unsure as to whether this is required, answer N. | ||
| 54 | |||
| 39 | config KEYS_DEBUG_PROC_KEYS | 55 | config KEYS_DEBUG_PROC_KEYS |
| 40 | bool "Enable the /proc/keys file by which keys may be viewed" | 56 | bool "Enable the /proc/keys file by which keys may be viewed" |
| 41 | depends on KEYS | 57 | depends on KEYS |