ddbb411487
This adds userspace access to Diffie-Hellman computations through a new keyctl() syscall command to calculate shared secrets or public keys using input parameters stored in the keyring. Input key ids are provided in a struct due to the current 5-arg limit for the keyctl syscall. Only user keys are supported in order to avoid exposing the content of logon or encrypted keys. The output is written to the provided buffer, based on the assumption that the values are only needed in userspace. Future support for other types of key derivation would involve a new command, like KEYCTL_ECDH_COMPUTE. Once Diffie-Hellman support is included in the crypto API, this code can be converted to use the crypto API to take advantage of possible hardware acceleration and reduce redundant code. Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com> Signed-off-by: David Howells <dhowells@redhat.com> |
||
|---|---|---|
| .. | ||
| 00-INDEX | ||
| apparmor.txt | ||
| credentials.txt | ||
| IMA-templates.txt | ||
| keys-ecryptfs.txt | ||
| keys-request-key.txt | ||
| keys-trusted-encrypted.txt | ||
| keys.txt | ||
| LSM.txt | ||
| SELinux.txt | ||
| Smack.txt | ||
| tomoyo.txt | ||
| Yama.txt | ||