Merge branch 'keys-misc' into keys-next

     A process must have search permission on the key for this function to be

     successful.

 (*) Compute a Diffie-Hellman shared secret or public key

       long keyctl(KEYCTL_DH_COMPUTE, struct keyctl_dh_params *params,

		   char *buffer, size_t buflen);

     The params struct contains serial numbers for three keys:

	 - The prime, p, known to both parties

	 - The local private key

	 - The base integer, which is either a shared generator or the

	   remote public key

     The value computed is:

	result = base ^ private (mod prime)

     If the base is the shared generator, the result is the local

     public key.  If the base is the remote public key, the result is

     the shared secret.

     The buffer length must be at least the length of the prime, or zero.

     If the buffer length is nonzero, the length of the result is

     returned when it is successfully calculated and copied in to the

     buffer. When the buffer length is zero, the minimum required

     buffer length is returned.

     This function will return error EOPNOTSUPP if the key type is not

     supported, error ENOKEY if the key could not be found, or error

     EACCES if the key is not readable by the caller.

===============

KERNEL SERVICES

#ifndef _LINUX_KEYCTL_H

#define _LINUX_KEYCTL_H

#include <linux/types.h>

/* special process keyring shortcut IDs */

#define KEY_SPEC_THREAD_KEYRING		-1	/* - key ID for thread-specific keyring */

#define KEY_SPEC_PROCESS_KEYRING	-2	/* - key ID for process-specific keyring */

#define KEYCTL_INSTANTIATE_IOV		20	/* instantiate a partially constructed key */

#define KEYCTL_INVALIDATE		21	/* invalidate a key */

#define KEYCTL_GET_PERSISTENT		22	/* get a user's persistent keyring */

#define KEYCTL_DH_COMPUTE		23	/* Compute Diffie-Hellman values */

/* keyctl structures */

struct keyctl_dh_params {

	__s32 private;

	__s32 prime;

	__s32 base;

};

#endif /*  _LINUX_KEYCTL_H */

	default n

        select ASYMMETRIC_KEY_TYPE

        select ASYMMETRIC_PUBLIC_KEY_SUBTYPE

        select PUBLIC_KEY_ALGO_RSA

        select CRYPTO_RSA

        select X509_CERTIFICATE_PARSER

	help

	bool "Large payload keys"

	depends on KEYS

	depends on TMPFS

	select CRYPTO

	select CRYPTO_AES

	select CRYPTO_ECB

	select CRYPTO_RNG

	help

	  This option provides support for holding large keys within the kernel

	  (for example Kerberos ticket caches).  The data may be stored out to

	  Userspace only ever sees/stores encrypted blobs.

	  If you are unsure as to whether this is required, answer N.

config KEY_DH_OPERATIONS

       bool "Diffie-Hellman operations on retained keys"

       depends on KEYS

       select MPILIB

       help

	 This option provides support for calculating Diffie-Hellman

	 public keys and shared secrets using values stored as keys

	 in the kernel.

	 If you are unsure as to whether this is required, answer N.

obj-$(CONFIG_PROC_FS) += proc.o

obj-$(CONFIG_SYSCTL) += sysctl.o

obj-$(CONFIG_PERSISTENT_KEYRINGS) += persistent.o

obj-$(CONFIG_KEY_DH_OPERATIONS) += dh.o

#

# Key types