lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Sat, 19 Jul 2014 12:18:01 +0300
From:	Dmitry Kasatkin <dmitry.kasatkin@...il.com>
To:	David Howells <dhowells@...hat.com>
Cc:	Dmitry Kasatkin <d.kasatkin@...sung.com>,
	Mimi Zohar <zohar@...ux.vnet.ibm.com>,
	linux-security-module <linux-security-module@...r.kernel.org>,
	linux-crypto <linux-crypto@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: Making the asymmetric keys config option into a top-level option

On Thu, Jul 17, 2014 at 10:55 PM, David Howells <dhowells@...hat.com> wrote:
> Dmitry Kasatkin <d.kasatkin@...sung.com> wrote:
>
>> When ASYMMETRIC_KEYS=y, but depends on CRYPTO=m, selections will be also modules.
>> In random config case OID_REGISTRY, MPILIB and ASN1 became modules producing build
>> break. This patch removes asymmetric keys dependency from CRYPTO, but instead
>> selects CRYPTO and CRYPTO_HASH as they are needed.
>
> You do realise that this makes the asymmetric key config option into a
> top-level option?  I think, logically, that's the wrong thing to do.  They
> should still appear under the crypto menu.
>

Oops, this is not what I wanted to have.
Yes, I wanted to have still them under crypto but wanted to break dependency.
I was hurrying before starting the holidays, tested only from command line,
but did not look to menuconfig.

In overall asymmetric keys does not provide any crypto API.
Instead they provide key types... They use crypto api them in couple of places.
So it is more about "selecting" crypto.
In my opinion "entire" location of asymmetric keys under /crypto is wrong.
RSA algo may be there, but reset of the stuff can be under /keys.

-Dmitry

> Note that I think your patch is really the wrong solution.  The right solution
> is to fix the configuration tools - but that's quite an undertaking.
>
> David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists