| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <555F777D.1030509@intel.com>
Date: Fri, 22 May 2015 11:37:49 -0700
From: Tadeusz Struk <tadeusz.struk@...el.com>
To: Herbert Xu <herbert@...dor.apana.org.au>
CC: Linux Kernel Developers List <linux-kernel@...r.kernel.org>,
keescook@...omium.org, jwboyer@...hat.com, richard@....at,
steved@...hat.com, qat-linux@...el.com, dhowells@...hat.com,
linux-crypto@...r.kernel.org, james.l.morris@...cle.com,
jkosina@...e.cz, zohar@...ux.vnet.ibm.com, davem@...emloft.net,
vgoyal@...hat.com
Subject: Re: [PATCH RFC v2 1/2] crypto: add PKE API
On 05/10/2015 11:32 PM, Herbert Xu wrote:
> On Wed, May 06, 2015 at 12:36:48PM -0700, Tadeusz Struk wrote:
>>
>> + const struct public_key_signature *signature;
>
> Doing this means that you aren't adding it to the crypto API
> properly. You need to start from scratch and design a proper
> interface and not just wrap some existing opaque data strcture.
>
> Cheers,
>
Hi Herbert,
Thanks for your feedback.
How about this:
/**
* struct akcipher_request - public key request
*
* @base: Common attributes for async crypto requests
* @inparams: scatterlist of input parameters (one ent per parameter)
* for the operation as defined in RFC.
* For instance for rsa encrypt only one input param is required,
* (i.e. 'm' - message) as specified in RFC3447 sec 5.1.1
* (Note: the key belongs to the tfm)
* @outparams: scatterlist of output parameters (one ent per parameter)
* for the operation as defined in RFC.
* For instance for rsa encrypt only one output param will be
* produced (i.e. 'c' - cipher text) as specified in
* RFC3447 sec 5.1.1
*
* @__ctx: Start of private context data
*/
struct akcipher_request {
struct crypto_async_request base;
struct scatterlist *inparams;
struct scatterlist *outparams;
void *__ctx[] CRYPTO_MINALIGN_ATTR;
};
/**
* struct akcipher_alg - generic public key algorithm
*
* @sign: Function performs a sign operation as defined by public key
* algorithm
* @verify: Function performs a sign operation as defined by public key
* algorithm
* @encrypt: Function performs an encrypt operation as defined by public key
* algorithm
* @decrypt: Function performs a decrypt operation as defined by public key
* algorithm
* @reqsize: Request context size required by algorithm implementation
*
* @base: Common crypto API algorithm data structure
*/
struct akcipher_alg {
int (*sign)(struct akcipher_request *req);
int (*verify)(struct akcipher_request *req);
int (*encrypt)(struct akcipher_request *req);
int (*decrypt)(struct akcipher_request *req);
unsigned int reqsize;
struct crypto_alg base;
};
/**
* struct crypto_akcipher - user-instantiated objects which encapsulate
* algorithms and core processing logic
*
* @base: Common crypto API algorithm data structure
* @pkey: Key representation. Note: this can be both public or private
* key, depending on the operation.
* @__ctx: Start of private context data
*/
struct crypto_akcipher {
struct crypto_tfm base;
const struct public_key *pkey;
void *__ctx[] CRYPTO_MINALIGN_ATTR;
};
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists