| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 23 May 2015 13:47:35 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Tadeusz Struk <tadeusz.struk@...el.com>
Cc: Linux Kernel Developers List <linux-kernel@...r.kernel.org>,
keescook@...omium.org, jwboyer@...hat.com, richard@....at,
steved@...hat.com, qat-linux@...el.com, dhowells@...hat.com,
linux-crypto@...r.kernel.org, james.l.morris@...cle.com,
jkosina@...e.cz, zohar@...ux.vnet.ibm.com, davem@...emloft.net,
vgoyal@...hat.com
Subject: Re: [PATCH RFC v2 1/2] crypto: add PKE API
On Fri, May 22, 2015 at 11:37:49AM -0700, Tadeusz Struk wrote:
>
> /**
> * struct akcipher_request - public key request
> *
> * @base: Common attributes for async crypto requests
> * @inparams: scatterlist of input parameters (one ent per parameter)
> * for the operation as defined in RFC.
> * For instance for rsa encrypt only one input param is required,
> * (i.e. 'm' - message) as specified in RFC3447 sec 5.1.1
> * (Note: the key belongs to the tfm)
> * @outparams: scatterlist of output parameters (one ent per parameter)
> * for the operation as defined in RFC.
> * For instance for rsa encrypt only one output param will be
> * produced (i.e. 'c' - cipher text) as specified in
> * RFC3447 sec 5.1.1
> *
> * @__ctx: Start of private context data
> */
> struct akcipher_request {
> struct crypto_async_request base;
> struct scatterlist *inparams;
> struct scatterlist *outparams;
> void *__ctx[] CRYPTO_MINALIGN_ATTR;
> };
I think you should rename them to src/dst and add a length argument.
Limiting them to one entry also seems strange. When do you need more
one parameter?
> /**
> * struct akcipher_alg - generic public key algorithm
> *
> * @sign: Function performs a sign operation as defined by public key
> * algorithm
> * @verify: Function performs a sign operation as defined by public key
> * algorithm
> * @encrypt: Function performs an encrypt operation as defined by public key
> * algorithm
> * @decrypt: Function performs a decrypt operation as defined by public key
> * algorithm
> * @reqsize: Request context size required by algorithm implementation
> *
> * @base: Common crypto API algorithm data structure
> */
> struct akcipher_alg {
> int (*sign)(struct akcipher_request *req);
> int (*verify)(struct akcipher_request *req);
> int (*encrypt)(struct akcipher_request *req);
> int (*decrypt)(struct akcipher_request *req);
Looks good. You'll also need a setkey (or perhaps two) function.
Thanks,
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists