| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Feb 2016 12:25:28 +0100 From: Andrew Zaborowski <balrogg@...glemail.com> To: David Howells <dhowells@...hat.com> Cc: Tadeusz Struk <tadeusz.struk@...el.com>, keyrings@...r.kernel.org, linux-security-module@...r.kernel.org, zohar@...ux.vnet.ibm.com, linux-kernel@...r.kernel.org, Linux Crypto Mailing List <linux-crypto@...r.kernel.org> Subject: Re: [PATCH 4/8] akcipher: Move the RSA DER encoding to the crypto layer Hi David, On 23 February 2016 at 11:55, David Howells <dhowells@...hat.com> wrote: > Andrew Zaborowski <balrogg@...glemail.com> wrote: > >> AIUI Tadeusz is proposing adding the hashing as a new feature. Note >> though that the hash paremeter won't make sense for the encrypt, >> decrypt or verify operations. > > The hash parameter is necessary for the verify operation. From my > perspective, I want a verify operation that takes the signature, the message > hash and the hash name and gives me back an error code. >From the certificates point of view yes, but the akcipher API only has the four operations each of which has one input buffer and out output buffer. Without overhauling akcipher you could modify pkcs1pad so that sign takes the hash as input, adds the DER struct in front of it to build the signature, and the verify operation could at most check that the DER string matches the hash type and return the hash. But I think RFC2437 suggests that you rather compare the signatures, not the hashes. Cheers
Powered by blists - more mailing lists