[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAOq732KiaTLY9PidbHZ5H8GvDgi5kpxRopd8rDqvrXpCUtwgTg@mail.gmail.com>
Date: Tue, 23 Feb 2016 12:25:28 +0100
From: Andrew Zaborowski <balrogg@...glemail.com>
To: David Howells <dhowells@...hat.com>
Cc: Tadeusz Struk <tadeusz.struk@...el.com>, keyrings@...r.kernel.org,
linux-security-module@...r.kernel.org, zohar@...ux.vnet.ibm.com,
linux-kernel@...r.kernel.org,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>
Subject: Re: [PATCH 4/8] akcipher: Move the RSA DER encoding to the crypto layer
Hi David,
On 23 February 2016 at 11:55, David Howells <dhowells@...hat.com> wrote:
> Andrew Zaborowski <balrogg@...glemail.com> wrote:
>
>> AIUI Tadeusz is proposing adding the hashing as a new feature. Note
>> though that the hash paremeter won't make sense for the encrypt,
>> decrypt or verify operations.
>
> The hash parameter is necessary for the verify operation. From my
> perspective, I want a verify operation that takes the signature, the message
> hash and the hash name and gives me back an error code.
>From the certificates point of view yes, but the akcipher API only has
the four operations each of which has one input buffer and out output
buffer.
Without overhauling akcipher you could modify pkcs1pad so that sign
takes the hash as input, adds the DER struct in front of it to build
the signature, and the verify operation could at most check that the
DER string matches the hash type and return the hash. But I think
RFC2437 suggests that you rather compare the signatures, not the
hashes.
Cheers
Powered by blists - more mailing lists