lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 16 May 2016 07:23:48 -0700
From:	Tadeusz Struk <>
To:	Mat Martineau <>
Subject: Re: [PATCH RESEND v5 6/6] crypto: AF_ALG - add support for key_id

Hi Mat,
On 05/13/2016 04:32 PM, Mat Martineau wrote:
>> +    params.data_len = req->src_len;
>> +    params.enc_len = req->dst_len;

Thanks for info. I have sent an update for this.

> The params member names have changed (now in_len and out_len).
>> +    ret = encrypt_blob(&params, in, out);
> The encrypt function for the key can now be called with params.key->type->asym_eds_op(). This also allows you to factor out the duplication in asym_key_encrypt, asym_key_decrypt, and asym_key_sign. See keyctl_pkey_e_d_s() in keyctl_pkey.c
>> +static int asym_key_verify(const struct key *key, struct akcipher_request *req)
> ...
>> +    ret = verify_signature(key, NULL, &sig);
> key->type->asym_verify_signature() is available as well.

Since these operation will be triggered from userspace I think it's better to use the
official interface as defined in crypto/public_key.h instead of direct calls.
Some operation may not be implemented for a given key type and the official interface
performs necessary checks.

Powered by blists - more mailing lists