lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Sat, 23 Mar 2019 07:43:08 +0300
From:   Vitaly Chikunov <>
To:     Herbert Xu <>,
        "David S. Miller" <>,,
Subject: [RFC v7.1] crypto: akcipher - default implementations for request callbacks


This is reworked version of "[PATCH v7 02/11] crypto: akcipher - check the
presence of callback before the call".

All checks inside of akcipher wrappers for the callbacks handling
akcipher_requests are removed and replaced with default akcipher_default_op()

Checks in crypto_akcipher_maxsize() are just removed altogether without any
replacement, because this callback is always defined.

Also, sanity checks for (!req->dst && req->dst_len) which was introduced in
"[PATCH v7 04/11] crypto: akcipher - new verify API for public key algorithms"
are removed, assuming this should be checked in the drivers if needed.

Commit "PATCH v7 01/11] KEYS: report to keyctl only actually supported key ops"
is also will be removed in the next patchset, as you agreed.


--- commit ---

Because with the introduction of EC-RDSA and change in workings of RSA
in regard to sign/verify, akcipher could have not all callbacks defined,
check the presence of callbacks in crypto_register_akcipher() and
provide default implementation if the callback is not implemented.

This is suggested by Herbert Xu instead of checking the presence of the
callback on every request.

Signed-off-by: Vitaly Chikunov <>
 crypto/akcipher.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/crypto/akcipher.c b/crypto/akcipher.c
index 0cbeae137e0a..780daa436dac 100644
--- a/crypto/akcipher.c
+++ b/crypto/akcipher.c
@@ -119,10 +119,24 @@ static void akcipher_prepare_alg(struct akcipher_alg *alg)
 	base->cra_flags |= CRYPTO_ALG_TYPE_AKCIPHER;
+static int akcipher_default_op(struct akcipher_request *req)
+	return -ENOSYS;
 int crypto_register_akcipher(struct akcipher_alg *alg)
 	struct crypto_alg *base = &alg->base;
+	if (!alg->sign)
+		alg->sign = akcipher_default_op;
+	if (!alg->verify)
+		alg->verify = akcipher_default_op;
+	if (!alg->encrypt)
+		alg->encrypt = akcipher_default_op;
+	if (!alg->decrypt)
+		alg->decrypt = akcipher_default_op;
 	return crypto_register_alg(base);

Powered by blists - more mailing lists