From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: David Howells <dhowells@redhat.com>
Cc: keyrings@vger.kernel.org, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, tadeusz.struk@intel.com
Subject: Re: [PATCH 0/8] X.509: Software public key subtype changes
Date: Mon, 22 Feb 2016 13:57:25 -0500 [thread overview]
Message-ID: <1456167445.3167.42.camel@linux.vnet.ibm.com> (raw)
In-Reply-To: <20160219171806.17223.91381.stgit@warthog.procyon.org.uk>
On Fri, 2016-02-19 at 17:18 +0000, David Howells wrote:
> Here's a set of patches that cleans up the public key handling in the
> asymmetric key functions:
>
> (1) - (3) These are Tadeusz's RSA akcipher conversion.
Up to here, IMA-appraisal works properly.
Mimi
> (4) This removes all knowledge of RSA from the software public key
> asymmetric key subtype. Instead, the public key type and the hash
> type are indicated to the crypto layer and the RSA module there does
> all the appropriate encoding.
>
> (5) This changes the various algorithm IDs to text labels instead of enums
> as the strings are what we actually deal with (printing, passing to
> the crypto layer).
>
> (6) This separates the private parts of the software public key subtype
> into a private header in the implementation directory.
>
> (7) This renames public_key.c to software_pkey.c and changes the Kconfig
> symbol to match.
>
> (8) This renames symbols beginning "public_key" to "software_pkey" except
> struct for public_key_signature which is a wider API component.
>
> The patches can be found here also:
>
> http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-rsa
>
> David
> ---
> David Howells (5):
> akcipher: Move the RSA DER encoding to the crypto layer
> X.509: Make algo identifiers text instead of enum
> X.509: Make the public_key asymmetric key type internal data private
> X.509: Rename public_key.c to software_pkey.c
> X.509: Rename public_key* to software_pkey*
>
> Tadeusz Struk (3):
> crypto: KEYS: convert public key and digsig asym to the akcipher api
> integrity: convert digsig to akcipher api
> crypto: public_key: remove MPIs from public_key_signature struct
>
>
> arch/s390/configs/default_defconfig | 2
> arch/s390/configs/gcov_defconfig | 2
> arch/s390/configs/performance_defconfig | 2
> crypto/asymmetric_keys/Kconfig | 17 +-
> crypto/asymmetric_keys/Makefile | 10 -
> crypto/asymmetric_keys/mscode_parser.c | 14 +
> crypto/asymmetric_keys/pkcs7_parser.c | 30 +--
> crypto/asymmetric_keys/pkcs7_trust.c | 2
> crypto/asymmetric_keys/pkcs7_verify.c | 12 +
> crypto/asymmetric_keys/public_key.c | 130 --------------
> crypto/asymmetric_keys/public_key.h | 36 ----
> crypto/asymmetric_keys/rsa.c | 278 -----------------------------
> crypto/asymmetric_keys/software_pkey.c | 142 +++++++++++++++
> crypto/asymmetric_keys/software_pkey.h | 33 +++
> crypto/asymmetric_keys/verify_pefile.c | 4
> crypto/asymmetric_keys/verify_pefile.h | 2
> crypto/asymmetric_keys/x509_cert_parser.c | 67 ++-----
> crypto/asymmetric_keys/x509_parser.h | 4
> crypto/asymmetric_keys/x509_public_key.c | 43 ++--
> crypto/asymmetric_keys/x509_rsakey.asn1 | 4
> crypto/rsa.c | 210 +++++++++++++++++++---
> crypto/testmgr.c | 5 -
> include/crypto/akcipher.h | 7 +
> include/crypto/public_key.h | 79 +-------
> init/Kconfig | 4
> kernel/module_signing.c | 6 +
> security/integrity/Kconfig | 3
> security/integrity/digsig_asymmetric.c | 16 +-
> 28 files changed, 467 insertions(+), 697 deletions(-)
> delete mode 100644 crypto/asymmetric_keys/public_key.c
> delete mode 100644 crypto/asymmetric_keys/public_key.h
> delete mode 100644 crypto/asymmetric_keys/rsa.c
> create mode 100644 crypto/asymmetric_keys/software_pkey.c
> create mode 100644 crypto/asymmetric_keys/software_pkey.h
> delete mode 100644 crypto/asymmetric_keys/x509_rsakey.asn1
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
next prev parent reply other threads:[~2016-02-22 18:57 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-19 17:18 [PATCH 0/8] X.509: Software public key subtype changes David Howells
2016-02-19 17:18 ` [PATCH 1/8] crypto: KEYS: convert public key and digsig asym to the akcipher api David Howells
2016-02-19 17:18 ` [PATCH 2/8] integrity: convert digsig to " David Howells
2016-02-19 17:18 ` [PATCH 3/8] crypto: public_key: remove MPIs from public_key_signature struct David Howells
2016-02-19 17:18 ` [PATCH 4/8] akcipher: Move the RSA DER encoding to the crypto layer David Howells
2016-02-22 19:59 ` Tadeusz Struk
2016-02-22 22:28 ` David Howells
2016-02-22 23:35 ` Tadeusz Struk
2016-02-23 10:53 ` David Howells
2016-02-24 17:12 ` [PATCH 0/2] KEYS: Use pkcs1pad for padding in software_pkey Tadeusz Struk
2016-02-24 17:12 ` Tadeusz Struk
2016-02-24 17:12 ` [PATCH 1/2] crypto: Add hash param to pkcs1pad Tadeusz Struk
2016-02-24 17:12 ` [PATCH 2/2] crypto: remove padding logic from rsa.c Tadeusz Struk
2016-02-26 14:00 ` David Howells
2016-02-26 15:02 ` David Howells
2016-02-27 18:40 ` Herbert Xu
2016-02-28 3:20 ` Tadeusz Struk
2016-02-24 17:28 ` [PATCH 0/2] KEYS: Use pkcs1pad for padding in software_pkey David Howells
2016-02-23 0:01 ` [PATCH 4/8] akcipher: Move the RSA DER encoding to the crypto layer Andrew Zaborowski
2016-02-23 10:55 ` David Howells
2016-02-23 11:25 ` Andrew Zaborowski
2016-02-26 11:42 ` David Howells
2016-02-24 5:04 ` Mimi Zohar
2016-02-24 5:59 ` Mimi Zohar
2016-02-29 15:37 ` David Howells
2016-02-19 17:18 ` [PATCH 5/8] X.509: Make algo identifiers text instead of enum David Howells
2016-02-19 17:18 ` [PATCH 6/8] X.509: Make the public_key asymmetric key type internal data private David Howells
2016-02-19 17:18 ` [PATCH 7/8] X.509: Rename public_key.c to software_pkey.c David Howells
2016-02-19 17:19 ` [PATCH 8/8] X.509: Rename public_key* to software_pkey* David Howells
2016-02-22 18:57 ` Mimi Zohar [this message]
2016-02-22 22:29 ` [PATCH 0/8] X.509: Software public key subtype changes David Howells
2016-02-23 0:03 ` Mimi Zohar
2016-02-23 10:16 ` David Howells
2016-02-23 12:28 ` Mimi Zohar
2016-02-22 19:59 ` Tadeusz Struk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1456167445.3167.42.camel@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=dhowells@redhat.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=tadeusz.struk@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.