Re: [PATCH v2] ima-evm-utils: simplify digest alias handling

[Vitaly Chikunov <vt@altlinux.org>]

Mimi,

On Sun, Mar 10, 2019 at 07:27:39PM -0400, Mimi Zohar wrote:
> On Mon, 2019-03-11 at 02:08 +0300, Vitaly Chikunov wrote:
> > On Sun, Mar 10, 2019 at 06:26:25PM -0400, Mimi Zohar wrote:
> > > Hi Vitaly,
> > > 
> > > On Wed, 2019-02-13 at 01:46 +0300, Vitaly Chikunov wrote:
> > > > - Make digest name search work just with simple strcmp() and three
> > > >   arrays, dropping strmatch().
> > > > - Remove get_digestbyname() which was doing two hash name resolving
> > > >   attempts, reverting to use plain EVP_get_digestbyname(). This will
> > > >   force the user to specify the proper hash name depending on what
> > > >   OpenSSL provides, allowing to specify older hash name in older
> > > >   OpenSSL.
> > > > - Improve hash_info parser to produce hash_algo_name[] more resembling
> > > >   what is in the kernel, making algocmp() not needed and removed.
> > > > - Fix indent in get_hash_algo_by_id().
> > > 
> > > Thanks, this is a lot better.  As there isn't a "Signed-off-by", did
> > 
> > Forgot this. I can resend with "Signed-off-by".
> > 
> > > you want to squash this with the original patch - "Extract digest
> > > algorithms from hash_info.h"?
> > 
> > Do you mean rebase squash with already upstreamed commit? Did not know
> > this is allowed.
> 
> Agreed, normally it shouldn't be done, but it hasn't been included in
> a release.  Defining and then removing algocmp() doesn't make sense.
> 
> > 
> > If you want to do it, this probably should not be squashed with "Extract
> > digest algorithms from hash_info.h", but with "Try to load digest by its
> > alias", because it is simplification of this commit.
> 
> Unless there is a reason for keeping these patches separate, please
> squash them.  It will be easier for anyone reviewing the code.

I will rework two top commits:

  0267fa1 (master) ima-evm-utils: Try to load digest by its alias
  942d9f9 ima-evm-utils: Extract digest algorithms from hash_info.h
  07d799c ima-evm-utils: Preload OpenSSL engine via '--engine' option
  7e2a784 ima-evm-utils: Allow using Streebog hash function
  b853b7b ima-evm-utils: Define the '--xattr-user' option for testing
  1d9c279 ima-evm-utils: Define hash and sig buffer sizes and add asserts
  9643544 ima-evm-utils: Fix hash buffer overflow in verify_evm and hmac_evm
  1541069 ima-evm-utils: libimaevm: get key description out of verbose condition
  8c8f29e (origin/master) ima-evm-utils: check the return code from tpm_pcr_read() in ima_measurement()

Into two new commits over (07d799c):

  "Extract digest algorithms from hash_info.h" - remove algocmp()
  "Try to load digest by its alias" - squash with "simplify digest alias handling" patch.

> 
> Thanks!