From: Tadeusz Struk <tadeusz.struk-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
To: Stephan Mueller
<smueller-T9tCv8IpfcWELgA04lAiVw@public.gmane.org>,
Tadeusz Struk <tstruk-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Cc: herbert-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org,
dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org,
marcel-kz+m5ild9QBg9hUCZPvPmw@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
keyrings-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-crypto-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
Subject: Re: [PATCH] crypto: AF_ALG - add support for keys/asymmetric-type
Date: Mon, 21 Dec 2015 14:29:21 -0800 [thread overview]
Message-ID: <56787D41.8070109@intel.com> (raw)
In-Reply-To: <1668437.RHtfyqeg0Q-Veo+UhszpQh6vwJ5+F2VIg@public.gmane.org>
Hi Stephan,
On 12/21/2015 01:27 PM, Stephan Mueller wrote:
>> @@ -192,7 +194,30 @@ static int alg_setkey(struct sock *sk, char __user
>> > *ukey, if (copy_from_user(key, ukey, keylen))
>> > goto out;
>> >
>> > - err = setkey(ask->private, key, keylen);
>> > + if (key_id) {
> Wouldn't it make sense to rather have a complete separate function for setting
> the key based on the ID? I.e. we have one function for setting the key based
> on a user-given buffer. A second function handles your additional code. As
> both are unrelated, I would not suggest to clutter one function with the logic
> of the other.
Either way is fine with me. I just didn't want to have too many indentation
levels in the alg_setsockopt function.
>
>> - err = alg_setkey(sk, optval, optlen, type->setkey);
>> > + /* ALG_SET_KEY_ID is only for akcipher */
>> > + if (!strcmp(type->name, "akcipher") && key_id)
> Why do you want to limit it to akcipher? I would think it can apply to all
> types of keys. You mention that you want to restrict it to akcipher, but where
> do you see the limitation for HMAC / skcipher?
>
I pass key_type_asymmetric to request_key(), which only works with asymmetric.
To enable symmetric we would need to have a new key type, which would handle
both.
Thanks,
--
TS
WARNING: multiple messages have this Message-ID (diff)
From: Tadeusz Struk <tadeusz.struk@intel.com>
To: Stephan Mueller <smueller@chronox.de>, Tadeusz Struk <tstruk@gmail.com>
Cc: herbert@gondor.apana.org.au, dwmw2@infradead.org,
marcel@holtmann.org, linux-kernel@vger.kernel.org,
dhowells@redhat.com, keyrings@vger.kernel.org,
linux-crypto@vger.kernel.org, linux-api@vger.kernel.org,
zohar@linux.vnet.ibm.com
Subject: Re: [PATCH] crypto: AF_ALG - add support for keys/asymmetric-type
Date: Mon, 21 Dec 2015 14:29:21 -0800 [thread overview]
Message-ID: <56787D41.8070109@intel.com> (raw)
In-Reply-To: <1668437.RHtfyqeg0Q@myon.chronox.de>
Hi Stephan,
On 12/21/2015 01:27 PM, Stephan Mueller wrote:
>> @@ -192,7 +194,30 @@ static int alg_setkey(struct sock *sk, char __user
>> > *ukey, if (copy_from_user(key, ukey, keylen))
>> > goto out;
>> >
>> > - err = setkey(ask->private, key, keylen);
>> > + if (key_id) {
> Wouldn't it make sense to rather have a complete separate function for setting
> the key based on the ID? I.e. we have one function for setting the key based
> on a user-given buffer. A second function handles your additional code. As
> both are unrelated, I would not suggest to clutter one function with the logic
> of the other.
Either way is fine with me. I just didn't want to have too many indentation
levels in the alg_setsockopt function.
>
>> - err = alg_setkey(sk, optval, optlen, type->setkey);
>> > + /* ALG_SET_KEY_ID is only for akcipher */
>> > + if (!strcmp(type->name, "akcipher") && key_id)
> Why do you want to limit it to akcipher? I would think it can apply to all
> types of keys. You mention that you want to restrict it to akcipher, but where
> do you see the limitation for HMAC / skcipher?
>
I pass key_type_asymmetric to request_key(), which only works with asymmetric.
To enable symmetric we would need to have a new key type, which would handle
both.
Thanks,
--
TS
next prev parent reply other threads:[~2015-12-21 22:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-21 20:51 [PATCH] crypto: AF_ALG - add support for keys/asymmetric-type Tadeusz Struk
[not found] ` <20151221205107.28935.59696.stgit-r49W/1Cwd2f9zxVx7UNMDg@public.gmane.org>
2015-12-21 21:27 ` Stephan Mueller
2015-12-21 21:27 ` Stephan Mueller
[not found] ` <1668437.RHtfyqeg0Q-Veo+UhszpQh6vwJ5+F2VIg@public.gmane.org>
2015-12-21 22:29 ` Tadeusz Struk [this message]
2015-12-21 22:29 ` Tadeusz Struk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56787D41.8070109@intel.com \
--to=tadeusz.struk-ral2jqcrhueavxtiumwx3w@public.gmane.org \
--cc=dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=herbert-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org \
--cc=keyrings-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-crypto-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=marcel-kz+m5ild9QBg9hUCZPvPmw@public.gmane.org \
--cc=smueller-T9tCv8IpfcWELgA04lAiVw@public.gmane.org \
--cc=tstruk-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.