Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752457AbbEDUpY (ORCPT <rfc822;w@1wt.eu>);
	Mon, 4 May 2015 16:45:24 -0400
Received: from mga11.intel.com ([192.55.52.93]:3102 "EHLO mga11.intel.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751115AbbEDUpU (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Mon, 4 May 2015 16:45:20 -0400
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.13,367,1427785200"; 
   d="scan'208";a="566143658"
Message-ID: <5547D9A3.9060800@intel.com>
Date: Mon, 04 May 2015 13:42:11 -0700
From: Tadeusz Struk <tadeusz.struk@intel.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: =?UTF-8?B?SG9yaWEgR2VhbnTEgw==?= <horia.geanta@freescale.com>,
        herbert@gondor.apana.org.au
CC: corbet@lwn.net, keescook@chromium.org, qat-linux@intel.com,
        jwboyer@redhat.com, richard@nod.at, d.kasatkin@samsung.com,
        linux-kernel@vger.kernel.org, steved@redhat.com, dhowells@redhat.com,
        vgoyal@redhat.com, james.l.morris@oracle.com, jkosina@suse.cz,
        zohar@linux.vnet.ibm.com, davem@davemloft.net, jdelvare@suse.de,
        linux-crypto@vger.kernel.org
Subject: Re: [PATCH RFC 0/2] crypto: Introduce Public Key Encryption API
References: <20150430223647.10157.82156.stgit@tstruk-mobl1> <55477111.2050803@freescale.com>
In-Reply-To: <55477111.2050803@freescale.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1151
Lines: 28

Hi Horia,
On 05/04/2015 06:16 AM, Horia Geantă wrote:
>> 	int (*sign)(struct pke_request *pkereq);
>> > 	int (*verify)(struct pke_request *pkereq);
>> > 	int (*encrypt)(struct pke_request *pkereq);
>> > 	int (*decrypt)(struct pke_request *pkereq);
> Where would be the proper place for keygen operation?

This will need to be extended to support keygen.

> 
> AFAICT algorithms currently map to primitives + encoding methods, which
> is not flexible. For e.g. current RSA implementation hardcodes the
> PKCS1-v1_5 encoding method, making it hard to add OAEP(+) etc.
> 
> One solution would be to map algorithms to primitives only. Encoding
> methods need to be abstracted somehow, maybe using templates to wrap the
> algorithms.

So far there is only one rsa implementation in kernel and it is only used
by module signing code.
Later we can add templates or simply one can register "oaep-rsa" algorithm.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/