Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751664AbbLUWdL (ORCPT <rfc822;w@1wt.eu>);
	Mon, 21 Dec 2015 17:33:11 -0500
Received: from mga04.intel.com ([192.55.52.120]:42765 "EHLO mga04.intel.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1750985AbbLUWdI (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Mon, 21 Dec 2015 17:33:08 -0500
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.20,461,1444719600"; 
   d="scan'208";a="621842429"
Subject: Re: [PATCH] crypto: AF_ALG - add support for keys/asymmetric-type
To: Stephan Mueller <smueller@chronox.de>, Tadeusz Struk <tstruk@gmail.com>
References: <20151221205107.28935.59696.stgit@desktop.home>
 <1668437.RHtfyqeg0Q@myon.chronox.de>
Cc: herbert@gondor.apana.org.au, dwmw2@infradead.org, marcel@holtmann.org,
        linux-kernel@vger.kernel.org, dhowells@redhat.com,
        keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
        linux-api@vger.kernel.org, zohar@linux.vnet.ibm.com
From: Tadeusz Struk <tadeusz.struk@intel.com>
Message-ID: <56787D41.8070109@intel.com>
Date: Mon, 21 Dec 2015 14:29:21 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <1668437.RHtfyqeg0Q@myon.chronox.de>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1534
Lines: 36

Hi Stephan,
On 12/21/2015 01:27 PM, Stephan Mueller wrote:
>> @@ -192,7 +194,30 @@ static int alg_setkey(struct sock *sk, char __user
>> > *ukey, if (copy_from_user(key, ukey, keylen))
>> >  		goto out;
>> > 
>> > -	err = setkey(ask->private, key, keylen);
>> > +	if (key_id) {
> Wouldn't it make sense to rather have a complete separate function for setting 
> the key based on the ID? I.e. we have one function for setting the key based 
> on a user-given buffer. A second function handles your additional code. As 
> both are unrelated, I would not suggest to clutter one function with the logic 
> of the other.

Either way is fine with me. I just didn't want to have too many indentation
levels in the alg_setsockopt function.

> 
>> -		err = alg_setkey(sk, optval, optlen, type->setkey);
>> > +		/* ALG_SET_KEY_ID is only for akcipher */
>> > +		if (!strcmp(type->name, "akcipher") && key_id)
> Why do you want to limit it to akcipher? I would think it can apply to all 
> types of keys. You mention that you want to restrict it to akcipher, but where 
> do you see the limitation for HMAC / skcipher?
> 
I pass key_type_asymmetric to request_key(), which only works with asymmetric.
To enable symmetric we would need to have a new key type, which would handle
both. 
Thanks,
-- 
TS
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/