From: David Howells Subject: Re: [PATCH v5 1/3] crypto: KEYS: convert public key and digsig asym to the akcipher api Date: Thu, 11 Feb 2016 10:08:37 +0000 Message-ID: <17832.1455185317@warthog.procyon.org.uk> References: <16626.1455184286@warthog.procyon.org.uk> <56BBC321.1000503@intel.com> <20160202180853.2887.82271.stgit@tstruk-mobl1> <20160202180848.2887.9937.stgit@tstruk-mobl1> <5286.1455113876@warthog.procyon.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8BIT Cc: dhowells@redhat.com, herbert@gondor.apana.org.au, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-crypto@vger.kernel.org, zohar@linux.vnet.ibm.com To: Tadeusz Struk Return-path: In-Reply-To: <16626.1455184286@warthog.procyon.org.uk> Content-ID: <17831.1455185317.1@warthog.procyon.org.uk> Sender: owner-linux-security-module@vger.kernel.org List-Id: linux-crypto.vger.kernel.org David Howells wrote: > Tadeusz Struk wrote: > > > > Why didn't you put the RSA signature parsing - ie. where the OID and the other > > > bits are checked - into crypto/rsa.c? > > > > > > > Do you want to get rid of the crypto/asymmetric_keys/rsa.c completely? > > I wanted to make the conversion churn as small as possible. > > I can move it in a subsequent patch if you want. > > I was thinking of getting rid of it completely, yes. > > But I was wondering if you had some other motivation, such as keeping the > crypto layer purely the mathematical operation. > > It's an interesting question where to draw the line, actually. The answer may > hinge on what things like the TPM do. I should ask the TPM folks. Looking in the TPM emulator, the TPM_Sign operation indeed puts the wrappings on, so this needs to go into the crypto layer. David