From: David Howells <dhowells@redhat.com>
Subject: Re: [PATCH v3 7/7] crypto: AF_ALG - add support for key_id
Date: Wed, 30 Mar 2016 17:31:46 +0100
Message-ID: <14284.1459355506@warthog.procyon.org.uk>
References: <20160330005734.25410.28829.stgit@tstruk-mobl1> <20160330005649.25410.70508.stgit@tstruk-mobl1>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: dhowells@redhat.com, herbert@gondor.apana.org.au,
	smueller@chronox.de, linux-api@vger.kernel.org,
	marcel@holtmann.org, linux-kernel@vger.kernel.org,
	keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
	dwmw2@infradead.org, davem@davemloft.net
To: Tadeusz Struk <tadeusz.struk@intel.com>
Return-path: <linux-kernel-owner@vger.kernel.org>
In-Reply-To: <20160330005734.25410.28829.stgit@tstruk-mobl1>
Content-ID: <14283.1459355506.1@warthog.procyon.org.uk>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: linux-crypto.vger.kernel.org

Tadeusz Struk <tadeusz.struk@intel.com> wrote:

> +	keyring = request_key(&key_type_asymmetric, key_name, NULL);
> +
> +	err = -ENOKEY;
> +	if (IS_ERR(keyring))
> +		goto out;
> +
> +	pkey = keyring->payload.data[asym_crypto];

NAK.  This is liable to crash in future.  You may not assume that you know
what keyring->payload.data[asym_crypto] points to.

You may not use struct public_key outside of crypto/asymmetric_key/.  It's the
internal data of the software subtype.  I'll move it out of the global header
to remove the temptation;-).

You must use accessor functions such as verify_signature().  Feel free to add
further accessor functions such as query_asym_capabilities(),
create_signature(), encrypt_blob() and decrypt_blob() or something like that.

David