Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp1388462pxf; Fri, 9 Apr 2021 07:16:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxzNcH6o2povP51ZBSbRYtgeFrchs50f/vU6h8RyRXnQzw9jLKFWFe+lBRrctmwjYb/JTKs X-Received: by 2002:a17:906:3684:: with SMTP id a4mr14238446ejc.316.1617977800280; Fri, 09 Apr 2021 07:16:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617977800; cv=none; d=google.com; s=arc-20160816; b=p43oPoAMc5MDfwQJjclvj4jFIw1Q5NAyWOXot7qX2+j8dDz+ffaMWgRC5KEQR1G6wj NweVwhmVOfacZktKFWbYg36FkcH5+9Gs1O2nFxNFJ9BW+s7Xpq40WNpHBH/ligNlj0d+ 7rV5aOa1+o5i++SucTnA3CuRBhXCFvyfVRqXkoi87yGr2taSfIYhVADIYDQN31qZqYsZ Daf9W+MtLf9xIH0fzsaZBoJ0GARLJ6+/bR8eE4P2siBKVFHW+hyW2vMvrHm7R/ddhLi5 kcBKWVPjIrNFfPbq+tHBmAX7LfukhakGNfzuNevt5ItfVEC3AECrodsYbUJZmZcVlYPy eeeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature:dkim-signature; bh=VTWVSPSXMxU3eqkzvycOyKEaZ8jPje2Egd37ULlw91I=; b=VMi4qh4gkvlngqxNR/+EQsJAKn9Cxq6zBxB9Zeo6LY/VZGe2bCoN8XtH7O36T2GQla OgN4QunxNURl/e7KcSBo8GAr8Lc6jbksX0CL3tO4E6eGUoz9V12WvrVMtwOyUXNit4Kt 4OWa6/am9DeD2SsZl/cmm9LkykRnd8n4UPuUf7GlOo+bcqeZlp8bvdSiVqbwUh7/ul+G WVpt6iJ8X3h2llMn/q2JmPYYi/AfPM0wVuWX+CBx6bfEpEerqfdUDtGhAsySDrdnFOa1 hPCUHcMw9jnM71xlbeIjF6eXRiSIWxO6TXeHndvDXtHkZEx6QvWlEHyKmnP0vULOKmrJ fb/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@benboeckel.net header.s=fm1 header.b=LJ1tXVR4; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=TbKTg0vO; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e1si2019240ejq.139.2021.04.09.07.16.12; Fri, 09 Apr 2021 07:16:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@benboeckel.net header.s=fm1 header.b=LJ1tXVR4; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=TbKTg0vO; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232990AbhDIOQQ (ORCPT + 99 others); Fri, 9 Apr 2021 10:16:16 -0400 Received: from new1-smtp.messagingengine.com ([66.111.4.221]:35311 "EHLO new1-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231402AbhDIOQN (ORCPT ); Fri, 9 Apr 2021 10:16:13 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailnew.nyi.internal (Postfix) with ESMTP id B6ED9580825; Fri, 9 Apr 2021 10:15:57 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Fri, 09 Apr 2021 10:15:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=benboeckel.net; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=fm1; bh=VTWVSPSXMxU3eqkzvycOyKEaZ8j Pje2Egd37ULlw91I=; b=LJ1tXVR4CleGK91S0PFuJ8ctXbzH7y/xja8CQhsEVMq Wffr1Pe+r9B0Jnl1UnGkY8nVY1In/udfnCXOdIC8Fys5zvk3f9Fo4VpdBHgyEzEL eV6bCllI/g8KQIEBSUgmSi4hsFRq+wjyWVgsoO80cDlJAWacWDq0CPNdtjG0nY1f BzWl5v3dOSi8qzxwiDh/dvh1oo5b3rFyDmt5AuacEOIfm8YqCb+QlEftK75i3jE+ 5DEEWiGFnWhYLtSAWmb7W5HosiACKUbMWkJ5GmMjmAO4ePdrO2xz8zkvbESlY/ZL jdvwX88fyOzQ2rsd/bm0FAzFdCPwMd7hT++xd71gc8w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=VTWVSP SXMxU3eqkzvycOyKEaZ8jPje2Egd37ULlw91I=; b=TbKTg0vOgFGapSkoVphX+4 pV2XiuC8fzuWO5DP3ZbMMtI+4lc8CyIOz7+6K4Gfoy75XBffrO/C+CihQBFrK8MK lSDNZRKhhFM4AMyE8JXOL9uoOVcx0x7a0p4+aUB5zSm0T1b77K9f5/BGGYVmp+b4 eAuYTeiXOxJ55/xQ/3Hk4rP9E1/oDCXNgMvHtKWfFOw4TBC1WxixDr1ANs9DL62f 2DpwZJDGpakH/WbTvYBNviwwrxE8kfokIkCWQ4aLjaq3LWLPoDabsFPopmTwbExj A5C2soiKWje1t3BUd5+HaslTC2ghIbVkBnHn5DooHmpxt0KwrcjmvD370ecKRumA == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudekuddgjeeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvffukfhfgggtuggjfgesthdtredttderjeenucfhrhhomhepuegvnhcu uehovggtkhgvlhcuoehmvgessggvnhgsohgvtghkvghlrdhnvghtqeenucggtffrrghtth gvrhhnpeevffdtteetgfdttdekueefgedttddtueeugeekgeetffeuteffjeduieehhfek tdenucfkphepjeefrddutddurdefvddrvddtudenucevlhhushhtvghrufhiiigvpedtne curfgrrhgrmhepmhgrihhlfhhrohhmpehmvgessggvnhgsohgvtghkvghlrdhnvght X-ME-Proxy: Received: from localhost (c-73-101-32-201.hsd1.pa.comcast.net [73.101.32.201]) by mail.messagingengine.com (Postfix) with ESMTPA id 873911080067; Fri, 9 Apr 2021 10:15:54 -0400 (EDT) Date: Fri, 9 Apr 2021 10:15:48 -0400 From: Ben Boeckel To: Varad Gautam Cc: linux-crypto@vger.kernel.org, dhowells@redhat.com, herbert@gondor.apana.org.au, davem@davemloft.net, vt@altlinux.org, tianjia.zhang@linux.alibaba.com, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, jarkko@kernel.org, James Morris , "Serge E. Hallyn" , "open list:SECURITY SUBSYSTEM" Subject: Re: [PATCH v2 18/18] keyctl_pkey: Add pkey parameters slen and mgfhash for PSS Message-ID: References: <20210408141516.11369-1-varad.gautam@suse.com> <20210408141516.11369-19-varad.gautam@suse.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20210408141516.11369-19-varad.gautam@suse.com> User-Agent: Mutt/2.0.5 (2021-01-21) Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Apr 08, 2021 at 16:15:16 +0200, Varad Gautam wrote: > keyctl pkey_* operations accept enc and hash parameters at present. > RSASSA-PSS signatures also require passing in the signature salt > length and the mgf hash function. > > Add parameters: > - 'slen' to feed in salt length of a PSS signature. > - 'mgfhash' to feed in the hash function used for MGF. Could `Documentation/security/keys/core.rst` be updated to mention these new parameters? Statements on what values are allowed would be appreciated as well (e.g., that `saltlen` (a far better name IMO) is unsigned 32-bits and where valid algorithm names could be found as well). Thanks, --Ben