On 05/10/2015 11:32 PM, Herbert Xu wrote:
> On Wed, May 06, 2015 at 12:36:48PM -0700, Tadeusz Struk wrote:
>>
>> + const struct public_key_signature *signature;
>
> Doing this means that you aren't adding it to the crypto API
> properly. You need to start from scratch and design a proper
> interface and not just wrap some existing opaque data strcture.
>
> Cheers,
>
Hi Herbert,
Thanks for your feedback.
How about this:
/**
* struct akcipher_request - public key request
*
* @base: Common attributes for async crypto requests
* @inparams: scatterlist of input parameters (one ent per parameter)
* for the operation as defined in RFC.
* For instance for rsa encrypt only one input param is required,
* (i.e. 'm' - message) as specified in RFC3447 sec 5.1.1
* (Note: the key belongs to the tfm)
* @outparams: scatterlist of output parameters (one ent per parameter)
* for the operation as defined in RFC.
* For instance for rsa encrypt only one output param will be
* produced (i.e. 'c' - cipher text) as specified in
* RFC3447 sec 5.1.1
*
* @__ctx: Start of private context data
*/
struct akcipher_request {
struct crypto_async_request base;
struct scatterlist *inparams;
struct scatterlist *outparams;
void *__ctx[] CRYPTO_MINALIGN_ATTR;
};
/**
* struct akcipher_alg - generic public key algorithm
*
* @sign: Function performs a sign operation as defined by public key
* algorithm
* @verify: Function performs a sign operation as defined by public key
* algorithm
* @encrypt: Function performs an encrypt operation as defined by public key
* algorithm
* @decrypt: Function performs a decrypt operation as defined by public key
* algorithm
* @reqsize: Request context size required by algorithm implementation
*
* @base: Common crypto API algorithm data structure
*/
struct akcipher_alg {
int (*sign)(struct akcipher_request *req);
int (*verify)(struct akcipher_request *req);
int (*encrypt)(struct akcipher_request *req);
int (*decrypt)(struct akcipher_request *req);
unsigned int reqsize;
struct crypto_alg base;
};
/**
* struct crypto_akcipher - user-instantiated objects which encapsulate
* algorithms and core processing logic
*
* @base: Common crypto API algorithm data structure
* @pkey: Key representation. Note: this can be both public or private
* key, depending on the operation.
* @__ctx: Start of private context data
*/
struct crypto_akcipher {
struct crypto_tfm base;
const struct public_key *pkey;
void *__ctx[] CRYPTO_MINALIGN_ATTR;
};
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
