On 06/11/2015 07:59 PM, Herbert Xu wrote: >> +int crypto_akcipher_setkey(struct crypto_akcipher *tfm, >> > + const struct public_key *pkey) >> > +{ >> > + if (tfm->pkey) >> > + akcipher_free_key(tfm->pkey); >> > + >> > + return akcipher_clone_key(tfm, pkey); >> > +} > No please do not expose the struct public_key crap to the new > API. The key should be completely opaque to entities outside > of the algorithm. So make it raw and read out the MPIs from > it. > > The contents of the function must go into the algorithm setkey > function, not the crypto API. So RSA would read out however > many MPIs it needs and verify it, and so on. Should I make it MPI[] rather than void * -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html