Hi Tudor, On 03/18/2016 11:31 AM, Tudor Ambarus wrote: > Use common ASN.1 sequences for all RSA implementations. > > Give hardware RSA implementations the chance to use > the RSA's software implementation parser even if they > are likely to want to use raw integers. > > The parser expects a context that contains at the first address > a struct rsa_asn1_action with function pointers to specific > parser actions (return MPI or raw integer keys), followed by > a key representation structure (for MPI or raw integers). > > This approach has the advantage that users can select specific > parser actions by using a general parser with function pointers > to specific actions. > > Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@xxxxxxx> I like the rsa_asn1_action idea, but I have some comments regarding the proposed implementation. > -int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key, > - unsigned int key_len); > +struct rsa_asn1_action { > + int (*get_n)(void *context, size_t hdrlen, unsigned char tag, > + const void *value, size_t vlen); > + int (*get_e)(void *context, size_t hdrlen, unsigned char tag, > + const void *value, size_t vlen); > + int (*get_d)(void *context, size_t hdrlen, unsigned char tag, > + const void *value, size_t vlen); > +}; To be able to take advantage of the Chinese remainder algorithm the generic rsa_asn1_action should allow to provide handlers to obtain all components of the private key i.e. handlers for p,q,dp,dq,qinv should also be provided. Also I think we don't need the size_t hdrlen and unsigned char tag here. > + > +struct rsa_ctx { > + struct rsa_asn1_action action; This should be a pointer to struct rsa_asn1_action *action; There is no need to have a separate instance per tfm. Drives should be able to use similar concept to how struct file_operations is used. Instead of set_rsa_priv_action they should do static const struct rsa_asn1_action impl_action = { .get_n = impl_get_n; .get_e = impl_get_e; ..... }; and then: static int rsa_set_priv_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen) { struct rsa_ctx *ctx = akcipher_tfm_ctx(tfm); struct rsa_mpi_key *pkey = &ctx->key; int ret; ctx->action = &impl_action; ret = rsa_parse_mpi_priv_key(ctx, key, keylen); return ret; } and the parser for each component will look as follows: int rsa_get_<X>(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { struct rsa_ctx *ctx = context; struct const rsa_asn1_action *action = ctx->action; if (action->get_<X>) return action->get_<X>(context, value, vlen); return 0; } This will allow all the drivers to get what then need. Thanks, -- TS -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html