> Tadeusz Struk <tadeusz.struk@xxxxxxxxx> wrote: > >> + keyring = request_key(&key_type_asymmetric, key_name, NULL); >> + >> + err = -ENOKEY; >> + if (IS_ERR(keyring)) >> + goto out; >> + >> + pkey = keyring->payload.data[asym_crypto]; > > NAK. This is liable to crash in future. You may not assume that you know > what keyring->payload.data[asym_crypto] points to. > > You may not use struct public_key outside of crypto/asymmetric_key/. It's > the > internal data of the software subtype. I'll move it out of the global > header > to remove the temptation;-). > > You must use accessor functions such as verify_signature(). Feel free to > add > further accessor functions such as query_asym_capabilities(), > create_signature(), encrypt_blob() and decrypt_blob() or something like > that. Grr. This is not the first time this has been pointed out. And it shouldn't have *needed* to be pointed out in the first place. Please do not ignore review feedback. Or common sense. -- dwmw2 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html