On Thu, 15 Jun 2023 at 12:26, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > > v2 changes: > > - Rename dsa to sig. > - Add braces around else clause. > > The crypto akcipher interface has exactly one user, the keyring > subsystem. That user only deals with kernel pointers, not SG lists. > Therefore the use of SG lists in the akcipher interface is > completely pointless. > > As there is only one user, changing it isn't that hard. This > patch series is a first step in that direction. It introduces > a new interface for encryption and decryption without SG lists: > > int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm, > const void *src, unsigned int slen, > void *dst, unsigned int dlen); > > int crypto_akcipher_sync_decrypt(struct crypto_akcipher *tfm, > const void *src, unsigned int slen, > void *dst, unsigned int dlen); > > I've decided to split out signing and verification because most > (all but one) of our signature algorithms do not support encryption > or decryption. These can now be accessed through the sig interface: > > int crypto_sig_sign(struct crypto_sig *tfm, > const void *src, unsigned int slen, > void *dst, unsigned int dlen); > > int crypto_sig_verify(struct crypto_sig *tfm, > const void *src, unsigned int slen, > const void *digest, unsigned int dlen); > > The keyring system has been converted to this interface. > This looks like a worthwhile improvement to me. As I asked before, could we do the same for the acomp API? The only existing user blocks on the completion, and the vast majority of implementations is software only.
