From: <Tudor.Ambarus@microchip.com>
To: <vt@altlinux.org>, <dhowells@redhat.com>,
<herbert@gondor.apana.org.au>, <davem@davemloft.net>,
<keyrings@vger.kernel.org>, <linux-crypto@vger.kernel.org>,
<linux-kernel@vger.kernel.org>
Subject: Re: [RFC PATCH] akcipher: Introduce verify2 for public key algorithms
Date: Thu, 13 Dec 2018 10:26:53 +0000 [thread overview]
Message-ID: <b2e6060c-1e2a-c2c5-0484-715646d16201@microchip.com> (raw)
In-Reply-To: <20181211165938.1150-1-vt@altlinux.org>
Hi,
On 12/11/2018 06:59 PM, Vitaly Chikunov wrote:
> Current akcipher .verify() just decrypts signature to uncover message
> hash, which is then verified in upper level public_key_verify_signature
> by memcmp with the expected signature value, which is never passed into
> verify().
>
> This approach is incompatible with ECDSA algorithms, because, to verify
I would love to have ECDSA in kernel but unfortunately it hasn't reached kernel
because there is no in-kernel user for it. Do we have an agreement that we will
add support for it? If not, who will benefit of these patches?
Thanks,
ta
WARNING: multiple messages have this Message-ID (diff)
From: <Tudor.Ambarus@microchip.com>
To: vt@altlinux.org, dhowells@redhat.com,
herbert@gondor.apana.org.au, davem@davemloft.net,
keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH] akcipher: Introduce verify2 for public key algorithms
Date: Thu, 13 Dec 2018 10:26:53 +0000 [thread overview]
Message-ID: <b2e6060c-1e2a-c2c5-0484-715646d16201@microchip.com> (raw)
In-Reply-To: <20181211165938.1150-1-vt@altlinux.org>
SGksDQoNCk9uIDEyLzExLzIwMTggMDY6NTkgUE0sIFZpdGFseSBDaGlrdW5vdiB3cm90ZToNCj4g
Q3VycmVudCBha2NpcGhlciAudmVyaWZ5KCkganVzdCBkZWNyeXB0cyBzaWduYXR1cmUgdG8gdW5j
b3ZlciBtZXNzYWdlDQo+IGhhc2gsIHdoaWNoIGlzIHRoZW4gdmVyaWZpZWQgaW4gdXBwZXIgbGV2
ZWwgcHVibGljX2tleV92ZXJpZnlfc2lnbmF0dXJlDQo+IGJ5IG1lbWNtcCB3aXRoIHRoZSBleHBl
Y3RlZCBzaWduYXR1cmUgdmFsdWUsIHdoaWNoIGlzIG5ldmVyIHBhc3NlZCBpbnRvDQo+IHZlcmlm
eSgpLg0KPiANCj4gVGhpcyBhcHByb2FjaCBpcyBpbmNvbXBhdGlibGUgd2l0aCBFQ0RTQSBhbGdv
cml0aG1zLCBiZWNhdXNlLCB0byB2ZXJpZnkNCg0KSSB3b3VsZCBsb3ZlIHRvIGhhdmUgRUNEU0Eg
aW4ga2VybmVsIGJ1dCB1bmZvcnR1bmF0ZWx5IGl0IGhhc24ndCByZWFjaGVkIGtlcm5lbA0KYmVj
YXVzZSB0aGVyZSBpcyBubyBpbi1rZXJuZWwgdXNlciBmb3IgaXQuIERvIHdlIGhhdmUgYW4gYWdy
ZWVtZW50IHRoYXQgd2Ugd2lsbA0KYWRkIHN1cHBvcnQgZm9yIGl0PyBJZiBub3QsIHdobyB3aWxs
IGJlbmVmaXQgb2YgdGhlc2UgcGF0Y2hlcz8NCg0KVGhhbmtzLA0KdGENCg=
next prev parent reply other threads:[~2018-12-13 10:26 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-11 16:59 [RFC PATCH] akcipher: Introduce verify2 for public key algorithms Vitaly Chikunov
2018-12-11 16:59 ` Vitaly Chikunov
2018-12-13 10:12 ` Herbert Xu
2018-12-13 10:12 ` Herbert Xu
2019-01-04 10:20 ` Vitaly Chikunov
2019-01-04 10:20 ` Vitaly Chikunov
2019-01-16 16:22 ` David Howells
2018-12-13 10:26 ` Tudor.Ambarus [this message]
2018-12-13 10:26 ` Tudor.Ambarus
2018-12-13 11:58 ` Vitaly Chikunov
2018-12-13 11:58 ` Vitaly Chikunov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b2e6060c-1e2a-c2c5-0484-715646d16201@microchip.com \
--to=tudor.ambarus@microchip.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=vt@altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.