Hi Stephan,
On 12/21/2015 01:27 PM, Stephan Mueller wrote:
>> @@ -192,7 +194,30 @@ static int alg_setkey(struct sock *sk, char __user
>> > *ukey, if (copy_from_user(key, ukey, keylen))
>> > goto out;
>> >
>> > - err = setkey(ask->private, key, keylen);
>> > + if (key_id) {
> Wouldn't it make sense to rather have a complete separate function for
> setting
> the key based on the ID? I.e. we have one function for setting the key based
> on a user-given buffer. A second function handles your additional code. As
> both are unrelated, I would not suggest to clutter one function with the
> logic
> of the other.
Either way is fine with me. I just didn't want to have too many indentation
levels in the alg_setsockopt function.
>
>> - err = alg_setkey(sk, optval, optlen, type->setkey);
>> > + /* ALG_SET_KEY_ID is only for akcipher */
>> > + if (!strcmp(type->name, "akcipher") && key_id)
> Why do you want to limit it to akcipher? I would think it can apply to all
> types of keys. You mention that you want to restrict it to akcipher, but
> where
> do you see the limitation for HMAC / skcipher?
>
I pass key_type_asymmetric to request_key(), which only works with asymmetric.
To enable symmetric we would need to have a new key type, which would handle
both.
Thanks,
--
TS
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
