Tadeusz Struk <tadeusz.st...@intel.com> wrote: > + keyring = request_key(&key_type_asymmetric, key_name, NULL); > + > + err = -ENOKEY; > + if (IS_ERR(keyring)) > + goto out; > + > + pkey = keyring->payload.data[asym_crypto];
NAK. This is liable to crash in future. You may not assume that you know what keyring->payload.data[asym_crypto] points to. You may not use struct public_key outside of crypto/asymmetric_key/. It's the internal data of the software subtype. I'll move it out of the global header to remove the temptation;-). You must use accessor functions such as verify_signature(). Feel free to add further accessor functions such as query_asym_capabilities(), create_signature(), encrypt_blob() and decrypt_blob() or something like that. David
