Re: [PATCH RFC v3 2/3] crypto: RSA: KEYS: convert rsa and public key to new PKE API

From: Paul Bolle
Date: Fri Jun 05 2015 - 04:50:26 EST

Next message: Michal Simek: "[PATCH] microblaze: Label local function static"
Previous message: Michal Simek: "[PATCH] net: ll_temac: Remove sparse warnings"
In reply to: Tadeusz Struk: "Re: [PATCH RFC v3 2/3] crypto: RSA: KEYS: convert rsa and public key to new PKE API"
Next in thread: Tadeusz Struk: "Re: [PATCH RFC v3 2/3] crypto: RSA: KEYS: convert rsa and public key to new PKE API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A few remarks, perhaps not of the kind you'd like for an RFC, that I
hope are still relevant after Herbert's comment.

On Wed, 2015-06-03 at 15:44 -0700, Tadeusz Struk wrote:
> --- a/crypto/asymmetric_keys/Makefile
> +++ b/crypto/asymmetric_keys/Makefile
> @@ -8,6 +8,7 @@ asymmetric_keys-y := asymmetric_type.o signature.o
>
> obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o
> obj-$(CONFIG_PUBLIC_KEY_ALGO_RSA) += rsa.o
> +obj-$(CONFIG_PUBLIC_KEY_ALGO_RSA) += rsa_pkcs1_v1_5.o

This builds two modules if PUBLIC_KEY_ALGO_RSA = 'm': rsa.ko and
rsa_pkcs1_v1_5.ko. Is that what you want?

> --- a/crypto/asymmetric_keys/public_key.c
> +++ b/crypto/asymmetric_keys/public_key.c

> +int rsa_pkcs1_v1_5_verify_signature(const struct public_key *pkey,
> + const struct public_key_signature *sig);
> +

> -int public_key_verify_signature(const struct public_key *pk,
> +int public_key_verify_signature(const struct public_key *pkey,
> const struct public_key_signature *sig)
> {
> [...]
> - return algo->verify_signature(pk, sig);
> + return rsa_pkcs1_v1_5_verify_signature(pkey, sig);
> }

> --- a/crypto/asymmetric_keys/rsa.c
> +++ b/crypto/asymmetric_keys/rsa.c

> MODULE_LICENSE("GPL");
> MODULE_DESCRIPTION("RSA Public Key Algorithm");

> +static int rsa_init(void)
> +{
> + return crypto_register_akcipher(&rsa);
> +}

Is there a reason not to mark this __init? (This is not a rhetorical
question, perhaps there really is.)

> +static void rsa_exit(void)
> +{
> + crypto_unregister_akcipher(&rsa);
> +}

Ditto for __exit.

> +module_init(rsa_init);
> +module_exit(rsa_exit);
> +MODULE_ALIAS_CRYPTO("rsa");

Could the MODULE_* macros be grouped in one place please?

> --- /dev/null
> +++ b/crypto/asymmetric_keys/rsa_pkcs1_v1_5.c

> +/*
> + * Perform the verification step [RFC3447 sec 8.2.2].
> + */
> +int rsa_pkcs1_v1_5_verify_signature(const struct public_key *pkey,
> + const struct public_key_signature *sig)
> +{
> [...]
> +}

public_key.c uses this, so it can end up in public_key.ko. But it's not
exported. So a _quick and dirty_ build test generated:
WARNING: "rsa_pkcs1_v1_5_verify_signature" [[...]/crypto/asymmetric_keys/public_key.ko] undefined!

Also no MODULE_LICENSE() macro, so loading rsa_pkcs1_v1_5.ko should
trigger a warning and taint the kernel.

Thanks,

Paul Bolle

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Michal Simek: "[PATCH] microblaze: Label local function static"
Previous message: Michal Simek: "[PATCH] net: ll_temac: Remove sparse warnings"
In reply to: Tadeusz Struk: "Re: [PATCH RFC v3 2/3] crypto: RSA: KEYS: convert rsa and public key to new PKE API"
Next in thread: Tadeusz Struk: "Re: [PATCH RFC v3 2/3] crypto: RSA: KEYS: convert rsa and public key to new PKE API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]