Re: [RFC PATCH v3 05/13] clavis: Introduce a new key type called clavis_key_acl

On Fri, Oct 18, 2024 at 15:42:15 +, Eric Snowberg wrote: > > On Oct 17, 2024, at 11:21 PM, Ben Boeckel wrote: > > Can this be committed to `Documentation/` and not just the Git history > > please? > > This is documented, but it doesn't come in until the 8th patc

Re: [RFC PATCH v3 05/13] clavis: Introduce a new key type called clavis_key_acl

On Thu, Oct 17, 2024 at 09:55:08 -0600, Eric Snowberg wrote: > Introduce a new key type for keyring access control. The new key type > is called clavis_key_acl. The clavis_key_acl contains the subject key > identifier along with the allowed usage type for the key. > > The format is as follows: >

Re: [PATCH v2] KEYS: trusted: Use ASN.1 encoded OID

On Thu, May 23, 2024 at 16:23:37 +0300, Jarkko Sakkinen wrote: > There's no reason to encode OID_TPMSealedData at run-time, as it never > changes. > > Replace it with the encoded version, which has exactly the same size: > > 67 81 05 0A 01 05 Is it the same size? It looks considerably smal

Re: [PATCH] docs: module-signing: adjust guide after sha1 and sha224 support is gone

On Wed, Oct 25, 2023 at 13:57:08 +0100, Dimitri John Ledkov wrote: > Sorry for not patching documentation at the same time as the code > changes that made documentation out of date. Should this, perhaps, get a `Fixes` trailer then? --Ben

Re: [PATCH v3 18/18] keyctl_pkey: Add pkey parameters saltlen and mgfhash for PSS

to feed in salt length of a PSS signature. > - 'mgfhash' to feed in the hash function used for MGF. > > Signed-off-by: Varad Gautam > CC: Jarkko Sakkinen > CC: Ben Boeckel > --- > v3: Rename slen to saltlen, update Documentation/security/keys/co

Re: [PATCH v2 18/18] keyctl_pkey: Add pkey parameters slen and mgfhash for PSS

On Thu, Apr 08, 2021 at 16:15:16 +0200, Varad Gautam wrote: > keyctl pkey_* operations accept enc and hash parameters at present. > RSASSA-PSS signatures also require passing in the signature salt > length and the mgf hash function. > > Add parameters: > - 'slen' to feed in salt length of a PSS si

Re: [PATCH 00/18] keys: Miscellaneous fixes

https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-fixes 1-16 LGTM (modulo the typo in patch 7's commit message). 17 and 18 are outside my knowledge right now. Reviewed-by: Ben Boeckel --Ben

Re: [RESEND PATCH] KEYS: asymmetric: Fix kerneldoc

#x27;asymmetric_key_id_same' > crypto/asymmetric_keys/asymmetric_type.c:160: warning: Excess function > parameter 'kid_2' description in 'asymmetric_key_id_same' > > Signed-off-by: Krzysztof Kozlowski > Acked-by: Randy Dunlap Reviewed-by: Ben Boeckel --Ben

Re: [RFC PATCH 2/2] PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification

On Tue, Oct 20, 2020 at 14:50:01 +0800, Lee, Chun-Yi wrote: > +config CHECK_CODESIGN_EKU > + bool "Check codeSigning extended key usage" > + depends on PKCS7_MESSAGE_PARSER=y > + depends on SYSTEM_DATA_VERIFICATION > + help > + This option provides support for checking the cod