Re: [PATCH 04/16] PGP: Add definitions (RFC 4880) and packet parser [ver #2]

Ben Hutchings b...@decadent.org.uk wrote: I'm a little uneasy about these structure definitions. There have been C ABIs that set the structure alignment to at least 4 by default. It may be better to play safe by declaring them '__packed'. Yeah. I'll add that. David -- To unsubscribe from

Re: [RFC][PATCH 00/16] Crypto keys and module signing [ver #2]

On 11/29/2011 03:42 PM, David Howells wrote: I have provided a couple of subtypes: DSA and RSA. Both types have signature verification facilities available within the kernel, and both can be used for module signature verification with any encryption algorithm known by the PGP parser,

Re: [RFC][PATCH 00/16] Crypto keys and module signing [ver #2]

H. Peter Anvin h.peter.an...@intel.com wrote: Do we really need the complexity of a full OpenPGP parser? Parsers are notorious security problems. Actually, I don't have a full PGP parser. I only handle the minimum I need. It can parse the packet stream, public key packets and signature

Re: [Keyrings] [RFC][PATCH 00/16] Crypto keys and module signing [ver #2]

On Mon, 5 Dec 2011, David Howells wrote: However, we don't have to include the DSA stuff in the kernel; I can always discard that patch from the upstream-aimed patchset. I'd encourage dropping DSA, as there appears to be no legacy justification for its inclusion. - James -- James Morris