From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Joachim Vandersmissen" <git@jvdsn.com>,
<linux-crypto@vger.kernel.org>,
"Herbert Xu" <herbert@gondor.apana.org.au>
Cc: "David Howells" <dhowells@redhat.com>,
"Simo Sorce" <simo@redhat.com>,
"Stephan Mueller" <smueller@chronox.de>
Subject: Re: [PATCH v5 2/2] certs: Add ECDSA signature verification self-test
Date: Mon, 13 May 2024 23:29:30 +0300 [thread overview]
Message-ID: <D18SUIGMWEXS.1Z998TAJKVNZA@kernel.org> (raw)
In-Reply-To: <20240513045507.25615-2-git@jvdsn.com>
On Mon May 13, 2024 at 7:55 AM EEST, Joachim Vandersmissen wrote:
> Commit c27b2d2012e1 ("crypto: testmgr - allow ecdsa-nist-p256 and -p384
> in FIPS mode") enabled support for ECDSA in crypto/testmgr.c. The
> PKCS#7 signature verification API builds upon the KCAPI primitives to
> perform its high-level operations. Therefore, this change in testmgr.c
> also allows ECDSA to be used by the PKCS#7 signature verification API
> (in FIPS mode).
>
> However, from a FIPS perspective, the PKCS#7 signature verification API
> is a distinct "service" from the KCAPI primitives. This is because the
> PKCS#7 API performs a "full" signature verification, which consists of
> both hashing the data to be verified, and the public key operation.
> On the other hand, the KCAPI primitive does not perform this hashing
> step - it accepts pre-hashed data from the caller and only performs the
> public key operation.
>
> For this reason, the ECDSA self-tests in crypto/testmgr.c are not
> sufficient to cover ECDSA signature verification offered by the PKCS#7
> API. This is reflected by the self-test already present in this file
> for RSA PKCS#1 v1.5 signature verification.
>
> The solution is simply to add a second self-test here for ECDSA. P-256
> with SHA-256 hashing was chosen as those parameters should remain
> FIPS-approved for the foreseeable future, while keeping the performance
> impact to a minimum. The ECDSA certificate and PKCS#7 signed data was
> generated using OpenSSL. The input data is identical to the input data
> for the existing RSA self-test.
>
> Signed-off-by: Joachim Vandersmissen <git@jvdsn.com>
Unfortunately I don't have anything to complain about so:
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Linus pulled 3/4 of my previous pull requests (TPM, trusted keys and
keyring) so the road is clear for asymmetric keys pull request.
BR, Jarkko
next prev parent reply other threads:[~2024-05-13 20:29 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-13 4:55 [PATCH v5 1/2] certs: Move RSA self-test data to separate file Joachim Vandersmissen
2024-05-13 4:55 ` [PATCH v5 2/2] certs: Add ECDSA signature verification self-test Joachim Vandersmissen
2024-05-13 20:29 ` Jarkko Sakkinen [this message]
2024-05-13 20:26 ` [PATCH v5 1/2] certs: Move RSA self-test data to separate file Jarkko Sakkinen
2024-05-14 2:36 ` Joachim Vandersmissen
2024-05-14 12:05 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D18SUIGMWEXS.1Z998TAJKVNZA@kernel.org \
--to=jarkko@kernel.org \
--cc=dhowells@redhat.com \
--cc=git@jvdsn.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=simo@redhat.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.