From: Daniel Hodges <git@danielhodges.dev>
To: bpf@vger.kernel.org (open list:BPF [MISC]:Keyword:(?:\b|_)bpf(?:\b|_))
Cc: Daniel Hodges <git@danielhodges.dev>
Subject: [PATCH bpf-next 0/4] Add cryptographic hash and signature verification kfuncs to BPF
Date: Mon, 17 Nov 2025 16:13:57 -0500 [thread overview]
Message-ID: <20251117211413.1394-1-git@danielhodges.dev> (raw)
This series extends BPF's cryptographic capabilities by adding kfuncs for
SHA hashing and ECDSA signature verification. These functions enable BPF
programs to perform cryptographic operations for use cases such as content
verification, integrity checking, and data authentication.
BPF programs increasingly need to verify data integrity and authenticity in
networking, security, and observability contexts. While BPF already supports
symmetric encryption/decryption, it lacks support for:
1. Cryptographic hashing - needed for content verification, fingerprinting,
and preparing message digests for signature operations
2. Asymmetric signature verification - needed to verify signed data without
requiring the signing key in the datapath
These capabilities enable use cases such as:
- Verifying signed network packets or application data in XDP/TC programs
- Implementing integrity checks in tracing and security monitoring
- Building zero-trust security models where BPF programs verify credentials
- Content-addressed storage and deduplication in BPF-based filesystems
Implementation:
The implementation follows BPF's existing crypto patterns:
1. Uses bpf_dynptr for safe memory access without page fault risks
2. Leverages the kernel's existing crypto library (lib/crypto/sha256.c and
crypto/ecdsa.c) rather than reimplementing algorithms
3. Provides context-based API for ECDSA to enable key reuse and support
multiple program types (syscall, XDP, TC)
4. Includes comprehensive selftests with NIST test vectors
Patch 1: Add SHA-256, SHA-384, and SHA-512 hash kfuncs
- Adds three kfuncs for computing cryptographic hashes
- Uses kernel's crypto library implementations
- Validates buffer sizes and handles read-only checks
Patch 2: Add selftests for SHA hash kfuncs
- Tests basic functionality with NIST "abc" test vectors
- Validates error handling for invalid parameters
- Ensures correct hash output for all three algorithms
Patch 3: Add ECDSA signature verification kfuncs
- Context-based API: create/acquire/release pattern
- Supports NIST curves (P-256, P-384, P-521)
- Includes both verification and signing operations
- Enables use in non-sleepable contexts via pre-allocated contexts
Patch 4: Add selftests for ECDSA signature verification
- Tests valid signature acceptance
- Tests invalid signature rejection
- Tests sign-then-verify workflow
- Tests size query functions
- Uses RFC 6979 test vectors for P-256
Example programs demonstrating usage of these kfuncs can be found at:
https://github.com/hodgesds/cryptbpf
All tests pass on x86_64:
# ./test_progs -t crypto_hash
#1/1 crypto_hash/sha256_basic:OK
#1/2 crypto_hash/sha384_basic:OK
#1/3 crypto_hash/sha512_basic:OK
#1/4 crypto_hash/sha256_invalid_params:OK
#1 crypto_hash:OK
# ./test_progs -t ecdsa_verify
#2/1 ecdsa_verify/verify_valid_signature:OK
#2/2 ecdsa_verify/verify_invalid_signature:OK
#2/3 ecdsa_verify/sign_and_verify:OK
#2/4 ecdsa_verify/size_queries:OK
#2 ecdsa_verify:OK
Configuration Requirements:
- SHA kfuncs require CONFIG_CRYPTO_LIB_SHA256=y (default in most configs)
- ECDSA kfuncs require CONFIG_CRYPTO_ECDSA=y|m
Future extensions could include:
- Additional hash algorithms (SHA3, BLAKE2)
- RSA signature verification
- Additional NIST curves (P-192, P-521)
- Hardware acceleration support where available
Daniel Hodges (4):
bpf: Add SHA hash kfuncs for cryptographic hashing
selftests/bpf: Add tests for SHA hash kfuncs
bpf: Add ECDSA signature verification kfuncs
selftests/bpf: Add tests for ECDSA signature verification kfuncs
kernel/bpf/crypto.c | 483 +++++++++++++++++-
.../selftests/bpf/prog_tests/crypto_hash.c | 129 +++++
.../selftests/bpf/prog_tests/ecdsa_verify.c | 96 ++++
.../testing/selftests/bpf/progs/crypto_hash.c | 83 +++
.../selftests/bpf/progs/ecdsa_verify.c | 228 +++++++++
5 files changed, 1018 insertions(+), 1 deletion(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/crypto_hash.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/ecdsa_verify.c
create mode 100644 tools/testing/selftests/bpf/progs/crypto_hash.c
create mode 100644 tools/testing/selftests/bpf/progs/ecdsa_verify.c
--
2.51.0
next reply other threads:[~2025-11-17 21:16 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-17 21:13 Daniel Hodges [this message]
2025-11-17 21:13 ` [PATCH bpf-next 1/4] bpf: Add SHA hash kfuncs for cryptographic hashing Daniel Hodges
2025-11-18 12:13 ` Vadim Fedorenko
2025-11-17 21:13 ` [PATCH bpf-next 2/4] selftests/bpf: Add tests for SHA hash kfuncs Daniel Hodges
2025-11-18 13:45 ` Vadim Fedorenko
2025-11-17 21:14 ` [PATCH bpf-next 3/4] bpf: Add ECDSA signature verification kfuncs Daniel Hodges
2025-11-17 21:14 ` [PATCH bpf-next 4/4] selftests/bpf: Add tests for " Daniel Hodges
2025-11-18 14:41 ` [PATCH bpf-next 0/4] Add cryptographic hash and signature verification kfuncs to BPF Vadim Fedorenko
2025-11-18 15:44 ` Daniel Hodges
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251117211413.1394-1-git@danielhodges.dev \
--to=git@danielhodges.dev \
--cc=bpf@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox