From: Vitaly Chikunov <vt@altlinux.org> To: "Stephan Müller" <smueller@chronox.de> Cc: David Howells <dhowells@redhat.com>, Herbert Xu <herbert@gondor.apana.org.au>, Mimi Zohar <zohar@linux.vnet.ibm.com>, Dmitry Kasatkin <dmitry.kasatkin@gmail.com>, linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [RFC PATCH 4/4] crypto: Add EC-RDSA algorithm Date: Mon, 7 Jan 2019 11:07:10 +0300 [thread overview] Message-ID: <20190107080710.r4bh7gkqdysxmlnn@sole.flsd.net> (raw) In-Reply-To: <1893001.R2IGJoHzOM@positron.chronox.de> Stephan, On Sun, Jan 06, 2019 at 07:11:50PM +0100, Stephan Müller wrote: > Am Sonntag, 6. Januar 2019, 14:36:08 CET schrieb Vitaly Chikunov: > > > Add Elliptic Curve Russian Digital Signature Algorithm (GOST R > > 34.10-2012, RFC 7091, ISO/IEC 14888-3) is one of the Russian (and since > > 2018 the CIS countries) cryptographic standard algorithms (called GOST > > algorithms). Only signature verification is supported, with intent to be > > used in the IMA. > > Do you happen to have test vectors for the testmgr? Yes, I will add this. > > +/* Parse DER encoded subjectPublicKey. */ > > +static int ecrdsa_set_pub_key(struct crypto_akcipher *tfm, const void *ber, > > + unsigned int len) > > +{ > > + struct ecrdsa_ctx *ctx = akcipher_tfm_ctx(tfm); > > + unsigned int ndigits; > > + const u8 *k = ber; > > + unsigned int offset; > > + > > + /* First chance to zero ctx */ > > + memset(ctx, 0, sizeof(*ctx)); > > + > > + if (len < 3 || > > + k[0] != 0x04 || /* OCTET STRING */ > > + (k[1] < 0x80 && len != k[1] + 2) || > > + (k[1] == 0x81 && len != k[2] + 3) || > > + k[1] > 0x81) > > + return -EBADMSG; > > + offset = (k[1] < 0x80)? 2 : 3; > > + k += offset; > > + len -= offset; > > Why do you manually parse the ASN.1 structure instead of using the ASN.1 > parser? I am not sure this worth effort and will not be most degenerate use of asn1_ber_decoder, since 1) I only need to parse one type in each case: OCTET STRING string above code, and OIDs in below code; 2) this data is said to be in DER format, which asn1_ber_decoder can not enforce. Surely this will also produce more code and files. > > +/* Parse DER encoded SubjectPublicKeyInfo.AlgorithmIdentifier.parameters. > > */ +static int ecrdsa_set_params(struct crypto_akcipher *tfm, enum OID > > algo, + const void *params, unsigned int paramlen) > > +{ > > + struct ecrdsa_ctx *ctx = akcipher_tfm_ctx(tfm); > > + const u8 *p = params; > > + int i; > > + > > + if (algo == OID_gost2012PublicKey256) { > > + ctx->digest = "streebog256"; > > + ctx->digest_oid = OID_gost2012Digest256; > > + ctx->digest_len = 256 / 8; > > + } else if (algo == OID_gost2012PublicKey512) { > > + ctx->digest = "streebog512"; > > + ctx->digest_oid = OID_gost2012Digest512; > > + ctx->digest_len = 512 / 8; > > + } else > > + return -ENOPKG; > > + ctx->curve = NULL; > > + ctx->curve_oid = 0; > > + ctx->algo_oid = algo; > > + > > + for (i = 0; i < paramlen; i += p[i + 1] + 2) { > > + const struct ecc_curve *curve; > > + enum OID oid; > > + > > + if (paramlen - i < 2 || > > + p[i] != 0x06 || /* OBJECT IDENTIFIER */ > > Same here and in the following > > > + p[i + 1] > paramlen - i - 2) > > + return -EBADMSG; > > + oid = look_up_OID(p + i + 2, p[i + 1]); > > +MODULE_ALIAS_CRYPTO("ecrdsa"); > > I do not think you need that alias as the module name already will be named > this way. I guess you rather should add ecrdsa-generic as module alias. Thanks!
WARNING: multiple messages have this Message-ID (diff)
From: Vitaly Chikunov <vt@altlinux.org> To: "Stephan Müller" <smueller@chronox.de> Cc: David Howells <dhowells@redhat.com>, Herbert Xu <herbert@gondor.apana.org.au>, Mimi Zohar <zohar@linux.vnet.ibm.com>, Dmitry Kasatkin <dmitry.kasatkin@gmail.com>, linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [RFC PATCH 4/4] crypto: Add EC-RDSA algorithm Date: Mon, 07 Jan 2019 08:07:10 +0000 [thread overview] Message-ID: <20190107080710.r4bh7gkqdysxmlnn@sole.flsd.net> (raw) In-Reply-To: <1893001.R2IGJoHzOM@positron.chronox.de> Stephan, On Sun, Jan 06, 2019 at 07:11:50PM +0100, Stephan Müller wrote: > Am Sonntag, 6. Januar 2019, 14:36:08 CET schrieb Vitaly Chikunov: > > > Add Elliptic Curve Russian Digital Signature Algorithm (GOST R > > 34.10-2012, RFC 7091, ISO/IEC 14888-3) is one of the Russian (and since > > 2018 the CIS countries) cryptographic standard algorithms (called GOST > > algorithms). Only signature verification is supported, with intent to be > > used in the IMA. > > Do you happen to have test vectors for the testmgr? Yes, I will add this. > > +/* Parse DER encoded subjectPublicKey. */ > > +static int ecrdsa_set_pub_key(struct crypto_akcipher *tfm, const void *ber, > > + unsigned int len) > > +{ > > + struct ecrdsa_ctx *ctx = akcipher_tfm_ctx(tfm); > > + unsigned int ndigits; > > + const u8 *k = ber; > > + unsigned int offset; > > + > > + /* First chance to zero ctx */ > > + memset(ctx, 0, sizeof(*ctx)); > > + > > + if (len < 3 || > > + k[0] != 0x04 || /* OCTET STRING */ > > + (k[1] < 0x80 && len != k[1] + 2) || > > + (k[1] = 0x81 && len != k[2] + 3) || > > + k[1] > 0x81) > > + return -EBADMSG; > > + offset = (k[1] < 0x80)? 2 : 3; > > + k += offset; > > + len -= offset; > > Why do you manually parse the ASN.1 structure instead of using the ASN.1 > parser? I am not sure this worth effort and will not be most degenerate use of asn1_ber_decoder, since 1) I only need to parse one type in each case: OCTET STRING string above code, and OIDs in below code; 2) this data is said to be in DER format, which asn1_ber_decoder can not enforce. Surely this will also produce more code and files. > > +/* Parse DER encoded SubjectPublicKeyInfo.AlgorithmIdentifier.parameters. > > */ +static int ecrdsa_set_params(struct crypto_akcipher *tfm, enum OID > > algo, + const void *params, unsigned int paramlen) > > +{ > > + struct ecrdsa_ctx *ctx = akcipher_tfm_ctx(tfm); > > + const u8 *p = params; > > + int i; > > + > > + if (algo = OID_gost2012PublicKey256) { > > + ctx->digest = "streebog256"; > > + ctx->digest_oid = OID_gost2012Digest256; > > + ctx->digest_len = 256 / 8; > > + } else if (algo = OID_gost2012PublicKey512) { > > + ctx->digest = "streebog512"; > > + ctx->digest_oid = OID_gost2012Digest512; > > + ctx->digest_len = 512 / 8; > > + } else > > + return -ENOPKG; > > + ctx->curve = NULL; > > + ctx->curve_oid = 0; > > + ctx->algo_oid = algo; > > + > > + for (i = 0; i < paramlen; i += p[i + 1] + 2) { > > + const struct ecc_curve *curve; > > + enum OID oid; > > + > > + if (paramlen - i < 2 || > > + p[i] != 0x06 || /* OBJECT IDENTIFIER */ > > Same here and in the following > > > + p[i + 1] > paramlen - i - 2) > > + return -EBADMSG; > > + oid = look_up_OID(p + i + 2, p[i + 1]); > > +MODULE_ALIAS_CRYPTO("ecrdsa"); > > I do not think you need that alias as the module name already will be named > this way. I guess you rather should add ecrdsa-generic as module alias. Thanks!
next prev parent reply other threads:[~2019-01-07 8:07 UTC|newest] Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-01-06 13:36 [RFC PATCH 0/4] crypto: Add EC-RDSA algorithm Vitaly Chikunov 2019-01-06 13:36 ` Vitaly Chikunov 2019-01-06 13:36 ` [RFC PATCH 1/4] X.509: Parse public key parameters from x509 for akcipher Vitaly Chikunov 2019-01-06 13:36 ` Vitaly Chikunov 2019-02-09 21:42 ` Vitaly Chikunov 2019-02-09 21:42 ` Vitaly Chikunov 2019-02-10 18:46 ` Vitaly Chikunov 2019-02-10 18:46 ` Vitaly Chikunov 2019-02-19 4:37 ` Herbert Xu 2019-02-19 4:37 ` Herbert Xu 2019-02-24 6:48 ` Vitaly Chikunov 2019-02-24 6:48 ` Vitaly Chikunov 2019-02-28 6:14 ` Herbert Xu 2019-02-28 6:14 ` Herbert Xu 2019-02-28 7:04 ` Vitaly Chikunov 2019-02-28 7:04 ` Vitaly Chikunov 2019-02-28 7:11 ` Vitaly Chikunov 2019-02-28 7:11 ` Vitaly Chikunov 2019-02-28 7:51 ` Herbert Xu 2019-02-28 7:51 ` Herbert Xu 2019-02-28 8:28 ` Vitaly Chikunov 2019-02-28 8:28 ` Vitaly Chikunov 2019-02-28 9:01 ` Herbert Xu 2019-02-28 9:01 ` Herbert Xu 2019-02-28 10:33 ` Vitaly Chikunov 2019-02-28 10:33 ` Vitaly Chikunov 2019-02-28 10:37 ` Herbert Xu 2019-02-28 10:37 ` Herbert Xu 2019-03-01 16:06 ` Vitaly Chikunov 2019-03-01 16:06 ` Vitaly Chikunov 2019-01-06 13:36 ` [RFC PATCH 2/4] akcipher: Introduce verify2 for public key algorithms Vitaly Chikunov 2019-01-06 13:36 ` Vitaly Chikunov 2019-01-06 13:36 ` [RFC PATCH 3/4] KEYS: set correct flags for keyctl if encrypt is not supported Vitaly Chikunov 2019-01-06 13:36 ` Vitaly Chikunov 2019-01-06 13:36 ` [RFC PATCH 4/4] crypto: Add EC-RDSA algorithm Vitaly Chikunov 2019-01-06 13:36 ` Vitaly Chikunov 2019-01-06 18:11 ` Stephan Müller 2019-01-06 18:11 ` Stephan Müller 2019-01-07 8:07 ` Vitaly Chikunov [this message] 2019-01-07 8:07 ` Vitaly Chikunov 2019-01-07 8:31 ` Stephan Mueller 2019-01-07 8:31 ` Stephan Mueller 2019-01-07 9:04 ` Vitaly Chikunov 2019-01-07 9:04 ` Vitaly Chikunov 2019-01-16 16:15 ` David Howells 2019-01-16 16:19 ` [RFC PATCH 2/4] akcipher: Introduce verify2 for public key algorithms David Howells
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20190107080710.r4bh7gkqdysxmlnn@sole.flsd.net \ --to=vt@altlinux.org \ --cc=dhowells@redhat.com \ --cc=dmitry.kasatkin@gmail.com \ --cc=herbert@gondor.apana.org.au \ --cc=keyrings@vger.kernel.org \ --cc=linux-crypto@vger.kernel.org \ --cc=linux-integrity@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=smueller@chronox.de \ --cc=zohar@linux.vnet.ibm.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.