From: Herbert Xu <herbert@gondor.apana.org.au>
To: Stefan Berger <stefanb@linux.ibm.com>
Cc: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
davem@davemloft.net, dhowells@redhat.com, zohar@linux.ibm.com,
jarkko@kernel.org, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, patrick@puiterwijk.org
Subject: Re: [PATCH v12 00/10] Add support for x509 certs with NIST P384/256/192 keys
Date: Fri, 26 Mar 2021 20:30:55 +1100 [thread overview]
Message-ID: <20210326093054.GE12658@gondor.apana.org.au> (raw)
In-Reply-To: <20210316210740.1592994-1-stefanb@linux.ibm.com>
On Tue, Mar 16, 2021 at 05:07:30PM -0400, Stefan Berger wrote:
> This series of patches adds support for x509 certificates signed by a CA
> that uses NIST P384, P256 or P192 keys for signing. It also adds support for
> certificates where the public key is one of this type of a key. The math
> for ECDSA signature verification is also added as well as the math for fast
> mmod operation for NIST P384.
>
> Since self-signed certificates are verified upon loading, the following
> script can be used for testing of NIST P256 keys:
>
> k=$(keyctl newring test @u)
>
> while :; do
> for hash in sha1 sha224 sha256 sha384 sha512; do
> openssl req \
> -x509 \
> -${hash} \
> -newkey ec \
> -pkeyopt ec_paramgen_curve:prime256v1 \
> -keyout key.pem \
> -days 365 \
> -subj '/CN=test' \
> -nodes \
> -outform der \
> -out cert.der
> keyctl padd asymmetric testkey $k < cert.der
> if [ $? -ne 0 ]; then
> echo "ERROR"
> exit 1
> fi
> done
> done
>
> Ecdsa support also works with restricted keyrings where an RSA key is used
> to sign a NIST P384/256/192 key. Scripts for testing are here:
>
> https://github.com/stefanberger/eckey-testing
>
> The ECDSA signature verification will be used by IMA Appraisal where ECDSA
> file signatures stored in RPM packages will use substantially less space
> than if RSA signatures were to be used.
>
> Further, a patch is added that allows kernel modules to be signed with a NIST
> P384 key.
>
> Testing was also done with a Pkcs11 device using an ECC key for module
> signing:
> https://github.com/stefanberger/eckey-testing/wiki/Using-Pkcs11-Device-(SoftHSM)-for-Signing-Linux-Kernel-Modules
>
> Stefan and Saulo
>
> v11->v12:
> - Added Jarkko's Acked-by's
>
> v10->v11:
> - Addressed Jarkko's comments
> - Split off OID definitions from first patch into own patch
> - Renamed OID_id_secp384r1 to OID_id_ansip384r1 (spec name) in 09/10
>
> v9->v10:
> - rearranged order of patches to have crypto patches first
> - moved hunk from patch 3 to patch 2 to avoid compilation warning due to
> unused symbol
>
> v8->v9:
> - Appended Saulo's patches
> - Appended patch to support kernel modules signed with NIST p384 key. This
> patch requires Nayna's series here: https://lkml.org/lkml/2021/2/18/856
>
> v7->v8:
> - patch 3/4: Do not determine key algo using parse_OID in public_key.c
> but do this when parsing the certificate. This addresses an issue
> with certain build configurations where OID_REGISTRY is not available
> as 'Reported-by: kernel test robot <lkp@intel.com>'.
>
> v6->v7:
> - Moved some OID defintions to patch 1 for bisectability
> - Applied R-b's
>
> v5->v6:
> - moved ecdsa code into its own module ecdsa_generic built from ecdsa.c
> - added script-generated test vectors for NIST P256 & P192 and all hashes
> - parsing of OID that contain header with new parse_oid()
>
> v4->v5:
> - registering crypto support under names ecdsa-nist-p256/p192 following
> Hubert Xu's suggestion in other thread
> - appended IMA ECDSA support patch
>
> v3->v4:
> - split off of ecdsa crypto part; registering akcipher as "ecdsa" and
> deriving used curve from digits in parsed key
>
> v2->v3:
> - patch 2 now includes linux/scatterlist.h
>
> v1->v2:
> - using faster vli_sub rather than newly added vli_mod_fast to 'reduce'
> result
> - rearranged switch statements to follow after RSA
> - 3rd patch from 1st posting is now 1st patch
>
>
> Saulo Alessandre (4):
> crypto: Add NIST P384 curve parameters
> crypto: Add math to support fast NIST P384
> ecdsa: Register NIST P384 and extend test suite
> x509: Add OID for NIST P384 and extend parser for it
>
> Stefan Berger (6):
> oid_registry: Add OIDs for ECDSA with SHA224/256/384/512
> crypto: Add support for ECDSA signature verification
> x509: Detect sm2 keys by their parameters OID
> x509: Add support for parsing x509 certs with ECDSA keys
> ima: Support EC keys for signature verification
> certs: Add support for using elliptic curve keys for signing modules
>
> certs/Kconfig | 22 ++
> certs/Makefile | 14 +
> crypto/Kconfig | 10 +
> crypto/Makefile | 6 +
> crypto/asymmetric_keys/pkcs7_parser.c | 4 +
> crypto/asymmetric_keys/public_key.c | 4 +-
> crypto/asymmetric_keys/x509_cert_parser.c | 49 ++-
> crypto/asymmetric_keys/x509_public_key.c | 4 +-
> crypto/ecc.c | 281 +++++++++-----
> crypto/ecc.h | 28 +-
> crypto/ecc_curve_defs.h | 32 ++
> crypto/ecdsa.c | 376 +++++++++++++++++++
> crypto/ecdsasignature.asn1 | 4 +
> crypto/testmgr.c | 18 +
> crypto/testmgr.h | 424 ++++++++++++++++++++++
> include/crypto/ecdh.h | 1 +
> include/keys/asymmetric-type.h | 6 +
> include/linux/oid_registry.h | 10 +-
> lib/oid_registry.c | 24 ++
> security/integrity/digsig_asymmetric.c | 30 +-
> 20 files changed, 1240 insertions(+), 107 deletions(-)
> create mode 100644 crypto/ecdsa.c
> create mode 100644 crypto/ecdsasignature.asn1
Patches 1-9 applied to branch ecc. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
prev parent reply other threads:[~2021-03-26 9:31 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-16 21:07 [PATCH v12 00/10] Add support for x509 certs with NIST P384/256/192 keys Stefan Berger
2021-03-16 21:07 ` [PATCH v12 01/10] oid_registry: Add OIDs for ECDSA with SHA224/256/384/512 Stefan Berger
2021-03-16 21:07 ` [PATCH v12 02/10] crypto: Add support for ECDSA signature verification Stefan Berger
2021-03-16 21:07 ` [PATCH v12 03/10] crypto: Add NIST P384 curve parameters Stefan Berger
2021-03-16 21:07 ` [PATCH v12 04/10] crypto: Add math to support fast NIST P384 Stefan Berger
2021-03-16 21:07 ` [PATCH v12 05/10] ecdsa: Register NIST P384 and extend test suite Stefan Berger
2021-03-16 21:07 ` [PATCH v12 06/10] x509: Detect sm2 keys by their parameters OID Stefan Berger
2021-03-16 21:07 ` [PATCH v12 07/10] x509: Add support for parsing x509 certs with ECDSA keys Stefan Berger
2021-03-16 21:07 ` [PATCH v12 08/10] ima: Support EC keys for signature verification Stefan Berger
2021-03-16 21:07 ` [PATCH v12 09/10] x509: Add OID for NIST P384 and extend parser for it Stefan Berger
2021-03-16 21:07 ` [PATCH v12 10/10] certs: Add support for using elliptic curve keys for signing modules Stefan Berger
2021-03-16 21:16 ` [PATCH v12 00/10] Add support for x509 certs with NIST P384/256/192 keys Stefan Berger
2021-03-26 9:30 ` Herbert Xu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210326093054.GE12658@gondor.apana.org.au \
--to=herbert@gondor.apana.org.au \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=patrick@puiterwijk.org \
--cc=stefanb@linux.ibm.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).