* sysfs attrs for HW ECDSA signature
@ 2019-04-29 21:47 Marek Behun
2019-04-30 8:27 ` Greg Kroah-Hartman
0 siblings, 1 reply; 4+ messages in thread
From: Marek Behun @ 2019-04-29 21:47 UTC (permalink / raw)
To: Greg Kroah-Hartman; +Cc: Tejun Heo, linux-kernel
Hi Greg and Tejun,
is it acceptable for a driver to expose sysfs attr files for ECDSA
signature generation?
The thing is that
1. AFAIK there isn't another API for userspace to do this.
There were attempts in 2015 to expose akcipher via netlink to
userspace, but the patchseries were not accepted.
2. even if it was possible, that specific device for which I am
writing this driver does not provide the ability to set the
private key to sign with - the private key is just burned during
manufacturing and cannot be read, only signed with.
The current version of my driver exposes do_sign file in
/sys/firmware/turris_mox directory.
Userspace should write message to sign and then can read the signature
from this do_sign file.
According to the one attr = one file principle, it would be better to
have two files: ecdsa_msg_to_sign (write-only) and ecdsa_signature
(read-only).
Would this be acceptable in the kernel for this driver?
I have also another question, if you would not mind:
This driver is dependant on a mailbox driver I have also written
("mailbox: Add support for Armada 37xx rWTM mailbox"), but I have not
received any review for this driver from the mailbox subsystem
maintainer, and I have already sent three versions (on 12/17/2018,
03/01/2019 and 03/15/2019).
What should I do in this case?
Thank you.
Marek
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: sysfs attrs for HW ECDSA signature
2019-04-29 21:47 sysfs attrs for HW ECDSA signature Marek Behun
@ 2019-04-30 8:27 ` Greg Kroah-Hartman
2019-04-30 9:23 ` Marek Behun
0 siblings, 1 reply; 4+ messages in thread
From: Greg Kroah-Hartman @ 2019-04-30 8:27 UTC (permalink / raw)
To: Marek Behun; +Cc: Tejun Heo, linux-kernel
On Mon, Apr 29, 2019 at 11:47:52PM +0200, Marek Behun wrote:
> Hi Greg and Tejun,
>
> is it acceptable for a driver to expose sysfs attr files for ECDSA
> signature generation?
What is "ECDSA signature generation"? Is it a crypto thing? If so, why
not use the crypto api? If not, what exactly is it?
> The thing is that
> 1. AFAIK there isn't another API for userspace to do this.
> There were attempts in 2015 to expose akcipher via netlink to
> userspace, but the patchseries were not accepted.
Pointers to that patchset? Why was it not accepted?
> 2. even if it was possible, that specific device for which I am
> writing this driver does not provide the ability to set the
> private key to sign with - the private key is just burned during
> manufacturing and cannot be read, only signed with.
Why does this matter?
> The current version of my driver exposes do_sign file in
> /sys/firmware/turris_mox directory.
>
> Userspace should write message to sign and then can read the signature
> from this do_sign file.
How big are messages and signatures? Why does this have to be a sysfs
api?
> According to the one attr = one file principle, it would be better to
> have two files: ecdsa_msg_to_sign (write-only) and ecdsa_signature
> (read-only).
> Would this be acceptable in the kernel for this driver?
Why not use the crypto api, and if that doesn't work, why not just a
char device to read/write?
> I have also another question, if you would not mind:
>
> This driver is dependant on a mailbox driver I have also written
> ("mailbox: Add support for Armada 37xx rWTM mailbox"), but I have not
> received any review for this driver from the mailbox subsystem
> maintainer, and I have already sent three versions (on 12/17/2018,
> 03/01/2019 and 03/15/2019).
> What should I do in this case?
Poke the maintainer again :)
thanks,
greg k-h
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: sysfs attrs for HW ECDSA signature
2019-04-30 8:27 ` Greg Kroah-Hartman
@ 2019-04-30 9:23 ` Marek Behun
2019-04-30 10:06 ` Greg Kroah-Hartman
0 siblings, 1 reply; 4+ messages in thread
From: Marek Behun @ 2019-04-30 9:23 UTC (permalink / raw)
To: Greg Kroah-Hartman; +Cc: Tejun Heo, linux-kernel
On Tue, 30 Apr 2019 10:27:28 +0200
Greg Kroah-Hartman <gregkh@linuxfoundation.org> wrote:
> On Mon, Apr 29, 2019 at 11:47:52PM +0200, Marek Behun wrote:
> > Hi Greg and Tejun,
> >
> > is it acceptable for a driver to expose sysfs attr files for ECDSA
> > signature generation?
>
> What is "ECDSA signature generation"? Is it a crypto thing? If so, why
> not use the crypto api? If not, what exactly is it?
Hi Greg,
It is a crypto thing and it should be accessed via akcipher crypto API.
But akcipher userspace crypto API is not implemented in kernel. See
below.
> > The thing is that
> > 1. AFAIK there isn't another API for userspace to do this.
> > There were attempts in 2015 to expose akcipher via netlink to
> > userspace, but the patchseries were not accepted.
>
> Pointers to that patchset? Why was it not accepted?
Here are the replies to the last attempt
https://marc.info/?t=150234726200004&r=1&w=2
This was back in 2017, apparently there were some problems and it was not
merged even after 8 versions.
> > 2. even if it was possible, that specific device for which I am
> > writing this driver does not provide the ability to set the
> > private key to sign with - the private key is just burned during
> > manufacturing and cannot be read, only signed with.
>
> Why does this matter?
If it was implemented via akcipher, the user would be unable to set
private key, which is a method the akcipher implementation should
implement. But this probably is not that big a problem.
> > The current version of my driver exposes do_sign file in
> > /sys/firmware/turris_mox directory.
> >
> > Userspace should write message to sign and then can read the signature
> > from this do_sign file.
>
> How big are messages and signatures? Why does this have to be a sysfs
> api?
Messages are 521 bits, I rounded them to 68 bytes. The idea is that a
sha512 hash of the original message is to be signed.
Signatures are 136 bytes.
> > According to the one attr = one file principle, it would be better to
> > have two files: ecdsa_msg_to_sign (write-only) and ecdsa_signature
> > (read-only).
> > Would this be acceptable in the kernel for this driver?
>
> Why not use the crypto api, and if that doesn't work, why not just a
> char device to read/write?
Because the akcipher userspace crypto API is not merged and it probably
will take a lot of time, if it ever will be merged. Till then I would
like if this feature was supported on this one device somehow in
mainline kernel. As soon as akcipher userspace crypto API is merged, I
can rewrite the driver.
A char device to read/write would be possible. The sysfs API
seemed more strainthforward. Should I do the char device approach
instead?
> > I have also another question, if you would not mind:
> >
> > This driver is dependant on a mailbox driver I have also written
> > ("mailbox: Add support for Armada 37xx rWTM mailbox"), but I have not
> > received any review for this driver from the mailbox subsystem
> > maintainer, and I have already sent three versions (on 12/17/2018,
> > 03/01/2019 and 03/15/2019).
> > What should I do in this case?
>
> Poke the maintainer again :)
I will,
Thanks.
Marek
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: sysfs attrs for HW ECDSA signature
2019-04-30 9:23 ` Marek Behun
@ 2019-04-30 10:06 ` Greg Kroah-Hartman
0 siblings, 0 replies; 4+ messages in thread
From: Greg Kroah-Hartman @ 2019-04-30 10:06 UTC (permalink / raw)
To: Marek Behun; +Cc: Tejun Heo, linux-kernel
On Tue, Apr 30, 2019 at 11:23:19AM +0200, Marek Behun wrote:
> On Tue, 30 Apr 2019 10:27:28 +0200
> Greg Kroah-Hartman <gregkh@linuxfoundation.org> wrote:
>
> > On Mon, Apr 29, 2019 at 11:47:52PM +0200, Marek Behun wrote:
> > > Hi Greg and Tejun,
> > >
> > > is it acceptable for a driver to expose sysfs attr files for ECDSA
> > > signature generation?
> >
> > What is "ECDSA signature generation"? Is it a crypto thing? If so, why
> > not use the crypto api? If not, what exactly is it?
>
> Hi Greg,
> It is a crypto thing and it should be accessed via akcipher crypto API.
> But akcipher userspace crypto API is not implemented in kernel. See
> below.
Great, get the akcipher code merged then, that should solve your
problem.
> > > According to the one attr = one file principle, it would be better to
> > > have two files: ecdsa_msg_to_sign (write-only) and ecdsa_signature
> > > (read-only).
> > > Would this be acceptable in the kernel for this driver?
> >
> > Why not use the crypto api, and if that doesn't work, why not just a
> > char device to read/write?
>
> Because the akcipher userspace crypto API is not merged and it probably
> will take a lot of time, if it ever will be merged. Till then I would
> like if this feature was supported on this one device somehow in
> mainline kernel. As soon as akcipher userspace crypto API is merged, I
> can rewrite the driver.
No, do not try to route-around the proper api being present and hack up
something on your own, that way lies madness and you will then have to
support two apis for the hardware if your char driver is accepted.
Just work on the akcipher code to get that cleaned up properly and
merged, along with your driver that uses it, and all should be fine.
good luck!
greg k-h
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-04-30 10:06 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-29 21:47 sysfs attrs for HW ECDSA signature Marek Behun
2019-04-30 8:27 ` Greg Kroah-Hartman
2019-04-30 9:23 ` Marek Behun
2019-04-30 10:06 ` Greg Kroah-Hartman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).