From: Denis Kenzior <denkenz@gmail.com>
To: David Howells <dhowells@redhat.com>,
Jarkko Sakkinen <jarkko@kernel.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Stefan Berger <stefanb@linux.ibm.com>
Cc: Denis Kenzior <denkenz@gmail.com>,
keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH v2] KEYS: asymmetric: Fix ECDSA use via keyctl uapi
Date: Fri, 26 Aug 2022 09:51:19 -0500 [thread overview]
Message-ID: <20220826145119.9375-1-denkenz@gmail.com> (raw)
When support for ECDSA keys was added, constraints for data & signature
sizes were never updated. This makes it impossible to use such keys via
keyctl API from userspace.
Update constraint on max_data_size to 64 bytes in order to support
SHA512-based signatures. Also update the signature length constraints
per ECDSA signature encoding described in RFC 5480.
Fixes: 299f561a6693 ("x509: Add support for parsing x509 certs with ECDSA keys")
Signed-off-by: Denis Kenzior <denkenz@gmail.com>
---
Version History:
v2: Update patch description according to Jarkko's comments. No
functional code changes.
crypto/asymmetric_keys/public_key.c | 24 ++++++++++++++++++++++--
1 file changed, 22 insertions(+), 2 deletions(-)
diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
index 2f8352e88860..eca5671ad3f2 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -186,8 +186,28 @@ static int software_key_query(const struct kernel_pkey_params *params,
len = crypto_akcipher_maxsize(tfm);
info->key_size = len * 8;
- info->max_data_size = len;
- info->max_sig_size = len;
+
+ if (strncmp(pkey->pkey_algo, "ecdsa", 5) == 0) {
+ /*
+ * ECDSA key sizes are much smaller than RSA, and thus could
+ * operate on (hashed) inputs that are larger than key size.
+ * For example SHA384-hashed input used with secp256r1
+ * based keys. Set max_data_size to be at least as large as
+ * the largest supported hash size (SHA512)
+ */
+ info->max_data_size = 64;
+
+ /*
+ * Verify takes ECDSA-Sig (described in RFC 5480) as input,
+ * which is actually 2 'key_size'-bit integers encoded in
+ * ASN.1. Account for the ASN.1 encoding overhead here.
+ */
+ info->max_sig_size = 2 * (len + 3) + 2;
+ } else {
+ info->max_data_size = len;
+ info->max_sig_size = len;
+ }
+
info->max_enc_size = len;
info->max_dec_size = len;
info->supported_ops = (KEYCTL_SUPPORTS_ENCRYPT |
--
2.35.1
next reply other threads:[~2022-08-26 15:02 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-26 14:51 Denis Kenzior [this message]
2022-08-26 15:13 ` [PATCH v2] KEYS: asymmetric: Fix ECDSA use via keyctl uapi Stefan Berger
2023-01-18 18:14 ` Michael Yartys
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220826145119.9375-1-denkenz@gmail.com \
--to=denkenz@gmail.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stefanb@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.