lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <5777cfde-dbfd-bc25-3936-2e964b8e85be@linux.alibaba.com>
Date:   Wed, 24 Mar 2021 17:31:11 +0800
From:   Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>
To:     Ard Biesheuvel <ardb@...nel.org>
Cc:     David Howells <dhowells@...hat.com>,
        David Woodhouse <dwmw2@...radead.org>,
        Jonathan Corbet <corbet@....net>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        "David S. Miller" <davem@...emloft.net>,
        Masahiro Yamada <masahiroy@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Nathan Chancellor <nathan@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Valentin Schneider <valentin.schneider@....com>,
        Nick Terrell <terrelln@...com>, KP Singh <kpsingh@...gle.com>,
        Johannes Weiner <hannes@...xchg.org>,
        Vlastimil Babka <vbabka@...e.cz>, keyrings@...r.kernel.org,
        Linux Doc Mailing List <linux-doc@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
        Jia Zhang <zhang.jia@...ux.alibaba.com>
Subject: Re: [PATCH] init/Kconfig: Support sign module with SM3 hash algorithm

Hi,

On 3/24/21 6:14 AM, Ard Biesheuvel wrote:
> On Tue, 23 Mar 2021 at 09:36, Tianjia Zhang
> <tianjia.zhang@...ux.alibaba.com> wrote:
>>
>> The kernel module signature supports the option to use the SM3
>> secure hash (OSCCA GM/T 0004-2012 SM3).
>>
>> Signed-off-by: Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>
> 
> A secure hash is not the same as a signature. Looking at the patch,
> the asymmetric algorithm that is used to sign the SM3 digest is SM2,
> is that correct? How does one create such signed modules?
> 
> In any case, please provide more context in the commit log on how this
> is intended to be used.
> 
> 

Sorry for the trouble you have caused. You are right. SM2 and SM3 always 
appear in pairs. The former is used for signatures and the latter is 
used for hashing algorithms. I will add this information in the next 
version. It seems This is more appropriate to split into two patches.

Best regards,
Tianjia

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ