| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YH7WqfjNo33vI0VM@erythro>
Date: Tue, 20 Apr 2021 09:27:05 -0400
From: Ben Boeckel <me@...boeckel.net>
To: Varad Gautam <varad.gautam@...e.com>
Cc: linux-crypto@...r.kernel.org, dhowells@...hat.com,
herbert@...dor.apana.org.au, davem@...emloft.net, vt@...linux.org,
tianjia.zhang@...ux.alibaba.com, keyrings@...r.kernel.org,
linux-kernel@...r.kernel.org, jarkko@...nel.org,
Jonathan Corbet <corbet@....net>,
James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
"open list:DOCUMENTATION" <linux-doc@...r.kernel.org>,
"open list:SECURITY SUBSYSTEM"
<linux-security-module@...r.kernel.org>
Subject: Re: [PATCH v3 18/18] keyctl_pkey: Add pkey parameters saltlen and
mgfhash for PSS
On Tue, Apr 20, 2021 at 13:41:23 +0200, Varad Gautam wrote:
> keyctl pkey_* operations accept enc and hash parameters at present.
> RSASSA-PSS signatures also require passing in the signature salt
> length and the mgf hash function.
>
> Add parameters:
> - 'saltlen' to feed in salt length of a PSS signature.
> - 'mgfhash' to feed in the hash function used for MGF.
>
> Signed-off-by: Varad Gautam <varad.gautam@...e.com>
> CC: Jarkko Sakkinen <jarkko@...nel.org>
> CC: Ben Boeckel <me@...boeckel.net>
> ---
> v3: Rename slen to saltlen, update Documentation/security/keys/core.rst.
>
> Documentation/security/keys/core.rst | 14 +++++++++++++-
> crypto/asymmetric_keys/asymmetric_type.c | 2 ++
> include/linux/keyctl.h | 2 ++
> security/keys/keyctl_pkey.c | 13 +++++++++++++
> 4 files changed, 30 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/security/keys/core.rst b/Documentation/security/keys/core.rst
> index b3ed5c581034c..4bd774c56899e 100644
> --- a/Documentation/security/keys/core.rst
> +++ b/Documentation/security/keys/core.rst
> @@ -1022,6 +1022,15 @@ The keyctl syscall functions are:
> which hash function was used, the hash function can be
> specified with this, eg. "hash=sha256".
>
> + ``mgfhash=<algo>`` In case of "RSASSA-PSS" ("enc=pss"), this specifies
> + the hash function used with the Mask Generation Function
> + to generate a signature, eg. "mgfhash=sha256". Supported
> + hashes are: sha1, sha224, sha256, sha384, and sha512.
> +
> + ``saltlen=<salt_length>`` In case of "RSASSA-PSS" ("enc=pss"), this
> + specifies the salt length as a u16, used to generate a
^
This feels like it is missing a comma at the designated location (after
`length` if the whitespace gets mangled).
> + signature. Eg. "saltlen=32".
> +
> The ``__spare[]`` space in the parameter block must be set to 0. This is
> intended, amongst other things, to allow the passing of passphrases
> required to unlock a key.
> @@ -1700,6 +1709,8 @@ The structure has a number of fields, some of which are mandatory:
> __u32 in2_len;
> };
> enum kernel_pkey_operation op : 8;
> + __u16 salt_len;
> + const char *mgf_hash_algo;
> };
>
> This includes the key to be used; a string indicating the encoding to use
> @@ -1707,7 +1718,8 @@ The structure has a number of fields, some of which are mandatory:
> RSASSA-PKCS1-v1.5 or RSAES-PKCS1-v1.5 encoding or "raw" if no encoding);
> the name of the hash algorithm used to generate the data for a signature
> (if appropriate); the sizes of the input and output (or second input)
> - buffers; and the ID of the operation to be performed.
> + buffers; the ID of the operation to be performed; salt length to be used
> + in case of RSASSA-PSS; and hash algorithm used with MGF for RSASSA-PSS.
>
> For a given operation ID, the input and output buffers are used as
> follows::
Thanks for the docs, they look good to me overall. Other than the comma:
Acked-by: Ben Boeckel <mathstuf@...il.com>
--Ben
Powered by blists - more mailing lists