mbox series

[0/5] crypto: add rsa pss support for x509

Message ID 1617714686-25754-1-git-send-email-herbert.tencent@gmail.com
Headers show
Series crypto: add rsa pss support for x509 | expand

Message

Hongbo Li April 6, 2021, 1:11 p.m. UTC
From: Hongbo Li <herberthbli@tencent.com>

This series of patches adds support for x509 cert signed by RSA
with PSS encoding method. RSA PSS is described in rfc8017.

This series of patches adds support for x509 cert signed by RSA
with PSS encoding method. RSA PSS is described in rfc8017.

Patch1 make x509 support rsa pss algo and parse hash parameter.

Patch2 add rsa pss template.

Patch3 add test vector for rsa pss.

Patch4 is the ecdsa ima patch borrowed from Stefan Berge's ecdsa
       patch series, rsa-pss's ima patch is made on top of this patch.

Patch5 is the rsa-pss's ima patch.

Test by the following script, it tests different saltlen, hash, mgfhash.

keyctl newring test @u

while :; do
    for modbits in 1024 2048 4096; do
	if [ $modbits -eq 1024 ]; then
	    saltlen=(-1 -2 0 20 32 48 64 94)
	elif [ $modbits -eq 2048 ]; then
	    saltlen=(-1 -2 0 20 32 48 64 222)
	else
	    saltlen=(-1 -2 0 20 32 48 64 478)
	fi

	for slen in ${saltlen[@]}; do
	    for hash in sha1 sha224 sha256 sha384 sha512; do
		for mgfhash in sha1 sha224 sha256 sha384 sha512; do
		    certfile="cert.der"
		    echo slen $slen
		    openssl req \
			    -x509 \
			    -${hash} \
			    -newkey rsa:$modbits \
			    -keyout key.pem \
			    -days 365 \
			    -subj '/CN=test' \
			    -nodes \
			    -sigopt rsa_padding_mode:pss \
			    -sigopt rsa_mgf1_md:$mgfhash \
			    -sigopt rsa_pss_saltlen:${slen} \
			    -outform der \
			    -out ${certfile} 2>/dev/null

		    exp=0
		    id=$(keyctl padd asymmetric testkey %keyring:test < "${certfile}")
		    rc=$?
		    if [ $rc -ne $exp ]; then
			case "$exp" in
			    0) echo "Error: Could not load rsa-pss certificate!";;
			esac
			echo "modbits $modbits sha: $hash mgfhash $mgfhash saltlen: $slen"
			exit 1
		    else
			case "$rc" in
			    0) echo "load cert: keyid: $id modbits $modbits hash: $hash mgfhash $mgfhash saltlen $slen"
			esac
		    fi
		done
	    done
	done
    done
done

Hongbo Li (5):
  x509: add support for rsa-pss
  crypto: support rsa-pss encoding
  crypto: add rsa pss test vector
  crypto: ecdsa ima support
  ima: add support for rsa pss verification

 crypto/Makefile                           |   7 +-
 crypto/asymmetric_keys/Makefile           |   7 +-
 crypto/asymmetric_keys/public_key.c       |   5 ++
 crypto/asymmetric_keys/x509_cert_parser.c |  71 ++++++++++++++++-
 crypto/rsa.c                              |  14 ++--
 crypto/rsa_helper.c                       | 127 ++++++++++++++++++++++++++++++
 crypto/testmgr.c                          |   7 ++
 crypto/testmgr.h                          |  87 ++++++++++++++++++++
 include/crypto/internal/rsa.h             |  25 +++++-
 include/keys/asymmetric-type.h            |   6 ++
 include/linux/oid_registry.h              |   2 +
 security/integrity/digsig_asymmetric.c    |  34 ++++----
 12 files changed, 363 insertions(+), 29 deletions(-)

Comments

Jarkko Sakkinen April 7, 2021, 8:38 a.m. UTC | #1
On Tue, Apr 06, 2021 at 09:11:21PM +0800, Hongbo Li wrote:
> From: Hongbo Li <herberthbli@tencent.com>

> 

> This series of patches adds support for x509 cert signed by RSA

> with PSS encoding method. RSA PSS is described in rfc8017.


Please also briefly describe it here AND also provide link to the
RFC. In the way this currently is, it is too time consuming to
review the patch set.

/Jarkko

> 

> This series of patches adds support for x509 cert signed by RSA

> with PSS encoding method. RSA PSS is described in rfc8017.

> 

> Patch1 make x509 support rsa pss algo and parse hash parameter.

> 

> Patch2 add rsa pss template.

> 

> Patch3 add test vector for rsa pss.

> 

> Patch4 is the ecdsa ima patch borrowed from Stefan Berge's ecdsa

>        patch series, rsa-pss's ima patch is made on top of this patch.

> 

> Patch5 is the rsa-pss's ima patch.

> 

> Test by the following script, it tests different saltlen, hash, mgfhash.

> 

> keyctl newring test @u

> 

> while :; do

>     for modbits in 1024 2048 4096; do

> 	if [ $modbits -eq 1024 ]; then

> 	    saltlen=(-1 -2 0 20 32 48 64 94)

> 	elif [ $modbits -eq 2048 ]; then

> 	    saltlen=(-1 -2 0 20 32 48 64 222)

> 	else

> 	    saltlen=(-1 -2 0 20 32 48 64 478)

> 	fi

> 

> 	for slen in ${saltlen[@]}; do

> 	    for hash in sha1 sha224 sha256 sha384 sha512; do

> 		for mgfhash in sha1 sha224 sha256 sha384 sha512; do

> 		    certfile="cert.der"

> 		    echo slen $slen

> 		    openssl req \

> 			    -x509 \

> 			    -${hash} \

> 			    -newkey rsa:$modbits \

> 			    -keyout key.pem \

> 			    -days 365 \

> 			    -subj '/CN=test' \

> 			    -nodes \

> 			    -sigopt rsa_padding_mode:pss \

> 			    -sigopt rsa_mgf1_md:$mgfhash \

> 			    -sigopt rsa_pss_saltlen:${slen} \

> 			    -outform der \

> 			    -out ${certfile} 2>/dev/null

> 

> 		    exp=0

> 		    id=$(keyctl padd asymmetric testkey %keyring:test < "${certfile}")

> 		    rc=$?

> 		    if [ $rc -ne $exp ]; then

> 			case "$exp" in

> 			    0) echo "Error: Could not load rsa-pss certificate!";;

> 			esac

> 			echo "modbits $modbits sha: $hash mgfhash $mgfhash saltlen: $slen"

> 			exit 1

> 		    else

> 			case "$rc" in

> 			    0) echo "load cert: keyid: $id modbits $modbits hash: $hash mgfhash $mgfhash saltlen $slen"

> 			esac

> 		    fi

> 		done

> 	    done

> 	done

>     done

> done

> 

> Hongbo Li (5):

>   x509: add support for rsa-pss

>   crypto: support rsa-pss encoding

>   crypto: add rsa pss test vector

>   crypto: ecdsa ima support

>   ima: add support for rsa pss verification

> 

>  crypto/Makefile                           |   7 +-

>  crypto/asymmetric_keys/Makefile           |   7 +-

>  crypto/asymmetric_keys/public_key.c       |   5 ++

>  crypto/asymmetric_keys/x509_cert_parser.c |  71 ++++++++++++++++-

>  crypto/rsa.c                              |  14 ++--

>  crypto/rsa_helper.c                       | 127 ++++++++++++++++++++++++++++++

>  crypto/testmgr.c                          |   7 ++

>  crypto/testmgr.h                          |  87 ++++++++++++++++++++

>  include/crypto/internal/rsa.h             |  25 +++++-

>  include/keys/asymmetric-type.h            |   6 ++

>  include/linux/oid_registry.h              |   2 +

>  security/integrity/digsig_asymmetric.c    |  34 ++++----

>  12 files changed, 363 insertions(+), 29 deletions(-)

> 

> -- 

> 1.8.3.1

> 

>
herberthbli(李弘博) April 7, 2021, 8:54 a.m. UTC | #2
在 2021/4/7 16:38, Jarkko Sakkinen 写道:
> On Tue, Apr 06, 2021 at 09:11:21PM +0800, Hongbo Li wrote:
>> From: Hongbo Li <herberthbli@tencent.com>
>>
>> This series of patches adds support for x509 cert signed by RSA
>> with PSS encoding method. RSA PSS is described in rfc8017.
> Please also briefly describe it here AND also provide link to the
> RFC. In the way this currently is, it is too time consuming to
> review the patch set.
>
> /Jarkko

Thanks, will add that in the following patches.


>> This series of patches adds support for x509 cert signed by RSA
>> with PSS encoding method. RSA PSS is described in rfc8017.
>>
>> Patch1 make x509 support rsa pss algo and parse hash parameter.
>>
>> Patch2 add rsa pss template.
>>
>> Patch3 add test vector for rsa pss.
>>
>> Patch4 is the ecdsa ima patch borrowed from Stefan Berge's ecdsa
>>        patch series, rsa-pss's ima patch is made on top of this patch.
>>
>> Patch5 is the rsa-pss's ima patch.
>>
>> Test by the following script, it tests different saltlen, hash, mgfhash.
>>
>> keyctl newring test @u
>>
>> while :; do
>>     for modbits in 1024 2048 4096; do
>> 	if [ $modbits -eq 1024 ]; then
>> 	    saltlen=(-1 -2 0 20 32 48 64 94)
>> 	elif [ $modbits -eq 2048 ]; then
>> 	    saltlen=(-1 -2 0 20 32 48 64 222)
>> 	else
>> 	    saltlen=(-1 -2 0 20 32 48 64 478)
>> 	fi
>>
>> 	for slen in ${saltlen[@]}; do
>> 	    for hash in sha1 sha224 sha256 sha384 sha512; do
>> 		for mgfhash in sha1 sha224 sha256 sha384 sha512; do
>> 		    certfile="cert.der"
>> 		    echo slen $slen
>> 		    openssl req \
>> 			    -x509 \
>> 			    -${hash} \
>> 			    -newkey rsa:$modbits \
>> 			    -keyout key.pem \
>> 			    -days 365 \
>> 			    -subj '/CN=test' \
>> 			    -nodes \
>> 			    -sigopt rsa_padding_mode:pss \
>> 			    -sigopt rsa_mgf1_md:$mgfhash \
>> 			    -sigopt rsa_pss_saltlen:${slen} \
>> 			    -outform der \
>> 			    -out ${certfile} 2>/dev/null
>>
>> 		    exp=0
>> 		    id=$(keyctl padd asymmetric testkey %keyring:test < "${certfile}")
>> 		    rc=$?
>> 		    if [ $rc -ne $exp ]; then
>> 			case "$exp" in
>> 			    0) echo "Error: Could not load rsa-pss certificate!";;
>> 			esac
>> 			echo "modbits $modbits sha: $hash mgfhash $mgfhash saltlen: $slen"
>> 			exit 1
>> 		    else
>> 			case "$rc" in
>> 			    0) echo "load cert: keyid: $id modbits $modbits hash: $hash mgfhash $mgfhash saltlen $slen"
>> 			esac
>> 		    fi
>> 		done
>> 	    done
>> 	done
>>     done
>> done
>>
>> Hongbo Li (5):
>>   x509: add support for rsa-pss
>>   crypto: support rsa-pss encoding
>>   crypto: add rsa pss test vector
>>   crypto: ecdsa ima support
>>   ima: add support for rsa pss verification
>>
>>  crypto/Makefile                           |   7 +-
>>  crypto/asymmetric_keys/Makefile           |   7 +-
>>  crypto/asymmetric_keys/public_key.c       |   5 ++
>>  crypto/asymmetric_keys/x509_cert_parser.c |  71 ++++++++++++++++-
>>  crypto/rsa.c                              |  14 ++--
>>  crypto/rsa_helper.c                       | 127 ++++++++++++++++++++++++++++++
>>  crypto/testmgr.c                          |   7 ++
>>  crypto/testmgr.h                          |  87 ++++++++++++++++++++
>>  include/crypto/internal/rsa.h             |  25 +++++-
>>  include/keys/asymmetric-type.h            |   6 ++
>>  include/linux/oid_registry.h              |   2 +
>>  security/integrity/digsig_asymmetric.c    |  34 ++++----
>>  12 files changed, 363 insertions(+), 29 deletions(-)
>>
>> -- 
>> 1.8.3.1
>>
>>
>