Re: [PATCH 5/8] KEYS: Provide software public key query function [ver #2]
From: Herbert Xu
Date: Fri Jun 24 2016 - 06:02:42 EST
Mat Martineau <mathew.j.martineau@xxxxxxxxxxxxxxx> wrote:
>
>> + if (strcmp(encoding, "pkcs1") == 0) {
>> + /* The data wangled by the RSA algorithm is typically padded
>> + * and encoded in some manner, such as EMSA-PKCS1-1_5 [RFC3447
>> + * sec 8.2].
>> + */
>> + if (!hash_algo)
>> + n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME,
>> + "pkcs1pad(%s)",
>> + pkey->pkey_algo);
>
> Did you see Herbert's patch that strips out non-hash pkcs1pad capabilities
> (and the ensuing discussion)?
>
> http://www.spinics.net/lists/linux-crypto/index.html#20432
>
> I'm making use of pkcs1pad(rsa) with a TLS implementation, so it's good to
> see it supported here.
Indeed I'm nacking this patch because it's exporting a purely
software algorithm to user-space for no good reason. AFAICS
there is nothing in the pkcs1pad code that cannot be done in
user-space, even assuming that your private key is secret and
only accessible from the kernel.
IOW exporting the raw RSA might make sense because the key may
not be visible to user-space, or that the RSA might be implemented
in hardware offload, but there is no sane reason to export pkcs1pad.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt