Re: [PATCH 17/18] crypto: Accept pss as valid encoding during signature verification

From: Jarkko Sakkinen
Date: Wed Mar 31 2021 - 19:16:14 EST


On Tue, Mar 30, 2021 at 10:28:28PM +0200, Varad Gautam wrote:
> Accept pss encoding for public_key_verify_signature. If
> CONFIG_CRYPTO_RSASSA_PSS is disabled, crypto_alloc_akcipher will
> fail to find a pss backend anyway.
>
> Signed-off-by: Varad Gautam <varad.gautam@xxxxxxxx>
> ---

Acked-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>

/Jarkko

> crypto/asymmetric_keys/public_key.c | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
> index 788a4ba1e2e7..b9cc83ba7a12 100644
> --- a/crypto/asymmetric_keys/public_key.c
> +++ b/crypto/asymmetric_keys/public_key.c
> @@ -69,19 +69,20 @@ int software_key_determine_akcipher(const char *encoding,
> {
> int n;
>
> - if (strcmp(encoding, "pkcs1") == 0) {
> + if (strcmp(encoding, "pkcs1") == 0 || strcmp(encoding, "pss") == 0) {
> /* The data wangled by the RSA algorithm is typically padded
> * and encoded in some manner, such as EMSA-PKCS1-1_5 [RFC3447
> - * sec 8.2].
> + * sec 8.2] or EMSA-PSS [RFC8017 sec 9.1].
> */
> if (!hash_algo)
> n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME,
> - "pkcs1pad(%s)",
> + "%spad(%s)",
> + encoding,
> pkey->pkey_algo);
> else
> n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME,
> - "pkcs1pad(%s,%s)",
> - pkey->pkey_algo, hash_algo);
> + "%spad(%s,%s)",
> + encoding, pkey->pkey_algo, hash_algo);
> return n >= CRYPTO_MAX_ALG_NAME ? -EINVAL : 0;
> }
>
> @@ -363,6 +364,13 @@ int public_key_verify_signature(const struct public_key *pkey,
> goto error_free_key;
> }
>
> + if (strcmp(sig->encoding, "pss") == 0) {
> + ret = crypto_akcipher_set_sig_params(tfm, sig, sizeof(*sig));
> + if (ret) {
> + goto error_free_key;
> + }
> + }
> +
> sg_init_table(src_sg, 2);
> sg_set_buf(&src_sg[0], sig->s, sig->s_size);
> sg_set_buf(&src_sg[1], sig->digest, sig->digest_size);
> --
> 2.30.2
>
>