Re: [PATCH 1/3] crypto: public_key: Remove check for valid hash_algo for ML-DSA keys

Next message: Florian Fainelli: "Re: [PATCH net-next 2/3] net: phy: broadcom: implement .disable_autonomous_eee for BCM54xx"
Previous message: Cao Ruichuang: "[PATCH v2] ring-buffer: report header_page overwrite as char"
In reply to: Stefan Berger: "[PATCH 1/3] crypto: public_key: Remove check for valid hash_algo for ML-DSA keys"
Next in thread: Stefan Berger: "[PATCH 3/3] integrity: Add support for sigv3 verification using ML-DSA keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Eric Biggers

Date: Mon Apr 06 2026 - 12:55:14 EST

On Sun, Apr 05, 2026 at 07:12:22PM -0400, Stefan Berger wrote:
> Remove the check for the hash_algo since ML-DSA is only used in pure mode
> and there is no relevance of a hash_algo for the input data.
>
> Cc: David Howells <dhowells@xxxxxxxxxx>
> Cc: Lukas Wunner <lukas@xxxxxxxxx>
> Cc: Ignat Korchagin <ignat@xxxxxxxxx>
> Cc: keyrings@xxxxxxxxxxxxxxx
> Cc: linux-crypto@xxxxxxxxxxxxxxx
> Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
> ---
> crypto/asymmetric_keys/public_key.c | 5 -----
> 1 file changed, 5 deletions(-)
>
> diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
> index 09a0b83d5d77..df6918a77ab8 100644
> --- a/crypto/asymmetric_keys/public_key.c
> +++ b/crypto/asymmetric_keys/public_key.c
> @@ -147,11 +147,6 @@ software_key_determine_akcipher(const struct public_key *pkey,
> strcmp(pkey->pkey_algo, "mldsa87") == 0) {
> if (strcmp(encoding, "raw") != 0)
> return -EINVAL;
> - if (!hash_algo)
> - return -EINVAL;
> - if (strcmp(hash_algo, "none") != 0 &&
> - strcmp(hash_algo, "sha512") != 0)
> - return -EINVAL;

Does this broaden which hash algorithms are accepted for CMS signatures
that use ML-DSA and contain signed attributes?

- Eric