Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3330013imu; Mon, 7 Jan 2019 01:06:15 -0800 (PST) X-Google-Smtp-Source: ALg8bN77gyQ/JLUUMG4+cL4RyqvCUJqfQVv8CAQcuQW6p1SXxcflWz0lMw+lZnTnQEp0F3bf2EEu X-Received: by 2002:a63:e101:: with SMTP id z1mr10245128pgh.310.1546851975887; Mon, 07 Jan 2019 01:06:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546851975; cv=none; d=google.com; s=arc-20160816; b=g7/uRuK0zccsPcCnQ3BN5SesDN1Gs+5pxEKBeUbGHrpHP8SmXHDlA2YnVA3hRfH5NC e+YnCe5BzCmj5g+2x4UIRbNqDrYWeP0PXjToWaPoJKK+LBd2VbTNHVu2hFUPT79tIsLF rI51/N2h/vs4+9T3YpPXtR8fVU/0LyGrK5pNMUOxx33o5E7tD8SBYU9MfyPLFYUa4NU5 TAJ7ujhor0nq5OP+AYYt9DvYOIG6q+pnQJn5b4ZwvHrCkDEiTKnZ09lxvkSJYlNiyg0i COF91LFBOl3sHupfrldd6T730mG2oZcCuZiAU8cR7bIVJ/X7jqHfwavHDPGAKo/4ifr2 MvBg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date; bh=s0A0WxkXpHhDoRuU3yZufnPLdJXOGFYLa380TU/EZtc=; b=DGmsxx433VzGpO2jbABlTdQUCMg7u2bff3jRI1f/G7GZ+vK6rJ6VCth1oHhk18MCwN R2rFFh9XjG0QRI7cQlepf+DbW+kTb0PBgoXEyFomkFK9eghcf/vXiJ62dPB+PdeUrbFe uN8nLWeRvX2JOJCZ+mg2VjTc3sU91le87QP6X5SSMR3P95uDpT+Obnh+h3wMAsR+AeHK nYNy3ObrTZnecktUnMGXIAkN2TyoteunIzAcEd/bkUJbTXwtyYNEEb0SDnXyVOF8z2tN u+U9bw1hZNaJk0GW656FPi2pI6hn/YXfuApWgi/d32pNC3UWQUh+QpNhqjeAiIRsliDW mBTw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w5si5554635pll.64.2019.01.07.01.06.00; Mon, 07 Jan 2019 01:06:15 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726793AbfAGJEy (ORCPT + 99 others); Mon, 7 Jan 2019 04:04:54 -0500 Received: from vmicros1.altlinux.org ([194.107.17.57]:48110 "EHLO vmicros1.altlinux.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726573AbfAGJEx (ORCPT ); Mon, 7 Jan 2019 04:04:53 -0500 Received: from imap.altlinux.org (imap.altlinux.org [194.107.17.38]) by vmicros1.altlinux.org (Postfix) with ESMTP id 6B3C072CC71; Mon, 7 Jan 2019 12:04:50 +0300 (MSK) Received: from sole.flsd.net (sole.flsd.net [185.75.180.6]) by imap.altlinux.org (Postfix) with ESMTPSA id 4114C4A4A14; Mon, 7 Jan 2019 12:04:50 +0300 (MSK) Date: Mon, 7 Jan 2019 12:04:49 +0300 From: Vitaly Chikunov To: Stephan Mueller Cc: David Howells , Herbert Xu , Mimi Zohar , Dmitry Kasatkin , linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [RFC PATCH 4/4] crypto: Add EC-RDSA algorithm Message-ID: <20190107090449.d364ii24zervlsfq@sole.flsd.net> Mail-Followup-To: Stephan Mueller , David Howells , Herbert Xu , Mimi Zohar , Dmitry Kasatkin , linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org References: <20190106133608.820-1-vt@altlinux.org> <1893001.R2IGJoHzOM@positron.chronox.de> <20190107080710.r4bh7gkqdysxmlnn@sole.flsd.net> <1714084.mfT8VG1pOj@tauon.chronox.de> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <1714084.mfT8VG1pOj@tauon.chronox.de> User-Agent: NeoMutt/20171215-106-ac61c7 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Stephan, On Mon, Jan 07, 2019 at 09:31:40AM +0100, Stephan Mueller wrote: > Am Montag, 7. Januar 2019, 09:07:10 CET schrieb Vitaly Chikunov: > > > > Why do you manually parse the ASN.1 structure instead of using the ASN.1 > > > parser? > > > > I am not sure this worth effort and will not be most degenerate use of > > asn1_ber_decoder, since 1) I only need to parse one type in each case: > > OCTET STRING string above code, and OIDs in below code; 2) this data is > > said to be in DER format, which asn1_ber_decoder can not enforce. Surely > > this will also produce more code and files. > > RSA public keys also only contain n and e in the ASN.1 structure for which the > ASN.1 parser is used (see linux/crypto/rsapubkey.asn1). Yes I saw it, but at least there is two values (n and e), while EC-RDSA pub_key is just one OCTET STRING value (which internally is not defined to be ASN.1). > As ASN.1 parsing is always having security issues, I would rather suggest to > have this parsing implemented in one spot and not here and there. Yes. So I tried to parse it very carefully and strictly. > Regarding your comment (2), I am not sure I understand. Why do you say that > the DER format cannot be parsed by the kernel's ASN.1 parser? For example, It can, but DER is stricter than BER. For example, in DER 'OCTET STRING' length field should be encoded in just one byte if it's smaller than 128, in BER it could be encoded in multiple encodings. This does not seem like a big deal, though. With BER decoder an improperly DER-encoded certificate could be successfully parsed. > when you generate RSA keys in DER format with, say, openssl, the kernel ASN.1 > parser will happily use them. Also, when I created my (not accepted) patch to > load PQG domain parameters for DH using the ASN.1 parser, the PQG domain > parameters created by openssl in DER format were processed well. > > Ciao > Stephan >