Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32;
Date:   Wed, 6 Dec 2023 09:22:13 -0600
From:   Lucas De Marchi <lucas.demarchi@intel.com>
To:     Dimitri John Ledkov <dimitri.ledkov@canonical.com>
CC:     <linux-modules@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] kmod: Add FIPS 202 SHA-3 support
Message-ID: <ltdfl4l32ht2oimlppyml22q7dst35i6m4foklamapoykkl3ql@u7qmh2aa4abh>
References: <20231022180928.180437-1-dimitri.ledkov@canonical.com>
Content-Type: text/plain; charset="us-ascii"; format=flowed
Content-Disposition: inline
In-Reply-To: <20231022180928.180437-1-dimitri.ledkov@canonical.com>
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?+/Y/iAcbvhrX8xe4myc2/G9oVBRF63nnrM35oaZ9eF9iG8CnUlawWPcHr7X3?=
 =?us-ascii?Q?vfBFEEOi7tqRmtsyFT6BCLtKiyKa639XpUtRytWb8wRUUWjW6CndsYpixyJ8?=
 =?us-ascii?Q?8vB2bIuxYTigwBDqkqNZYGZwFwa1SRksBPe7Oa9SWevMtpOiXXTU08NS52qd?=
 =?us-ascii?Q?JX14tz9D2a86DETrsstMoO8KRZ6yzZmQvRulIKq9dlStjGdq1TaJiNfJBag8?=
 =?us-ascii?Q?LGCJJcKAljED7sUD9m+SN75bCyBlukSqGiCpUnSKoUVpZBLVjqbHKXeied4W?=
 =?us-ascii?Q?5fls4qcHwhdFdKWM9ODUQZQ1L+x/cX5WwbtjId6TjgyZzpdFLHvfmyvL708I?=
 =?us-ascii?Q?n2nQOsC6ABPur1Ue4iPEr+CL10ThX3GrYr/LlgcMUE8sgfe5A+ENWzS6se+m?=
 =?us-ascii?Q?JZ7sCKGNT0EPfs4I1L2Vk8XF7Mu0eSdFm3vAmfDz8cDMqiRh1eDUqauTS4kY?=
 =?us-ascii?Q?oeBXYYihQiNs+FvrGRDHWdmku6LcEtxxqAKrXD4T3aTDj7Zz8sbm3zDICiKf?=
 =?us-ascii?Q?fMy6Nf4rFfq1EzBI6FmRjWK6wR2RDKF/CScov5NZpQL14tyBF/yPbXJGQ9XN?=
 =?us-ascii?Q?2M9/gt1b4UZhuDayyIvvTi3rQytS35e2puQ0jiE5HmVNQp9Lyv9A+gSJdXCe?=
 =?us-ascii?Q?wUCqLXnLUTW2FI+T+T6J33+ON6jzwcbvQfGbbJZYtm5Hd/UUlJLiHhAIF7+v?=
 =?us-ascii?Q?24kYKotgVujQRDKnQNPsxnEQ812ZL8mLOEtTOBZSeGXH7JxWe55uo4LUhU/9?=
 =?us-ascii?Q?C8YPOSeos1NGvfaCGpCnsO5aVRa1Mmsm2bMOxqfhDwgxLjyQo2xW7PCd75Xd?=
 =?us-ascii?Q?W9IhFN0DxuOqbMSBuA7n3SJvFlgEXkgNh78X0urRGVbglIZ1ZedZtARTrmWb?=
 =?us-ascii?Q?Rz+/h5VLkDA5bz5VJc5fBQrWS00SfBQ2osveAaseGBXSdzQ/ABwi5hJr63PT?=
 =?us-ascii?Q?GHytXRY131WF4MyVorjX5wD+cko8IGhQZCEy/WpRl9ZmkGdoj4aqoPvM+wY1?=
 =?us-ascii?Q?rtVyHCOAdw7M7NqN8t4MnEQ299i47LxBWDq53PbrMxgUqhrhNX2dBEOYKmGo?=
 =?us-ascii?Q?gW4UFwdXg5Xi5wEbpbhinRjt1Bz2Kko/iAG0KDjS07vus+9zjtimKoYkYK4v?=
 =?us-ascii?Q?x0I6LrrV61yRy3tLkkkzLVydcZ+65+M5U34FS1il8Gr/8nULnvyq5REV6Hx6?=
 =?us-ascii?Q?l6FKycmpZw9Qmm5VGffIjH/6dNd3N0pYigBDzce+KtzFxLv415dm68HCAt/4?=
 =?us-ascii?Q?9P5OwCVRQO9TV/QkWt2I+0C60JkCvUjLgAp/KkTxQEYsiCravOeRaP+LsCo0?=
 =?us-ascii?Q?am+x/6mllsn9k1N6b/P5Asr8LHCIJ6NFxgxO7mquBblXf9Vt4o9/tBWl2PGs?=
 =?us-ascii?Q?aZFFRIWflXPI1fsCgQoTEA8AVtCO8NZ8l9eyCR1S9qahUtU0tf9I+0nQ7Hyz?=
 =?us-ascii?Q?4/If2uN0MnFOyUsDdKOiuWgqUKwvI2bqfW4KEhEMMom/NnuKrm9yGaIIKjxw?=
 =?us-ascii?Q?ZC5luy/4jubHm1WbmNWUwNCqhOECmuQFTfmDp6JoBNrbZzGjoseVIhPMKJJg?=
 =?us-ascii?Q?b3+i8u9zZXmQ5/tqVN4bwa36J4bTz9dAhSMIQiIErEJu2ut+FyDdtuh+PtPo?=
 =?us-ascii?Q?SA=3D=3D?=
X-MS-Exchange-CrossTenant-Network-Message-Id: f9fa2e45-8a7a-43ee-e0f7-08dbf66f20ce
X-MS-Exchange-CrossTenant-AuthSource: CY5PR11MB6139.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Dec 2023 15:22:15.7086
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: M68sVuaZnVQP5ktzOJnSTcGLipVf+NCibqlxiD0PNb41ikMNu2G+MMCfOgIETreTru1/qlFIkrLaUyKozKCdevHzSmGXnKlxkZDBXQ7eRFo=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA2PR11MB4924
X-OriginatorOrg: intel.com
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Wed, 06 Dec 2023 07:26:42 -0800 (PST)

On Sun, Oct 22, 2023 at 07:09:28PM +0100, Dimitri John Ledkov wrote:
>Add support for parsing FIPS 202 SHA-3 signature hashes. Separately,
>it is not clear why explicit hashes are re-encoded here, instead of
>trying to generically show any digest openssl supports.
>
>Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
>---
> libkmod/libkmod-signature.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
>diff --git a/libkmod/libkmod-signature.c b/libkmod/libkmod-signature.c
>index b749a818f9..a39059cd7c 100644
>--- a/libkmod/libkmod-signature.c
>+++ b/libkmod/libkmod-signature.c
>@@ -57,6 +57,9 @@ enum pkey_hash_algo {
> 	PKEY_HASH_SHA512,
> 	PKEY_HASH_SHA224,
> 	PKEY_HASH_SM3,
>+	PKEY_HASH_SHA3_256,
>+	PKEY_HASH_SHA3_384,
>+	PKEY_HASH_SHA3_512,
> 	PKEY_HASH__LAST
> };
>
>@@ -70,6 +73,9 @@ const char *const pkey_hash_algo[PKEY_HASH__LAST] = {
> 	[PKEY_HASH_SHA512]	= "sha512",
> 	[PKEY_HASH_SHA224]	= "sha224",
> 	[PKEY_HASH_SM3]		= "sm3",
>+	[PKEY_HASH_SHA3_256]	= "sha3-256",
>+	[PKEY_HASH_SHA3_384]	= "sha3-384",
>+	[PKEY_HASH_SHA3_512]	= "sha3-512",
> };
>
> enum pkey_id_type {
>@@ -167,6 +173,12 @@ static int obj_to_hash_algo(const ASN1_OBJECT *o)
> 	case NID_sm3:
> 		return PKEY_HASH_SM3;
> # endif
>+	case NID_sha3_256:
>+		return PKEY_HASH_SHA3_256;
>+	case NID_sha3_384:
>+		return PKEY_HASH_SHA3_384;
>+	case NID_sha3_512:
>+		return PKEY_HASH_SHA3_512;


with your other patch, libkmod: remove pkcs7 obj_to_hash_algo(), this
hunk is not needed anymore. Do you want to send a new version of this
patch?

thanks
Lucas De Marchi

> 	default:
> 		return -1;
> 	}
>-- 
>2.34.1
>
>