Hi ,
I wanted to verify a RSA SHA-384 signature.
I am using crypto_alloc_shash(), crypto_shash_digest() API to extract
the SHA-384 digest.
I am having public key along with the sha-384 digest extracted from raw data and signature.
AFAIU understand from crypto documentation that i need to verify the
signature by importing public key to akcipher/skcipher API.
Here i am not sure which cipher API to prefer symmetric key cipher or asymmetric key
cipher API.
There are two types of API to import the key.
crypto_skcipher_setkey()
crypto_akcipher_set_pub_key()
Also i am not sure exactly which algo to use for RSA-SHA384 signature
verification.
Any help or inputs from crypto community will highly appreciated.
Thanks ,
Anshuman Gupta.
Am Montag, 15. Juni 2020, 19:04:14 CEST schrieb Anshuman Gupta:
Hi Anshuman,
> Hi ,
> I wanted to verify a RSA SHA-384 signature.
> I am using crypto_alloc_shash(), crypto_shash_digest() API to extract
> the SHA-384 digest.
> I am having public key along with the sha-384 digest extracted from raw data
> and signature. AFAIU understand from crypto documentation that i need to
> verify the signature by importing public key to akcipher/skcipher API.
> Here i am not sure which cipher API to prefer symmetric key cipher or
> asymmetric key cipher API.
>
> There are two types of API to import the key.
> crypto_skcipher_setkey()
> crypto_akcipher_set_pub_key()
>
> Also i am not sure exactly which algo to use for RSA-SHA384 signature
> verification.
>
> Any help or inputs from crypto community will highly appreciated.
akcipher: asymmetric key crypto
skcipher: symmetric key crypto
>
> Thanks ,
> Anshuman Gupta.
Ciao
Stephan
On 2020-06-15 at 21:25:58 +0200, Stephan Mueller wrote:
> Am Montag, 15. Juni 2020, 19:04:14 CEST schrieb Anshuman Gupta:
>
> Hi Anshuman,
>
> > Hi ,
> > I wanted to verify a RSA SHA-384 signature.
> > I am using crypto_alloc_shash(), crypto_shash_digest() API to extract
> > the SHA-384 digest.
> > I am having public key along with the sha-384 digest extracted from raw data
> > and signature. AFAIU understand from crypto documentation that i need to
> > verify the signature by importing public key to akcipher/skcipher API.
> > Here i am not sure which cipher API to prefer symmetric key cipher or
> > asymmetric key cipher API.
> >
> > There are two types of API to import the key.
> > crypto_skcipher_setkey()
> > crypto_akcipher_set_pub_key()
> >
> > Also i am not sure exactly which algo to use for RSA-SHA384 signature
> > verification.
> >
> > Any help or inputs from crypto community will highly appreciated.
>
> akcipher: asymmetric key crypto
>
> skcipher: symmetric key crypto
Many thanks for your input, based upon your inputs i should use
akcipher.
Actually tried to grep crypto_akcipher_set_pub_key() but there are not any
usages of this API in Linux drivers.
What is the preferred method to verify a RSA signature inside any Linux
GPL driver, is there any standard interface API to verify RSA signature
by importing input of raw data and public key or else
it is recommended method to use below set low level of API
crypto_alloc_akcipher(), akcipher_request_alloc(),
akcipher_request_set_crypt(), crypto_akcipher_verify().
Thanks,
Anshuman.
> >
> > Thanks ,
> > Anshuman Gupta.
>
>
> Ciao
> Stephan
>
>
Am Dienstag, 16. Juni 2020, 05:56:04 CEST schrieb Anshuman Gupta:
Hi Anshuman,
> On 2020-06-15 at 21:25:58 +0200, Stephan Mueller wrote:
> > Am Montag, 15. Juni 2020, 19:04:14 CEST schrieb Anshuman Gupta:
> >
> > Hi Anshuman,
> >
> > > Hi ,
> > > I wanted to verify a RSA SHA-384 signature.
> > > I am using crypto_alloc_shash(), crypto_shash_digest() API to extract
> > > the SHA-384 digest.
> > > I am having public key along with the sha-384 digest extracted from raw
> > > data and signature. AFAIU understand from crypto documentation that i
> > > need to verify the signature by importing public key to
> > > akcipher/skcipher API. Here i am not sure which cipher API to prefer
> > > symmetric key cipher or asymmetric key cipher API.
> > >
> > > There are two types of API to import the key.
> > > crypto_skcipher_setkey()
> > > crypto_akcipher_set_pub_key()
> > >
> > > Also i am not sure exactly which algo to use for RSA-SHA384 signature
> > > verification.
> > >
> > > Any help or inputs from crypto community will highly appreciated.
> >
> > akcipher: asymmetric key crypto
> >
> > skcipher: symmetric key crypto
>
> Many thanks for your input, based upon your inputs i should use
> akcipher.
> Actually tried to grep crypto_akcipher_set_pub_key() but there are not any
> usages of this API in Linux drivers.
> What is the preferred method to verify a RSA signature inside any Linux
> GPL driver, is there any standard interface API to verify RSA signature
> by importing input of raw data and public key or else
> it is recommended method to use below set low level of API
> crypto_alloc_akcipher(), akcipher_request_alloc(),
> akcipher_request_set_crypt(), crypto_akcipher_verify().
You can use that API directly or you can go through the intermediary of the
crypto/asymmetric_keys API. One use case is the kernel signature verification
as implemented in kernel/module_signing.c
> Thanks,
> Anshuman.
>
> > > Thanks ,
> > > Anshuman Gupta.
> >
> > Ciao
> > Stephan
Ciao
Stephan
On 2020-06-16 at 07:03:28 +0200, Stephan Mueller wrote:
> Am Dienstag, 16. Juni 2020, 05:56:04 CEST schrieb Anshuman Gupta:
>
> Hi Anshuman,
>
> > On 2020-06-15 at 21:25:58 +0200, Stephan Mueller wrote:
> > > Am Montag, 15. Juni 2020, 19:04:14 CEST schrieb Anshuman Gupta:
> > >
> > > Hi Anshuman,
> > >
> > > > Hi ,
> > > > I wanted to verify a RSA SHA-384 signature.
> > > > I am using crypto_alloc_shash(), crypto_shash_digest() API to extract
> > > > the SHA-384 digest.
> > > > I am having public key along with the sha-384 digest extracted from raw
> > > > data and signature. AFAIU understand from crypto documentation that i
> > > > need to verify the signature by importing public key to
> > > > akcipher/skcipher API. Here i am not sure which cipher API to prefer
> > > > symmetric key cipher or asymmetric key cipher API.
> > > >
> > > > There are two types of API to import the key.
> > > > crypto_skcipher_setkey()
> > > > crypto_akcipher_set_pub_key()
> > > >
> > > > Also i am not sure exactly which algo to use for RSA-SHA384 signature
> > > > verification.
> > > >
> > > > Any help or inputs from crypto community will highly appreciated.
> > >
> > > akcipher: asymmetric key crypto
> > >
> > > skcipher: symmetric key crypto
> >
> > Many thanks for your input, based upon your inputs i should use
> > akcipher.
> > Actually tried to grep crypto_akcipher_set_pub_key() but there are not any
> > usages of this API in Linux drivers.
> > What is the preferred method to verify a RSA signature inside any Linux
> > GPL driver, is there any standard interface API to verify RSA signature
> > by importing input of raw data and public key or else
> > it is recommended method to use below set low level of API
> > crypto_alloc_akcipher(), akcipher_request_alloc(),
> > akcipher_request_set_crypt(), crypto_akcipher_verify().
>
> You can use that API directly or you can go through the intermediary of the
> crypto/asymmetric_keys API. One use case is the kernel signature verification
> as implemented in kernel/module_signing.c
Thanks Stephan :)
>
> > Thanks,
> > Anshuman.
> >
> > > > Thanks ,
> > > > Anshuman Gupta.
> > >
> > > Ciao
> > > Stephan
>
>
> Ciao
> Stephan
>
>