This series of patches integrates the two patches sended separately,
resolves the conflict, and rebases on the latest code.
The two patches respectively support the SM2/SM3 and EC-RDSA/streebog
algorithm combinations for the pkcs7 parser.
Elvira Khabirova (1):
pkcs7: support EC-RDSA/streebog in SignerInfo
Tianjia Zhang (1):
pkcs7: parser support SM2 and SM3 algorithms combination
crypto/asymmetric_keys/pkcs7_parser.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
--
2.19.1.3.ge56e4f7
From: Elvira Khabirova <[email protected]>
Allow using EC-RDSA/streebog in pkcs7 certificates in a similar way
to how it's done in the x509 parser.
This is needed e.g. for loading kernel modules signed with EC-RDSA.
Signed-off-by: Elvira Khabirova <[email protected]>
Reviewed-by: Vitaly Chikunov <[email protected]>
Reviewed-by: Tianjia Zhang <[email protected]>
---
crypto/asymmetric_keys/pkcs7_parser.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index 24e2e4a6d842..277482bb1777 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -251,6 +251,12 @@ int pkcs7_sig_note_digest_algo(void *context, size_t hdrlen,
case OID_sm3:
ctx->sinfo->sig->hash_algo = "sm3";
break;
+ case OID_gost2012Digest256:
+ ctx->sinfo->sig->hash_algo = "streebog256";
+ break;
+ case OID_gost2012Digest512:
+ ctx->sinfo->sig->hash_algo = "streebog512";
+ break;
default:
printk("Unsupported digest algo: %u\n", ctx->last_oid);
return -ENOPKG;
@@ -284,6 +290,11 @@ int pkcs7_sig_note_pkey_algo(void *context, size_t hdrlen,
ctx->sinfo->sig->pkey_algo = "sm2";
ctx->sinfo->sig->encoding = "raw";
break;
+ case OID_gost2012PKey256:
+ case OID_gost2012PKey512:
+ ctx->sinfo->sig->pkey_algo = "ecrdsa";
+ ctx->sinfo->sig->encoding = "raw";
+ break;
default:
printk("Unsupported pkey algo: %u\n", ctx->last_oid);
return -ENOPKG;
--
2.19.1.3.ge56e4f7
Support parsing the message signature of the SM2 and SM3 algorithm
combination. This group of algorithms has been well supported. One
of the main users is module signature verification.
Signed-off-by: Tianjia Zhang <[email protected]>
Reviewed-by: Vitaly Chikunov <[email protected]>
Reviewed-by: Stefan Berger <[email protected]>
---
crypto/asymmetric_keys/pkcs7_parser.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index 6592279d839a..24e2e4a6d842 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -248,6 +248,9 @@ int pkcs7_sig_note_digest_algo(void *context, size_t hdrlen,
case OID_sha224:
ctx->sinfo->sig->hash_algo = "sha224";
break;
+ case OID_sm3:
+ ctx->sinfo->sig->hash_algo = "sm3";
+ break;
default:
printk("Unsupported digest algo: %u\n", ctx->last_oid);
return -ENOPKG;
@@ -277,6 +280,10 @@ int pkcs7_sig_note_pkey_algo(void *context, size_t hdrlen,
ctx->sinfo->sig->pkey_algo = "ecdsa";
ctx->sinfo->sig->encoding = "x962";
break;
+ case OID_SM2_with_SM3:
+ ctx->sinfo->sig->pkey_algo = "sm2";
+ ctx->sinfo->sig->encoding = "raw";
+ break;
default:
printk("Unsupported pkey algo: %u\n", ctx->last_oid);
return -ENOPKG;
--
2.19.1.3.ge56e4f7
Hi Jarkko,
On 9/18/21 4:07 PM, Tianjia Zhang wrote:
> This series of patches integrates the two patches sended separately,
> resolves the conflict, and rebases on the latest code.
>
> The two patches respectively support the SM2/SM3 and EC-RDSA/streebog
> algorithm combinations for the pkcs7 parser.
>
> Elvira Khabirova (1):
> pkcs7: support EC-RDSA/streebog in SignerInfo
>
> Tianjia Zhang (1):
> pkcs7: parser support SM2 and SM3 algorithms combination
>
> crypto/asymmetric_keys/pkcs7_parser.c | 18 ++++++++++++++++++
> 1 file changed, 18 insertions(+)
>
No response from David, can you pick this?
Best regards,
Tianjia
On Fri, Jun 17, 2022 at 05:19:03PM +0800, Tianjia Zhang wrote:
> Hi Jarkko,
>
> On 9/18/21 4:07 PM, Tianjia Zhang wrote:
> > This series of patches integrates the two patches sended separately,
> > resolves the conflict, and rebases on the latest code.
> >
> > The two patches respectively support the SM2/SM3 and EC-RDSA/streebog
> > algorithm combinations for the pkcs7 parser.
> >
> > Elvira Khabirova (1):
> > pkcs7: support EC-RDSA/streebog in SignerInfo
> >
> > Tianjia Zhang (1):
> > pkcs7: parser support SM2 and SM3 algorithms combination
> >
> > crypto/asymmetric_keys/pkcs7_parser.c | 18 ++++++++++++++++++
> > 1 file changed, 18 insertions(+)
> >
>
> No response from David, can you pick this?
>
> Best regards,
> Tianjia
You should CC me the series then.
BR, Jarkko
Hi Jarkko,
On 6/26/22 2:14 PM, Jarkko Sakkinen wrote:
> On Fri, Jun 17, 2022 at 05:19:03PM +0800, Tianjia Zhang wrote:
>> Hi Jarkko,
>>
>> On 9/18/21 4:07 PM, Tianjia Zhang wrote:
>>> This series of patches integrates the two patches sended separately,
>>> resolves the conflict, and rebases on the latest code.
>>>
>>> The two patches respectively support the SM2/SM3 and EC-RDSA/streebog
>>> algorithm combinations for the pkcs7 parser.
>>>
>>> Elvira Khabirova (1):
>>> pkcs7: support EC-RDSA/streebog in SignerInfo
>>>
>>> Tianjia Zhang (1):
>>> pkcs7: parser support SM2 and SM3 algorithms combination
>>>
>>> crypto/asymmetric_keys/pkcs7_parser.c | 18 ++++++++++++++++++
>>> 1 file changed, 18 insertions(+)
>>>
>>
>> No response from David, can you pick this?
>>
>> Best regards,
>> Tianjia
>
> You should CC me the series then.
>
> BR, Jarkko
Thanks, I will resend these series.
Best regards,
Tianjia