Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp2158421ybt; Mon, 15 Jun 2020 21:07:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzJvTECmnEms3frtX/tJMIgWPmDl+QCcXP8Fwflfb06r4tXEqdCkX7q//ow76CG0/zbHhAs X-Received: by 2002:a17:906:5617:: with SMTP id f23mr883994ejq.331.1592280440486; Mon, 15 Jun 2020 21:07:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592280440; cv=none; d=google.com; s=arc-20160816; b=Fz5UCDGJMd13lyvsLLfq4Gf9vI51ZY1mPjOh3htGdoHV5UFXneBbO6GpXEdouTH4dz 8jUsFG1uTRHwm0nV+HJSKIcyOMYWEzJzxi47GgjNLrvLPYI5X4J/A4mhfeymAfe3HIVl zvu0Ge+JFvy1xlHTHIQEsjYqJUfgYu9ttodiyIQx9jP/NM0eb2yez1bn5mFUzLXMqndF AJBfpwOVzHlhShLGadGFmep+6PcSajDJZpRMQvNj4H18ug6Z/kLbtUDh4aWl+1X8qfxa AcrqQfeGa792bAbwWcRu1E9fStZRmXkeX/m0UtEhTmSu6mPne11aVwKb4E+FTj/1jhB1 yNoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:ironport-sdr:ironport-sdr; bh=dUj/J3VXXFzQ4gPHOYa6pB3b0/nc2Po4sovBzHE7AYg=; b=BZYkQtzakwNgxD94MM3sQrehL0IeHkVoPfcWrK+ZsKjqLbKBt8iuUDw4jZPFvGJ/pX X9u4H5Yk5Un9CC0BPC0Vdh5+Y5VPtnhgAJNf4kfjgaFql7E8jESlA98tPGoHJFctWyuJ EWZIsO0kgHB0TU4bhbxuhy0IRZcNElJtv53A/nFtiX/PxF6LbxWeQAAZEoluS9Z9bs26 txz/XAhsIKJ3y3nuswtPHmnW+wpyonQLmAe8dZpEpFyNsqjCAUNY1S3VAtEE5/XBbe/E y44RZVAaYcvYINC/sF21EONncCE9wh0r3tQSZKH50VgBuE8r3QmGpXEyJ3JKqpkzo96V 1Ubg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i7si12615691ejo.684.2020.06.15.21.06.45; Mon, 15 Jun 2020 21:07:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725308AbgFPEGn (ORCPT + 99 others); Tue, 16 Jun 2020 00:06:43 -0400 Received: from mga17.intel.com ([192.55.52.151]:40006 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725306AbgFPEGm (ORCPT ); Tue, 16 Jun 2020 00:06:42 -0400 IronPort-SDR: puXLyySm9QSp17u6iadahGKiDVBfVxIaoBQJ77jM0lZ8VFRTRz3shqjSaFAWKeqi0l8tfiZYkw NUwrqn4IjONw== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jun 2020 21:06:42 -0700 IronPort-SDR: MIIvnD102MDN9s0bZ67NOn1YIW7aWVAYOO9Z9hr/zSf5OJ8LQ9CZ2czJZz11gbDvznseT5c1XE EcgnpZfg90OA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,517,1583222400"; d="scan'208";a="476266542" Received: from unknown (HELO intel.com) ([10.223.74.178]) by fmsmga006.fm.intel.com with ESMTP; 15 Jun 2020 21:06:40 -0700 Date: Tue, 16 Jun 2020 09:26:04 +0530 From: Anshuman Gupta To: Stephan Mueller Cc: linux-crypto@vger.kernel.org Subject: Re: [Query] RSA SHA-384 signature verification Message-ID: <20200616035603.GG14085@intel.com> References: <20200615170413.GF14085@intel.com> <1730161.mygNopSbl3@tauon.chronox.de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <1730161.mygNopSbl3@tauon.chronox.de> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 2020-06-15 at 21:25:58 +0200, Stephan Mueller wrote: > Am Montag, 15. Juni 2020, 19:04:14 CEST schrieb Anshuman Gupta: > > Hi Anshuman, > > > Hi , > > I wanted to verify a RSA SHA-384 signature. > > I am using crypto_alloc_shash(), crypto_shash_digest() API to extract > > the SHA-384 digest. > > I am having public key along with the sha-384 digest extracted from raw data > > and signature. AFAIU understand from crypto documentation that i need to > > verify the signature by importing public key to akcipher/skcipher API. > > Here i am not sure which cipher API to prefer symmetric key cipher or > > asymmetric key cipher API. > > > > There are two types of API to import the key. > > crypto_skcipher_setkey() > > crypto_akcipher_set_pub_key() > > > > Also i am not sure exactly which algo to use for RSA-SHA384 signature > > verification. > > > > Any help or inputs from crypto community will highly appreciated. > > akcipher: asymmetric key crypto > > skcipher: symmetric key crypto Many thanks for your input, based upon your inputs i should use akcipher. Actually tried to grep crypto_akcipher_set_pub_key() but there are not any usages of this API in Linux drivers. What is the preferred method to verify a RSA signature inside any Linux GPL driver, is there any standard interface API to verify RSA signature by importing input of raw data and public key or else it is recommended method to use below set low level of API crypto_alloc_akcipher(), akcipher_request_alloc(), akcipher_request_set_crypt(), crypto_akcipher_verify(). Thanks, Anshuman. > > > > Thanks , > > Anshuman Gupta. > > > Ciao > Stephan > >