Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp614537pxb; Wed, 27 Jan 2021 16:50:45 -0800 (PST) X-Google-Smtp-Source: ABdhPJy6GqiQBZKe2yh9tvlGOv4ie6+8l+mhBQbiUBSjWb2lzi1Omn6gR7GiNdYJM5K3oXFITn5J X-Received: by 2002:a17:906:c08e:: with SMTP id f14mr9245299ejz.388.1611795045527; Wed, 27 Jan 2021 16:50:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1611795045; cv=none; d=google.com; s=arc-20160816; b=0UvEqeU6vgTLvxe+wB6qpK2aL8U8k6NwdaDgM6QbgQh2H/F74hyE7PUkRHl7yWvDN/ SpMb05XGkUMoebQiuiOh+tBhGXHaYXWQqfiUIbjXmpsZc0gunwotyiCH8/szelJqinFu +XqyrFJQTA1rzmxP6RKYHg0SN7cSXG64no6NLKiuGZMw9BhgoFZoHD9gCqlNwF5yA+fA vGYhI3XgdHKLXmfTu03px1D5KcoTI0kjh6LUmHnrhUrWN+CKpJRmVD/hsKfVZ2LFQp/n AZKurJEG/Up14hgtOq2B22AUv22Ck4LzxJ3KtiRCpe4UynL++uBP3h8eQbXpeaW+/Ldc rZXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=fvL6HWXjYHfv/LTVuHa7/61wGfMjY1n63JroHZ8llkI=; b=kYuEA4qMUB7wlknnOd5rfv3BpO69ICNxWBXjfmgrDwTyTxM8AqAnJ5LNL2idgJU/Q2 U9uUHt7VF7rGOUCKD4lL4ti2p69HKqK/D8Q6LuNfBNCf3GmdzrmKS51QNyX6qKwvRlGs qPkrCHQsrY516DJFkKZpyTDyh9SFwp9Ka1v93c3gU6MD9B7onyZeBZ/RKUnQ5amEXEX3 z4XjBYHPWauVHF9PfFJtrwz6uG6CsnCHNsVCC6vcY4ptqPoQtZD/lk3EORmht1amc1O8 m5lUVAz4kbxfTqXPh4s0kbOfk6mIzM5sUFEHh17OPT7yFgBA67/CrgwBoyCGsMbLpGqN x8+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=Cdg22Vaq; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id be18si1848695edb.404.2021.01.27.16.50.21; Wed, 27 Jan 2021 16:50:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=Cdg22Vaq; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231249AbhA1APO (ORCPT + 99 others); Wed, 27 Jan 2021 19:15:14 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:55890 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231139AbhA1APC (ORCPT ); Wed, 27 Jan 2021 19:15:02 -0500 Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 10S02cd5111408; Wed, 27 Jan 2021 19:14:18 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=fvL6HWXjYHfv/LTVuHa7/61wGfMjY1n63JroHZ8llkI=; b=Cdg22Vaqw8mmOyY7tjS07TW+b3+8QOy57/wzKLF4CND3PpLVp9CeA/l5f+gCPqxzjPkn eCjFCwOH2WFqeGyB9BX+vOLr2JNElemXZPlWNNEBfVrnmdA/1B3BGAHxmWu+JZhls1OM +90o0imRrvbDw9kjsQYf1F6vE799aRj4Aky30AbCirrWnzC/K9WEKLQnPJyOHCTUbLmV j8zat3K82W4Yr133P672Ly6uVwJcqxLHjynBzsZLyRORUWg08IccyJSoxDNGv4q7KAl+ KZYCyP8sxmByL/QsL1NrcB0gRP5JqBuQSiODz8cnyTeh4tIcOautYZgmPGfW0tEIdg3G 0w== Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0b-001b2d01.pphosted.com with ESMTP id 36b4g97cp5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 27 Jan 2021 19:14:18 -0500 Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 10S08eVv029776; Thu, 28 Jan 2021 00:14:18 GMT Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma03dal.us.ibm.com with ESMTP id 368be9hmge-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 Jan 2021 00:14:18 +0000 Received: from b01ledav005.gho.pok.ibm.com (b01ledav005.gho.pok.ibm.com [9.57.199.110]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 10S0EH6u32768358 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 28 Jan 2021 00:14:17 GMT Received: from b01ledav005.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 64A88AE05F; Thu, 28 Jan 2021 00:14:17 +0000 (GMT) Received: from b01ledav005.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4CC3BAE060; Thu, 28 Jan 2021 00:14:17 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by b01ledav005.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 28 Jan 2021 00:14:17 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, patrick@puiterwijk.org, Stefan Berger Subject: [PATCH v4 0/3] Add support for x509 certs with NIST p256 and p192 keys Date: Wed, 27 Jan 2021 19:14:09 -0500 Message-Id: <20210128001412.822048-1-stefanb@linux.vnet.ibm.com> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.343,18.0.737 definitions=2021-01-27_10:2021-01-27,2021-01-27 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 impostorscore=0 adultscore=0 mlxlogscore=999 suspectscore=0 priorityscore=1501 mlxscore=0 phishscore=0 lowpriorityscore=0 bulkscore=0 clxscore=1015 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2101270116 Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Stefan Berger This series of patches adds support for x509 certificates signed by a CA that uses NIST p256 or p192 keys for signing. It also adds support for certificates where the public key is a NIST p256 or p192 key. The math for ECDSA signature verification is also added. Since self-signed certificates are verified upon loading, the following script can be used for testing: k=$(keyctl newring test @u) while :; do for hash in sha1 sha224 sha256 sha384 sha512; do openssl req \ -x509 \ -${hash} \ -newkey ec \ -pkeyopt ec_paramgen_curve:prime256v1 \ -keyout key.pem \ -days 365 \ -subj '/CN=test' \ -nodes \ -outform der \ -out cert.der keyctl padd asymmetric testkey $k < cert.der if [ $? -ne 0 ]; then echo "ERROR" exit 1 fi done done It also works with restricted keyrings where an RSA key is used to sign a NIST P256/P192 key. Scripts for testing are here: https://github.com/stefanberger/eckey-testing The ECDSA signature verification will be used by IMA Appraisal where ECDSA file signatures stored in RPM packages will use substantially less space than if RSA signatures were to be used. Stefan v3->v4: - split off of ecdsa crypto part; registering akcipher as "ecdsa" and deriving used curve from digits in parsed key v2->v3: - patch 2 now includes linux/scatterlist.h v1->v2: - using faster vli_sub rather than newly added vli_mod_fast to 'reduce' result - rearranged switch statements to follow after RSA - 3rd patch from 1st posting is now 1st patch Stefan Berger (3): crypto: Add support for ECDSA signature verification x509: Detect sm2 keys by their parameters OID x509: Add support for parsing x509 certs with ECDSA keys crypto/Makefile | 9 +- crypto/asymmetric_keys/public_key.c | 17 ++ crypto/asymmetric_keys/x509_cert_parser.c | 45 +++- crypto/ecc.c | 279 ++++++++++++++++++++++ crypto/ecc.h | 2 + crypto/ecdsasignature.asn1 | 4 + include/linux/oid_registry.h | 6 + 7 files changed, 359 insertions(+), 3 deletions(-) create mode 100644 crypto/ecdsasignature.asn1 -- 2.26.2