Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp243275pxf; Wed, 24 Mar 2021 04:11:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwjtrICXXCUu2JD130idyXO9IZ8tUvrV+n2iMrwZERE4klBqlOmWgAhd782HP31VRJNDGgy X-Received: by 2002:a50:f113:: with SMTP id w19mr2800598edl.226.1616584317423; Wed, 24 Mar 2021 04:11:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616584317; cv=none; d=google.com; s=arc-20160816; b=gU188yIO9qdny0jp0PSeTpgc6Hw4/Rgqktvd8BQ5X8fZ2iePkdthxoa2heUDjnlbAp xig5PkSE9Bb2x0gIWgMh53peToGKeTB+JcUSPeEW9LEX2BMphUEzW47VLkLzv0YPP4Xq ifWv/iMoY6BTgIHGX4qDokRQx2NhKofJpOMCVFJ1oWoC/rNJgno3cLv+6KW2/3rBmdYx di94qjqGaeiAcN7LT+0yE/2WPs1qShZI8cW4XTydoobxkfFVoarMZ8O0cPRWneFIDAsE Pg7/3s2iSQV/nfsUrGgIqNa/wgmmvsmCtljffnOrbf7vdcJR4DMhATVygJYgYpNZoI2x masQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=wDzLZ/5ohcOgME7fIiWpOCJK9J+jxaM1ubDW7m+coHI=; b=YnHCcWrd0kjKoOXMkoJH0R3as4tSAjp/v0Ns+uSUiNiEGZXBFTBWJNT3whc87mJzjJ cpXcs/ZdfVHzqKdQx85edFsbzy4EDstAuYBYucybASYpODBdqBfyBta3Q+Uj/unAhGfZ oqAy/6In7TpgVW07I/In/5oQkVJY4He+K70pZB3mwJrfOkV9WOW5RqqH8JLz0EIciZIw UwrwxnWBzxN1YOsmsY3BlINQxh+e7qOphLaBb7hOlM9TdqeVEjRJtAlSRpiiyM3LO07i myCvKpkeu5/pySFwUmlpK2WluIIdSu3d/A8HmbFwI/9hGXhxYxSNDCvp2HAWd8l2o+B7 rYaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id rh9si1595802ejb.113.2021.03.24.04.11.32; Wed, 24 Mar 2021 04:11:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234679AbhCXJbV (ORCPT + 99 others); Wed, 24 Mar 2021 05:31:21 -0400 Received: from out30-57.freemail.mail.aliyun.com ([115.124.30.57]:39240 "EHLO out30-57.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234914AbhCXJbR (ORCPT ); Wed, 24 Mar 2021 05:31:17 -0400 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R171e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e04426;MF=tianjia.zhang@linux.alibaba.com;NM=1;PH=DS;RN=21;SR=0;TI=SMTPD_---0UT9xWcp_1616578271; Received: from B-455UMD6M-2027.local(mailfrom:tianjia.zhang@linux.alibaba.com fp:SMTPD_---0UT9xWcp_1616578271) by smtp.aliyun-inc.com(127.0.0.1); Wed, 24 Mar 2021 17:31:12 +0800 Subject: Re: [PATCH] init/Kconfig: Support sign module with SM3 hash algorithm To: Ard Biesheuvel Cc: David Howells , David Woodhouse , Jonathan Corbet , Herbert Xu , "David S. Miller" , Masahiro Yamada , Andrew Morton , Nathan Chancellor , Kees Cook , Nick Desaulniers , Valentin Schneider , Nick Terrell , KP Singh , Johannes Weiner , Vlastimil Babka , keyrings@vger.kernel.org, Linux Doc Mailing List , Linux Kernel Mailing List , Linux Crypto Mailing List , Jia Zhang References: <20210323083528.25678-1-tianjia.zhang@linux.alibaba.com> From: Tianjia Zhang Message-ID: <5777cfde-dbfd-bc25-3936-2e964b8e85be@linux.alibaba.com> Date: Wed, 24 Mar 2021 17:31:11 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi, On 3/24/21 6:14 AM, Ard Biesheuvel wrote: > On Tue, 23 Mar 2021 at 09:36, Tianjia Zhang > wrote: >> >> The kernel module signature supports the option to use the SM3 >> secure hash (OSCCA GM/T 0004-2012 SM3). >> >> Signed-off-by: Tianjia Zhang > > A secure hash is not the same as a signature. Looking at the patch, > the asymmetric algorithm that is used to sign the SM3 digest is SM2, > is that correct? How does one create such signed modules? > > In any case, please provide more context in the commit log on how this > is intended to be used. > > Sorry for the trouble you have caused. You are right. SM2 and SM3 always appear in pairs. The former is used for signatures and the latter is used for hashing algorithms. I will add this information in the next version. It seems This is more appropriate to split into two patches. Best regards, Tianjia