Received: by 2002:ab2:60d1:0:b0:1f7:5705:b850 with SMTP id i17csp223393lqm;
        Tue, 30 Apr 2024 20:01:36 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCWNoeiMNAW7AtXun4gcdfF1NHriZLDw7/Umj1p4AG4ILVxR1tb4QUDwfilfffpoIFkeC5479XEI1p0EPQpH7wqY7TEpYFW1VIltDXo/DA==
X-Google-Smtp-Source: AGHT+IEQQPMsEAIPWTzz3vAf8nBrBdYJo3qhP3eVHI5eN3R25TyVp4K5E/qz1J9lFiLo1TFgW8Sg
X-Received: by 2002:a17:906:7fd1:b0:a55:b272:e90b with SMTP id r17-20020a1709067fd100b00a55b272e90bmr1297328ejs.35.1714532496711;
        Tue, 30 Apr 2024 20:01:36 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1714532496; cv=pass;
        d=google.com; s=arc-20160816;
        b=d2gzTCXCUzUkO+ESNHa+hn6EpqrsKNvbEhjgsXlOLj+iy9sghc/ZQMz890rNM0LdRV
         lyHMhrEeb4X/aUX2H39yDPWCpn1cyvNuPJ0J2+Kxon5lFjtOj/Vxu0G4IE5OgDpD2GE2
         /O6zUwwgt57GxgJmOlh+f3mp2akGADSQ9CETm2RQJF/xxKeMXsQZ1qDIdw+8IY2KpP6D
         qo7vosTufvDsDZT9ia16OxPeV3Mzuz+vcuDZmvkp/2mtVMlk2IfSIFoO0W97lpDqktTR
         R1CvlsfHEQUAOrg5Ik0/FSA4uXyIwhefkaXIBmJ+7Osk4og63++OfIutJtC1gz2xzBWI
         9hgg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:in-reply-to:content-language:references
         :cc:to:subject:from:mime-version:list-unsubscribe:list-subscribe
         :list-id:precedence:date:message-id:dkim-signature;
        bh=fZMpQnPLIYBIyI2cID5+k4DdLAoYPTbdTEjtYEn84EU=;
        fh=DM/kEgcdvttMGSVwL7NCZIOCOMoYfQUgMnx9G80w+2I=;
        b=hPO2uv2cEVOarUWf+35CoIKz4r1drVQPz7PUFVBoMjXNXswLG+QfgBHnFf2HacKLCS
         1lbhcjMejMygkMNk6WuV/ZgOHi1sal9sRqgEidTFEqVl1ZMrTxXFViQaxFjUQnx9wDxB
         qUvzvkHT/AXKdzzDPRansdvHkpmvg/MOMU9ez3fMXVqy+SWrNjcepgDKLO/pvu2MpUpJ
         c7gXaZU8exd71wrwjsF7PE/SrcU3e7/PnQFu+aKhmQePIlzoHYbwchEyQyfVbGL8a1Sa
         IH6KOP2Ko2OfSZvEG8V1kyN3QXsFAr6SFEzde+xyNh10r9TU3s1fMfF+lPBtTG4rcCTD
         1Rhw==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@jvdsn.com header.s=mail header.b=xuz3s0CY;
       arc=pass (i=1 spf=pass spfdomain=jvdsn.com dkim=pass dkdomain=jvdsn.com dmarc=pass fromdomain=jvdsn.com);
       spf=pass (google.com: domain of linux-crypto+bounces-3962-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-crypto+bounces-3962-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=jvdsn.com
Return-Path: <linux-crypto+bounces-3962-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249])
        by mx.google.com with ESMTPS id ne2-20020a1709077b8200b00a59285da745si1569724ejc.231.2024.04.30.20.01.36
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 30 Apr 2024 20:01:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto+bounces-3962-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@jvdsn.com header.s=mail header.b=xuz3s0CY;
       arc=pass (i=1 spf=pass spfdomain=jvdsn.com dkim=pass dkdomain=jvdsn.com dmarc=pass fromdomain=jvdsn.com);
       spf=pass (google.com: domain of linux-crypto+bounces-3962-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-crypto+bounces-3962-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=jvdsn.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by am.mirrors.kernel.org (Postfix) with ESMTPS id 51F981F21842
	for <linux.lists.archive@gmail.com>; Wed,  1 May 2024 03:01:36 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 3DDAE1BF3A;
	Wed,  1 May 2024 03:01:32 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=jvdsn.com header.i=@jvdsn.com header.b="xuz3s0CY"
X-Original-To: linux-crypto@vger.kernel.org
Received: from smtp.jvdsn.com (smtp.jvdsn.com [129.153.194.31])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6CB6422EE3
	for <linux-crypto@vger.kernel.org>; Wed,  1 May 2024 03:01:30 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=129.153.194.31
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1714532492; cv=none; b=DW6aaDL3/VXDDMPuasnU7HaPcd3qSCW3OrHyGWvMPsKKA0VYNJpoo/vtHvtFp60stbpHR+YuyRULjlaknfvtr1NGnLZldnCaa3u/6KZ+W9knq3h3wS1Zg0dKnC2cj9hv+S4BNpCnP6e5OxsFKhBxQCXWhVqumm/Fejp1D66qgMs=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1714532492; c=relaxed/simple;
	bh=bDo4oRYbf4croWUFPynRoDuzCOPy3dg5iCM6HULHCvQ=;
	h=Message-ID:Date:MIME-Version:From:Subject:To:Cc:References:
	 In-Reply-To:Content-Type; b=trHdelwYq/Hxc4wnQbLK5SBsGxDIZX3uZagJ95FZu/M1g1KzRW9Q9eZpGJP/2/JFy8b0tdhUgaewrFuM+hmL6THjIKn8xXY5YhGgE9wHdaC9q+jV9AofsY7uxychYZkiD+qMtBK8mr/Q22P/dipUBCrTydalSnn2OGGgsQzyEkY=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=jvdsn.com; spf=pass smtp.mailfrom=jvdsn.com; dkim=pass (2048-bit key) header.d=jvdsn.com header.i=@jvdsn.com header.b=xuz3s0CY; arc=none smtp.client-ip=129.153.194.31
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=jvdsn.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=jvdsn.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=jvdsn.com; s=mail;
	t=1714531966; bh=bDo4oRYbf4croWUFPynRoDuzCOPy3dg5iCM6HULHCvQ=;
	h=Date:From:Subject:To:Cc:References:In-Reply-To;
	b=xuz3s0CYI/nZ5qALiN6WqISD/SBQQRMeEW4syYI5GvZJCaWfTismLD2F8uAs0Ammu
	 MGmEcOvWLUWaNvpOsVUihlbWqSz2OvH8Ytc0bUsiOCLXpO98vFLwZi8hmMHaa422wz
	 FpWMIsqdudq8OwM+46laiM4NcgrSHgT/mgVo2LatoxsfypDsczY5Jy4TO4lvgKw6UT
	 GJCccSlCSz0exeIW0CsuqWVpXogB54PqdiFQeOoNKc689Ftd3oVNmus3m56txI7wmR
	 C08H4tiJjfub0T738tDyJJqs3zV/pRWOFJ14skq1uIixn5zoB8K8Z1z/TPponR126h
	 3AtfjydsmfnOQ==
Message-ID: <b2787b62-fd1e-4815-a1c1-6b2d567ab977@jvdsn.com>
Date: Tue, 30 Apr 2024 21:52:44 -0500
Precedence: bulk
X-Mailing-List: linux-crypto@vger.kernel.org
List-Id: <linux-crypto.vger.kernel.org>
List-Subscribe: <mailto:linux-crypto+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-crypto+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
From: Joachim Vandersmissen <git@jvdsn.com>
Subject: Re: [PATCH v2 1/2] certs: Move RSA self-test data to separate file
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: linux-crypto@vger.kernel.org, David Howells <dhowells@redhat.com>,
 Simo Sorce <simo@redhat.com>, Stephan Mueller <smueller@chronox.de>
References: <20240420054243.176901-1-git@jvdsn.com>
 <Zinnl2Y11i0GHLEO@gondor.apana.org.au>
Content-Language: en-US
In-Reply-To: <Zinnl2Y11i0GHLEO@gondor.apana.org.au>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

Hi Herbert,

On 4/25/24 12:18 AM, Herbert Xu wrote:
> On Sat, Apr 20, 2024 at 12:42:42AM -0500, Joachim Vandersmissen wrote:
>> Herbert, please let me know if this is what you had in mind. Thanks.
> Thanks, it's pretty much what I had in mind.
>   
>> diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile
>> index 1a273d6df3eb..4db6968132e9 100644
>> --- a/crypto/asymmetric_keys/Makefile
>> +++ b/crypto/asymmetric_keys/Makefile
>> @@ -24,6 +24,7 @@ x509_key_parser-y := \
>>   	x509_public_key.o
>>   obj-$(CONFIG_FIPS_SIGNATURE_SELFTEST) += x509_selftest.o
>>   x509_selftest-y += selftest.o
>> +x509_selftest-$(CONFIG_CRYPTO_RSA) += selftest_rsa.o
> This doesn't work if RSA is a module.  So you need to play a bit
> more of a game with Kconfig to get it to work.  Perhaps define
> an extra Kconfig option for it:
>
> config FIPS_SIGNATURE_SELFTEST_RSA
> 	def_bool (FIPS_SIGNATURE_SELFTEST=m && CRYPTO_RSA!=n) || CRYPTO_RSA=y
>
> and then
>
> x509_selftest-$(CONFIG_FIPS_SIGNATURE_SELFTEST_RSA) += selftest_rsa.o

After thinking about it for a while, I understand what you mean now. The 
current behavior of the patch seems to be that, if 
FIPS_SIGNATURE_SELFTEST=y but CRYPTO_RSA=m, the RSA signature self-test 
will not be executed. I believe your suggestion would explicitly encode 
that behavior in the Kconfig?

The most correct solution in that case would probably be executing the 
PKCS#7 self-test when the RSA module is loaded, but I don't think that's 
feasible in the current architecture.

Another option would be to simply add CRYPTO_RSA and CRYPTO_ECDSA as 
explicit dependencies to FIPS_SIGNATURE_SELFTEST, as Eric Biggers 
proposed. Perhaps nowadays everyone includes ECDSA already.

I'm currently leaning towards adding FIPS_SIGNATURE_SELFTEST_RSA (and 
similarly FIPS_SIGNATURE_SELFTEST_ECDSA) as user-facing configuration 
options that depend on CRYPTO_RSA (and CRYPTO_ECDSA) and 
FIPS_SIGNATURE_SELFTEST. Then, it is up to the user to select the 
correct self-tests they need. It would still allow the user to create 
the same configuration "error" where FIPS_SIGNATURE_SELFTEST=y and 
FIPS_SIGNATURE_SELFTEST_RSA=m, but I think that users which care about 
FIPS_SIGNATURE_SELFTEST are doing it in the first place for FIPS 
compliance reasons. In that case, a FIPS laboratory should review the 
configuration to verify that the correct self-tests are executed at the 
correct time.

>
> Thanks,