Received: by 2002:ab2:7855:0:b0:1f9:5764:f03e with SMTP id m21csp1016724lqp; Thu, 23 May 2024 06:58:17 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX0VgMEMBJvE36OLv22cxOoBgbZDox6oQsIagOtXc1EYPsK5Yr0GymgLhgqWXLwz63ideH+xRi/xB1TUPRJQz5oyqSYTMdQiaVWI3/P1w== X-Google-Smtp-Source: AGHT+IGiMfoHIu4ucscPsgu8KCwRjR53E6VOCAQtyq6qQth4dLfD+01FvWOwwkR/VDBiMaYaNXZy X-Received: by 2002:a50:930e:0:b0:573:5c17:f6f2 with SMTP id 4fb4d7f45d1cf-57832a2d13bmr3346542a12.24.1716472697677; Thu, 23 May 2024 06:58:17 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716472697; cv=pass; d=google.com; s=arc-20160816; b=X1bp8ifTaQa9g3fm33OCHjPddmmRyPU5vjS9J+7/mqDe7KVmX8suZbiLvUJsR+2wEY fON8ZdTYtKBvHWwxS2Qfj9Kl1Tdipkh1ZecljEw1GNJJRupjGogP43TqcfQssoC+VPZL oKWdA4tYlks0TYEV1mO9JxpErT/WB8ZqgjqYv0H7bmXjLqCxq4eR9BhGLbcl0GxiIVnC rmyRm7cxZKfXvIWP6YU1aFadNzoUWvkjuDgriEAEn+dnvFl5i9i5/x1cXhQUcs6RVILq kggKF4yzt66NbtPRU7l2zEuPIEawfv1E7FUamDq6eZy5GU5DvUcnnSXdNN6/nTxjEefU cmJg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=nKDdX2N2nfBtzZ8hfW/1QJQsROIspFfIMBeR33RJIiU=; fh=MrvgMkmAEYcpvvUz8YyvbTOGjZaTdEni3DXqKQdEnnM=; b=Ej42bkuoQ5RbBw7hXyVeP59t8hhuEl0sIb/I2fFOWmhrw2Dh/Hcr/yjLArE1YaxKcu To49jAPqOkA5zXM0iFS2SLVmNXaATznei6nTuQk6E0Izj5kkhSnh+Ajz9Gv8KEQ7+3Uj KT9iREnKlWYHevb7L6+4kP7JYQb9Ve1AP9aGEtOi7AIWFuXgO2v5CxVpyTd3XOlA1z5N qqvVJX9GxDh4Nr0aFxAfodbFC4/KeiC08FseRz6ALVNTs+LXAQiZCJ0zsKkR7cQg7AbK 9Z6uY05ayphLv4Zl0E2Sk+7RVt6l4AdjYAa12gr+hgBLclCyxFmxE/RwApJ01M5tVQ35 fRvQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=O1LB9ruq; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4355-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4355-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id 4fb4d7f45d1cf-574f7c0bac1si9583126a12.69.2024.05.23.06.58.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 May 2024 06:58:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-4355-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=O1LB9ruq; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4355-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4355-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 5EB501F21601 for ; Thu, 23 May 2024 13:58:17 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BCAA214B958; Thu, 23 May 2024 13:57:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="O1LB9ruq" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6E22F14AD17; Thu, 23 May 2024 13:57:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716472679; cv=none; b=dm5wwYbOH8HkRZRVpNscxb+N5aJQ/4NktCYzd5XzM7eEkGlP5PBaHZrDKEW5VaTlfoqrDd2lBUQnmLF0kA1LoBxD29+nky6vd5FGCdfz/5+Y0uElQXPKe5OwZyZ5P7TRBLkBvvgoFpdIONWsmTUJWoOE8QbNwQ+FdLDzdWkT390= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716472679; c=relaxed/simple; bh=wUzOBAOX+9O+l9O6ECannahrBqHm9nXvPZwXexU/1AE=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=Xjj1GqAG/lfCTiFWr20sGouINsaaOvoE8tX4Y7WD2vEoSjuQRuFQgli8tUjeCL6ZS7Jc1GuJ2parYAfiLl8A5NkyJDbRDCWPcU3bCrnwjZ3psu5yi8P9H1mGEkwGPw0gFX3ad111whwkzd7MpF5vViS6oZQ1tg5bGqnOHxuVCm4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=O1LB9ruq; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 86E18C32781; Thu, 23 May 2024 13:57:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1716472679; bh=wUzOBAOX+9O+l9O6ECannahrBqHm9nXvPZwXexU/1AE=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=O1LB9ruq/QZVg14GfunSnd5B0E1BwJgP4+vyJ+R6abbihZ4k2k6tH99mK7SyIwGt5 5xLQKOSGElfnipOXvnECikXkZbUAL6+QqLibO6TkQXqsDp/if1Pyb+cZxI9PF6thg6 RV1/TYY++ZdcnwTrtIAluoXcNmTdwS1/J2KmJ0GHgQXVFM3oBERKMaaVc7j370thpU mrE4IC3qzqyPy1MMMrLLKWbPdoThXptyeYLoLe2tLIYpP0IYraTXnLX97oukMV78Y0 cI/VqDg7hNI4w8L69ExG+XWP2UKUb7SFklnlItqeyEPqAIkKRrmaxmemEhB3Mn1fsC 244h2b53fJiYQ== Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Thu, 23 May 2024 16:57:53 +0300 Message-Id: Cc: , , "David Woodhouse" , "Eric Biggers" , "James Bottomley" , "Herbert Xu" , "David S. Miller" , "Andrew Morton" , "Mimi Zohar" , "David Howells" , "Paul Moore" , "James Morris" , "Serge E. Hallyn" , "open list:CRYPTO API" , "open list" , "open list:SECURITY SUBSYSTEM" Subject: Re: [PATCH v2] KEYS: trusted: Use ASN.1 encoded OID From: "Jarkko Sakkinen" To: "Ben Boeckel" X-Mailer: aerc 0.17.0 References: <20240523132341.32092-1-jarkko@kernel.org> In-Reply-To: On Thu May 23, 2024 at 4:41 PM EEST, Ben Boeckel wrote: > On Thu, May 23, 2024 at 16:23:37 +0300, Jarkko Sakkinen wrote: > > There's no reason to encode OID_TPMSealedData at run-time, as it never > > changes. > >=20 > > Replace it with the encoded version, which has exactly the same size: > >=20 > > 67 81 05 0A 01 05 > > Is it the same size? It looks considerably smaller to me (6*4 bytes > versus 8 bytes). Not in that sense but in practice the old array stored byte values. Forgot for that reason that it was actually u32 array. I can change it to "same number of elements". > > > Include OBJECT IDENTIFIER (0x06) tag and length as the epilogue so that > > the OID can be simply copied to the blob. > > An "epilogue" occurs at the end, but it seems to be at the beginning > here (that would be a "prologue"). Yup, typo. > > -static u32 tpm2key_oid[] =3D { 2, 23, 133, 10, 1, 5 }; > > +/* Encoded OID_TPMSealedData. */ > > +static u8 OID_TPMSealedData_ASN1[] =3D {0x06, 0x06, 0x67, 0x81, 0x05, = 0x0a, 0x01, 0x05}; > > I'd say that a comment of what it encodes would be good to have for > context, but the source tree has `OID_TPMSealedData` in a header with > the value in a comment there, so that seems good enough to me. OK. I named it this way to promote generation these from CSV file=20 (see my other response to James). > > > as it never changes. > > Should it, perhaps be `const` too? Yup. > > --Ben Thanks for the remarks! BR, Jarkko