Received: by 2002:a89:d88:0:b0:1fa:5c73:8e2d with SMTP id eb8csp36001lqb; Thu, 23 May 2024 10:03:51 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX3Bb9TOWaakN/hgqmv1kttXWR+FdNgZzY/+fUTFlE/ocC1I7PmJb8KTAH0csMeLCYTOLeWWVEgGxP0AWcjjO+/5+1RraVugB0ZNEebOw== X-Google-Smtp-Source: AGHT+IHJM+6t54YKzTaWTAT9GHIkkWKlVO8tbOWC5w2KGzLs8e5zjeqQv1/HLn38eu3lPCcNG+X0 X-Received: by 2002:a05:6a00:23d1:b0:6ed:2f53:8059 with SMTP id d2e1a72fcca58-6f6d61bc0b5mr5947322b3a.34.1716483831051; Thu, 23 May 2024 10:03:51 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716483831; cv=pass; d=google.com; s=arc-20160816; b=bOx5XryD1KDKOy8IaJuJ0zhZaKMtUtzgYG5YpsadW/lXaQxWbs4ZFhJD4NWQeFSivg Z5LqbTsX/5NfcRE8M97EhLG/9c/kiAcLP7L+caHJ/R4gwVbRQdL4hSlSbEiRuBOvyY3s qswV1GlwSkP5RIyZFTjJgZsG6tWVVWLVu4Xm7KaEtwzsmaiCZFR8JOfccKA5NbZYHVjb dPHuTuVyF+vKeUUZ/RReV/AarlBCAAcKitsdQb6wIR1TQYoNeOYExeW/7yIBwkdC7qh9 aXUORgu4+1PFIlqpn/1bhFxoCQFZk2r5UJls5vEXrDaQIT5+8ykUS+6f6dyIir1YTjUm jdWQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:subject:cc:to:from:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=EbWgr7HxZP2bDQavS2y+V4wD4Y7q4AWJM84YKjCE4BI=; fh=EUQpnuhjWv26GkhN7EQTzwo/qEwCAYoT9Gy59z9Qgng=; b=Fhpc1TOe6Pxt4JoRYhydI3OtNLWTm5t8WoB5fmluJS4YUPCiG+qlaDAeYTeL6VYVAO 450SHcxDCpuNRy+4FDajD8fhAZylPENvtcn9r+D4W70PtNdgNJ/kL90lhzeiHtPLZxEL Kb72AW+V4rSOspwBBtegiGrehH6M93zd6CGLszRDiCxBq+Gni6O+umpv+wXI0QwVq31J skmYHZw3uj/JypEGk+8s91rd90fxgcWJaxc9/gPsg1yK0ZaSTU4z2nyX54kuxHRqvlKN /1TXo/VHcX5RJktSQQSINVbVFAr9+s08aNzePbNTtY8HT3JIGm3pu0ZGLToZQt9khBvC BDbw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="fnFeYTQ/"; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4368-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4368-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id d2e1a72fcca58-6f4d2a728easi8385181b3a.14.2024.05.23.10.03.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 May 2024 10:03:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto+bounces-4368-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="fnFeYTQ/"; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-crypto+bounces-4368-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-crypto+bounces-4368-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 1537DB217E4 for ; Thu, 23 May 2024 17:03:17 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 20EA36EB56; Thu, 23 May 2024 17:03:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="fnFeYTQ/" X-Original-To: linux-crypto@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C25B0AD2C; Thu, 23 May 2024 17:03:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716483789; cv=none; b=KRLS3LXHcqJvOD6d4merDUsxqHq3BAKS+PyHHNj6R+rV4O1W2TmbePGfXW+qR+tUUrOx0zvB5CZPVdG5L2ofSKp2jrFvJlVOpuqLQ8AeucZeemev8oa0GJFgQwWogCvPy+N6lkcolRJTlnYy3UEcZkCiOCS0Eys2VBVU0u8EBT0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716483789; c=relaxed/simple; bh=TPIiHymDivYK+505g1ZXFIowtVhYD5MQi73bkIsZX80=; h=Mime-Version:Content-Type:Date:Message-Id:From:To:Cc:Subject: References:In-Reply-To; b=r+8mrxnIwtaU7ZI682KYggVCVMaFgEYZydGFZfAWeVTFyHkCEX6pgY96e3WiDPgBCVGEjpQHmOipY7UVasVKH6zANAOTrXdVAORMt8UfEU5cgwDzwsRdaeMhVyG7EwmNMLtg/LsiEQWMafRtFIw+6/cVVXBCnHF+Yn120dUMnvs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=fnFeYTQ/; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id D6B94C2BD10; Thu, 23 May 2024 17:03:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1716483789; bh=TPIiHymDivYK+505g1ZXFIowtVhYD5MQi73bkIsZX80=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=fnFeYTQ/wYo2O8RrJilNL/Z9eWolf9sV07k6ANJAi+PFOxO0i3b8e9EG9s6oKCAg2 WuTNsAuaeoB3RcJhw3ESriM3iV+vOxpTL7kCKx+c9KX9ssz3JK/qL2sej0gXOropl+ UIWKwj7HT/YVqWtGCxljuC/5kaTZVsWakYdQul6UDHNtWs0Jjd3zD8ukim2879LKka pdJgrRHZ9+gMLgpQB4EOwIAdC0ijjOnXnRiiYhFj+j3XcMuw2mjEEagGSowA+5SFiR egQ4s6voaIRWyCnb+kR/ZrhXNVvcu36f72fy5PJbcGW7hKceSAFAGpHpjOikmcY/3W azOjBtNo0Zcag== Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Thu, 23 May 2024 20:03:03 +0300 Message-Id: From: "Jarkko Sakkinen" To: "Jarkko Sakkinen" , "James Bottomley" , Cc: , "David Woodhouse" , "Eric Biggers" , "Herbert Xu" , "David S. Miller" , "Andrew Morton" , "Mimi Zohar" , "David Howells" , "Paul Moore" , "James Morris" , "Serge E. Hallyn" , "open list:CRYPTO API" , "open list" , "open list:SECURITY SUBSYSTEM" , "Alex Gaynor" Subject: Re: [PATCH RESEND] KEYS: trusted: Use ASN.1 encoded OID X-Mailer: aerc 0.17.0 References: <20240523131931.22350-1-jarkko@kernel.org> <9c96f39ed2161dd7f0c3a7964cba2de3169fae3b.camel@HansenPartnership.com> <9dfeb6e3d568452ab1227484405b1fc221bd25c1.camel@HansenPartnership.com> <4d33654876b91a954e581727b6eb2c5e94128cb1.camel@HansenPartnership.com> In-Reply-To: On Thu May 23, 2024 at 6:55 PM EEST, Jarkko Sakkinen wrote: > I was already considering do we need the encoder at all but I think > for dynamic assets like octect strings and variable size integers > it has its place. Obviously is not very mature at this point. Also, I've been opening up discussion of opt-in and *experimental* ASN1_RUST feature. I think it is inevident that it needs to be done at some point because for ASN.1 like format this would have benefits, and also given that it used to process security sensitive data. So metrics for this would something along the lines: - Depending on ASN1_RUST setting, the C API's would be implemented either C or Rust. - OID database could be shared from C-side to Rust simply with bindgen. - C API should be streamline and matured a bit to cover mostly dynamic assets (integers, octect strings and such). Since the number of call sites is small improving should be easy. - After tpm2_key_rsa is landed as it is now as per how buffer processing goes it can be brought to use encoder. - I'd consider have just a single ASN1 flag instead of a separate ASN1_ENCODER flag. It simplifies thing and is not significant cost for vmlinux size so not worth it IMHO. As for sending patches for e.g. improving OID database, I'd like to land the current tpm2_key_rsa first because then in possible OID series that can be also applied to it (and encoder). It does stuff that affects all this work. And as said we need also tpm2_key_ecdsa. Right, there's also https://datatracker.ietf.org/doc/draft-woodhouse-cert-best-practice/ I checked from David that this TPM2 asymmetric key work is relevant for this spec although I readily know some applications for it, and=20 he acknowledged that. I should probably link that to the next version. Asymmetric keys essentially make TPM2 a peer in x.509 ecosystem, which has bunch of especially enterprise and data center type of use cases. I guess this summarizes the big picture. I've been messing around mailing lists and developed these thoughts but this along the lines how I see big picture, including integration to the Rust ecosystem (in non-intrusive way). But yeah, tpm2_key_rsa needs to be the first step. I don't have an employer for kernel development at the moment (probably at some point I do, my contract researcher sabbatical ends at end of Sep) no money to come to the plumbers to discuss about all this at the boot-time security mc so I need to spam my input for that I guess ;-) BR, Jarkko