diff options
| author |  Joachim Vandersmissen <git@jvdsn.com>
| 2024-05-12 23:55:07 -0500 |
|---|---|---|
| committer |  Jarkko Sakkinen <jarkko@kernel.org>
| 2024-05-14 05:01:04 +0300 |
| commit | 747ae81883d21595b162cc40523a982024700fed (patch) | |
| tree | 604e3d1bd1c144b6bfc1f23e6bfed476f914c4ac /crypto/asymmetric_keys/selftest.c | |
| parent | certs: Move RSA self-test data to separate file (diff) | |
| download | linux-747ae81883d21595b162cc40523a982024700fed.tar.gz linux-747ae81883d21595b162cc40523a982024700fed.tar.bz2 linux-747ae81883d21595b162cc40523a982024700fed.zip | |
certs: Add ECDSA signature verification self-test
Commit c27b2d2012e1 ("crypto: testmgr - allow ecdsa-nist-p256 and -p384
in FIPS mode") enabled support for ECDSA in crypto/testmgr.c. The
PKCS#7 signature verification API builds upon the KCAPI primitives to
perform its high-level operations. Therefore, this change in testmgr.c
also allows ECDSA to be used by the PKCS#7 signature verification API
(in FIPS mode).
However, from a FIPS perspective, the PKCS#7 signature verification API
is a distinct "service" from the KCAPI primitives. This is because the
PKCS#7 API performs a "full" signature verification, which consists of
both hashing the data to be verified, and the public key operation.
On the other hand, the KCAPI primitive does not perform this hashing
step - it accepts pre-hashed data from the caller and only performs the
public key operation.
For this reason, the ECDSA self-tests in crypto/testmgr.c are not
sufficient to cover ECDSA signature verification offered by the PKCS#7
API. This is reflected by the self-test already present in this file
for RSA PKCS#1 v1.5 signature verification.
The solution is simply to add a second self-test here for ECDSA. P-256
with SHA-256 hashing was chosen as those parameters should remain
FIPS-approved for the foreseeable future, while keeping the performance
impact to a minimum. The ECDSA certificate and PKCS#7 signed data was
generated using OpenSSL. The input data is identical to the input data
for the existing RSA self-test.
Signed-off-by: Joachim Vandersmissen <git@jvdsn.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Diffstat (limited to 'crypto/asymmetric_keys/selftest.c')
| -rw-r--r-- | crypto/asymmetric_keys/selftest.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/selftest.c b/crypto/asymmetric_keys/selftest.c index ec289d2d065c..98dc5cdfdebe 100644 --- a/crypto/asymmetric_keys/selftest.c +++ b/crypto/asymmetric_keys/selftest.c @@ -61,6 +61,7 @@ void fips_signature_selftest(const char *name, static int __init fips_signature_selftest_init(void) { fips_signature_selftest_rsa(); + fips_signature_selftest_ecdsa(); return 0; } |