Am Dienstag, 16. Juni 2020, 05:56:04 CEST schrieb Anshuman Gupta: Hi Anshuman, > On 2020-06-15 at 21:25:58 +0200, Stephan Mueller wrote: > > Am Montag, 15. Juni 2020, 19:04:14 CEST schrieb Anshuman Gupta: > > > > Hi Anshuman, > > > > > Hi , > > > I wanted to verify a RSA SHA-384 signature. > > > I am using crypto_alloc_shash(), crypto_shash_digest() API to extract > > > the SHA-384 digest. > > > I am having public key along with the sha-384 digest extracted from raw > > > data and signature. AFAIU understand from crypto documentation that i > > > need to verify the signature by importing public key to > > > akcipher/skcipher API. Here i am not sure which cipher API to prefer > > > symmetric key cipher or asymmetric key cipher API. > > > > > > There are two types of API to import the key. > > > crypto_skcipher_setkey() > > > crypto_akcipher_set_pub_key() > > > > > > Also i am not sure exactly which algo to use for RSA-SHA384 signature > > > verification. > > > > > > Any help or inputs from crypto community will highly appreciated. > > > > akcipher: asymmetric key crypto > > > > skcipher: symmetric key crypto > > Many thanks for your input, based upon your inputs i should use > akcipher. > Actually tried to grep crypto_akcipher_set_pub_key() but there are not any > usages of this API in Linux drivers. > What is the preferred method to verify a RSA signature inside any Linux > GPL driver, is there any standard interface API to verify RSA signature > by importing input of raw data and public key or else > it is recommended method to use below set low level of API > crypto_alloc_akcipher(), akcipher_request_alloc(), > akcipher_request_set_crypt(), crypto_akcipher_verify(). You can use that API directly or you can go through the intermediary of the crypto/asymmetric_keys API. One use case is the kernel signature verification as implemented in kernel/module_signing.c > Thanks, > Anshuman. > > > > Thanks , > > > Anshuman Gupta. > > > > Ciao > > Stephan Ciao Stephan
