On Sat, May 11, 2024 at 01:23:54AM -0500, Joachim Vandersmissen wrote: > v4: FIPS_SIGNATURE_SELFTEST_ECDSA is no longer user-configurable and will > be set when the dependencies are fulfilled. > > ---8<--- > > Commit c27b2d2012e1 ("crypto: testmgr - allow ecdsa-nist-p256 and -p384 > in FIPS mode") enabled support for ECDSA in crypto/testmgr.c. The > PKCS#7 signature verification API builds upon the KCAPI primitives to > perform its high-level operations. Therefore, this change in testmgr.c > also allows ECDSA to be used by the PKCS#7 signature verification API > (in FIPS mode). > > However, from a FIPS perspective, the PKCS#7 signature verification API > is a distinct "service" from the KCAPI primitives. This is because the > PKCS#7 API performs a "full" signature verification, which consists of > both hashing the data to be verified, and the public key operation. > On the other hand, the KCAPI primitive does not perform this hashing > step - it accepts pre-hashed data from the caller and only performs the > public key operation. > > For this reason, the ECDSA self-tests in crypto/testmgr.c are not > sufficient to cover ECDSA signature verification offered by the PKCS#7 > API. This is reflected by the self-test already present in this file > for RSA PKCS#1 v1.5 signature verification. > > The solution is simply to add a second self-test here for ECDSA. P-256 > with SHA-256 hashing was chosen as those parameters should remain > FIPS-approved for the foreseeable future, while keeping the performance > impact to a minimum. The ECDSA certificate and PKCS#7 signed data was > generated using OpenSSL. The input data is identical to the input data > for the existing RSA self-test. > > Signed-off-by: Joachim Vandersmissen <git@xxxxxxxxx> > --- > crypto/asymmetric_keys/Kconfig | 7 ++ > crypto/asymmetric_keys/Makefile | 1 + > crypto/asymmetric_keys/selftest.c | 1 + > crypto/asymmetric_keys/selftest.h | 6 ++ > crypto/asymmetric_keys/selftest_ecdsa.c | 89 +++++++++++++++++++++++++ > 5 files changed, 104 insertions(+) > create mode 100644 crypto/asymmetric_keys/selftest_ecdsa.c Acked-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt