On Fri Jun 7, 2024 at 1:58 PM EEST, Herbert Xu wrote: > On Wed, May 29, 2024 at 12:08:09AM +0300, Jarkko Sakkinen wrote: > > > > +/* > > + * Sign operation is an encryption using the TPM's private key. With RSA the > > + * only difference between encryption and decryption is where the padding goes. > > + * Since own padding can be used, TPM2_RSA_Decrypt can be repurposed to do > > + * encryption. > > + */ > > +static int tpm2_key_rsa_sign(struct tpm_chip *chip, struct tpm2_key *key, > > + struct kernel_pkey_params *params, > > + const void *in, void *out) > > +{ > > + const off_t o = key->priv_len + 2 + sizeof(*key->desc); > > + const struct tpm2_rsa_parms *p = > > + (const struct tpm2_rsa_parms *)&key->data[o]; > > + const u16 mod_size = be16_to_cpu(p->modulus_size); > > + const struct rsa_asn1_template *asn1; > > + u32 in_len = params->in_len; > > + void *asn1_wrapped = NULL; > > + u8 *padded; > > + int ret; > > + > > + if (strcmp(params->encoding, "pkcs1") != 0) { > > + ret = -ENOPKG; > > + goto err; > > + } > > + > > + if (params->hash_algo) { > > + asn1 = rsa_lookup_asn1(params->hash_algo); > > Could you please explain why this can't be done through pkcs1pad > instead of going to raw RSA? Sorry was away couple of weeks from here. I replace this with TPM2_Sign as is done already in the ECDSA module, so I guess that is a "yes". BR, Jarkko