On Tue Apr 23, 2024 at 7:02 AM EEST, Joachim Vandersmissen wrote: > Hi Eric, > > On 4/22/24 4:10 PM, Eric Biggers wrote: > > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > > > Since the signature self-test uses RSA and SHA-256, it must only be > > enabled when those algorithms are enabled. Otherwise it fails and > > panics the kernel on boot-up. > > I actually submitted two related patch recently which change the > structure of the PKCS#7 self-tests and add an ECDSA self-test. See > "[PATCH v2 1/2] certs: Move RSA self-test data to separate file" and > "[PATCH v2 2/2] certs: Add ECDSA signature verification self-test" on > 2024-04-20. The explicit dependency on CRYPTO_RSA shouldn't be necessary > with those patches (I think). > > However, I didn't consider CRYPTO_SHA256 there. I think it can remain > since both the RSA and proposed ECDSA self-tests use SHA-256. Their how in my master branch, I'll mirror them to linux-next in day or two. BR, Jarkko
