On Tue May 21, 2024 at 8:36 AM EEST, Bharat Bhushan wrote:
> > - data_len -= 2;
> > + (*data++) = _tag(UNIV, PRIM, INT);
>
> Just for my clarification:
> First index of "data" is updated here with tag and data pointer
> incremented.
> Next comment for continuation
>
> > + data_l
> -Original Message-
> From: Jarkko Sakkinen
> Sent: Tuesday, May 21, 2024 8:47 AM
> To: Herbert Xu
> Cc: linux-integr...@vger.kernel.org; keyri...@vger.kernel.org;
> andreas.fu...@infineon.com; James Prestwood ;
> David Woodhouse ; Eric Biggers
> ; James Bottomley
> ; Jarkko Sakkinen
> -Original Message-
> From: Jarkko Sakkinen
> Sent: Tuesday, May 21, 2024 8:46 AM
> To: Herbert Xu
> Cc: linux-integr...@vger.kernel.org; keyri...@vger.kernel.org;
> andreas.fu...@infineon.com; James Prestwood ;
> David Woodhouse ; Eric Biggers
> ; James Bottomley
> ; Jarkko Sakkinen
> ;
From: James Prestwood
Based on earlier work by James Prestwood.
Add ASN.1 compatible asymmetric TPM2 RSA key subtype:
1. Signing and decryption (with the private key) is handled by
TPM2_RSA_Decrypt.
2. Encryption (with the public key) is handled by the kernel RSA
implementation.
Link: ht
Extend parser to TPM_LoadableKey. Add field for oid to struct tpm2_key
so that callers can differentiate different key types.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm2_key.c | 14 +++---
include/crypto/tpm2_key.h | 2 ++
security/keys/trusted
Move tpm2_key_decode() to the TPM driver and export the symbols to make
them callable from trusted keys. It can re-used for asymmetric keys.
Signed-off-by: Jarkko Sakkinen
---
v2:
Do not allocate blob twice. Use the one inside struct tpm2_key.
---
drivers/char/tpm/Kconfig |
Export tpm2_load_context() so that the null key can be loaded as the
parent of a asymmetric TPM2 key.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm.h| 2 -
drivers/char/tpm/tpm2-cmd.c | 77 +++
drivers/char/tpm/tpm2-space.c | 61 --
Expand asn1_encode_integer() to variable size integers, meaning that it
will get a blob in big-endian format as integer and length of the blob as
parameters. This is required in order to encode RSA public key modulus.
Signed-off-by: Jarkko Sakkinen
---
include/linux/asn1_encoder.h |
ASN.1 template is required for TPM2 asymmetric keys, as it needs to be
piggy-packed with the input data before applying TPM2_RSA_Decrypt. This
patch prepares crypto subsystem for the addition of those keys.
Signed-off-by: Jarkko Sakkinen
---
crypto/rsa-pkcs1pad.c | 16 ++--
i
## Overview
Introduce tpm2_key_rsa module, which implements asymmetric TPM2 RSA key.
The feature can be enabled with the CONFIG_ASYMMETRIC_TPM2_KEY_RSA_SUBTYPE
kconfig option.
The idea in the design is to over time to have submodule per key type
For instance, tpm2_key_ecdsa could be one potentia
On Mon, May 20, 2024 at 11:49:56AM -0400, NĂcolas F. R. A. Prado wrote:
>
> Unfortunately this patch didn't work either. The warning is still there
> unchanged.
OK perhaps we can do it by calling current_is_async ourselves.
But this is really a nasty hack because it basically defeats
the whole poi
On Mon May 20, 2024 at 11:36 PM EEST, Jarkko Sakkinen wrote:
> On Mon May 20, 2024 at 9:47 PM EEST, Jarkko Sakkinen wrote:
> > ## Overview
> >
> > Introduce tpm2_key_rsa implementing asymmetric TPM RSA key. This key type
> > can be enabled with CONFIG_ASYMMETRIC_TPM2_KEY_RSA_SUBTYPE config option.
On Mon May 20, 2024 at 9:47 PM EEST, Jarkko Sakkinen wrote:
> ## Overview
>
> Introduce tpm2_key_rsa implementing asymmetric TPM RSA key. This key type
> can be enabled with CONFIG_ASYMMETRIC_TPM2_KEY_RSA_SUBTYPE config option.
> Carves groundwork for similar modules in future, such as tpm2_key_ecd
From: James Prestwood
Based on earlier work by James Prestwood.
Add ASN.1 compatible asymmetric TPM2 RSA key subtype:
1. Signing and decryption (with the private key) is handled by
TPM2_RSA_Decrypt.
2. Encryption (with the public key) is handled by the kernel RSA
implementation.
Link: ht
Extend parser to TPM_LoadableKey. Add field for oid to struct tpm2_key
so that callers can differentiate different key types.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm2_key.c | 14 +++---
include/crypto/tpm2_key.h | 2 ++
security/keys/trusted
Move tpm2_key_decode() to the TPM driver and export the symbols to make
them callable from trusted keys. It can re-used for asymmetric keys.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/Kconfig | 1 +
drivers/char/tpm/Makefile | 5 +
drivers/ch
Export tpm2_load_context() so that the null key can be loaded as the
parent of a asymmetric TPM2 key.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm.h| 2 -
drivers/char/tpm/tpm2-cmd.c | 77 +++
drivers/char/tpm/tpm2-space.c | 61 --
Expand asn1_encode_integer() to variable size integers, meaning that it
will get a blob in big-endian format as integer and length of the blob as
parameters. This is required in order to encode RSA public key modulus.
Signed-off-by: Jarkko Sakkinen
---
include/linux/asn1_encoder.h |
ASN.1 template is required for TPM2 asymmetric keys, as it needs to be
piggy-packed with the input data before applying TPM2_RSA_Decrypt. This
patch prepares crypto subsystem for the addition of those keys.
Signed-off-by: Jarkko Sakkinen
---
crypto/rsa-pkcs1pad.c | 16 ++--
i
## Overview
Introduce tpm2_key_rsa implementing asymmetric TPM RSA key. This key type
can be enabled with CONFIG_ASYMMETRIC_TPM2_KEY_RSA_SUBTYPE config option.
Carves groundwork for similar modules in future, such as tpm2_key_ecdsa.
## Testing
tpm2_createprimary --hierarchy o -G rsa2048 -c owner
On Sat, May 18, 2024 at 03:03:51PM +0800, Herbert Xu wrote:
> On Fri, May 17, 2024 at 09:31:15PM -0700, Eric Biggers wrote:
> >
> > This is "normal" behavior when the crypto API instantiates a template:
> >
> > 1. drbg.c asks for "hmac(sha512)"
> >
> > 2. The crypto API looks for a direct
21 matches
Mail list logo
