Re: [PATCH v6 1/6] tpm: Open code tpm_buf_parameters()

On Tue May 28, 2024 at 6:51 AM EEST, Jarkko Sakkinen wrote: > With only single call site, this makes zero sense (slipped out of the > radar during the review). Open code and document the action directly > to the site, to make it more readable. > > Fixes: 1b6d7f9eb150 ("tpm: add session encryption p

[PATCH v6 6/6] keys: asymmetric: Add tpm2_key_ecdsa

* Asymmetric TPM2 ECDSA key with signing and verification. * Enabled with CONFIG_ASYMMETRIC_TPM2_KEY_ECDSA_SUBTYPE. Cc: Stefan Berger Signed-off-by: Jarkko Sakkinen --- v6: * Very first version. * Stefan: any idea why the signature give -EKEYREJECTED? --- crypto/asymmetric_keys/Kconfig

[PATCH v6 5/6] keys: asymmetric: Add tpm2_key_rsa

* Asymmetric TPM2 RSA key with signing and verification. * Encryption and decryption when pcks1 encoding is used. * Enabled with CONFIG_ASYMMETRIC_TPM2_KEY_ECDSA_SUBTYPE. Signed-off-by: James Prestwood Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- v6: * Validate RSA parame

[PATCH v6 4/6] crypto: tpm2_key: Introduce a TPM2 key type

TPM2 ASN.1 format is required for trusted keys and asymmetric keys. Move it to crypto in order to make it available for both. Implement validation with coverage of all TPMT_PUBLIC shared fields. Key type specific fields must be covered by the different subsystems using this. A Kconfig option CRYPT

[PATCH v6 3/6] KEYS: trusted: Change -EINVAL to -E2BIG

Report -E2BIG instead of -EINVAL when too large size for the key blob is requested. Signed-off-by: Jarkko Sakkinen --- security/keys/trusted-keys/trusted_tpm2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-

[PATCH v6 2/6] crypto: rsa-pkcs1pad: export rsa1_asn_lookup()

ASN.1 template is required for TPM2 asymmetric keys, as it needs to be piggy-packed with the input data before applying TPM2_RSA_Decrypt. This patch prepares crypto subsystem for the addition of those keys. Signed-off-by: Jarkko Sakkinen --- crypto/rsa-pkcs1pad.c | 16 ++-- i

[PATCH v6 1/6] tpm: Open code tpm_buf_parameters()

With only single call site, this makes zero sense (slipped out of the radar during the review). Open code and document the action directly to the site, to make it more readable. Fixes: 1b6d7f9eb150 ("tpm: add session encryption protection to tpm2_get_random()") Signed-off-by: Jarkko Sakkinen ---

[PATCH v6 0/6] KEYS: asymmetric: tpm2_key_{rsa,ecdsa}

Testing === RSA --- tpm2_createprimary --hierarchy o -G rsa2048 -c owner.txt tpm2_evictcontrol -c owner.txt 0x8101 tpm2_getcap handles-persistent openssl genrsa -out private.pem 2048 tpm2_import -C 0x8101 -G rsa -i private.pem -u key.pub -r key.priv tpm2_encodeobject -C 0x8101 -u