Re: [PATCH] docs: module-signing: adjust guide after sha1 and sha224 support is gone

T/#m81c32a65341a4de39596b72743ba38d46899016f But indeed, if that patch series doesn't make it into the cryptodev tree, then this documentation should go in, and the sha-3 one rebased / adjusted. Sorry for not patching documentation at the same time as the code changes that made document

[PATCH 5/6] crypto: enable automatic module signing with FIPS 202 SHA-3

Add Kconfig options to use SHA-3 for kernel module signing. 256 size for RSA only, and higher sizes for RSA and NIST P-384. Signed-off-by: Dimitri John Ledkov --- certs/Kconfig | 2 +- kernel/module/Kconfig | 15 +++ 2 files changed, 16 insertions(+), 1 deletion(-) diff

[PATCH] crypto: Limit MODULE_SIG_KEY_TYPE_ECDSA to SHA384 or SHA512

NIST FIPS 186-5 states that it is recommended that the security strength associated with the bit length of n and the security strength of the hash function be the same, or higher upon agreement. Given NIST P384 curve is used, force using either SHA384 or SHA512. Signed-off-by: Dimitri John Ledkov

[PATCH] module: Do not offer sha224 for built-in module signing

sha224 does not provide enough security against collision attacks relative to the default keys used for signing (RSA 4k & P-384). Also sha224 never became popular, as sha256 got widely adopter ahead of sha224 being introduced. Signed-off-by: Dimitri John Ledkov --- kernel/module/Kconfig

[PATCH] crypto: pkcs7: remove sha1 support

cryptographically secure. In the kernel there are filesystems, IMA, tpm/pcr that appear to be using sha1. Maybe they can all start to be slowly upgraded to something else i.e. blake3, ParallelHash, SHAKE256 as needed. Signed-off-by: Dimitri John Ledkov --- crypto/asymmetric_keys/mscode_parser.c