[PATCH v6 0/4] Add support for x509 certs with NIST p256 and p192 keys

This series of patches adds support for x509 certificates signed by a CA that uses NIST p256 or p192 keys for signing. It also adds support for certificates where the public key is a NIST p256 or p192 key. The math for ECDSA signature verification is also added. Since self-signed certificates are

[PATCH v6 3/4] x509: Add support for parsing x509 certs with ECDSA keys

This patch adds support for parsing of x509 certificates that contain ECDSA keys, such as NIST P256, that have been signed by a CA using any of the current SHA hash algorithms. Signed-off-by: Stefan Berger Cc: David Howells Cc: keyri...@vger.kernel.org --- crypto/asymmetric_keys/public_key.c

[PATCH v6 2/4] x509: Detect sm2 keys by their parameters OID

Detect whether a key is an sm2 type of key by its OID in the parameters array rather than assuming that everything under OID_id_ecPublicKey is sm2, which is not the case. Signed-off-by: Stefan Berger Cc: David Howells Cc: keyri...@vger.kernel.org --- crypto/asymmetric_keys/x509_cert_parser.c |

[PATCH v6 4/4] ima: Support EC keys for signature verification

Add support for IMA signature verification for EC keys. Since SHA type of hashes can be used by RSA and ECDSA signature schemes we need to look at the key and derive from the key which signature scheme to use. Since this can be applied to all types of keys, we change the selection of the encoding t

[PATCH v6 1/4] crypto: Add support for ECDSA signature verification

Add support for parsing the parameters of a NIST P256 or NIST P192 key. Enable signature verification using these keys. The new module is enabled with CONFIG_ECDSA: Elliptic Curve Digital Signature Algorithm (NIST P192, P256 etc.) is A NIST cryptographic standard algorithm. Only signature verif

RE: [EXT] Re: [PATCH] crypto: octeontx2 - Add dependency on NET_VENDOR_MARVELL

> Hi Srujana, > > On Fri, Jan 29, 2021 at 6:53 AM Herbert Xu > wrote: > > On Mon, Jan 25, 2021 at 09:41:12AM -0800, Randy Dunlap wrote: > > > on x86_64: > > > > > > ld: drivers/crypto/marvell/octeontx2/otx2_cptpf_main.o: in function > `cptpf_flr_wq_handler': > > > otx2_cptpf_main.c:(.text+0x2b):

Re: [PATCH v7 4/7] crypto: add ecc curve and expose them

在 2021/1/28 13:03, Herbert Xu 写道: On Fri, Jan 22, 2021 at 03:09:52PM +0800, Meng Yu wrote: 1. Add ecc curves(P224, P384, P521) for ECDH; OK I think this is getting unwieldy. In light of the fact that we already have hardware that supports a specific subset of curves, I think perhaps it wou

Re: [PATCH v6 1/4] crypto: Add support for ECDSA signature verification

在 2021/2/1 7:32, Stefan Berger 写道: +/** + * ecc_get_curve() - Get a curve given its curve_id + * + * @curve_id: Id of the curve + * + * Returns pointer to the curve data, NULL if curve is not available + */ +const struct ecc_curve *ecc_get_curve(unsigned int curve_id); + /** * ecc_is_ke