tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

pkcs7, x509: Add ML-DSA support

Add support for ML-DSA keys and signatures to the CMS/PKCS#7 and X.509
implementations. ML-DSA-44, -65 and -87 are all supported. For X.509
certificates, the TBSCertificate is required to be signed directly; for
CMS, direct signing of the data is preferred, though use of SHA512 (and
only that) as an intermediate hash of the content is permitted with
signedAttrs.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Lukas Wunner <lukas@wunner.de>
cc: Ignat Korchagin <ignat@cloudflare.com>
cc: Stephan Mueller <smueller@chronox.de>
cc: Eric Biggers <ebiggers@kernel.org>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: keyrings@vger.kernel.org
cc: linux-crypto@vger.kernel.org

David Howells 8bbdeb7a f3eccecd

+64 -2
+23 -1
crypto/asymmetric_keys/pkcs7_parser.c
··· 95 95 if (sinfo->authattrs) { 96 96 want = true; 97 97 msg->have_authattrs = true; 98 + } else if (sinfo->sig->algo_takes_data) { 99 + sinfo->sig->hash_algo = "none"; 98 100 } 99 101 100 - for (sinfo = sinfo->next; sinfo; sinfo = sinfo->next) 102 + for (sinfo = sinfo->next; sinfo; sinfo = sinfo->next) { 101 103 if (!!sinfo->authattrs != want) 102 104 goto inconsistent; 105 + 106 + if (!sinfo->authattrs && 107 + sinfo->sig->algo_takes_data) 108 + sinfo->sig->hash_algo = "none"; 109 + } 103 110 return 0; 104 111 105 112 inconsistent: ··· 303 296 case OID_gost2012PKey512: 304 297 ctx->sinfo->sig->pkey_algo = "ecrdsa"; 305 298 ctx->sinfo->sig->encoding = "raw"; 299 + break; 300 + case OID_id_ml_dsa_44: 301 + ctx->sinfo->sig->pkey_algo = "mldsa44"; 302 + ctx->sinfo->sig->encoding = "raw"; 303 + ctx->sinfo->sig->algo_takes_data = true; 304 + break; 305 + case OID_id_ml_dsa_65: 306 + ctx->sinfo->sig->pkey_algo = "mldsa65"; 307 + ctx->sinfo->sig->encoding = "raw"; 308 + ctx->sinfo->sig->algo_takes_data = true; 309 + break; 310 + case OID_id_ml_dsa_87: 311 + ctx->sinfo->sig->pkey_algo = "mldsa87"; 312 + ctx->sinfo->sig->encoding = "raw"; 313 + ctx->sinfo->sig->algo_takes_data = true; 306 314 break; 307 315 default: 308 316 printk("Unsupported pkey algo: %u\n", ctx->last_oid);
+10
crypto/asymmetric_keys/public_key.c
··· 142 142 if (strcmp(hash_algo, "streebog256") != 0 && 143 143 strcmp(hash_algo, "streebog512") != 0) 144 144 return -EINVAL; 145 + } else if (strcmp(pkey->pkey_algo, "mldsa44") == 0 || 146 + strcmp(pkey->pkey_algo, "mldsa65") == 0 || 147 + strcmp(pkey->pkey_algo, "mldsa87") == 0) { 148 + if (strcmp(encoding, "raw") != 0) 149 + return -EINVAL; 150 + if (!hash_algo) 151 + return -EINVAL; 152 + if (strcmp(hash_algo, "none") != 0 && 153 + strcmp(hash_algo, "sha512") != 0) 154 + return -EINVAL; 145 155 } else { 146 156 /* Unknown public key algorithm */ 147 157 return -ENOPKG;
+26 -1
crypto/asymmetric_keys/x509_cert_parser.c
··· 257 257 case OID_gost2012Signature512: 258 258 ctx->cert->sig->hash_algo = "streebog512"; 259 259 goto ecrdsa; 260 + case OID_id_ml_dsa_44: 261 + ctx->cert->sig->pkey_algo = "mldsa44"; 262 + goto ml_dsa; 263 + case OID_id_ml_dsa_65: 264 + ctx->cert->sig->pkey_algo = "mldsa65"; 265 + goto ml_dsa; 266 + case OID_id_ml_dsa_87: 267 + ctx->cert->sig->pkey_algo = "mldsa87"; 268 + goto ml_dsa; 260 269 } 261 270 262 271 rsa_pkcs1: ··· 281 272 ecdsa: 282 273 ctx->cert->sig->pkey_algo = "ecdsa"; 283 274 ctx->cert->sig->encoding = "x962"; 275 + ctx->sig_algo = ctx->last_oid; 276 + return 0; 277 + ml_dsa: 278 + ctx->cert->sig->algo_takes_data = true; 279 + ctx->cert->sig->hash_algo = "none"; 280 + ctx->cert->sig->encoding = "raw"; 284 281 ctx->sig_algo = ctx->last_oid; 285 282 return 0; 286 283 } ··· 315 300 316 301 if (strcmp(ctx->cert->sig->pkey_algo, "rsa") == 0 || 317 302 strcmp(ctx->cert->sig->pkey_algo, "ecrdsa") == 0 || 318 - strcmp(ctx->cert->sig->pkey_algo, "ecdsa") == 0) { 303 + strcmp(ctx->cert->sig->pkey_algo, "ecdsa") == 0 || 304 + strncmp(ctx->cert->sig->pkey_algo, "mldsa", 5) == 0) { 319 305 /* Discard the BIT STRING metadata */ 320 306 if (vlen < 1 || *(const u8 *)value != 0) 321 307 return -EBADMSG; ··· 539 523 default: 540 524 return -ENOPKG; 541 525 } 526 + break; 527 + case OID_id_ml_dsa_44: 528 + ctx->cert->pub->pkey_algo = "mldsa44"; 529 + break; 530 + case OID_id_ml_dsa_65: 531 + ctx->cert->pub->pkey_algo = "mldsa65"; 532 + break; 533 + case OID_id_ml_dsa_87: 534 + ctx->cert->pub->pkey_algo = "mldsa87"; 542 535 break; 543 536 default: 544 537 return -ENOPKG;
+5
include/linux/oid_registry.h
··· 145 145 OID_id_rsassa_pkcs1_v1_5_with_sha3_384, /* 2.16.840.1.101.3.4.3.15 */ 146 146 OID_id_rsassa_pkcs1_v1_5_with_sha3_512, /* 2.16.840.1.101.3.4.3.16 */ 147 147 148 + /* NIST FIPS-204 ML-DSA */ 149 + OID_id_ml_dsa_44, /* 2.16.840.1.101.3.4.3.17 */ 150 + OID_id_ml_dsa_65, /* 2.16.840.1.101.3.4.3.18 */ 151 + OID_id_ml_dsa_87, /* 2.16.840.1.101.3.4.3.19 */ 152 + 148 153 OID__NR 149 154 }; 150 155