Re: [tpmdd-devel] in-kernel user of ecdsa
Am Montag, 12. März 2018, 22:55:35 CET schrieb James Bottomley: Hi James, > > ECDSA is not implemented currently in the kernel crypto API. > > an ECDSA signature is produced as a ECDH operation using the DSA > algorithm instead of KDFe, so it's trivial with what we have; signature > verification involves a separate point addition but we have all the > primitives for this in crypto/ecc.c so adding it isn't really > difficult, is it? No, it is not. There even was a patch posted about a year ago to add ECDSA. But it was rejected due to missing in-kernel users. I guess that patch could be reactivated. Ciao Stephan
Re: [tpmdd-devel] in-kernel user of ecdsa
On Mon, 2018-03-12 at 20:56 +0100, Stephan Mueller wrote: > Am Montag, 12. März 2018, 19:09:18 CET schrieb James Bottomley: > > Hi James, > > > > > On Mon, 2018-03-12 at 19:07 +0200, Tudor Ambarus wrote: > > > > > > Hi, > > > > > > Would you consider using ECDSA in the kernel module signing > > > facility? When compared with RSA, ECDSA has shorter keys, the key > > > generation process is faster, the sign operation is faster, but > > > the verify operation is slower than with RSA. > > > > You missed the keyrings list, which is where the module signing > > utility is discussed. > > > > First question is, have you actually tried? It looks like sign- > > file doesn't do anything RSA specific so if you give it an EC X.509 > > certificate it will produce an ECDSA signature. > > > > I think our kernel internal x509 parsers don't have the EC OIDs, so > > signature verification will fail; but, especially since we have the > > rest of the EC machinery in the crypto subsystem, that looks to be > > simply fixable. > > ECDSA is not implemented currently in the kernel crypto API. an ECDSA signature is produced as a ECDH operation using the DSA algorithm instead of KDFe, so it's trivial with what we have; signature verification involves a separate point addition but we have all the primitives for this in crypto/ecc.c so adding it isn't really difficult, is it? James
Re: [tpmdd-devel] in-kernel user of ecdsa
Am Montag, 12. März 2018, 19:09:18 CET schrieb James Bottomley: Hi James, > On Mon, 2018-03-12 at 19:07 +0200, Tudor Ambarus wrote: > > Hi, > > > > Would you consider using ECDSA in the kernel module signing facility? > > When compared with RSA, ECDSA has shorter keys, the key generation > > process is faster, the sign operation is faster, but the verify > > operation is slower than with RSA. > > You missed the keyrings list, which is where the module signing utility > is discussed. > > First question is, have you actually tried? It looks like sign-file > doesn't do anything RSA specific so if you give it an EC X.509 > certificate it will produce an ECDSA signature. > > I think our kernel internal x509 parsers don't have the EC OIDs, so > signature verification will fail; but, especially since we have the > rest of the EC machinery in the crypto subsystem, that looks to be > simply fixable. ECDSA is not implemented currently in the kernel crypto API. > > James Ciao Stephan
Re: [tpmdd-devel] in-kernel user of ecdsa
On Mon, 2018-03-12 at 19:07 +0200, Tudor Ambarus wrote: > Hi, > > Would you consider using ECDSA in the kernel module signing facility? > When compared with RSA, ECDSA has shorter keys, the key generation > process is faster, the sign operation is faster, but the verify > operation is slower than with RSA. You missed the keyrings list, which is where the module signing utility is discussed. First question is, have you actually tried? It looks like sign-file doesn't do anything RSA specific so if you give it an EC X.509 certificate it will produce an ECDSA signature. I think our kernel internal x509 parsers don't have the EC OIDs, so signature verification will fail; but, especially since we have the rest of the EC machinery in the crypto subsystem, that looks to be simply fixable. James