64ae16dfee
The sign operation can operate in a non-hashed mode by running the RSA sign operation directly on the input. This assumes that the input is less than key_size_in_bytes - 11. Since the TPM performs its own PKCS1 padding, it isn't possible to support 'raw' mode, only 'pkcs1'. Alternatively, a hashed version is also possible. In this variant the input is hashed (by userspace) via the selected hash function first. Then this implementation takes care of converting the hash to ASN.1 format and the sign operation is performed on the result. This is similar to the implementation inside crypto/rsa-pkcs1pad.c. ASN1 templates were copied from crypto/rsa-pkcs1pad.c. There seems to be no easy way to expose that functionality, but likely the templates should be shared somehow. The sign operation is implemented via TPM_Sign operation on the TPM. It is assumed that the TPM wrapped key provided uses TPM_SS_RSASSAPKCS1v15_DER signature scheme. This allows the TPM_Sign operation to work on data up to key_len_in_bytes - 11 bytes long. In theory, we could also use TPM_Unbind instead of TPM_Sign, but we would have to manually pkcs1 pad the digest first. Signed-off-by: Denis Kenzior <denkenz@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Marcel Holtmann <marcel@holtmann.org> Reviewed-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: James Morris <james.morris@microsoft.com> |
||
---|---|---|
.. | ||
asymmetric_keys | ||
async_tx | ||
842.c | ||
Kconfig | ||
Makefile | ||
ablkcipher.c | ||
acompress.c | ||
aead.c | ||
aegis.h | ||
aegis128.c | ||
aegis128l.c | ||
aegis256.c | ||
aes_generic.c | ||
aes_ti.c | ||
af_alg.c | ||
ahash.c | ||
akcipher.c | ||
algapi.c | ||
algboss.c | ||
algif_aead.c | ||
algif_hash.c | ||
algif_rng.c | ||
algif_skcipher.c | ||
ansi_cprng.c | ||
anubis.c | ||
api.c | ||
arc4.c | ||
authenc.c | ||
authencesn.c | ||
blkcipher.c | ||
blowfish_common.c | ||
blowfish_generic.c | ||
camellia_generic.c | ||
cast5_generic.c | ||
cast6_generic.c | ||
cast_common.c | ||
cbc.c | ||
ccm.c | ||
cfb.c | ||
chacha20_generic.c | ||
chacha20poly1305.c | ||
cipher.c | ||
cmac.c | ||
compress.c | ||
crc32_generic.c | ||
crc32c_generic.c | ||
crct10dif_common.c | ||
crct10dif_generic.c | ||
cryptd.c | ||
crypto_engine.c | ||
crypto_null.c | ||
crypto_user_base.c | ||
crypto_user_stat.c | ||
crypto_wq.c | ||
ctr.c | ||
cts.c | ||
deflate.c | ||
des_generic.c | ||
dh.c | ||
dh_helper.c | ||
drbg.c | ||
ecb.c | ||
ecc.c | ||
ecc.h | ||
ecc_curve_defs.h | ||
ecdh.c | ||
ecdh_helper.c | ||
echainiv.c | ||
fcrypt.c | ||
fips.c | ||
gcm.c | ||
gf128mul.c | ||
ghash-generic.c | ||
hash_info.c | ||
hmac.c | ||
internal.h | ||
jitterentropy-kcapi.c | ||
jitterentropy.c | ||
keywrap.c | ||
khazad.c | ||
kpp.c | ||
lrw.c | ||
lz4.c | ||
lz4hc.c | ||
lzo.c | ||
md4.c | ||
md5.c | ||
memneq.c | ||
michael_mic.c | ||
morus640.c | ||
morus1280.c | ||
ofb.c | ||
pcbc.c | ||
pcrypt.c | ||
poly1305_generic.c | ||
proc.c | ||
ripemd.h | ||
rmd128.c | ||
rmd160.c | ||
rmd256.c | ||
rmd320.c | ||
rng.c | ||
rsa-pkcs1pad.c | ||
rsa.c | ||
rsa_helper.c | ||
rsaprivkey.asn1 | ||
rsapubkey.asn1 | ||
salsa20_generic.c | ||
scatterwalk.c | ||
scompress.c | ||
seed.c | ||
seqiv.c | ||
serpent_generic.c | ||
sha1_generic.c | ||
sha3_generic.c | ||
sha256_generic.c | ||
sha512_generic.c | ||
shash.c | ||
simd.c | ||
skcipher.c | ||
sm3_generic.c | ||
sm4_generic.c | ||
tcrypt.c | ||
tcrypt.h | ||
tea.c | ||
testmgr.c | ||
testmgr.h | ||
tgr192.c | ||
twofish_common.c | ||
twofish_generic.c | ||
vmac.c | ||
wp512.c | ||
xcbc.c | ||
xor.c | ||
xts.c | ||
zstd.c |