From: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>
To: "Trahe, Fiona" <fiona.trahe@intel.com>,
"akhil.goyal@nxp.com" <akhil.goyal@nxp.com>,
"Verma, Shally" <Shally.Verma@cavium.com>,
Ayuj Verma <ayverma@marvell.com>,
Anoob Joseph <anoobj@marvell.com>
Cc: "dev@dpdk.org" <dev@dpdk.org>
Subject: [dpdk-dev] [RFC] RSA Digital Signature input
Date: Fri, 16 Aug 2019 11:31:53 +0000 [thread overview]
Message-ID: <06EE24DD0B19E248B53F6DC8657831551B293A1A@hasmsx109.ger.corp.intel.com> (raw)
Hi all,
This is a continuation of thread we have had before but it would be easier when new thread created.
Current RSA signature test takes as an input plaintext:
asym_op->rsa.message.data = rsaplaintext.data;
asym_op->rsa.message.length = rsaplaintext.len;
But we do not specify what input data provide should have.
Openssl implementation does
case RTE_CRYPTO_ASYM_OP_SIGN:
ret = RSA_private_encrypt(op->rsa.message.length,
But this function does not handle algorithmIdentifier
https://www.openssl.org/docs/manmaster/man3/RSA_private_encrypt.html
Which means that algorithIdentifier should be encoded together with message digest,
Assuming rsaplaintext is a message digest created by SHA1.
Openssl PMD example:
Our plaintext (digest):
uint8_t input_2[] = { 0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae,
0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb,
0x7e, 0x78, 0xa0, 0x50 };
Digest with DER prepended.
(RFC 8107 9.2 notes. 1)
uint8_t input[] = { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14,
0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae,
0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb,
0x7e, 0x78, 0xa0, 0x50 };
With these params both openssl functions below will return the same signature (PKCS_1.5 is deterministic so it will be always the same)
RSA_private_encrypt( sizeof(input), input, op->rsa.sign.data, rsa, pad);
RSA_sign(NID_sha1, input_2, sizeof(input_2), output, (unsigned int*)&op->rsa.sign.length, rsa );
Neither of these functions support PSS, so for openssl most probable way for PSS would be something like:
- RSA_padding_add_PKCS1_PSS
- RSA_private_encrypt
And digest provided or created in openssl.
So the bottom line is:
rte_crypto_param message;
/**<
* Pointer to input data
* - to be encrypted for RSA public encrypt.
* - to be signed for RSA sign generation.
What we should say here (is it message, is it digest, is it in case pkcs1_5 der + digest)?
Regards,
Arek
reply other threads:[~2019-08-16 11:32 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=06EE24DD0B19E248B53F6DC8657831551B293A1A@hasmsx109.ger.corp.intel.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=Shally.Verma@cavium.com \
--cc=akhil.goyal@nxp.com \
--cc=anoobj@marvell.com \
--cc=ayverma@marvell.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).