From nobody Mon Feb 9 14:31:17 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C440633372E for ; Mon, 5 Jan 2026 15:22:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1767626581; cv=none; b=AxK/w+hEfnlIWC2bUcolQfYvbCqKBIt39WR7hfi4h2d0Wyx/7BJ9/B2Gk1ygpvDRvqA5MqyCxBBE5XoWiw21TeNWpJzF7P4IffWYGTPue+dj0x6WF5PUP92ilvkQcE7uATTJIyvmO51mmUloSyjOX1U+3b78+OmHsnXspoHk04I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1767626581; c=relaxed/simple; bh=dbX9nHJ5REzRp8QaFOHK2ee2n38HwBnQPeTWNbT3JoQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=vFm9+5yiLCkjs0JC2TBftLWXc163yBnJ9j9kkfZNIw4vSNZgn6Ae+yYNUZ1VIihXTDamfw/IOw7S6cyxb+YGHrjstURWA3vMiFg7Wqf+K9goiklS9xsfc4MNA3seecoyQZ0xD9yQ9PGm4A+AnFzpaR571B3cmzadohX1o0LrxbQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=Tz3Dvoa+; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Tz3Dvoa+" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1767626576; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=e9kgzsLwkkfNxmetAJNcral3H3dTIGoaCL0v9z96wpg=; b=Tz3Dvoa+Dx5dgHNs+uj5TT0wbTps1tX7rRrExt/81oUCWdzhmHohRhWcqaguJ3gZlfjSnf w259p1WSFQQ/M3YddNX75dImP9gldss+Deg0U1d8hVRU2yvkCUpA3hpwA9fHAFgqIcNmtt b8EVjh/gg1stBrdln0SyjucVMkTIx8w= Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-26-KQWT_SDsNDmINssT8d_tdA-1; Mon, 05 Jan 2026 10:22:50 -0500 X-MC-Unique: KQWT_SDsNDmINssT8d_tdA-1 X-Mimecast-MFC-AGG-ID: KQWT_SDsNDmINssT8d_tdA_1767626568 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 90468195609D; Mon, 5 Jan 2026 15:22:48 +0000 (UTC) Received: from warthog.procyon.org.uk.com (unknown [10.42.28.4]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id AE50419560AB; Mon, 5 Jan 2026 15:22:44 +0000 (UTC) From: David Howells To: Lukas Wunner , Ignat Korchagin Cc: David Howells , Jarkko Sakkinen , Herbert Xu , Eric Biggers , Luis Chamberlain , Petr Pavlu , Daniel Gomez , Sami Tolvanen , "Jason A . Donenfeld" , Ard Biesheuvel , Stephan Mueller , linux-crypto@vger.kernel.org, keyrings@vger.kernel.org, linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v11 8/8] modsign: Enable RSASSA-PSS module signing Date: Mon, 5 Jan 2026 15:21:33 +0000 Message-ID: <20260105152145.1801972-9-dhowells@redhat.com> In-Reply-To: <20260105152145.1801972-1-dhowells@redhat.com> References: <20260105152145.1801972-1-dhowells@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 Content-Type: text/plain; charset="utf-8" Add support for RSASSA-PSS signatures (RFC8017) for use with module signing and other public key cryptography done by the kernel. Note that only signature verification is supported by the kernel. Note further that this alters some of the same code as the MLDSA support, so that needs to be applied first to avoid conflicts. Signed-off-by: David Howells cc: Lukas Wunner cc: Ignat Korchagin cc: Herbert Xu cc: keyrings@vger.kernel.org cc: linux-crypto@vger.kernel.org Reviewed-by: Ignat Korchagin --- certs/Kconfig | 6 ++++++ certs/Makefile | 1 + scripts/sign-file.c | 39 +++++++++++++++++++++++++++++++++++++-- 3 files changed, 44 insertions(+), 2 deletions(-) diff --git a/certs/Kconfig b/certs/Kconfig index 94b086684d07..beb8991ad761 100644 --- a/certs/Kconfig +++ b/certs/Kconfig @@ -27,6 +27,12 @@ config MODULE_SIG_KEY_TYPE_RSA help Use an RSA key for module signing. =20 +config MODULE_SIG_KEY_TYPE_RSASSA_PSS + bool "RSASSA-PSS" + select CRYPTO_RSA + help + Use an RSASSA-PSS key for module signing. + config MODULE_SIG_KEY_TYPE_ECDSA bool "ECDSA" select CRYPTO_ECDSA diff --git a/certs/Makefile b/certs/Makefile index 3ee1960f9f4a..3b5a3a303f4c 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -42,6 +42,7 @@ targets +=3D x509_certificate_list # boolean option and we unfortunately can't make it depend on !RANDCONFIG. ifeq ($(CONFIG_MODULE_SIG_KEY),certs/signing_key.pem) =20 +keytype-$(CONFIG_MODULE_SIG_KEY_TYPE_RSASSA_PSS) :=3D -newkey rsassa-pss keytype-$(CONFIG_MODULE_SIG_KEY_TYPE_ECDSA) :=3D -newkey ec -pkeyopt ec_pa= ramgen_curve:secp384r1 keytype-$(CONFIG_MODULE_SIG_KEY_TYPE_MLDSA_44) :=3D -newkey ml-dsa-44 keytype-$(CONFIG_MODULE_SIG_KEY_TYPE_MLDSA_65) :=3D -newkey ml-dsa-65 diff --git a/scripts/sign-file.c b/scripts/sign-file.c index b726581075f9..ca605095194e 100644 --- a/scripts/sign-file.c +++ b/scripts/sign-file.c @@ -233,6 +233,7 @@ int main(int argc, char **argv) EVP_PKEY *private_key; #ifndef USE_PKCS7 CMS_ContentInfo *cms =3D NULL; + CMS_SignerInfo *signer; unsigned int use_keyid =3D 0; #else PKCS7 *pkcs7 =3D NULL; @@ -329,13 +330,47 @@ int main(int argc, char **argv) !EVP_PKEY_is_a(private_key, "ML-DSA-65") && !EVP_PKEY_is_a(private_key, "ML-DSA-87")) flags |=3D use_signed_attrs; + if (EVP_PKEY_is_a(private_key, "RSASSA-PSS")) + flags |=3D CMS_KEY_PARAM; + if (EVP_PKEY_is_a(private_key, "RSASSA-PSS")) { + EVP_PKEY_CTX *pkctx; + char mdname[1024] =3D {}; + + pkctx =3D EVP_PKEY_CTX_new(private_key, NULL); + + ERR(!EVP_PKEY_sign_init(pkctx), "EVP_PKEY_sign_init"); + ERR(!EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING), + "EVP_PKEY_CTX_set_rsa_padding"); + ERR(!EVP_PKEY_CTX_set_rsa_mgf1_md_name(pkctx, hash_algo, NULL), + "EVP_PKEY_CTX_set_rsa_mgf1_md_name"); + + ERR(!EVP_PKEY_CTX_get_rsa_mgf1_md_name(pkctx, mdname, sizeof(mdname)), + "EVP_PKEY_CTX_get_rsa_mgf1_md_name"); + printf("RSASSA-PSS %s\n", mdname); + } =20 /* Load the signature message from the digest buffer. */ cms =3D CMS_sign(NULL, NULL, NULL, NULL, flags); ERR(!cms, "CMS_sign"); =20 - ERR(!CMS_add1_signer(cms, x509, private_key, digest_algo, flags), - "CMS_add1_signer"); + signer =3D CMS_add1_signer(cms, x509, private_key, digest_algo, flags); + ERR(!signer, "CMS_add1_signer"); + + if (EVP_PKEY_is_a(private_key, "RSASSA-PSS")) { + EVP_PKEY_CTX *pkctx; + char mdname[1024] =3D {}; + + pkctx =3D CMS_SignerInfo_get0_pkey_ctx(signer); + ERR(!EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING), + "EVP_PKEY_CTX_set_rsa_padding"); + ERR(!EVP_PKEY_CTX_set_rsa_mgf1_md_name(pkctx, hash_algo, NULL), + "EVP_PKEY_CTX_set_rsa_mgf1_md_name"); + + ERR(!EVP_PKEY_CTX_get_rsa_mgf1_md_name(pkctx, mdname, sizeof(mdname)), + "EVP_PKEY_CTX_get_rsa_mgf1_md_name"); + printf("RSASSA-PSS %s\n", mdname); + } + ERR(CMS_final(cms, bm, NULL, flags) !=3D 1, "CMS_final");