-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add CFG_RSA_PUB_EXPONENT_3 #6790
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With my comment addressed:
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
core/tee/tee_svc_cryp.c
Outdated
return TEE_ERROR_BAD_PARAMETERS; | ||
|
||
crypto_bignum_bn2bin(e, bin_key); | ||
|
||
if (!(bin_key[n - 1] & 1)) /* key must be odd */ | ||
return TEE_ERROR_BAD_PARAMETERS; | ||
|
||
#if defined(CFG_RSA_PUB_EXPONENT_3) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (IS_ENABLED(CFG_RSA_PUB_EXPONENT_3)) {
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about something less patched up like:
if (n <= 3) {
uint32_t min_key = 65537;
uint32_t key = 0;
size_t m = 0;
if (IS_ENABLED(CFG_RSA_PUB_EXPONENT_3))
min_key = 3;
for (m = 0; m < n; m++) {
key <<= 8;
key |= bin_key[m];
}
if (key < min_key)
return TEE_ERROR_BAD_PARAMETERS;
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That does look cleaner, I'll update the PR to do this instead.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note the checkpatch report on commit message:
WARNING: 'keypairs' may be misspelled - perhaps 'key pairs'?
#6:
When generating RSA keypairs, OP-TEE currently enforces a minimum public
^^^^^^^^
4f3db83
to
6395899
Compare
Turns out I didn't have |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
When generating RSA key pairs, OP-TEE currently enforces a minimum public exponent size of 65537 per NIST SP800-56B recommendations. However, AOSP KeyMint VTS (EncryptionOperationsTest.RsaNoPaddingSuccess [1]) requires implementations to support public exponent 3 for backwards compatibility. Add CFG_RSA_PUB_EXPONENT_3 to allow public exponents >= 3. Link: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/security/keymint/aidl/vts/functional/KeyMintTest.cpp#5258 [1] Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
6395899
to
c5765f8
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
(sorry, no need to delay more merging of this P-R, don't bother applying this review tag)
Etienne's tag added and commit merged manually. Thanks. |
When generating RSA keypairs, OP-TEE currently enforces a minimum public exponent size of 65537 per NIST SP800-56B recommendations. However, AOSP KeyMint VTS (EncryptionOperationsTest.RsaNoPaddingSuccess) requires implementations to support public exponent 3 for backwards compatibility. Add
CFG_RSA_PUB_EXPONENT_3
to optionally allow public exponents >= 3.