crypto: rsa-pkcs1pad - Add FIPS 202 SHA-3 support

Add support in rsa-pkcs1pad for FIPS 202 SHA-3 hashes, sizes 256 and
up. As 224 is too weak for any practical purposes.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/rsa-pkcs1pad.c b/crypto/rsa-pkcs1pad.c
index 49756c6ea7a1ec0c14778700f2598f71915250d9..cd501195f34a1a4643874b8b8f63cdbeabac1344 100644 (file)
--- a/crypto/rsa-pkcs1pad.c
+++ b/crypto/rsa-pkcs1pad.c
@@ -61,6 +61,24 @@ static const u8 rsa_digest_info_sha512[] = {
        0x05, 0x00, 0x04, 0x40
 };
 
+static const u8 rsa_digest_info_sha3_256[] = {
+       0x30, 0x31, 0x30, 0x0d, 0x06, 0x09,
+       0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x08,
+       0x05, 0x00, 0x04, 0x20
+};
+
+static const u8 rsa_digest_info_sha3_384[] = {
+       0x30, 0x41, 0x30, 0x0d, 0x06, 0x09,
+       0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x09,
+       0x05, 0x00, 0x04, 0x30
+};
+
+static const u8 rsa_digest_info_sha3_512[] = {
+       0x30, 0x51, 0x30, 0x0d, 0x06, 0x09,
+       0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x0A,
+       0x05, 0x00, 0x04, 0x40
+};
+
 static const struct rsa_asn1_template {
        const char      *name;
        const u8        *data;
@@ -74,8 +92,13 @@ static const struct rsa_asn1_template {
        _(sha384),
        _(sha512),
        _(sha224),
-       { NULL }
 #undef _
+#define _(X) { "sha3-" #X, rsa_digest_info_sha3_##X, sizeof(rsa_digest_info_sha3_##X) }
+       _(256),
+       _(384),
+       _(512),
+#undef _
+       { NULL }
 };
 
 static const struct rsa_asn1_template *rsa_lookup_asn1(const char *name)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 335449a27f7575e4b88b04009ddaaa3a6839e31f..1dc93bf608d4a0be684d5a2a80d21e1b721024f6 100644 (file)
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -5464,6 +5464,18 @@ static const struct alg_test_desc alg_test_descs[] = {
                .alg = "pkcs1pad(rsa,sha512)",
                .test = alg_test_null,
                .fips_allowed = 1,
+       }, {
+               .alg = "pkcs1pad(rsa,sha3-256)",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "pkcs1pad(rsa,sha3-384)",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "pkcs1pad(rsa,sha3-512)",
+               .test = alg_test_null,
+               .fips_allowed = 1,
        }, {
                .alg = "poly1305",
                .test = alg_test_hash,