[dpdk-dev] [RFC] RSA Digital Signature input

Kusztal, ArkadiuszX arkadiuszx.kusztal at intel.com
Fri Aug 16 13:31:53 CEST 2019


Hi all,

This is a continuation of thread we have had before but it would be easier when new thread created.

Current RSA  signature test takes as an input plaintext:
        asym_op->rsa.message.data = rsaplaintext.data;
        asym_op->rsa.message.length = rsaplaintext.len;

But we do not specify what input data provide should have.

Openssl implementation does

        case RTE_CRYPTO_ASYM_OP_SIGN:

               ret = RSA_private_encrypt(op->rsa.message.length,
But this function does not handle algorithmIdentifier
https://www.openssl.org/docs/manmaster/man3/RSA_private_encrypt.html
Which means that algorithIdentifier should be encoded together with message digest,

Assuming rsaplaintext is a message digest created by SHA1.
Openssl PMD example:

Our plaintext (digest):
uint8_t input_2[] = { 0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae,
                  0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb,
                  0x7e, 0x78, 0xa0, 0x50 };
Digest with DER prepended.

(RFC 8107 9.2 notes. 1)

uint8_t input[] = { 0x30,  0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14,

               0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae,

               0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb,

               0x7e, 0x78, 0xa0, 0x50 };




With these params both openssl functions below will return the same signature (PKCS_1.5 is deterministic so it will be always the same)


RSA_private_encrypt( sizeof(input), input, op->rsa.sign.data, rsa, pad);
RSA_sign(NID_sha1, input_2, sizeof(input_2), output, (unsigned int*)&op->rsa.sign.length, rsa );

Neither of these functions support PSS, so for openssl most probable way for PSS would be something like:

-          RSA_padding_add_PKCS1_PSS

-          RSA_private_encrypt
And digest provided or created in openssl.

So the bottom line is:

        rte_crypto_param message;

        /**<

         * Pointer to input data

         * - to be encrypted for RSA public encrypt.

         * - to be signed for RSA sign generation.
What we should say here (is it message, is it digest, is it in case pkcs1_5 der + digest)?

Regards,
Arek




More information about the dev mailing list