Re: [PATCH v7 4/4] ima: Support EC keys for signature verification

[PATCH v7 0/4] Add support for x509 certs with NIST p256 and p192 keys · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-01
[PATCH v7 2/4] x509: Detect sm2 keys by their parameters OID · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-01
[PATCH v7 1/4] crypto: Add support for ECDSA signature verification · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-01
Re: [PATCH v7 1/4] crypto: Add support for ECDSA signature verification · Herbert Xu <herbert@gondor.apana.org.au> · 2021-02-04
Re: [PATCH v7 1/4] crypto: Add support for ECDSA signature verification · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-04
Re: [PATCH v7 1/4] crypto: Add support for ECDSA signature verification · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-04
[PATCH v7 4/4] ima: Support EC keys for signature verification · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-01
Re: [PATCH v7 4/4] ima: Support EC keys for signature verification · Mimi Zohar <zohar@linux.ibm.com> · 2021-02-05
[PATCH v7 3/4] x509: Add support for parsing x509 certs with ECDSA keys · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-01
Re: [PATCH v7 3/4] x509: Add support for parsing x509 certs with ECDSA keys · kernel test robot <hidden> · 2021-02-11
Re: [PATCH v7 3/4] x509: Add support for parsing x509 certs with ECDSA keys · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-11
Re: [PATCH v7 3/4] x509: Add support for parsing x509 certs with ECDSA keys · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-11
Re: [PATCH v7 0/4] Add support for x509 certs with NIST p256 and p192 keys · David Howells <dhowells@redhat.com> · 2021-02-01
Re: [PATCH v7 0/4] Add support for x509 certs with NIST p256 and p192 keys · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-01
Re: [PATCH v7 0/4] Add support for x509 certs with NIST p256 and p192 keys · David Howells <dhowells@redhat.com> · 2021-02-01
Re: [PATCH v7 0/4] Add support for x509 certs with NIST p256 and p192 keys · Stefan Berger <stefanb@linux.ibm.com> · 2021-02-01
Re: [PATCH v7 0/4] Add support for x509 certs with NIST p256 and p192 keys · Herbert Xu <herbert@gondor.apana.org.au> · 2021-02-02

From: Mimi Zohar <zohar@linux.ibm.com>
Date: 2021-02-05 12:30:18
Also in: keyrings, linux-integrity, lkml

On Mon, 2021-02-01 at 10:19 -0500, Stefan Berger wrote:

Add support for IMA signature verification for EC keys. Since SHA type
of hashes can be used by RSA and ECDSA signature schemes we need to
look at the key and derive from the key which signature scheme to use.
Since this can be applied to all types of keys, we change the selection
of the encoding type to be driven by the key's signature scheme rather
than by the hash type.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Vitaly Chikunov <redacted>
Reviewed-by: Tianjia Zhang <redacted>

Thanks, Stefan!

Acked-by: Mimi Zohar <zohar@linux.ibm.com>

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help