diff options
| author | David Howells <dhowells@redhat.com> | 2025-10-06 08:35:51 +0100 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2026-02-02 16:57:39 +0000 |
| commit | 0ad9a71933e73c8a2af101d28e9a1dc35bae02d5 (patch) | |
| tree | 04db0b296b8a0613e18f6f3ebb601d62db2a49d0 /certs | |
| parent | 8bbdeb7a25b4cd3d829136a2e12982b8ee7d7991 (diff) | |
| download | linux-next-history-0ad9a71933e73c8a2af101d28e9a1dc35bae02d5.tar.gz | |
modsign: Enable ML-DSA module signing
Allow ML-DSA module signing to be enabled.
Note that OpenSSL's CMS_*() function suite does not, as of OpenSSL-3.6,
support the use of CMS_NOATTR with ML-DSA, so the prohibition against using
signedAttrs with module signing has to be removed. The selected digest
then applies only to the algorithm used to calculate the digest stored in
the messageDigest attribute. The OpenSSL development branch has patches
applied that fix this[1], but it appears that that will only be available
in OpenSSL-4.
[1] https://github.com/openssl/openssl/pull/28923
sign-file won't set CMS_NOATTR if openssl is earlier than v4, resulting in
the use of signed attributes.
The ML-DSA algorithm takes the raw data to be signed without regard to what
digest algorithm is specified in the CMS message. The CMS specified digest
algorithm is ignored unless signedAttrs are used; in such a case, only
SHA512 is permitted.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Jarkko Sakkinen <jarkko@kernel.org>
cc: Eric Biggers <ebiggers@kernel.org>
cc: Lukas Wunner <lukas@wunner.de>
cc: Ignat Korchagin <ignat@cloudflare.com>
cc: Stephan Mueller <smueller@chronox.de>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: keyrings@vger.kernel.org
cc: linux-crypto@vger.kernel.org
Diffstat (limited to 'certs')
| -rw-r--r-- | certs/Kconfig | 40 | ||||
| -rw-r--r-- | certs/Makefile | 3 |
2 files changed, 43 insertions, 0 deletions
diff --git a/certs/Kconfig b/certs/Kconfig index 78307dc255591..8e39a80c7abe5 100644 --- a/certs/Kconfig +++ b/certs/Kconfig @@ -39,6 +39,39 @@ config MODULE_SIG_KEY_TYPE_ECDSA Note: Remove all ECDSA signing keys, e.g. certs/signing_key.pem, when falling back to building Linux 5.14 and older kernels. +config MODULE_SIG_KEY_TYPE_MLDSA_44 + bool "ML-DSA-44" + select CRYPTO_MLDSA + depends on OPENSSL_SUPPORTS_ML_DSA + help + Use an ML-DSA-44 key (NIST FIPS 204) for module signing. ML-DSA + support requires OpenSSL-3.5 minimum; preferably OpenSSL-4+. With + the latter, the entire module body will be signed; with the former, + signedAttrs will be used as it lacks support for CMS_NOATTR with + ML-DSA. + +config MODULE_SIG_KEY_TYPE_MLDSA_65 + bool "ML-DSA-65" + select CRYPTO_MLDSA + depends on OPENSSL_SUPPORTS_ML_DSA + help + Use an ML-DSA-65 key (NIST FIPS 204) for module signing. ML-DSA + support requires OpenSSL-3.5 minimum; preferably OpenSSL-4+. With + the latter, the entire module body will be signed; with the former, + signedAttrs will be used as it lacks support for CMS_NOATTR with + ML-DSA. + +config MODULE_SIG_KEY_TYPE_MLDSA_87 + bool "ML-DSA-87" + select CRYPTO_MLDSA + depends on OPENSSL_SUPPORTS_ML_DSA + help + Use an ML-DSA-87 key (NIST FIPS 204) for module signing. ML-DSA + support requires OpenSSL-3.5 minimum; preferably OpenSSL-4+. With + the latter, the entire module body will be signed; with the former, + signedAttrs will be used as it lacks support for CMS_NOATTR with + ML-DSA. + endchoice config SYSTEM_TRUSTED_KEYRING @@ -154,4 +187,11 @@ config SYSTEM_BLACKLIST_AUTH_UPDATE keyring. The PKCS#7 signature of the description is set in the key payload. Blacklist keys cannot be removed. +config OPENSSL_SUPPORTS_ML_DSA + def_bool $(success, openssl list -key-managers | grep -q ML-DSA-87) + help + Support for ML-DSA-44/65/87 was added in openssl-3.5, so as long + as older versions are supported, the key types may only be + set after testing the installed binary for support. + endmenu diff --git a/certs/Makefile b/certs/Makefile index f6fa4d8d75e05..3ee1960f9f4a5 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -43,6 +43,9 @@ targets += x509_certificate_list ifeq ($(CONFIG_MODULE_SIG_KEY),certs/signing_key.pem) keytype-$(CONFIG_MODULE_SIG_KEY_TYPE_ECDSA) := -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 +keytype-$(CONFIG_MODULE_SIG_KEY_TYPE_MLDSA_44) := -newkey ml-dsa-44 +keytype-$(CONFIG_MODULE_SIG_KEY_TYPE_MLDSA_65) := -newkey ml-dsa-65 +keytype-$(CONFIG_MODULE_SIG_KEY_TYPE_MLDSA_87) := -newkey ml-dsa-87 quiet_cmd_gen_key = GENKEY $@ cmd_gen_key = openssl req -new -nodes -utf8 -$(CONFIG_MODULE_SIG_HASH) -days 36500 \ |