[PATCH 1/3] crypto: public_key: Remove check for valid hash_algo for ML-DSA keys
Eric Biggers
ebiggers at kernel.org
Mon Apr 6 16:53:50 UTC 2026
On Sun, Apr 05, 2026 at 07:12:22PM -0400, Stefan Berger wrote:
> Remove the check for the hash_algo since ML-DSA is only used in pure mode
> and there is no relevance of a hash_algo for the input data.
>
> Cc: David Howells <dhowells at redhat.com>
> Cc: Lukas Wunner <lukas at wunner.de>
> Cc: Ignat Korchagin <ignat at linux.win>
> Cc: keyrings at vger.kernel.org
> Cc: linux-crypto at vger.kernel.org
> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
> ---
> crypto/asymmetric_keys/public_key.c | 5 -----
> 1 file changed, 5 deletions(-)
>
> diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
> index 09a0b83d5d77..df6918a77ab8 100644
> --- a/crypto/asymmetric_keys/public_key.c
> +++ b/crypto/asymmetric_keys/public_key.c
> @@ -147,11 +147,6 @@ software_key_determine_akcipher(const struct public_key *pkey,
> strcmp(pkey->pkey_algo, "mldsa87") == 0) {
> if (strcmp(encoding, "raw") != 0)
> return -EINVAL;
> - if (!hash_algo)
> - return -EINVAL;
> - if (strcmp(hash_algo, "none") != 0 &&
> - strcmp(hash_algo, "sha512") != 0)
> - return -EINVAL;
Does this broaden which hash algorithms are accepted for CMS signatures
that use ML-DSA and contain signed attributes?
- Eric
More information about the Linux-security-module-archive
mailing list