From patchwork Fri Mar 1 02:19:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208611 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813637dyb; Thu, 29 Feb 2024 18:23:27 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVp+X2eSDb3bzGUGToGAwuQ4lzi2mUYNTOyVrtm22eDJqJz7PEjafV34A/Kc/iSaJdYzmf62oLNdSybNMejegzvkO5e/g== X-Google-Smtp-Source: AGHT+IE+fuDBKqx2Ib8MBWmhiVpYFgUB59cNbWHHH1Gq7vhHDh3pPfpuN2rE48NeMZFBzI5hlEEs X-Received: by 2002:ac8:7d44:0:b0:42e:b6ed:7048 with SMTP id h4-20020ac87d44000000b0042eb6ed7048mr450017qtb.11.1709259806987; Thu, 29 Feb 2024 18:23:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259806; cv=pass; d=google.com; s=arc-20160816; b=NQrjyr9gs45Q59qtpEc5xU8LCmMpinYVm8nDZ9I6GXrqvxJJEQYay/n/izl593uzW9 sg3wzm654py9GBkHGY0f8DSOVErDsufsnUCSVVdWvuImmvsY9lDg4P+5WRF+AUw1tyzm s1dlFAVHZqtMZy1l1mWwOxBIbYKAGDN2wcC9xh+o2bmLatlryyutJV8zlDXUiCeNgUtm qHpOJGm1JKHfqjvyvbZ/m9MMDkleijk6m/xKjsuO2GEpqRK9ILPRZShh5ppZKndYNywl jVcnS+d38Fzfu4NnN0UUE94jspRdZtdrUQhrp1rbIwf4UHmTZP/kHLNgsihWp46v6wrg cOkg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=jyCSD/SD6Do0oEV7VM7M2eWAjErVj5gVDWzEBgNvx6k=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=joxp6A53vNYTsmOMnT9qYZneCObWUJHJGUtuW6tvqc0f6DS+rEVOVNa5OEDNo4jkOb pL5N9LIyx9YeiFgroeNBARcbRcj66tG3M4W6Lzot91R6Ek0pgxiGMnhbvFY/goe+7dac ldywYe2X4qofTIUW4GeI99y3lc4KUbyYNLAekiI1TpJPjw8krQPZ68TJeJsS/kQdQans d4zpP4b1U2tM8znjVie0nsh/NyA3cVsWkwPBp0CDSjTNrqVI/aCzbbgOIeqDiHw4S6GB ALg9PW9EgSj4E5UL07KtUnMllTWGq5hhn8XlJXYf/do2IV/niLb4jQL91ike42T6OB0+ hLZQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=nKTsHlky; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87829-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87829-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id d3-20020ac851c3000000b0042e8a92fe4bsi2478476qtn.547.2024.02.29.18.23.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:23:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87829-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=nKTsHlky; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87829-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87829-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id BE5BB1C22AFD for ; Fri, 1 Mar 2024 02:23:26 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BC35C3EA95; Fri, 1 Mar 2024 02:20:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="nKTsHlky" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 88B1E3A8C7; Fri, 1 Mar 2024 02:20:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259623; cv=none; b=FCcWsdYfsDGcTfTMoeXphuWCHCiazj8fCTMpgWyutbVvntkw+TKRqIA6jCxIpQnNCiarqZiSrViwCRTOVrX4dxBHQKYWJ9WQGa58vl3VfvmzMPj5+OElQ/UohsTzpsve7osYIqNTy2zntnkAiZItoecWEf/BkH8aJdqrps3Bm1A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259623; c=relaxed/simple; bh=sFcvSdKygidwLtw/uzuN+NfCipI2tHKBw5kMEwhOhRU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JOiWfgfbiEznnM76ppL/NdQy5colWO5BLEx5cRtiJ5knMKn7jfZDNCfLSp8mgip8Qqc6aoqQyqiKXvGXo+p5yhcq3tu4KwmloyKIYT+4ZOB+r6ttYGT7XzMDeLfCbzW29BbA9iLAvo9RiEtqLpPPljKxltmvzvmtyVG5PcuaJsc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=nKTsHlky; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4212HfYU024976; Fri, 1 Mar 2024 02:20:13 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=jyCSD/SD6Do0oEV7VM7M2eWAjErVj5gVDWzEBgNvx6k=; b=nKTsHlkyNIi7LIfNZ7KbnBEcGeo755HE9uUB7pukjjGpx1Q1gYjZ/JWfRaBx7RVlEsCY 9KNFwqW1+gNiTNANSYIHpYi4QNOGuX8+PsqjJS8e3erocqjEB3lwBSh5La38mCR+CjGh Py4dCxKBWqtQG0IRSXY44F1WL/fNjZN3PSA8XViBidNOTFsatAB7dyYK+9XBKlkpuRcY I5E81vpkxYrP2aG4T5yjaKDXe4M6Lwe0vqmm06J99pou7fEoC1ofBdvBNspY0hWBLLJ8 bUjrXoG3I0pi8KoHv4ul3Qz1/e/0ywJioRbwqZZUBPxsF+BAxJkKPxGX+zAz747RbaN3 lA== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk63qg1vm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:13 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 41TNwnoB008827; Fri, 1 Mar 2024 02:20:12 GMT Received: from smtprelay05.dal12v.mail.ibm.com ([172.16.1.7]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wftsu1w62-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:12 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay05.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KAM740042974 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:12 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 133115805D; Fri, 1 Mar 2024 02:20:10 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9192058069; Fri, 1 Mar 2024 02:20:09 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:09 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 01/12] crypto: ecdsa - Convert byte arrays with key coordinates to digits Date: Thu, 29 Feb 2024 21:19:56 -0500 Message-ID: <20240301022007.344948-2-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: Mg0t73Q_vcJOM8BCzjgSpJ3JThHjHUaj X-Proofpoint-GUID: Mg0t73Q_vcJOM8BCzjgSpJ3JThHjHUaj X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 priorityscore=1501 adultscore=0 impostorscore=0 bulkscore=0 phishscore=0 mlxscore=0 malwarescore=0 clxscore=1015 spamscore=0 suspectscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288811311966858 X-GMAIL-MSGID: 1792288811311966858 For NIST P192/256/384 the public key's x and y parameters could be copied directly from a given array since both parameters filled 'ndigits' of digits (a 'digit' is a u64). For support of NIST P521 the key parameters need to have leading zeros prepended to the most significant digit since only 2 bytes of the most significant digit are provided. Therefore, implement ecc_digits_from_bytes to convert a byte array into an array of digits and use this function in ecdsa_set_pub_key where an input byte array needs to be converted into digits. Signed-off-by: Stefan Berger --- crypto/ecdsa.c | 14 +++++++++----- include/crypto/internal/ecc.h | 25 +++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 5 deletions(-) diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c index fbd76498aba8..6653dec17327 100644 --- a/crypto/ecdsa.c +++ b/crypto/ecdsa.c @@ -222,9 +222,8 @@ static int ecdsa_ecc_ctx_reset(struct ecc_ctx *ctx) static int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen) { struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); + unsigned int digitlen, ndigits; const unsigned char *d = key; - const u64 *digits = (const u64 *)&d[1]; - unsigned int ndigits; int ret; ret = ecdsa_ecc_ctx_reset(ctx); @@ -238,12 +237,17 @@ static int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsig return -EINVAL; keylen--; - ndigits = (keylen >> 1) / sizeof(u64); + digitlen = keylen >> 1; + + ndigits = DIV_ROUND_UP(digitlen, sizeof(u64)); if (ndigits != ctx->curve->g.ndigits) return -EINVAL; - ecc_swap_digits(digits, ctx->pub_key.x, ndigits); - ecc_swap_digits(&digits[ndigits], ctx->pub_key.y, ndigits); + d++; + + ecc_digits_from_bytes(d, digitlen, ctx->pub_key.x, ndigits); + ecc_digits_from_bytes(&d[digitlen], digitlen, ctx->pub_key.y, ndigits); + ret = ecc_is_pubkey_valid_full(ctx->curve, &ctx->pub_key); ctx->pub_key_set = ret == 0; diff --git a/include/crypto/internal/ecc.h b/include/crypto/internal/ecc.h index 4f6c1a68882f..48a04605da7f 100644 --- a/include/crypto/internal/ecc.h +++ b/include/crypto/internal/ecc.h @@ -56,6 +56,31 @@ static inline void ecc_swap_digits(const void *in, u64 *out, unsigned int ndigit out[i] = get_unaligned_be64(&src[ndigits - 1 - i]); } +/** + * ecc_digits_from_bytes() - Create ndigits-sized digits array from byte array + * @in: Input byte array + * @nbytes Size of input byte array + * @out Output digits array + * @ndigits: Number of digits to create from byte array + */ +static inline void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes, + u64 *out, unsigned int ndigits) +{ + unsigned int o = nbytes & 7; + u64 msd = 0; + size_t i; + + if (o == 0) { + ecc_swap_digits(in, out, ndigits); + } else { + /* if key length is not a multiple of 64 bits (NIST P521) */ + for (i = 0; i < o; i++) + msd = (msd << 8) | in[i]; + out[ndigits - 1] = msd; + ecc_swap_digits(&in[o], out, (nbytes - o) >> 3); + } +} + /** * ecc_is_key_valid() - Validate a given ECDH private key * From patchwork Fri Mar 1 02:19:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208604 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813249dyb; Thu, 29 Feb 2024 18:22:30 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWDwTeMR4lkrOdxTx2SiRmUKgHYRyx6fumroAu/gaAol51D5rLuBE0rDJapFaBVHMi8CDzWkjoftgPnCTx4xL3KT87kXw== X-Google-Smtp-Source: AGHT+IEvVhhTunO09iMT7omxMm/t5cON/sEDFJQFWl+fPlx3h475R755ktP7ovuK/AWn25+OuwyH X-Received: by 2002:a05:6e02:2163:b0:365:be3f:8414 with SMTP id s3-20020a056e02216300b00365be3f8414mr496425ilv.4.1709259750523; Thu, 29 Feb 2024 18:22:30 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259750; cv=pass; d=google.com; s=arc-20160816; b=duprOQhkU6e7unKMjPOESWuzp1E7ZApTm7eV4UycoewdppVcMPh9Vz6SgR/2iXlxww CF/JPT9EyzhR17gb1oi+mCLiu4mwKjO6zhe3WaJiojMZWy/wrdWDPG63WUBCXorIdGM7 67Jn3z6QCK31IUXFdy2IAJd5vLMmRirXQoDRCEBOpY6tJHI048bOY91rQy3xy/4W/zAc RIwWcPJM/RBgZfMz1lTEWgQ4cXEKhdhHyXNVMBH6DRLc9eX4CT2IcXrK24LK2yFSVeza /g0Wbcjt315tXUo7AbX75d+IbPh7H+zCxpLxP0vxj+WjNnkvsgyGrDWzoFysJY4alBCJ 6Aiw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=7qL62/qeeizBEmA5iVXsHGLyOkGG+/bWbPU+VDhGC8I=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=KXMlP+S1U5364Fhx8RYo+w8FyvH8IUbKIToAylzOx4nwFHMnsXvQKb2pq0mLAU4YLz PdCMA7IdFA6ho5K3JNvte7ns/Mz2MZ1vz5xPMlsI/gLIuhNGyY0/Kx1v54d2Y2TzfzOT ggABvuD9BAZYCm40dxKYImUXuEa/9rnzhsNY4mFzVQySUobukXNyXKjVYgShuyfTMLjT wAab54pIEWrFb2kn/mjfwe30JCt5suBzLN/lcmtmscA2Az8GbXlQ82GEqEzjz8A2eQhV ZrxXXmCNf06KVPbXHG/hmXYWM3Cfz2dJxmxoG6i4wWj+rh7Hiq7po+Npk45N/7D8YnMA Rj5A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=lfROeEDr; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87822-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87822-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id u32-20020a056a0009a000b006e50cb935e2si2590914pfg.117.2024.02.29.18.22.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:22:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87822-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=lfROeEDr; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87822-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87822-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 6C15A284C98 for ; Fri, 1 Mar 2024 02:21:38 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5FFEE3C470; Fri, 1 Mar 2024 02:20:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="lfROeEDr" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 88AFF3A8C6; Fri, 1 Mar 2024 02:20:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259622; cv=none; b=sR7LM/g272jicsB4V2HhHhyV/rid+vwBl/yhIF79WSR+xmcXlRdfdwhD8UdFRe7E25xjdTXzGOMOoaXnXaYBeey/55+H9gRwpy7Sj3aCbgec/p1K7zRMYw+NEB0ag8v614bUVZeqyhdO0kVlOMiwAYSiJ+bl6kulBUUjo+lCTDc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259622; c=relaxed/simple; bh=F9JCCoeaCU/lTB7xcWQoFQ8Dpn+YW0NgKZAPTBFE/TU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=q01xuteF5yKpudbgHaoH/3T7ngRLpmFyuzAncVibeuuPhqRHJkxWRk6nyYC5DbIAfbHbuGBTaqPzAnX/DuDLr5f+gtOuuTv+lFT0os6i5Qnwjav64UCa+cwPiA99KHJvKk6gGyDlxUC815ZxSDXOq3eiUUSULv8cYzDuikABhBo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=lfROeEDr; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0353722.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4211vUC3023350; Fri, 1 Mar 2024 02:20:14 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=7qL62/qeeizBEmA5iVXsHGLyOkGG+/bWbPU+VDhGC8I=; b=lfROeEDr0w6Kh8Sxlv68FH+2YtkeAjWXEEybKFINJGk+vK7qzVWG2CySP9VztFsWW9qk 5D2wZctslw7mf6ixVx0LZgRzkZy1hoCzBehP6A3/PpmU7wvsOPz9SgEMtTcfsT7IGCVW ZGFgKS6zwMVZLFMCSqP+vrgf7bQdyIIMqfTS0PEwcEvIVTTEWZTKuH2HbUcckHV8Y7qA otDABdMk+T48SO3hpRTcf46ycVwIvLjQOA+C67zpHTzKpDljLGQbomBywuxTsNecGFL8 BkjXTTpp8gyHf5qlU+8i3SoVwfox1uv2T4VjqhVcTZp7/aMEzeGBP6k0WVZmSbJ/FS94 dA== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk5tergfs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:13 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 42108KKF008802; Fri, 1 Mar 2024 02:20:13 GMT Received: from smtprelay05.dal12v.mail.ibm.com ([172.16.1.7]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wftsu1w68-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:13 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay05.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KAUg38797610 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:12 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A8F7F58068; Fri, 1 Mar 2024 02:20:10 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2A1C158056; Fri, 1 Mar 2024 02:20:10 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:10 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 02/12] crypto: ecdsa - Adjust tests on length of key parameters Date: Thu, 29 Feb 2024 21:19:57 -0500 Message-ID: <20240301022007.344948-3-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: sdDmLsLBbv_gBUesRd9wLXb6qvtA1_eC X-Proofpoint-ORIG-GUID: sdDmLsLBbv_gBUesRd9wLXb6qvtA1_eC X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 phishscore=0 mlxlogscore=999 priorityscore=1501 malwarescore=0 suspectscore=0 mlxscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288752531130301 X-GMAIL-MSGID: 1792288752531130301 In preparation for support of NIST P521, adjust the basic tests on the length of the provided key parameters to only ensure that the length of the x plus y coordinates parameter array is not an odd number and that each coordinate fits into an array of 'ndigits' digits. Mathematical tests on the key's parameters are then done in ecc_is_pubkey_valid_full rejecting invalid keys. The change is necessary since NIST P521 keys do not have keys with coordinates that each fully require 'full' digits (= u64), unlike NIST P192/256/384 that all require multiple 'full' digits. Signed-off-by: Stefan Berger --- crypto/ecdsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c index 6653dec17327..64e1e69d53ba 100644 --- a/crypto/ecdsa.c +++ b/crypto/ecdsa.c @@ -230,7 +230,7 @@ static int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsig if (ret < 0) return ret; - if (keylen < 1 || (((keylen - 1) >> 1) % sizeof(u64)) != 0) + if (keylen < 1 || ((keylen - 1) & 1) != 0) return -EINVAL; /* we only accept uncompressed format indicated by '4' */ if (d[0] != 4) From patchwork Fri Mar 1 02:19:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208605 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813292dyb; Thu, 29 Feb 2024 18:22:38 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUg8DoJpCBI0VFf8caRbjkDImLKVwwQfi+lPuP3ic+kNhLmOhvGMXjKtnc9qqFNZQExD9Zp9cJM9pc3HyLwfWnxw1BlxQ== X-Google-Smtp-Source: AGHT+IHPRUNHq9SXGDyQoMysI+Njk20dBNmRFWrtp3Gdqpnckb47c61bU93vsLJMUB3dVPRbk06P X-Received: by 2002:a05:6a00:181e:b0:6e4:5ff9:f037 with SMTP id y30-20020a056a00181e00b006e45ff9f037mr412637pfa.12.1709259758058; Thu, 29 Feb 2024 18:22:38 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259758; cv=pass; d=google.com; s=arc-20160816; b=WMZypZyG95me+Ug+gRGUl8hCnIqnHYRmuI+7QO4IAA0XZGDzPSC7ykABh2nlSljEev BYqA9YOXnY47pKcNhxVxIsHpvAsjgaRmA4soz/XecoDBBzLGXurIn20qYcZTDxQGHw98 vCR8gnEhLuU+WHuKLXlDDn2ahDDx1ePyrArLCrFs/pX6wAGK57rkOIpf/6tvmLwqve/r HiRaUvcfig+ZBILQLVVRUHiKLnPIsy2AMsLf5qMYYM2IeKbw3Xn2wz8vqp/3+YY3jySk ZMb7ukKX5W0bm6xSQbzDuHfyjuoxznHl/uA9AOzX/v5UUGOQTkU545pexDlbiJaLRSMs vCDQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=2auxadmknAnWxSi7+6MCIOJLf41r1833HhtrUKpLSYg=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=KnuAzEtm1T+s8R5E9Me6HPkGhC2hgvTrOOfG6ah5ZOmNKM8lTW4lOMEb3H7Ne6GGur RQ1gOX5+M0aRa92Uj16G2dckBBuPxqKQJK4GfETGmbfLqmEQfLrSnZl8JVgG1AOYNq4r T4mxUV10cuXn7wHJVWbHVybvS1KNdlxU7wmWs1cn/m9pbSEaRJwGZcx84DNvgxp9b19r 8Hk+va+qm0/4dU99Lc212NfyPqis7Vf/46eKuD/Ao7YUEhpZaHMwwmTHTxLrumUSKcJN tg1B5qImBKDKLJkdYumRw/b+d27baHPm9PbpsQVUs6B03EJNeTJ+w0cQhoAgA94HHejj TXkQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b="DiD9OQ/m"; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87825-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87825-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id ea25-20020a056a004c1900b006e55562e251si2454163pfb.405.2024.02.29.18.22.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:22:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87825-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b="DiD9OQ/m"; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87825-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87825-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 8A97F286695 for ; Fri, 1 Mar 2024 02:21:50 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E44623C684; Fri, 1 Mar 2024 02:20:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="DiD9OQ/m" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 937013A8CE; Fri, 1 Mar 2024 02:20:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259622; cv=none; b=sf8Abmoffxr32evvY9BMuDJLfIm7bZxHeZNQRKX7aIXvs3KtLcmKVJF4gWBLE84moQNFv6YiowC7Y/xGxHJ6+1VJmH6J01+kKOD7xuUyQtOXT5B+bCv2oQQBfqPLAoylm2LJdlwkwPNA6JExaglnwN4VxY3Tkp65UTvzVueZb5o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259622; c=relaxed/simple; bh=Mw4S8Mathx6d1wOd81xYFMN9D7V8nkcT9m4+08HY+q8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=gFqIbZUugsq2oeLUH0A5J/3PbUrrrT2qbLza5QmWzx3UsDCsoouyzIVDHj7bcIflrNdbZYz1Lwmiscu7hsnh6zYVVCM+2msfBgP4aiHaQSuTsRI+hGbqg5wxBgK92ynrKJVmlXDX/uNn2GLeWLEM3LasPHXgoJdn+mZhARMK9Ms= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=DiD9OQ/m; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0353728.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 42122BLV030375; Fri, 1 Mar 2024 02:20:15 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=2auxadmknAnWxSi7+6MCIOJLf41r1833HhtrUKpLSYg=; b=DiD9OQ/meWrjr/r6QorkOFgqidFBRC49Jz5G2OaVDzSQAwGeJbd4OzmimBTudAnqvBHb y7tMmF606oqeR73es6g/8SwiHfZPr8VhHQLRh3gViG1+h/rpbVJSdUp5pCUQSY/0APn4 PV28NHu3Yyd088PEs3xxj7NXp0CE34Z4S8Ee4ed6l2DSDml6VrUJSPmNAAWe7HXvwqlJ zJ0rSiwO7LGje4wzTGRB6dPKCv85pemuxUjXemMsFwYihUEvn9+EcV9Se4ETx/RlNH74 zTp3xxaI14lbDtAkloP3QibjZ3vCNRhV1Ea00pSMaJz/StjVg9/blPhTDhTOwqr6EvvT kQ== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk5vhgfnd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:14 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 41TNwnoC008827; Fri, 1 Mar 2024 02:20:13 GMT Received: from smtprelay06.dal12v.mail.ibm.com ([172.16.1.8]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wftsu1w6c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:13 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay06.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KBgt5112814 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:13 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 430CB58069; Fri, 1 Mar 2024 02:20:11 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C08B058056; Fri, 1 Mar 2024 02:20:10 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:10 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 03/12] crypto: ecdsa - Extend res.x mod n calculation for NIST P521 Date: Thu, 29 Feb 2024 21:19:58 -0500 Message-ID: <20240301022007.344948-4-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: NUdTvlOJMN49_EN6KRXZkRgINv-vZmyq X-Proofpoint-ORIG-GUID: NUdTvlOJMN49_EN6KRXZkRgINv-vZmyq X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 mlxlogscore=999 clxscore=1015 priorityscore=1501 spamscore=0 lowpriorityscore=0 malwarescore=0 suspectscore=0 phishscore=0 adultscore=0 impostorscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288759958280979 X-GMAIL-MSGID: 1792288759958280979 res.x has been calculated by ecc_point_mult_shamir, which uses 'mod curve_prime'. The curve_prime 'p' is typically larger than the curve_order 'n' and therefore it is possible that p > res.x >= n. If res.x >= n then res.x mod n can be calculated by iteratively sub- tracting n from res.x until n > res.x. For NIST P192/256/384 this can be done in a single subtraction. This can also be done in a single subtraction for NIST P521. The mathematical reason why a single subtraction is sufficient is due to the values of 'p' and 'n' of the NIST curves where the following holds true: note: max(res.x) = p - 1 max(res.x) - n < n p - 1 - n < n p - 1 < 2n => true for the NIST curves Signed-off-by: Stefan Berger --- crypto/ecdsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c index 64e1e69d53ba..1814f009f971 100644 --- a/crypto/ecdsa.c +++ b/crypto/ecdsa.c @@ -122,7 +122,7 @@ static int _ecdsa_verify(struct ecc_ctx *ctx, const u64 *hash, const u64 *r, con /* res.x = res.x mod n (if res.x > order) */ if (unlikely(vli_cmp(res.x, curve->n, ndigits) == 1)) - /* faster alternative for NIST p384, p256 & p192 */ + /* faster alternative for NIST p521, p384, p256 & p192 */ vli_sub(res.x, res.x, curve->n, ndigits); if (!vli_cmp(res.x, r, ndigits)) From patchwork Fri Mar 1 02:19:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208606 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813322dyb; Thu, 29 Feb 2024 18:22:42 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWU6ix4w2tM18X1Tb5mCgrTMVpG8Bfz7zK12DLPLoUsxEZNobuJ0L4Z8/80ZSHeqyvldZICCePlLu4Ve8U3/+VILQR+zA== X-Google-Smtp-Source: AGHT+IFjXCMgMMAOgeBRjAr2g/+Ln8mmpBVftbokvfNaxIRMcCWyy452FfT0mbFNhyv/JCFq6RXw X-Received: by 2002:a05:6e02:1b08:b0:365:1dbc:a4f0 with SMTP id i8-20020a056e021b0800b003651dbca4f0mr462336ilv.31.1709259762312; Thu, 29 Feb 2024 18:22:42 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259762; cv=pass; d=google.com; s=arc-20160816; b=aIWGUZPJ1/yeiGjYe0zJTfpFOpu0fRSs+y6mnRNSnKE5hjxNhBbU9DD4l+D1JzKmt4 JsPbteFtRBwwlOc8RxtD+EWZ88Au+QyMSafbLzqmzZf7cLbAzbEd7tDWDoxq1TDC4kBm +7v0CpABe6g8e0RaP9h2PBOHtCtrZmlEnB4g+WLt+gFrBK4q2O7hCyhBxYSpuX1eZeXV q8XYp7AaCHvLrm46FPxQY6CCytRiAajeqFR8k3pVZ4xOIwl/f20zJGnSYq793kRlqwi/ YeQLz/JmdCemcmDYgvGrmB5nYXDKlOV1QjxGN70hhsj8XrS42N/jKqy6fPjHeRTmRMhz 2fxg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=uQgCV7ljChfbk9Pg8e9OEwAz+CERRXkVwHVF9QYdDtk=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=aRL2Qq1RHqTrsButsOK+l/soSuMmv0AH9gxvYDxcE5+p0mDj/0WaChytGMKF7Ywc+V yVduJAkKqDdHMCGewTPvuAK0XWfeeVT8Ag/x7re8EP8kEORvtd4P48m9P4ows944IhI0 LlDHdv0ytltdbRjF4ZgIr6BuktuPLnPIXPzf0ST/93WAE6sDSkJ6Dg5ZPnEMLPjrnh7H seJuXtFq0mLhPuU2fhD99a8cRyAz7y8SbB5HH2fZsiRURf46SPzaVxBIj+XVH4licXjc XiG1FBdZ02yljQh0233DYh7sEPfgnk7JL4XOooqGmyQRLjjc7KCid3BVCDIAiIUpj9j3 S0yw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=e5KcZ4U0; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87824-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87824-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id c6-20020a631c46000000b005d645323583si2560890pgm.755.2024.02.29.18.22.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:22:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87824-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=e5KcZ4U0; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87824-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87824-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 00C48B21470 for ; Fri, 1 Mar 2024 02:21:53 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0A3553C68A; Fri, 1 Mar 2024 02:20:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="e5KcZ4U0" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 042F03A8CF; Fri, 1 Mar 2024 02:20:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259622; cv=none; b=gsHYAHht6o2+IGMMYMO5oq7b/+enn1QY4URpMRqIsloPrp2ZoudrToruJjkzM3py3rJdz4wi3kUC+aSk8q7Nnlm9lVpH91s9yrgkP/lu4MGzNh+aFtwaaTdeQrENoIiV2rXptp4VkCBIgGefTj4OnNxfOLq/8R37X4EWMbKl+F4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259622; c=relaxed/simple; bh=izU+mhVuxmGZLH4923QH4fb8IcKtylcqzLPk1Cqo7hU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=U0IcJzIQ+mtv1y+iKX4Mf46bWb4LifkBn31ZTquwKBmAJTj33GHGdL8Cb8Yq2n7W3fIiSjvtwBD/iorNqFulgokYxt42MLwIQxzcQs6HsW0KB7+P560DPci20nhGvleiO8JalZSaSgJa2s6KLcavWacy0irLMCtaBVnOmkMyMOU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=e5KcZ4U0; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0356517.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4211HFDg007080; Fri, 1 Mar 2024 02:20:15 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=uQgCV7ljChfbk9Pg8e9OEwAz+CERRXkVwHVF9QYdDtk=; b=e5KcZ4U0BIwkpTDujm6gBTt98KUNXzJpnr1hH11vUiBZnvIlHfL1Dc01eX2xh7xnhVc/ Q6o2Ar/SrgDjGU6L8XYEl/iwCTAVhrHL94FCnRHL8JaniEgHqK325uA0PKtQKNmWX9IZ YRacMNn8Gq/2JYb4DOwt0eSW1pTk6E6oww/dJ2EFKZhPfdVDAzU2PqquVmhyVjsNdnf5 Y4dsJ1TQeYdgg47RyujGtWoh2wm6VyXRqWPzUrcvKYRCRaLkLrv2sgxQkod9cvWJiwpA BB/dyUBbNVOqBnHrtZdrEtT77yfa7wS69v/eopfbsDw4fFqZKNGzU14gKSMImRyFY5pw Bw== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk57h1dh7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:15 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 41TNwnoD008827; Fri, 1 Mar 2024 02:20:14 GMT Received: from smtprelay06.dal12v.mail.ibm.com ([172.16.1.8]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wftsu1w6e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:14 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay06.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KBYQ5047238 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:13 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D079B58065; Fri, 1 Mar 2024 02:20:11 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5A5D15806D; Fri, 1 Mar 2024 02:20:11 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:11 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 04/12] crypto: ecc - Implement vli_mmod_fast_521 for NIST p521 Date: Thu, 29 Feb 2024 21:19:59 -0500 Message-ID: <20240301022007.344948-5-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: tq80GS16aRkKr-ycQLzZbf_-Qnu-JSak X-Proofpoint-ORIG-GUID: tq80GS16aRkKr-ycQLzZbf_-Qnu-JSak X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 lowpriorityscore=0 mlxscore=0 adultscore=0 spamscore=0 phishscore=0 priorityscore=1501 impostorscore=0 mlxlogscore=828 clxscore=1015 bulkscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288764702380119 X-GMAIL-MSGID: 1792288764702380119 Implement vli_mmod_fast_521 following the description for how to calculate the modulus for NIST P521 in the NIST publication "Recommendations for Discrete Logarithm-Based Cryptography: Elliptic Curve Domain Parameters" section G.1.4. NIST p521 requires 9 64bit digits, so increase the ECC_MAX_DIGITS so that arrays fit the larger numbers. Signed-off-by: Stefan Berger --- crypto/ecc.c | 31 +++++++++++++++++++++++++++++++ include/crypto/internal/ecc.h | 2 +- 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index f53fb4d6af99..ea7b28b5e00e 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -902,6 +902,31 @@ static void vli_mmod_fast_384(u64 *result, const u64 *product, #undef AND64H #undef AND64L +/* Computes result = product % curve_prime + * from "Recommendations for Discrete Logarithm-Based Cryptography: + * Elliptic Curve Domain Parameters" G.1.4 + */ +static void vli_mmod_fast_521(u64 *result, const u64 *product, + const u64 *curve_prime, u64 *tmp) +{ + const unsigned int ndigits = 9; + size_t i; + + for (i = 0; i < ndigits; i++) + tmp[i] = product[i]; + tmp[8] &= 0x1ff; + + vli_set(result, tmp, ndigits); + + + for (i = 0; i < ndigits; i++) + tmp[i] = (product[8 + i] >> 9) | (product[9 + i] << 55); + tmp[8] &= 0x1ff; + + vli_mod_add(result, result, tmp, curve_prime, ndigits); +} + + /* Computes result = product % curve_prime for different curve_primes. * * Note that curve_primes are distinguished just by heuristic check and @@ -941,6 +966,12 @@ static bool vli_mmod_fast(u64 *result, u64 *product, case 6: vli_mmod_fast_384(result, product, curve_prime, tmp); break; + case 9: + if (!strcmp(curve->name, "nist_521")) { + vli_mmod_fast_521(result, product, curve_prime, tmp); + break; + } + fallthrough; default: pr_err_ratelimited("ecc: unsupported digits size!\n"); return false; diff --git a/include/crypto/internal/ecc.h b/include/crypto/internal/ecc.h index 48a04605da7f..b63238b12204 100644 --- a/include/crypto/internal/ecc.h +++ b/include/crypto/internal/ecc.h @@ -33,7 +33,7 @@ #define ECC_CURVE_NIST_P192_DIGITS 3 #define ECC_CURVE_NIST_P256_DIGITS 4 #define ECC_CURVE_NIST_P384_DIGITS 6 -#define ECC_MAX_DIGITS (512 / 64) /* due to ecrdsa */ +#define ECC_MAX_DIGITS (576 / 64) /* due to NIST P521 */ #define ECC_DIGITS_TO_BYTES_SHIFT 3 From patchwork Fri Mar 1 02:20:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208610 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813581dyb; Thu, 29 Feb 2024 18:23:20 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXVSuuOk6rhYJpaRmkgqeAOq3DvtIHg2+UCPxI6+o8RlMAvtR2xmYJKuYbxhmRn+NeuVHSjgexuFipS7gd2pOapzeLlPw== X-Google-Smtp-Source: AGHT+IEgQZcgp9eWLJPBBSFvfZ5jAZ10Bu/XnbsluB+i7D09o0V5xhbssK7m+AUnLIkovSj4puXa X-Received: by 2002:a0c:fba3:0:b0:690:690:ce84 with SMTP id m3-20020a0cfba3000000b006900690ce84mr369426qvp.6.1709259800583; Thu, 29 Feb 2024 18:23:20 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259800; cv=pass; d=google.com; s=arc-20160816; b=RgDfJopjpvB+kBYHRacQsRe4245OQPvUnEUD4bxzmAU9BWJLWIAmNePsuey3/BQbBA K1qqb+q4SXatfKoggSycwIEqFG0/JjSwDZZFvBglWZT+ptRq7XHjRhyJBFpEC4mi5lgd fIXGNli5Z7xNHY+xiXIPtvNMM9wwC0SidlrHtAq5sdRnSkztbecyzpRqOD7y4sl+iCUl IF8MN/QnCH+DjdeD3OcKm05XCoUyhcCbsFVR2Sxe56QHK5TYde4LsEqbvydoOo+B48FS kp4HcOAx3cJoRctNOyg2BABU1lYLnooWwE9ciN1B/77WRxr/4s7PnZbopKQybOydjNbJ 6SOA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=6GJQ+POFkVJMen9g30DeKpSnoS+4aRChTobEoFY4Y9Y=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=pH7Tjqo5+mJCMi4ANOsFFg4RUgls99DZbnvA4g3DhkV3TEMTaJX3olE3FErSiRsIhO f8yTWM4ytNgcvGJP2PwPdrK9Uk6n/tpH1MCH5MPQBGkJNz2xoGX6Ql5VoUDXLCwSTUMN crkWiBuOZK9y6RPm8AiU1YYSoJrW0kcOgyR8CedPFNyLE+RFyVWvNwV3pV6ponMzjJH9 Ttesd3H9XBblF9bRFHP8SODjxuOHeD2QTK65y4AcdWddmibb03KFSGNExW+RcBKyZiYc hNFggBdKXZUQqAKg3oifQL2s/8PyCUeM143lMd+m+aKT4fk5qPsbt7UA4xY8eGXV/5Uo 719A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=o14O78aB; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87828-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87828-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id q6-20020a05621419e600b0068fcfc7c8a2si2635063qvc.382.2024.02.29.18.23.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:23:20 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87828-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=o14O78aB; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87828-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87828-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 4EFC51C228AF for ; Fri, 1 Mar 2024 02:23:20 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7068E3EA71; Fri, 1 Mar 2024 02:20:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="o14O78aB" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B98C13A8D0; Fri, 1 Mar 2024 02:20:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259623; cv=none; b=PYacv4adNJ2mHyJ0oMdxF2eLu7EE/HxhaJjYtHD6xHTirj4wgQG8Iigv570DWFawtaHwBgEeDDL9VHfufTzV+Xdm3zmIiTm1PY25ZNnRKmD+awDbaJWI73hJzjN9TeDH7qixlzOl4M4xeWlPkTPIZfge3Q1lO9btm5DQFBWmCVc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259623; c=relaxed/simple; bh=gdZL027JjgWBp4yAX1JueovH7hZQ/1sj/DZJp44K3S4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=URe3UcSx8aWJw0tnVEuVcNicd2Nr7WomCFi+m7+DLbaStDHPqouyWZR5xr9L0KdZSMwlbAcGSAh7PQnL7cYL1XWSZNSvNZ+00Q82BfsUkfDYx8fZIlbaa9wVoaqoC0kcRK3Kjj+wafllPtkGOod77OQ8nCN4ANfHsBIGJNkSICo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=o14O78aB; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4212HpRh028427; Fri, 1 Mar 2024 02:20:15 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=6GJQ+POFkVJMen9g30DeKpSnoS+4aRChTobEoFY4Y9Y=; b=o14O78aBpPcDd27QXExR04lp3LSIEZ5iKDhGEBOMJL3b8oU2RsKQMCYgwpe9cnChRBlm veb1ipzOMqMfjLdQeQ7J0ttuiGV8ke1YJ90UoC5JIWyE1sy0jIVSKkgiDCai7BW9AQkT uE79rD5xZcmAw3Lo0EgyDAIHt8TeUF0kI94lsUzlOTii3lY5f2ALEH+5HnnWQTxfihvI 7dihUvHkZiRzK/rFzJWodKyTR7m3o4Qp0RFPCit6MKvk0+5k8xTbBclWsAl+Zdl6DxJ6 WcgZIPEv2GOEQVmRUUFKnmfKzoGV6qmadlZlUELrjsC0ydHSTBl34L9B5qUxSxWAY+vG 9A== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk63t81j4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:15 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 41TNMBgw024122; Fri, 1 Mar 2024 02:20:14 GMT Received: from smtprelay07.dal12v.mail.ibm.com ([172.16.1.9]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wfw0ks93e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:14 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay07.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KCTc50856668 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:14 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 691705805D; Fri, 1 Mar 2024 02:20:12 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E78DB5806A; Fri, 1 Mar 2024 02:20:11 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:11 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 05/12] crypto: ecc - Add nbits field to ecc_curve structure Date: Thu, 29 Feb 2024 21:20:00 -0500 Message-ID: <20240301022007.344948-6-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: lbfE8AGIA8HsfRveQwKVX843oZn5nxiE X-Proofpoint-ORIG-GUID: lbfE8AGIA8HsfRveQwKVX843oZn5nxiE X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 suspectscore=0 adultscore=0 lowpriorityscore=0 mlxscore=0 spamscore=0 clxscore=1015 impostorscore=0 priorityscore=1501 bulkscore=0 mlxlogscore=999 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288804312966816 X-GMAIL-MSGID: 1792288804312966816 Add the number of bits a curve has to the ecc_curve definition and set it on all cruve definitions. Signed-off-by: Stefan Berger --- crypto/ecc_curve_defs.h | 4 ++++ crypto/ecrdsa_defs.h | 5 +++++ include/crypto/ecc_curve.h | 3 +++ 3 files changed, 12 insertions(+) diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h index 9719934c9428..ab1ef3d94be5 100644 --- a/crypto/ecc_curve_defs.h +++ b/crypto/ecc_curve_defs.h @@ -17,6 +17,7 @@ static u64 nist_p192_b[] = { 0xFEB8DEECC146B9B1ull, 0x0FA7E9AB72243049ull, 0x64210519E59C80E7ull }; static struct ecc_curve nist_p192 = { .name = "nist_192", + .nbits = 192, .g = { .x = nist_p192_g_x, .y = nist_p192_g_y, @@ -43,6 +44,7 @@ static u64 nist_p256_b[] = { 0x3BCE3C3E27D2604Bull, 0x651D06B0CC53B0F6ull, 0xB3EBBD55769886BCull, 0x5AC635D8AA3A93E7ull }; static struct ecc_curve nist_p256 = { .name = "nist_256", + .nbits = 256, .g = { .x = nist_p256_g_x, .y = nist_p256_g_y, @@ -75,6 +77,7 @@ static u64 nist_p384_b[] = { 0x2a85c8edd3ec2aefull, 0xc656398d8a2ed19dull, 0x988e056be3f82d19ull, 0xb3312fa7e23ee7e4ull }; static struct ecc_curve nist_p384 = { .name = "nist_384", + .nbits = 384, .g = { .x = nist_p384_g_x, .y = nist_p384_g_y, @@ -95,6 +98,7 @@ static u64 curve25519_a[] = { 0x000000000001DB41, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000 }; static const struct ecc_curve ecc_25519 = { .name = "curve25519", + .nbits = 255, .g = { .x = curve25519_g_x, .ndigits = 4, diff --git a/crypto/ecrdsa_defs.h b/crypto/ecrdsa_defs.h index 0056335b9d03..1c2c2449e331 100644 --- a/crypto/ecrdsa_defs.h +++ b/crypto/ecrdsa_defs.h @@ -47,6 +47,7 @@ static u64 cp256a_b[] = { static struct ecc_curve gost_cp256a = { .name = "cp256a", + .nbits = 256, .g = { .x = cp256a_g_x, .y = cp256a_g_y, @@ -80,6 +81,7 @@ static u64 cp256b_b[] = { static struct ecc_curve gost_cp256b = { .name = "cp256b", + .nbits = 256, .g = { .x = cp256b_g_x, .y = cp256b_g_y, @@ -117,6 +119,7 @@ static u64 cp256c_b[] = { static struct ecc_curve gost_cp256c = { .name = "cp256c", + .nbits = 256, .g = { .x = cp256c_g_x, .y = cp256c_g_y, @@ -166,6 +169,7 @@ static u64 tc512a_b[] = { static struct ecc_curve gost_tc512a = { .name = "tc512a", + .nbits = 512, .g = { .x = tc512a_g_x, .y = tc512a_g_y, @@ -211,6 +215,7 @@ static u64 tc512b_b[] = { static struct ecc_curve gost_tc512b = { .name = "tc512b", + .nbits = 512, .g = { .x = tc512b_g_x, .y = tc512b_g_y, diff --git a/include/crypto/ecc_curve.h b/include/crypto/ecc_curve.h index 70964781eb68..337a44956926 100644 --- a/include/crypto/ecc_curve.h +++ b/include/crypto/ecc_curve.h @@ -23,6 +23,8 @@ struct ecc_point { * struct ecc_curve - definition of elliptic curve * * @name: Short name of the curve. + * @nbits: Curves that do not use all bits in their ndigits must specify + * their number of bits here, otherwise can leave at 0. * @g: Generator point of the curve. * @p: Prime number, if Barrett's reduction is used for this curve * pre-calculated value 'mu' is appended to the @p after ndigits. @@ -34,6 +36,7 @@ struct ecc_point { */ struct ecc_curve { char *name; + unsigned int nbits; struct ecc_point g; u64 *p; u64 *n; From patchwork Fri Mar 1 02:20:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208608 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813566dyb; Thu, 29 Feb 2024 18:23:19 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWiSgFB/KzwTDPvJHlPJ8O51+rMG4atEef9d8UcMBQHxXVNMuuEfvyN/6mGnKXZq+pyCnV/V1JlwRdqw0GUZNU771Dbkg== X-Google-Smtp-Source: AGHT+IFOJ7UXbnLWQkjSM9QisiMe41ze+37VkM4wN4vQ4PAofxV0Qf6NzxOXuCJkPqMQvUzIqQk1 X-Received: by 2002:a05:6102:2221:b0:472:7a57:af9d with SMTP id d1-20020a056102222100b004727a57af9dmr169925vsb.33.1709259799396; Thu, 29 Feb 2024 18:23:19 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259799; cv=pass; d=google.com; s=arc-20160816; b=N7lSZj7C6T7XKiqZpp1cu7Nv/j8veiH4QhVbY6jq5XPQKmnGOGLv2MpNiFvx5GeC/B WuUct+04apqH0J2dr8HtwBN4SEl1NsI0PCrT7YFj1e37u7QcySYfrm7gKihxS1aq1QgI vMTFsje74BvpNQq3VahlYeU8I/MjFta7FcBR/QlFrhGF2KXJr8nQ6bswBYTwzYTpB//B WE6EAIT5+LTILPq9lKFJifP3UWAyX4UkmteywkJUxu8cbXyN4/fan6fGRH6lc6aikf2/ rzxUXn/cIp5ults34BNqfSu6164GnyS+5+6qftqt/GHKxuZvBIrK6XjyxPFUg1XYx6HD g/6w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=FAenkrcsPmE6X4u4W2oCGdrzL3Aa2x866KY3vIYRULU=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=Dljx9BFwCGAdT37v0OHw09JhK5zWmrcB1M/m1WCnpLFSxNyci8eXNIilb3LS2s44J5 l97q5QZTi/KRiLobEpXXKWDabOIRGB8NwddowUrhpvn/cce3AUDnx5Wi3WNmKUsQxQYT SkEeGHd8HN9oDMtOMLh9CqP0O9iFPLKZHyH+nhCbmH62GXLIJ3MCkrXrvuB3rZevAauo /nq+UsEkaTII54tICoOnkPwx+FSi8LyDyISUuMdnpKae39xYZ7VnBGnAV2WyffugsZa1 QQ81HOniAdNNxiemZfkiLXR05rtOvBCJ64+GW0IdiRO2HDfv8pafZSvSYRj6R+zykBkj UMoA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=cMFML+bG; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87831-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87831-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id p12-20020a05622a00cc00b0042eb2c53a25si2868894qtw.473.2024.02.29.18.23.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:23:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87831-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=cMFML+bG; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87831-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87831-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 32B8C1C2291E for ; Fri, 1 Mar 2024 02:23:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 704F93EA6F; Fri, 1 Mar 2024 02:20:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="cMFML+bG" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0CDC33AC0C; Fri, 1 Mar 2024 02:20:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259624; cv=none; b=Y5agyxDQAqySxX3gE0IsT8Qlr4tSYD+HWlJWaoPEWJV8Akyf6IXPBMz3hgwaeiPD8JM2ctH0TRUKPjLb7mhaKDA8wSYT1z1ypOWpRvB9vqqAGG9SkHIqlZK3b/NyWSzS+crVGmeJvcDoMupsWr6/lvKxasBEBO+J3cwjQKGrynk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259624; c=relaxed/simple; bh=r/XPlIwOx+uOF1egmurRBV0dtm13BRmrDJsmtuvs3j0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SGX+00w5nP4k1gvnBeHPCq44+fYWMLH9Fxf+MhPsXctZ88Q909QA4a774NLBuWSmo95BrjL4bm/1jjy86/pxIoyiH2105ty/9of8GYhrg09sqhltGpMtC408HTCGSwe01zJmxQkf61MH4zSoSc6LCcFSi8hqBeJbZpdS9/+S3OU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=cMFML+bG; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0353725.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4211l8Ut001455; Fri, 1 Mar 2024 02:20:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=FAenkrcsPmE6X4u4W2oCGdrzL3Aa2x866KY3vIYRULU=; b=cMFML+bG6tTY4yVJZIHl2HMUx7VFJXkzcy49A4L41/n56AVhPBizGkrlJ/ylMXhzgIyS UJ4E2KrZ01uxMOlHACalpyHsNY1AyDMxYurEkOj8HvQkhP60twD9h502VVFNw28Wb6VL 4zaj1cNh+ozl5dvcCG5jFtHdm4jSsPj2AlXOrnwrR8Ha8n32utKGBeBXEc2ZckgjVVvO Y7KebGNrv/7gMxAgvafVwt2vsW5qTlxXVaVn4YP9ZanuYmmhzQx6Vc4hTnNAfWIYknWL lUproCk0XLp92//aiknW0oSAT5IaZkYXtLmEyJfVcTjAUzCBrNVhFhScQdrj/1/QUHDF 0Q== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk5nhrxyr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:16 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 42100Aq2012319; Fri, 1 Mar 2024 02:20:16 GMT Received: from smtprelay01.wdc07v.mail.ibm.com ([172.16.1.68]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wfwg2s511-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:16 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay01.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KDvZ57213402 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:15 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0CD4E58052; Fri, 1 Mar 2024 02:20:13 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8185D5806B; Fri, 1 Mar 2024 02:20:12 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:12 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 06/12] crypto: ecc - Add special case for NIST P521 in ecc_point_mult Date: Thu, 29 Feb 2024 21:20:01 -0500 Message-ID: <20240301022007.344948-7-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: FQkX0L5JlD8jhpm5-JRuhCmQDYrudCE7 X-Proofpoint-GUID: FQkX0L5JlD8jhpm5-JRuhCmQDYrudCE7 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 bulkscore=0 mlxlogscore=999 priorityscore=1501 suspectscore=0 mlxscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 adultscore=0 phishscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288803462223482 X-GMAIL-MSGID: 1792288803462223482 In ecc_point_mult use the number of bits of the NIST P521 curve + 2. The change is required specifically for NIST P521 to pass mathematical tests on the public key. Signed-off-by: Stefan Berger --- crypto/ecc.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index ea7b28b5e00e..3430c2c4e62c 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -1326,7 +1326,10 @@ static void ecc_point_mult(struct ecc_point *result, carry = vli_add(sk[0], scalar, curve->n, ndigits); vli_add(sk[1], sk[0], curve->n, ndigits); scalar = sk[!carry]; - num_bits = sizeof(u64) * ndigits * 8 + 1; + if (ndigits == 9 && !strcmp(curve->name, "nist_521")) + num_bits = curve->nbits + 2; + else + num_bits = sizeof(u64) * ndigits * 8 + 1; vli_set(rx[1], point->x, ndigits); vli_set(ry[1], point->y, ndigits); From patchwork Fri Mar 1 02:20:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208609 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813570dyb; Thu, 29 Feb 2024 18:23:20 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXxWd10oO2LFjuAfqlumlym9wzv1GmtJoyu1m6WWSX7sYAVvZtwhvDizCQGlmovY940wc7S0khs+tDbYKQ4lITQ9anzHQ== X-Google-Smtp-Source: AGHT+IFXWnKU1mOxKcwR/9R0beviBWfun9042UAUu72hMHXzbXeoJsD1BIsWgP0/BMKzUvpKIVEu X-Received: by 2002:a17:906:a404:b0:a3f:cd6b:80fd with SMTP id l4-20020a170906a40400b00a3fcd6b80fdmr222271ejz.7.1709259799848; Thu, 29 Feb 2024 18:23:19 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259799; cv=pass; d=google.com; s=arc-20160816; b=xmHEqXB/JwcJvDV3g2dUPnsiZaXT0Tz/DoRyYmSxjeRY2vcLqigjr4cfjQ9OZO4rsI xKOnID8Ip7aB1v68rm/6OhleVDyi+ev2Ga3d+JdICZ+enqM17pNhSh4rWF09IFrdf3rq cxA6pICklgnitwOpI9MWA3cHXE0kLscpRKRBP8iCTo4i0vjADItCt7i98ZUP7zycSc8K uOsjJ9L1HJSM4ibfOyHRONcjTxaXZ+WkAN2NTqPt9PXiE2ArnnYkj8x++COXnpSVeeik 6WDi+CgxaacxgMDg2GgMmbRo2MTC1p79L8269rTsRQJ+Ydc15E8mpS7pFR9Si+46yect EuDw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=64WmecV+Z857362RbX4VoRA7cZh0N57xDAC/ZIOFOHs=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=fIhK23SRePfNGkXPImlMfZXZC3ZJGGhE1TtEFVUSeWZXNhJkIE2tlY5PfK1txHa+3L eTvTdM2ShX+u2jvBgh1Ok6yGiSSA2wFlUjEcr8hjiYDQ2NINgcxadbxSGxSmss/i52A8 aqHSpMDB5Umg3lZa7oo4pwIRCkfpbVJ/4B4FqBXI2Mtan3/TCBZmBoS9GBGO33RzuR8+ Von2YPCFk2shOk8dYbvgj9jUjsOXKHEhyKeZ5/yG6HhZj0EN9ZSFcTH2jLWMt7GEDglR XHfp2qlE5QwQ+j5VrR69IZLkJPfWPEyKISucG20xzvwNEj1jjb4jcWLjTr+jex+v+XsH 2k+w==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=Ei1CrMm+; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87827-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87827-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id cw17-20020a170906c79100b00a3e8be9c95fsi1030708ejb.642.2024.02.29.18.23.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:23:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87827-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=Ei1CrMm+; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87827-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87827-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 466871F21E64 for ; Fri, 1 Mar 2024 02:23:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6E4FA3EA62; Fri, 1 Mar 2024 02:20:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Ei1CrMm+" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7EFD93A29F; Fri, 1 Mar 2024 02:20:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259623; cv=none; b=cvOZ8slVoQkkUxJd6RXcfT/pJ4x+pE8O14weamAvGtkhqt1FlBc6C1U59CIQR13hGLzaU42WFnkDsXLEJadTxPPvwMOLgYU7pm4RqJklRqQLcMigA4i4cgMBZHIZVSkGyhgg/y27NeYPn3tWCKgD9D0jClvWWOmFJtcVlNMPQng= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259623; c=relaxed/simple; bh=hvhzkHxfMVki4E1c5eSjUjQejJ8I6yJtabbCTTREQ+0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SzMpN6P/aF2Eu3hEmlEypNIvjMcfpWLJwWa3uEPmlQjyZSBfU4rqLj8BJ1/79kBEBTx0q7V5n4JhRB145BgDX42JVmKAkKBMus0Agrp4mFpgyec5867rgZW+biR0SbqOVGRetj8jhXXVvZ+SWYTrI3PvZmMah8K+Ui6sGqZQ/hs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=Ei1CrMm+; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4212HYLD024705; Fri, 1 Mar 2024 02:20:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=64WmecV+Z857362RbX4VoRA7cZh0N57xDAC/ZIOFOHs=; b=Ei1CrMm+g3XPKBWZfKJCf48cxjjNNqYBb1thN0iQfCqNvqZvUzdzxpRQ2Zsj/RICt1NR a/ejY/9LosKarmh4wjMht8bbKcsQqebJ/1zwhy6jAubm94gkza2PBI3iP0AkX1TKzba+ JIClz9HEqVZkrV1W2PmUn/9xx5jq546TDgX74Za0U1Z/EluEz/xrzK0X/8pnkOPrL5vZ 7rQbI9daepsP8q+FwrURuMW2tCp3EJv47XDy2jVNSe4wbHTGkE0npINj4RH1vOoI4nbT 5OLqEllyDtS5bRg4D/4PRDhAX/G0xuB0p9Hvpsvs/cZzcDvQbse+Fqzc4sCnZgtX01Yp MQ== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk63qg1x9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:17 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 4210Gh60021759; Fri, 1 Mar 2024 02:20:16 GMT Received: from smtprelay01.wdc07v.mail.ibm.com ([172.16.1.68]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3wfu60hrdk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:16 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay01.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KDor52232590 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:16 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9A27058056; Fri, 1 Mar 2024 02:20:13 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2458658068; Fri, 1 Mar 2024 02:20:13 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:13 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 07/12] crypto: ecc - Add NIST P521 curve parameters Date: Thu, 29 Feb 2024 21:20:02 -0500 Message-ID: <20240301022007.344948-8-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: C2AVMWz4v9vS_UsL1RPLIf9FnTFqP2_w X-Proofpoint-GUID: C2AVMWz4v9vS_UsL1RPLIf9FnTFqP2_w X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 priorityscore=1501 adultscore=0 impostorscore=0 bulkscore=0 phishscore=0 mlxscore=0 malwarescore=0 clxscore=1015 spamscore=0 suspectscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288803906856918 X-GMAIL-MSGID: 1792288803906856918 Add the parameters for the NIST P521 curve and define a new curve ID for it. Make the curve available in ecc_get_curve. Signed-off-by: Stefan Berger --- crypto/ecc.c | 2 ++ crypto/ecc_curve_defs.h | 45 +++++++++++++++++++++++++++++++++++++++++ include/crypto/ecdh.h | 1 + 3 files changed, 48 insertions(+) diff --git a/crypto/ecc.c b/crypto/ecc.c index 3430c2c4e62c..a62c2dd352b7 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -60,6 +60,8 @@ const struct ecc_curve *ecc_get_curve(unsigned int curve_id) return &nist_p256; case ECC_CURVE_NIST_P384: return &nist_p384; + case ECC_CURVE_NIST_P521: + return &nist_p521; default: return NULL; } diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h index ab1ef3d94be5..0ecade7d02f5 100644 --- a/crypto/ecc_curve_defs.h +++ b/crypto/ecc_curve_defs.h @@ -89,6 +89,51 @@ static struct ecc_curve nist_p384 = { .b = nist_p384_b }; +/* NIST P-521 */ +static u64 nist_p521_g_x[] = { 0xf97e7e31c2e5bd66ull, 0x3348b3c1856a429bull, + 0xfe1dc127a2ffa8deull, 0xa14b5e77efe75928ull, + 0xf828af606b4d3dbaull, 0x9c648139053fb521ull, + 0x9e3ecb662395b442ull, 0x858e06b70404e9cdull, + 0xc6ull }; +static u64 nist_p521_g_y[] = { 0x88be94769fd16650ull, 0x353c7086a272c240ull, + 0xc550b9013fad0761ull, 0x97ee72995ef42640ull, + 0x17afbd17273e662cull, 0x98f54449579b4468ull, + 0x5c8a5fb42c7d1bd9ull, 0x39296a789a3bc004ull, + 0x118ull }; +static u64 nist_p521_p[] = { 0xffffffffffffffffull, 0xffffffffffffffffull, + 0xffffffffffffffffull, 0xffffffffffffffffull, + 0xffffffffffffffffull, 0xffffffffffffffffull, + 0xffffffffffffffffull, 0xffffffffffffffffull, + 0x1ffull }; +static u64 nist_p521_n[] = { 0xbb6fb71e91386409ull, 0x3bb5c9b8899c47aeull, + 0x7fcc0148f709a5d0ull, 0x51868783bf2f966bull, + 0xfffffffffffffffaull, 0xffffffffffffffffull, + 0xffffffffffffffffull, 0xffffffffffffffffull, + 0x1ffull }; +static u64 nist_p521_a[] = { 0xfffffffffffffffcull, 0xffffffffffffffffull, + 0xffffffffffffffffull, 0xffffffffffffffffull, + 0xffffffffffffffffull, 0xffffffffffffffffull, + 0xffffffffffffffffull, 0xffffffffffffffffull, + 0x1ffull }; +static u64 nist_p521_b[] = { 0xef451fd46b503f00ull, 0x3573df883d2c34f1ull, + 0x1652c0bd3bb1bf07ull, 0x56193951ec7e937bull, + 0xb8b489918ef109e1ull, 0xa2da725b99b315f3ull, + 0x929a21a0b68540eeull, 0x953eb9618e1c9a1full, + 0x051ull }; +static struct ecc_curve nist_p521 = { + .name = "nist_521", + .nbits = 521, + .g = { + .x = nist_p521_g_x, + .y = nist_p521_g_y, + .ndigits = 9, + }, + .p = nist_p521_p, + .n = nist_p521_n, + .a = nist_p521_a, + .b = nist_p521_b +}; + /* curve25519 */ static u64 curve25519_g_x[] = { 0x0000000000000009, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000 }; diff --git a/include/crypto/ecdh.h b/include/crypto/ecdh.h index a9f98078d29c..9784ecdd2fb4 100644 --- a/include/crypto/ecdh.h +++ b/include/crypto/ecdh.h @@ -26,6 +26,7 @@ #define ECC_CURVE_NIST_P192 0x0001 #define ECC_CURVE_NIST_P256 0x0002 #define ECC_CURVE_NIST_P384 0x0003 +#define ECC_CURVE_NIST_P521 0x0004 /** * struct ecdh - define an ECDH private key From patchwork Fri Mar 1 02:20:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208603 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813239dyb; Thu, 29 Feb 2024 18:22:29 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVSzIxe+a3Un+a1u4E8H9WQtuiDyk97bDxqxyoEjtwWyA36KSWeczB7V2chvTWN138J0DMB0WDBDnLtufzV/0NDA0WrsA== X-Google-Smtp-Source: AGHT+IFaY+YI5uVJmDnOmgjiiGxuZvAJhd7uW2+uQ+XSXyDSDDHkuP+vO4NUzzo4hXNOyEBMsOue X-Received: by 2002:a17:906:d045:b0:a44:46a:def8 with SMTP id bo5-20020a170906d04500b00a44046adef8mr227420ejb.43.1709259749154; Thu, 29 Feb 2024 18:22:29 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259749; cv=pass; d=google.com; s=arc-20160816; b=dkM1w+G7esTWttVZTtrlrLYMqJS1Jv374zAWOBxtU0hmcRyg6OCuBypUn2FpPtGLMJ lBfAZgz2PM0Y0SoXw81oB4oXWqjx0ulw4eW6mewrGPWmGmm4p8Y7+9M7r0RzMzcj/yIh oXkZV2ZUIlugnwhic/vruF18Bwo3nzt/E16XHgk3AJ2QBqRHwDeWauTRcJ1ydlP5wzTm tQMSfccAGuxddxIlTWqFp6LQWlmsqk/7EqKThVnwb5eHRL8OdsGrphDqJn9P30UaBx+I oXVPDmuVKXfSO++LwJ6i0gmtZKDl6+fCth/EVjnaWuKwvsCscqFg8fLaCNCR0L1b/Xld 1bkg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=27VVBnEU1E8thdxFnYmmqecPL6rgHzlExygOikrUXI0=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=b7XPich+F5ZZ/k/hT3WJLrpnfYR2SjG6oWSSewDaaxpFEse7sVbx62VI5VQZ22sWvY DQI0MRck+zITZ4lKrIr6howxPShDa/UBNxNBEkRSL6DqtEzCpOiobFeHph5SpRAYqa79 8RH5rZ5HyTd5YZXaxlWUPHDtuiB2UL3ROM9Vs1ukrnecrCoz+hbPzKdW7hvbc19RFS74 7uWf3qFJKP0bJftJGBufXurt0Ko8QlBTtZrMzvE5iWgqnzyjO+TCWUdAjWQ7QfhgyGGx wC8qsoQvcE0zDRupQmBr0Q2x9ZduBZORW8Pm8sea4/JUePXkGCwVLeuk8T31B9akCu2q sf7g==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=LHOk6LWR; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87826-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87826-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id q15-20020a170906b28f00b00a4437eda9c8si1085219ejz.456.2024.02.29.18.22.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:22:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87826-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=LHOk6LWR; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87826-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87826-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id C71BF1F25192 for ; Fri, 1 Mar 2024 02:21:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 450273CF40; Fri, 1 Mar 2024 02:20:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="LHOk6LWR" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9F2E73A8CA; Fri, 1 Mar 2024 02:20:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259623; cv=none; b=tG7SdHhtgK662qkuS+9Dgu/rxWhd8tXH8tQTc8RL9hWIl5YQ9it59mJFguQ+9PjhDXCoqOuLnEI3bEeiZGNJpdA/eYBIl7HCFmMRHr8YpWG6TcPFBwF5L0rnLdfvCSBFehCjj+70f5t/D2etd6iRZpAYJotjHNdeQDy+tN6Fb3w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259623; c=relaxed/simple; bh=OQYsXMHfGUAo+fgcBXpX5tzkjfHQI2L/enzJKf9t+JM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=TFlwIyC8+IHnLmSHKR5QfhzB5u6KHFwnZ0Ot/Cq3Eqj7ANqIzjGXSyMVHQFf7obFyWHywQf684WlqqzuvGPxIEYinuHBYsERJC0ULSAXx3iVVKmDrVZgg9ZgExg06S9yfNmKB+aZc2J2OwyAzLLnfMAeqD3RcXhL6q2feaEPIb8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=LHOk6LWR; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0353724.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4212HcDd017810; Fri, 1 Mar 2024 02:20:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=27VVBnEU1E8thdxFnYmmqecPL6rgHzlExygOikrUXI0=; b=LHOk6LWROyWLTDmb+tyQbe7VOlG0iAAm1o/go2ZyKj/yZCH/rPoVictK12zbps2sLprz +4ZTVU1tZa4O9U5GMHjLQYW9VrbZCF4lGbdjFLVLzUUs5zv4HwQJ60aIZD8JcBdXH4or GSQQsc+Osjsqvf4ueo9Bwz5PXEhsVXtsa6IQmxiz4MA6ir1BelIG/r5MEDKqBjDgaKtZ xBjwZtoGah/6zCj45tjDj9NgFdBekgojdLTYmD4RVGRrTcCSYyXlH1SXpS1R5p7skGFQ IhnouWlTG2kjBeXarXNZUhYlrIm+6UZEWH5QwSGB65Lse6JmWkVFhuxtWCwVHULGyLs5 ng== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk63rg1wr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:17 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 41TNofni012328; Fri, 1 Mar 2024 02:20:16 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([172.16.1.5]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wfwg2s516-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:16 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KEk440829434 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:16 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3BF015806A; Fri, 1 Mar 2024 02:20:14 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B15E158068; Fri, 1 Mar 2024 02:20:13 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:13 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 08/12] crypto: ecdsa - Replace ndigits with nbits where precision is needed Date: Thu, 29 Feb 2024 21:20:03 -0500 Message-ID: <20240301022007.344948-9-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: fLuyKHa3H_VNKPiPdDDJtbv0Jtbqd8i4 X-Proofpoint-ORIG-GUID: fLuyKHa3H_VNKPiPdDDJtbv0Jtbqd8i4 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 priorityscore=1501 spamscore=0 clxscore=1015 malwarescore=0 impostorscore=0 mlxscore=0 suspectscore=0 lowpriorityscore=0 mlxlogscore=999 phishscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288750467541122 X-GMAIL-MSGID: 1792288750467541122 Replace the usage of ndigits with nbits where more precise space calculations are needed, such as in ecdsa_max_size where the length of a coordinate is determined. Signed-off-by: Stefan Berger --- crypto/ecdsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c index 1814f009f971..4daefb40c37a 100644 --- a/crypto/ecdsa.c +++ b/crypto/ecdsa.c @@ -266,7 +266,7 @@ static unsigned int ecdsa_max_size(struct crypto_akcipher *tfm) { struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); - return ctx->pub_key.ndigits << ECC_DIGITS_TO_BYTES_SHIFT; + return DIV_ROUND_UP(ctx->curve->nbits, 8); } static int ecdsa_nist_p384_init_tfm(struct crypto_akcipher *tfm) From patchwork Fri Mar 1 02:20:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208607 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813562dyb; Thu, 29 Feb 2024 18:23:19 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXXZs8JzKWGjwg3A0AwuPH8tpcg7cMdm511lLEhfjcA+l8tICX2KzDVZqBfJ9WIXvVxv0DQBE9FmiPayJbFIGpxOlviKg== X-Google-Smtp-Source: AGHT+IFBXr9ASN1HyEaMoQlI575AlzWals8nJ/zqfgkSLV0yuDnd/HdOqFfY6ylGl6E/L0tLNn2j X-Received: by 2002:ac8:7e8f:0:b0:42e:b75c:e179 with SMTP id w15-20020ac87e8f000000b0042eb75ce179mr495212qtj.27.1709259798994; Thu, 29 Feb 2024 18:23:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259798; cv=pass; d=google.com; s=arc-20160816; b=qEimAsro3mJZ8Wqg3HmWkJAh16qKAaGULBAD6CevFIRjoDd0Uc9bJ8NizF2FUKj2UZ OGbF5yz/RCFRQd3Vt0+2jzCIp+VByVaLa0KFjz4UD7p6w+hT4w2wcabD0iD0RUaFPGfR IhLfjAnDICdXeEcYip6ZHW14LAmvrARzBwga3lYd2F3MuydggnHylndtglxNoBIDdI3c 1GN/qn2TrIxoYxSu/iYxq3xZFjcdfcqADE9qc4j/UbLmRkxa8q/2zUkzpChIQkpvLXu8 +ypW4/kuH8Buz2yedH6GFlWJWwrnoaTyvVt8a8Ol7iqdYmAs5JgYAGENYsKzf0Vn9RXL 2AoA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=mKVkxb/T5qGHQvaRTLWjs+ciJiOyEWiLYIdnDAuupJk=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=g7+lcxTMBDT8GqNavhxsJtsa+Iyk+qHWr/03JuaB0s8wGwyMPy3L9yRtj/5Q17zUCA Sql+OSbJ/pB6KJZCoq1qb03Nrn8Z4zcds3QXsKt7/p2KoShx30ISSYtyexwn0i2y+S8h wbHSPxxQVXozD0IpnyzzMIARtcACzThcF+Dkbpt9781Q7L6sDk+M51yn/DfqfYV2W+AS HjSMZJskDOy3bkbO/4M+3bz3VoP2Wl3BNSyTtmw5QmVsDm4AuzXc/EPtv3F+60vFI3GL dtS0IR1Dt96k56XT5Pboq4gpXDc5AiTgVsHV2XvPjeqlqEYffQixeWEYfZ8FIHfhykJD WoRg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b="eiNMumx/"; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87830-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87830-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id j23-20020ac84f97000000b0042da78e93d2si2538925qtw.176.2024.02.29.18.23.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:23:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87830-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b="eiNMumx/"; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87830-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87830-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id C392A1C22A9D for ; Fri, 1 Mar 2024 02:23:18 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 72DF63EA72; Fri, 1 Mar 2024 02:20:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="eiNMumx/" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 43A423A8D2; Fri, 1 Mar 2024 02:20:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259624; cv=none; b=HuF8SrnfJ29Cfp4YCX/MHPTZZ5TljbsnqSJbEKQgsEB45DwY03VCWGm6kBdfNZzGUavh5UP+ewkl1m+yHmilU363FNUWPQqnUOaE/bBDxAzgaKR7NmHQPcwYMGH/gBqFhmh81V1UPM3GtcU/IIIhFiUI8YR8yisPjgZb5AwrZvk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259624; c=relaxed/simple; bh=o1v/JX7sIpsoVFsmxKrT91VXsaiTzc9XeG2SC7KxnEI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rssBo1RJ2L1U9K56egnZOfBpGSel4Xb8F1dvZFCgS/P6uNy3yQc6awtCSxbYFQJFqBL++3wzjCtCi4BtoEMirYAvfkSBl6RZwa4ozmQXDlfYZK5J1pwBoTyGQDT3LcnQUyXA8pPEf9iW300LE4s+v6jzaQOTnviuWlB/GRWnmwU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=eiNMumx/; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4212Hf09028224; Fri, 1 Mar 2024 02:20:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=mKVkxb/T5qGHQvaRTLWjs+ciJiOyEWiLYIdnDAuupJk=; b=eiNMumx/wNhPmvmKrZAnaC0JtRauZlj4u+3ktAmRS5y/V+z9zdCIPEG0hSU76ZpNRrxE 2UxE+4ibFzhFnoP2sYD7BgVWf4yXdsiXgCGGGIK+oyIL49Vhz3wQJfq4NMElWOJGDMb+ OkhB/jiczm37gRikpGgs9VUHiXXILfvklg03RAf7Qi5UIlpXQRGaO39jeEMcudCtSOGl JigJzsctRreRlkp7fVTq3FltXZWkvmIodU5Q+tW5AVzJAsCi6MLASFh3n5R0gcB+SqH3 6d5dHt2nK1Yf7Ym1+iG2RgFN1XnLVW4di79QImUfMQ1vnCl4V15fHTtGDrhcw9k22IdS aA== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk63t81k4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:18 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 4210gfdu008808; Fri, 1 Mar 2024 02:20:17 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([172.16.1.5]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wftsu1w6t-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:17 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KErj38535578 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:16 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CA11658071; Fri, 1 Mar 2024 02:20:14 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 52FE958068; Fri, 1 Mar 2024 02:20:14 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:14 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 09/12] crypto: ecdsa - Rename keylen to bufsize where necessary Date: Thu, 29 Feb 2024 21:20:04 -0500 Message-ID: <20240301022007.344948-10-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: z5FTQ5LHpF0DZt41-ToOm6gm3W3sJOnf X-Proofpoint-ORIG-GUID: z5FTQ5LHpF0DZt41-ToOm6gm3W3sJOnf X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 suspectscore=0 adultscore=0 lowpriorityscore=0 mlxscore=0 spamscore=0 clxscore=1015 impostorscore=0 priorityscore=1501 bulkscore=0 mlxlogscore=999 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288802644483208 X-GMAIL-MSGID: 1792288802644483208 In some cases the name keylen does not reflect the purpose of the variable anymore once NIST P521 is used but it is the size of the buffer. There- for, rename keylen to bufsize where appropriate. Signed-off-by: Stefan Berger --- crypto/ecdsa.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c index 4daefb40c37a..4e847b59622a 100644 --- a/crypto/ecdsa.c +++ b/crypto/ecdsa.c @@ -35,8 +35,8 @@ struct ecdsa_signature_ctx { static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, const void *value, size_t vlen, unsigned int ndigits) { - size_t keylen = ndigits * sizeof(u64); - ssize_t diff = vlen - keylen; + size_t bufsize = ndigits * sizeof(u64); + ssize_t diff = vlen - bufsize; const char *d = value; u8 rs[ECC_MAX_BYTES]; @@ -58,7 +58,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, if (diff) return -EINVAL; } - if (-diff >= keylen) + if (-diff >= bufsize) return -EINVAL; if (diff) { @@ -138,7 +138,7 @@ static int ecdsa_verify(struct akcipher_request *req) { struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); - size_t keylen = ctx->curve->g.ndigits * sizeof(u64); + size_t bufsize = ctx->curve->g.ndigits * sizeof(u64); struct ecdsa_signature_ctx sig_ctx = { .curve = ctx->curve, }; @@ -165,14 +165,14 @@ static int ecdsa_verify(struct akcipher_request *req) goto error; /* if the hash is shorter then we will add leading zeros to fit to ndigits */ - diff = keylen - req->dst_len; + diff = bufsize - req->dst_len; if (diff >= 0) { if (diff) memset(rawhash, 0, diff); memcpy(&rawhash[diff], buffer + req->src_len, req->dst_len); } else if (diff < 0) { /* given hash is longer, we take the left-most bytes */ - memcpy(&rawhash, buffer + req->src_len, keylen); + memcpy(&rawhash, buffer + req->src_len, bufsize); } ecc_swap_digits((u64 *)rawhash, hash, ctx->curve->g.ndigits); From patchwork Fri Mar 1 02:20:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208614 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813752dyb; Thu, 29 Feb 2024 18:23:51 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUKLUuwLGvMDsLVTqqSfm9AIqx94xnTpqEMR43dcVhizXGWiyALcF2Vzhyx+A/1STXD+0LQ7cjAdB7mpro/kbiTtjhc4w== X-Google-Smtp-Source: AGHT+IFK1hfBBJErJoGnKX5VNJZYxDQNZJPYJhzLF2TaZHbeQai0g8NdDpB0EnwNSqX1+5ixgRJl X-Received: by 2002:a17:902:e54e:b0:1dc:90a7:660b with SMTP id n14-20020a170902e54e00b001dc90a7660bmr419324plf.9.1709259830761; Thu, 29 Feb 2024 18:23:50 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259830; cv=pass; d=google.com; s=arc-20160816; b=HouMw0Is1APGbrQxhlz04fD68gmYnViTJ0Iz/MXI5WH4cj5wM5vLLHnZnlycLvxQl9 zHBn3jaHJl2yIHEo9dpN+b7vt8vW2IpsjQEu0w72wws2Rmyas02sNXpr7cvwdZGGHQ4G 9LjqDxiJrpUVFMXriNPgWHSY4GsTVPALPdJ+sHni6BLhuipEoXndjWGkd0FYDdxLDLR5 S49b1ZkUcFxWmDmEu90qL24rNTMLB9e4plqnn+oepgQan0uJTESs1i7a2eSYO7sCcDAR XFCswO3mOp8uzzAVLW1TouhSAzA/c2BsZnMH7e0ZJPyVR0/gZS2LnsaePPeDbXprbLE8 f2Kw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=aKqYviNMCh8H4As2wRvvCPFABcFJDl81v/l/XulXS6w=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=CUedkHNhrbD3WXb5CBMJUlwiCrVmW/mohvqn+Vg9c5IKtObNH6anVgJEP2zZMfypt4 RtQaZbfG4hdpW9u2A0xagQLuWd5Xc5JA5uQ1a9DoirhTJYbm3FnxgbQvVjZhxof07Mvf 6QyVgAhAihofma1Cur76FHgB6UfGOWluZZfAO6ThsKVvkvlRslOiqNv7x9TvNskEBAAF GgW7Zkm7khAzkiKixRM32gNGiWeNwjWs9/0/6mbhtLNxzYVqVlXVWFHUy+bHcZJpTxIu Uimd+20pnC+Xd3ppojU2aqGqxjiBbotJ+vktRec2y7oURUMByPSED8bOln4pV+EbMZ2H +IQw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=dOKs18lU; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87832-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87832-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id t15-20020a170902e84f00b001dcafec2295si2627017plg.405.2024.02.29.18.23.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:23:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87832-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=dOKs18lU; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87832-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87832-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 37126281BB2 for ; Fri, 1 Mar 2024 02:23:42 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4DCBF3FB07; Fri, 1 Mar 2024 02:20:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="dOKs18lU" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E92FA3A8F2; Fri, 1 Mar 2024 02:20:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259624; cv=none; b=CwQRDg97vRD37NXX2MgZov/RZWtXiA/1M1kEqKc9B64YZ1zMaHanECftXAhJ6h1UUy9iBRaXtHbO2gZR1qxmmQp4CkMtTKzAVMg4o7DLdrZupVCX1bZwUaQ4sAitAEZ23RjSk+pPeflOhsBlKhXt0aQTnYwnvlNbWeTYpcV464k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259624; c=relaxed/simple; bh=Sdn/5zxB4zlH3QwSr2MRCwLoa/x+vqBp5ckMuLEWHdQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=H7+QZZwAoKs0Y5CEDjXIvGE5bpOyDdCvKvc5pE7ia7N2beKJq3hsbDUJOIUDLSXD685oxQ1TTpE65KwyoRHuBFMMbLzzgbUNSZy/cw+RbqcTG8tYkK79EancVlGB1QP/3cMBgAsyAVIG2wVjcPkkZtm2xMgaD0aPaHzJh1kG3JA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=dOKs18lU; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4212HtOR028512; Fri, 1 Mar 2024 02:20:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=aKqYviNMCh8H4As2wRvvCPFABcFJDl81v/l/XulXS6w=; b=dOKs18lUbp9oMnYhokSWhqkl4jTqDXVxMDx/vLoiAoIYGEgpqK2J9UzlDKRNO33BG27/ ank5vT2X0VEwQygDGUInC8J3NLSU3KBKmM9c7GArWYkroIMPkBOlYUoV2ORpdeCYjyQo iwv3NKYRipPN1xV/sknazvqAtAU28/Tc2z3GaROIJ7hMyXiOiZzNW7dHA5KlUVZWl7YY 7Fz9oK97pSpzRjw7AHkuovzRDSoEzNn6omieoOLzht/D4K/0ARNW/6wqKH7ippvMhiMI EBasQBzpKQHsdvXUfpr4fQ2OG46Z87lvGYZv/HRxlL5Fy0f6RlHWWoiIegTUcm0N7QnW cA== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk63t81kj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:18 +0000 Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 421207Mo021259; Fri, 1 Mar 2024 02:20:18 GMT Received: from smtprelay04.dal12v.mail.ibm.com ([172.16.1.6]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3wfusphkn2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:18 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KFTM13632130 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:17 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6345D5806E; Fri, 1 Mar 2024 02:20:15 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E08385805D; Fri, 1 Mar 2024 02:20:14 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:14 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 10/12] crypto: ecdsa - Register NIST P521 and extend test suite Date: Thu, 29 Feb 2024 21:20:05 -0500 Message-ID: <20240301022007.344948-11-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: pTz3iKLZq4G6n4JjLubq7krMmvFg5g0K X-Proofpoint-ORIG-GUID: pTz3iKLZq4G6n4JjLubq7krMmvFg5g0K X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 suspectscore=0 adultscore=0 lowpriorityscore=0 mlxscore=0 spamscore=0 clxscore=1015 impostorscore=0 priorityscore=1501 bulkscore=0 mlxlogscore=999 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288836213889414 X-GMAIL-MSGID: 1792288836213889414 Register NIST P521 as an akcipher and extend the testmgr with NIST P521-specific test vectors. Signed-off-by: Stefan Berger --- crypto/ecdsa.c | 30 ++++++++++ crypto/testmgr.c | 7 +++ crypto/testmgr.h | 146 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 183 insertions(+) diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c index 4e847b59622a..894599f1885f 100644 --- a/crypto/ecdsa.c +++ b/crypto/ecdsa.c @@ -269,6 +269,28 @@ static unsigned int ecdsa_max_size(struct crypto_akcipher *tfm) return DIV_ROUND_UP(ctx->curve->nbits, 8); } +static int ecdsa_nist_p521_init_tfm(struct crypto_akcipher *tfm) +{ + struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); + + return ecdsa_ecc_ctx_init(ctx, ECC_CURVE_NIST_P521); +} + +static struct akcipher_alg ecdsa_nist_p521 = { + .verify = ecdsa_verify, + .set_pub_key = ecdsa_set_pub_key, + .max_size = ecdsa_max_size, + .init = ecdsa_nist_p521_init_tfm, + .exit = ecdsa_exit_tfm, + .base = { + .cra_name = "ecdsa-nist-p521", + .cra_driver_name = "ecdsa-nist-p521-generic", + .cra_priority = 100, + .cra_module = THIS_MODULE, + .cra_ctxsize = sizeof(struct ecc_ctx), + }, +}; + static int ecdsa_nist_p384_init_tfm(struct crypto_akcipher *tfm) { struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); @@ -352,8 +374,15 @@ static int __init ecdsa_init(void) if (ret) goto nist_p384_error; + ret = crypto_register_akcipher(&ecdsa_nist_p521); + if (ret) + goto nist_p521_error; + return 0; +nist_p521_error: + crypto_unregister_akcipher(&ecdsa_nist_p384); + nist_p384_error: crypto_unregister_akcipher(&ecdsa_nist_p256); @@ -369,6 +398,7 @@ static void __exit ecdsa_exit(void) crypto_unregister_akcipher(&ecdsa_nist_p192); crypto_unregister_akcipher(&ecdsa_nist_p256); crypto_unregister_akcipher(&ecdsa_nist_p384); + crypto_unregister_akcipher(&ecdsa_nist_p521); } subsys_initcall(ecdsa_init); diff --git a/crypto/testmgr.c b/crypto/testmgr.c index c26aeda85787..a017b4ad119b 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -5097,6 +5097,13 @@ static const struct alg_test_desc alg_test_descs[] = { .suite = { .akcipher = __VECS(ecdsa_nist_p384_tv_template) } + }, { + .alg = "ecdsa-nist-p521", + .test = alg_test_akcipher, + .fips_allowed = 1, + .suite = { + .akcipher = __VECS(ecdsa_nist_p521_tv_template) + } }, { .alg = "ecrdsa", .test = alg_test_akcipher, diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 986f331a5fc2..9bde04be8df9 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -991,6 +991,152 @@ static const struct akcipher_testvec ecdsa_nist_p384_tv_template[] = { }, }; +static const struct akcipher_testvec ecdsa_nist_p521_tv_template[] = { + { + .key = /* secp521r1(sha224) */ + "\x04\x01\x4f\x43\x18\xb6\xa9\xc9\x5d\x68\xd3\xa9\x42\xf8\x98\xc0" + "\xd2\xd1\xa9\x50\x3b\xe8\xc4\x40\xe6\x11\x78\x88\x4b\xbd\x76\xa7" + "\x9a\xe0\xdd\x31\xa4\x67\x78\x45\x33\x9e\x8c\xd1\xc7\x44\xac\x61" + "\x68\xc8\x04\xe7\x5c\x79\xb1\xf1\x41\x0c\x71\xc0\x53\xa8\xbc\xfb" + "\xf5\xca\xd4\x01\x40\xfd\xa3\x45\xda\x08\xe0\xb4\xcb\x28\x3b\x0a" + "\x02\x35\x5f\x02\x9f\x3f\xcd\xef\x08\x22\x40\x97\x74\x65\xb7\x76" + "\x85\xc7\xc0\x5c\xfb\x81\xe1\xa5\xde\x0c\x4e\x8b\x12\x31\xb6\x47" + "\xed\x37\x0f\x99\x3f\x26\xba\xa3\x8e\xff\x79\x34\x7c\x3a\xfe\x1f" + "\x3b\x83\x82\x2f\x14", + .key_len = 133, + .params = + "\x30\x10\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x05\x2b\x81\x04" + "\x00\x23", + .param_len = 18, + .m = + "\xa2\x3a\x6a\x8c\x7b\x3c\xf2\x51\xf8\xbe\x5f\x4f\x3b\x15\x05\xc4" + "\xb5\xbc\x19\xe7\x21\x85\xe9\x23\x06\x33\x62\xfb", + .m_size = 28, + .algo = OID_id_ecdsa_with_sha224, + .c = + "\x30\x81\x86\x02\x41\x01\xd6\x43\xe7\xff\x42\xb2\xba\x74\x35\xf6" + "\xdc\x6d\x02\x7b\x22\xac\xe2\xef\x07\x92\xee\x60\x94\x06\xf8\x3f" + "\x59\x0f\x74\xf0\x3f\xd8\x18\xc6\x37\x8a\xcb\xa7\xd8\x7d\x98\x85" + "\x29\x88\xff\x0b\x94\x94\x6c\xa6\x9b\x89\x8b\x1e\xfd\x09\x46\x6b" + "\xc7\xaf\x7a\xb9\x19\x0a\x02\x41\x3a\x26\x0d\x55\xcd\x23\x1e\x7d" + "\xa0\x5e\xf9\x88\xf3\xd2\x32\x90\x57\x0f\xf8\x65\x97\x6b\x09\x4d" + "\x22\x26\x0b\x5f\x49\x32\x6b\x91\x99\x30\x90\x0f\x1c\x8f\x78\xd3" + "\x9f\x0e\x64\xcc\xc4\xe8\x43\xd9\x0e\x1c\xad\x22\xda\x82\x00\x35" + "\xa3\x50\xb1\xa5\x98\x92\x2a\xa5\x52", + .c_size = 137, + .public_key_vec = true, + .siggen_sigver_test = true, + }, + { + .key = /* secp521r1(sha256) */ + "\x04\x01\x05\x3a\x6b\x3b\x5a\x0f\xa7\xb9\xb7\x32\x53\x4e\xe2\xae" + "\x0a\x52\xc5\xda\xdd\x5a\x79\x1c\x30\x2d\x33\x07\x79\xd5\x70\x14" + "\x61\x0c\xec\x26\x4d\xd8\x35\x57\x04\x1d\x88\x33\x4d\xce\x05\x36" + "\xa5\xaf\x56\x84\xfa\x0b\x9e\xff\x7b\x30\x4b\x92\x1d\x06\xf8\x81" + "\x24\x1e\x51\x00\x09\x21\x51\xf7\x46\x0a\x77\xdb\xb5\x0c\xe7\x9c" + "\xff\x27\x3c\x02\x71\xd7\x85\x36\xf1\xaa\x11\x59\xd8\xb8\xdc\x09" + "\xdc\x6d\x5a\x6f\x63\x07\x6c\xe1\xe5\x4d\x6e\x0f\x6e\xfb\x7c\x05" + "\x8a\xe9\x53\xa8\xcf\xce\x43\x0e\x82\x20\x86\xbc\x88\x9c\xb7\xe3" + "\xe6\x77\x1e\x1f\x8a", + .key_len = 133, + .params = + "\x30\x10\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x05\x2b\x81\x04" + "\x00\x23", + .param_len = 18, + .m = + "\xcc\x97\x73\x0c\x73\xa2\x53\x2b\xfa\xd7\x83\x1d\x0c\x72\x1b\x39" + "\x80\x71\x8d\xdd\xc5\x9b\xff\x55\x32\x98\x25\xa2\x58\x2e\xb7\x73", + .m_size = 32, + .algo = OID_id_ecdsa_with_sha256, + .c = + "\x30\x81\x88\x02\x42\x00\xcd\xa5\x5f\x57\x52\x27\x78\x3a\xb5\x06" + "\x0f\xfd\x83\xfc\x0e\xd9\xce\x50\x9f\x7d\x1f\xca\x8b\xa8\x2d\x56" + "\x3c\xf6\xf0\xd8\xe1\xb7\x5d\x95\x35\x6f\x02\x0e\xaf\xe1\x4c\xae" + "\xce\x54\x76\x9a\xc2\x8f\xb8\x38\x1f\x46\x0b\x04\x64\x34\x79\xde" + "\x7e\xd7\x59\x10\xe9\xd9\xd5\x02\x42\x01\xcf\x50\x85\x38\xf9\x15" + "\x83\x18\x04\x6b\x35\xae\x65\xb5\x99\x12\x0a\xa9\x79\x24\xb9\x37" + "\x35\xdd\xa0\xe0\x87\x2c\x44\x4b\x5a\xee\xaf\xfa\x10\xdd\x9b\xfb" + "\x36\x1a\x31\x03\x42\x02\x5f\x50\xf0\xa2\x0d\x1c\x57\x56\x8f\x12" + "\xb7\x1d\x91\x55\x38\xb6\xf6\x34\x65\xc7\xbd", + .c_size = 139, + .public_key_vec = true, + .siggen_sigver_test = true, + }, + { + .key = /* secp521r1(sha384) */ + "\x04\x00\x2e\xd6\x21\x04\x75\xc3\xdc\x7d\xff\x0e\xf3\x70\x25\x2b" + "\xad\x72\xfc\x5a\x91\xf1\xd5\x9c\x64\xf3\x1f\x47\x11\x10\x62\x33" + "\xfd\x2e\xe8\x32\xca\x9e\x6f\x0a\x4c\x5b\x35\x9a\x46\xc5\xe7\xd4" + "\x38\xda\xb2\xf0\xf4\x87\xf3\x86\xf4\xea\x70\xad\x1e\xd4\x78\x8c" + "\x36\x18\x17\x00\xa2\xa0\x34\x1b\x2e\x6a\xdf\x06\xd6\x99\x2d\x47" + "\x50\x92\x1a\x8a\x72\x9c\x23\x44\xfa\xa7\xa9\xed\xa6\xef\x26\x14" + "\xb3\x9d\xfe\x5e\xa3\x8c\xd8\x29\xf8\xdf\xad\xa6\xab\xfc\xdd\x46" + "\x22\x6e\xd7\x35\xc7\x23\xb7\x13\xae\xb6\x34\xff\xd7\x80\xe5\x39" + "\xb3\x3b\x5b\x1b\x94", + .key_len = 133, + .params = + "\x30\x10\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x05\x2b\x81\x04" + "\x00\x23", + .param_len = 18, + .m = + "\x36\x98\xd6\x82\xfa\xad\xed\x3c\xb9\x40\xb6\x4d\x9e\xb7\x04\x26" + "\xad\x72\x34\x44\xd2\x81\xb4\x9b\xbe\x01\x04\x7a\xd8\x50\xf8\x59" + "\xba\xad\x23\x85\x6b\x59\xbe\xfb\xf6\x86\xd4\x67\xa8\x43\x28\x76", + .m_size = 48, + .algo = OID_id_ecdsa_with_sha384, + .c = + "\x30\x81\x88\x02\x42\x00\x93\x96\x76\x3c\x27\xea\xaa\x9c\x26\xec" + "\x51\xdc\xe8\x35\x5e\xae\x16\xf2\x4b\x64\x98\xf7\xec\xda\xc7\x7e" + "\x42\x71\x86\x57\x2d\xf1\x7d\xe4\xdf\x9b\x7d\x9e\x47\xca\x33\x32" + "\x76\x06\xd0\xf9\xc0\xe4\xe6\x84\x59\xfd\x1a\xc4\x40\xdd\x43\xb8" + "\x6a\xdd\xfb\xe6\x63\x4e\x28\x02\x42\x00\xff\xc3\x6a\x87\x6e\xb5" + "\x13\x1f\x20\x55\xce\x37\x97\xc9\x05\x51\xe5\xe4\x3c\xbc\x93\x65" + "\x57\x1c\x30\xda\xa7\xcd\x26\x28\x76\x3b\x52\xdf\xc4\xc0\xdb\x54" + "\xdb\x8a\x0d\x6a\xc3\xf3\x7a\xd1\xfa\xe7\xa7\xe5\x5a\x94\x56\xcf" + "\x8f\xb4\x22\xc6\x4f\xab\x2b\x62\xc1\x42\xb1", + .c_size = 139, + .public_key_vec = true, + .siggen_sigver_test = true, + }, + { + .key = /* secp521r1(sha512) */ + "\x04\x00\xc7\x65\xee\x0b\x86\x7d\x8f\x02\xf1\x74\x5b\xb0\x4c\x3f" + "\xa6\x35\x60\x9f\x55\x23\x11\xcc\xdf\xb8\x42\x99\xee\x6c\x96\x6a" + "\x27\xa2\x56\xb2\x2b\x03\xad\x0f\xe7\x97\xde\x09\x5d\xb4\xc5\x5f" + "\xbd\x87\x37\xbf\x5a\x16\x35\x56\x08\xfd\x6f\x06\x1a\x1c\x84\xee" + "\xc3\x64\xb3\x00\x9e\xbd\x6e\x60\x76\xee\x69\xfd\x3a\xb8\xcd\x7e" + "\x91\x68\x53\x57\x44\x13\x2e\x77\x09\x2a\xbe\x48\xbd\x91\xd8\xf6" + "\x21\x16\x53\x99\xd5\xf0\x40\xad\xa6\xf8\x58\x26\xb6\x9a\xf8\x77" + "\xfe\x3a\x05\x1a\xdb\xa9\x0f\xc0\x6c\x76\x30\x8c\xd8\xde\x44\xae" + "\xd0\x17\xdf\x49\x6a", + .key_len = 133, + .params = + "\x30\x10\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x05\x2b\x81\x04" + "\x00\x23", + .param_len = 18, + .m = + "\x5c\xa6\xbc\x79\xb8\xa0\x1e\x11\x83\xf7\xe9\x05\xdf\xba\xf7\x69" + "\x97\x22\x32\xe4\x94\x7c\x65\xbd\x74\xc6\x9a\x8b\xbd\x0d\xdc\xed" + "\xf5\x9c\xeb\xe1\xc5\x68\x40\xf2\xc7\x04\xde\x9e\x0d\x76\xc5\xa3" + "\xf9\x3c\x6c\x98\x08\x31\xbd\x39\xe8\x42\x7f\x80\x39\x6f\xfe\x68", + .m_size = 64, + .algo = OID_id_ecdsa_with_sha512, + .c = + "\x30\x81\x88\x02\x42\x01\x5c\x71\x86\x96\xac\x21\x33\x7e\x4e\xaa" + "\x86\xec\xa8\x05\x03\x52\x56\x63\x0e\x02\xcc\x94\xa9\x05\xb9\xfb" + "\x62\x1e\x42\x03\x6c\x74\x8a\x1f\x12\x3e\xb7\x7e\x51\xff\x7f\x27" + "\x93\xe8\x6c\x49\x7d\x28\xfc\x80\xa6\x13\xfc\xb6\x90\xf7\xbb\x28" + "\xb5\x04\xb0\xb6\x33\x1c\x7e\x02\x42\x01\x70\x43\x52\x1d\xe3\xc6" + "\xbd\x5a\x40\x95\x35\x89\x4f\x41\x5f\x9e\x19\x88\x05\x3e\x43\x39" + "\x01\xbd\xb7\x7a\x76\x37\x51\x47\x49\x98\x12\x71\xd0\xe9\xca\xa7" + "\xc0\xcb\xaa\x00\x55\xbb\x6a\xb4\x73\x00\xd2\x72\x74\x13\x63\x39" + "\xa6\xe5\x25\x46\x1e\x77\x44\x78\xe0\xd1\x04", + .c_size = 139, + .public_key_vec = true, + .siggen_sigver_test = true, + }, +}; + /* * EC-RDSA test vectors are generated by gost-engine. */ From patchwork Fri Mar 1 02:20:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208613 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813701dyb; Thu, 29 Feb 2024 18:23:39 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCV7mW6veR/ig7Sz7Ga9dsTLbceJL45njxNK+c3CG2GmN06mWQQJ1keHymO+XXX2VVAQXSZ2fIfMoPiQR/aZ5ctusdzNwQ== X-Google-Smtp-Source: AGHT+IHcsVVK6omuo1ex9LNsbky/CGmvpegRaoF4tEl97vLwy5WgI71NelUA6x6C3Q/SRMXao0Ny X-Received: by 2002:a05:620a:1707:b0:787:a61b:2542 with SMTP id az7-20020a05620a170700b00787a61b2542mr691611qkb.32.1709259819001; Thu, 29 Feb 2024 18:23:39 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259818; cv=pass; d=google.com; s=arc-20160816; b=VMNYjBzn2oNwRDFe9Y1QkxOqzlgkxungi/l8Yx6EOl1mh5A0QRkquDhFkLpebTD7uo AwtWY0ab6E+KRKzzRwvYmoBH5rYtrs8RQW2vu/HF7vP6z7pKPn3rIBlKPFUajpTM5Tpt DITRrXfoc9M39LK0yt5crKHHLeu8Y0w+v0Ito4hXEh8rOWLkdSw6gY4s6LzLED2PFPlj Uds23UNJpeMNpNhllGhl0/Hnvz1Q3y4wbYAOZ1Ik7sXmBpN2Ht6ne57XLjqDR+vX2bnn GOMiTRn/aT+USdHekl+/A8lV3ZAByIrVj9HPOIWRS07mxx+cABMqoXKl3EqjplfwCTRu dPbg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=Yt3IwoHFlggRrosbmAcrh0eBdF1FVBp7FKVJ70kauYQ=; fh=rcM6ok5GFu5IIT2QdH7dFGIfgvD+dlFEBXZav0jM/0I=; b=yukBh6yQ5ae+nhiJuR57u8oM9IAFZpIxzpYzhgnj+Dh5mgjSmLxhkPRWwnEQ0FhwvJ /WYk3F9aymJv6Bwl9nogWkRuTJ9mCQAW3RQgWKJBCXwiPuL0U0EB7OzhPHIdcnl8CyyX z5fPyTC6bjSfyO+selheIJGKfLBRgoiBO2NC0piL+EbJ5JYu4TPW59y6OOsIFlyiH/0Z bUOLQpH2hGHdKickDuUG5LhdZwDm6CuSX2867mMIRMRJoGMHvYZT57oCIAnq5Q4fwd64 Ifsedg//jMA141K+OHGqi6FoS5tmupULm9WmfqIGfm8MJqaLXWJ9mAno7S8j0jy0t7W+ HXGA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=f7cQxf2V; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87834-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87834-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id xz10-20020a05620a5e0a00b00787be93764esi2655211qkn.228.2024.02.29.18.23.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:23:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87834-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=f7cQxf2V; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87834-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87834-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id AD4FA1C22B35 for ; Fri, 1 Mar 2024 02:23:38 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 760023F9DD; Fri, 1 Mar 2024 02:20:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="f7cQxf2V" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B6A4C3C493; Fri, 1 Mar 2024 02:20:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259627; cv=none; b=piMY7UF0AA66wHCvUBB15FUR5I8N90BsyO+fr2298xjvEQI8tKv0zPAyJJBqVniXGPQOs6fxtVvDZwIIMN4YbKNC+8OQolZuO/hDQDoDCDNhxrNeh9YM9MuFDBJwQdTL1v51SRI6J/sb6UL6+WDVAmS3OXCw62hZ2owihsiEY/g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259627; c=relaxed/simple; bh=9rykTtpLlBlo2CLkT3nocbnOiQzjZkZM8uVjIXtPa+g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=PWOcTW+GHzfpSPZeQXmaUzZ2mnLY1eK+5OKdD3ZXrMdUoajdhfQRFR6nJDBRSfzGT3mZ5nUKblHeoearS3wJ6E2PK8hRk8s32+aGMnEfI9HW/23zHbhpNowkwlHo6Q4alN+oNfQLwF74trFlisTnsGuMXrMbNTM67SlNySeSQUY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=f7cQxf2V; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0353728.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 42122Eqt030470; Fri, 1 Mar 2024 02:20:20 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=Yt3IwoHFlggRrosbmAcrh0eBdF1FVBp7FKVJ70kauYQ=; b=f7cQxf2VXzpF3vqE8iCfHAr/i7UY3h9vt6GVgydD7YXbUz1jyXGxmphIF4RT3mlKIkU3 Ih1OBnxNa0RQF/Gw6sVnPVvTZWQnjrkV5ZGKFqEhhcFVDUqDHB4FQt0tlfvkvVY71kw9 h6hkDh3XjE4Al1g+NxBkv3FaJRt5a8gi0LBSmc2u7GMdBatrVF4PBnZWtOuWGbpyBpty SK3nH+Vaz2TGX/o6wdJBPtrKrlue+VAYR9IszxLk7z0UgLlXCbcFb6avP/ZVGFisXW0E P+/+GwzgICueTY7hK8Aib7tLwg+LUifdrDQtjVpDXaELo3RRZiFG7xJXB0m10EA0G3qC iQ== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk5vhgftg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:19 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 4210CAgk012338; Fri, 1 Mar 2024 02:20:18 GMT Received: from smtprelay02.dal12v.mail.ibm.com ([172.16.1.4]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wfwg2s51g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:18 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay02.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KGN348693646 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:18 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EFD9058052; Fri, 1 Mar 2024 02:20:15 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7A7055805D; Fri, 1 Mar 2024 02:20:15 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:15 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger Subject: [PATCH v4 11/12] crypto: asymmetric_keys - Adjust signature size calculation for NIST P521 Date: Thu, 29 Feb 2024 21:20:06 -0500 Message-ID: <20240301022007.344948-12-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: b0aN-kCjk-OlIPWtWpgKloTZjYuBYqlo X-Proofpoint-ORIG-GUID: b0aN-kCjk-OlIPWtWpgKloTZjYuBYqlo X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 mlxlogscore=999 clxscore=1015 priorityscore=1501 spamscore=0 lowpriorityscore=0 malwarescore=0 suspectscore=0 phishscore=0 adultscore=0 impostorscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288823674446710 X-GMAIL-MSGID: 1792288823674446710 Adjust the calculation of the maximum signature size for support of NIST P521. While existing curves may prepend a 0 byte to their coordinates (to make the number positive), NIST P521 will not do this since only the first bit in the most significant byte is used. If the encoding of the x & y coordinates requires more than 128 bytes then an additional byte is needed for the encoding of the length. Take this into account when calculating the maximum signature size. Signed-off-by: Stefan Berger Reviewed-by: Lukas Wunner --- crypto/asymmetric_keys/public_key.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c index e5f22691febd..247d42580f7c 100644 --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -233,6 +233,7 @@ static int software_key_query(const struct kernel_pkey_params *params, info->key_size = len * 8; if (strncmp(pkey->pkey_algo, "ecdsa", 5) == 0) { + int slen = len; /* * ECDSA key sizes are much smaller than RSA, and thus could * operate on (hashed) inputs that are larger than key size. @@ -246,8 +247,19 @@ static int software_key_query(const struct kernel_pkey_params *params, * Verify takes ECDSA-Sig (described in RFC 5480) as input, * which is actually 2 'key_size'-bit integers encoded in * ASN.1. Account for the ASN.1 encoding overhead here. + * + * NIST P192/256/384 may prepend a '0' to a coordinate to + * indicate a positive integer. NIST P521 never needs it. */ - info->max_sig_size = 2 * (len + 3) + 2; + if (strcmp(pkey->pkey_algo, "ecdsa-nist-p521") != 0) + slen += 1; + /* Length of encoding the x & y coordinates */ + slen = 2 * (slen + 2); + /* + * If coordinate encoding takes more than 128 bytes then an + * additional byte for length encoding is needed. + */ + info->max_sig_size = 1 + (slen >= 128) + 1 + slen; } else { info->max_data_size = len; info->max_sig_size = len; From patchwork Fri Mar 1 02:20:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 208612 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2097:b0:108:e6aa:91d0 with SMTP id gs23csp813648dyb; Thu, 29 Feb 2024 18:23:29 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUoKdE8wyP3ukChCfuxjlviJeq7kvnaGhid5K1Xmf6VBTGJeU58/4wakhZJqKgLGgYNcKeoXM6ADq7tJX2/llSfD6/acw== X-Google-Smtp-Source: AGHT+IEU05RRNrz16xlVwcvAEDiPVAUBnrSek1J33lgNAPI9MoFkAlBTSMnVIUSo5Abb1xZeXHRy X-Received: by 2002:a50:a411:0:b0:566:47ee:b8b4 with SMTP id u17-20020a50a411000000b0056647eeb8b4mr312813edb.17.1709259809053; Thu, 29 Feb 2024 18:23:29 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709259809; cv=pass; d=google.com; s=arc-20160816; b=hEtkoos/BzR8+tvfqDpvPRQC0CKzdrTNus/nwGxoPden1u4qpwyB6SPlES6G3Tr6qR X7yxwMLBTihGWU8CkO/nLx2lFOz5ImXwPK/EPbw2aaJmgR8hOhSFOQLmzTv40RgGGdOk UthPi5QfMDn1ZDGsaMIDS5pSjTA7twBP+flpTajS2vafFCDkLdeWP/2Hq5W6pSEET8NH oWK/aaXSaXOH1kDvNJTdDE4KpSi6vSlqX1vDHNiOJWmUS4V0GyDfJlNqf3nM1WRupsNc hpVavjjpbUh4EkkzdrxBfBaqMmNJZQ+J6qbfMYcvZjXxjdJLKtxWUgZ4WTWphriRuzxk bqWg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=WscJRectOOpbFSdEkRLSkxTx5f/ng+ZZJOEX2Ey0I9k=; fh=lpYxL1R/2q+ah9fKjyMCFafr1KiMKaWUmEOUTWH+tFQ=; b=IoX+keU9z02JDkjva4boCj5Eac65L3sKONdSZ/ylqpab/vsqU+j0gCWVaRWiYCSPE6 g4MaUNVYd1UKxm8zUFq09RW4eFYP9XV+lTAWSuKMGwRaWb7lWhtv/qwYP3ifdzUgkuq2 M0WoeIse13Wv334QxIRQJoTvdr98IR+tp/rMROTuhuD4qmv4EhWJGCA3tMkVbsm4wyZm dyU8KWOY5yMhRIUT3jyZAvIJEYTjNNtMDE9I+rbvEtRq8Syo/BUEdWOiubORcRHHYiOd 4CQQ+E3CLZ7F73/vdTxrN0BoDKIZ3h4dxwwe7kzcCycGX478uSAwX63rN3sCLbrAYci3 zqNQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=aCJGGgGh; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87833-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87833-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id z18-20020a05640240d200b00566c388cebfsi377334edb.129.2024.02.29.18.23.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 18:23:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-87833-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=aCJGGgGh; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-87833-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-87833-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 81AFE1F219AA for ; Fri, 1 Mar 2024 02:23:28 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C7C143EA98; Fri, 1 Mar 2024 02:20:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="aCJGGgGh" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 935CE3B1B7; Fri, 1 Mar 2024 02:20:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259625; cv=none; b=K/IAI6xGQcboZwHj1Sy3q7CLYatswj57cJ0880+vJE48GuJZtT7F343eBKzrW4bXxkYOiuHnaxeZ4mSiGWlMuARwCCr4jMB2bhe0TBMgL8QiYQDaxvgLNgJ7UVXpLPnktTvJWY1+SUr+PnvX1KIbCpCH/y0Llxd4KQRDJ+WP5/A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709259625; c=relaxed/simple; bh=CLARtP2DQJAVQ0De+jgJ+swpoDvVcBFDP0cS0U0AByc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=mLZY9BQNvLXhhQo7aQT69gMBPv5GO98OOXSp/3tdlM/O9ou5C7qI4kV+ibsJZeYJYhdwW8Sw1B9XiqDzlqMm+v2z1lsVIeaXIEmPJBjrF+MFa+/RyAHrM24mVzdhxGdHdTawqqXiXUQqnJoyjsnUOD1PhS9tm41rLdufkITS1y0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=aCJGGgGh; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0356517.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 4211p8XZ026967; Fri, 1 Mar 2024 02:20:21 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=WscJRectOOpbFSdEkRLSkxTx5f/ng+ZZJOEX2Ey0I9k=; b=aCJGGgGhomFIRs5vnjZajZrs2GiZpNtdE0rdX5URuLzetGIEhf0I1HgRwCJ5KvFlyT2c f3fEUGlJ+YzmhqE78aGRoxbYlCyprCTs77lvFQExx2UY1nIouMwaKPI5YcESwJ3o/9MZ GV8WIQ7Lwk2rRnpG+BRoM4QOoIsY7et6yRT81Sw2dGWeR7w6nRow+FDEiMVeGQEi+wxw V0v4AxFzTL+nLfc4ef9RAwZtWQIhX2HJ+gcxMVUd2KSfJApRtAi5+7nx6xNN/W+uohjk iTVhAnD3wE+0lAwFmXbRVSG2vwjfYI6Eshx9taqy7/4MR9vh4S9KzXIYNRMhSbxuWUxZ Rg== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk57h1dqj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:20 +0000 Received: from m0356517.ppops.net (m0356517.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4211xX2N017290; Fri, 1 Mar 2024 02:20:20 GMT Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wk57h1dpf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:20 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 41TNwnoF008827; Fri, 1 Mar 2024 02:20:19 GMT Received: from smtprelay02.dal12v.mail.ibm.com ([172.16.1.4]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wftsu1w70-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Mar 2024 02:20:19 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay02.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 4212KGVb44564750 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 1 Mar 2024 02:20:18 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9360A58056; Fri, 1 Mar 2024 02:20:16 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 12ED25805D; Fri, 1 Mar 2024 02:20:16 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 1 Mar 2024 02:20:15 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, lukas@wunner.de, Stefan Berger , David Howells Subject: [PATCH v4 12/12] crypto: x509 - Add OID for NIST P521 and extend parser for it Date: Thu, 29 Feb 2024 21:20:07 -0500 Message-ID: <20240301022007.344948-13-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240301022007.344948-1-stefanb@linux.ibm.com> References: <20240301022007.344948-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: mRs7XMb-K63HGuk60utCdVeXCnhE_hbV X-Proofpoint-ORIG-GUID: bJt5Y1aNDD82emL5h9ejwVh6ZmBYPFfg X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-29_08,2024-02-29_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 lowpriorityscore=0 mlxscore=0 adultscore=0 spamscore=0 phishscore=0 priorityscore=1501 impostorscore=0 mlxlogscore=977 clxscore=1015 bulkscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403010018 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792288813286615973 X-GMAIL-MSGID: 1792288813286615973 Enable the x509 parser to accept NIST P521 certificates and add the OID for ansip521r1, which is the identifier for NIST P521. Cc: David Howells Signed-off-by: Stefan Berger --- crypto/asymmetric_keys/x509_cert_parser.c | 3 +++ include/linux/oid_registry.h | 1 + 2 files changed, 4 insertions(+) diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 487204d39426..99f809b7910b 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -538,6 +538,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, case OID_id_ansip384r1: ctx->cert->pub->pkey_algo = "ecdsa-nist-p384"; break; + case OID_id_ansip521r1: + ctx->cert->pub->pkey_algo = "ecdsa-nist-p521"; + break; default: return -ENOPKG; } diff --git a/include/linux/oid_registry.h b/include/linux/oid_registry.h index 3921fbed0b28..af16d96fbbf2 100644 --- a/include/linux/oid_registry.h +++ b/include/linux/oid_registry.h @@ -65,6 +65,7 @@ enum OID { OID_Scram, /* 1.3.6.1.5.5.14 */ OID_certAuthInfoAccess, /* 1.3.6.1.5.5.7.1.1 */ OID_id_ansip384r1, /* 1.3.132.0.34 */ + OID_id_ansip521r1, /* 1.3.132.0.35 */ OID_sha256, /* 2.16.840.1.101.3.4.2.1 */ OID_sha384, /* 2.16.840.1.101.3.4.2.2 */ OID_sha512, /* 2.16.840.1.101.3.4.2.3 */