Re: [PATCH v8 00/13] Add support for NIST P521 to ecdsa
From: Herbert Xu
Date: Fri Apr 12 2024 - 03:32:21 EST
On Thu, Apr 04, 2024 at 10:18:43AM -0400, Stefan Berger wrote:
> This series adds support for the NIST P521 curve to the ecdsa module
> to enable signature verification with it.
>
> An issue with the current code in ecdsa is that it assumes that input
> arrays providing key coordinates for example, are arrays of digits
> (a 'digit' is a 'u64'). This works well for all currently supported
> curves, such as NIST P192/256/384, but does not work for NIST P521 where
> coordinates are 8 digits + 2 bytes long. So some of the changes deal with
> converting byte arrays to digits and adjusting tests on input byte
> array lengths to tolerate arrays not providing multiples of 8 bytes.
>
> Regards,
> Stefan
>
> v8:
> - Changed nbits from unsigned int to u32 (5/13)
> - Added MODULE_ALIAS_CRYPTO("ecdsa-nist-p521") (11/13)
> - Applied R-b & T-b tags from Jarkko
> - Rebased on master branch at
> https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git
>
> v7:
> - Applied T-b tag from Christian to all patches
> - Applied R-b tag from Jarkko to some patches
> - Rephrased some patch descriptions per Jarkko's request
>
> v6:
> - Use existing #defines for number of digits rather than plain numbers
> (1/13, 6/13) following Bharat's suggestion
> - Initialize result from lowest 521 bits of product rather than going
> through tmp variable (6/13)
>
> v5:
> - Simplified ecc_digits_from_bytes as suggested by Lukas (1/12)
> - Using nbits == 521 to detect NIST P521 curve rather than strcmp()
> (5,6/12)
> - Nits in patch description and comments (11/12)
>
> v4:
> - Followed suggestions by Lukas Wummer (1,5,8/12)
> - Use nbits rather than ndigits where needed (8/12)
> - Renaming 'keylen' variablest to bufsize where necessary (9/12)
> - Adjust signature size calculation for NIST P521 (11/12)
>
> v3:
> - Dropped ecdh support
> - Use ecc_get_curve_nbits for getting number of bits in NIST P521 curve
> in ecc_point_mult (7/10)
>
> v2:
> - Reformulated some patch descriptions
> - Fixed issue detected by krobot
> - Some other small changes to the code
>
>
> Stefan Berger (13):
> crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible
> crypto: ecdsa - Convert byte arrays with key coordinates to digits
> crypto: ecdsa - Adjust tests on length of key parameters
> crypto: ecdsa - Extend res.x mod n calculation for NIST P521
> crypto: ecc - Add nbits field to ecc_curve structure
> crypto: ecc - Implement vli_mmod_fast_521 for NIST p521
> crypto: ecc - Add special case for NIST P521 in ecc_point_mult
> crypto: ecc - Add NIST P521 curve parameters
> crypto: ecdsa - Replace ndigits with nbits where precision is needed
> crypto: ecdsa - Rename keylen to bufsize where necessary
> crypto: ecdsa - Register NIST P521 and extend test suite
> crypto: asymmetric_keys - Adjust signature size calculation for NIST
> P521
> crypto: x509 - Add OID for NIST P521 and extend parser for it
>
> crypto/asymmetric_keys/public_key.c | 14 ++-
> crypto/asymmetric_keys/x509_cert_parser.c | 3 +
> crypto/ecc.c | 44 +++++--
> crypto/ecc_curve_defs.h | 49 ++++++++
> crypto/ecdsa.c | 63 +++++++---
> crypto/ecrdsa_defs.h | 5 +
> crypto/testmgr.c | 7 ++
> crypto/testmgr.h | 146 ++++++++++++++++++++++
> include/crypto/ecc_curve.h | 2 +
> include/crypto/ecdh.h | 1 +
> include/crypto/internal/ecc.h | 24 +++-
> include/linux/oid_registry.h | 1 +
> 12 files changed, 336 insertions(+), 23 deletions(-)
>
>
> base-commit: a9a72140536fe02d98bce72a608ccf3ba9008a71
> --
> 2.43.0
All applied. Thanks.
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt