Re: [PATCH v8 00/13] Add support for NIST P521 to ecdsa

[Herbert Xu]

On Thu, Apr 04, 2024 at 10:18:43AM -0400, Stefan Berger wrote:
> This series adds support for the NIST P521 curve to the ecdsa module
> to enable signature verification with it.
> 
> An issue with the current code in ecdsa is that it assumes that input
> arrays providing key coordinates for example, are arrays of digits
> (a 'digit' is a 'u64'). This works well for all currently supported
> curves, such as NIST P192/256/384, but does not work for NIST P521 where
> coordinates are 8 digits + 2 bytes long. So some of the changes deal with
> converting byte arrays to digits and adjusting tests on input byte
> array lengths to tolerate arrays not providing multiples of 8 bytes.
> 
> Regards,
>    Stefan
> 
> v8:
>  - Changed nbits from unsigned int to u32 (5/13)
>  - Added MODULE_ALIAS_CRYPTO("ecdsa-nist-p521") (11/13)
>  - Applied R-b & T-b tags from Jarkko
>  - Rebased on master branch at
>    https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git
> 
> v7:
>  - Applied T-b tag from Christian to all patches
>  - Applied R-b tag from Jarkko to some patches
>  - Rephrased some patch descriptions per Jarkko's request
> 
> v6:
>  - Use existing #defines for number of digits rather than plain numbers
>    (1/13, 6/13) following Bharat's suggestion
>  - Initialize result from lowest 521 bits of product rather than going
>    through tmp variable (6/13)
> 
> v5:
>  - Simplified ecc_digits_from_bytes as suggested by Lukas (1/12)
>  - Using nbits == 521 to detect NIST P521 curve rather than strcmp()
>    (5,6/12)
>  - Nits in patch description and comments (11/12)
> 
> v4:
>  - Followed suggestions by Lukas Wummer (1,5,8/12)
>  - Use nbits rather than ndigits where needed (8/12)
>  - Renaming 'keylen' variablest to bufsize where necessary (9/12)
>  - Adjust signature size calculation for NIST P521 (11/12)
> 
> v3:
>  - Dropped ecdh support
>  - Use ecc_get_curve_nbits for getting number of bits in NIST P521 curve
>    in ecc_point_mult (7/10)
> 
> v2:
>  - Reformulated some patch descriptions
>  - Fixed issue detected by krobot
>  - Some other small changes to the code
> 
> 
> Stefan Berger (13):
>   crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible
>   crypto: ecdsa - Convert byte arrays with key coordinates to digits
>   crypto: ecdsa - Adjust tests on length of key parameters
>   crypto: ecdsa - Extend res.x mod n calculation for NIST P521
>   crypto: ecc - Add nbits field to ecc_curve structure
>   crypto: ecc - Implement vli_mmod_fast_521 for NIST p521
>   crypto: ecc - Add special case for NIST P521 in ecc_point_mult
>   crypto: ecc - Add NIST P521 curve parameters
>   crypto: ecdsa - Replace ndigits with nbits where precision is needed
>   crypto: ecdsa - Rename keylen to bufsize where necessary
>   crypto: ecdsa - Register NIST P521 and extend test suite
>   crypto: asymmetric_keys - Adjust signature size calculation for NIST
>     P521
>   crypto: x509 - Add OID for NIST P521 and extend parser for it
> 
>  crypto/asymmetric_keys/public_key.c       |  14 ++-
>  crypto/asymmetric_keys/x509_cert_parser.c |   3 +
>  crypto/ecc.c                              |  44 +++++--
>  crypto/ecc_curve_defs.h                   |  49 ++++++++
>  crypto/ecdsa.c                            |  63 +++++++---
>  crypto/ecrdsa_defs.h                      |   5 +
>  crypto/testmgr.c                          |   7 ++
>  crypto/testmgr.h                          | 146 ++++++++++++++++++++++
>  include/crypto/ecc_curve.h                |   2 +
>  include/crypto/ecdh.h                     |   1 +
>  include/crypto/internal/ecc.h             |  24 +++-
>  include/linux/oid_registry.h              |   1 +
>  12 files changed, 336 insertions(+), 23 deletions(-)
> 
> 
> base-commit: a9a72140536fe02d98bce72a608ccf3ba9008a71
> -- 
> 2.43.0

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt