| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240223204149.4055630-8-stefanb@linux.ibm.com>
Date: Fri, 23 Feb 2024 15:41:46 -0500
From: Stefan Berger <stefanb@...ux.ibm.com>
To: keyrings@...r.kernel.org, linux-crypto@...r.kernel.org,
herbert@...dor.apana.org.au, davem@...emloft.net
Cc: linux-kernel@...r.kernel.org, saulo.alessandre@....jus.br,
Stefan Berger <stefanb@...ux.ibm.com>
Subject: [PATCH v3 07/10] crypto: ecc - Use ecc_get_curve_nbits to get number of bits for NIST P521
In ecc_point_mult query for the number of bits when using NIST P521 and
add '2'. The change is required specifically for NIST P521 to pass
mathematical tests on the public key.
Signed-off-by: Stefan Berger <stefanb@...ux.ibm.com>
---
crypto/ecc.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/crypto/ecc.c b/crypto/ecc.c
index ea7b28b5e00e..89ad45cf2404 100644
--- a/crypto/ecc.c
+++ b/crypto/ecc.c
@@ -1326,7 +1326,10 @@ static void ecc_point_mult(struct ecc_point *result,
carry = vli_add(sk[0], scalar, curve->n, ndigits);
vli_add(sk[1], sk[0], curve->n, ndigits);
scalar = sk[!carry];
- num_bits = sizeof(u64) * ndigits * 8 + 1;
+ if (ndigits == 9 && !strcmp(curve->name, "nist_521"))
+ num_bits = ecc_curve_get_nbits(curve) + 2;
+ else
+ num_bits = sizeof(u64) * ndigits * 8 + 1;
vli_set(rx[1], point->x, ndigits);
vli_set(ry[1], point->y, ndigits);
--
2.43.0
Powered by blists - more mailing lists