lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 29 Feb 2024 12:20:08 -0500
From: Stefan Berger <stefanb@...ux.ibm.com>
To: Lukas Wunner <lukas@...ner.de>
Cc: keyrings@...r.kernel.org, linux-crypto@...r.kernel.org,
        herbert@...dor.apana.org.au, davem@...emloft.net,
        linux-kernel@...r.kernel.org, saulo.alessandre@....jus.br
Subject: Re: [PATCH v3 01/10] crypto: ecdsa - Convert byte arrays with key
 coordinates to digits



On 2/29/24 11:48, Lukas Wunner wrote:
> On Thu, Feb 29, 2024 at 09:57:30AM -0500, Stefan Berger wrote:
>> static inline void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes,
>>                                           u64 *out, unsigned int ndigits)
>> {
>>          unsigned int o = nbytes & 7;
>>          u64 msd = 0;
>>          size_t i;
>>
>>          if (o == 0) {
>>                  ecc_swap_digits(in, out, ndigits);
>>          } else {
>>                  for (i = 0; i < o; i++)
>>                          msd = (msd << 8) | in[i];
>>                  out[ndigits - 1] = msd;
>>                  ecc_swap_digits(&in[o], out, ndigits - 1);
>>          }
>> }
> 
> Might be beneficial to add a code comment explaining the else-branch
> is for curves with key length not a multiple of 64 bits (such as NIST P521).

Will do. I am also using this here now since it's safer: 
ecc_swap_digits(&in[o], out, (nbytes - o) >> 3);

    Stefan

> 
> Otherwise LGTM, thanks!
> 
> Lukas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ