[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240320114725.1644921-1-stefanb@linux.ibm.com>
Date: Wed, 20 Mar 2024 07:47:12 -0400
From: Stefan Berger <stefanb@...ux.ibm.com>
To: keyrings@...r.kernel.org, linux-crypto@...r.kernel.org,
herbert@...dor.apana.org.au, davem@...emloft.net
Cc: linux-kernel@...r.kernel.org, saulo.alessandre@....jus.br, lukas@...ner.de,
bbhushan2@...vell.com, jarkko@...nel.org,
Stefan Berger <stefanb@...ux.ibm.com>
Subject: Add support for NIST P521 to ecdsa
This series adds support for the NIST P521 curve to the ecdsa module
to enable signature verification with it.
An issue with the current code in ecdsa is that it assumes that input
arrays providing key coordinates for example, are arrays of digits
(a 'digit' is a 'u64'). This works well for all currently supported
curves, such as NIST P192/256/384, but does not work for NIST P521 where
coordinates are 8 digits + 2 bytes long. So some of the changes deal with
converting byte arrays to digits and adjusting tests on input byte
array lengths to tolerate arrays not providing multiples of 8 bytes.
Regards,
Stefan
v7:
- Applied T-b tag from Christian to all patches
- Applied R-b tag from Jarkko to some patches
- Rephrased some patch descriptions per Jarkko's request
v6:
- Use existing #defines for number of digits rather than plain numbers
(1/13, 6/13) following Bharat's suggestion
- Initialize result from lowest 521 bits of product rather than going
through tmp variable (6/13)
v5:
- Simplified ecc_digits_from_bytes as suggested by Lukas (1/12)
- Using nbits == 521 to detect NIST P521 curve rather than strcmp()
(5,6/12)
- Nits in patch description and comments (11/12)
v4:
- Followed suggestions by Lukas Wummer (1,5,8/12)
- Use nbits rather than ndigits where needed (8/12)
- Renaming 'keylen' variablest to bufsize where necessary (9/12)
- Adjust signature size calculation for NIST P521 (11/12)
v3:
- Dropped ecdh support
- Use ecc_get_curve_nbits for getting number of bits in NIST P521 curve
in ecc_point_mult (7/10)
v2:
- Reformulated some patch descriptions
- Fixed issue detected by krobot
- Some other small changes to the code
Stefan Berger (13):
crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible
crypto: ecdsa - Convert byte arrays with key coordinates to digits
crypto: ecdsa - Adjust tests on length of key parameters
crypto: ecdsa - Extend res.x mod n calculation for NIST P521
crypto: ecc - Add nbits field to ecc_curve structure
crypto: ecc - Implement vli_mmod_fast_521 for NIST p521
crypto: ecc - Add special case for NIST P521 in ecc_point_mult
crypto: ecc - Add NIST P521 curve parameters
crypto: ecdsa - Replace ndigits with nbits where precision is needed
crypto: ecdsa - Rename keylen to bufsize where necessary
crypto: ecdsa - Register NIST P521 and extend test suite
crypto: asymmetric_keys - Adjust signature size calculation for NIST
P521
crypto: x509 - Add OID for NIST P521 and extend parser for it
crypto/asymmetric_keys/public_key.c | 14 ++-
crypto/asymmetric_keys/x509_cert_parser.c | 3 +
crypto/ecc.c | 44 +++++--
crypto/ecc_curve_defs.h | 49 ++++++++
crypto/ecdsa.c | 62 ++++++---
crypto/ecrdsa_defs.h | 5 +
crypto/testmgr.c | 7 ++
crypto/testmgr.h | 146 ++++++++++++++++++++++
include/crypto/ecc_curve.h | 2 +
include/crypto/ecdh.h | 1 +
include/crypto/internal/ecc.h | 24 +++-
include/linux/oid_registry.h | 1 +
12 files changed, 335 insertions(+), 23 deletions(-)
--
2.43.0
Powered by blists - more mailing lists