diff mbox series

[v2,06/14] crypto: ecc - Add NIST P521 curve parameters

Message ID 20240215231414.3857320-7-stefanb@linux.ibm.com (mailing list archive)
State Superseded
Delegated to: Herbert Xu
Headers show
Series Add support for NIST P521 to ecdsa and ecdh | expand

Commit Message

Stefan Berger Feb. 15, 2024, 11:14 p.m. UTC
Add the parameters for the NIST P521 curve and define a new curve ID
for it. Make the curve available in ecc_get_curve.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 crypto/ecc.c            |  2 ++
 crypto/ecc_curve_defs.h | 44 +++++++++++++++++++++++++++++++++++++++++
 include/crypto/ecdh.h   |  1 +
 3 files changed, 47 insertions(+)

Comments

Elliott, Robert (Servers) Feb. 16, 2024, 6:48 p.m. UTC | #1
> -----Original Message-----
> From: Stefan Berger <stefanb@linux.ibm.com>
> Sent: Thursday, February 15, 2024 5:14 PM
> Subject: [PATCH v2 06/14] crypto: ecc - Add NIST P521 curve parameters
> 
> Add the parameters for the NIST P521 curve and define a new curve ID
> for it. Make the curve available in ecc_get_curve.
> 
...
> diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h
...
> +static struct ecc_curve nist_p521 = {
> +	.name = "nist_521",

Are the name fields in the ecc_curve structures used anywhere or
exposed to userspace?

It'd be nice if the strings for the nist_p192, nist_p256, and nist_p384 
structures and this new nist_p521 structure included "p" before
the number, better matching all the code and the NIST FIPS 186-4 names:
    .name = "nist_p192"
    .name = "nist_p256"
    .name = "nist_p384"
    .name = "nist_p521"
Stefan Berger Feb. 16, 2024, 7:03 p.m. UTC | #2
On 2/16/24 13:48, Elliott, Robert (Servers) wrote:
>> -----Original Message-----
>> From: Stefan Berger <stefanb@linux.ibm.com>
>> Sent: Thursday, February 15, 2024 5:14 PM
>> Subject: [PATCH v2 06/14] crypto: ecc - Add NIST P521 curve parameters
>>
>> Add the parameters for the NIST P521 curve and define a new curve ID
>> for it. Make the curve available in ecc_get_curve.
>>
> ...
>> diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h
> ...
>> +static struct ecc_curve nist_p521 = {
>> +	.name = "nist_521",
> 
> Are the name fields in the ecc_curve structures used anywhere or
> exposed to userspace?
> 
> It'd be nice if the strings for the nist_p192, nist_p256, and nist_p384
> structures and this new nist_p521 structure included "p" before
> the number, better matching all the code and the NIST FIPS 186-4 names:
>      .name = "nist_p192"
>      .name = "nist_p256"
>      .name = "nist_p384"
>      .name = "nist_p521"
> 
> 

This is what is exposed:

$ cat /proc/crypto | grep nist
name         : ecdh-nist-p384
driver       : ecdh-nist-p384-generic
name         : ecdh-nist-p256
driver       : ecdh-nist-p256-generic
name         : ecdh-nist-p192
driver       : ecdh-nist-p192-generic
name         : ecdsa-nist-p384
driver       : ecdsa-nist-p384-generic
name         : ecdsa-nist-p256
driver       : ecdsa-nist-p256-generic
name         : ecdsa-nist-p192
driver       : ecdsa-nist-p192-generic
diff mbox series

Patch

diff --git a/crypto/ecc.c b/crypto/ecc.c
index 0734cea284a4..73fbbfc8d69c 100644
--- a/crypto/ecc.c
+++ b/crypto/ecc.c
@@ -60,6 +60,8 @@  const struct ecc_curve *ecc_get_curve(unsigned int curve_id)
 		return &nist_p256;
 	case ECC_CURVE_NIST_P384:
 		return &nist_p384;
+	case ECC_CURVE_NIST_P521:
+		return &nist_p521;
 	default:
 		return NULL;
 	}
diff --git a/crypto/ecc_curve_defs.h b/crypto/ecc_curve_defs.h
index 9719934c9428..93a47a5d460a 100644
--- a/crypto/ecc_curve_defs.h
+++ b/crypto/ecc_curve_defs.h
@@ -86,6 +86,50 @@  static struct ecc_curve nist_p384 = {
 	.b = nist_p384_b
 };
 
+/* NIST P-521 */
+static u64 nist_p521_g_x[] = { 0xf97e7e31c2e5bd66ull, 0x3348b3c1856a429bull,
+				0xfe1dc127a2ffa8deull, 0xa14b5e77efe75928ull,
+				0xf828af606b4d3dbaull, 0x9c648139053fb521ull,
+				0x9e3ecb662395b442ull, 0x858e06b70404e9cdull,
+				0xc6ull };
+static u64 nist_p521_g_y[] = { 0x88be94769fd16650ull, 0x353c7086a272c240ull,
+				0xc550b9013fad0761ull, 0x97ee72995ef42640ull,
+				0x17afbd17273e662cull, 0x98f54449579b4468ull,
+				0x5c8a5fb42c7d1bd9ull, 0x39296a789a3bc004ull,
+				0x118ull };
+static u64 nist_p521_p[] = { 0xffffffffffffffffull, 0xffffffffffffffffull,
+				0xffffffffffffffffull, 0xffffffffffffffffull,
+				0xffffffffffffffffull, 0xffffffffffffffffull,
+				0xffffffffffffffffull, 0xffffffffffffffffull,
+				0x1ffull };
+static u64 nist_p521_n[] = { 0xbb6fb71e91386409ull, 0x3bb5c9b8899c47aeull,
+				0x7fcc0148f709a5d0ull, 0x51868783bf2f966bull,
+				0xfffffffffffffffaull, 0xffffffffffffffffull,
+				0xffffffffffffffffull, 0xffffffffffffffffull,
+				0x1ffull };
+static u64 nist_p521_a[] = { 0xfffffffffffffffcull, 0xffffffffffffffffull,
+				0xffffffffffffffffull, 0xffffffffffffffffull,
+				0xffffffffffffffffull, 0xffffffffffffffffull,
+				0xffffffffffffffffull, 0xffffffffffffffffull,
+				0x1ffull };
+static u64 nist_p521_b[] = { 0xef451fd46b503f00ull, 0x3573df883d2c34f1ull,
+				0x1652c0bd3bb1bf07ull, 0x56193951ec7e937bull,
+				0xb8b489918ef109e1ull, 0xa2da725b99b315f3ull,
+				0x929a21a0b68540eeull, 0x953eb9618e1c9a1full,
+				0x051ull };
+static struct ecc_curve nist_p521 = {
+	.name = "nist_521",
+	.g = {
+		.x = nist_p521_g_x,
+		.y = nist_p521_g_y,
+		.ndigits = 9,
+	},
+	.p = nist_p521_p,
+	.n = nist_p521_n,
+	.a = nist_p521_a,
+	.b = nist_p521_b
+};
+
 /* curve25519 */
 static u64 curve25519_g_x[] = { 0x0000000000000009, 0x0000000000000000,
 				0x0000000000000000, 0x0000000000000000 };
diff --git a/include/crypto/ecdh.h b/include/crypto/ecdh.h
index a9f98078d29c..9784ecdd2fb4 100644
--- a/include/crypto/ecdh.h
+++ b/include/crypto/ecdh.h
@@ -26,6 +26,7 @@ 
 #define ECC_CURVE_NIST_P192	0x0001
 #define ECC_CURVE_NIST_P256	0x0002
 #define ECC_CURVE_NIST_P384	0x0003
+#define ECC_CURVE_NIST_P521	0x0004
 
 /**
  * struct ecdh - define an ECDH private key