From patchwork Thu Feb 8 22:18:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13550534 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0E89A4F613; Thu, 8 Feb 2024 22:19:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707430750; cv=none; b=WpUUtuzfZ2k1rkeFnUPczSrRSIHytp93HtnEpJOoGG9B0Rk8CdUuXRcuz9Q0DtUKQNRebydrBtAyE47nAR4tDdOfE5/akSgATVQ4ceSgyneeIcYIkeybHAJZKKum/MkCFRfRvZCbO5nKeY4ivYs3ugf9xsdACpasDrSrL4iB5pA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707430750; c=relaxed/simple; bh=nAYVa9pxoqQmYy/Bk2N/qqYRm4vdYQo8iqHKLiqBZ5U=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=ECkkKaaGgjg7/pz7mlqf/JmNfat2Nw7GEYWTRE/CTwJ3kJ5dDS8/fOc6lKaF4uFFpiHJ+LLemuM1evfYRyTea7TeArai3Sp3RVLnqXKvx8c8Cac1gq1Q7cb9qPZ8EnWueAtZwetDct90JU0dpjTJswL+X82zFM6neP7Qno/LWWw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=cSypwtMG; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="cSypwtMG" Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 418LRkIL020638; Thu, 8 Feb 2024 22:19:02 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=CTNubrTEG1irrv13ovrANfb/av+GhWeRdPgIA7A8O2E=; b=cSypwtMGcZFgWNqbpYw/xWz3WnrLUM27EkBj/iX70jRkJhoVKN08ekrdeN7AfP37oAXP D1IvpP4SICgZBlBaqsgqEXQmRsfZKwehL35BTB3iUnH6cfz4Xe8RU4MCNRid6fM2to6p +pJYWJh96vW/PdPkn+jqe/PA5fPq8AoK72QDesTOO5rtAN2ahDhA7WfokgMv5q2RtkVd RzSTKVQm4l/8IvC2av2b9elOCjOzldigCgVdutwGcFTmn/Pb/kw9A5yB/WF3Bp/XUIAs /yhv94y3/Al4MhwJ7+sS9vsvj6D/BP5SK3JUJPgS/NCwcu25PKZToyFSqznXjIhd7qis 3A== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3w56vsry7d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 08 Feb 2024 22:19:02 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 418LWPU9008487; Thu, 8 Feb 2024 22:19:01 GMT Received: from smtprelay02.wdc07v.mail.ibm.com ([172.16.1.69]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3w221kf5da-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 08 Feb 2024 22:19:01 +0000 Received: from smtpav03.dal12v.mail.ibm.com (smtpav03.dal12v.mail.ibm.com [10.241.53.102]) by smtprelay02.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 418MJ0SQ13304408 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 8 Feb 2024 22:19:00 GMT Received: from smtpav03.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 31F9158056; Thu, 8 Feb 2024 22:19:00 +0000 (GMT) Received: from smtpav03.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BCE6B5803F; Thu, 8 Feb 2024 22:18:59 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav03.dal12v.mail.ibm.com (Postfix) with ESMTP; Thu, 8 Feb 2024 22:18:59 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, Stefan Berger Subject: [PATCH 00/14] Add support for NIST P521 to ecdsa and ecdh Date: Thu, 8 Feb 2024 17:18:26 -0500 Message-ID: <20240208221840.3665874-1-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: st8TvVA8tEDC7MAWsl8ybJqSngb9GJx4 X-Proofpoint-GUID: st8TvVA8tEDC7MAWsl8ybJqSngb9GJx4 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-08_11,2024-02-08_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 impostorscore=0 bulkscore=0 suspectscore=0 phishscore=0 spamscore=0 lowpriorityscore=0 adultscore=0 clxscore=1011 mlxscore=0 mlxlogscore=702 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2402080124 This series of patches adds support for NIST P521 curve to ecdsa and ecdh. Test cases are added to both modules. An issue with the current code in ecdsa and ecdh is that it assumes that input arrays providing key coordinates for example are arrays of digits (a 'digit' is a 'u64'). This works well for existing curves, such as NIST P192/256/384, but does not work for NIST P521 where coordinates are 8 digits + 2 bytes long. So some of the changes deal with converting byte arrays to digits and digits to byte array. Regards, Stefan Stefan Berger (14): crypto: ecdsa - Convert byte arrays with key coordinates to digits crypto: ecdsa - Adjust tests on length of key material crypto: ecdsa - Adjust res.x mod n for NIST P521 crypto: ecc - Implement vli_mmod_fast_521 for NIST p521 crypto: ecc - For NIST P521 use vli_num_bits to get number of bits crypto: ecc - Add NIST P521 curve parameters crypto: ecdsa - Register NIST P521 and extend test suite x509: Add OID for NIST P521 and extend parser for it crypto: ecdh - Use properly formatted digits to check for valid key crypto: ecc - Implement ecc_digits_to_array to convert digits to byte array crypto: Add nbits field to ecc_curve structure crypto: ecc - Implement and use ecc_curve_get_nbytes to get curve's nbytes crypto: ecdh - Use functions to copy digits from and to array crypto: ecdh - Add support for NIST P521 and add test case crypto/asymmetric_keys/x509_cert_parser.c | 3 + crypto/ecc.c | 71 +++++-- crypto/ecc_curve_defs.h | 45 +++++ crypto/ecdh.c | 59 +++++- crypto/ecdsa.c | 51 ++++- crypto/testmgr.c | 14 ++ crypto/testmgr.h | 225 ++++++++++++++++++++++ include/crypto/ecc_curve.h | 3 + include/crypto/ecdh.h | 1 + include/crypto/internal/ecc.h | 61 +++++- include/linux/oid_registry.h | 1 + 11 files changed, 497 insertions(+), 37 deletions(-)