From patchwork Fri Feb 23 20:41:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 13569952 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3F08FEAD2; Fri, 23 Feb 2024 20:42:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708720934; cv=none; b=pzvcLxv1u/CbR7CxOLAkBLaSjLVDDaEGqflEForLi1uP43FmrL5B245siwDhH9BbnmT33540chU2NLNfEOSqE1bqANKJUea9iJO2apXJETqPntOgKCYRsSqP8qOrBZQO8daE9It77t2EC8E+ppUMrY9Z7hxeznclXMFL850ZhWs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708720934; c=relaxed/simple; bh=sEs6vijaB9Edmeoq3BWV/Ii1U+JkXoXAoLGoCG3foyU=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=MPD3azM/fKtZLnD20sYPt2Kjpxlskt/i4acF6pA/N2zrRe8JzahC1sm1baF8G3AQEAd4Y4//3UsibgM6ux8/iHRVpICK7nmq0E92j2VK6js04+jFqcudRTiSjlU1lT45VLNkLVDaiEQz0LqwsT5UppRcG9J3+oyxFQpyanUZ6Fo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=OYjnNBi/; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="OYjnNBi/" Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 41NKRIuH017998; Fri, 23 Feb 2024 20:42:06 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=VLlFtFDBHgou09f1kfcjHqUWeU0A+n7YPSS2lnWnVNI=; b=OYjnNBi/ZGFgTly4IOOZlGx0IsW2DGrcOEwNXuzZeZji8reMJw+9a5ooa8n6ZbnGjOeg icWhPa7SYWrc2lC0aMmv8uTSS1De1Ypwktc81JCVD7v6jueMASxFotUt/sq8zkz/ygH2 OtmaG3tV5oyNyrtXcnPMDxz55S7Gumbo5un7DPNprZSp5TmtH+rThjOfue5lL8zrGwjz XX3vcvdy2Xvv7ZHTHjLrvNTsOrnHIx8pOlF+ZlrWq+mfNOqI9AnEUH0yi/dLWKQc79lc oQGPHKeelKS1GpwANH9tUyxVskVE8+jcNwmE32d0OdvcS4RYTJtWVeAJh6SYpPmHENMB MQ== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wf2dh8ab2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 23 Feb 2024 20:42:06 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 41NIUiB7003671; Fri, 23 Feb 2024 20:42:05 GMT Received: from smtprelay07.wdc07v.mail.ibm.com ([172.16.1.74]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wb74u8bbr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 23 Feb 2024 20:42:05 +0000 Received: from smtpav02.wdc07v.mail.ibm.com (smtpav02.wdc07v.mail.ibm.com [10.39.53.229]) by smtprelay07.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 41NKg2C03473986 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 23 Feb 2024 20:42:04 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 46E0A5805C; Fri, 23 Feb 2024 20:42:02 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8CC285805B; Fri, 23 Feb 2024 20:42:01 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Fri, 23 Feb 2024 20:42:01 +0000 (GMT) From: Stefan Berger To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br, Stefan Berger Subject: [PATCH v3 00/10] Add support for NIST P521 to ecdsa Date: Fri, 23 Feb 2024 15:41:39 -0500 Message-ID: <20240223204149.4055630-1-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.2 Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: xfG55matZWQnnFtfnhKmC7ft7MdH6e0z X-Proofpoint-ORIG-GUID: xfG55matZWQnnFtfnhKmC7ft7MdH6e0z X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-23_06,2024-02-23_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 mlxlogscore=999 mlxscore=0 adultscore=0 suspectscore=0 phishscore=0 spamscore=0 priorityscore=1501 malwarescore=0 impostorscore=0 bulkscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2402230152 This series adds support for the NIST P521 curve to the ecdsa module. An issue with the current code in ecdsa is that it assumes that input arrays providing key coordinates for example, are arrays of digits (a 'digit' is a 'u64'). This works well for all currently supported curves, such as NIST P192/256/384, but does not work for NIST P521 where coordinates are 8 digits + 2 bytes long. So some of the changes deal with converting byte arrays to digits and adjusting tests on input byte array lengths to tolerate arrays not providing multiples of 8 bytes. Regards, Stefan v3: - Dropped ecdh support - Use ecc_get_curve_nbits for getting number of bits in NIST P521 curve in ecc_point_mult (7/10) v2: - Reformulated some patch descriptions - Fixed issue detected by krobot - Some other small changes to the code Stefan Berger (10): crypto: ecdsa - Convert byte arrays with key coordinates to digits crypto: ecdsa - Adjust tests on length of key parameters crypto: ecdsa - Extend res.x mod n calculation for NIST P521 crypto: ecc - Implement vli_mmod_fast_521 for NIST p521 crypto: ecc - Add nbits field to ecc_curve structure crypte: ecc - Implement ecc_curve_get_nbits to get number of bits crypto: ecc - Use ecc_get_curve_nbits to get number of bits for NIST P521 crypto: ecc - Add NIST P521 curve parameters crypto: ecdsa - Register NIST P521 and extend test suite x509: Add OID for NIST P521 and extend parser for it crypto/asymmetric_keys/x509_cert_parser.c | 3 + crypto/ecc.c | 38 +++++- crypto/ecc_curve_defs.h | 45 +++++++ crypto/ecdsa.c | 48 +++++-- crypto/testmgr.c | 7 ++ crypto/testmgr.h | 146 ++++++++++++++++++++++ include/crypto/ecc_curve.h | 3 + include/crypto/ecdh.h | 1 + include/crypto/internal/ecc.h | 32 ++++- include/linux/oid_registry.h | 1 + 10 files changed, 315 insertions(+), 9 deletions(-)