| Message ID | 20240404141856.2399142-1-stefanb@linux.ibm.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Add support for NIST P521 to ecdsa | expand |
On Thu, Apr 04, 2024 at 10:18:43AM -0400, Stefan Berger wrote: > This series adds support for the NIST P521 curve to the ecdsa module > to enable signature verification with it. Tested-by: Lukas Wunner <lukas@wunner.de> PCI device authentication with P521 is still working fine with v8.
On Thu, Apr 04, 2024 at 10:18:43AM -0400, Stefan Berger wrote: > This series adds support for the NIST P521 curve to the ecdsa module > to enable signature verification with it. > > An issue with the current code in ecdsa is that it assumes that input > arrays providing key coordinates for example, are arrays of digits > (a 'digit' is a 'u64'). This works well for all currently supported > curves, such as NIST P192/256/384, but does not work for NIST P521 where > coordinates are 8 digits + 2 bytes long. So some of the changes deal with > converting byte arrays to digits and adjusting tests on input byte > array lengths to tolerate arrays not providing multiples of 8 bytes. > > Regards, > Stefan > > v8: > - Changed nbits from unsigned int to u32 (5/13) > - Added MODULE_ALIAS_CRYPTO("ecdsa-nist-p521") (11/13) > - Applied R-b & T-b tags from Jarkko > - Rebased on master branch at > https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git > > v7: > - Applied T-b tag from Christian to all patches > - Applied R-b tag from Jarkko to some patches > - Rephrased some patch descriptions per Jarkko's request > > v6: > - Use existing #defines for number of digits rather than plain numbers > (1/13, 6/13) following Bharat's suggestion > - Initialize result from lowest 521 bits of product rather than going > through tmp variable (6/13) > > v5: > - Simplified ecc_digits_from_bytes as suggested by Lukas (1/12) > - Using nbits == 521 to detect NIST P521 curve rather than strcmp() > (5,6/12) > - Nits in patch description and comments (11/12) > > v4: > - Followed suggestions by Lukas Wummer (1,5,8/12) > - Use nbits rather than ndigits where needed (8/12) > - Renaming 'keylen' variablest to bufsize where necessary (9/12) > - Adjust signature size calculation for NIST P521 (11/12) > > v3: > - Dropped ecdh support > - Use ecc_get_curve_nbits for getting number of bits in NIST P521 curve > in ecc_point_mult (7/10) > > v2: > - Reformulated some patch descriptions > - Fixed issue detected by krobot > - Some other small changes to the code > > > Stefan Berger (13): > crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible > crypto: ecdsa - Convert byte arrays with key coordinates to digits > crypto: ecdsa - Adjust tests on length of key parameters > crypto: ecdsa - Extend res.x mod n calculation for NIST P521 > crypto: ecc - Add nbits field to ecc_curve structure > crypto: ecc - Implement vli_mmod_fast_521 for NIST p521 > crypto: ecc - Add special case for NIST P521 in ecc_point_mult > crypto: ecc - Add NIST P521 curve parameters > crypto: ecdsa - Replace ndigits with nbits where precision is needed > crypto: ecdsa - Rename keylen to bufsize where necessary > crypto: ecdsa - Register NIST P521 and extend test suite > crypto: asymmetric_keys - Adjust signature size calculation for NIST > P521 > crypto: x509 - Add OID for NIST P521 and extend parser for it > > crypto/asymmetric_keys/public_key.c | 14 ++- > crypto/asymmetric_keys/x509_cert_parser.c | 3 + > crypto/ecc.c | 44 +++++-- > crypto/ecc_curve_defs.h | 49 ++++++++ > crypto/ecdsa.c | 63 +++++++--- > crypto/ecrdsa_defs.h | 5 + > crypto/testmgr.c | 7 ++ > crypto/testmgr.h | 146 ++++++++++++++++++++++ > include/crypto/ecc_curve.h | 2 + > include/crypto/ecdh.h | 1 + > include/crypto/internal/ecc.h | 24 +++- > include/linux/oid_registry.h | 1 + > 12 files changed, 336 insertions(+), 23 deletions(-) > > > base-commit: a9a72140536fe02d98bce72a608ccf3ba9008a71 > -- > 2.43.0 All applied. Thanks.
This series adds support for the NIST P521 curve to the ecdsa module to enable signature verification with it. An issue with the current code in ecdsa is that it assumes that input arrays providing key coordinates for example, are arrays of digits (a 'digit' is a 'u64'). This works well for all currently supported curves, such as NIST P192/256/384, but does not work for NIST P521 where coordinates are 8 digits + 2 bytes long. So some of the changes deal with converting byte arrays to digits and adjusting tests on input byte array lengths to tolerate arrays not providing multiples of 8 bytes. Regards, Stefan v8: - Changed nbits from unsigned int to u32 (5/13) - Added MODULE_ALIAS_CRYPTO("ecdsa-nist-p521") (11/13) - Applied R-b & T-b tags from Jarkko - Rebased on master branch at https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git v7: - Applied T-b tag from Christian to all patches - Applied R-b tag from Jarkko to some patches - Rephrased some patch descriptions per Jarkko's request v6: - Use existing #defines for number of digits rather than plain numbers (1/13, 6/13) following Bharat's suggestion - Initialize result from lowest 521 bits of product rather than going through tmp variable (6/13) v5: - Simplified ecc_digits_from_bytes as suggested by Lukas (1/12) - Using nbits == 521 to detect NIST P521 curve rather than strcmp() (5,6/12) - Nits in patch description and comments (11/12) v4: - Followed suggestions by Lukas Wummer (1,5,8/12) - Use nbits rather than ndigits where needed (8/12) - Renaming 'keylen' variablest to bufsize where necessary (9/12) - Adjust signature size calculation for NIST P521 (11/12) v3: - Dropped ecdh support - Use ecc_get_curve_nbits for getting number of bits in NIST P521 curve in ecc_point_mult (7/10) v2: - Reformulated some patch descriptions - Fixed issue detected by krobot - Some other small changes to the code Stefan Berger (13): crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible crypto: ecdsa - Convert byte arrays with key coordinates to digits crypto: ecdsa - Adjust tests on length of key parameters crypto: ecdsa - Extend res.x mod n calculation for NIST P521 crypto: ecc - Add nbits field to ecc_curve structure crypto: ecc - Implement vli_mmod_fast_521 for NIST p521 crypto: ecc - Add special case for NIST P521 in ecc_point_mult crypto: ecc - Add NIST P521 curve parameters crypto: ecdsa - Replace ndigits with nbits where precision is needed crypto: ecdsa - Rename keylen to bufsize where necessary crypto: ecdsa - Register NIST P521 and extend test suite crypto: asymmetric_keys - Adjust signature size calculation for NIST P521 crypto: x509 - Add OID for NIST P521 and extend parser for it crypto/asymmetric_keys/public_key.c | 14 ++- crypto/asymmetric_keys/x509_cert_parser.c | 3 + crypto/ecc.c | 44 +++++-- crypto/ecc_curve_defs.h | 49 ++++++++ crypto/ecdsa.c | 63 +++++++--- crypto/ecrdsa_defs.h | 5 + crypto/testmgr.c | 7 ++ crypto/testmgr.h | 146 ++++++++++++++++++++++ include/crypto/ecc_curve.h | 2 + include/crypto/ecdh.h | 1 + include/crypto/internal/ecc.h | 24 +++- include/linux/oid_registry.h | 1 + 12 files changed, 336 insertions(+), 23 deletions(-) base-commit: a9a72140536fe02d98bce72a608ccf3ba9008a71