From: yumeng <yumeng18@huawei.com>
To: <Tudor.Ambarus@microchip.com>, <herbert@gondor.apana.org.au>,
<davem@davemloft.net>, <marcel@holtmann.org>,
<johan.hedberg@gmail.com>, <luiz.dentz@gmail.com>
Cc: <linux-crypto@vger.kernel.org>, <xuzaibo@huawei.com>,
<wangzhou1@hisilicon.com>, <linux-kernel@vger.kernel.org>,
<Nicolas.Ferre@microchip.com>
Subject: Re: [PATCH v9 3/7] crypto: move curve_id of ECDH from the key to algorithm name
Date: Thu, 25 Feb 2021 08:56:55 +0800 [thread overview]
Message-ID: <ced696e8-c7f8-d360-5470-9fa8f61e886a@huawei.com> (raw)
In-Reply-To: <e3b4c883-d2f3-0bf0-ffab-42ff5ffe31b8@microchip.com>
在 2021/2/24 18:15, Tudor.Ambarus@microchip.com 写道:
> On 2/24/21 3:29 AM, yumeng wrote:
>> EXTERNAL EMAIL: Do not click links or open attachments unless you know the content is safe
>>
>> 在 2021/2/23 18:44, Tudor.Ambarus@microchip.com 写道:
>>> Hi,
>>>
>>> On 2/23/21 9:10 AM, Meng Yu wrote:
>>>> --- a/drivers/crypto/atmel-ecc.c
>>>> +++ b/drivers/crypto/atmel-ecc.c
>>>> @@ -104,7 +104,7 @@ static int atmel_ecdh_set_secret(struct crypto_kpp *tfm, const void *buf,
>>>> return -EINVAL;
>>>> }
>>>>
>>>> - ctx->n_sz = atmel_ecdh_supported_curve(params.curve_id);
>>>> + ctx->n_sz = atmel_ecdh_supported_curve(ctx->curve_id);
>>>> if (!ctx->n_sz || params.key_size) {
>>>> /* fallback to ecdh software implementation */
>>>> ctx->do_fallback = true;
>>>
>>> Now that you moved the curve id info into the alg name, and it is
>>> no longer dynamically discovered when decoding the key, does it
>>> still make sense to keep the curve id, the key size checks, and
>>> the fallback to the software implementation?
>>> I think we can keep the curve id, the key size check if 'atmel-ecc' may
>> support other curves in the future, and if you're sure P256 is the only
>> curve 'atmel-ecc' uses, and it will be changed, we can delete it.
>>
>> And fallback to ecdh software implementation is needed when
>> params.key_size is zero.
>>
>
> I've read the code again, now I remember. The fallback is needed indeed,
> but for other reason. ecdh-nist-p256 will be handled in the crypto IP
> only when its user provides a zero length private key: we will use a
> pre-provisioned private key that can't be read outside of the device.
> The fallback was needed for ecdh-nist-p256 when the user provides a
> non-zero private key, or for other curve IDs.
>
> Since the atecc508 and atecc608 (for which there isn't support in kernel
> as of now) both support just NIST Standard P256 Elliptic Curve, and the
> curve id is now unique per alg, the ctx->curve_id handling does no longer
> make sense. So please remove the ctx->curve_id handling. ctx->n_sz can be
> removed too and use instead directly ATMEL_ECC_NIST_P256_N_SIZE, similar
> to how ATMEL_ECC_PUBKEY_SIZE is used.
>
OK, thanks, I will remove it. But I'd like to wait 2 more days, as maybe
the owners of other modules (like crypto or bluetooth) have any comments.
thanks.
next prev parent reply other threads:[~2021-02-25 0:58 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-23 7:10 [PATCH v9 0/7] add ECDH and CURVE25519 algorithms support for Kunpeng 930 Meng Yu
2021-02-23 7:10 ` [PATCH v9 1/7] crypto: hisilicon/hpre - add version adapt to new algorithms Meng Yu
2021-02-23 7:10 ` [PATCH v9 2/7] crypto: hisilicon/hpre - add algorithm type Meng Yu
2021-02-23 7:10 ` [PATCH v9 3/7] crypto: move curve_id of ECDH from the key to algorithm name Meng Yu
2021-02-23 10:44 ` Tudor.Ambarus
2021-02-24 1:19 ` yumeng
2021-02-24 1:29 ` yumeng
2021-02-24 10:15 ` Tudor.Ambarus
2021-02-25 0:56 ` yumeng [this message]
2021-02-23 7:10 ` [PATCH v9 4/7] crypto: and expose ecc curves Meng Yu
2021-02-23 7:10 ` [PATCH v9 5/7] crypto: hisilicon/hpre - add 'ECDH' algorithm Meng Yu
2021-02-23 7:10 ` [PATCH v9 6/7] crypto: add curve25519 params and expose them Meng Yu
2021-02-23 7:10 ` [PATCH v9 7/7] crypto: hisilicon/hpre - add 'CURVE25519' algorithm Meng Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ced696e8-c7f8-d360-5470-9fa8f61e886a@huawei.com \
--to=yumeng18@huawei.com \
--cc=Nicolas.Ferre@microchip.com \
--cc=Tudor.Ambarus@microchip.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=johan.hedberg@gmail.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
--cc=marcel@holtmann.org \
--cc=wangzhou1@hisilicon.com \
--cc=xuzaibo@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).