All of lore.kernel.org
 help / color / mirror / Atom feed
From: Stefan Berger <stefanb@linux.ibm.com>
To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
	herbert@gondor.apana.org.au, davem@davemloft.net
Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br,
	lukas@wunner.de, bbhushan2@marvell.com, jarkko@kernel.org
Subject: Re: [PATCH v7 00/13] Add support for NIST P521 to ecdsa
Date: Wed, 20 Mar 2024 08:44:52 -0400	[thread overview]
Message-ID: <5c6c5f51-125b-4cc7-ac27-5a5358d514c7@linux.ibm.com> (raw)
In-Reply-To: <20240320114725.1644921-1-stefanb@linux.ibm.com>

I apologize for the missing part in the title.

    Stefan

On 3/20/24 07:47, Stefan Berger wrote:
> This series adds support for the NIST P521 curve to the ecdsa module
> to enable signature verification with it.
> 
> An issue with the current code in ecdsa is that it assumes that input
> arrays providing key coordinates for example, are arrays of digits
> (a 'digit' is a 'u64'). This works well for all currently supported
> curves, such as NIST P192/256/384, but does not work for NIST P521 where
> coordinates are 8 digits + 2 bytes long. So some of the changes deal with
> converting byte arrays to digits and adjusting tests on input byte
> array lengths to tolerate arrays not providing multiples of 8 bytes.
> 
> Regards,
>     Stefan
> 
> v7:
>   - Applied T-b tag from Christian to all patches
>   - Applied R-b tag from Jarkko to some patches
>   - Rephrased some patch descriptions per Jarkko's request
> 
> v6:
>   - Use existing #defines for number of digits rather than plain numbers
>     (1/13, 6/13) following Bharat's suggestion
>   - Initialize result from lowest 521 bits of product rather than going
>     through tmp variable (6/13)
> 
> v5:
>   - Simplified ecc_digits_from_bytes as suggested by Lukas (1/12)
>   - Using nbits == 521 to detect NIST P521 curve rather than strcmp()
>     (5,6/12)
>   - Nits in patch description and comments (11/12)
> 
> v4:
>   - Followed suggestions by Lukas Wummer (1,5,8/12)
>   - Use nbits rather than ndigits where needed (8/12)
>   - Renaming 'keylen' variablest to bufsize where necessary (9/12)
>   - Adjust signature size calculation for NIST P521 (11/12)
> 
> v3:
>   - Dropped ecdh support
>   - Use ecc_get_curve_nbits for getting number of bits in NIST P521 curve
>     in ecc_point_mult (7/10)
> 
> v2:
>   - Reformulated some patch descriptions
>   - Fixed issue detected by krobot
>   - Some other small changes to the code
> 
> Stefan Berger (13):
>    crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible
>    crypto: ecdsa - Convert byte arrays with key coordinates to digits
>    crypto: ecdsa - Adjust tests on length of key parameters
>    crypto: ecdsa - Extend res.x mod n calculation for NIST P521
>    crypto: ecc - Add nbits field to ecc_curve structure
>    crypto: ecc - Implement vli_mmod_fast_521 for NIST p521
>    crypto: ecc - Add special case for NIST P521 in ecc_point_mult
>    crypto: ecc - Add NIST P521 curve parameters
>    crypto: ecdsa - Replace ndigits with nbits where precision is needed
>    crypto: ecdsa - Rename keylen to bufsize where necessary
>    crypto: ecdsa - Register NIST P521 and extend test suite
>    crypto: asymmetric_keys - Adjust signature size calculation for NIST
>      P521
>    crypto: x509 - Add OID for NIST P521 and extend parser for it
> 
>   crypto/asymmetric_keys/public_key.c       |  14 ++-
>   crypto/asymmetric_keys/x509_cert_parser.c |   3 +
>   crypto/ecc.c                              |  44 +++++--
>   crypto/ecc_curve_defs.h                   |  49 ++++++++
>   crypto/ecdsa.c                            |  62 ++++++---
>   crypto/ecrdsa_defs.h                      |   5 +
>   crypto/testmgr.c                          |   7 ++
>   crypto/testmgr.h                          | 146 ++++++++++++++++++++++
>   include/crypto/ecc_curve.h                |   2 +
>   include/crypto/ecdh.h                     |   1 +
>   include/crypto/internal/ecc.h             |  24 +++-
>   include/linux/oid_registry.h              |   1 +
>   12 files changed, 335 insertions(+), 23 deletions(-)
> 

  parent reply	other threads:[~2024-03-20 12:45 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-20 11:47 Add support for NIST P521 to ecdsa Stefan Berger
2024-03-20 11:47 ` [PATCH v7 01/13] crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible Stefan Berger
2024-03-20 11:47 ` [PATCH v7 02/13] crypto: ecdsa - Convert byte arrays with key coordinates to digits Stefan Berger
2024-03-21 17:07   ` Jarkko Sakkinen
2024-03-20 11:47 ` [PATCH v7 03/13] crypto: ecdsa - Adjust tests on length of key parameters Stefan Berger
2024-03-21 17:11   ` Jarkko Sakkinen
2024-03-20 11:47 ` [PATCH v7 04/13] crypto: ecdsa - Extend res.x mod n calculation for NIST P521 Stefan Berger
2024-03-21 17:15   ` Jarkko Sakkinen
2024-03-20 11:47 ` [PATCH v7 05/13] crypto: ecc - Add nbits field to ecc_curve structure Stefan Berger
2024-03-21 17:17   ` Jarkko Sakkinen
2024-03-21 17:42     ` Stefan Berger
2024-03-21 18:24       ` Jarkko Sakkinen
2024-03-20 11:47 ` [PATCH v7 06/13] crypto: ecc - Implement vli_mmod_fast_521 for NIST p521 Stefan Berger
2024-03-21 17:18   ` Jarkko Sakkinen
2024-03-20 11:47 ` [PATCH v7 07/13] crypto: ecc - Add special case for NIST P521 in ecc_point_mult Stefan Berger
2024-03-20 11:47 ` [PATCH v7 08/13] crypto: ecc - Add NIST P521 curve parameters Stefan Berger
2024-03-20 11:47 ` [PATCH v7 09/13] crypto: ecdsa - Replace ndigits with nbits where precision is needed Stefan Berger
2024-03-21 17:19   ` Jarkko Sakkinen
2024-03-20 11:47 ` [PATCH v7 10/13] crypto: ecdsa - Rename keylen to bufsize where necessary Stefan Berger
2024-03-21 17:19   ` Jarkko Sakkinen
2024-03-20 11:47 ` [PATCH v7 11/13] crypto: ecdsa - Register NIST P521 and extend test suite Stefan Berger
2024-03-20 11:47 ` [PATCH v7 12/13] crypto: asymmetric_keys - Adjust signature size calculation for NIST P521 Stefan Berger
2024-03-21 17:20   ` Jarkko Sakkinen
2024-03-20 11:47 ` [PATCH v7 13/13] crypto: x509 - Add OID for NIST P521 and extend parser for it Stefan Berger
2024-03-21 17:20   ` Jarkko Sakkinen
2024-03-21 17:42     ` Stefan Berger
2024-03-21 18:25       ` Jarkko Sakkinen
2024-03-20 12:44 ` Stefan Berger [this message]
2024-03-25 19:18   ` [PATCH v7 00/13] Add support for NIST P521 to ecdsa Lukas Wunner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5c6c5f51-125b-4cc7-ac27-5a5358d514c7@linux.ibm.com \
    --to=stefanb@linux.ibm.com \
    --cc=bbhushan2@marvell.com \
    --cc=davem@davemloft.net \
    --cc=herbert@gondor.apana.org.au \
    --cc=jarkko@kernel.org \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lukas@wunner.de \
    --cc=saulo.alessandre@tse.jus.br \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.