linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Stephan Müller" <smueller@chronox.de>
To: Nitin Kumbhar <nkumbhar@nvidia.com>
Cc: herbert@gondor.apana.org.au, davem@davemloft.net,
	linux-crypto@vger.kernel.org
Subject: Re: [PATCH v2 4/6] crypto: ecdsa: add ECDSA SW implementation
Date: Sun, 05 Feb 2017 10:51:55 +0100	[thread overview]
Message-ID: <23226140.jIxROAf0uE@tauon.atsec.com> (raw)
In-Reply-To: <1486120375-13070-5-git-send-email-nkumbhar@nvidia.com>

Am Freitag, 3. Februar 2017, 16:42:53 CET schrieb Nitin Kumbhar:

Hi Nitin,

> +
> +int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key,
> +		      unsigned int keylen)
> +{
> +	struct ecdsa_ctx *ctx = ecdsa_get_ctx(tfm);
> +	struct ecdsa params;
> +	unsigned int ndigits;
> +	unsigned int nbytes;
> +	u8 *params_qx, *params_qy;
> +	u64 *ctx_qx, *ctx_qy;
> +	int err = 0;
> +
> +	if (crypto_ecdsa_parse_pub_key(key, keylen, &params))
> +		return -EINVAL;
> +
> +	ndigits = ecdsa_supported_curve(params.curve_id);
> +	if (!ndigits)
> +		return -EINVAL;
> +
> +	err = ecc_is_pub_key_valid(params.curve_id, ndigits,
> +				   params.key, params.key_size);
> +	if (err)
> +		return err;
> +
> +	ctx->curve_id = params.curve_id;
> +	ctx->ndigits = ndigits;
> +	nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT;
> +
> +	params_qx = params.key;
> +	params_qy = params_qx + ECC_MAX_DIGIT_BYTES;
> +
> +	ctx_qx = ctx->public_key;
> +	ctx_qy = ctx_qx + ECC_MAX_DIGITS;
> +
> +	vli_copy_from_buf(ctx_qx, ndigits, params_qx, nbytes);
> +	vli_copy_from_buf(ctx_qy, ndigits, params_qy, nbytes);
> +
> +	memset(&params, 0, sizeof(params));
> +	return 0;
> +}
> +
> +int ecdsa_set_priv_key(struct crypto_akcipher *tfm, const void *key,
> +		       unsigned int keylen)
> +{
> +	struct ecdsa_ctx *ctx = ecdsa_get_ctx(tfm);
> +	struct ecdsa params;
> +	unsigned int ndigits;
> +	unsigned int nbytes;
> +
> +	if (crypto_ecdsa_parse_priv_key(key, keylen, &params))
> +		return -EINVAL;
> +
> +	ndigits = ecdsa_supported_curve(params.curve_id);
> +	if (!ndigits)
> +		return -EINVAL;
> +
> +	ctx->curve_id = params.curve_id;
> +	ctx->ndigits = ndigits;
> +	nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT;
> +
> +	if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits,
> +			     (const u8 *)params.key, params.key_size) < 0)
> +		return -EINVAL;
> +
> +	vli_copy_from_buf(ctx->private_key, ndigits, params.key, nbytes);
> +
> +	memset(&params, 0, sizeof(params));

Please use memzero_explicit as otherwise this memset will be optimized away. I 
think it could be used for the set_pub_key too, but there we do not have 
sensitive data and thus it would not be strictly needed.

> +	return 0;
> +}


Ciao
Stephan

  reply	other threads:[~2017-02-05  9:52 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-03 11:12 [PATCH v2 0/6] Add support for ECDSA algorithm Nitin Kumbhar
2017-02-03 11:12 ` [PATCH v2 1/6] crypto: ecc: separate out ecc and ecdh Nitin Kumbhar
2017-02-03 11:12 ` [PATCH v2 2/6] crypto: ecc: add vli and ecc ops Nitin Kumbhar
2017-02-03 11:12 ` [PATCH v2 3/6] crypto: ecc: export " Nitin Kumbhar
2017-02-03 11:12 ` [PATCH v2 4/6] crypto: ecdsa: add ECDSA SW implementation Nitin Kumbhar
2017-02-05  9:51   ` Stephan Müller [this message]
2017-02-03 11:12 ` [PATCH v2 5/6] crypto: testmgr: add ECDSA tests Nitin Kumbhar
2017-02-03 11:12 ` [PATCH v2 6/6] crypto: tcrypt: add ECDSA test modes Nitin Kumbhar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=23226140.jIxROAf0uE@tauon.atsec.com \
    --to=smueller@chronox.de \
    --cc=davem@davemloft.net \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=nkumbhar@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).