Linux-Crypto Archive on lore.kernel.org
 help / color / Atom feed
From: Stephan Mueller <smueller@chronox.de>
To: "Stephan Müller" <smueller@chronox.de>,
	herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org,
	"Marcelo Cerri" <marcelo.cerri@canonical.com>,
	"Tianjia Zhang" <tianjia.zhang@linux.alibaba.com>,
	ard.biesheuvel@linaro.org, nhorman@redhat.com, simo@redhat.com
Subject: Re: [PATCH v2 5/5] crypto: ECDH SP800-56A rev 3 local public key validation
Date: Mon, 13 Jul 2020 07:04:39 +0200
Message-ID: <5856902.DvuYhMxLoT@tauon.chronox.de> (raw)
In-Reply-To: <20200712180613.dkzaklumuxndpgfw@altlinux.org>

Am Sonntag, 12. Juli 2020, 20:06:13 CEST schrieb Vitaly Chikunov:

Hi Vitaly,

> Stephan,
> 
> On Sun, Jul 12, 2020 at 06:42:14PM +0200, Stephan Müller wrote:
> > After the generation of a local public key, SP800-56A rev 3 section
> > 5.6.2.1.3 mandates a validation of that key with a full validation
> > compliant to section 5.6.2.3.3.
> > 
> > Only if the full validation passes, the key is allowed to be used.
> > 
> > The patch adds the full key validation compliant to 5.6.2.3.3 and
> > performs the required check on the generated public key.
> > 
> > Signed-off-by: Stephan Mueller <smueller@chronox.de>
> > ---
> > 
> >  crypto/ecc.c | 31 ++++++++++++++++++++++++++++++-
> >  crypto/ecc.h | 14 ++++++++++++++
> >  2 files changed, 44 insertions(+), 1 deletion(-)
> > 
> > diff --git a/crypto/ecc.c b/crypto/ecc.c
> > index 52e2d49262f2..7308487e7c55 100644
> > --- a/crypto/ecc.c
> > +++ b/crypto/ecc.c
> > @@ -1404,7 +1404,9 @@ int ecc_make_pub_key(unsigned int curve_id, unsigned
> > int ndigits,> 
> >  	}
> >  	
> >  	ecc_point_mult(pk, &curve->g, priv, NULL, curve, ndigits);
> > 
> > -	if (ecc_point_is_zero(pk)) {
> > +
> > +	/* SP800-56A rev 3 5.6.2.1.3 key check */
> > +	if (ecc_is_pubkey_valid_full(curve, pk)) {
> > 
> >  		ret = -EAGAIN;
> >  		goto err_free_point;
> >  	
> >  	}
> > 
> > @@ -1452,6 +1454,33 @@ int ecc_is_pubkey_valid_partial(const struct
> > ecc_curve *curve,> 
> >  }
> >  EXPORT_SYMBOL(ecc_is_pubkey_valid_partial);
> > 
> > +/* SP800-56A section 5.6.2.3.3 full verification */
> 
> Btw, 5.6.2.3.3 is partial validation, 5.6.2.3.2 is full validation
> routine.

Looking at SP800-56A revision 3 from April 2018 I see:

"5.6.2.3.3 ECC Full Public-Key Validation Routine"

Thanks for the review.

Ciao
Stephan



  reply index

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-10 10:09 [PATCH 0/3] DH: SP800-56A rev 3 compliant shared secret Stephan Müller
2020-07-10 10:10 ` [PATCH 1/3] crypto: ECDH - check validity of Z before export Stephan Müller
2020-07-10 10:10 ` [PATCH 2/3] lib/mpi: Add mpi_sub_ui() Stephan Müller
2020-07-10 14:42   ` Ard Biesheuvel
2020-07-10 15:10     ` Stephan Mueller
2020-07-10 10:15 ` [PATCH 3/3] crypto: DH - check validity of Z before export Stephan Müller
2020-07-12 16:38 ` [PATCH v2 0/5] DH: SP800-56A rev 3 compliant validation checks Stephan Müller
2020-07-12 16:39   ` [PATCH v2 1/5] crypto: ECDH - check validity of Z before export Stephan Müller
2020-07-12 18:02     ` Vitaly Chikunov
2020-07-15 13:17     ` Marcelo Henrique Cerri
2020-07-12 16:39   ` [PATCH v2 2/5] lib/mpi: Add mpi_sub_ui() Stephan Müller
2020-07-16  7:30     ` Herbert Xu
2020-07-16  8:41       ` Ard Biesheuvel
2020-07-16 12:50         ` Marcelo Henrique Cerri
2020-07-16 13:09           ` Ard Biesheuvel
2020-07-16 13:41             ` Marcelo Henrique Cerri
2020-07-16 13:53               ` Ard Biesheuvel
2020-07-16 14:23                 ` Marcelo Henrique Cerri
2020-07-16 14:37                   ` Ard Biesheuvel
2020-07-16 14:56                     ` Marcelo Henrique Cerri
2020-07-16 15:20                       ` Ard Biesheuvel
2020-07-12 16:40   ` [PATCH v2 3/5] crypto: DH - check validity of Z before export Stephan Müller
2020-07-15 13:17     ` Marcelo Henrique Cerri
2020-07-12 16:40   ` [PATCH v2 4/5] crypto: DH SP800-56A rev 3 local public key validation Stephan Müller
2020-07-15 13:18     ` Marcelo Henrique Cerri
2020-07-12 16:42   ` [PATCH v2 5/5] crypto: ECDH " Stephan Müller
2020-07-12 18:06     ` Vitaly Chikunov
2020-07-13  5:04       ` Stephan Mueller [this message]
2020-07-13  5:59         ` Vitaly Chikunov
2020-07-13  6:02           ` Stephan Müller
2020-07-15 13:19     ` Marcelo Henrique Cerri
2020-07-20 17:05   ` [PATCH v3 0/5] DH: SP800-56A rev 3 compliant validation checks Stephan Müller
2020-07-20 17:07     ` [PATCH v3 1/5] crypto: ECDH - check validity of Z before export Stephan Müller
2020-07-22 13:11       ` Vitaly Chikunov
2020-07-24 17:47       ` Neil Horman
2020-07-20 17:08     ` [PATCH v3 2/5] lib/mpi: Add mpi_sub_ui() Stephan Müller
2020-07-20 17:08     ` [PATCH v3 3/5] crypto: DH - check validity of Z before export Stephan Müller
2020-07-24 18:02       ` Neil Horman
2020-07-20 17:08     ` [PATCH v3 4/5] crypto: DH SP800-56A rev 3 local public key validation Stephan Müller
2020-07-20 17:09     ` [PATCH v3 5/5] crypto: ECDH " Stephan Müller
2020-07-21 11:35     ` [PATCH v3 0/5] DH: SP800-56A rev 3 compliant validation checks Marcelo Henrique Cerri
2020-07-31 13:29     ` Herbert Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5856902.DvuYhMxLoT@tauon.chronox.de \
    --to=smueller@chronox.de \
    --cc=ard.biesheuvel@linaro.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=marcelo.cerri@canonical.com \
    --cc=nhorman@redhat.com \
    --cc=simo@redhat.com \
    --cc=tianjia.zhang@linux.alibaba.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Crypto Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-crypto/0 linux-crypto/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-crypto linux-crypto/ https://lore.kernel.org/linux-crypto \
		linux-crypto@vger.kernel.org
	public-inbox-index linux-crypto

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-crypto


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git