archive mirror
 help / color / mirror / Atom feed
From: Hongbo Li <>
Subject: [PATCH v2 0/7] crypto: add eddsa support for x509
Date: Thu, 27 May 2021 21:53:28 +0800	[thread overview]
Message-ID: <> (raw)

From: Hongbo Li <>

This series of patches add support for x509 cert signed by eddsa,
which is described in RFC8032 [1], currently ed25519 only.

Curve25519 is an elliptic curve used for key agreement(ECDH).
It is a Montgomery curve.

Edwards25519 is a twisted Edwards curve and birationally equivalent
to Curve25519, the birational maps are described in rfc7748 section 4.1.[2]
Ed25519 is a Digital Signature Algorithm over Edwards25519.

The kernel's curve25519 code is used for ECDH, such as set_secret(),
generate_public_key() and compute_shared_secret(), these are useless
for eddsa, and can not be reused, eddsa do the verification on the
given public key and signature.

According to RFC8032 section 4 [3], there're two variants: PureEdDSA and
HashEdDSA. These patches support PureEdDSA which named Ed25519.

Patch1 fix a memory leak bug in sm2.

Patch2 fix a mpi_resize bug, this bug will cause eddsa verification failed.

Patch3 exports some mpi common functions.

Patch4 makes x509 layer support eddsa.

Patch5 moves some common code in sm2 to separate files. These code is also
       used by eddsa.

Patch6 is the implementation of eddsa verification according to RFC8032
       section 5.1.7 [4].

Patch7 adds test vector for eddsa.

Test by the following script:

keyctl newring test @u

while :; do

    openssl req \
            -x509 \
            -newkey ED25519 \
            -keyout key.pem \
            -days 365 \
            -subj '/CN=test' \
            -nodes \
            -outform der \
            -out ${certfile} 2>/dev/null

    id=$(keyctl padd asymmetric testkey %keyring:test < "${certfile}")
    if [ $rc -ne $exp ]; then
        case "$exp" in
            0) echo "Error: Could not load ed25519 certificate $certfile!";
        exit 1
        case "$rc" in
            0) printf "load ed25519 cert keyid: %-10s\n" $id;

Best Regards


  -fix the warning "warning: no previous prototype"
   reported-by: kernel test robot <>
  -add more comments about these patches

Hongbo Li (7):
  crypto: fix a memory leak in sm2
  lib/mpi: use kcalloc in mpi_resize
  lib/mpi: export some common function
  x509: add support for eddsa
  crypto: move common code in sm2 to ec_mpi.c and ec_mpi.h
  crypto: ed25519 cert verification
  crypto: add eddsa test vector

 crypto/Kconfig                            |  15 +
 crypto/Makefile                           |   4 +
 crypto/asymmetric_keys/public_key.c       |  73 ++++-
 crypto/asymmetric_keys/x509_cert_parser.c |  14 +-
 crypto/asymmetric_keys/x509_public_key.c  |   4 +-
 crypto/ec_mpi.c                           |  82 ++++++
 crypto/ec_mpi.h                           |  37 +++
 crypto/eddsa.c                            | 326 ++++++++++++++++++++++
 crypto/sm2.c                              | 104 +------
 crypto/testmgr.c                          |   6 +
 crypto/testmgr.h                          |  32 +++
 include/linux/oid_registry.h              |   1 +
 lib/mpi/mpi-add.c                         |   4 +-
 lib/mpi/mpiutil.c                         |   2 +-
 14 files changed, 591 insertions(+), 113 deletions(-)
 create mode 100644 crypto/ec_mpi.c
 create mode 100644 crypto/ec_mpi.h
 create mode 100644 crypto/eddsa.c


             reply	other threads:[~2021-05-27 13:54 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-27 13:53 Hongbo Li [this message]
2021-05-27 13:53 ` [PATCH v2 1/7] crypto: fix a memory leak in sm2 Hongbo Li
2021-05-28  6:27   ` Tianjia Zhang
2021-05-31 12:43     ` hongbo li
2021-05-27 13:53 ` [PATCH v2 2/7] lib/mpi: use kcalloc in mpi_resize Hongbo Li
2021-05-27 13:53 ` [PATCH v2 3/7] lib/mpi: export some common function Hongbo Li
2021-05-27 13:53 ` [PATCH v2 4/7] x509: add support for eddsa Hongbo Li
2021-05-27 13:53 ` [PATCH v2 5/7] crypto: move common code in sm2 to ec_mpi.c and ec_mpi.h Hongbo Li
2021-05-27 13:53 ` [PATCH v2 6/7] crypto: ed25519 cert verification Hongbo Li
2021-05-27 13:53 ` [PATCH v2 7/7] crypto: add eddsa test vector Hongbo Li

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \ \ \ \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).