回复：[PATCH 2/6] lib/mpi: Introduce ec implementation to MPI library

From: "Tianjia Zhang" <tianjia.zhang@linux.alibaba.com>
To: "smueller" <smueller@chronox.de>
Cc: "herbert" <herbert@gondor.apana.org.au>,
	"davem" <davem@davemloft.net>,
	"linux-crypto" <linux-crypto@vger.kernel.org>,
	"linux-kernel" <linux-kernel@vger.kernel.org>
Subject: 回复：[PATCH 2/6] lib/mpi: Introduce ec implementation to MPI library
Date: Mon, 27 Jan 2020 11:15:29 +0800	[thread overview]
Message-ID: <b71ed6fc-0c71-4eef-9023-064538e4011b.tianjia.zhang@linux.alibaba.com> (raw)
In-Reply-To: <659d400e-d107-4050-84fc-bd8d39409aa3.tianjia.zhang@linux.alibaba.com>

Hello Stephan,

> Why do we need a second implementation of ECC? Why can't we reuse the existing 
> ECC implementation in crypto/ecc.c? Or are there limitations in the existing 
> ECC implementation that cannot be fixed?

The implementation of crypto/ecc.c is still relatively crude at present, and the implementation of a complete elliptic curve is still incomplete.

In the beginning I did develop based on crypto/ecc.c, but then I couldn't go on.

mpi/ec.c is based on the more mature mpi library, and mpi has been well implemented in the kernel. The interface definition and operations have a more mature interface, and this interface is compatible with the kernel. It's also very good, openssl also has a corresponding BIGNUM structure, a complete elliptic curve such as sm2, both encryption and decryption and signature algorithms, and there are many inconveniences based on crypto/ecc.c development. A more powerful The underlying algorithm library to support, mpi from libgcrypt is a good choice.

I think that if possible, you can also consider migrating crypto/ecc.c based algorithms to mpi/ec.c in the future, so that mpi/ec.c becomes a basic elliptic curve algorithm.

Here are some of my personal views, welcome everyone to discuss, and hope that the maintainers can think about it.

Thanks.
Tianjia