Re: [RFC PATCH v2 1/4] crypto: ecc - add privkey generation support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Montag, 29. Mai 2017, 11:08:38 CEST schrieb Tudor Ambarus:

Hi Tudor,
> 
> >> +	unsigned int nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT;
> >> +
> >> +	get_random_bytes(priv, nbytes);
> > 
> > Can you please use crypto_get_default_rng / crypto_rng_get_bytes /
> > crypto_put_default_rng?
> 
> Actually I tried this and I encountered some problems, I'm currently
> debugging it.
> 
> When using the default rng and the run-time self tests are enabled,
> the kernel is in a blocking state. What's worse is that the kernel
> blocks before the console has the chance to be enabled and I can't see
> anything :).
> 
> I suspect that the kernel blocks because the rng does not have enough
> entropy. Could you please give me some hints?

Hm, there should be no blocking for the DRBG to initialize.

What happens if you compile that as a module and insmod it at runtime?
> 
> >> +
> >> +	if (vli_is_zero(priv, ndigits))
> >> +		return -EINVAL;
> >> +
> >> +	/* Make sure the private key is in the range [1, n-1]. */
> >> +	if (vli_cmp(curve->n, priv, ndigits) != 1)
> >> +		return -EINVAL;
> >> +
> >> +	ecc_swap_digits(priv, privkey, ndigits);
> > 
> > Is a byteswap faster than a copy operation by looping through priv/privkey
> > and simply assinging the value?
> 
> Maybe not, but I am consistent with the rest of the code. Can we change
> this in a latter patch, if necessary?

Ok, fine with me.


Ciao
Stephan



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux