On Thu, Apr 04, 2024 at 10:18:43AM -0400, Stefan Berger wrote: > This series adds support for the NIST P521 curve to the ecdsa module > to enable signature verification with it. > > An issue with the current code in ecdsa is that it assumes that input > arrays providing key coordinates for example, are arrays of digits > (a 'digit' is a 'u64'). This works well for all currently supported > curves, such as NIST P192/256/384, but does not work for NIST P521 where > coordinates are 8 digits + 2 bytes long. So some of the changes deal with > converting byte arrays to digits and adjusting tests on input byte > array lengths to tolerate arrays not providing multiples of 8 bytes. > > Regards, > Stefan > > v8: > - Changed nbits from unsigned int to u32 (5/13) > - Added MODULE_ALIAS_CRYPTO("ecdsa-nist-p521") (11/13) > - Applied R-b & T-b tags from Jarkko > - Rebased on master branch at > https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git > > v7: > - Applied T-b tag from Christian to all patches > - Applied R-b tag from Jarkko to some patches > - Rephrased some patch descriptions per Jarkko's request > > v6: > - Use existing #defines for number of digits rather than plain numbers > (1/13, 6/13) following Bharat's suggestion > - Initialize result from lowest 521 bits of product rather than going > through tmp variable (6/13) > > v5: > - Simplified ecc_digits_from_bytes as suggested by Lukas (1/12) > - Using nbits == 521 to detect NIST P521 curve rather than strcmp() > (5,6/12) > - Nits in patch description and comments (11/12) > > v4: > - Followed suggestions by Lukas Wummer (1,5,8/12) > - Use nbits rather than ndigits where needed (8/12) > - Renaming 'keylen' variablest to bufsize where necessary (9/12) > - Adjust signature size calculation for NIST P521 (11/12) > > v3: > - Dropped ecdh support > - Use ecc_get_curve_nbits for getting number of bits in NIST P521 curve > in ecc_point_mult (7/10) > > v2: > - Reformulated some patch descriptions > - Fixed issue detected by krobot > - Some other small changes to the code > > > Stefan Berger (13): > crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible > crypto: ecdsa - Convert byte arrays with key coordinates to digits > crypto: ecdsa - Adjust tests on length of key parameters > crypto: ecdsa - Extend res.x mod n calculation for NIST P521 > crypto: ecc - Add nbits field to ecc_curve structure > crypto: ecc - Implement vli_mmod_fast_521 for NIST p521 > crypto: ecc - Add special case for NIST P521 in ecc_point_mult > crypto: ecc - Add NIST P521 curve parameters > crypto: ecdsa - Replace ndigits with nbits where precision is needed > crypto: ecdsa - Rename keylen to bufsize where necessary > crypto: ecdsa - Register NIST P521 and extend test suite > crypto: asymmetric_keys - Adjust signature size calculation for NIST > P521 > crypto: x509 - Add OID for NIST P521 and extend parser for it > > crypto/asymmetric_keys/public_key.c | 14 ++- > crypto/asymmetric_keys/x509_cert_parser.c | 3 + > crypto/ecc.c | 44 +++++-- > crypto/ecc_curve_defs.h | 49 ++++++++ > crypto/ecdsa.c | 63 +++++++--- > crypto/ecrdsa_defs.h | 5 + > crypto/testmgr.c | 7 ++ > crypto/testmgr.h | 146 ++++++++++++++++++++++ > include/crypto/ecc_curve.h | 2 + > include/crypto/ecdh.h | 1 + > include/crypto/internal/ecc.h | 24 +++- > include/linux/oid_registry.h | 1 + > 12 files changed, 336 insertions(+), 23 deletions(-) > > > base-commit: a9a72140536fe02d98bce72a608ccf3ba9008a71 > -- > 2.43.0 All applied. Thanks. -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt