From: Tadeusz Struk <tadeusz.struk@intel.com>
To: Tudor Ambarus <tudor-dan.ambarus@nxp.com>, herbert@gondor.apana.org.au
Cc: linux-crypto@vger.kernel.org, smueller@chronox.de, horia.geanta@nxp.com
Subject: Re: [PATCH 01/10] crypto: rsa - generalize ASN.1 sequences
Date: Sun, 20 Mar 2016 07:53:40 -0700 [thread overview]
Message-ID: <56EEB974.2030702@intel.com> (raw)
In-Reply-To: <1458325927-14737-1-git-send-email-tudor-dan.ambarus@nxp.com>
Hi Tudor,
On 03/18/2016 11:31 AM, Tudor Ambarus wrote:
> Use common ASN.1 sequences for all RSA implementations.
>
> Give hardware RSA implementations the chance to use
> the RSA's software implementation parser even if they
> are likely to want to use raw integers.
>
> The parser expects a context that contains at the first address
> a struct rsa_asn1_action with function pointers to specific
> parser actions (return MPI or raw integer keys), followed by
> a key representation structure (for MPI or raw integers).
>
> This approach has the advantage that users can select specific
> parser actions by using a general parser with function pointers
> to specific actions.
>
> Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
I like the rsa_asn1_action idea, but I have some comments regarding
the proposed implementation.
> -int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
> - unsigned int key_len);
> +struct rsa_asn1_action {
> + int (*get_n)(void *context, size_t hdrlen, unsigned char tag,
> + const void *value, size_t vlen);
> + int (*get_e)(void *context, size_t hdrlen, unsigned char tag,
> + const void *value, size_t vlen);
> + int (*get_d)(void *context, size_t hdrlen, unsigned char tag,
> + const void *value, size_t vlen);
> +};
To be able to take advantage of the Chinese remainder algorithm the
generic rsa_asn1_action should allow to provide handlers to obtain all
components of the private key i.e. handlers for p,q,dp,dq,qinv should
also be provided.
Also I think we don't need the size_t hdrlen and unsigned char tag here.
> +
> +struct rsa_ctx {
> + struct rsa_asn1_action action;
This should be a pointer to struct rsa_asn1_action *action;
There is no need to have a separate instance per tfm.
Drives should be able to use similar concept to how struct file_operations
is used. Instead of set_rsa_priv_action they should do
static const struct rsa_asn1_action impl_action = {
.get_n = impl_get_n;
.get_e = impl_get_e;
.....
};
and then:
static int rsa_set_priv_key(struct crypto_akcipher *tfm, const void *key,
unsigned int keylen)
{
struct rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
struct rsa_mpi_key *pkey = &ctx->key;
int ret;
ctx->action = &impl_action;
ret = rsa_parse_mpi_priv_key(ctx, key, keylen);
return ret;
}
and the parser for each component will look as follows:
int rsa_get_<X>(void *context, size_t hdrlen, unsigned char tag,
const void *value, size_t vlen)
{
struct rsa_ctx *ctx = context;
struct const rsa_asn1_action *action = ctx->action;
if (action->get_<X>)
return action->get_<X>(context, value, vlen);
return 0;
}
This will allow all the drivers to get what then need.
Thanks,
--
TS
next prev parent reply other threads:[~2016-03-20 14:58 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-18 18:31 [PATCH 01/10] crypto: rsa - generalize ASN.1 sequences Tudor Ambarus
2016-03-18 18:31 ` [PATCH 02/10] crypto: rsa_helper - add raw integer parser actions Tudor Ambarus
2016-03-18 19:46 ` Stephan Mueller
2016-03-21 15:17 ` Tudor-Dan Ambarus
2016-03-21 19:14 ` Stephan Mueller
2016-03-18 18:32 ` [PATCH 03/10] crypto: add CONFIG_ symbol for rsa helper Tudor Ambarus
2016-03-18 18:32 ` [PATCH 04/10] crypto: rsa_helper - export symbols for asn1 structures Tudor Ambarus
2016-03-18 18:32 ` [PATCH 05/10] crypto: qat - avoid memory corruption or undefined behaviour Tudor Ambarus
2016-03-18 18:32 ` [PATCH 06/10] crypto: qat - fix address leaking of RSA public exponent Tudor Ambarus
2016-03-18 18:32 ` [PATCH 07/10] crypto: qat - remove duplicate ASN.1 parser Tudor Ambarus
2016-03-20 14:55 ` Tadeusz Struk
2016-03-21 10:12 ` Tudor-Dan Ambarus
2016-03-18 18:32 ` [PATCH 08/10] crypto: scatterwak - Add scatterwalk_sg_copychunks Tudor Ambarus
2016-03-18 19:52 ` Stephan Mueller
2016-03-18 18:32 ` [PATCH 09/10] crypto: scatterwalk - export scatterwalk_pagedone Tudor Ambarus
2016-03-18 18:32 ` [PATCH 10/10] crypto: caam - add support for RSA algorithm Tudor Ambarus
2016-03-19 16:59 ` Stephan Mueller
2016-03-21 11:07 ` Tudor-Dan Ambarus
2016-03-20 14:53 ` Tadeusz Struk [this message]
2016-03-21 10:11 ` [PATCH 01/10] crypto: rsa - generalize ASN.1 sequences Tudor-Dan Ambarus
2016-03-21 15:24 ` Tadeusz Struk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56EEB974.2030702@intel.com \
--to=tadeusz.struk@intel.com \
--cc=herbert@gondor.apana.org.au \
--cc=horia.geanta@nxp.com \
--cc=linux-crypto@vger.kernel.org \
--cc=smueller@chronox.de \
--cc=tudor-dan.ambarus@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.