From: Tadeusz Struk <tadeusz.struk@intel.com>
To: Tudor Ambarus <tudor-dan.ambarus@nxp.com>, herbert@gondor.apana.org.au
Cc: linux-crypto@vger.kernel.org, smueller@chronox.de, horia.geanta@nxp.com
Subject: Re: [PATCH 01/10] crypto: rsa - generalize ASN.1 sequences
Date: Sun, 20 Mar 2016 07:53:40 -0700 [thread overview]
Message-ID: <56EEB974.2030702@intel.com> (raw)
In-Reply-To: <1458325927-14737-1-git-send-email-tudor-dan.ambarus@nxp.com>
Hi Tudor,
On 03/18/2016 11:31 AM, Tudor Ambarus wrote:
> Use common ASN.1 sequences for all RSA implementations.
>
> Give hardware RSA implementations the chance to use
> the RSA's software implementation parser even if they
> are likely to want to use raw integers.
>
> The parser expects a context that contains at the first address
> a struct rsa_asn1_action with function pointers to specific
> parser actions (return MPI or raw integer keys), followed by
> a key representation structure (for MPI or raw integers).
>
> This approach has the advantage that users can select specific
> parser actions by using a general parser with function pointers
> to specific actions.
>
> Signed-off-by: Tudor Ambarus <tudor-dan.ambarus@nxp.com>
I like the rsa_asn1_action idea, but I have some comments regarding
the proposed implementation.
> -int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
> - unsigned int key_len);
> +struct rsa_asn1_action {
> + int (*get_n)(void *context, size_t hdrlen, unsigned char tag,
> + const void *value, size_t vlen);
> + int (*get_e)(void *context, size_t hdrlen, unsigned char tag,
> + const void *value, size_t vlen);
> + int (*get_d)(void *context, size_t hdrlen, unsigned char tag,
> + const void *value, size_t vlen);
> +};
To be able to take advantage of the Chinese remainder algorithm the
generic rsa_asn1_action should allow to provide handlers to obtain all
components of the private key i.e. handlers for p,q,dp,dq,qinv should
also be provided.
Also I think we don't need the size_t hdrlen and unsigned char tag here.
> +
> +struct rsa_ctx {
> + struct rsa_asn1_action action;
This should be a pointer to struct rsa_asn1_action *action;
There is no need to have a separate instance per tfm.
Drives should be able to use similar concept to how struct file_operations
is used. Instead of set_rsa_priv_action they should do
static const struct rsa_asn1_action impl_action = {
.get_n = impl_get_n;
.get_e = impl_get_e;
.....
};
and then:
static int rsa_set_priv_key(struct crypto_akcipher *tfm, const void *key,
unsigned int keylen)
{
struct rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
struct rsa_mpi_key *pkey = &ctx->key;
int ret;
ctx->action = &impl_action;
ret = rsa_parse_mpi_priv_key(ctx, key, keylen);
return ret;
}
and the parser for each component will look as follows:
int rsa_get_<X>(void *context, size_t hdrlen, unsigned char tag,
const void *value, size_t vlen)
{
struct rsa_ctx *ctx = context;
struct const rsa_asn1_action *action = ctx->action;
if (action->get_<X>)
return action->get_<X>(context, value, vlen);
return 0;
}
This will allow all the drivers to get what then need.
Thanks,
--
TS
next prev parent reply other threads:[~2016-03-20 14:58 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-18 18:31 [PATCH 01/10] crypto: rsa - generalize ASN.1 sequences Tudor Ambarus
2016-03-18 18:31 ` [PATCH 02/10] crypto: rsa_helper - add raw integer parser actions Tudor Ambarus
2016-03-18 19:46 ` Stephan Mueller
2016-03-21 15:17 ` Tudor-Dan Ambarus
2016-03-21 19:14 ` Stephan Mueller
2016-03-18 18:32 ` [PATCH 03/10] crypto: add CONFIG_ symbol for rsa helper Tudor Ambarus
2016-03-18 18:32 ` [PATCH 04/10] crypto: rsa_helper - export symbols for asn1 structures Tudor Ambarus
2016-03-18 18:32 ` [PATCH 05/10] crypto: qat - avoid memory corruption or undefined behaviour Tudor Ambarus
2016-03-18 18:32 ` [PATCH 06/10] crypto: qat - fix address leaking of RSA public exponent Tudor Ambarus
2016-03-18 18:32 ` [PATCH 07/10] crypto: qat - remove duplicate ASN.1 parser Tudor Ambarus
2016-03-20 14:55 ` Tadeusz Struk
2016-03-21 10:12 ` Tudor-Dan Ambarus
2016-03-18 18:32 ` [PATCH 08/10] crypto: scatterwak - Add scatterwalk_sg_copychunks Tudor Ambarus
2016-03-18 19:52 ` Stephan Mueller
2016-03-18 18:32 ` [PATCH 09/10] crypto: scatterwalk - export scatterwalk_pagedone Tudor Ambarus
2016-03-18 18:32 ` [PATCH 10/10] crypto: caam - add support for RSA algorithm Tudor Ambarus
2016-03-19 16:59 ` Stephan Mueller
2016-03-21 11:07 ` Tudor-Dan Ambarus
2016-03-20 14:53 ` Tadeusz Struk [this message]
2016-03-21 10:11 ` [PATCH 01/10] crypto: rsa - generalize ASN.1 sequences Tudor-Dan Ambarus
2016-03-21 15:24 ` Tadeusz Struk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56EEB974.2030702@intel.com \
--to=tadeusz.struk@intel.com \
--cc=herbert@gondor.apana.org.au \
--cc=horia.geanta@nxp.com \
--cc=linux-crypto@vger.kernel.org \
--cc=smueller@chronox.de \
--cc=tudor-dan.ambarus@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).