From: Lukas Wunner <lukas@wunner.de>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Eric Biggers <ebiggers@google.com>,
Stefan Berger <stefanb@linux.ibm.com>,
Vitaly Chikunov <vt@altlinux.org>,
Tadeusz Struk <tstruk@gigaio.com>,
"Dimitri John Ledkov" <dimitri.ledkov@canonical.com>
Cc: David Howells <dhowells@redhat.com>,
Andrew Zaborowski <andrew.zaborowski@intel.com>,
Saulo Alessandre <saulo.alessandre@tse.jus.br>,
Jonathan Cameron <Jonathan.Cameron@huawei.com>,
Ignat Korchagin <ignat@cloudflare.com>,
Marek Behun <kabel@kernel.org>,
Varad Gautam <varadgautam@google.com>,
Stephan Mueller <smueller@chronox.de>,
Denis Kenzior <denkenz@gmail.com>,
linux-crypto@vger.kernel.org, keyrings@vger.kernel.org,
Mimi Zohar <zohar@linux.ibm.com>,
Roberto Sassu <roberto.sassu@huawei.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
Eric Snowberg <eric.snowberg@oracle.com>,
linux-security-module@vger.kernel.org,
Gonglei <arei.gonglei@huawei.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Jason Wang <jasowang@redhat.com>,
Xuan Zhuo <xuanzhuo@linux.alibaba.com>,
Eugenio Perez <eperezma@redhat.com>,
virtualization@lists.linux.dev,
zhenwei pi <pizhenwei@bytedance.com>,
lei he <helei.sig11@bytedance.com>,
Neal Liu <neal_liu@aspeedtech.com>, Joel Stanley <joel@jms.id.au>,
Andrew Jeff ery <andrew@codeconstruct.com.au>,
linux-aspeed@lists.ozlabs.org, Zhiqi Song <songzhiqi1@huawei.com>,
Longfang Liu <liulongfang@huawei.com>,
Jia Jie Ho <jiajie.ho@starfivetech.com>,
William Qiu <william.qiu@starfivetech.com>
Subject: [PATCH v2 00/19] Migrate to sig_alg and templatize ecdsa
Date: Tue, 10 Sep 2024 16:30:10 +0200 [thread overview]
Message-ID: <cover.1725972333.git.lukas@wunner.de> (raw)
The original impetus of this series is to introduce P1363 signature
decoding for ecdsa (patch [18/19]), which is needed by the upcoming
SPDM library (Security Protocol and Data Model) for PCI device
authentication.
To facilitate that, move X9.62 signature decoding out of ecdsa.c and
into a template (patch [15/19]).
New in v2: Move the maximum signature size calculations for ecdsa
out of software_key_query() and into the X9.62 template so that
corresponding calculations can be added for P1363 without further
cluttering up software_key_query() (patch [16/19] - [17/19]).
New in v2: Avoid inefficient copying from kernel buffers to sglists
in the new templates by introducing a sig_alg backend and migrating
all algorithms to it, per Herbert's advice (patch [02/19] - [12/19]).
Clean up various smaller issues that caught my eye in ecdsa
(patch [01/19] and [14/19]), ecrdsa (patch [19/19]) and
ASN.1 headers (patch [13/19]).
I've also accumulated various cleanups for crypto virtio on my
development branch but will leave them for another day as this
series is already nearing the "too big to review" threshold. ;)
I've run selftests on every single commit, but further testing
would be appreciated to raise the confidence.
Link to v1:
https://lore.kernel.org/all/cover.1722260176.git.lukas@wunner.de/
Changes v1 -> v2:
* [PATCH 13/19] ASN.1: Clean up include statements in public headers
* Drop "#include <linux/bug.h>" from <linux/asn1_encoder.h> (Jonathan)
* [PATCH 14/19] crypto: ecdsa - Avoid signed integer overflow on signature
decoding
* Add code comment explaining why vlen may be larger than bufsize (Stefan)
* [PATCH 15/19] crypto: ecdsa - Move X9.62 signature decoding into template
* Drop unnecessary "params", "param_len" and "algo" definitions from
ecdsa_nist_p{192,256,384,521}_tv_template[].
* Introduce and use struct ecdsa_raw_sig in <crypto/internal/ecc.h>.
* [PATCH 18/19] crypto: ecdsa - Support P1363 signature decoding
* Drop unnecessary "params", "param_len" and "algo" definitions from
p1363_ecdsa_nist_p256_tv_template[].
Lukas Wunner (19):
crypto: ecdsa - Drop unused test vector elements
crypto: sig - Introduce sig_alg backend
crypto: ecdsa - Migrate to sig_alg backend
crypto: ecrdsa - Migrate to sig_alg backend
crypto: rsa-pkcs1pad - Deduplicate set_{pub,priv}_key callbacks
crypto: rsassa-pkcs1 - Migrate to sig_alg backend
crypto: rsassa-pkcs1 - Harden digest length verification
crypto: rsassa-pkcs1 - Avoid copying hash prefix
crypto: virtio - Drop sign/verify operations
crypto: drivers - Drop sign/verify operations
crypto: akcipher - Drop sign/verify operations
crypto: sig - Move crypto_sig_*() API calls to include file
ASN.1: Clean up include statements in public headers
crypto: ecdsa - Avoid signed integer overflow on signature decoding
crypto: ecdsa - Move X9.62 signature decoding into template
crypto: sig - Rename crypto_sig_maxsize() to crypto_sig_keysize()
crypto: ecdsa - Move X9.62 signature size calculation into template
crypto: ecdsa - Support P1363 signature decoding
crypto: ecrdsa - Fix signature size calculation
Documentation/crypto/api-akcipher.rst | 2 +-
Documentation/crypto/api-sig.rst | 15 +
Documentation/crypto/api.rst | 1 +
Documentation/crypto/architecture.rst | 2 +
crypto/Kconfig | 5 +-
crypto/Makefile | 5 +-
crypto/akcipher.c | 64 +-
crypto/asymmetric_keys/public_key.c | 58 +-
crypto/ecdsa-p1363.c | 159 ++++
crypto/ecdsa-x962.c | 237 +++++
crypto/ecdsa.c | 209 ++---
crypto/ecrdsa.c | 64 +-
crypto/internal.h | 19 -
crypto/rsa-pkcs1pad.c | 371 +-------
crypto/rsa.c | 17 +-
crypto/rsassa-pkcs1.c | 442 +++++++++
crypto/sig.c | 143 +--
crypto/testmgr.c | 320 +++++--
crypto/testmgr.h | 884 +++++++++++++++---
drivers/crypto/aspeed/aspeed-acry.c | 2 -
drivers/crypto/hisilicon/hpre/hpre_crypto.c | 2 -
drivers/crypto/starfive/jh7110-rsa.c | 2 -
.../virtio/virtio_crypto_akcipher_algs.c | 65 +-
include/crypto/akcipher.h | 69 +-
include/crypto/internal/akcipher.h | 4 +-
include/crypto/internal/ecc.h | 14 +
include/crypto/internal/rsa.h | 29 +
include/crypto/internal/sig.h | 80 ++
include/crypto/sig.h | 152 ++-
include/linux/asn1_decoder.h | 1 +
include/linux/asn1_encoder.h | 1 -
include/linux/slab.h | 1 +
include/uapi/linux/cryptouser.h | 5 +
include/uapi/linux/virtio_crypto.h | 1 +
security/integrity/ima/ima_main.c | 6 +-
35 files changed, 2398 insertions(+), 1053 deletions(-)
create mode 100644 Documentation/crypto/api-sig.rst
create mode 100644 crypto/ecdsa-p1363.c
create mode 100644 crypto/ecdsa-x962.c
create mode 100644 crypto/rsassa-pkcs1.c
--
2.43.0
next reply other threads:[~2024-09-10 14:39 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-10 14:30 Lukas Wunner [this message]
2024-09-10 14:30 ` [PATCH v2 01/19] crypto: ecdsa - Drop unused test vector elements Lukas Wunner
2024-09-10 18:49 ` Stefan Berger
2024-09-11 11:52 ` Jarkko Sakkinen
2024-09-12 7:59 ` Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 02/19] crypto: sig - Introduce sig_alg backend Lukas Wunner
2024-09-11 12:12 ` Jarkko Sakkinen
2024-09-12 7:54 ` Lukas Wunner
2024-09-12 14:19 ` Jarkko Sakkinen
2024-09-12 15:27 ` Lukas Wunner
2024-09-12 17:14 ` Jarkko Sakkinen
2024-11-18 7:56 ` Jarkko Sakkinen
2024-09-13 18:40 ` Jonathan Cameron
2024-09-10 14:30 ` [PATCH v2 03/19] crypto: ecdsa - Migrate to " Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 04/19] crypto: ecrdsa " Lukas Wunner
2024-09-11 12:49 ` Jarkko Sakkinen
2024-09-12 8:05 ` Lukas Wunner
2024-09-12 14:20 ` Jarkko Sakkinen
2024-09-10 14:30 ` [PATCH v2 05/19] crypto: rsa-pkcs1pad - Deduplicate set_{pub,priv}_key callbacks Lukas Wunner
2024-09-10 19:03 ` Stefan Berger
2024-09-11 12:54 ` Jarkko Sakkinen
2024-09-10 14:30 ` [PATCH v2 06/19] crypto: rsassa-pkcs1 - Migrate to sig_alg backend Lukas Wunner
2024-09-11 12:56 ` Jarkko Sakkinen
2024-10-21 16:08 ` Klara Modin
2024-10-21 19:02 ` Lukas Wunner
2024-10-22 10:15 ` Klara Modin
2024-10-23 10:19 ` Klara Modin
2024-10-25 7:17 ` Lukas Wunner
2024-10-25 16:50 ` Eric Biggers
2024-10-26 9:40 ` Klara Modin
2024-10-28 11:45 ` Klara Modin
2024-09-10 14:30 ` [PATCH v2 07/19] crypto: rsassa-pkcs1 - Harden digest length verification Lukas Wunner
2024-09-11 12:58 ` Jarkko Sakkinen
2024-09-10 14:30 ` [PATCH v2 08/19] crypto: rsassa-pkcs1 - Avoid copying hash prefix Lukas Wunner
2024-09-11 13:00 ` Jarkko Sakkinen
2024-09-10 14:30 ` [PATCH v2 09/19] crypto: virtio - Drop sign/verify operations Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 10/19] crypto: drivers " Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 11/19] crypto: akcipher " Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 12/19] crypto: sig - Move crypto_sig_*() API calls to include file Lukas Wunner
2024-09-10 19:24 ` Stefan Berger
2024-09-10 14:30 ` [PATCH v2 13/19] ASN.1: Clean up include statements in public headers Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 14/19] crypto: ecdsa - Avoid signed integer overflow on signature decoding Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 15/19] crypto: ecdsa - Move X9.62 signature decoding into template Lukas Wunner
2024-09-10 20:46 ` Stefan Berger
2024-09-10 14:30 ` [PATCH v2 16/19] crypto: sig - Rename crypto_sig_maxsize() to crypto_sig_keysize() Lukas Wunner
2024-09-11 13:02 ` Jarkko Sakkinen
2024-09-12 8:12 ` Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 17/19] crypto: ecdsa - Move X9.62 signature size calculation into template Lukas Wunner
2024-09-10 14:30 ` [PATCH v2 18/19] crypto: ecdsa - Support P1363 signature decoding Lukas Wunner
2024-09-10 21:46 ` Stefan Berger
2024-09-10 14:30 ` [PATCH v2 19/19] crypto: ecrdsa - Fix signature size calculation Lukas Wunner
2024-10-01 9:17 ` [PATCH v2 00/19] Migrate to sig_alg and templatize ecdsa Lukas Wunner
2024-10-05 5:27 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1725972333.git.lukas@wunner.de \
--to=lukas@wunner.de \
--cc=Jonathan.Cameron@huawei.com \
--cc=andrew.zaborowski@intel.com \
--cc=andrew@codeconstruct.com.au \
--cc=arei.gonglei@huawei.com \
--cc=davem@davemloft.net \
--cc=denkenz@gmail.com \
--cc=dhowells@redhat.com \
--cc=dimitri.ledkov@canonical.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=ebiggers@google.com \
--cc=eperezma@redhat.com \
--cc=eric.snowberg@oracle.com \
--cc=helei.sig11@bytedance.com \
--cc=herbert@gondor.apana.org.au \
--cc=ignat@cloudflare.com \
--cc=jasowang@redhat.com \
--cc=jiajie.ho@starfivetech.com \
--cc=joel@jms.id.au \
--cc=kabel@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-aspeed@lists.ozlabs.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=liulongfang@huawei.com \
--cc=mst@redhat.com \
--cc=neal_liu@aspeedtech.com \
--cc=pizhenwei@bytedance.com \
--cc=roberto.sassu@huawei.com \
--cc=saulo.alessandre@tse.jus.br \
--cc=smueller@chronox.de \
--cc=songzhiqi1@huawei.com \
--cc=stefanb@linux.ibm.com \
--cc=tstruk@gigaio.com \
--cc=varadgautam@google.com \
--cc=virtualization@lists.linux.dev \
--cc=vt@altlinux.org \
--cc=william.qiu@starfivetech.com \
--cc=xuanzhuo@linux.alibaba.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).