From: Stefan Berger <stefanb@linux.ibm.com>
To: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
herbert@gondor.apana.org.au, davem@davemloft.net
Cc: linux-kernel@vger.kernel.org, saulo.alessandre@tse.jus.br,
ardb@kernel.org, Stefan Berger <stefanb@linux.ibm.com>
Subject: [RFC PATCH 0/3] Introduce ecc_digits_to_bytes and clean up ecdh.c
Date: Wed, 12 Jun 2024 11:18:57 -0400 [thread overview]
Message-ID: <20240612151900.895156-1-stefanb@linux.ibm.com> (raw)
This series introduces ecc_digits_to_bytes to convert an array of digits
to bytes and uses this function and ecc_digits_from_bytes in ecdh-related
code to convert between byte arrays and digits. Using these functions is
generally better than using ecc_swap_digits. The latter cannot be used with
curves like NIST P521 since it does not properly handle curves that do not
use all bytes in the most significant digit.
It also introduces ecc_curve_get_nbytes to get the number of bytes (nbytes)
a curve needs for its coordinates. It derives this number from the nbits
parameter of a curve. Using this function is also generally better than
deriving nbytes from ndigits, which does not work correctly vor NIST P521.
None of the converted functions have been used with NIST P521 but only
with NIST P192/256/384 so far, so they work fine as they are.
Due to concerns related to constant time operations when signing with EC
private keys I am not planning to add NIST P521 support to ecdh, so the
changes in this series are primarly 'code improvements' (-> RFC).
Stefan
Stefan Berger (3):
crypto: ecc - Implement ecc_digits_to_bytes to convert digits to byte
array
crypto: ecc - Implement and use ecc_curve_get_nbytes to get curve's
nbytes
crypto: ecdh - Use functions to copy digits from and to byte arrays
crypto/ecc.c | 47 ++++++++++++++++++++++++-----------
crypto/ecdh.c | 24 +++++++++++-------
include/crypto/internal/ecc.h | 37 ++++++++++++++++++++++-----
3 files changed, 79 insertions(+), 29 deletions(-)
--
2.43.0
next reply other threads:[~2024-06-12 15:19 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-12 15:18 Stefan Berger [this message]
2024-06-12 15:18 ` [RFC PATCH 1/3] crypto: ecc - Implement ecc_digits_to_bytes to convert digits to byte array Stefan Berger
2024-06-12 15:18 ` [RFC PATCH 2/3] crypto: ecc - Implement and use ecc_curve_get_nbytes to get curve's nbytes Stefan Berger
2024-06-12 15:19 ` [RFC PATCH 3/3] crypto: ecdh - Use functions to copy digits from and to byte arrays Stefan Berger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240612151900.895156-1-stefanb@linux.ibm.com \
--to=stefanb@linux.ibm.com \
--cc=ardb@kernel.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=saulo.alessandre@tse.jus.br \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox