From: "Daniel P. Berrangé" <berrange@redhat.com>
To: 何磊 <helei.sig11@bytedance.com>
Cc: zhenwei pi <pizhenwei@bytedance.com>,
"S. Tsirkin, Michael" <mst@redhat.com>,
arei.gonglei@huawei.com, qemu-devel@nongnu.org,
virtualization@lists.linux-foundation.org,
linux-crypto@vger.kernel.org, jasowang@redhat.com,
cohuck@redhat.com
Subject: Re: [External] [PATCH v5 5/9] crypto: Implement RSA algorithm by hogweed
Date: Fri, 13 May 2022 13:29:13 +0100 [thread overview]
Message-ID: <Yn5PGWPbP9C4k4wD@redhat.com> (raw)
In-Reply-To: <90F3B18B-9B7E-423C-A909-45D4527A6B3C@bytedance.com>
On Fri, May 13, 2022 at 08:26:14PM +0800, 何磊 wrote:
>
>
> > On May 13, 2022, at 6:55 PM, Daniel P. Berrangé <berrange@redhat.com> wrote:
> >
> > On Thu, Apr 28, 2022 at 09:59:39PM +0800, zhenwei pi wrote:
> >> From: Lei He <helei.sig11@bytedance.com>
> >>
> >> Implement RSA algorithm by hogweed from nettle. Thus QEMU supports
> >> a 'real' RSA backend to handle request from guest side. It's
> >> important to test RSA offload case without OS & hardware requirement.
> >>
> >> Signed-off-by: lei he <helei.sig11@bytedance.com>
> >> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
> >> ---
> >> crypto/akcipher-nettle.c.inc | 432 +++++++++++++++++++++++++++++++++++
> >> crypto/akcipher.c | 4 +
> >> crypto/meson.build | 4 +
> >> crypto/rsakey-builtin.c.inc | 209 +++++++++++++++++
> >> crypto/rsakey-nettle.c.inc | 154 +++++++++++++
> >> crypto/rsakey.c | 44 ++++
> >> crypto/rsakey.h | 94 ++++++++
> >> meson.build | 11 +
> >> 8 files changed, 952 insertions(+)
> >> create mode 100644 crypto/akcipher-nettle.c.inc
> >> create mode 100644 crypto/rsakey-builtin.c.inc
> >> create mode 100644 crypto/rsakey-nettle.c.inc
> >> create mode 100644 crypto/rsakey.c
> >> create mode 100644 crypto/rsakey.h
> >> +static int qcrypto_nettle_rsa_decrypt(QCryptoAkCipher *akcipher,
> >> + const void *enc, size_t enc_len,
> >> + void *data, size_t data_len,
> >> + Error **errp)
> >> +{
> >> + QCryptoNettleRSA *rsa = (QCryptoNettleRSA *)akcipher;
> >> + mpz_t c;
> >> + int ret = -1;
> >> + if (enc_len > rsa->priv.size) {
> >> + error_setg(errp, "Invalid buffer size");
> >> + return ret;
> >> + }
> >
> > Again please report the invalid & expected sizes in the message
> >
> > We don't need to validate 'data_len' in the decrypt case,
> > as you did in encrypt ?
>
> In the decrypt case, it is difficult (and unnecessary) to check 'data_len' before
> we completing the decryption action. If the plaintext buffer is too small,
> following ‘rsa_decrypt’ will return an error, and it should be valid to pass a very
> large buffer.
>
> According to the pkcs#1 stardard, the length of ciphertext should always equal
> to key size, and the length of plaintext can be any value in range [1, key_size - 11]:
>
> https://datatracker.ietf.org/doc/html/rfc2437#section-7.2
Ok, thanks for explaining.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2022-05-13 12:51 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-28 13:59 [PATCH v5 0/9] Introduce akcipher service for virtio-crypto zhenwei pi
2022-04-28 13:59 ` [PATCH v5 1/9] virtio-crypto: header update zhenwei pi
2022-05-12 9:55 ` Daniel P. Berrangé
2022-05-13 3:50 ` zhenwei pi
2022-04-28 13:59 ` [PATCH v5 2/9] qapi: crypto-akcipher: Introduce akcipher types to qapi zhenwei pi
2022-04-28 13:59 ` [PATCH v5 3/9] crypto: Introduce akcipher crypto class zhenwei pi
2022-05-12 10:04 ` Daniel P. Berrangé
2022-04-28 13:59 ` [PATCH v5 4/9] crypto: add ASN.1 DER decoder zhenwei pi
2022-05-12 9:46 ` Daniel P. Berrangé
2022-04-28 13:59 ` [PATCH v5 5/9] crypto: Implement RSA algorithm by hogweed zhenwei pi
2022-05-13 10:55 ` Daniel P. Berrangé
2022-05-13 12:26 ` [External] " 何磊
2022-05-13 12:29 ` Daniel P. Berrangé [this message]
2022-04-28 13:59 ` [PATCH v5 6/9] crypto: Implement RSA algorithm by gcrypt zhenwei pi
2022-05-13 11:00 ` Daniel P. Berrangé
2022-04-28 13:59 ` [PATCH v5 7/9] test/crypto: Add test suite for crypto akcipher zhenwei pi
2022-05-12 9:38 ` Daniel P. Berrangé
2022-04-28 13:59 ` [PATCH v5 8/9] tests/crypto: Add test suite for RSA keys zhenwei pi
2022-05-13 10:35 ` Daniel P. Berrangé
2022-04-28 13:59 ` [PATCH v5 9/9] crypto: Introduce RSA algorithm zhenwei pi
2022-05-09 2:17 ` PING: " zhenwei pi
2022-05-13 10:19 ` [PATCH v5 0/9] Introduce akcipher service for virtio-crypto Michael S. Tsirkin
2022-05-13 10:21 ` Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yn5PGWPbP9C4k4wD@redhat.com \
--to=berrange@redhat.com \
--cc=arei.gonglei@huawei.com \
--cc=cohuck@redhat.com \
--cc=helei.sig11@bytedance.com \
--cc=jasowang@redhat.com \
--cc=linux-crypto@vger.kernel.org \
--cc=mst@redhat.com \
--cc=pizhenwei@bytedance.com \
--cc=qemu-devel@nongnu.org \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).