| Message ID | 20240529230827.379111-1-stefanb@linux.ibm.com |
|---|---|
| Headers | show |
| Series | ecdsa: Use ecc_digits_from_bytes to simplify code | expand |
On Thu May 30, 2024 at 2:08 AM EEST, Stefan Berger wrote: > Simplify two functions that were using temporary byte arrays for > converting too-short input byte arrays to digits. Use ecc_digits_from_bytes > since this function can now handle an input byte array that provides > less bytes than what a coordinate of a curve requires - the function > provides zeros for the missing (leading) bytes. > > See: c6ab5c915da4 ("crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes") > > Regards, > Stefan > > Stefan Berger (2): > crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array > crypto: ecdsa - Use ecc_digits_from_bytes to convert signature > > crypto/ecdsa.c | 29 ++++++----------------------- > 1 file changed, 6 insertions(+), 23 deletions(-) BTW, would it make sense split ecdsa signature encoding to its own patch in my next patch set version and name it ecdsa_* style and put it to ecdsa.c? Just asking this because the part should be the same same for any ECDSA signature. It must scale also to all NIST variants before my patch set can land. BR, Jarkko
On Thu May 30, 2024 at 2:08 AM EEST, Stefan Berger wrote: > Since ecc_digits_from_bytes will provide zeros when an insufficient number > of bytes are passed in the input byte array, use it to convert the r and s > components of the signature to digits directly from the input byte > array. This avoids going through an intermediate byte array that has the > first few bytes filled with zeros. > > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > --- > crypto/ecdsa.c | 12 ++---------- > 1 file changed, 2 insertions(+), 10 deletions(-) > > diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c > index fa029f36110b..941cdc2b889b 100644 > --- a/crypto/ecdsa.c > +++ b/crypto/ecdsa.c > @@ -38,7 +38,6 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, > size_t bufsize = ndigits * sizeof(u64); > ssize_t diff = vlen - bufsize; > const char *d = value; > - u8 rs[ECC_MAX_BYTES]; > > if (!value || !vlen) > return -EINVAL; > @@ -46,7 +45,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, > /* diff = 0: 'value' has exacly the right size > * diff > 0: 'value' has too many bytes; one leading zero is allowed that > * makes the value a positive integer; error on more > - * diff < 0: 'value' is missing leading zeros, which we add > + * diff < 0: 'value' is missing leading zeros > */ > if (diff > 0) { > /* skip over leading zeros that make 'value' a positive int */ > @@ -61,14 +60,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, > if (-diff >= bufsize) > return -EINVAL; > > - if (diff) { > - /* leading zeros not given in 'value' */ > - memset(rs, 0, -diff); > - } > - > - memcpy(&rs[-diff], d, vlen); > - > - ecc_swap_digits((u64 *)rs, dest, ndigits); > + ecc_digits_from_bytes(d, vlen, dest, ndigits); > > return 0; > } Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko
On 5/30/24 01:08, Jarkko Sakkinen wrote: > On Thu May 30, 2024 at 2:08 AM EEST, Stefan Berger wrote: >> Simplify two functions that were using temporary byte arrays for >> converting too-short input byte arrays to digits. Use ecc_digits_from_bytes >> since this function can now handle an input byte array that provides >> less bytes than what a coordinate of a curve requires - the function >> provides zeros for the missing (leading) bytes. >> >> See: c6ab5c915da4 ("crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes") >> >> Regards, >> Stefan >> >> Stefan Berger (2): >> crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array >> crypto: ecdsa - Use ecc_digits_from_bytes to convert signature >> >> crypto/ecdsa.c | 29 ++++++----------------------- >> 1 file changed, 6 insertions(+), 23 deletions(-) > > BTW, would it make sense split ecdsa signature encoding to its own patch > in my next patch set version and name it ecdsa_* style and put it to > ecdsa.c? I would only put it into ecdsa.c if functions inside this file (can) make use of it, otherwise leave it in your file. > > Just asking this because the part should be the same same for any ECDSA > signature. It must scale also to all NIST variants before my patch set > can land. > > BR, Jarkko >
On Thu May 30, 2024 at 3:16 PM EEST, Stefan Berger wrote: > > > On 5/30/24 01:08, Jarkko Sakkinen wrote: > > On Thu May 30, 2024 at 2:08 AM EEST, Stefan Berger wrote: > >> Simplify two functions that were using temporary byte arrays for > >> converting too-short input byte arrays to digits. Use ecc_digits_from_bytes > >> since this function can now handle an input byte array that provides > >> less bytes than what a coordinate of a curve requires - the function > >> provides zeros for the missing (leading) bytes. > >> > >> See: c6ab5c915da4 ("crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes") > >> > >> Regards, > >> Stefan > >> > >> Stefan Berger (2): > >> crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array > >> crypto: ecdsa - Use ecc_digits_from_bytes to convert signature > >> > >> crypto/ecdsa.c | 29 ++++++----------------------- > >> 1 file changed, 6 insertions(+), 23 deletions(-) > > > > BTW, would it make sense split ecdsa signature encoding to its own patch > > in my next patch set version and name it ecdsa_* style and put it to > > ecdsa.c? > > I would only put it into ecdsa.c if functions inside this file (can) > make use of it, otherwise leave it in your file. Yep, that specific part has no binding per se to anything related to TPM2. It is also dead easy to detach. Here I would suggest to take a similar angle as with CRYPTO_LIB_AES so that it is easily and directly callable from either side with no fuss. I'll mangle it that way at least for the next version and we can see then how it looks like. BR, Jarkko
Simplify two functions that were using temporary byte arrays for converting too-short input byte arrays to digits. Use ecc_digits_from_bytes since this function can now handle an input byte array that provides less bytes than what a coordinate of a curve requires - the function provides zeros for the missing (leading) bytes. See: c6ab5c915da4 ("crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes") Regards, Stefan Stefan Berger (2): crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array crypto: ecdsa - Use ecc_digits_from_bytes to convert signature crypto/ecdsa.c | 29 ++++++----------------------- 1 file changed, 6 insertions(+), 23 deletions(-)