tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: ecdsa - Migrate to sig_alg backend

A sig_alg backend has just been introduced with the intent of moving all
asymmetric sign/verify algorithms to it one by one.

Migrate ecdsa.c to the new backend.

One benefit of the new API is the use of kernel buffers instead of
sglists, which avoids the overhead of copying signature and digest
sglists back into kernel buffers. ecdsa.c is thus simplified quite
a bit.

Signed-off-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Lukas Wunner and committed by
Herbert Xu ef132350 65c4c93c

+55 -90
+1 -1
crypto/Kconfig
··· 290 290 config CRYPTO_ECDSA 291 291 tristate "ECDSA (Elliptic Curve Digital Signature Algorithm)" 292 292 select CRYPTO_ECC 293 - select CRYPTO_AKCIPHER 293 + select CRYPTO_SIG 294 294 select ASN1 295 295 help 296 296 ECDSA (Elliptic Curve Digital Signature Algorithm) (FIPS 186,
+42 -57
crypto/ecdsa.c
··· 4 4 */ 5 5 6 6 #include <linux/module.h> 7 - #include <crypto/internal/akcipher.h> 8 7 #include <crypto/internal/ecc.h> 9 - #include <crypto/akcipher.h> 8 + #include <crypto/internal/sig.h> 10 9 #include <crypto/ecdh.h> 10 + #include <crypto/sig.h> 11 11 #include <linux/asn1_decoder.h> 12 - #include <linux/scatterlist.h> 13 12 14 13 #include "ecdsasignature.asn1.h" 15 14 ··· 125 126 /* 126 127 * Verify an ECDSA signature. 127 128 */ 128 - static int ecdsa_verify(struct akcipher_request *req) 129 + static int ecdsa_verify(struct crypto_sig *tfm, 130 + const void *src, unsigned int slen, 131 + const void *digest, unsigned int dlen) 129 132 { 130 - struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 131 - struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); 133 + struct ecc_ctx *ctx = crypto_sig_ctx(tfm); 132 134 size_t bufsize = ctx->curve->g.ndigits * sizeof(u64); 133 135 struct ecdsa_signature_ctx sig_ctx = { 134 136 .curve = ctx->curve, 135 137 }; 136 138 u64 hash[ECC_MAX_DIGITS]; 137 - unsigned char *buffer; 138 139 int ret; 139 140 140 141 if (unlikely(!ctx->pub_key_set)) 141 142 return -EINVAL; 142 143 143 - buffer = kmalloc(req->src_len + req->dst_len, GFP_KERNEL); 144 - if (!buffer) 145 - return -ENOMEM; 146 - 147 - sg_pcopy_to_buffer(req->src, 148 - sg_nents_for_len(req->src, req->src_len + req->dst_len), 149 - buffer, req->src_len + req->dst_len, 0); 150 - 151 - ret = asn1_ber_decoder(&ecdsasignature_decoder, &sig_ctx, 152 - buffer, req->src_len); 144 + ret = asn1_ber_decoder(&ecdsasignature_decoder, &sig_ctx, src, slen); 153 145 if (ret < 0) 154 - goto error; 146 + return ret; 155 147 156 - if (bufsize > req->dst_len) 157 - bufsize = req->dst_len; 148 + if (bufsize > dlen) 149 + bufsize = dlen; 158 150 159 - ecc_digits_from_bytes(buffer + req->src_len, bufsize, 160 - hash, ctx->curve->g.ndigits); 151 + ecc_digits_from_bytes(digest, bufsize, hash, ctx->curve->g.ndigits); 161 152 162 - ret = _ecdsa_verify(ctx, hash, sig_ctx.r, sig_ctx.s); 163 - 164 - error: 165 - kfree(buffer); 166 - 167 - return ret; 153 + return _ecdsa_verify(ctx, hash, sig_ctx.r, sig_ctx.s); 168 154 } 169 155 170 156 static int ecdsa_ecc_ctx_init(struct ecc_ctx *ctx, unsigned int curve_id) ··· 185 201 * Set the public ECC key as defined by RFC5480 section 2.2 "Subject Public 186 202 * Key". Only the uncompressed format is supported. 187 203 */ 188 - static int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen) 204 + static int ecdsa_set_pub_key(struct crypto_sig *tfm, const void *key, 205 + unsigned int keylen) 189 206 { 190 - struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); 207 + struct ecc_ctx *ctx = crypto_sig_ctx(tfm); 191 208 unsigned int digitlen, ndigits; 192 209 const unsigned char *d = key; 193 210 int ret; ··· 222 237 return ret; 223 238 } 224 239 225 - static void ecdsa_exit_tfm(struct crypto_akcipher *tfm) 240 + static void ecdsa_exit_tfm(struct crypto_sig *tfm) 226 241 { 227 - struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); 242 + struct ecc_ctx *ctx = crypto_sig_ctx(tfm); 228 243 229 244 ecdsa_ecc_ctx_deinit(ctx); 230 245 } 231 246 232 - static unsigned int ecdsa_max_size(struct crypto_akcipher *tfm) 247 + static unsigned int ecdsa_max_size(struct crypto_sig *tfm) 233 248 { 234 - struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); 249 + struct ecc_ctx *ctx = crypto_sig_ctx(tfm); 235 250 236 251 return DIV_ROUND_UP(ctx->curve->nbits, 8); 237 252 } 238 253 239 - static int ecdsa_nist_p521_init_tfm(struct crypto_akcipher *tfm) 254 + static int ecdsa_nist_p521_init_tfm(struct crypto_sig *tfm) 240 255 { 241 - struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); 256 + struct ecc_ctx *ctx = crypto_sig_ctx(tfm); 242 257 243 258 return ecdsa_ecc_ctx_init(ctx, ECC_CURVE_NIST_P521); 244 259 } 245 260 246 - static struct akcipher_alg ecdsa_nist_p521 = { 261 + static struct sig_alg ecdsa_nist_p521 = { 247 262 .verify = ecdsa_verify, 248 263 .set_pub_key = ecdsa_set_pub_key, 249 264 .max_size = ecdsa_max_size, ··· 258 273 }, 259 274 }; 260 275 261 - static int ecdsa_nist_p384_init_tfm(struct crypto_akcipher *tfm) 276 + static int ecdsa_nist_p384_init_tfm(struct crypto_sig *tfm) 262 277 { 263 - struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); 278 + struct ecc_ctx *ctx = crypto_sig_ctx(tfm); 264 279 265 280 return ecdsa_ecc_ctx_init(ctx, ECC_CURVE_NIST_P384); 266 281 } 267 282 268 - static struct akcipher_alg ecdsa_nist_p384 = { 283 + static struct sig_alg ecdsa_nist_p384 = { 269 284 .verify = ecdsa_verify, 270 285 .set_pub_key = ecdsa_set_pub_key, 271 286 .max_size = ecdsa_max_size, ··· 280 295 }, 281 296 }; 282 297 283 - static int ecdsa_nist_p256_init_tfm(struct crypto_akcipher *tfm) 298 + static int ecdsa_nist_p256_init_tfm(struct crypto_sig *tfm) 284 299 { 285 - struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); 300 + struct ecc_ctx *ctx = crypto_sig_ctx(tfm); 286 301 287 302 return ecdsa_ecc_ctx_init(ctx, ECC_CURVE_NIST_P256); 288 303 } 289 304 290 - static struct akcipher_alg ecdsa_nist_p256 = { 305 + static struct sig_alg ecdsa_nist_p256 = { 291 306 .verify = ecdsa_verify, 292 307 .set_pub_key = ecdsa_set_pub_key, 293 308 .max_size = ecdsa_max_size, ··· 302 317 }, 303 318 }; 304 319 305 - static int ecdsa_nist_p192_init_tfm(struct crypto_akcipher *tfm) 320 + static int ecdsa_nist_p192_init_tfm(struct crypto_sig *tfm) 306 321 { 307 - struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); 322 + struct ecc_ctx *ctx = crypto_sig_ctx(tfm); 308 323 309 324 return ecdsa_ecc_ctx_init(ctx, ECC_CURVE_NIST_P192); 310 325 } 311 326 312 - static struct akcipher_alg ecdsa_nist_p192 = { 327 + static struct sig_alg ecdsa_nist_p192 = { 313 328 .verify = ecdsa_verify, 314 329 .set_pub_key = ecdsa_set_pub_key, 315 330 .max_size = ecdsa_max_size, ··· 330 345 int ret; 331 346 332 347 /* NIST p192 may not be available in FIPS mode */ 333 - ret = crypto_register_akcipher(&ecdsa_nist_p192); 348 + ret = crypto_register_sig(&ecdsa_nist_p192); 334 349 ecdsa_nist_p192_registered = ret == 0; 335 350 336 - ret = crypto_register_akcipher(&ecdsa_nist_p256); 351 + ret = crypto_register_sig(&ecdsa_nist_p256); 337 352 if (ret) 338 353 goto nist_p256_error; 339 354 340 - ret = crypto_register_akcipher(&ecdsa_nist_p384); 355 + ret = crypto_register_sig(&ecdsa_nist_p384); 341 356 if (ret) 342 357 goto nist_p384_error; 343 358 344 - ret = crypto_register_akcipher(&ecdsa_nist_p521); 359 + ret = crypto_register_sig(&ecdsa_nist_p521); 345 360 if (ret) 346 361 goto nist_p521_error; 347 362 348 363 return 0; 349 364 350 365 nist_p521_error: 351 - crypto_unregister_akcipher(&ecdsa_nist_p384); 366 + crypto_unregister_sig(&ecdsa_nist_p384); 352 367 353 368 nist_p384_error: 354 - crypto_unregister_akcipher(&ecdsa_nist_p256); 369 + crypto_unregister_sig(&ecdsa_nist_p256); 355 370 356 371 nist_p256_error: 357 372 if (ecdsa_nist_p192_registered) 358 - crypto_unregister_akcipher(&ecdsa_nist_p192); 373 + crypto_unregister_sig(&ecdsa_nist_p192); 359 374 return ret; 360 375 } 361 376 362 377 static void __exit ecdsa_exit(void) 363 378 { 364 379 if (ecdsa_nist_p192_registered) 365 - crypto_unregister_akcipher(&ecdsa_nist_p192); 366 - crypto_unregister_akcipher(&ecdsa_nist_p256); 367 - crypto_unregister_akcipher(&ecdsa_nist_p384); 368 - crypto_unregister_akcipher(&ecdsa_nist_p521); 380 + crypto_unregister_sig(&ecdsa_nist_p192); 381 + crypto_unregister_sig(&ecdsa_nist_p256); 382 + crypto_unregister_sig(&ecdsa_nist_p384); 383 + crypto_unregister_sig(&ecdsa_nist_p521); 369 384 } 370 385 371 386 subsys_initcall(ecdsa_init);
+8 -9
crypto/testmgr.c
··· 4432 4432 return 0; 4433 4433 } 4434 4434 4435 - __maybe_unused 4436 4435 static int alg_test_sig(const struct alg_test_desc *desc, const char *driver, 4437 4436 u32 type, u32 mask) 4438 4437 { ··· 5241 5242 } 5242 5243 }, { 5243 5244 .alg = "ecdsa-nist-p192", 5244 - .test = alg_test_akcipher, 5245 + .test = alg_test_sig, 5245 5246 .suite = { 5246 - .akcipher = __VECS(ecdsa_nist_p192_tv_template) 5247 + .sig = __VECS(ecdsa_nist_p192_tv_template) 5247 5248 } 5248 5249 }, { 5249 5250 .alg = "ecdsa-nist-p256", 5250 - .test = alg_test_akcipher, 5251 + .test = alg_test_sig, 5251 5252 .fips_allowed = 1, 5252 5253 .suite = { 5253 - .akcipher = __VECS(ecdsa_nist_p256_tv_template) 5254 + .sig = __VECS(ecdsa_nist_p256_tv_template) 5254 5255 } 5255 5256 }, { 5256 5257 .alg = "ecdsa-nist-p384", 5257 - .test = alg_test_akcipher, 5258 + .test = alg_test_sig, 5258 5259 .fips_allowed = 1, 5259 5260 .suite = { 5260 - .akcipher = __VECS(ecdsa_nist_p384_tv_template) 5261 + .sig = __VECS(ecdsa_nist_p384_tv_template) 5261 5262 } 5262 5263 }, { 5263 5264 .alg = "ecdsa-nist-p521", 5264 - .test = alg_test_akcipher, 5265 + .test = alg_test_sig, 5265 5266 .fips_allowed = 1, 5266 5267 .suite = { 5267 - .akcipher = __VECS(ecdsa_nist_p521_tv_template) 5268 + .sig = __VECS(ecdsa_nist_p521_tv_template) 5268 5269 } 5269 5270 }, { 5270 5271 .alg = "ecrdsa",
+4 -23
crypto/testmgr.h
··· 663 663 /* 664 664 * ECDSA test vectors. 665 665 */ 666 - static const struct akcipher_testvec ecdsa_nist_p192_tv_template[] = { 666 + static const struct sig_testvec ecdsa_nist_p192_tv_template[] = { 667 667 { 668 668 .key = /* secp192r1(sha1) */ 669 669 "\x04\xf7\x46\xf8\x2f\x15\xf6\x22\x8e\xd7\x57\x4f\xcc\xe7\xbb\xc1" ··· 682 682 "\x80\x6f\xa5\x79\x77\xda\xd0", 683 683 .c_size = 55, 684 684 .public_key_vec = true, 685 - .siggen_sigver_test = true, 686 685 }, { 687 686 .key = /* secp192r1(sha224) */ 688 687 "\x04\xb6\x4b\xb1\xd1\xac\xba\x24\x8f\x65\xb2\x60\x00\x90\xbf\xbd" ··· 700 701 "\x5c\x99\xdb\x92\x5b\x36", 701 702 .c_size = 54, 702 703 .public_key_vec = true, 703 - .siggen_sigver_test = true, 704 704 }, { 705 705 .key = /* secp192r1(sha256) */ 706 706 "\x04\xe2\x51\x24\x9b\xf7\xb6\x32\x82\x39\x66\x3d\x5b\xec\x3b\xae" ··· 718 720 "\x3a\x97\xd9\xcd\x1a\x6a\x49", 719 721 .c_size = 55, 720 722 .public_key_vec = true, 721 - .siggen_sigver_test = true, 722 723 }, { 723 724 .key = /* secp192r1(sha384) */ 724 725 "\x04\x5a\x13\xfe\x68\x86\x4d\xf4\x17\xc7\xa4\xe5\x8c\x65\x57\xb7" ··· 737 740 "\x12\x3b\x3b\x28\xfb\x6d\xe1", 738 741 .c_size = 55, 739 742 .public_key_vec = true, 740 - .siggen_sigver_test = true, 741 743 }, { 742 744 .key = /* secp192r1(sha512) */ 743 745 "\x04\xd5\xf2\x6e\xc3\x94\x5c\x52\xbc\xdf\x86\x6c\x14\xd1\xca\xea" ··· 757 761 "\x6a\xdf\x97\xfd\x82\x76\x24", 758 762 .c_size = 55, 759 763 .public_key_vec = true, 760 - .siggen_sigver_test = true, 761 764 }, 762 765 }; 763 766 764 - static const struct akcipher_testvec ecdsa_nist_p256_tv_template[] = { 767 + static const struct sig_testvec ecdsa_nist_p256_tv_template[] = { 765 768 { 766 769 .key = /* secp256r1(sha1) */ 767 770 "\x04\xb9\x7b\xbb\xd7\x17\x64\xd2\x7e\xfc\x81\x5d\x87\x06\x83\x41" ··· 781 786 "\xfb\x9d\x8b\xde\xd4\x8d\x6f\xad", 782 787 .c_size = 72, 783 788 .public_key_vec = true, 784 - .siggen_sigver_test = true, 785 789 }, { 786 790 .key = /* secp256r1(sha224) */ 787 791 "\x04\x8b\x6d\xc0\x33\x8e\x2d\x8b\x67\xf5\xeb\xc4\x7f\xa0\xf5\xd9" ··· 801 807 "\x2e\x8b\xde\x5a\x04\x0e", 802 808 .c_size = 70, 803 809 .public_key_vec = true, 804 - .siggen_sigver_test = true, 805 810 }, { 806 811 .key = /* secp256r1(sha256) */ 807 812 "\x04\xf1\xea\xc4\x53\xf3\xb9\x0e\x9f\x7e\xad\xe3\xea\xd7\x0e\x0f" ··· 821 828 "\x2a\x65\x35\x23\xe3\x1d\xfa", 822 829 .c_size = 71, 823 830 .public_key_vec = true, 824 - .siggen_sigver_test = true, 825 831 }, { 826 832 .key = /* secp256r1(sha384) */ 827 833 "\x04\xc5\xc6\xea\x60\xc9\xce\xad\x02\x8d\xf5\x3e\x24\xe3\x52\x1d" ··· 842 850 "\xc0\x60\x11\x92\xdc\x17\x89\x12", 843 851 .c_size = 72, 844 852 .public_key_vec = true, 845 - .siggen_sigver_test = true, 846 853 }, { 847 854 .key = /* secp256r1(sha512) */ 848 855 "\x04\xd7\x27\x46\x49\xf6\x26\x85\x12\x40\x76\x8e\xe2\xe6\x2a\x7a" ··· 864 873 "\x31\x79\x4a\xe9\x81\x6a\xee", 865 874 .c_size = 71, 866 875 .public_key_vec = true, 867 - .siggen_sigver_test = true, 868 876 }, 869 877 }; 870 878 871 - static const struct akcipher_testvec ecdsa_nist_p384_tv_template[] = { 879 + static const struct sig_testvec ecdsa_nist_p384_tv_template[] = { 872 880 { 873 881 .key = /* secp384r1(sha1) */ 874 882 "\x04\x89\x25\xf3\x97\x88\xcb\xb0\x78\xc5\x72\x9a\x14\x6e\x7a\xb1" ··· 892 902 "\x79\x12\x2a\xb7\xc5\x15\x92\xc5", 893 903 .c_size = 104, 894 904 .public_key_vec = true, 895 - .siggen_sigver_test = true, 896 905 }, { 897 906 .key = /* secp384r1(sha224) */ 898 907 "\x04\x69\x6c\xcf\x62\xee\xd0\x0d\xe5\xb5\x2f\x70\x54\xcf\x26\xa0" ··· 916 927 "\x88\x2b\x82\x26\x5e\x1c\xda\xfb", 917 928 .c_size = 104, 918 929 .public_key_vec = true, 919 - .siggen_sigver_test = true, 920 930 }, { 921 931 .key = /* secp384r1(sha256) */ 922 932 "\x04\xee\xd6\xda\x3e\x94\x90\x00\x27\xed\xf8\x64\x55\xd6\x51\x9a" ··· 940 952 "\xf4\x1f\x39\xca\x4d\x43", 941 953 .c_size = 102, 942 954 .public_key_vec = true, 943 - .siggen_sigver_test = true, 944 955 }, { 945 956 .key = /* secp384r1(sha384) */ 946 957 "\x04\x3a\x2f\x62\xe7\x1a\xcf\x24\xd0\x0b\x7c\xe0\xed\x46\x0a\x4f" ··· 965 978 "\xab\x8d\x4e\xde\xe6\x6d\x9b\x66", 966 979 .c_size = 104, 967 980 .public_key_vec = true, 968 - .siggen_sigver_test = true, 969 981 }, { 970 982 .key = /* secp384r1(sha512) */ 971 983 "\x04\xb4\xe7\xc1\xeb\x64\x25\x22\x46\xc3\x86\x61\x80\xbe\x1e\x46" ··· 991 1005 "\x3c\x93\xff\x50\x5d", 992 1006 .c_size = 101, 993 1007 .public_key_vec = true, 994 - .siggen_sigver_test = true, 995 1008 }, 996 1009 }; 997 1010 998 - static const struct akcipher_testvec ecdsa_nist_p521_tv_template[] = { 1011 + static const struct sig_testvec ecdsa_nist_p521_tv_template[] = { 999 1012 { 1000 1013 .key = /* secp521r1(sha224) */ 1001 1014 "\x04\x01\x4f\x43\x18\xb6\xa9\xc9\x5d\x68\xd3\xa9\x42\xf8\x98\xc0" ··· 1023 1038 "\xa3\x50\xb1\xa5\x98\x92\x2a\xa5\x52", 1024 1039 .c_size = 137, 1025 1040 .public_key_vec = true, 1026 - .siggen_sigver_test = true, 1027 1041 }, 1028 1042 { 1029 1043 .key = /* secp521r1(sha256) */ ··· 1052 1068 "\xb7\x1d\x91\x55\x38\xb6\xf6\x34\x65\xc7\xbd", 1053 1069 .c_size = 139, 1054 1070 .public_key_vec = true, 1055 - .siggen_sigver_test = true, 1056 1071 }, 1057 1072 { 1058 1073 .key = /* secp521r1(sha384) */ ··· 1082 1099 "\x8f\xb4\x22\xc6\x4f\xab\x2b\x62\xc1\x42\xb1", 1083 1100 .c_size = 139, 1084 1101 .public_key_vec = true, 1085 - .siggen_sigver_test = true, 1086 1102 }, 1087 1103 { 1088 1104 .key = /* secp521r1(sha512) */ ··· 1113 1131 "\xa6\xe5\x25\x46\x1e\x77\x44\x78\xe0\xd1\x04", 1114 1132 .c_size = 139, 1115 1133 .public_key_vec = true, 1116 - .siggen_sigver_test = true, 1117 1134 }, 1118 1135 }; 1119 1136