Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp2112451pxf; Sat, 27 Mar 2021 03:00:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxwnJbLS1ZKGMDAjO/ZDzRn0pgqA3QwtBgS/f5typAZUigf23paX+mfKYxQiRzRtdnpXL3T X-Received: by 2002:a17:906:ac6:: with SMTP id z6mr19177742ejf.505.1616839250423; Sat, 27 Mar 2021 03:00:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616839250; cv=none; d=google.com; s=arc-20160816; b=ZuEyKmxIiRyZckyUHncrJpJYuh6s7cYP8RO1+KDT+X0yQb4scRVlZDq4wAT9LQFutF VAHgVE2ypNVkUC0dm9JJkKwlcEJTyN3NqB4LZtsjk6E00Z3BtYrXthD2v2K25g2hMt0Q rtS/UyEhhBviXS+t+fHCXI50n2X3gbLLhHLNB7ZfleOE9grCP7TIgs2L8XZmpYfL3kqb dDjpfDjE+7IDCYdRjcHcz0h1jbQlW5hGBz/pOzElFtTzcj25K8gY8ExlmXSd/tQ0/tlm scsfTQOc6vmBbjAxSgooapWy0HM+ibkE57p7UyWABH1icq7sdvol/0jrR9Cq24GtlEzL 1wLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:subject:cc:to:from; bh=yc6a/IiSvm/lKyfFWyJlyX+e7Tsu8J5cENLACgie9A8=; b=dxs9jKbQXw9oqEYCQhKG+1voHXwEYaPRY2R99dPVKjWPPjfuIEp3CmZb9J9cy/8QTl KaoHWxlgmoaPgBWu+E0U1xju2MSDbE5vZPf8ptvq5GDWpP7g8q+/1wdZWqPuNk0gBKfH ssuoK8XCnRGMW7rKKjA4tNPigjgPxWMj9yXyQ/KzfOMxN35Xrh8blAUh5bCjVHn7errj Y73SX+R1TOLb+xD9AKj3te3vcvTMTg/HG9MOr/XMStYvhGwkAwN/F0pxar2LxAtC8jQe uCCoEKV4ouJR+ErQwcQpdOAdzYabrl48XSvQ6nGKaXb74zKCqFX+1Xukh8jpvfmDuAy6 6MBQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w19si2223671eds.331.2021.03.27.03.00.28; Sat, 27 Mar 2021 03:00:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231537AbhC0J7G (ORCPT + 99 others); Sat, 27 Mar 2021 05:59:06 -0400 Received: from szxga05-in.huawei.com ([45.249.212.191]:14500 "EHLO szxga05-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231143AbhC0J7B (ORCPT ); Sat, 27 Mar 2021 05:59:01 -0400 Received: from DGGEMS410-HUB.china.huawei.com (unknown [172.30.72.58]) by szxga05-in.huawei.com (SkyGuard) with ESMTP id 4F6vQ16wP7zyV56; Sat, 27 Mar 2021 17:56:57 +0800 (CST) Received: from localhost.localdomain (10.67.165.24) by DGGEMS410-HUB.china.huawei.com (10.3.19.210) with Microsoft SMTP Server id 14.3.498.0; Sat, 27 Mar 2021 17:58:50 +0800 From: Meng Yu To: , CC: , , , , Subject: [PATCH] crypto: hisilicon/hpre - Add processing of src_data in 'CURVE25519' Date: Sat, 27 Mar 2021 17:56:16 +0800 Message-ID: <1616838976-31936-1-git-send-email-yumeng18@huawei.com> X-Mailer: git-send-email 2.8.1 MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.67.165.24] X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org HPRE can only deal with src_data smaller than 'p' in 'CURVE25519' algorithm, but 'rfc7748' says: 'Implementations MUST accept non-canonical values and process them as if they had been reduced modulo the field prime' So we get its modulus to p, and then deal it with HPRE. Signed-off-by: Meng Yu --- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index d743c54..f363653 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -1729,6 +1729,17 @@ static int hpre_curve25519_msg_request_set(struct hpre_ctx *ctx, return 0; } +static void hpre_curve25519_src_modulo_p(u8 *ptr) +{ + int i; + + for (i = 0; i < CURVE25519_KEY_SIZE - 1; i++) + ptr[i] = 0; + + /* The modulus is ptr's last byte minus '0xed'(last byte of p) */ + ptr[i] -= 0xed; +} + static int hpre_curve25519_src_init(struct hpre_asym_request *hpre_req, struct scatterlist *data, unsigned int len) { @@ -1767,10 +1778,13 @@ static int hpre_curve25519_src_init(struct hpre_asym_request *hpre_req, curve = ecc_get_curve25519(); fill_curve_param(p, curve->p, CURVE25519_KEY_SIZE, curve->g.ndigits); - if (memcmp(ptr, p, ctx->key_sz) >= 0) { - dev_err(dev, "gx is out of p!\n"); - goto err; - } + + /* + * When src_data equals (2^255 - 19) ~ (2^255 - 1), it is out of p, + * we get its modulus to p, and then use it. + */ + if (memcmp(ptr, p, ctx->key_sz) >= 0) + hpre_curve25519_src_modulo_p(ptr); hpre_req->src = ptr; msg->in = cpu_to_le64(dma); -- 2.8.1