Received-SPF: pass (google.com: domain of linux-crypto+bounces-2703-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1;
From: Bharat Bhushan <bbhushan2@marvell.com>
To: Stefan Berger <stefanb@linux.vnet.ibm.com>,
        "keyrings@vger.kernel.org"
	<keyrings@vger.kernel.org>,
        "linux-crypto@vger.kernel.org"
	<linux-crypto@vger.kernel.org>,
        "herbert@gondor.apana.org.au"
	<herbert@gondor.apana.org.au>,
        "davem@davemloft.net" <davem@davemloft.net>
CC: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "saulo.alessandre@tse.jus.br" <saulo.alessandre@tse.jus.br>,
        "lukas@wunner.de" <lukas@wunner.de>,
        "jarkko@kernel.org" <jarkko@kernel.org>,
        Stefan Berger <stefanb@linux.ibm.com>
Subject: RE: [EXTERNAL] [PATCH v6 12/13] crypto: asymmetric_keys - Adjust
 signature size calculation for NIST P521
Thread-Topic: [EXTERNAL] [PATCH v6 12/13] crypto: asymmetric_keys - Adjust
 signature size calculation for NIST P521
Thread-Index: AQHadKxnbxR4a5LtXUqbsGZIoA/WRLE9CEiw
Date: Mon, 18 Mar 2024 05:58:23 +0000
Message-ID: 
 <SN7PR18MB531481F0A287ADCED3711193E32D2@SN7PR18MB5314.namprd18.prod.outlook.com>
References: <20240312183618.1211745-1-stefanb@linux.vnet.ibm.com>
 <20240312183618.1211745-13-stefanb@linux.vnet.ibm.com>
In-Reply-To: <20240312183618.1211745-13-stefanb@linux.vnet.ibm.com>
Accept-Language: en-IN, en-US
Content-Language: en-US
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 
 =?us-ascii?Q?1ss7uPV5gvIBO550qtCCqrKRSe7UWLRnTUDJjoYGYJSmGag7UhA/dwih4GqT?=
 =?us-ascii?Q?esDbR1AL5BkLJTdaiL9wf+gGZL1qwh7hWF+5ZOPIqWa3/A4ewP9PDBrpkYEV?=
 =?us-ascii?Q?1MyhA/gcBrCwM3p30meQ4FcjiA/lZwW43kqugX5pSDEg9W1SEttmFn5klVJX?=
 =?us-ascii?Q?YMpBm1RsqVmdR0o5CwJx9wh2BLVc6upDmiVfsRFpsD74p44KWZBbiB6g51DG?=
 =?us-ascii?Q?LWsEv+d3vDIZiDQ+XmPhrtY/h/IFbVfHJ8GIEThGUKoxvAcc/el5duGzR22h?=
 =?us-ascii?Q?BIv/VBFZ+2Um8hL4sKvBvmFB2H2o+PP6uuWwoC8g3i4/N/EUT4elXfaUM+qI?=
 =?us-ascii?Q?oeHe2z0LEmTUTUcS8C8J+eEXpcUZ+RdJBZwx0QxzBHqqZqhgT/hIVBeUhRsy?=
 =?us-ascii?Q?dOAuujhd7zQdq3iKhmFVni6wzurzkPtxO0Lc+V7ZcBLR1aqtUQS6S7gp3agN?=
 =?us-ascii?Q?MbKwCODcqRmlEinDvauvoFxxTDHlb1Oyu1Nt613teAnG4lwCEClobD00bRqM?=
 =?us-ascii?Q?133GK0TZ2fud1NuGGwsDM55+25VQ8dZu58PSAdqJn9h0v7Jtmw8mSCHtiYc5?=
 =?us-ascii?Q?DptVSROakVcmky0BSd9MTc405BtB2+EeEYdNqHN7W5/D3W7m+IriXOGibveA?=
 =?us-ascii?Q?hZIA3OY1Tups3U2H+u0yaGqGhmSpt5s6sTZmZHchrfyl5AgyI4fNU5zRvHg8?=
 =?us-ascii?Q?Uz24ClkS20Bz3z3Uqqi2OLwS4p8i1WrqES35Rahm/UA6NXVteqXzM58Fovie?=
 =?us-ascii?Q?toAbDZztV4utwEm734KqE5Lx95OUSwAWiaIcrv7uAsn06oLnOOCyU3IVryoJ?=
 =?us-ascii?Q?dMuELvAMxMXMJwj7WOkXOv8xWnurRQrpAhDYAnx3RM4sLsreZR+P0MhaDIs1?=
 =?us-ascii?Q?GcWDTBpcqLxoy8Hu+4m4udcKzoO6CvsoTreOYx1fIfbIHbwTnrj/flQoAZBP?=
 =?us-ascii?Q?SdI+CWqDUKSlRJGSiaMocQme8qeNDUoTo6+ifMSbuXSvxlgyepSigOB/moIA?=
 =?us-ascii?Q?98YVnCS70BY+yRHd+YzNCISF2FmFfINkGhd4BXiwakoYx2Os8C+1QOuis+dN?=
 =?us-ascii?Q?inMrGWo8YMC5oh+bhL0U/OMlcW3rDum4DmxX0xb2hbKMWBX0KSiy6Z7+QIz7?=
 =?us-ascii?Q?htUskiv5uMOg33ezRu9YeLJrQ6Bp5l4vajaGgcxwcx741nnmgBXbx1lIGtHW?=
 =?us-ascii?Q?bKYmrp0WrffE4QdSOVQST2AGPiTuNjA1hExe0JWSScptDsyFKk+2Q2qfDwIJ?=
 =?us-ascii?Q?ENr12xDnYdM8occyGFmPjPNF30rewGWvZuYDjjsHxDzhb7ZaqwIZm7rGhPJb?=
 =?us-ascii?Q?V9y9fPfVUn7mTuQme32vPyWz4OsCVLiJNsJ/WTmStBghP9EtCqpTakwsbSDE?=
 =?us-ascii?Q?2/eOBRelxEDGU/Ubvk5TGEd8OZw5dXBpdioXijr6S2JJYVhH2ADo7oNoFHZ1?=
 =?us-ascii?Q?fxaACznROT1z1TeC9/6W8Q6o4apEqsCFcO4hYhaIKISZwHhLaKCT21rr/8A4?=
 =?us-ascii?Q?a4oKyWTFVhRKM6D9RAsHAauO9GQ8QWLhx5BuPFfn2OUC+6hRsiC3CDIl/A7G?=
 =?us-ascii?Q?9pxtVASDrcfvlqIppn7GryYQdyU5dLwX1802O3ZK?=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
X-Mailing-List: linux-crypto@vger.kernel.org
List-Id: <linux-crypto.vger.kernel.org>
List-Subscribe: <mailto:linux-crypto+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-crypto+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-OriginatorOrg: marvell.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN7PR18MB5314.namprd18.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4680eb97-6b2c-4661-3113-08dc47106c1f
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Mar 2024 05:58:23.8749
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: kvp99VZglZS1YcJ/e4khNUuEg4FqJvfVHBPF3tZj9XhRaPqKUIhniSYp9Pn3WohFxcNSVwceLvyR64uTnWDzTQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR18MB4503
X-Proofpoint-GUID: OaINCsPMB36j2AXaSvgLH4J5FRK4RvuC
X-Proofpoint-ORIG-GUID: OaINCsPMB36j2AXaSvgLH4J5FRK4RvuC
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26
 definitions=2024-03-17_12,2024-03-15_01,2023-05-22_02


> -----Original Message-----
> From: Stefan Berger <stefanb@linux.vnet.ibm.com>
> Sent: Wednesday, March 13, 2024 12:06 AM
> To: keyrings@vger.kernel.org; linux-crypto@vger.kernel.org;
> herbert@gondor.apana.org.au; davem@davemloft.net
> Cc: linux-kernel@vger.kernel.org; saulo.alessandre@tse.jus.br;
> lukas@wunner.de; Bharat Bhushan <bbhushan2@marvell.com>;
> jarkko@kernel.org; Stefan Berger <stefanb@linux.ibm.com>
> Subject: [EXTERNAL] [PATCH v6 12/13] crypto: asymmetric_keys - Adjust
> signature size calculation for NIST P521
> ----------------------------------------------------------------------
> From: Stefan Berger <stefanb@linux.ibm.com>
>=20
> Adjust the calculation of the maximum signature size for support of NIST
> P521. While existing curves may prepend a 0 byte to their coordinates (to
> make the number positive), NIST P521 will not do this since only the firs=
t bit in
> the most significant byte is used.
>=20
> If the encoding of the x & y coordinates requires at least 128 bytes then=
 an
> additional byte is needed for the encoding of the length. Take this into =
account
> when calculating the maximum signature size.
>=20
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> Reviewed-by: Lukas Wunner <lukas@wunner.de>
> Tested-by: Lukas Wunner <lukas@wunner.de>
> ---
>  crypto/asymmetric_keys/public_key.c | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)
>=20
> diff --git a/crypto/asymmetric_keys/public_key.c
> b/crypto/asymmetric_keys/public_key.c
> index e5f22691febd..16cc0be28929 100644
> --- a/crypto/asymmetric_keys/public_key.c
> +++ b/crypto/asymmetric_keys/public_key.c
> @@ -233,6 +233,7 @@ static int software_key_query(const struct
> kernel_pkey_params *params,
>  	info->key_size =3D len * 8;
>=20
>  	if (strncmp(pkey->pkey_algo, "ecdsa", 5) =3D=3D 0) {
> +		int slen =3D len;
>  		/*
>  		 * ECDSA key sizes are much smaller than RSA, and thus could
>  		 * operate on (hashed) inputs that are larger than key size.
> @@ -246,8 +247,19 @@ static int software_key_query(const struct
> kernel_pkey_params *params,
>  		 * Verify takes ECDSA-Sig (described in RFC 5480) as input,
>  		 * which is actually 2 'key_size'-bit integers encoded in
>  		 * ASN.1.  Account for the ASN.1 encoding overhead here.
> +		 *
> +		 * NIST P192/256/384 may prepend a '0' to a coordinate to
> +		 * indicate a positive integer. NIST P521 never needs it.
>  		 */
> -		info->max_sig_size =3D 2 * (len + 3) + 2;
> +		if (strcmp(pkey->pkey_algo, "ecdsa-nist-p521") !=3D 0)
> +			slen +=3D 1;
> +		/* Length of encoding the x & y coordinates */
> +		slen =3D 2 * (slen + 2);
> +		/*
> +		 * If coordinate encoding takes at least 128 bytes then an
> +		 * additional byte for length encoding is needed.
> +		 */
> +		info->max_sig_size =3D 1 + (slen >=3D 128) + 1 + slen;

Is "(slen >=3D 128)" valid for P192/256/384 also?

Thanks
-Bharat

>  	} else {
>  		info->max_data_size =3D len;
>  		info->max_sig_size =3D len;
> --
> 2.43.0