driver: crypto: hisilicon: add X25519 and X448 algorithm #7001
Conversation
|
@jforissier @jenswi-linaro Do you have any comments? |
|
|
||
| ret = hpre_bin_from_crypto_bin(p, p, msg->key_bytes, msg->curve_bytes); | ||
| if (ret) { | ||
| EMSG("Fail to transfer montgomery p from crypto_bin to |
There was a problem hiding this comment.
Please keep this print in one line, same goes the for other prints. It's OK if this line with the format string becomes longer than 80.
|
|
||
| /* NID_X25519 */ | ||
| /* p = (2 ^ 255 - 19) big endian */ | ||
| static uint8_t g_x25519_p[] = { |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05 | ||
| }; | ||
|
|
||
| static struct hpre_mgm_curve g_curve_list[] = { |
There was a problem hiding this comment.
const also.
This change will also request the related argument of hpre_montgomery_params_fill() and hpre_montgomery_request_init() is also const.
|
|
||
| return TEE_SUCCESS; | ||
| pub_err: | ||
| free(key->priv); |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
| return HISI_QM_DRVCRYPT_EINVAL; | ||
| } | ||
|
|
||
| return 0; |
There was a problem hiding this comment.
return HISI_QM_DRVCRYPT_NO_ERR
| shift = bsize - p_size; | ||
| ret = memcmp(u + shift, p + shift, p_size); | ||
| if (ret >= 0) { | ||
| EMSG("u > p"); |
| return ret; | ||
| } | ||
|
|
||
| static struct drvcrypt_montgomery driver_x25519 = { |
| { | ||
| struct hisi_qp *montgomery_qp; | ||
| TEE_Result res = TEE_SUCCESS; | ||
| int32_t ret = 0; |
There was a problem hiding this comment.
Type should be enum hisi_drv_status.
res and ret labels are very similar, it can be confusing. Could you rename one of them? For example:
- int32_t ret = 0;
+ enum hisi_drv_status status = HISI_QM_DRVCRYPT_NO_ERR;| ret = hpre_montgomery_do_task(&msg); | ||
| if (ret) { | ||
| EMSG("Fail to do montgomery shared secret task! ret = 0x%" | ||
| PIRX16, ret); |
|
|
||
| ret = hpre_montgomery_do_task(&msg); | ||
| if (ret) { | ||
| EMSG("Fail to do montgomery key pair task ret = 0x%"PRIX16, |
| uint8_t *privkey, | ||
| uint8_t *pubkey) | ||
| { | ||
| TEE_Result ret = TEE_SUCCESS; |
There was a problem hiding this comment.
ret should be of type enum hisi_drv_status.
There was a problem hiding this comment.
You forgot to address this comment.
There was a problem hiding this comment.
Sorry,missed this.
Solved.
yuzexiyzx
force-pushed
the
master
branch
3 times, most recently
from
062673d
to
dab1242
Compare
|
|
||
| static TEE_Result hpre_montgomery_do_task(struct hpre_montgomery_msg *msg) | ||
| { | ||
| struct hisi_qp *montgomery_qp; |
|
|
||
| ret = hpre_montgomery_do_task(&msg); | ||
| if (ret) { | ||
| EMSG("Fail to do montgomery shared secret task! ret = 0x%"PIRX32, |
| uint32_t result; | ||
| }; | ||
|
|
||
| TEE_Result hpre_montgomery_init(void); |
There was a problem hiding this comment.
I don't think exporting this function is needed, it's called from an initcall level. It could be static within hpre_montgomery.c.
| #ifndef __HPRE_MONTGOMERYH__ | ||
| #define __HPRE_MONTGOMERYH__ | ||
|
|
||
| #include <stdbool.h> |
There was a problem hiding this comment.
It seems stdbool.h is no more needed.
yuzexiyzx
force-pushed
the
master
branch
4 times, most recently
from
df95b85
to
5d2eb2f
Compare
|
@jenswi-linaro @etienne-lms All comments have been solved. |
|
@jenswi-linaro @etienne-lms All comments have been solved. |
| * byte to zero instead. | ||
| */ | ||
| if (msg->key_bytes == BITS_TO_BYTES(X25519_KEY_BITS)) { | ||
| dst[31] &= 248; |
There was a problem hiding this comment.
Please add a comment explaining that this is for the X25519 case with a 32-byte integer.
It's a bit curious that masking is done using decimal values instead of hexadecimal, it might be worth mentioning that's how it's done in the example in the RFC.
| dst[0] |= 64; | ||
| u[0] &= 0x7F; | ||
| } else { | ||
| dst[55 + bsize - dsize] &= 252; |
There was a problem hiding this comment.
Please add a comment explaining that this is for the X448 case with a 56-byte integer.
Why is bsize - dsize needed?
| struct hpre_montgomery_msg *msg = info; | ||
| struct hpre_sqe *sqe = bd; | ||
|
|
||
| sqe->w0 = msg->alg_type | (0x1 << HPRE_DONE_SHIFT); |
There was a problem hiding this comment.
Prefer SHIFT_U32(0x1, HPRE_DONE_SHIFT)
core/drivers/crypto/hisilicon/sub.mk
Outdated
| @@ -6,3 +6,4 @@ srcs-y += sec_cipher.c | |||
| srcs-$(CFG_HISILICON_ACC_V3) += hpre_main.c | |||
| srcs-$(CFG_HISILICON_ACC_V3) += hpre_dh.c | |||
| srcs-$(CFG_HISILICON_ACC_V3) += hpre_ecc.c | |||
| srcs-$(CFG_HISILICON_ACC_V3) += hpre_montgomery.c | |||
There was a problem hiding this comment.
Please add the missing end-of-line character.
|
@jenswi-linaro @etienne-lms All comments have been solved. |
1 similar comment
|
@jenswi-linaro @etienne-lms All comments have been solved. |
| uint8_t *privkey, | ||
| uint8_t *pubkey) | ||
| { | ||
| TEE_Result ret = TEE_SUCCESS; |
There was a problem hiding this comment.
You forgot to address this comment.
| err1 = HPRE_TASK_ETYPE1(sqe->w0); | ||
| done = HPRE_TASK_DONE(sqe->w0); | ||
| if (done != HPRE_HW_TASK_DONE || err || err1) { | ||
| EMSG("HPRE do x_dh fail! done=0x%"PRIX16", etype=0x%"PRIX16",etype1=0x%"PRIX16, done, err, err1); |
There was a problem hiding this comment.
For coding style:
EMSG("HPRE do x_dh fail! done=0x%"PRIX16", etype=0x%"PRIX16", etype1=0x%"PRIX16,
done, err, err1);|
|
||
| ret = hpre_montgomery_do_task(&msg); | ||
| if (ret) { | ||
| EMSG("Fail to do montgomery shared secret task! ret = 0x%"PRIX32, ret); |
There was a problem hiding this comment.
EMSG("Fail to do montgomery shared secret task! ret = %#"PRIX32,
ret);| * Copyright (c) 2024 HiSilicon Limited. | ||
| */ | ||
| #ifndef __HPRE_MONTGOMERYH__ | ||
| #define __HPRE_MONTGOMERYH__ |
There was a problem hiding this comment.
s/__HPRE_MONTGOMERYH__/__HPRE_MONTGOMERY_H__/
| uint8_t *u = msg->in; | ||
| uint8_t *dst = k; | ||
| uint32_t bsize = msg->key_bytes; | ||
| uint32_t dsize = msg->curve_bytes; |
There was a problem hiding this comment.
What's the difference between dsize and psize? They always hold the same value.
There was a problem hiding this comment.
psize is the size of public key. Its value is the same as curve_bytes.
There was a problem hiding this comment.
maybe I can just use dsize here
| * to 576 when curve_bytes is between 384 and 576, and the high-order | ||
| * bits will be set to 0. | ||
| */ | ||
| dst[55 + bsize - dsize] &= 0xFC; |
There was a problem hiding this comment.
I never got an answer to why bsize - dsize is needed. Doesn't dst[55 + bsize - dsize] address out of range of dst[]?
There was a problem hiding this comment.
It is our hardware limit that key_bytes will be set to 72(576/8) when curve_bytes is between 48 and 72.So, dsize is 56 here, and bsize is 72.
| dst[0 + bsize - dsize] |= 0x80; | ||
| } | ||
|
|
||
| shift = bsize - psize; |
There was a problem hiding this comment.
How would you describe shift, what does it represent?
There was a problem hiding this comment.
Shift means the offset I need to take into accout when I deal with the data related to protocol
There was a problem hiding this comment.
due to hardware limit mentioned above
There was a problem hiding this comment.
It sounds like offset would be a better name. Please add a comment describing how this variable is used.
yuzexiyzx
force-pushed
the
master
branch
2 times, most recently
from
eb4c4a9
to
1f5bc64
Compare
|
|
|
@etienne-lms All comments have been solved |
add operation of X25519 and X448 algorithm, including alloc_keypair, gen_keypar and shared_secret Signed-off-by: yuzexi <[email protected]> Acked-by: Jens Wiklander <[email protected]> Acked-by: Etienne Carriere <[email protected]>
|
@jforissier All comments have been solved. |
add X22519 and X448