On 2/4/21 12:27 AM, Herbert Xu wrote:
On Mon, Feb 01, 2021 at 10:19:07AM -0500, Stefan Berger wrote:
Add support for parsing the parameters of a NIST P256 or NIST P192 key.
Enable signature verification using these keys. The new module is
enabled with CONFIG_ECDSA:
   Elliptic Curve Digital Signature Algorithm (NIST P192, P256 etc.)
   is A NIST cryptographic standard algorithm. Only signature verification
   is implemented.

Signed-off-by: Stefan Berger <stef...@linux.ibm.com>
Cc: Herbert Xu <herb...@gondor.apana.org.au>
Cc: "David S. Miller" <da...@davemloft.net>
Cc: linux-crypto@vger.kernel.org
---
  crypto/Kconfig               |  10 +
  crypto/Makefile              |   6 +
  crypto/ecc.c                 |  13 +-
  crypto/ecc.h                 |  28 +++
  crypto/ecdsa.c               | 361 +++++++++++++++++++++++++++++++++++
  crypto/ecdsasignature.asn1   |   4 +
  crypto/testmgr.c             |  12 ++
  crypto/testmgr.h             | 267 ++++++++++++++++++++++++++
  include/linux/oid_registry.h |   4 +
  9 files changed, 694 insertions(+), 11 deletions(-)
  create mode 100644 crypto/ecdsa.c
  create mode 100644 crypto/ecdsasignature.asn1
Saulo Alessandre is implementing ecdsa with signing so you two
should coordinate on this.

Hello Saulo,

 so this series here supports NIST P256 and NIST P192 for usage by IMA for example. It looks like you want to support more elliptic curves than these: p384 and even p521. Do you have any suggestion on how to proceed? Would you want to add patches with your additional curves on top of this series?

I have a project here with some test scripts that may also be relevant for your case: https://github.com/stefanberger/eckey-testing


    Stefan



Thanks,


Reply via email to