-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move X25519/X448 to the default provider #10964
Conversation
Travis is also relevant. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks pretty good apart from a few small NITS.
Fixup commits pushed addressing the above comments and the travis failure. Please take another look. |
Oh...and also I realised I missed off the s390 support. Now added. |
crypto/s390xcpuid.S
Outdated
#include "s390x_arch.h" | ||
|
||
.text | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where has this file come from?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Its generated by s390xcpuid.pl, @mattcaswell probably added it accidentially.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes I did. I'll remove it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It LGTM..
I would prefer if @p-steuer reviewed the s390 bits though.
fda31f7
to
f6c69e1
Compare
Fixed the s390xcpuid.S issue. The travis red cross was due to a bad auto-merge with master during the travis build. I've rebased to resolve that issue. Please take another look. |
With moving the s390 code to provider, the corresponding run-time feature detection was lost. My tests of the S390X_EC_ASM build pass on z15 but it should SIGILL on any older machine, since ECC instruction set extension is not available there. Specifically im talking about the following (non provider) code from crypto/ec/ecx_meth.c:
This could be easily fixed by checking the above conditions inside provider code's S390X_EC_ASM ifdefs (before every operation). However, since this check is only required one time at init, i would prefer a solution similar to the non-provider code (to also get rid of a lot of ifdefs and to facilitate integration of future platform specific hw support). E.g. replace member pointing to an OPENSSL_DISPATCH object in OPENSSL_ALGORITHM structure by a member pointing to a function returning such objects. That way, you could define both a platform-spefific and a generic OPENSSL_DISPATCH array, and said function could chose which one to return, based on the hw capabilities detected on init (analogous to what i did to the standard_methods array here: 19bd1fa). |
Fixed. I have gone with this simple solution for now. I did look at an option for a one time capability check. We actually have a mechanism for that for ciphers. See: Lines 190 to 197 in 7fa8bcf
It would not take much to extend that to key exchange. However in this case I think the benefit is very minimal at the cost of quite a lot of extra plumbing. I'm not actually sure you would gain anything very much. |
if (ecxctx->keylen == X25519_KEYLEN) { | ||
#ifdef S390X_EC_ASM | ||
if (OPENSSL_s390xcap_P.pcc[1] | ||
& S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
S390X_SCALAR_MULTIPLY_X448 -> S390X_SCALAR_MULTIPLY_X25519
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops. Fixed.
needs a rebase |
Sigh. Needs a bit more work due to the all the keymgmt changes in master. |
Add ref counting and control how we allocate storage for the private key. We will need this type in following commits where we move the ecx code to be provider aware.
1bf8618
to
6907b02
Compare
I rebased this and reworked it to take account of the refactored keymgmt in master. Please take another look and reconfirm? |
Fixups pushed addressing both of those issues. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me now.
This pull request is ready to merge |
Add ref counting and control how we allocate storage for the private key. We will need this type in following commits where we move the ecx code to be provider aware. Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from #10964)
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from #10964)
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from #10964)
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from #10964)
Pushed. Thanks. |
This doesn't yet implement the required serializers. That will come in a subsequent PR.