Move X25519/X448 to the default provider #10964
Conversation
|
Travis is also relevant. |
|
Fixup commits pushed addressing the above comments and the travis failure. Please take another look. |
|
Oh...and also I realised I missed off the s390 support. Now added. |
crypto/s390xcpuid.S
Outdated
| #include "s390x_arch.h" | ||
|
|
||
| .text | ||
|
|
There was a problem hiding this comment.
Its generated by s390xcpuid.pl, @mattcaswell probably added it accidentially.
There was a problem hiding this comment.
Yes I did. I'll remove it.
mattcaswell
force-pushed
the
ecx-to-providers
branch
from
fda31f7
to
f6c69e1
Compare
|
Fixed the s390xcpuid.S issue. The travis red cross was due to a bad auto-merge with master during the travis build. I've rebased to resolve that issue. Please take another look. |
|
With moving the s390 code to provider, the corresponding run-time feature detection was lost. My tests of the S390X_EC_ASM build pass on z15 but it should SIGILL on any older machine, since ECC instruction set extension is not available there. Specifically im talking about the following (non provider) code from crypto/ec/ecx_meth.c: This could be easily fixed by checking the above conditions inside provider code's S390X_EC_ASM ifdefs (before every operation). However, since this check is only required one time at init, i would prefer a solution similar to the non-provider code (to also get rid of a lot of ifdefs and to facilitate integration of future platform specific hw support). E.g. replace member pointing to an OPENSSL_DISPATCH object in OPENSSL_ALGORITHM structure by a member pointing to a function returning such objects. That way, you could define both a platform-spefific and a generic OPENSSL_DISPATCH array, and said function could chose which one to return, based on the hw capabilities detected on init (analogous to what i did to the standard_methods array here: 19bd1fa). |
Fixed. I have gone with this simple solution for now. I did look at an option for a one time capability check. We actually have a mechanism for that for ciphers. See: Lines 190 to 197 in 7fa8bcf It would not take much to extend that to key exchange. However in this case I think the benefit is very minimal at the cost of quite a lot of extra plumbing. I'm not actually sure you would gain anything very much. |
mattcaswell
added
the
approval: review pending
| if (ecxctx->keylen == X25519_KEYLEN) { | ||
| #ifdef S390X_EC_ASM | ||
| if (OPENSSL_s390xcap_P.pcc[1] | ||
| & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) { |
There was a problem hiding this comment.
S390X_SCALAR_MULTIPLY_X448 -> S390X_SCALAR_MULTIPLY_X25519
|
needs a rebase |
Sigh. Needs a bit more work due to the all the keymgmt changes in master. |
Add ref counting and control how we allocate storage for the private key. We will need this type in following commits where we move the ecx code to be provider aware.
mattcaswell
force-pushed
the
ecx-to-providers
branch
from
1bf8618
to
6907b02
Compare
|
I rebased this and reworked it to take account of the refactored keymgmt in master. Please take another look and reconfirm? |
|
Fixups pushed addressing both of those issues. |
mattcaswell
added
approval: done
openssl-machine
added
approval: ready to merge
|
This pull request is ready to merge |
Add ref counting and control how we allocate storage for the private key. We will need this type in following commits where we move the ecx code to be provider aware. Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from #10964)
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from #10964)
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from #10964)
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from #10964)
|
Pushed. Thanks. |
This doesn't yet implement the required serializers. That will come in a subsequent PR.