6755fd269d
Add support for generating ecc private keys. Generation of ecc private keys is helpful in a user-space to kernel ecdh offload because the keys are not revealed to user-space. Private key generation is also helpful to implement forward secrecy. If the user provides a NULL ecc private key, the kernel will generate it and further use it for ecdh. Move ecdh's object files below drbg's. drbg must be present in the kernel at the time of calling. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Reviewed-by: Stephan Müller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
92 lines
3.6 KiB
C
92 lines
3.6 KiB
C
/*
|
|
* Copyright (c) 2013, Kenneth MacKay
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions are
|
|
* met:
|
|
* * Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
#ifndef _CRYPTO_ECC_H
|
|
#define _CRYPTO_ECC_H
|
|
|
|
#define ECC_MAX_DIGITS 4 /* 256 */
|
|
|
|
#define ECC_DIGITS_TO_BYTES_SHIFT 3
|
|
|
|
/**
|
|
* ecc_is_key_valid() - Validate a given ECDH private key
|
|
*
|
|
* @curve_id: id representing the curve to use
|
|
* @ndigits: curve's number of digits
|
|
* @private_key: private key to be used for the given curve
|
|
* @private_key_len: private key length
|
|
*
|
|
* Returns 0 if the key is acceptable, a negative value otherwise
|
|
*/
|
|
int ecc_is_key_valid(unsigned int curve_id, unsigned int ndigits,
|
|
const u64 *private_key, unsigned int private_key_len);
|
|
|
|
/**
|
|
* ecc_gen_privkey() - Generates an ECC private key.
|
|
* The private key is a random integer in the range 0 < random < n, where n is a
|
|
* prime that is the order of the cyclic subgroup generated by the distinguished
|
|
* point G.
|
|
* @curve_id: id representing the curve to use
|
|
* @ndigits: curve number of digits
|
|
* @private_key: buffer for storing the generated private key
|
|
*
|
|
* Returns 0 if the private key was generated successfully, a negative value
|
|
* if an error occurred.
|
|
*/
|
|
int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey);
|
|
|
|
/**
|
|
* ecc_make_pub_key() - Compute an ECC public key
|
|
*
|
|
* @curve_id: id representing the curve to use
|
|
* @ndigits: curve's number of digits
|
|
* @private_key: pregenerated private key for the given curve
|
|
* @public_key: buffer for storing the generated public key
|
|
*
|
|
* Returns 0 if the public key was generated successfully, a negative value
|
|
* if an error occurred.
|
|
*/
|
|
int ecc_make_pub_key(const unsigned int curve_id, unsigned int ndigits,
|
|
const u64 *private_key, u64 *public_key);
|
|
|
|
/**
|
|
* crypto_ecdh_shared_secret() - Compute a shared secret
|
|
*
|
|
* @curve_id: id representing the curve to use
|
|
* @ndigits: curve's number of digits
|
|
* @private_key: private key of part A
|
|
* @public_key: public key of counterpart B
|
|
* @secret: buffer for storing the calculated shared secret
|
|
*
|
|
* Note: It is recommended that you hash the result of crypto_ecdh_shared_secret
|
|
* before using it for symmetric encryption or HMAC.
|
|
*
|
|
* Returns 0 if the shared secret was generated successfully, a negative value
|
|
* if an error occurred.
|
|
*/
|
|
int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,
|
|
const u64 *private_key, const u64 *public_key,
|
|
u64 *secret);
|
|
#endif
|