ecdsa-p1363.c 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * ECDSA P1363 signature encoding
  4. *
  5. * Copyright (c) 2024 Intel Corporation
  6. */
  7. #include <linux/err.h>
  8. #include <linux/module.h>
  9. #include <crypto/algapi.h>
  10. #include <crypto/sig.h>
  11. #include <crypto/internal/ecc.h>
  12. #include <crypto/internal/sig.h>
  13. struct ecdsa_p1363_ctx {
  14. struct crypto_sig *child;
  15. };
  16. static int ecdsa_p1363_verify(struct crypto_sig *tfm,
  17. const void *src, unsigned int slen,
  18. const void *digest, unsigned int dlen)
  19. {
  20. struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  21. unsigned int keylen = DIV_ROUND_UP_POW2(crypto_sig_keysize(ctx->child),
  22. BITS_PER_BYTE);
  23. unsigned int ndigits = DIV_ROUND_UP_POW2(keylen, sizeof(u64));
  24. struct ecdsa_raw_sig sig;
  25. if (slen != 2 * keylen)
  26. return -EINVAL;
  27. ecc_digits_from_bytes(src, keylen, sig.r, ndigits);
  28. ecc_digits_from_bytes(src + keylen, keylen, sig.s, ndigits);
  29. return crypto_sig_verify(ctx->child, &sig, sizeof(sig), digest, dlen);
  30. }
  31. static unsigned int ecdsa_p1363_key_size(struct crypto_sig *tfm)
  32. {
  33. struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  34. return crypto_sig_keysize(ctx->child);
  35. }
  36. static unsigned int ecdsa_p1363_max_size(struct crypto_sig *tfm)
  37. {
  38. struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  39. return 2 * DIV_ROUND_UP_POW2(crypto_sig_keysize(ctx->child),
  40. BITS_PER_BYTE);
  41. }
  42. static unsigned int ecdsa_p1363_digest_size(struct crypto_sig *tfm)
  43. {
  44. struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  45. return crypto_sig_digestsize(ctx->child);
  46. }
  47. static int ecdsa_p1363_set_pub_key(struct crypto_sig *tfm,
  48. const void *key, unsigned int keylen)
  49. {
  50. struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  51. return crypto_sig_set_pubkey(ctx->child, key, keylen);
  52. }
  53. static int ecdsa_p1363_init_tfm(struct crypto_sig *tfm)
  54. {
  55. struct sig_instance *inst = sig_alg_instance(tfm);
  56. struct crypto_sig_spawn *spawn = sig_instance_ctx(inst);
  57. struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  58. struct crypto_sig *child_tfm;
  59. child_tfm = crypto_spawn_sig(spawn);
  60. if (IS_ERR(child_tfm))
  61. return PTR_ERR(child_tfm);
  62. ctx->child = child_tfm;
  63. return 0;
  64. }
  65. static void ecdsa_p1363_exit_tfm(struct crypto_sig *tfm)
  66. {
  67. struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  68. crypto_free_sig(ctx->child);
  69. }
  70. static void ecdsa_p1363_free(struct sig_instance *inst)
  71. {
  72. struct crypto_sig_spawn *spawn = sig_instance_ctx(inst);
  73. crypto_drop_sig(spawn);
  74. kfree(inst);
  75. }
  76. static int ecdsa_p1363_create(struct crypto_template *tmpl, struct rtattr **tb)
  77. {
  78. struct crypto_sig_spawn *spawn;
  79. struct sig_instance *inst;
  80. struct sig_alg *ecdsa_alg;
  81. u32 mask;
  82. int err;
  83. err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_SIG, &mask);
  84. if (err)
  85. return err;
  86. inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL);
  87. if (!inst)
  88. return -ENOMEM;
  89. spawn = sig_instance_ctx(inst);
  90. err = crypto_grab_sig(spawn, sig_crypto_instance(inst),
  91. crypto_attr_alg_name(tb[1]), 0, mask);
  92. if (err)
  93. goto err_free_inst;
  94. ecdsa_alg = crypto_spawn_sig_alg(spawn);
  95. err = -EINVAL;
  96. if (strncmp(ecdsa_alg->base.cra_name, "ecdsa", 5) != 0)
  97. goto err_free_inst;
  98. err = crypto_inst_setname(sig_crypto_instance(inst), tmpl->name,
  99. &ecdsa_alg->base);
  100. if (err)
  101. goto err_free_inst;
  102. inst->alg.base.cra_priority = ecdsa_alg->base.cra_priority;
  103. inst->alg.base.cra_ctxsize = sizeof(struct ecdsa_p1363_ctx);
  104. inst->alg.init = ecdsa_p1363_init_tfm;
  105. inst->alg.exit = ecdsa_p1363_exit_tfm;
  106. inst->alg.verify = ecdsa_p1363_verify;
  107. inst->alg.key_size = ecdsa_p1363_key_size;
  108. inst->alg.max_size = ecdsa_p1363_max_size;
  109. inst->alg.digest_size = ecdsa_p1363_digest_size;
  110. inst->alg.set_pub_key = ecdsa_p1363_set_pub_key;
  111. inst->free = ecdsa_p1363_free;
  112. err = sig_register_instance(tmpl, inst);
  113. if (err) {
  114. err_free_inst:
  115. ecdsa_p1363_free(inst);
  116. }
  117. return err;
  118. }
  119. struct crypto_template ecdsa_p1363_tmpl = {
  120. .name = "p1363",
  121. .create = ecdsa_p1363_create,
  122. .module = THIS_MODULE,
  123. };
  124. MODULE_ALIAS_CRYPTO("p1363");