xref: /OK3568_Linux_fs/kernel/crypto/curve25519-generic.c (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-or-later
2*4882a593Smuzhiyun 
3*4882a593Smuzhiyun #include <crypto/curve25519.h>
4*4882a593Smuzhiyun #include <crypto/internal/kpp.h>
5*4882a593Smuzhiyun #include <crypto/kpp.h>
6*4882a593Smuzhiyun #include <linux/module.h>
7*4882a593Smuzhiyun #include <linux/scatterlist.h>
8*4882a593Smuzhiyun 
curve25519_set_secret(struct crypto_kpp * tfm,const void * buf,unsigned int len)9*4882a593Smuzhiyun static int curve25519_set_secret(struct crypto_kpp *tfm, const void *buf,
10*4882a593Smuzhiyun 				 unsigned int len)
11*4882a593Smuzhiyun {
12*4882a593Smuzhiyun 	u8 *secret = kpp_tfm_ctx(tfm);
13*4882a593Smuzhiyun 
14*4882a593Smuzhiyun 	if (!len)
15*4882a593Smuzhiyun 		curve25519_generate_secret(secret);
16*4882a593Smuzhiyun 	else if (len == CURVE25519_KEY_SIZE &&
17*4882a593Smuzhiyun 		 crypto_memneq(buf, curve25519_null_point, CURVE25519_KEY_SIZE))
18*4882a593Smuzhiyun 		memcpy(secret, buf, CURVE25519_KEY_SIZE);
19*4882a593Smuzhiyun 	else
20*4882a593Smuzhiyun 		return -EINVAL;
21*4882a593Smuzhiyun 	return 0;
22*4882a593Smuzhiyun }
23*4882a593Smuzhiyun 
curve25519_compute_value(struct kpp_request * req)24*4882a593Smuzhiyun static int curve25519_compute_value(struct kpp_request *req)
25*4882a593Smuzhiyun {
26*4882a593Smuzhiyun 	struct crypto_kpp *tfm = crypto_kpp_reqtfm(req);
27*4882a593Smuzhiyun 	const u8 *secret = kpp_tfm_ctx(tfm);
28*4882a593Smuzhiyun 	u8 public_key[CURVE25519_KEY_SIZE];
29*4882a593Smuzhiyun 	u8 buf[CURVE25519_KEY_SIZE];
30*4882a593Smuzhiyun 	int copied, nbytes;
31*4882a593Smuzhiyun 	u8 const *bp;
32*4882a593Smuzhiyun 
33*4882a593Smuzhiyun 	if (req->src) {
34*4882a593Smuzhiyun 		copied = sg_copy_to_buffer(req->src,
35*4882a593Smuzhiyun 					   sg_nents_for_len(req->src,
36*4882a593Smuzhiyun 							    CURVE25519_KEY_SIZE),
37*4882a593Smuzhiyun 					   public_key, CURVE25519_KEY_SIZE);
38*4882a593Smuzhiyun 		if (copied != CURVE25519_KEY_SIZE)
39*4882a593Smuzhiyun 			return -EINVAL;
40*4882a593Smuzhiyun 		bp = public_key;
41*4882a593Smuzhiyun 	} else {
42*4882a593Smuzhiyun 		bp = curve25519_base_point;
43*4882a593Smuzhiyun 	}
44*4882a593Smuzhiyun 
45*4882a593Smuzhiyun 	curve25519_generic(buf, secret, bp);
46*4882a593Smuzhiyun 
47*4882a593Smuzhiyun 	/* might want less than we've got */
48*4882a593Smuzhiyun 	nbytes = min_t(size_t, CURVE25519_KEY_SIZE, req->dst_len);
49*4882a593Smuzhiyun 	copied = sg_copy_from_buffer(req->dst, sg_nents_for_len(req->dst,
50*4882a593Smuzhiyun 								nbytes),
51*4882a593Smuzhiyun 				     buf, nbytes);
52*4882a593Smuzhiyun 	if (copied != nbytes)
53*4882a593Smuzhiyun 		return -EINVAL;
54*4882a593Smuzhiyun 	return 0;
55*4882a593Smuzhiyun }
56*4882a593Smuzhiyun 
curve25519_max_size(struct crypto_kpp * tfm)57*4882a593Smuzhiyun static unsigned int curve25519_max_size(struct crypto_kpp *tfm)
58*4882a593Smuzhiyun {
59*4882a593Smuzhiyun 	return CURVE25519_KEY_SIZE;
60*4882a593Smuzhiyun }
61*4882a593Smuzhiyun 
62*4882a593Smuzhiyun static struct kpp_alg curve25519_alg = {
63*4882a593Smuzhiyun 	.base.cra_name		= "curve25519",
64*4882a593Smuzhiyun 	.base.cra_driver_name	= "curve25519-generic",
65*4882a593Smuzhiyun 	.base.cra_priority	= 100,
66*4882a593Smuzhiyun 	.base.cra_module	= THIS_MODULE,
67*4882a593Smuzhiyun 	.base.cra_ctxsize	= CURVE25519_KEY_SIZE,
68*4882a593Smuzhiyun 
69*4882a593Smuzhiyun 	.set_secret		= curve25519_set_secret,
70*4882a593Smuzhiyun 	.generate_public_key	= curve25519_compute_value,
71*4882a593Smuzhiyun 	.compute_shared_secret	= curve25519_compute_value,
72*4882a593Smuzhiyun 	.max_size		= curve25519_max_size,
73*4882a593Smuzhiyun };
74*4882a593Smuzhiyun 
curve25519_init(void)75*4882a593Smuzhiyun static int curve25519_init(void)
76*4882a593Smuzhiyun {
77*4882a593Smuzhiyun 	return crypto_register_kpp(&curve25519_alg);
78*4882a593Smuzhiyun }
79*4882a593Smuzhiyun 
curve25519_exit(void)80*4882a593Smuzhiyun static void curve25519_exit(void)
81*4882a593Smuzhiyun {
82*4882a593Smuzhiyun 	crypto_unregister_kpp(&curve25519_alg);
83*4882a593Smuzhiyun }
84*4882a593Smuzhiyun 
85*4882a593Smuzhiyun subsys_initcall(curve25519_init);
86*4882a593Smuzhiyun module_exit(curve25519_exit);
87*4882a593Smuzhiyun 
88*4882a593Smuzhiyun MODULE_ALIAS_CRYPTO("curve25519");
89*4882a593Smuzhiyun MODULE_ALIAS_CRYPTO("curve25519-generic");
90*4882a593Smuzhiyun MODULE_LICENSE("GPL");
91