diff options
Diffstat (limited to 'crypto/ec')
-rw-r--r-- | crypto/ec/build.info | 1 | ||||
-rw-r--r-- | crypto/ec/ec_key.c | 38 | ||||
-rw-r--r-- | crypto/ec/ecx_key.c | 64 |
3 files changed, 103 insertions, 0 deletions
diff --git a/crypto/ec/build.info b/crypto/ec/build.info index a511e887a9..e4799ad37a 100644 --- a/crypto/ec/build.info +++ b/crypto/ec/build.info @@ -92,6 +92,7 @@ INCLUDE[ecp_nistz256-sparcv9.o]=.. INCLUDE[ecp_s390x_nistp.o]=.. INCLUDE[ecx_s390x.o]=.. INCLUDE[ecx_meth.o]=.. +INCLUDE[ecx_key.o]=.. GENERATE[ecp_nistz256-armv4.S]=asm/ecp_nistz256-armv4.pl INCLUDE[ecp_nistz256-armv4.o]=.. diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 1bbca360e2..44bac9afa7 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -24,6 +24,7 @@ #endif #include <openssl/self_test.h> #include "prov/providercommon.h" +#include "prov/ecx.h" #include "crypto/bn.h" static int ecdsa_keygen_pairwise_test(EC_KEY *eckey, OSSL_CALLBACK *cb, @@ -350,6 +351,43 @@ err: return ok; } +#ifndef FIPS_MODULE +/* + * This is similar to ec_generate_key(), except it uses an ikm to + * derive the private key. + */ +int ossl_ec_generate_key_dhkem(EC_KEY *eckey, + const unsigned char *ikm, size_t ikmlen) +{ + int ok = 0; + + if (eckey->priv_key == NULL) { + eckey->priv_key = BN_secure_new(); + if (eckey->priv_key == NULL) + goto err; + } + if (ossl_ec_dhkem_derive_private(eckey, eckey->priv_key, ikm, ikmlen) <= 0) + goto err; + if (eckey->pub_key == NULL) { + eckey->pub_key = EC_POINT_new(eckey->group); + if (eckey->pub_key == NULL) + goto err; + } + if (!ossl_ec_key_simple_generate_public_key(eckey)) + goto err; + + ok = 1; +err: + if (!ok) { + BN_clear_free(eckey->priv_key); + eckey->priv_key = NULL; + if (eckey->pub_key != NULL) + EC_POINT_set_to_infinity(eckey->group, eckey->pub_key); + } + return ok; +} +#endif + int ossl_ec_key_simple_generate_key(EC_KEY *eckey) { return ec_generate_key(eckey, 0); diff --git a/crypto/ec/ecx_key.c b/crypto/ec/ecx_key.c index dcec26c2e9..8cf7f1708c 100644 --- a/crypto/ec/ecx_key.c +++ b/crypto/ec/ecx_key.c @@ -9,7 +9,13 @@ #include <string.h> #include <openssl/err.h> +#include <openssl/proverr.h> #include "crypto/ecx.h" +#include "internal/common.h" /* for ossl_assert() */ + +#ifdef S390X_EC_ASM +# include "s390x_arch.h" +#endif ECX_KEY *ossl_ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, int haspubkey, const char *propq) @@ -96,3 +102,61 @@ unsigned char *ossl_ecx_key_allocate_privkey(ECX_KEY *key) return key->privkey; } + +int ossl_ecx_compute_key(ECX_KEY *peer, ECX_KEY *priv, size_t keylen, + unsigned char *secret, size_t *secretlen, size_t outlen) +{ + if (priv == NULL + || priv->privkey == NULL + || peer == NULL) { + ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY); + return 0; + } + + if (!ossl_assert(keylen == X25519_KEYLEN + || keylen == X448_KEYLEN)) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); + return 0; + } + + if (secret == NULL) { + *secretlen = keylen; + return 1; + } + if (outlen < keylen) { + ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); + return 0; + } + + if (keylen == X25519_KEYLEN) { +#ifdef S390X_EC_ASM + if (OPENSSL_s390xcap_P.pcc[1] + & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) { + if (s390x_x25519_mul(secret, peer->pubkey, priv->privkey) == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); + return 0; + } + } else +#endif + if (ossl_x25519(secret, priv->privkey, peer->pubkey) == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); + return 0; + } + } else { +#ifdef S390X_EC_ASM + if (OPENSSL_s390xcap_P.pcc[1] + & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) { + if (s390x_x448_mul(secret, peer->pubkey, priv->privkey) == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); + return 0; + } + } else +#endif + if (ossl_x448(secret, priv->privkey, peer->pubkey) == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); + return 0; + } + } + *secretlen = keylen; + return 1; +} |