crypto/ecdsa-p1363.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  * ECDSA P1363 signature encoding
   4  *
   5  * Copyright (c) 2024 Intel Corporation
   6  */
   7
   8 #include <linux/err.h>
   9 #include <linux/module.h>
  10 #include <crypto/algapi.h>
  11 #include <crypto/sig.h>
  12 #include <crypto/internal/ecc.h>
  13 #include <crypto/internal/sig.h>
  14
  15 struct ecdsa_p1363_ctx {
  16         struct crypto_sig *child;
  17 };
  18
  19 static int ecdsa_p1363_verify(struct crypto_sig *tfm,
  20                               const void *src, unsigned int slen,
  21                               const void *digest, unsigned int dlen)
  22 {
  23         struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  24         unsigned int keylen = crypto_sig_keysize(ctx->child);
  25         unsigned int ndigits = DIV_ROUND_UP(keylen, sizeof(u64));
  26         struct ecdsa_raw_sig sig;
  27
  28         if (slen != 2 * keylen)
  29                 return -EINVAL;
  30
  31         ecc_digits_from_bytes(src, keylen, sig.r, ndigits);
  32         ecc_digits_from_bytes(src + keylen, keylen, sig.s, ndigits);
  33
  34         return crypto_sig_verify(ctx->child, &sig, sizeof(sig), digest, dlen);
  35 }
  36
  37 static unsigned int ecdsa_p1363_key_size(struct crypto_sig *tfm)
  38 {
  39         struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  40
  41         return crypto_sig_keysize(ctx->child);
  42 }
  43
  44 static unsigned int ecdsa_p1363_max_size(struct crypto_sig *tfm)
  45 {
  46         struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  47
  48         return 2 * crypto_sig_keysize(ctx->child);
  49 }
  50
  51 static unsigned int ecdsa_p1363_digest_size(struct crypto_sig *tfm)
  52 {
  53         struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  54
  55         return crypto_sig_digestsize(ctx->child);
  56 }
  57
  58 static int ecdsa_p1363_set_pub_key(struct crypto_sig *tfm,
  59                                    const void *key, unsigned int keylen)
  60 {
  61         struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  62
  63         return crypto_sig_set_pubkey(ctx->child, key, keylen);
  64 }
  65
  66 static int ecdsa_p1363_init_tfm(struct crypto_sig *tfm)
  67 {
  68         struct sig_instance *inst = sig_alg_instance(tfm);
  69         struct crypto_sig_spawn *spawn = sig_instance_ctx(inst);
  70         struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  71         struct crypto_sig *child_tfm;
  72
  73         child_tfm = crypto_spawn_sig(spawn);
  74         if (IS_ERR(child_tfm))
  75                 return PTR_ERR(child_tfm);
  76
  77         ctx->child = child_tfm;
  78
  79         return 0;
  80 }
  81
  82 static void ecdsa_p1363_exit_tfm(struct crypto_sig *tfm)
  83 {
  84         struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
  85
  86         crypto_free_sig(ctx->child);
  87 }
  88
  89 static void ecdsa_p1363_free(struct sig_instance *inst)
  90 {
  91         struct crypto_sig_spawn *spawn = sig_instance_ctx(inst);
  92
  93         crypto_drop_sig(spawn);
  94         kfree(inst);
  95 }
  96
  97 static int ecdsa_p1363_create(struct crypto_template *tmpl, struct rtattr **tb)
  98 {
  99         struct crypto_sig_spawn *spawn;
 100         struct sig_instance *inst;
 101         struct sig_alg *ecdsa_alg;
 102         u32 mask;
 103         int err;
 104
 105         err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_SIG, &mask);
 106         if (err)
 107                 return err;
 108
 109         inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL);
 110         if (!inst)
 111                 return -ENOMEM;
 112
 113         spawn = sig_instance_ctx(inst);
 114
 115         err = crypto_grab_sig(spawn, sig_crypto_instance(inst),
 116                               crypto_attr_alg_name(tb[1]), 0, mask);
 117         if (err)
 118                 goto err_free_inst;
 119
 120         ecdsa_alg = crypto_spawn_sig_alg(spawn);
 121
 122         err = -EINVAL;
 123         if (strncmp(ecdsa_alg->base.cra_name, "ecdsa", 5) != 0)
 124                 goto err_free_inst;
 125
 126         err = crypto_inst_setname(sig_crypto_instance(inst), tmpl->name,
 127                                   &ecdsa_alg->base);
 128         if (err)
 129                 goto err_free_inst;
 130
 131         inst->alg.base.cra_priority = ecdsa_alg->base.cra_priority;
 132         inst->alg.base.cra_ctxsize = sizeof(struct ecdsa_p1363_ctx);
 133
 134         inst->alg.init = ecdsa_p1363_init_tfm;
 135         inst->alg.exit = ecdsa_p1363_exit_tfm;
 136
 137         inst->alg.verify = ecdsa_p1363_verify;
 138         inst->alg.key_size = ecdsa_p1363_key_size;
 139         inst->alg.max_size = ecdsa_p1363_max_size;
 140         inst->alg.digest_size = ecdsa_p1363_digest_size;
 141         inst->alg.set_pub_key = ecdsa_p1363_set_pub_key;
 142
 143         inst->free = ecdsa_p1363_free;
 144
 145         err = sig_register_instance(tmpl, inst);
 146         if (err) {
 147 err_free_inst:
 148                 ecdsa_p1363_free(inst);
 149         }
 150         return err;
 151 }
 152
 153 struct crypto_template ecdsa_p1363_tmpl = {
 154         .name = "p1363",
 155         .create = ecdsa_p1363_create,
 156         .module = THIS_MODULE,
 157 };
 158
 159 MODULE_ALIAS_CRYPTO("p1363");