diff options
author | Pauli <paul.dale@oracle.com> | 2020-03-18 09:25:33 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-04-17 19:51:37 +1000 |
commit | 43cd37014ef4433ae8e82ba64bddc42cf0bd618a (patch) | |
tree | bced2c75951e842e5e04bf16a8481a029c4d5f81 /crypto | |
parent | 1ee1e551148d963b566a69c2e6e9a583646112fc (diff) |
ecx: add key generation support.
Specifically for x25519, x448, ed25519 and ed448.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11371)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/ec/build.info | 2 | ||||
-rw-r--r-- | crypto/ec/curve25519.c | 17 | ||||
-rw-r--r-- | crypto/ec/curve448/curve448_local.h | 3 | ||||
-rw-r--r-- | crypto/ec/ec_local.h | 2 | ||||
-rw-r--r-- | crypto/ec/ecx_meth.c | 6 |
5 files changed, 20 insertions, 10 deletions
diff --git a/crypto/ec/build.info b/crypto/ec/build.info index a802beaa68..ee42d8d89a 100644 --- a/crypto/ec/build.info +++ b/crypto/ec/build.info @@ -44,7 +44,7 @@ IF[{- !$disabled{asm} -}] ENDIF $COMMON=ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \ - ec_curve.c ec_check.c ec_print.c ec_key.c ec_asn1.c \ + ec_curve.c ec_check.c ec_print.c ec_key.c ecx_key.c ec_asn1.c \ ec2_smpl.c \ ecp_oct.c ec2_oct.c ec_oct.c ec_kmeth.c ecdh_ossl.c \ ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c \ diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c index 8db6cdb16d..b8e998a0f4 100644 --- a/crypto/ec/curve25519.c +++ b/crypto/ec/curve25519.c @@ -5577,13 +5577,23 @@ err: return res; } -void ED25519_public_from_private(uint8_t out_public_key[32], - const uint8_t private_key[32]) +int ED25519_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[32], + const uint8_t private_key[32]) { uint8_t az[SHA512_DIGEST_LENGTH]; ge_p3 A; + int r; + EVP_MD *sha512 = NULL; - SHA512(private_key, 32, az); + sha512 = EVP_MD_fetch(ctx, SN_sha512, NULL); + if (sha512 == NULL) + return 0; + r = EVP_Digest(private_key, 32, az, NULL, sha512, NULL); + EVP_MD_free(sha512); + if (!r) { + OPENSSL_cleanse(az, sizeof(az)); + return 0; + } az[0] &= 248; az[31] &= 63; @@ -5593,6 +5603,7 @@ void ED25519_public_from_private(uint8_t out_public_key[32], ge_p3_tobytes(out_public_key, &A); OPENSSL_cleanse(az, sizeof(az)); + return 1; } int X25519(uint8_t out_shared_key[32], const uint8_t private_key[32], diff --git a/crypto/ec/curve448/curve448_local.h b/crypto/ec/curve448/curve448_local.h index b70a1b5406..5b3b71ff62 100644 --- a/crypto/ec/curve448/curve448_local.h +++ b/crypto/ec/curve448/curve448_local.h @@ -18,7 +18,4 @@ int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64], const uint8_t signature[114], const uint8_t public_key[57], const uint8_t *context, size_t context_len); -int ED448_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[57], - const uint8_t private_key[57]); - #endif /* OSSL_CRYPTO_EC_CURVE448_LOCAL_H */ diff --git a/crypto/ec/ec_local.h b/crypto/ec/ec_local.h index b5963a7e5f..d10de2fc98 100644 --- a/crypto/ec/ec_local.h +++ b/crypto/ec/ec_local.h @@ -679,8 +679,6 @@ ECDSA_SIG *ecdsa_simple_sign_sig(const unsigned char *dgst, int dgst_len, int ecdsa_simple_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, EC_KEY *eckey); -void ED25519_public_from_private(uint8_t out_public_key[32], - const uint8_t private_key[32]); /*- * This functions computes a single point multiplication over the EC group, diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 62a73f9b08..43522bd19b 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -93,7 +93,11 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg, X25519_public_from_private(pubkey, privkey); break; case EVP_PKEY_ED25519: - ED25519_public_from_private(pubkey, privkey); + /* + * TODO(3.0): We set the library context to NULL for now. This will + * need to change. + */ + ED25519_public_from_private(NULL, pubkey, privkey); break; case EVP_PKEY_X448: X448_public_from_private(pubkey, privkey); |