From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Fri, 26 Mar 2021 08:55:55 +0000 (+1100)
Subject: Merge branch 'ecc'
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=3877869d13a043a2dbab0d034e5eac3b21f4994d;p=linux.git

Merge branch 'ecc'

This pulls in the NIST P384/256/192 x509 changes.
---

3877869d13a043a2dbab0d034e5eac3b21f4994d
diff --cc crypto/ecc.h
index 38a81d404821d,3bee655d437df..46aa9bc03ddc3
--- a/crypto/ecc.h
+++ b/crypto/ecc.h
@@@ -35,8 -34,68 +36,33 @@@
  
  #define ECC_DIGITS_TO_BYTES_SHIFT 3
  
+ #define ECC_MAX_BYTES (ECC_MAX_DIGITS << ECC_DIGITS_TO_BYTES_SHIFT)
+ 
 -/**
 - * struct ecc_point - elliptic curve point in affine coordinates
 - *
 - * @x:		X coordinate in vli form.
 - * @y:		Y coordinate in vli form.
 - * @ndigits:	Length of vlis in u64 qwords.
 - */
 -struct ecc_point {
 -	u64 *x;
 -	u64 *y;
 -	u8 ndigits;
 -};
 -
  #define ECC_POINT_INIT(x, y, ndigits)	(struct ecc_point) { x, y, ndigits }
  
 -/**
 - * struct ecc_curve - definition of elliptic curve
 - *
 - * @name:	Short name of the curve.
 - * @g:		Generator point of the curve.
 - * @p:		Prime number, if Barrett's reduction is used for this curve
 - *		pre-calculated value 'mu' is appended to the @p after ndigits.
 - *		Use of Barrett's reduction is heuristically determined in
 - *		vli_mmod_fast().
 - * @n:		Order of the curve group.
 - * @a:		Curve parameter a.
 - * @b:		Curve parameter b.
 - */
 -struct ecc_curve {
 -	char *name;
 -	struct ecc_point g;
 -	u64 *p;
 -	u64 *n;
 -	u64 *a;
 -	u64 *b;
 -};
 -
+ /**
+  * ecc_swap_digits() - Copy ndigits from big endian array to native array
+  * @in:       Input array
+  * @out:      Output array
+  * @ndigits:  Number of digits to copy
+  */
+ static inline void ecc_swap_digits(const u64 *in, u64 *out, unsigned int ndigits)
+ {
+ 	const __be64 *src = (__force __be64 *)in;
+ 	int i;
+ 
+ 	for (i = 0; i < ndigits; i++)
+ 		out[i] = be64_to_cpu(src[ndigits - 1 - i]);
+ }
+ 
+ /**
+  * ecc_get_curve()  - Get a curve given its curve_id
+  * @curve_id:  Id of the curve
+  *
+  * Returns pointer to the curve data, NULL if curve is not available
+  */
+ const struct ecc_curve *ecc_get_curve(unsigned int curve_id);
+ 
  /**
   * ecc_is_key_valid() - Validate a given ECDH private key
   *
diff --cc crypto/ecc_curve_defs.h
index d7769ccc4c8e6,b327732f6ef53..9719934c9428e
--- a/crypto/ecc_curve_defs.h
+++ b/crypto/ecc_curve_defs.h
@@@ -54,21 -54,36 +54,53 @@@ static struct ecc_curve nist_p256 = 
  	.b = nist_p256_b
  };
  
+ /* NIST P-384 */
+ static u64 nist_p384_g_x[] = { 0x3A545E3872760AB7ull, 0x5502F25DBF55296Cull,
+ 				0x59F741E082542A38ull, 0x6E1D3B628BA79B98ull,
+ 				0x8Eb1C71EF320AD74ull, 0xAA87CA22BE8B0537ull };
+ static u64 nist_p384_g_y[] = { 0x7A431D7C90EA0E5Full, 0x0A60B1CE1D7E819Dull,
+ 				0xE9DA3113B5F0B8C0ull, 0xF8F41DBD289A147Cull,
+ 				0x5D9E98BF9292DC29ull, 0x3617DE4A96262C6Full };
+ static u64 nist_p384_p[] = { 0x00000000FFFFFFFFull, 0xFFFFFFFF00000000ull,
+ 				0xFFFFFFFFFFFFFFFEull, 0xFFFFFFFFFFFFFFFFull,
+ 				0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
+ static u64 nist_p384_n[] = { 0xECEC196ACCC52973ull, 0x581A0DB248B0A77Aull,
+ 				0xC7634D81F4372DDFull, 0xFFFFFFFFFFFFFFFFull,
+ 				0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
+ static u64 nist_p384_a[] = { 0x00000000FFFFFFFCull, 0xFFFFFFFF00000000ull,
+ 				0xFFFFFFFFFFFFFFFEull, 0xFFFFFFFFFFFFFFFFull,
+ 				0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
+ static u64 nist_p384_b[] = { 0x2a85c8edd3ec2aefull, 0xc656398d8a2ed19dull,
+ 				0x0314088f5013875aull, 0x181d9c6efe814112ull,
+ 				0x988e056be3f82d19ull, 0xb3312fa7e23ee7e4ull };
+ static struct ecc_curve nist_p384 = {
+ 	.name = "nist_384",
+ 	.g = {
+ 		.x = nist_p384_g_x,
+ 		.y = nist_p384_g_y,
+ 		.ndigits = 6,
+ 	},
+ 	.p = nist_p384_p,
+ 	.n = nist_p384_n,
+ 	.a = nist_p384_a,
+ 	.b = nist_p384_b
+ };
+ 
 +/* curve25519 */
 +static u64 curve25519_g_x[] = { 0x0000000000000009, 0x0000000000000000,
 +				0x0000000000000000, 0x0000000000000000 };
 +static u64 curve25519_p[] = { 0xffffffffffffffed, 0xffffffffffffffff,
 +				0xffffffffffffffff, 0x7fffffffffffffff };
 +static u64 curve25519_a[] = { 0x000000000001DB41, 0x0000000000000000,
 +				0x0000000000000000, 0x0000000000000000 };
 +static const struct ecc_curve ecc_25519 = {
 +	.name = "curve25519",
 +	.g = {
 +		.x = curve25519_g_x,
 +		.ndigits = 4,
 +	},
 +	.p = curve25519_p,
 +	.a = curve25519_a,
 +};
 +
  #endif
diff --cc crypto/testmgr.c
index fbe5d6486f8c1,367aba9925481..10c5b3b01ec47
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@@ -4912,8 -4908,26 +4912,26 @@@ static const struct alg_test_desc alg_t
  		.test = alg_test_kpp,
  		.fips_allowed = 1,
  		.suite = {
 -			.kpp = __VECS(ecdh_tv_template)
 +			.kpp = __VECS(ecdh_p256_tv_template)
  		}
+ 	}, {
+ 		.alg = "ecdsa-nist-p192",
+ 		.test = alg_test_akcipher,
+ 		.suite = {
+ 			.akcipher = __VECS(ecdsa_nist_p192_tv_template)
+ 		}
+ 	}, {
+ 		.alg = "ecdsa-nist-p256",
+ 		.test = alg_test_akcipher,
+ 		.suite = {
+ 			.akcipher = __VECS(ecdsa_nist_p256_tv_template)
+ 		}
+ 	}, {
+ 		.alg = "ecdsa-nist-p384",
+ 		.test = alg_test_akcipher,
+ 		.suite = {
+ 			.akcipher = __VECS(ecdsa_nist_p384_tv_template)
+ 		}
  	}, {
  		.alg = "ecrdsa",
  		.test = alg_test_akcipher,