Skip to content

Commit

Permalink
crypto: ecc - SP800-56A rev 3 local public key validation
Browse files Browse the repository at this point in the history
After the generation of a local public key, SP800-56A rev 3 section
5.6.2.1.3 mandates a validation of that key with a full validation
compliant to section 5.6.2.3.3.

Only if the full validation passes, the key is allowed to be used.

The patch adds the full key validation compliant to 5.6.2.3.3 and
performs the required check on the generated public key.

Signed-off-by: Stephan Mueller <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
  • Loading branch information
smuellerDD authored and herbertx committed Jul 31, 2020
1 parent 2ed5ba6 commit 6914dd5
Show file tree
Hide file tree
Showing 2 changed files with 44 additions and 1 deletion.
31 changes: 30 additions & 1 deletion crypto/ecc.c
Original file line number Diff line number Diff line change
Expand Up @@ -1404,7 +1404,9 @@ int ecc_make_pub_key(unsigned int curve_id, unsigned int ndigits,
}

ecc_point_mult(pk, &curve->g, priv, NULL, curve, ndigits);
if (ecc_point_is_zero(pk)) {

/* SP800-56A rev 3 5.6.2.1.3 key check */
if (ecc_is_pubkey_valid_full(curve, pk)) {
ret = -EAGAIN;
goto err_free_point;
}
Expand Down Expand Up @@ -1452,6 +1454,33 @@ int ecc_is_pubkey_valid_partial(const struct ecc_curve *curve,
}
EXPORT_SYMBOL(ecc_is_pubkey_valid_partial);

/* SP800-56A section 5.6.2.3.3 full verification */
int ecc_is_pubkey_valid_full(const struct ecc_curve *curve,
struct ecc_point *pk)
{
struct ecc_point *nQ;

/* Checks 1 through 3 */
int ret = ecc_is_pubkey_valid_partial(curve, pk);

if (ret)
return ret;

/* Check 4: Verify that nQ is the zero point. */
nQ = ecc_alloc_point(pk->ndigits);
if (!nQ)
return -ENOMEM;

ecc_point_mult(nQ, pk, curve->n, NULL, curve, pk->ndigits);
if (!ecc_point_is_zero(nQ))
ret = -EINVAL;

ecc_free_point(nQ);

return ret;
}
EXPORT_SYMBOL(ecc_is_pubkey_valid_full);

int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,
const u64 *private_key, const u64 *public_key,
u64 *secret)
Expand Down
14 changes: 14 additions & 0 deletions crypto/ecc.h
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,20 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,
int ecc_is_pubkey_valid_partial(const struct ecc_curve *curve,
struct ecc_point *pk);

/**
* ecc_is_pubkey_valid_full() - Full public key validation
*
* @curve: elliptic curve domain parameters
* @pk: public key as a point
*
* Valdiate public key according to SP800-56A section 5.6.2.3.3 ECC Full
* Public-Key Validation Routine.
*
* Return: 0 if validation is successful, -EINVAL if validation is failed.
*/
int ecc_is_pubkey_valid_full(const struct ecc_curve *curve,
struct ecc_point *pk);

/**
* vli_is_zero() - Determine is vli is zero
*
Expand Down

0 comments on commit 6914dd5

Please sign in to comment.