1// SPDX-License-Identifier: GPL-2.0
  2/*
  3 * ECDSA P1363 signature encoding
  4 *
  5 * Copyright (c) 2024 Intel Corporation
  6 */
  7
  8#include <linux/err.h>
  9#include <linux/module.h>
 10#include <crypto/algapi.h>
 11#include <crypto/sig.h>
 12#include <crypto/internal/ecc.h>
 13#include <crypto/internal/sig.h>
 14
 15struct ecdsa_p1363_ctx {
 16	struct crypto_sig *child;
 17};
 18
 19static int ecdsa_p1363_verify(struct crypto_sig *tfm,
 20			      const void *src, unsigned int slen,
 21			      const void *digest, unsigned int dlen)
 22{
 23	struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
 24	unsigned int keylen = crypto_sig_keysize(ctx->child);
 25	unsigned int ndigits = DIV_ROUND_UP(keylen, sizeof(u64));
 26	struct ecdsa_raw_sig sig;
 27
 28	if (slen != 2 * keylen)
 29		return -EINVAL;
 30
 31	ecc_digits_from_bytes(src, keylen, sig.r, ndigits);
 32	ecc_digits_from_bytes(src + keylen, keylen, sig.s, ndigits);
 33
 34	return crypto_sig_verify(ctx->child, &sig, sizeof(sig), digest, dlen);
 35}
 36
 37static unsigned int ecdsa_p1363_key_size(struct crypto_sig *tfm)
 38{
 39	struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
 40
 41	return crypto_sig_keysize(ctx->child);
 42}
 43
 44static unsigned int ecdsa_p1363_max_size(struct crypto_sig *tfm)
 45{
 46	struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
 47
 48	return 2 * crypto_sig_keysize(ctx->child);
 49}
 50
 51static unsigned int ecdsa_p1363_digest_size(struct crypto_sig *tfm)
 52{
 53	struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
 54
 55	return crypto_sig_digestsize(ctx->child);
 56}
 57
 58static int ecdsa_p1363_set_pub_key(struct crypto_sig *tfm,
 59				   const void *key, unsigned int keylen)
 60{
 61	struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
 62
 63	return crypto_sig_set_pubkey(ctx->child, key, keylen);
 64}
 65
 66static int ecdsa_p1363_init_tfm(struct crypto_sig *tfm)
 67{
 68	struct sig_instance *inst = sig_alg_instance(tfm);
 69	struct crypto_sig_spawn *spawn = sig_instance_ctx(inst);
 70	struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
 71	struct crypto_sig *child_tfm;
 72
 73	child_tfm = crypto_spawn_sig(spawn);
 74	if (IS_ERR(child_tfm))
 75		return PTR_ERR(child_tfm);
 76
 77	ctx->child = child_tfm;
 78
 79	return 0;
 80}
 81
 82static void ecdsa_p1363_exit_tfm(struct crypto_sig *tfm)
 83{
 84	struct ecdsa_p1363_ctx *ctx = crypto_sig_ctx(tfm);
 85
 86	crypto_free_sig(ctx->child);
 87}
 88
 89static void ecdsa_p1363_free(struct sig_instance *inst)
 90{
 91	struct crypto_sig_spawn *spawn = sig_instance_ctx(inst);
 92
 93	crypto_drop_sig(spawn);
 94	kfree(inst);
 95}
 96
 97static int ecdsa_p1363_create(struct crypto_template *tmpl, struct rtattr **tb)
 98{
 99	struct crypto_sig_spawn *spawn;
100	struct sig_instance *inst;
101	struct sig_alg *ecdsa_alg;
102	u32 mask;
103	int err;
104
105	err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_SIG, &mask);
106	if (err)
107		return err;
108
109	inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL);
110	if (!inst)
111		return -ENOMEM;
112
113	spawn = sig_instance_ctx(inst);
114
115	err = crypto_grab_sig(spawn, sig_crypto_instance(inst),
116			      crypto_attr_alg_name(tb[1]), 0, mask);
117	if (err)
118		goto err_free_inst;
119
120	ecdsa_alg = crypto_spawn_sig_alg(spawn);
121
122	err = -EINVAL;
123	if (strncmp(ecdsa_alg->base.cra_name, "ecdsa", 5) != 0)
124		goto err_free_inst;
125
126	err = crypto_inst_setname(sig_crypto_instance(inst), tmpl->name,
127				  &ecdsa_alg->base);
128	if (err)
129		goto err_free_inst;
130
131	inst->alg.base.cra_priority = ecdsa_alg->base.cra_priority;
132	inst->alg.base.cra_ctxsize = sizeof(struct ecdsa_p1363_ctx);
133
134	inst->alg.init = ecdsa_p1363_init_tfm;
135	inst->alg.exit = ecdsa_p1363_exit_tfm;
136
137	inst->alg.verify = ecdsa_p1363_verify;
138	inst->alg.key_size = ecdsa_p1363_key_size;
139	inst->alg.max_size = ecdsa_p1363_max_size;
140	inst->alg.digest_size = ecdsa_p1363_digest_size;
141	inst->alg.set_pub_key = ecdsa_p1363_set_pub_key;
142
143	inst->free = ecdsa_p1363_free;
144
145	err = sig_register_instance(tmpl, inst);
146	if (err) {
147err_free_inst:
148		ecdsa_p1363_free(inst);
149	}
150	return err;
151}
152
153struct crypto_template ecdsa_p1363_tmpl = {
154	.name = "p1363",
155	.create = ecdsa_p1363_create,
156	.module = THIS_MODULE,
157};
158
159MODULE_ALIAS_CRYPTO("p1363");