diff options
author | Tudor-Dan Ambarus <tudor.ambarus@microchip.com> | 2017-05-30 16:52:48 +0200 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2017-06-10 06:04:35 +0200 |
commit | 6755fd269d5c100b0eca420db501ae58435efd6e (patch) | |
tree | 647d5f929f4ebb6a50eae63afc645cae32fa9f4a /crypto/ecdh.c | |
parent | crypto: cavium - Register the CNN55XX supported crypto algorithms. (diff) | |
download | linux-6755fd269d5c100b0eca420db501ae58435efd6e.tar.xz linux-6755fd269d5c100b0eca420db501ae58435efd6e.zip |
crypto: ecdh - add privkey generation support
Add support for generating ecc private keys.
Generation of ecc private keys is helpful in a user-space to kernel
ecdh offload because the keys are not revealed to user-space. Private
key generation is also helpful to implement forward secrecy.
If the user provides a NULL ecc private key, the kernel will generate it
and further use it for ecdh.
Move ecdh's object files below drbg's. drbg must be present in the kernel
at the time of calling.
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Reviewed-by: Stephan Müller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/ecdh.c')
-rw-r--r-- | crypto/ecdh.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 4aa0b0cb4627..61c7708905d0 100644 --- a/crypto/ecdh.c +++ b/crypto/ecdh.c @@ -55,6 +55,10 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, ctx->curve_id = params.curve_id; ctx->ndigits = ndigits; + if (!params.key || !params.key_size) + return ecc_gen_privkey(ctx->curve_id, ctx->ndigits, + ctx->private_key); + if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits, (const u64 *)params.key, params.key_size) < 0) return -EINVAL; |