1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
|
/*
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <openssl/err.h>
#include <openssl/proverr.h>
#include "crypto/ecx.h"
#include "internal/common.h" /* for ossl_assert() */
#ifdef S390X_EC_ASM
#include "s390x_arch.h"
#endif
ECX_KEY *ossl_ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, int haspubkey,
const char *propq)
{
ECX_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL)
return NULL;
ret->libctx = libctx;
ret->haspubkey = haspubkey;
switch (type) {
case ECX_KEY_TYPE_X25519:
ret->keylen = X25519_KEYLEN;
break;
case ECX_KEY_TYPE_X448:
ret->keylen = X448_KEYLEN;
break;
case ECX_KEY_TYPE_ED25519:
ret->keylen = ED25519_KEYLEN;
break;
case ECX_KEY_TYPE_ED448:
ret->keylen = ED448_KEYLEN;
break;
}
ret->type = type;
if (!CRYPTO_NEW_REF(&ret->references, 1))
goto err;
if (propq != NULL) {
ret->propq = OPENSSL_strdup(propq);
if (ret->propq == NULL)
goto err;
}
return ret;
err:
if (ret != NULL) {
OPENSSL_free(ret->propq);
CRYPTO_FREE_REF(&ret->references);
}
OPENSSL_free(ret);
return NULL;
}
void ossl_ecx_key_free(ECX_KEY *key)
{
int i;
if (key == NULL)
return;
CRYPTO_DOWN_REF(&key->references, &i);
REF_PRINT_COUNT("ECX_KEY", i, key);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
OPENSSL_free(key->propq);
#ifdef OPENSSL_PEDANTIC_ZEROIZATION
OPENSSL_cleanse(&key->pubkey, sizeof(key->pubkey));
#endif
OPENSSL_secure_clear_free(key->privkey, key->keylen);
CRYPTO_FREE_REF(&key->references);
OPENSSL_free(key);
}
void ossl_ecx_key_set0_libctx(ECX_KEY *key, OSSL_LIB_CTX *libctx)
{
key->libctx = libctx;
}
int ossl_ecx_key_up_ref(ECX_KEY *key)
{
int i;
if (CRYPTO_UP_REF(&key->references, &i) <= 0)
return 0;
REF_PRINT_COUNT("ECX_KEY", i, key);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
unsigned char *ossl_ecx_key_allocate_privkey(ECX_KEY *key)
{
key->privkey = OPENSSL_secure_zalloc(key->keylen);
return key->privkey;
}
int ossl_ecx_compute_key(ECX_KEY *peer, ECX_KEY *priv, size_t keylen,
unsigned char *secret, size_t *secretlen, size_t outlen)
{
if (priv == NULL
|| priv->privkey == NULL
|| peer == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
return 0;
}
if (!ossl_assert(keylen == X25519_KEYLEN
|| keylen == X448_KEYLEN)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
if (secret == NULL) {
*secretlen = keylen;
return 1;
}
if (outlen < keylen) {
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;
}
if (keylen == X25519_KEYLEN) {
#ifdef S390X_EC_ASM
if (OPENSSL_s390xcap_P.pcc[1]
& S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) {
if (s390x_x25519_mul(secret, peer->pubkey, priv->privkey) == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
return 0;
}
} else
#endif
if (ossl_x25519(secret, priv->privkey, peer->pubkey) == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
return 0;
}
} else {
#ifdef S390X_EC_ASM
if (OPENSSL_s390xcap_P.pcc[1]
& S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) {
if (s390x_x448_mul(secret, peer->pubkey, priv->privkey) == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
return 0;
}
} else
#endif
if (ossl_x448(secret, priv->privkey, peer->pubkey) == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
return 0;
}
}
*secretlen = keylen;
return 1;
}
|
