* [PATCH v2 0/2] crypto: ecdh & ecc: Fix private key byte ordering issues
@ 2024-04-17 16:21 Stefan Berger
2024-04-17 16:21 ` [PATCH v2 1/2] crypto: ecdh - Pass private key in proper byte order to check valid key Stefan Berger
2024-04-17 16:21 ` [PATCH v2 2/2] crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order Stefan Berger
0 siblings, 2 replies; 5+ messages in thread
From: Stefan Berger @ 2024-04-17 16:21 UTC (permalink / raw)
To: linux-crypto, herbert, davem
Cc: linux-kernel, jarkko, ardb, salvatore.benedetto, git,
Stefan Berger
The 1st patch fixes a byte ordering issue where ctx->private_key is
currently passed to ecc_is_key_valid but the key is in reverse byte order.
To solve this issue it introduces the variable 'priv' that is already used
throughout the ecc and ecdh code bases for a private key in proper byte
order and calls the function with 'priv'.
The 2nd patch gets rid of the 'priv' variable wherever it is used to hold
a private key (byte-swapped initialized from ctx->private_key) in proper
byte order and uses ctx->private_key directly that is now initialized in
proper byte order.
Regards,
Stefan
v2:
- Added missing zeroizing of priv variable (1/2)
- Improved patch description (2/2)
Stefan Berger (2):
crypto: ecdh - Pass private key in proper byte order to check valid
key
crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order
crypto/ecc.c | 29 ++++++++++-------------------
crypto/ecdh.c | 9 ++++++---
include/crypto/internal/ecc.h | 3 ++-
3 files changed, 18 insertions(+), 23 deletions(-)
--
2.43.0
^ permalink raw reply [flat|nested] 5+ messages in thread* [PATCH v2 1/2] crypto: ecdh - Pass private key in proper byte order to check valid key 2024-04-17 16:21 [PATCH v2 0/2] crypto: ecdh & ecc: Fix private key byte ordering issues Stefan Berger @ 2024-04-17 16:21 ` Stefan Berger 2024-04-17 22:42 ` Jarkko Sakkinen 2024-04-17 16:21 ` [PATCH v2 2/2] crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order Stefan Berger 1 sibling, 1 reply; 5+ messages in thread From: Stefan Berger @ 2024-04-17 16:21 UTC (permalink / raw) To: linux-crypto, herbert, davem Cc: linux-kernel, jarkko, ardb, salvatore.benedetto, git, Stefan Berger ecc_is_key_valid expects a key with the most significant digit in the last entry of the digit array. Currently ecdh_set_secret passes a reversed key to ecc_is_key_valid that then passes the rather simple test checking whether the private key is in range [2, n-3]. For all current ecdh- supported curves (NIST P192/256/384) the 'n' parameter is a rather large number, therefore easily passing this test. Throughout the ecdh and ecc codebase the variable 'priv' is used for a private_key holding the bytes in proper byte order. Therefore, introduce priv in ecdh_set_secret and copy the bytes from ctx->private_key into priv in proper byte order by using ecc_swap_digits. Pass priv to ecc_is_valid_key. Cc: Ard Biesheuvel <ardb@kernel.org> Cc: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- crypto/ecdh.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/crypto/ecdh.c b/crypto/ecdh.c index 3049f147e011..c02c9a2b9682 100644 --- a/crypto/ecdh.c +++ b/crypto/ecdh.c @@ -27,7 +27,9 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, unsigned int len) { struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); + u64 priv[ECC_MAX_DIGITS]; struct ecdh params; + int ret = 0; if (crypto_ecdh_decode_key(buf, len, ¶ms) < 0 || params.key_size > sizeof(u64) * ctx->ndigits) @@ -40,13 +42,16 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, ctx->private_key); memcpy(ctx->private_key, params.key, params.key_size); + ecc_swap_digits(ctx->private_key, priv, ctx->ndigits); if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits, - ctx->private_key, params.key_size) < 0) { + priv, params.key_size) < 0) { memzero_explicit(ctx->private_key, params.key_size); - return -EINVAL; + ret = -EINVAL; } - return 0; + memzero_explicit(priv, sizeof(priv)); + + return ret; } static int ecdh_compute_value(struct kpp_request *req) -- 2.43.0 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2 1/2] crypto: ecdh - Pass private key in proper byte order to check valid key 2024-04-17 16:21 ` [PATCH v2 1/2] crypto: ecdh - Pass private key in proper byte order to check valid key Stefan Berger @ 2024-04-17 22:42 ` Jarkko Sakkinen 0 siblings, 0 replies; 5+ messages in thread From: Jarkko Sakkinen @ 2024-04-17 22:42 UTC (permalink / raw) To: Stefan Berger, linux-crypto, herbert, davem Cc: linux-kernel, ardb, salvatore.benedetto, git On Wed Apr 17, 2024 at 7:21 PM EEST, Stefan Berger wrote: > ecc_is_key_valid expects a key with the most significant digit in the last > entry of the digit array. Currently ecdh_set_secret passes a reversed key > to ecc_is_key_valid that then passes the rather simple test checking > whether the private key is in range [2, n-3]. For all current ecdh- > supported curves (NIST P192/256/384) the 'n' parameter is a rather large > number, therefore easily passing this test. > > Throughout the ecdh and ecc codebase the variable 'priv' is used for a > private_key holding the bytes in proper byte order. Therefore, introduce > priv in ecdh_set_secret and copy the bytes from ctx->private_key into > priv in proper byte order by using ecc_swap_digits. Pass priv to > ecc_is_valid_key. > > Cc: Ard Biesheuvel <ardb@kernel.org> > Cc: Salvatore Benedetto <salvatore.benedetto@intel.com> > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > --- > crypto/ecdh.c | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/crypto/ecdh.c b/crypto/ecdh.c > index 3049f147e011..c02c9a2b9682 100644 > --- a/crypto/ecdh.c > +++ b/crypto/ecdh.c > @@ -27,7 +27,9 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, > unsigned int len) > { > struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); > + u64 priv[ECC_MAX_DIGITS]; > struct ecdh params; > + int ret = 0; > > if (crypto_ecdh_decode_key(buf, len, ¶ms) < 0 || > params.key_size > sizeof(u64) * ctx->ndigits) > @@ -40,13 +42,16 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, > ctx->private_key); > > memcpy(ctx->private_key, params.key, params.key_size); > + ecc_swap_digits(ctx->private_key, priv, ctx->ndigits); > > if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits, > - ctx->private_key, params.key_size) < 0) { > + priv, params.key_size) < 0) { > memzero_explicit(ctx->private_key, params.key_size); > - return -EINVAL; > + ret = -EINVAL; > } > - return 0; > + memzero_explicit(priv, sizeof(priv)); > + > + return ret; > } > > static int ecdh_compute_value(struct kpp_request *req) Acked-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko ^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2 2/2] crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order 2024-04-17 16:21 [PATCH v2 0/2] crypto: ecdh & ecc: Fix private key byte ordering issues Stefan Berger 2024-04-17 16:21 ` [PATCH v2 1/2] crypto: ecdh - Pass private key in proper byte order to check valid key Stefan Berger @ 2024-04-17 16:21 ` Stefan Berger 2024-04-17 22:43 ` Jarkko Sakkinen 1 sibling, 1 reply; 5+ messages in thread From: Stefan Berger @ 2024-04-17 16:21 UTC (permalink / raw) To: linux-crypto, herbert, davem Cc: linux-kernel, jarkko, ardb, salvatore.benedetto, git, Stefan Berger The private key in ctx->private_key is currently initialized in reverse byte order in ecdh_set_secret and whenever the key is needed in proper byte order the variable priv is introduced and the bytes from ctx->private_key are copied into priv while being byte-swapped (ecc_swap_digits). To get rid of the unnecessary byte swapping initialize ctx->private_key in proper byte order and clean up all functions that were previously using priv or were called with ctx->private_key: - ecc_gen_privkey: Directly initialize the passed ctx->private_key with random bytes and get rid of the priv variable. This function only has ecdh_set_secret as a caller. - crypto_ecdh_shared_secret: Called only from ecdh_compute_value with ctx->private_key. Get rid of the priv variable and work with the passed private_key directly. - ecc_make_pub_key: Called only from ecdh_compute_value with ctx->private_key. Get rid of the priv variable and work with the passed private_key directly. Cc: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- crypto/ecc.c | 29 ++++++++++------------------- crypto/ecdh.c | 8 +++----- include/crypto/internal/ecc.h | 3 ++- 3 files changed, 15 insertions(+), 25 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index 2e05387b9499..c1d2e884be1e 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -1497,10 +1497,10 @@ EXPORT_SYMBOL(ecc_is_key_valid); * This method generates a private key uniformly distributed in the range * [2, n-3]. */ -int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey) +int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, + u64 *private_key) { const struct ecc_curve *curve = ecc_get_curve(curve_id); - u64 priv[ECC_MAX_DIGITS]; unsigned int nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT; unsigned int nbits = vli_num_bits(curve->n, ndigits); int err; @@ -1509,7 +1509,7 @@ int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey) * Step 1 & 2: check that N is included in Table 1 of FIPS 186-5, * section 6.1.1. */ - if (nbits < 224 || ndigits > ARRAY_SIZE(priv)) + if (nbits < 224) return -EINVAL; /* @@ -1527,17 +1527,16 @@ int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey) return -EFAULT; /* Step 3: obtain N returned_bits from the DRBG. */ - err = crypto_rng_get_bytes(crypto_default_rng, (u8 *)priv, nbytes); + err = crypto_rng_get_bytes(crypto_default_rng, + (u8 *)private_key, nbytes); crypto_put_default_rng(); if (err) return err; /* Step 4: make sure the private key is in the valid range. */ - if (__ecc_is_key_valid(curve, priv, ndigits)) + if (__ecc_is_key_valid(curve, private_key, ndigits)) return -EINVAL; - ecc_swap_digits(priv, privkey, ndigits); - return 0; } EXPORT_SYMBOL(ecc_gen_privkey); @@ -1547,23 +1546,20 @@ int ecc_make_pub_key(unsigned int curve_id, unsigned int ndigits, { int ret = 0; struct ecc_point *pk; - u64 priv[ECC_MAX_DIGITS]; const struct ecc_curve *curve = ecc_get_curve(curve_id); - if (!private_key || ndigits > ARRAY_SIZE(priv)) { + if (!private_key) { ret = -EINVAL; goto out; } - ecc_swap_digits(private_key, priv, ndigits); - pk = ecc_alloc_point(ndigits); if (!pk) { ret = -ENOMEM; goto out; } - ecc_point_mult(pk, &curve->g, priv, NULL, curve, ndigits); + ecc_point_mult(pk, &curve->g, private_key, NULL, curve, ndigits); /* SP800-56A rev 3 5.6.2.1.3 key check */ if (ecc_is_pubkey_valid_full(curve, pk)) { @@ -1647,13 +1643,11 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits, { int ret = 0; struct ecc_point *product, *pk; - u64 priv[ECC_MAX_DIGITS]; u64 rand_z[ECC_MAX_DIGITS]; unsigned int nbytes; const struct ecc_curve *curve = ecc_get_curve(curve_id); - if (!private_key || !public_key || - ndigits > ARRAY_SIZE(priv) || ndigits > ARRAY_SIZE(rand_z)) { + if (!private_key || !public_key || ndigits > ARRAY_SIZE(rand_z)) { ret = -EINVAL; goto out; } @@ -1674,15 +1668,13 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits, if (ret) goto err_alloc_product; - ecc_swap_digits(private_key, priv, ndigits); - product = ecc_alloc_point(ndigits); if (!product) { ret = -ENOMEM; goto err_alloc_product; } - ecc_point_mult(product, pk, priv, rand_z, curve, ndigits); + ecc_point_mult(product, pk, private_key, rand_z, curve, ndigits); if (ecc_point_is_zero(product)) { ret = -EFAULT; @@ -1692,7 +1684,6 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits, ecc_swap_digits(product->x, secret, ndigits); err_validity: - memzero_explicit(priv, sizeof(priv)); memzero_explicit(rand_z, sizeof(rand_z)); ecc_free_point(product); err_alloc_product: diff --git a/crypto/ecdh.c b/crypto/ecdh.c index c02c9a2b9682..72cfd1590156 100644 --- a/crypto/ecdh.c +++ b/crypto/ecdh.c @@ -27,7 +27,6 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, unsigned int len) { struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); - u64 priv[ECC_MAX_DIGITS]; struct ecdh params; int ret = 0; @@ -41,15 +40,14 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, return ecc_gen_privkey(ctx->curve_id, ctx->ndigits, ctx->private_key); - memcpy(ctx->private_key, params.key, params.key_size); - ecc_swap_digits(ctx->private_key, priv, ctx->ndigits); + ecc_digits_from_bytes(params.key, params.key_size, + ctx->private_key, ctx->ndigits); if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits, - priv, params.key_size) < 0) { + ctx->private_key, params.key_size) < 0) { memzero_explicit(ctx->private_key, params.key_size); ret = -EINVAL; } - memzero_explicit(priv, sizeof(priv)); return ret; } diff --git a/include/crypto/internal/ecc.h b/include/crypto/internal/ecc.h index 4e2f5f938e91..7ca1f463d1ec 100644 --- a/include/crypto/internal/ecc.h +++ b/include/crypto/internal/ecc.h @@ -103,7 +103,8 @@ int ecc_is_key_valid(unsigned int curve_id, unsigned int ndigits, * Returns 0 if the private key was generated successfully, a negative value * if an error occurred. */ -int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey); +int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, + u64 *private_key); /** * ecc_make_pub_key() - Compute an ECC public key -- 2.43.0 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH v2 2/2] crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order 2024-04-17 16:21 ` [PATCH v2 2/2] crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order Stefan Berger @ 2024-04-17 22:43 ` Jarkko Sakkinen 0 siblings, 0 replies; 5+ messages in thread From: Jarkko Sakkinen @ 2024-04-17 22:43 UTC (permalink / raw) To: Stefan Berger, linux-crypto, herbert, davem Cc: linux-kernel, ardb, salvatore.benedetto, git On Wed Apr 17, 2024 at 7:21 PM EEST, Stefan Berger wrote: > The private key in ctx->private_key is currently initialized in reverse > byte order in ecdh_set_secret and whenever the key is needed in proper > byte order the variable priv is introduced and the bytes from > ctx->private_key are copied into priv while being byte-swapped > (ecc_swap_digits). To get rid of the unnecessary byte swapping initialize > ctx->private_key in proper byte order and clean up all functions that were > previously using priv or were called with ctx->private_key: > > - ecc_gen_privkey: Directly initialize the passed ctx->private_key with > random bytes and get rid of the priv variable. This function only has > ecdh_set_secret as a caller. > > - crypto_ecdh_shared_secret: Called only from ecdh_compute_value with > ctx->private_key. Get rid of the priv variable and work with the passed > private_key directly. > > - ecc_make_pub_key: Called only from ecdh_compute_value with > ctx->private_key. Get rid of the priv variable and work with the passed > private_key directly. > > Cc: Salvatore Benedetto <salvatore.benedetto@intel.com> > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > --- > crypto/ecc.c | 29 ++++++++++------------------- > crypto/ecdh.c | 8 +++----- > include/crypto/internal/ecc.h | 3 ++- > 3 files changed, 15 insertions(+), 25 deletions(-) > > diff --git a/crypto/ecc.c b/crypto/ecc.c > index 2e05387b9499..c1d2e884be1e 100644 > --- a/crypto/ecc.c > +++ b/crypto/ecc.c > @@ -1497,10 +1497,10 @@ EXPORT_SYMBOL(ecc_is_key_valid); > * This method generates a private key uniformly distributed in the range > * [2, n-3]. > */ > -int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey) > +int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, > + u64 *private_key) > { > const struct ecc_curve *curve = ecc_get_curve(curve_id); > - u64 priv[ECC_MAX_DIGITS]; > unsigned int nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT; > unsigned int nbits = vli_num_bits(curve->n, ndigits); > int err; > @@ -1509,7 +1509,7 @@ int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey) > * Step 1 & 2: check that N is included in Table 1 of FIPS 186-5, > * section 6.1.1. > */ > - if (nbits < 224 || ndigits > ARRAY_SIZE(priv)) > + if (nbits < 224) > return -EINVAL; > > /* > @@ -1527,17 +1527,16 @@ int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey) > return -EFAULT; > > /* Step 3: obtain N returned_bits from the DRBG. */ > - err = crypto_rng_get_bytes(crypto_default_rng, (u8 *)priv, nbytes); > + err = crypto_rng_get_bytes(crypto_default_rng, > + (u8 *)private_key, nbytes); > crypto_put_default_rng(); > if (err) > return err; > > /* Step 4: make sure the private key is in the valid range. */ > - if (__ecc_is_key_valid(curve, priv, ndigits)) > + if (__ecc_is_key_valid(curve, private_key, ndigits)) > return -EINVAL; > > - ecc_swap_digits(priv, privkey, ndigits); > - > return 0; > } > EXPORT_SYMBOL(ecc_gen_privkey); > @@ -1547,23 +1546,20 @@ int ecc_make_pub_key(unsigned int curve_id, unsigned int ndigits, > { > int ret = 0; > struct ecc_point *pk; > - u64 priv[ECC_MAX_DIGITS]; > const struct ecc_curve *curve = ecc_get_curve(curve_id); > > - if (!private_key || ndigits > ARRAY_SIZE(priv)) { > + if (!private_key) { > ret = -EINVAL; > goto out; > } > > - ecc_swap_digits(private_key, priv, ndigits); > - > pk = ecc_alloc_point(ndigits); > if (!pk) { > ret = -ENOMEM; > goto out; > } > > - ecc_point_mult(pk, &curve->g, priv, NULL, curve, ndigits); > + ecc_point_mult(pk, &curve->g, private_key, NULL, curve, ndigits); > > /* SP800-56A rev 3 5.6.2.1.3 key check */ > if (ecc_is_pubkey_valid_full(curve, pk)) { > @@ -1647,13 +1643,11 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits, > { > int ret = 0; > struct ecc_point *product, *pk; > - u64 priv[ECC_MAX_DIGITS]; > u64 rand_z[ECC_MAX_DIGITS]; > unsigned int nbytes; > const struct ecc_curve *curve = ecc_get_curve(curve_id); > > - if (!private_key || !public_key || > - ndigits > ARRAY_SIZE(priv) || ndigits > ARRAY_SIZE(rand_z)) { > + if (!private_key || !public_key || ndigits > ARRAY_SIZE(rand_z)) { > ret = -EINVAL; > goto out; > } > @@ -1674,15 +1668,13 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits, > if (ret) > goto err_alloc_product; > > - ecc_swap_digits(private_key, priv, ndigits); > - > product = ecc_alloc_point(ndigits); > if (!product) { > ret = -ENOMEM; > goto err_alloc_product; > } > > - ecc_point_mult(product, pk, priv, rand_z, curve, ndigits); > + ecc_point_mult(product, pk, private_key, rand_z, curve, ndigits); > > if (ecc_point_is_zero(product)) { > ret = -EFAULT; > @@ -1692,7 +1684,6 @@ int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits, > ecc_swap_digits(product->x, secret, ndigits); > > err_validity: > - memzero_explicit(priv, sizeof(priv)); > memzero_explicit(rand_z, sizeof(rand_z)); > ecc_free_point(product); > err_alloc_product: > diff --git a/crypto/ecdh.c b/crypto/ecdh.c > index c02c9a2b9682..72cfd1590156 100644 > --- a/crypto/ecdh.c > +++ b/crypto/ecdh.c > @@ -27,7 +27,6 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, > unsigned int len) > { > struct ecdh_ctx *ctx = ecdh_get_ctx(tfm); > - u64 priv[ECC_MAX_DIGITS]; > struct ecdh params; > int ret = 0; > > @@ -41,15 +40,14 @@ static int ecdh_set_secret(struct crypto_kpp *tfm, const void *buf, > return ecc_gen_privkey(ctx->curve_id, ctx->ndigits, > ctx->private_key); > > - memcpy(ctx->private_key, params.key, params.key_size); > - ecc_swap_digits(ctx->private_key, priv, ctx->ndigits); > + ecc_digits_from_bytes(params.key, params.key_size, > + ctx->private_key, ctx->ndigits); > > if (ecc_is_key_valid(ctx->curve_id, ctx->ndigits, > - priv, params.key_size) < 0) { > + ctx->private_key, params.key_size) < 0) { > memzero_explicit(ctx->private_key, params.key_size); > ret = -EINVAL; > } > - memzero_explicit(priv, sizeof(priv)); > > return ret; > } > diff --git a/include/crypto/internal/ecc.h b/include/crypto/internal/ecc.h > index 4e2f5f938e91..7ca1f463d1ec 100644 > --- a/include/crypto/internal/ecc.h > +++ b/include/crypto/internal/ecc.h > @@ -103,7 +103,8 @@ int ecc_is_key_valid(unsigned int curve_id, unsigned int ndigits, > * Returns 0 if the private key was generated successfully, a negative value > * if an error occurred. > */ > -int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey); > +int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, > + u64 *private_key); > > /** > * ecc_make_pub_key() - Compute an ECC public key Acked-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-04-17 22:43 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2024-04-17 16:21 [PATCH v2 0/2] crypto: ecdh & ecc: Fix private key byte ordering issues Stefan Berger 2024-04-17 16:21 ` [PATCH v2 1/2] crypto: ecdh - Pass private key in proper byte order to check valid key Stefan Berger 2024-04-17 22:42 ` Jarkko Sakkinen 2024-04-17 16:21 ` [PATCH v2 2/2] crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order Stefan Berger 2024-04-17 22:43 ` Jarkko Sakkinen
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).