git.ipfire.org Git - thirdparty/ipxe.git/commit

author	Michael Brown <mcb30@ipxe.org>
	Tue, 21 Jan 2025 15:29:05 +0000 (15:29 +0000)
committer	Michael Brown <mcb30@ipxe.org>
	Tue, 21 Jan 2025 15:55:33 +0000 (15:55 +0000)
commit	c9291bc5c7adfa9aa05e94aded90ba49d3dc8179
tree	f81108322d7289bf6d653e11d75eb6b58348dde2	tree
parent	df7ec31766cd08eb1e01d59afc79198f5411517e	commit \| diff

[tls] Allow for NIST elliptic curve point formats

The elliptic curve point representation for the x25519 curve includes
only the X value, since the curve is designed such that the Montgomery
ladder does not need to ever know or calculate a Y value. There is no
curve point format byte: the public key data is simply the X value.
The pre-master secret is also simply the X value of the shared secret
curve point.

The point representation for the NIST curves includes both X and Y
values, and a single curve point format byte that must indicate that
the format is uncompressed. The pre-master secret for the NIST curves
does not include both X and Y values: only the X value is used.

Extend the definition of an elliptic curve to allow the point size to
be specified separately from the key size, and extend the definition
of a TLS named curve to include an optional curve point format byte
and a pre-master secret length.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/crypto/mishmash/oid_x25519.c		diff \| blob \| blame \| history
src/crypto/x25519.c		diff \| blob \| blame \| history
src/include/ipxe/crypto.h		diff \| blob \| blame \| history
src/include/ipxe/tls.h		diff \| blob \| blame \| history
src/net/tls.c		diff \| blob \| blame \| history