[crypto] Add an abstraction of an elliptic curve

Define an abstraction of an elliptic curve with a fixed generator and
one supported operation (scalar multiplication of a curve point).

Signed-off-by: Michael Brown <mcb30@ipxe.org>

diff --git a/src/crypto/x25519.c b/src/crypto/x25519.c
index d3a19bc8e02a94f29e1540f176cbd270fcdee8a0..d58f7168c37629d4e23429fb2983dba3320a000c 100644 (file)
--- a/src/crypto/x25519.c
+++ b/src/crypto/x25519.c
@@ -61,6 +61,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 #include <assert.h>
 #include <errno.h>
 #include <ipxe/init.h>
+#include <ipxe/crypto.h>
 #include <ipxe/x25519.h>
 
 /** X25519 reduction constant
@@ -300,6 +301,11 @@ static const uint8_t x25519_121665_raw[] = { 0x01, 0xdb, 0x41 };
 /** Constant 121665 (used in the Montgomery ladder) */
 static union x25519_oct258 x25519_121665;
 
+/** Constant g=9 (the group generator) */
+static struct x25519_value x25519_generator = {
+       .raw = { 9, }
+};
+
 /**
  * Initialise constants
  *
@@ -811,3 +817,28 @@ int x25519_key ( const struct x25519_value *base,
        /* Fail if result was all zeros (as required by RFC8422) */
        return ( bigint_is_zero ( &point.value ) ? -EPERM : 0 );
 }
+
+/**
+ * Multiply scalar by curve point
+ *
+ * @v base             Base point (or NULL to use generator)
+ * @v scalar           Scalar multiple
+ * @v result           Result point to fill in
+ * @ret rc             Return status code
+ */
+static int x25519_curve_multiply ( const void *base, const void *scalar,
+                                  void *result ) {
+
+       /* Use base point if applicable */
+       if ( ! base )
+               base = &x25519_generator;
+
+       return x25519_key ( base, scalar, result );
+}
+
+/** X25519 elliptic curve */
+struct elliptic_curve x25519_curve = {
+       .name = "x25519",
+       .keysize = sizeof ( struct x25519_value ),
+       .multiply = x25519_curve_multiply,
+};

diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h
index a15d5eba02c18d9ff22edf470cafc1bcc7abb477..9ee1c40cb085bfcc1ea184501c5fa7edca621124 100644 (file)
--- a/src/include/ipxe/crypto.h
+++ b/src/include/ipxe/crypto.h
@@ -195,6 +195,23 @@ struct pubkey_algorithm {
                          const void *public_key, size_t public_key_len );
 };
 
+/** An elliptic curve */
+struct elliptic_curve {
+       /** Curve name */
+       const char *name;
+       /** Key size */
+       size_t keysize;
+       /** Multiply scalar by curve point
+        *
+        * @v base              Base point (or NULL to use generator)
+        * @v scalar            Scalar multiple
+        * @v result            Result point to fill in
+        * @ret rc              Return status code
+        */
+       int ( * multiply ) ( const void *base, const void *scalar,
+                            void *result );
+};
+
 static inline void digest_init ( struct digest_algorithm *digest,
                                 void *ctx ) {
        digest->init ( ctx );
@@ -302,6 +319,12 @@ static inline int pubkey_match ( struct pubkey_algorithm *pubkey,
                               public_key_len );
 }
 
+static inline int elliptic_multiply ( struct elliptic_curve *curve,
+                                     const void *base, const void *scalar,
+                                     void *result ) {
+       return curve->multiply ( base, scalar, result );
+}
+
 extern void digest_null_init ( void *ctx );
 extern void digest_null_update ( void *ctx, const void *src, size_t len );
 extern void digest_null_final ( void *ctx, void *out );

diff --git a/src/include/ipxe/x25519.h b/src/include/ipxe/x25519.h
index 6524abb7ddf4a0053160a67bbcf88a93b930002b..fd7caeee989ea154e2eb781a1bdb6cb9044aebed 100644 (file)
--- a/src/include/ipxe/x25519.h
+++ b/src/include/ipxe/x25519.h
@@ -11,6 +11,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
 
 #include <stdint.h>
 #include <ipxe/bigint.h>
+#include <ipxe/crypto.h>
 
 /** X25519 unsigned big integer size
  *
@@ -88,4 +89,6 @@ extern int x25519_key ( const struct x25519_value *base,
                        const struct x25519_value *scalar,
                        struct x25519_value *result );
 
+extern struct elliptic_curve x25519_curve;
+
 #endif /* _IPXE_X25519_H */