Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/crypto/sm2.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) /* SPDX-License-Identifier: GPL-2.0-or-later */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * SM2 asymmetric public-key algorithm
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  * as specified by OSCCA GM/T 0003.1-2012 -- 0003.5-2012 SM2 and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * described at https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7)  * Copyright (c) 2020, Alibaba Group.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8)  * Authors: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <linux/module.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) #include <linux/mpi.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <crypto/internal/akcipher.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #include <crypto/akcipher.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #include <crypto/hash.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) #include <crypto/sm3_base.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) #include <crypto/rng.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) #include <crypto/sm2.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) #include "sm2signature.asn1.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) #define MPI_NBYTES(m)   ((mpi_get_nbits(m) + 7) / 8)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) struct ecc_domain_parms {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 	const char *desc;           /* Description of the curve.  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) 	unsigned int nbits;         /* Number of bits.  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 	unsigned int fips:1; /* True if this is a FIPS140-2 approved curve */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 	/* The model describing this curve.  This is mainly used to select
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 	 * the group equation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 	enum gcry_mpi_ec_models model;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 	/* The actual ECC dialect used.  This is used for curve specific
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 	 * optimizations and to select encodings etc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 	enum ecc_dialects dialect;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 	const char *p;              /* The prime defining the field.  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 	const char *a, *b;          /* The coefficients.  For Twisted Edwards
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 				     * Curves b is used for d.  For Montgomery
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 				     * Curves (a,b) has ((A-2)/4,B^-1).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 				     */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	const char *n;              /* The order of the base point.  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 	const char *g_x, *g_y;      /* Base point.  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 	unsigned int h;             /* Cofactor.  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) static const struct ecc_domain_parms sm2_ecp = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 	.desc = "sm2p256v1",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 	.nbits = 256,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 	.fips = 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 	.model = MPI_EC_WEIERSTRASS,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 	.dialect = ECC_DIALECT_STANDARD,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 	.p   = "0xfffffffeffffffffffffffffffffffffffffffff00000000ffffffffffffffff",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 	.a   = "0xfffffffeffffffffffffffffffffffffffffffff00000000fffffffffffffffc",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 	.b   = "0x28e9fa9e9d9f5e344d5a9e4bcf6509a7f39789f515ab8f92ddbcbd414d940e93",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 	.n   = "0xfffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 	.g_x = "0x32c4ae2c1f1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	.g_y = "0xbc3736a2f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 	.h = 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) static int sm2_ec_ctx_init(struct mpi_ec_ctx *ec)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 	const struct ecc_domain_parms *ecp = &sm2_ecp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 	MPI p, a, b;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	MPI x, y;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	int rc = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 	p = mpi_scanval(ecp->p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 	a = mpi_scanval(ecp->a);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	b = mpi_scanval(ecp->b);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	if (!p || !a || !b)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 		goto free_p;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	x = mpi_scanval(ecp->g_x);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	y = mpi_scanval(ecp->g_y);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 	if (!x || !y)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 		goto free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	rc = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 	ec->Q = mpi_point_new(0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 	if (!ec->Q)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 		goto free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 	/* mpi_ec_setup_elliptic_curve */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 	ec->G = mpi_point_new(0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 	if (!ec->G) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 		mpi_point_release(ec->Q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 		goto free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 	mpi_set(ec->G->x, x);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	mpi_set(ec->G->y, y);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 	mpi_set_ui(ec->G->z, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	rc = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 	ec->n = mpi_scanval(ecp->n);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	if (!ec->n) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 		mpi_point_release(ec->Q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 		mpi_point_release(ec->G);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 		goto free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 	ec->h = ecp->h;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 	ec->name = ecp->desc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	mpi_ec_init(ec, ecp->model, ecp->dialect, 0, p, a, b);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) free:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 	mpi_free(x);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 	mpi_free(y);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) free_p:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 	mpi_free(p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 	mpi_free(a);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 	mpi_free(b);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 	return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) static void sm2_ec_ctx_deinit(struct mpi_ec_ctx *ec)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 	mpi_ec_deinit(ec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 	memset(ec, 0, sizeof(*ec));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) /* RESULT must have been initialized and is set on success to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131)  * point given by VALUE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) static int sm2_ecc_os2ec(MPI_POINT result, MPI value)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) 	int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) 	size_t n;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) 	unsigned char *buf;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) 	MPI x, y;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 	n = MPI_NBYTES(value);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 	buf = kmalloc(n, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) 	if (!buf)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) 		return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) 	rc = mpi_print(GCRYMPI_FMT_USG, buf, n, &n, value);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) 	if (rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 		goto err_freebuf;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) 	rc = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) 	if (n < 1 || ((n - 1) % 2))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) 		goto err_freebuf;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 	/* No support for point compression */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 	if (*buf != 0x4)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) 		goto err_freebuf;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 	rc = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 	n = (n - 1) / 2;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) 	x = mpi_read_raw_data(buf + 1, n);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) 	if (!x)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) 		goto err_freebuf;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) 	y = mpi_read_raw_data(buf + 1 + n, n);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) 	if (!y)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) 		goto err_freex;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) 	mpi_normalize(x);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) 	mpi_normalize(y);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) 	mpi_set(result->x, x);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) 	mpi_set(result->y, y);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) 	mpi_set_ui(result->z, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) 	rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) 	mpi_free(y);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) err_freex:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) 	mpi_free(x);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) err_freebuf:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) 	kfree(buf);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) 	return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) struct sm2_signature_ctx {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) 	MPI sig_r;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) 	MPI sig_s;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) int sm2_get_signature_r(void *context, size_t hdrlen, unsigned char tag,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) 				const void *value, size_t vlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) 	struct sm2_signature_ctx *sig = context;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) 	if (!value || !vlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) 	sig->sig_r = mpi_read_raw_data(value, vlen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) 	if (!sig->sig_r)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) 		return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) int sm2_get_signature_s(void *context, size_t hdrlen, unsigned char tag,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) 				const void *value, size_t vlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) 	struct sm2_signature_ctx *sig = context;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) 	if (!value || !vlen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) 	sig->sig_s = mpi_read_raw_data(value, vlen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) 	if (!sig->sig_s)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) 		return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) static int sm2_z_digest_update(struct shash_desc *desc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) 			MPI m, unsigned int pbytes)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) 	static const unsigned char zero[32];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) 	unsigned char *in;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) 	unsigned int inlen;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 	in = mpi_get_buffer(m, &inlen, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) 	if (!in)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) 	if (inlen < pbytes) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) 		/* padding with zero */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) 		crypto_sm3_update(desc, zero, pbytes - inlen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) 		crypto_sm3_update(desc, in, inlen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) 	} else if (inlen > pbytes) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) 		/* skip the starting zero */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) 		crypto_sm3_update(desc, in + inlen - pbytes, pbytes);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) 	} else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) 		crypto_sm3_update(desc, in, inlen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) 	kfree(in);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) static int sm2_z_digest_update_point(struct shash_desc *desc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) 		MPI_POINT point, struct mpi_ec_ctx *ec, unsigned int pbytes)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) 	MPI x, y;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) 	int ret = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) 	x = mpi_new(0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) 	y = mpi_new(0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) 	if (!mpi_ec_get_affine(x, y, point, ec) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) 		!sm2_z_digest_update(desc, x, pbytes) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) 		!sm2_z_digest_update(desc, y, pbytes))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) 		ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) 	mpi_free(x);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) 	mpi_free(y);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) 	return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) int sm2_compute_z_digest(struct crypto_akcipher *tfm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) 			const unsigned char *id, size_t id_len,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) 			unsigned char dgst[SM3_DIGEST_SIZE])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) 	struct mpi_ec_ctx *ec = akcipher_tfm_ctx(tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) 	uint16_t bits_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) 	unsigned char entl[2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) 	SHASH_DESC_ON_STACK(desc, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) 	unsigned int pbytes;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) 	if (id_len > (USHRT_MAX / 8) || !ec->Q)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) 	bits_len = (uint16_t)(id_len * 8);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) 	entl[0] = bits_len >> 8;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) 	entl[1] = bits_len & 0xff;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) 	pbytes = MPI_NBYTES(ec->p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) 	/* ZA = H256(ENTLA | IDA | a | b | xG | yG | xA | yA) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) 	sm3_base_init(desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) 	crypto_sm3_update(desc, entl, 2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) 	crypto_sm3_update(desc, id, id_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) 	if (sm2_z_digest_update(desc, ec->a, pbytes) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) 		sm2_z_digest_update(desc, ec->b, pbytes) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) 		sm2_z_digest_update_point(desc, ec->G, ec, pbytes) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) 		sm2_z_digest_update_point(desc, ec->Q, ec, pbytes))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) 	crypto_sm3_final(desc, dgst);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) EXPORT_SYMBOL(sm2_compute_z_digest);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) static int _sm2_verify(struct mpi_ec_ctx *ec, MPI hash, MPI sig_r, MPI sig_s)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) 	int rc = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) 	struct gcry_mpi_point sG, tP;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) 	MPI t = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) 	MPI x1 = NULL, y1 = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) 	mpi_point_init(&sG);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) 	mpi_point_init(&tP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) 	x1 = mpi_new(0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) 	y1 = mpi_new(0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) 	t = mpi_new(0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) 	/* r, s in [1, n-1] */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) 	if (mpi_cmp_ui(sig_r, 1) < 0 || mpi_cmp(sig_r, ec->n) > 0 ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) 		mpi_cmp_ui(sig_s, 1) < 0 || mpi_cmp(sig_s, ec->n) > 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) 		goto leave;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) 	/* t = (r + s) % n, t == 0 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) 	mpi_addm(t, sig_r, sig_s, ec->n);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) 	if (mpi_cmp_ui(t, 0) == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) 		goto leave;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) 	/* sG + tP = (x1, y1) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) 	rc = -EBADMSG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) 	mpi_ec_mul_point(&sG, sig_s, ec->G, ec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) 	mpi_ec_mul_point(&tP, t, ec->Q, ec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) 	mpi_ec_add_points(&sG, &sG, &tP, ec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) 	if (mpi_ec_get_affine(x1, y1, &sG, ec))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) 		goto leave;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) 	/* R = (e + x1) % n */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) 	mpi_addm(t, hash, x1, ec->n);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) 	/* check R == r */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) 	rc = -EKEYREJECTED;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) 	if (mpi_cmp(t, sig_r))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) 		goto leave;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) 	rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) leave:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) 	mpi_point_free_parts(&sG);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) 	mpi_point_free_parts(&tP);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) 	mpi_free(x1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) 	mpi_free(y1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) 	mpi_free(t);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) 	return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) static int sm2_verify(struct akcipher_request *req)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) 	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) 	struct mpi_ec_ctx *ec = akcipher_tfm_ctx(tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) 	unsigned char *buffer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) 	struct sm2_signature_ctx sig;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) 	MPI hash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) 	int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) 	if (unlikely(!ec->Q))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) 	buffer = kmalloc(req->src_len + req->dst_len, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) 	if (!buffer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) 		return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) 	sg_pcopy_to_buffer(req->src,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) 		sg_nents_for_len(req->src, req->src_len + req->dst_len),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) 		buffer, req->src_len + req->dst_len, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) 	sig.sig_r = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) 	sig.sig_s = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) 	ret = asn1_ber_decoder(&sm2signature_decoder, &sig,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) 				buffer, req->src_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) 	if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) 		goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) 	ret = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) 	hash = mpi_read_raw_data(buffer + req->src_len, req->dst_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) 	if (!hash)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) 		goto error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) 	ret = _sm2_verify(ec, hash, sig.sig_r, sig.sig_s);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) 	mpi_free(hash);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) 	mpi_free(sig.sig_r);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) 	mpi_free(sig.sig_s);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) 	kfree(buffer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) 	return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) static int sm2_set_pub_key(struct crypto_akcipher *tfm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) 			const void *key, unsigned int keylen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) 	struct mpi_ec_ctx *ec = akcipher_tfm_ctx(tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) 	MPI a;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) 	int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) 	/* include the uncompressed flag '0x04' */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) 	a = mpi_read_raw_data(key, keylen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) 	if (!a)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) 		return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) 	mpi_normalize(a);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) 	rc = sm2_ecc_os2ec(ec->Q, a);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) 	mpi_free(a);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) 	return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) static unsigned int sm2_max_size(struct crypto_akcipher *tfm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) 	/* Unlimited max size */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) 	return PAGE_SIZE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) static int sm2_init_tfm(struct crypto_akcipher *tfm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) 	struct mpi_ec_ctx *ec = akcipher_tfm_ctx(tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) 	return sm2_ec_ctx_init(ec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) static void sm2_exit_tfm(struct crypto_akcipher *tfm)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) 	struct mpi_ec_ctx *ec = akcipher_tfm_ctx(tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) 	sm2_ec_ctx_deinit(ec);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) static struct akcipher_alg sm2 = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) 	.verify = sm2_verify,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) 	.set_pub_key = sm2_set_pub_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) 	.max_size = sm2_max_size,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) 	.init = sm2_init_tfm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) 	.exit = sm2_exit_tfm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) 	.base = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) 		.cra_name = "sm2",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) 		.cra_driver_name = "sm2-generic",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) 		.cra_priority = 100,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) 		.cra_module = THIS_MODULE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) 		.cra_ctxsize = sizeof(struct mpi_ec_ctx),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) 	},
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) static int sm2_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) 	return crypto_register_akcipher(&sm2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) static void sm2_exit(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) 	crypto_unregister_akcipher(&sm2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) subsys_initcall(sm2_init);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) module_exit(sm2_exit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) MODULE_LICENSE("GPL");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) MODULE_AUTHOR("Tianjia Zhang <tianjia.zhang@linux.alibaba.com>");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) MODULE_DESCRIPTION("SM2 generic algorithm");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) MODULE_ALIAS_CRYPTO("sm2-generic");
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.