git.baikalelectronics.ru Git - kernel.git/commit

author	Stephan Mueller <smueller@chronox.de>
	Mon, 25 Jun 2018 10:00:18 +0000 (12:00 +0200)
committer	Herbert Xu <herbert@gondor.apana.org.au>
	Sun, 8 Jul 2018 16:26:19 +0000 (00:26 +0800)
commit	29287aab896e0b8399af8fb92d2e9fbb5ff76285
tree	448a0a4cd4213edf339e00245ff1999ad120e298	tree \| snapshot
parent	d3873e4677dfda92ad8bf551680d3da5418cac8f	commit \| diff

crypto: ecdh - add public key verification test

According to SP800-56A section 5.6.2.1, the public key to be processed
for the ECDH operation shall be checked for appropriateness. When the
public key is considered to be an ephemeral key, the partial validation
test as defined in SP800-56A section 5.6.2.3.4 can be applied.

The partial verification test requires the presence of the field
elements of a and b. For the implemented NIST curves, b is defined in
FIPS 186-4 appendix D.1.2. The element a is implicitly given with the
Weierstrass equation given in D.1.2 where a = p - 3.

Without the test, the NIST ACVP testing fails. After adding this check,
the NIST ACVP testing passes.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto/ecc.c		diff \| blob \| history
crypto/ecc_curve_defs.h		diff \| blob \| history