diff options
| author | Michael Brown <mcb30@ipxe.org> | 2025-01-21 15:29:05 +0000 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2025-01-21 15:55:33 +0000 |
| commit | c9291bc5c7adfa9aa05e94aded90ba49d3dc8179 (patch) | |
| tree | f81108322d7289bf6d653e11d75eb6b58348dde2 /src/crypto/x25519.c | |
| parent | df7ec31766cd08eb1e01d59afc79198f5411517e (diff) | |
| download | ipxe-c9291bc5c7adfa9aa05e94aded90ba49d3dc8179.tar.gz | |
[tls] Allow for NIST elliptic curve point formats
The elliptic curve point representation for the x25519 curve includes
only the X value, since the curve is designed such that the Montgomery
ladder does not need to ever know or calculate a Y value. There is no
curve point format byte: the public key data is simply the X value.
The pre-master secret is also simply the X value of the shared secret
curve point.
The point representation for the NIST curves includes both X and Y
values, and a single curve point format byte that must indicate that
the format is uncompressed. The pre-master secret for the NIST curves
does not include both X and Y values: only the X value is used.
Extend the definition of an elliptic curve to allow the point size to
be specified separately from the key size, and extend the definition
of a TLS named curve to include an optional curve point format byte
and a pre-master secret length.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto/x25519.c')
| -rw-r--r-- | src/crypto/x25519.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/crypto/x25519.c b/src/crypto/x25519.c index ab5d2e8b0..995cfa352 100644 --- a/src/crypto/x25519.c +++ b/src/crypto/x25519.c @@ -839,6 +839,7 @@ static int x25519_curve_multiply ( const void *base, const void *scalar, /** X25519 elliptic curve */ struct elliptic_curve x25519_curve = { .name = "x25519", + .pointsize = sizeof ( struct x25519_value ), .keysize = sizeof ( struct x25519_value ), .multiply = x25519_curve_multiply, }; |