1 /* SPDX-License-Identifier: GPL-2.0 OR MIT */ 2 /* 3 * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 4 */ 5 6 #ifndef CURVE25519_H 7 #define CURVE25519_H 8 9 #include <linux/types.h> 10 #include <linux/random.h> 11 12 enum curve25519_lengths { 13 CURVE25519_KEY_SIZE = 32 14 }; 15 16 void curve25519_generic(u8 out[at_least CURVE25519_KEY_SIZE], 17 const u8 scalar[at_least CURVE25519_KEY_SIZE], 18 const u8 point[at_least CURVE25519_KEY_SIZE]); 19 20 bool __must_check 21 curve25519(u8 mypublic[at_least CURVE25519_KEY_SIZE], 22 const u8 secret[at_least CURVE25519_KEY_SIZE], 23 const u8 basepoint[at_least CURVE25519_KEY_SIZE]); 24 25 bool __must_check 26 curve25519_generate_public(u8 pub[at_least CURVE25519_KEY_SIZE], 27 const u8 secret[at_least CURVE25519_KEY_SIZE]); 28 29 static inline void curve25519_clamp_secret(u8 secret[at_least CURVE25519_KEY_SIZE])30curve25519_clamp_secret(u8 secret[at_least CURVE25519_KEY_SIZE]) 31 { 32 secret[0] &= 248; 33 secret[31] = (secret[31] & 127) | 64; 34 } 35 36 static inline void curve25519_generate_secret(u8 secret[at_least CURVE25519_KEY_SIZE])37curve25519_generate_secret(u8 secret[at_least CURVE25519_KEY_SIZE]) 38 { 39 get_random_bytes_wait(secret, CURVE25519_KEY_SIZE); 40 curve25519_clamp_secret(secret); 41 } 42 43 #endif /* CURVE25519_H */ 44