[crypto] Allow for addition of arbitrary Weierstrass curve points

ECDSA verification requires the ability to add two arbitrary curve points (as well as the ability to multiply a curve point by a scalar). Add an elliptic curve method to perform arbitrary point addition. Pass in curve points as affine coordinates: this will require some redundant conversions between affine coorfinates and the internal representation as projective coordinates in Montgomery form, but keeps the API as simple as possible. Since we do not expect to perform a high volume of ECDSA signature verifications, these redundant calculations are an acceptable cost for keeping the code simple. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2026-05-08 15:02:55 +03:00 · 2025-12-06 16:59:29 +00:00
parent 1e353ff361
commit c7f129fede
8 changed files with 363 additions and 2 deletions
@@ -953,3 +953,44 @@ int weierstrass_multiply ( struct weierstrass_curve *curve, const void *base,

 	return 0;
 }
+
+/**
+ * Add curve points (as a one-off operation)
+ *
+ * @v curve		Weierstrass curve
+ * @v addend		Curve point to add
+ * @v augend		Curve point to add
+ * @v result		Curve point to hold result
+ * @ret rc		Return status code
+ */
+int weierstrass_add_once ( struct weierstrass_curve *curve, const void *addend,
+			   const void *augend, void *result ) {
+	unsigned int size = curve->size;
+	struct {
+		weierstrass_t ( size ) addend;
+		weierstrass_t ( size ) augend;
+		weierstrass_t ( size ) result;
+	} temp;
+	int rc;
+
+	/* Convert inputs to projective coordinates in Montgomery form */
+	if ( ( rc = weierstrass_init ( curve, &temp.addend, &temp.result,
+				       addend ) ) != 0 ) {
+		return rc;
+	}
+	if ( ( rc = weierstrass_init ( curve, &temp.augend, &temp.result,
+				       augend ) ) != 0 ) {
+		return rc;
+	}
+
+	/* Add curve points */
+	weierstrass_add ( curve, &temp.augend, &temp.addend, &temp.result );
+
+	/* Convert result back to affine co-ordinates */
+	if ( ( rc = weierstrass_done ( curve, &temp.result, &temp.addend,
+				       result ) ) != 0 ) {
+		return rc;
+	}
+
+	return 0;
+}
@@ -833,6 +833,21 @@ static int x25519_curve_multiply ( const void *base, const void *scalar,
 	return x25519_key ( base, scalar, result );
 }

+/**
+ * Add curve points (as a one-off operation)
+ *
+ * @v addend		Curve point to add
+ * @v augend		Curve point to add
+ * @v result		Curve point to hold result
+ * @ret rc		Return status code
+ */
+static int x25519_curve_add ( const void *addend __unused,
+			      const void *augend __unused,
+			      void *result __unused ) {
+
+	return -ENOTTY;
+}
+
 /** X25519 elliptic curve */
 struct elliptic_curve x25519_curve = {
 	.name = "x25519",
@@ -840,4 +855,5 @@ struct elliptic_curve x25519_curve = {
 	.keysize = sizeof ( struct x25519_value ),
 	.base = x25519_generator.raw,
 	.multiply = x25519_curve_multiply,
+	.add = x25519_curve_add,
 };