xref: /openbmc/linux/crypto/ecrdsa.c (revision ba2929159000dc7015cc01cdf7bb72542e19952a) 
10d7a7864SVitaly Chikunov // SPDX-License-Identifier: GPL-2.0+
20d7a7864SVitaly Chikunov /*
30d7a7864SVitaly Chikunov  * Elliptic Curve (Russian) Digital Signature Algorithm for Cryptographic API
40d7a7864SVitaly Chikunov  *
50d7a7864SVitaly Chikunov  * Copyright (c) 2019 Vitaly Chikunov <vt@altlinux.org>
60d7a7864SVitaly Chikunov  *
70d7a7864SVitaly Chikunov  * References:
80d7a7864SVitaly Chikunov  * GOST 34.10-2018, GOST R 34.10-2012, RFC 7091, ISO/IEC 14888-3:2018.
90d7a7864SVitaly Chikunov  *
100d7a7864SVitaly Chikunov  * Historical references:
110d7a7864SVitaly Chikunov  * GOST R 34.10-2001, RFC 4357, ISO/IEC 14888-3:2006/Amd 1:2010.
120d7a7864SVitaly Chikunov  *
130d7a7864SVitaly Chikunov  * This program is free software; you can redistribute it and/or modify it
140d7a7864SVitaly Chikunov  * under the terms of the GNU General Public License as published by the Free
150d7a7864SVitaly Chikunov  * Software Foundation; either version 2 of the License, or (at your option)
160d7a7864SVitaly Chikunov  * any later version.
170d7a7864SVitaly Chikunov  */
180d7a7864SVitaly Chikunov 
190d7a7864SVitaly Chikunov #include <linux/module.h>
200d7a7864SVitaly Chikunov #include <linux/crypto.h>
210d7a7864SVitaly Chikunov #include <crypto/streebog.h>
220d7a7864SVitaly Chikunov #include <crypto/internal/akcipher.h>
23a745d3acSDaniele Alessandrelli #include <crypto/internal/ecc.h>
240d7a7864SVitaly Chikunov #include <crypto/akcipher.h>
250d7a7864SVitaly Chikunov #include <linux/oid_registry.h>
260c3dc787SHerbert Xu #include <linux/scatterlist.h>
270d7a7864SVitaly Chikunov #include "ecrdsa_params.asn1.h"
280d7a7864SVitaly Chikunov #include "ecrdsa_pub_key.asn1.h"
290d7a7864SVitaly Chikunov #include "ecrdsa_defs.h"
300d7a7864SVitaly Chikunov 
310d7a7864SVitaly Chikunov #define ECRDSA_MAX_SIG_SIZE (2 * 512 / 8)
320d7a7864SVitaly Chikunov #define ECRDSA_MAX_DIGITS (512 / 64)
330d7a7864SVitaly Chikunov 
340d7a7864SVitaly Chikunov struct ecrdsa_ctx {
350d7a7864SVitaly Chikunov 	enum OID algo_oid; /* overall public key oid */
360d7a7864SVitaly Chikunov 	enum OID curve_oid; /* parameter */
370d7a7864SVitaly Chikunov 	enum OID digest_oid; /* parameter */
380d7a7864SVitaly Chikunov 	const struct ecc_curve *curve; /* curve from oid */
390d7a7864SVitaly Chikunov 	unsigned int digest_len; /* parameter (bytes) */
400d7a7864SVitaly Chikunov 	const char *digest; /* digest name from oid */
410d7a7864SVitaly Chikunov 	unsigned int key_len; /* @key length (bytes) */
420d7a7864SVitaly Chikunov 	const char *key; /* raw public key */
430d7a7864SVitaly Chikunov 	struct ecc_point pub_key;
440d7a7864SVitaly Chikunov 	u64 _pubp[2][ECRDSA_MAX_DIGITS]; /* point storage for @pub_key */
450d7a7864SVitaly Chikunov };
460d7a7864SVitaly Chikunov 
get_curve_by_oid(enum OID oid)470d7a7864SVitaly Chikunov static const struct ecc_curve *get_curve_by_oid(enum OID oid)
480d7a7864SVitaly Chikunov {
490d7a7864SVitaly Chikunov 	switch (oid) {
500d7a7864SVitaly Chikunov 	case OID_gostCPSignA:
510d7a7864SVitaly Chikunov 	case OID_gostTC26Sign256B:
520d7a7864SVitaly Chikunov 		return &gost_cp256a;
530d7a7864SVitaly Chikunov 	case OID_gostCPSignB:
540d7a7864SVitaly Chikunov 	case OID_gostTC26Sign256C:
550d7a7864SVitaly Chikunov 		return &gost_cp256b;
560d7a7864SVitaly Chikunov 	case OID_gostCPSignC:
570d7a7864SVitaly Chikunov 	case OID_gostTC26Sign256D:
580d7a7864SVitaly Chikunov 		return &gost_cp256c;
590d7a7864SVitaly Chikunov 	case OID_gostTC26Sign512A:
600d7a7864SVitaly Chikunov 		return &gost_tc512a;
610d7a7864SVitaly Chikunov 	case OID_gostTC26Sign512B:
620d7a7864SVitaly Chikunov 		return &gost_tc512b;
630d7a7864SVitaly Chikunov 	/* The following two aren't implemented: */
640d7a7864SVitaly Chikunov 	case OID_gostTC26Sign256A:
650d7a7864SVitaly Chikunov 	case OID_gostTC26Sign512C:
660d7a7864SVitaly Chikunov 	default:
670d7a7864SVitaly Chikunov 		return NULL;
680d7a7864SVitaly Chikunov 	}
690d7a7864SVitaly Chikunov }
700d7a7864SVitaly Chikunov 
ecrdsa_verify(struct akcipher_request * req)710d7a7864SVitaly Chikunov static int ecrdsa_verify(struct akcipher_request *req)
720d7a7864SVitaly Chikunov {
730d7a7864SVitaly Chikunov 	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
740d7a7864SVitaly Chikunov 	struct ecrdsa_ctx *ctx = akcipher_tfm_ctx(tfm);
750d7a7864SVitaly Chikunov 	unsigned char sig[ECRDSA_MAX_SIG_SIZE];
760d7a7864SVitaly Chikunov 	unsigned char digest[STREEBOG512_DIGEST_SIZE];
770d7a7864SVitaly Chikunov 	unsigned int ndigits = req->dst_len / sizeof(u64);
780d7a7864SVitaly Chikunov 	u64 r[ECRDSA_MAX_DIGITS]; /* witness (r) */
790d7a7864SVitaly Chikunov 	u64 _r[ECRDSA_MAX_DIGITS]; /* -r */
800d7a7864SVitaly Chikunov 	u64 s[ECRDSA_MAX_DIGITS]; /* second part of sig (s) */
810d7a7864SVitaly Chikunov 	u64 e[ECRDSA_MAX_DIGITS]; /* h \mod q */
820d7a7864SVitaly Chikunov 	u64 *v = e;		  /* e^{-1} \mod q */
830d7a7864SVitaly Chikunov 	u64 z1[ECRDSA_MAX_DIGITS];
840d7a7864SVitaly Chikunov 	u64 *z2 = _r;
850d7a7864SVitaly Chikunov 	struct ecc_point cc = ECC_POINT_INIT(s, e, ndigits); /* reuse s, e */
860d7a7864SVitaly Chikunov 
870d7a7864SVitaly Chikunov 	/*
880d7a7864SVitaly Chikunov 	 * Digest value, digest algorithm, and curve (modulus) should have the
890d7a7864SVitaly Chikunov 	 * same length (256 or 512 bits), public key and signature should be
900d7a7864SVitaly Chikunov 	 * twice bigger.
910d7a7864SVitaly Chikunov 	 */
920d7a7864SVitaly Chikunov 	if (!ctx->curve ||
930d7a7864SVitaly Chikunov 	    !ctx->digest ||
940d7a7864SVitaly Chikunov 	    !req->src ||
950d7a7864SVitaly Chikunov 	    !ctx->pub_key.x ||
960d7a7864SVitaly Chikunov 	    req->dst_len != ctx->digest_len ||
970d7a7864SVitaly Chikunov 	    req->dst_len != ctx->curve->g.ndigits * sizeof(u64) ||
980d7a7864SVitaly Chikunov 	    ctx->pub_key.ndigits != ctx->curve->g.ndigits ||
990d7a7864SVitaly Chikunov 	    req->dst_len * 2 != req->src_len ||
1000d7a7864SVitaly Chikunov 	    WARN_ON(req->src_len > sizeof(sig)) ||
1010d7a7864SVitaly Chikunov 	    WARN_ON(req->dst_len > sizeof(digest)))
1020d7a7864SVitaly Chikunov 		return -EBADMSG;
1030d7a7864SVitaly Chikunov 
1040d7a7864SVitaly Chikunov 	sg_copy_to_buffer(req->src, sg_nents_for_len(req->src, req->src_len),
1050d7a7864SVitaly Chikunov 			  sig, req->src_len);
1060d7a7864SVitaly Chikunov 	sg_pcopy_to_buffer(req->src,
1070d7a7864SVitaly Chikunov 			   sg_nents_for_len(req->src,
1080d7a7864SVitaly Chikunov 					    req->src_len + req->dst_len),
1090d7a7864SVitaly Chikunov 			   digest, req->dst_len, req->src_len);
1100d7a7864SVitaly Chikunov 
1110d7a7864SVitaly Chikunov 	vli_from_be64(s, sig, ndigits);
1120d7a7864SVitaly Chikunov 	vli_from_be64(r, sig + ndigits * sizeof(u64), ndigits);
1130d7a7864SVitaly Chikunov 
1140d7a7864SVitaly Chikunov 	/* Step 1: verify that 0 < r < q, 0 < s < q */
1150d7a7864SVitaly Chikunov 	if (vli_is_zero(r, ndigits) ||
1167cc7ab73SVitaly Chikunov 	    vli_cmp(r, ctx->curve->n, ndigits) >= 0 ||
1170d7a7864SVitaly Chikunov 	    vli_is_zero(s, ndigits) ||
1187cc7ab73SVitaly Chikunov 	    vli_cmp(s, ctx->curve->n, ndigits) >= 0)
1190d7a7864SVitaly Chikunov 		return -EKEYREJECTED;
1200d7a7864SVitaly Chikunov 
1210d7a7864SVitaly Chikunov 	/* Step 2: calculate hash (h) of the message (passed as input) */
1220d7a7864SVitaly Chikunov 	/* Step 3: calculate e = h \mod q */
1230d7a7864SVitaly Chikunov 	vli_from_le64(e, digest, ndigits);
1247cc7ab73SVitaly Chikunov 	if (vli_cmp(e, ctx->curve->n, ndigits) >= 0)
1250d7a7864SVitaly Chikunov 		vli_sub(e, e, ctx->curve->n, ndigits);
1260d7a7864SVitaly Chikunov 	if (vli_is_zero(e, ndigits))
1270d7a7864SVitaly Chikunov 		e[0] = 1;
1280d7a7864SVitaly Chikunov 
1290d7a7864SVitaly Chikunov 	/* Step 4: calculate v = e^{-1} \mod q */
1300d7a7864SVitaly Chikunov 	vli_mod_inv(v, e, ctx->curve->n, ndigits);
1310d7a7864SVitaly Chikunov 
1320d7a7864SVitaly Chikunov 	/* Step 5: calculate z_1 = sv \mod q, z_2 = -rv \mod q */
1330d7a7864SVitaly Chikunov 	vli_mod_mult_slow(z1, s, v, ctx->curve->n, ndigits);
1340d7a7864SVitaly Chikunov 	vli_sub(_r, ctx->curve->n, r, ndigits);
1350d7a7864SVitaly Chikunov 	vli_mod_mult_slow(z2, _r, v, ctx->curve->n, ndigits);
1360d7a7864SVitaly Chikunov 
1370d7a7864SVitaly Chikunov 	/* Step 6: calculate point C = z_1P + z_2Q, and R = x_c \mod q */
1380d7a7864SVitaly Chikunov 	ecc_point_mult_shamir(&cc, z1, &ctx->curve->g, z2, &ctx->pub_key,
1390d7a7864SVitaly Chikunov 			      ctx->curve);
1407cc7ab73SVitaly Chikunov 	if (vli_cmp(cc.x, ctx->curve->n, ndigits) >= 0)
1410d7a7864SVitaly Chikunov 		vli_sub(cc.x, cc.x, ctx->curve->n, ndigits);
1420d7a7864SVitaly Chikunov 
1430d7a7864SVitaly Chikunov 	/* Step 7: if R == r signature is valid */
1440d7a7864SVitaly Chikunov 	if (!vli_cmp(cc.x, r, ndigits))
1450d7a7864SVitaly Chikunov 		return 0;
1460d7a7864SVitaly Chikunov 	else
1470d7a7864SVitaly Chikunov 		return -EKEYREJECTED;
1480d7a7864SVitaly Chikunov }
1490d7a7864SVitaly Chikunov 
ecrdsa_param_curve(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)1500d7a7864SVitaly Chikunov int ecrdsa_param_curve(void *context, size_t hdrlen, unsigned char tag,
1510d7a7864SVitaly Chikunov 		       const void *value, size_t vlen)
1520d7a7864SVitaly Chikunov {
1530d7a7864SVitaly Chikunov 	struct ecrdsa_ctx *ctx = context;
1540d7a7864SVitaly Chikunov 
1550d7a7864SVitaly Chikunov 	ctx->curve_oid = look_up_OID(value, vlen);
1560d7a7864SVitaly Chikunov 	if (!ctx->curve_oid)
1570d7a7864SVitaly Chikunov 		return -EINVAL;
1580d7a7864SVitaly Chikunov 	ctx->curve = get_curve_by_oid(ctx->curve_oid);
1590d7a7864SVitaly Chikunov 	return 0;
1600d7a7864SVitaly Chikunov }
1610d7a7864SVitaly Chikunov 
1620d7a7864SVitaly Chikunov /* Optional. If present should match expected digest algo OID. */
ecrdsa_param_digest(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)1630d7a7864SVitaly Chikunov int ecrdsa_param_digest(void *context, size_t hdrlen, unsigned char tag,
1640d7a7864SVitaly Chikunov 			const void *value, size_t vlen)
1650d7a7864SVitaly Chikunov {
1660d7a7864SVitaly Chikunov 	struct ecrdsa_ctx *ctx = context;
1670d7a7864SVitaly Chikunov 	int digest_oid = look_up_OID(value, vlen);
1680d7a7864SVitaly Chikunov 
1690d7a7864SVitaly Chikunov 	if (digest_oid != ctx->digest_oid)
1700d7a7864SVitaly Chikunov 		return -EINVAL;
1710d7a7864SVitaly Chikunov 	return 0;
1720d7a7864SVitaly Chikunov }
1730d7a7864SVitaly Chikunov 
ecrdsa_parse_pub_key(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)1740d7a7864SVitaly Chikunov int ecrdsa_parse_pub_key(void *context, size_t hdrlen, unsigned char tag,
1750d7a7864SVitaly Chikunov 			 const void *value, size_t vlen)
1760d7a7864SVitaly Chikunov {
1770d7a7864SVitaly Chikunov 	struct ecrdsa_ctx *ctx = context;
1780d7a7864SVitaly Chikunov 
1790d7a7864SVitaly Chikunov 	ctx->key = value;
1800d7a7864SVitaly Chikunov 	ctx->key_len = vlen;
1810d7a7864SVitaly Chikunov 	return 0;
1820d7a7864SVitaly Chikunov }
1830d7a7864SVitaly Chikunov 
ecrdsa_unpack_u32(u32 * dst,void * src)1840d7a7864SVitaly Chikunov static u8 *ecrdsa_unpack_u32(u32 *dst, void *src)
1850d7a7864SVitaly Chikunov {
1860d7a7864SVitaly Chikunov 	memcpy(dst, src, sizeof(u32));
1870d7a7864SVitaly Chikunov 	return src + sizeof(u32);
1880d7a7864SVitaly Chikunov }
1890d7a7864SVitaly Chikunov 
1900d7a7864SVitaly Chikunov /* Parse BER encoded subjectPublicKey. */
ecrdsa_set_pub_key(struct crypto_akcipher * tfm,const void * key,unsigned int keylen)1910d7a7864SVitaly Chikunov static int ecrdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key,
1920d7a7864SVitaly Chikunov 			      unsigned int keylen)
1930d7a7864SVitaly Chikunov {
1940d7a7864SVitaly Chikunov 	struct ecrdsa_ctx *ctx = akcipher_tfm_ctx(tfm);
1950d7a7864SVitaly Chikunov 	unsigned int ndigits;
1960d7a7864SVitaly Chikunov 	u32 algo, paramlen;
1970d7a7864SVitaly Chikunov 	u8 *params;
1980d7a7864SVitaly Chikunov 	int err;
1990d7a7864SVitaly Chikunov 
2000d7a7864SVitaly Chikunov 	err = asn1_ber_decoder(&ecrdsa_pub_key_decoder, ctx, key, keylen);
2010d7a7864SVitaly Chikunov 	if (err < 0)
2020d7a7864SVitaly Chikunov 		return err;
2030d7a7864SVitaly Chikunov 
2040d7a7864SVitaly Chikunov 	/* Key parameters is in the key after keylen. */
2050d7a7864SVitaly Chikunov 	params = ecrdsa_unpack_u32(&paramlen,
2060d7a7864SVitaly Chikunov 			  ecrdsa_unpack_u32(&algo, (u8 *)key + keylen));
2070d7a7864SVitaly Chikunov 
2080d7a7864SVitaly Chikunov 	if (algo == OID_gost2012PKey256) {
2090d7a7864SVitaly Chikunov 		ctx->digest	= "streebog256";
2100d7a7864SVitaly Chikunov 		ctx->digest_oid	= OID_gost2012Digest256;
2110d7a7864SVitaly Chikunov 		ctx->digest_len	= 256 / 8;
2120d7a7864SVitaly Chikunov 	} else if (algo == OID_gost2012PKey512) {
2130d7a7864SVitaly Chikunov 		ctx->digest	= "streebog512";
2140d7a7864SVitaly Chikunov 		ctx->digest_oid	= OID_gost2012Digest512;
2150d7a7864SVitaly Chikunov 		ctx->digest_len	= 512 / 8;
2160d7a7864SVitaly Chikunov 	} else
2170d7a7864SVitaly Chikunov 		return -ENOPKG;
2180d7a7864SVitaly Chikunov 	ctx->algo_oid = algo;
2190d7a7864SVitaly Chikunov 
2200d7a7864SVitaly Chikunov 	/* Parse SubjectPublicKeyInfo.AlgorithmIdentifier.parameters. */
2210d7a7864SVitaly Chikunov 	err = asn1_ber_decoder(&ecrdsa_params_decoder, ctx, params, paramlen);
2220d7a7864SVitaly Chikunov 	if (err < 0)
2230d7a7864SVitaly Chikunov 		return err;
2240d7a7864SVitaly Chikunov 	/*
2250d7a7864SVitaly Chikunov 	 * Sizes of algo (set in digest_len) and curve should match
2260d7a7864SVitaly Chikunov 	 * each other.
2270d7a7864SVitaly Chikunov 	 */
2280d7a7864SVitaly Chikunov 	if (!ctx->curve ||
2290d7a7864SVitaly Chikunov 	    ctx->curve->g.ndigits * sizeof(u64) != ctx->digest_len)
2300d7a7864SVitaly Chikunov 		return -ENOPKG;
2310d7a7864SVitaly Chikunov 	/*
2320d7a7864SVitaly Chikunov 	 * Key is two 256- or 512-bit coordinates which should match
2330d7a7864SVitaly Chikunov 	 * curve size.
2340d7a7864SVitaly Chikunov 	 */
2350d7a7864SVitaly Chikunov 	if ((ctx->key_len != (2 * 256 / 8) &&
2360d7a7864SVitaly Chikunov 	     ctx->key_len != (2 * 512 / 8)) ||
2370d7a7864SVitaly Chikunov 	    ctx->key_len != ctx->curve->g.ndigits * sizeof(u64) * 2)
2380d7a7864SVitaly Chikunov 		return -ENOPKG;
2390d7a7864SVitaly Chikunov 
2400d7a7864SVitaly Chikunov 	ndigits = ctx->key_len / sizeof(u64) / 2;
2410d7a7864SVitaly Chikunov 	ctx->pub_key = ECC_POINT_INIT(ctx->_pubp[0], ctx->_pubp[1], ndigits);
2420d7a7864SVitaly Chikunov 	vli_from_le64(ctx->pub_key.x, ctx->key, ndigits);
2430d7a7864SVitaly Chikunov 	vli_from_le64(ctx->pub_key.y, ctx->key + ndigits * sizeof(u64),
2440d7a7864SVitaly Chikunov 		      ndigits);
2450d7a7864SVitaly Chikunov 
2460d7a7864SVitaly Chikunov 	if (ecc_is_pubkey_valid_partial(ctx->curve, &ctx->pub_key))
2470d7a7864SVitaly Chikunov 		return -EKEYREJECTED;
2480d7a7864SVitaly Chikunov 
2490d7a7864SVitaly Chikunov 	return 0;
2500d7a7864SVitaly Chikunov }
2510d7a7864SVitaly Chikunov 
ecrdsa_max_size(struct crypto_akcipher * tfm)2520d7a7864SVitaly Chikunov static unsigned int ecrdsa_max_size(struct crypto_akcipher *tfm)
2530d7a7864SVitaly Chikunov {
2540d7a7864SVitaly Chikunov 	struct ecrdsa_ctx *ctx = akcipher_tfm_ctx(tfm);
2550d7a7864SVitaly Chikunov 
2560d7a7864SVitaly Chikunov 	/*
2570d7a7864SVitaly Chikunov 	 * Verify doesn't need any output, so it's just informational
2580d7a7864SVitaly Chikunov 	 * for keyctl to determine the key bit size.
2590d7a7864SVitaly Chikunov 	 */
2600d7a7864SVitaly Chikunov 	return ctx->pub_key.ndigits * sizeof(u64);
2610d7a7864SVitaly Chikunov }
2620d7a7864SVitaly Chikunov 
ecrdsa_exit_tfm(struct crypto_akcipher * tfm)2630d7a7864SVitaly Chikunov static void ecrdsa_exit_tfm(struct crypto_akcipher *tfm)
2640d7a7864SVitaly Chikunov {
2650d7a7864SVitaly Chikunov }
2660d7a7864SVitaly Chikunov 
2670d7a7864SVitaly Chikunov static struct akcipher_alg ecrdsa_alg = {
2680d7a7864SVitaly Chikunov 	.verify		= ecrdsa_verify,
2690d7a7864SVitaly Chikunov 	.set_pub_key	= ecrdsa_set_pub_key,
2700d7a7864SVitaly Chikunov 	.max_size	= ecrdsa_max_size,
2710d7a7864SVitaly Chikunov 	.exit		= ecrdsa_exit_tfm,
2720d7a7864SVitaly Chikunov 	.base = {
2730d7a7864SVitaly Chikunov 		.cra_name	 = "ecrdsa",
2740d7a7864SVitaly Chikunov 		.cra_driver_name = "ecrdsa-generic",
2750d7a7864SVitaly Chikunov 		.cra_priority	 = 100,
2760d7a7864SVitaly Chikunov 		.cra_module	 = THIS_MODULE,
2770d7a7864SVitaly Chikunov 		.cra_ctxsize	 = sizeof(struct ecrdsa_ctx),
2780d7a7864SVitaly Chikunov 	},
2790d7a7864SVitaly Chikunov };
2800d7a7864SVitaly Chikunov 
ecrdsa_mod_init(void)2810d7a7864SVitaly Chikunov static int __init ecrdsa_mod_init(void)
2820d7a7864SVitaly Chikunov {
2830d7a7864SVitaly Chikunov 	return crypto_register_akcipher(&ecrdsa_alg);
2840d7a7864SVitaly Chikunov }
2850d7a7864SVitaly Chikunov 
ecrdsa_mod_fini(void)2860d7a7864SVitaly Chikunov static void __exit ecrdsa_mod_fini(void)
2870d7a7864SVitaly Chikunov {
2880d7a7864SVitaly Chikunov 	crypto_unregister_akcipher(&ecrdsa_alg);
2890d7a7864SVitaly Chikunov }
2900d7a7864SVitaly Chikunov 
2910d7a7864SVitaly Chikunov module_init(ecrdsa_mod_init);
2920d7a7864SVitaly Chikunov module_exit(ecrdsa_mod_fini);
2930d7a7864SVitaly Chikunov 
2940d7a7864SVitaly Chikunov MODULE_LICENSE("GPL");
2950d7a7864SVitaly Chikunov MODULE_AUTHOR("Vitaly Chikunov <vt@altlinux.org>");
2960d7a7864SVitaly Chikunov MODULE_DESCRIPTION("EC-RDSA generic algorithm");
297*d1410436SVitaly Chikunov MODULE_ALIAS_CRYPTO("ecrdsa");
2980d7a7864SVitaly Chikunov MODULE_ALIAS_CRYPTO("ecrdsa-generic");
299