Backport cryptolib commits to earlgrey 1.0.0 #28983
Open
+4,698
−246
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit adds a new sign routine to the otbn assembly that allows for a configurable k. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 6fd0f86)
This commit makes it possible to have a deterministic secret scalar k as the input of the sign algorithm. This should only be used for testing purposes. Depending on the selected mode, k is loaded from the input buffer in the OTBN assembly. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 963c679)
This commit adds the possibility to set the secret scalar k for testing purposes. This should never be used for anything but KATs. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 6b80e91)
This commit adds the possibility to configure the secret scalar k for testing purposes. This functionality should never be used except for testing purposes. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit a63689c)
An important decision here is how, in the decode operation, to determine if an encoded point is valid. Details are in the comment at the top of ed25519.s, but I have chosen here to use the ZIP15 validation criteria to maximize predictability and compatibility. Signed-off-by: Jade Philipoom <jadep@google.com> (cherry picked from commit afeded2) (cherry picked from commit 3727883)
Scalar multiplication is fairly straightforwardly based on point addition, using a constant-time double-and-add algorithm. Also slightly simplify the setup for field arithmetic constants. Signed-off-by: Jade Philipoom <jadep@google.com> (cherry picked from commit df440d6) (cherry picked from commit 801e601)
This commit moves the tests into the correct folder and makes any necessary changes to get the tests to run/pass. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit dc7854a)
Helps to get a quicker overview of all the functions in the file. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit d12cd48)
The registers for the constants d and 38 were not consistent and were the cause for some wrong results when I ran some test vectors. This commit fixes this issue. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit c8e2048)
This commit adds a file to allow the api to run the different algorithms of ed25519. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 0243ec4)
This commit adds the OTBN interface functions needed for the ed25519 API. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 4f12a1f)
This commit adds the code for the API for ed25519 sign and verify. This commit stitches together the OTBN functions and HMAC hash operations to get full fletched ed25519 sign and verify implementations. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 5501e2d)
This commit adds the ed25519 keygen function and reuses it for the public key derivation in the sign algorithm. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 364d85b)
This commit adds the new keygen function to the OTBN interface such that it can be used by the API. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit c233adc)
This commit adds the new keygen function to the API. The secret key is used as an input and used to generate the public key. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 84996f3)
This commit adds an ed25519 functest which does a KAT smoke test on the keygen, sign and verify algorithms. Signed-off-by: Hakim Filali <hfilali@lowrisc.org> (cherry picked from commit 7a50802)
nasahlpa
approved these changes
Dec 22, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is a backport of my most recent commits to earlgrey1.0.0.
The automatic backport failed because earlgrey1.0.0 doesn't have otcrypto_interface.c.
The commits stem from the following PRs: #28926 #28724