xref: /third_party/mbedtls/library/ecdsa.c

150     MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, ECDSA_RS_ECP, ops));
200  * Derive a suitable integer for group grp from a buffer of length len
203 static int derive_mpi(const mbedtls_ecp_group *grp, mbedtls_mpi *x,
207     size_t n_size = (grp->nbits + 7) / 8;
211     if (use_size * 8 > grp->nbits) {
212         MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(x, use_size * 8 - grp->nbits));
216     if (mbedtls_mpi_cmp_mpi(x, &grp->N) >= 0) {
217         MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(x, x, &grp->N));
243 int mbedtls_ecdsa_sign_restartable(mbedtls_ecp_group *grp,
258     if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) {
263     if (mbedtls_mpi_cmp_int(d, 1) < 0 || mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) {
308             MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, pk, f_rng, p_rng));
317             MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &R, pk, &grp->G,
321             MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pr, &R.X, &grp->N));
340         MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen));
346         MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, &t, f_rng_blind,
356         MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pk, pk, &grp->N));
357         MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(s, pk, &grp->N));
359         MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(s, s, &grp->N));
380 int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
385     return mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen,
397 int mbedtls_ecdsa_sign_det_restartable(mbedtls_ecp_group *grp,
409     size_t grp_len = (grp->nbits + 7) / 8;
436     MBEDTLS_MPI_CHK(derive_mpi(grp, &h, buf, blen));
450     ret = mbedtls_ecdsa_sign(grp, r, s, d, buf, blen,
453     ret = mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen,
470 int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r,
478     return mbedtls_ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg,
488 int mbedtls_ecdsa_verify_restartable(mbedtls_ecp_group *grp,
505     if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) {
527     if (mbedtls_mpi_cmp_int(r, 1) < 0 || mbedtls_mpi_cmp_mpi(r, &grp->N) >= 0 ||
528         mbedtls_mpi_cmp_int(s, 1) < 0 || mbedtls_mpi_cmp_mpi(s, &grp->N) >= 0) {
536     MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen));
543     MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&s_inv, s, &grp->N));
546     MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu1, pu1, &grp->N));
549     MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu2, pu2, &grp->N));
561     MBEDTLS_MPI_CHK(mbedtls_ecp_muladd_restartable(grp,
562                                                    &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP));
573     MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&R.X, &R.X, &grp->N));
596 int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
602     return mbedtls_ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL);
657     MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_det_restartable(&ctx->grp, &r, &s, &ctx->d,
666     MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ctx->grp, &r, &s, &ctx->d,
670     MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d,
747     if ((ret = mbedtls_ecdsa_verify(&ctx->grp, hash, hlen,
752     if ((ret = mbedtls_ecdsa_verify_restartable(&ctx->grp, hash, hlen,
780     ret = mbedtls_ecp_group_load(&ctx->grp, gid);
785     return mbedtls_ecp_gen_keypair(&ctx->grp, &ctx->d,
796     if ((ret = mbedtls_ecp_group_copy(&ctx->grp, &key->grp)) != 0 ||

Indexes created Thu Nov 07 10:32:03 CST 2024