ecp.h File Reference

Elliptic curves over GF(p). More...

#include "bignum.h"
Include dependency graph for ecp.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  ecp_curve_info
 Curve information for use by other modules. More...
struct  ecp_point
 ECP point structure (jacobian coordinates). More...
struct  ecp_group
 ECP group structure. More...
struct  ecp_keypair
 ECP key pair structure. More...

Defines

#define POLARSSL_ERR_ECP_BAD_INPUT_DATA   -0x4F80
 Bad input parameters to function.
#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL   -0x4F00
 The buffer is too small to write to.
#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE   -0x4E80
 Requested curve not available.
#define POLARSSL_ERR_ECP_VERIFY_FAILED   -0x4E00
 The signature is not valid.
#define POLARSSL_ERR_ECP_MALLOC_FAILED   -0x4D80
 Memory allocation failed.
#define POLARSSL_ERR_ECP_RANDOM_FAILED   -0x4D00
 Generation of random value, such as (ephemeral) key, failed.
#define POLARSSL_ERR_ECP_INVALID_KEY   -0x4C80
 Invalid private or public key.
#define POLARSSL_ECP_DP_MAX   9
 Number of supported curves (plus one for NONE).
#define POLARSSL_ECP_MAX_BITS   521
 Maximum size of the groups (that is, of N and P).
#define POLARSSL_ECP_MAX_BYTES   ( ( POLARSSL_ECP_MAX_BITS + 7 ) / 8 )
#define POLARSSL_ECP_MAX_PT_LEN   ( 2 * POLARSSL_ECP_MAX_BYTES + 1 )
#define POLARSSL_ECP_WINDOW_SIZE   8
 Maximum NAF width used.
#define POLARSSL_ECP_PF_UNCOMPRESSED   0
 Uncompressed point format.
#define POLARSSL_ECP_PF_COMPRESSED   1
 Compressed point format.
#define POLARSSL_ECP_TLS_NAMED_CURVE   3
 ECCurveType's named_curve.

Enumerations

enum  ecp_group_id {
  POLARSSL_ECP_DP_NONE = 0, POLARSSL_ECP_DP_SECP192R1, POLARSSL_ECP_DP_SECP224R1, POLARSSL_ECP_DP_SECP256R1,
  POLARSSL_ECP_DP_SECP384R1, POLARSSL_ECP_DP_SECP521R1, POLARSSL_ECP_DP_BP256R1, POLARSSL_ECP_DP_BP384R1,
  POLARSSL_ECP_DP_BP512R1
}
 

Domain parameters (curve, subgroup and generator) identifiers.

More...

Functions

const ecp_curve_infoecp_curve_list (void)
 Return the list of supported curves with associated info.
const ecp_curve_infoecp_curve_info_from_grp_id (ecp_group_id grp_id)
 Get curve information from an internal group identifier.
const ecp_curve_infoecp_curve_info_from_tls_id (uint16_t tls_id)
 Get curve information from a TLS NamedCurve value.
void ecp_point_init (ecp_point *pt)
 Initialize a point (as zero).
void ecp_group_init (ecp_group *grp)
 Initialize a group (to something meaningless).
void ecp_keypair_init (ecp_keypair *key)
 Initialize a key pair (as an invalid one).
void ecp_point_free (ecp_point *pt)
 Free the components of a point.
void ecp_group_free (ecp_group *grp)
 Free the components of an ECP group.
void ecp_keypair_free (ecp_keypair *key)
 Free the components of a key pair.
int ecp_copy (ecp_point *P, const ecp_point *Q)
 Copy the contents of point Q into P.
int ecp_group_copy (ecp_group *dst, const ecp_group *src)
 Copy the contents of a group object.
int ecp_set_zero (ecp_point *pt)
 Set a point to zero.
int ecp_is_zero (ecp_point *pt)
 Tell if a point is zero.
int ecp_point_read_string (ecp_point *P, int radix, const char *x, const char *y)
 Import a non-zero point from two ASCII strings.
int ecp_point_write_binary (const ecp_group *grp, const ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen)
 Export a point into unsigned binary data.
int ecp_point_read_binary (const ecp_group *grp, ecp_point *P, const unsigned char *buf, size_t ilen)
 Import a point from unsigned binary data.
int ecp_tls_read_point (const ecp_group *grp, ecp_point *pt, const unsigned char **buf, size_t len)
 Import a point from a TLS ECPoint record.
int ecp_tls_write_point (const ecp_group *grp, const ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen)
 Export a point as a TLS ECPoint record.
int ecp_group_read_string (ecp_group *grp, int radix, const char *p, const char *b, const char *gx, const char *gy, const char *n)
 Import an ECP group from null-terminated ASCII strings.
int ecp_use_known_dp (ecp_group *grp, ecp_group_id index)
 Set a group using well-known domain parameters.
int ecp_tls_read_group (ecp_group *grp, const unsigned char **buf, size_t len)
 Set a group from a TLS ECParameters record.
int ecp_tls_write_group (const ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen)
 Write the TLS ECParameters record for a group.
int ecp_add (const ecp_group *grp, ecp_point *R, const ecp_point *P, const ecp_point *Q)
 Addition: R = P + Q.
int ecp_sub (const ecp_group *grp, ecp_point *R, const ecp_point *P, const ecp_point *Q)
 Subtraction: R = P - Q.
int ecp_mul (ecp_group *grp, ecp_point *R, const mpi *m, const ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Multiplication by an integer: R = m * P (Not thread-safe to use same group in multiple threads).
int ecp_check_pubkey (const ecp_group *grp, const ecp_point *pt)
 Check that a point is a valid public key on this curve.
int ecp_check_privkey (const ecp_group *grp, const mpi *d)
 Check that an mpi is a valid private key for this curve.
int ecp_gen_keypair (ecp_group *grp, mpi *d, ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate a keypair.
int ecp_self_test (int verbose)
 Checkup routine.

Detailed Description

Elliptic curves over GF(p).

Copyright (C) 2006-2013, Brainspark B.V.

This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>

All rights reserved.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

Definition in file ecp.h.


Define Documentation

#define POLARSSL_ECP_DP_MAX   9

Number of supported curves (plus one for NONE).

Definition at line 72 of file ecp.h.

Referenced by ssl_parse_supported_elliptic_curves().

#define POLARSSL_ECP_MAX_BITS   521

Maximum size of the groups (that is, of N and P).

Definition at line 155 of file ecp.h.

#define POLARSSL_ECP_MAX_BYTES   ( ( POLARSSL_ECP_MAX_BITS + 7 ) / 8 )

Definition at line 156 of file ecp.h.

#define POLARSSL_ECP_MAX_PT_LEN   ( 2 * POLARSSL_ECP_MAX_BYTES + 1 )

Definition at line 157 of file ecp.h.

Referenced by pk_write_ec_pubkey().

#define POLARSSL_ECP_PF_COMPRESSED   1
#define POLARSSL_ECP_PF_UNCOMPRESSED   0
#define POLARSSL_ECP_TLS_NAMED_CURVE   3

ECCurveType's named_curve.

Definition at line 180 of file ecp.h.

Referenced by ecp_tls_read_group(), and ecp_tls_write_group().

#define POLARSSL_ECP_WINDOW_SIZE   8

Maximum NAF width used.

Definition at line 169 of file ecp.h.

Referenced by ecp_mul().

#define POLARSSL_ERR_ECP_BAD_INPUT_DATA   -0x4F80
#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL   -0x4F00

The buffer is too small to write to.

Definition at line 36 of file ecp.h.

Referenced by ecp_point_write_binary(), ecp_tls_write_group(), polarssl_strerror(), and verify_int().

#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE   -0x4E80

Requested curve not available.

Definition at line 37 of file ecp.h.

Referenced by ecp_tls_read_group(), ecp_use_known_dp(), polarssl_strerror(), and verify_int().

#define POLARSSL_ERR_ECP_INVALID_KEY   -0x4C80

Invalid private or public key.

Definition at line 41 of file ecp.h.

Referenced by ecp_check_privkey(), ecp_check_pubkey(), polarssl_strerror(), test_suite_ecp_check_privkey(), and verify_int().

#define POLARSSL_ERR_ECP_MALLOC_FAILED   -0x4D80

Memory allocation failed.

Definition at line 39 of file ecp.h.

Referenced by ecp_mul(), ecp_normalize_many(), and polarssl_strerror().

#define POLARSSL_ERR_ECP_RANDOM_FAILED   -0x4D00

Generation of random value, such as (ephemeral) key, failed.

Definition at line 40 of file ecp.h.

Referenced by ecdsa_sign(), ecp_gen_keypair(), ecp_randomize_coordinates(), and polarssl_strerror().

#define POLARSSL_ERR_ECP_VERIFY_FAILED   -0x4E00

The signature is not valid.

Definition at line 38 of file ecp.h.

Referenced by ecdsa_verify(), polarssl_strerror(), and verify_int().


Enumeration Type Documentation

Domain parameters (curve, subgroup and generator) identifiers.

Only curves over prime fields are supported.

Warning:
This library does not support validation of arbitrary domain parameters. Therefore, only well-known domain parameters from trusted sources should be used. See ecp_use_known_dp().
Enumerator:
POLARSSL_ECP_DP_NONE 
POLARSSL_ECP_DP_SECP192R1 

192-bits NIST curve

POLARSSL_ECP_DP_SECP224R1 

224-bits NIST curve

POLARSSL_ECP_DP_SECP256R1 

256-bits NIST curve

POLARSSL_ECP_DP_SECP384R1 

384-bits NIST curve

POLARSSL_ECP_DP_SECP521R1 

521-bits NIST curve

POLARSSL_ECP_DP_BP256R1 

256-bits Brainpool curve

POLARSSL_ECP_DP_BP384R1 

384-bits Brainpool curve

POLARSSL_ECP_DP_BP512R1 

512-bits Brainpool curve

Definition at line 56 of file ecp.h.


Function Documentation

int ecp_add ( const ecp_group grp,
ecp_point R,
const ecp_point P,
const ecp_point Q 
)

Addition: R = P + Q.

Parameters:
grp ECP group
R Destination point
P Left-hand point
Q Right-hand point
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 1152 of file ecp.c.

References ecp_add_mixed(), ecp_normalize(), and MPI_CHK.

Referenced by ecdsa_verify(), ecp_mul(), ecp_precompute(), and test_suite_ecp_small_add().

int ecp_check_privkey ( const ecp_group grp,
const mpi d 
)

Check that an mpi is a valid private key for this curve.

Parameters:
grp Group used
d Integer to check
Returns:
0 if point is a valid private key, POLARSSL_ERR_ECP_INVALID_KEY otherwise.
Note:
Uses bare components rather than an ecp_keypair structure in order to ease use with other structures such as ecdh_context of ecdsa_context.

Definition at line 1554 of file ecp.c.

References mpi_cmp_int(), mpi_cmp_mpi(), ecp_group::N, and POLARSSL_ERR_ECP_INVALID_KEY.

Referenced by pk_parse_key_sec1_der(), test_suite_ecp_check_privkey(), test_suite_ecp_gen_keypair(), and test_suite_pk_parse_keyfile_ec().

int ecp_check_pubkey ( const ecp_group grp,
const ecp_point pt 
)

Check that a point is a valid public key on this curve.

Parameters:
grp Curve/group the point should belong to
pt Point to check
Returns:
0 if point is a valid public key, POLARSSL_ERR_ECP_INVALID_KEY otherwise.
Note:
This function only checks the point is non-zero, has valid coordinates and lies on the curve, but not that it is indeed a multiple of G. This is additional check is more expensive, isn't required by standards, and shouldn't be necessary if the group used has a small cofactor. In particular, it is useless for the NIST groups which all have a cofactor of 1.
Uses bare components rather than an ecp_keypair structure in order to ease use with other structures such as ecdh_context of ecdsa_context.

Definition at line 1509 of file ecp.c.

References ecp_group::A, ecp_group::B, MOD_ADD, MOD_MUL, mpi_add_mpi(), MPI_CHK, mpi_cmp_int(), mpi_cmp_mpi(), mpi_free(), mpi_init(), mpi_mul_mpi(), ecp_group::P, POLARSSL_ERR_ECP_INVALID_KEY, ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecdh_compute_shared(), ecdsa_verify(), pk_get_ecpubkey(), test_suite_ecp_gen_keypair(), test_suite_ecp_small_check_pub(), test_suite_ecp_test_vect(), and test_suite_pk_parse_public_keyfile_ec().

int ecp_copy ( ecp_point P,
const ecp_point Q 
)

Copy the contents of point Q into P.

Parameters:
P Destination point
Q Source point
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 250 of file ecp.c.

References MPI_CHK, mpi_copy(), ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecdsa_from_keypair(), ecp_add_mixed(), ecp_mul(), and ecp_precompute().

const ecp_curve_info* ecp_curve_info_from_grp_id ( ecp_group_id  grp_id  ) 

Get curve information from an internal group identifier.

Parameters:
grp_id A POLARSSL_ECP_DP_XXX value
Returns:
The associated curve information or NULL

Definition at line 125 of file ecp.c.

References ecp_curve_list(), ecp_curve_info::grp_id, and POLARSSL_ECP_DP_NONE.

Referenced by ecp_tls_write_group().

const ecp_curve_info* ecp_curve_info_from_tls_id ( uint16_t  tls_id  ) 

Get curve information from a TLS NamedCurve value.

Parameters:
grp_id A POLARSSL_ECP_DP_XXX value
Returns:
The associated curve information or NULL

Definition at line 143 of file ecp.c.

References ecp_curve_list(), ecp_curve_info::grp_id, POLARSSL_ECP_DP_NONE, and ecp_curve_info::tls_id.

Referenced by ecp_tls_read_group(), and ssl_parse_supported_elliptic_curves().

const ecp_curve_info* ecp_curve_list ( void   ) 

Return the list of supported curves with associated info.

Returns:
A statically allocated array, the last entry is 0.

Definition at line 117 of file ecp.c.

Referenced by ecp_curve_info_from_grp_id(), ecp_curve_info_from_tls_id(), ecp_self_test(), and ssl_write_supported_elliptic_curves_ext().

int ecp_gen_keypair ( ecp_group grp,
mpi d,
ecp_point Q,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Generate a keypair.

Parameters:
grp ECP group
d Destination MPI (secret part)
Q Destination point (public part)
f_rng RNG function
p_rng RNG parameter
Returns:
0 if successful, or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
Note:
Uses bare components rather than an ecp_keypair structure in order to ease use with other structures such as ecdh_context of ecdsa_context.

Definition at line 1566 of file ecp.c.

References ecp_mul(), ecp_group::G, mpi_cmp_int(), mpi_cmp_mpi(), mpi_fill_random(), mpi_shift_r(), ecp_group::N, ecp_group::nbits, and POLARSSL_ERR_ECP_RANDOM_FAILED.

Referenced by ecdh_gen_public(), ecdsa_genkey(), ecdsa_sign(), pk_genkey(), test_suite_ecdsa_prim_random(), and test_suite_ecp_gen_keypair().

int ecp_group_copy ( ecp_group dst,
const ecp_group src 
)

Copy the contents of a group object.

Parameters:
dst Destination group
src Source group
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 265 of file ecp.c.

References ecp_use_known_dp(), and ecp_group::id.

Referenced by ecdsa_from_keypair().

void ecp_group_free ( ecp_group grp  ) 
void ecp_group_init ( ecp_group grp  ) 
int ecp_group_read_string ( ecp_group grp,
int  radix,
const char *  p,
const char *  b,
const char *  gx,
const char *  gy,
const char *  n 
)

Import an ECP group from null-terminated ASCII strings.

Parameters:
grp Destination group
radix Input numeric base
p Prime modulus of the base field
b Constant term in the equation
gx The generator's X coordinate
gy The generator's Y coordinate
n The generator's order
Returns:
0 if successful, or a POLARSSL_ERR_MPI_XXX error code
Note:
Sets all fields except modp.

Definition at line 479 of file ecp.c.

References ecp_group::A, ecp_group_free(), ecp_group_read_string_gen(), mpi_add_int(), MPI_CHK, and ecp_group::P.

Referenced by ecp_use_known_dp(), test_suite_ecp_small_add(), test_suite_ecp_small_check_pub(), test_suite_ecp_small_mul(), and test_suite_ecp_small_sub().

int ecp_is_zero ( ecp_point pt  ) 

Tell if a point is zero.

Parameters:
pt Point to test
Returns:
1 if point is zero, 0 otherwise

Definition at line 288 of file ecp.c.

References mpi_cmp_int(), and ecp_point::Z.

Referenced by ecdh_compute_shared(), ecdsa_verify(), test_suite_ecdh_primitive_testvec(), and test_suite_ecp_tls_write_read_point().

void ecp_keypair_free ( ecp_keypair key  ) 

Free the components of a key pair.

Definition at line 237 of file ecp.c.

References ecp_keypair::d, ecp_group_free(), ecp_point_free(), ecp_keypair::grp, mpi_free(), and ecp_keypair::Q.

Referenced by eckey_free_wrap(), pk_get_ecpubkey(), and pk_parse_key_sec1_der().

void ecp_keypair_init ( ecp_keypair key  ) 

Initialize a key pair (as an invalid one).

Definition at line 185 of file ecp.c.

References ecp_keypair::d, ecp_group_init(), ecp_point_init(), ecp_keypair::grp, mpi_init(), and ecp_keypair::Q.

Referenced by eckey_alloc_wrap().

int ecp_mul ( ecp_group grp,
ecp_point R,
const mpi m,
const ecp_point P,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Multiplication by an integer: R = m * P (Not thread-safe to use same group in multiple threads).

Parameters:
grp ECP group
R Destination point
m Integer by which to multiply
P Point to multiply
f_rng RNG function (see notes)
p_rng RNG parameter
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed POLARSSL_ERR_ECP_BAD_INPUT_DATA if m < 0 of m has greater bit length than N, the number of points in the group.
Note:
In order to prevent simple timing attacks, this function executes a constant number of operations (that is, point doubling and addition of distinct points) for random m in the allowed range.
If f_rng is not NULL, it is used to randomize projective coordinates of indermediate results, in order to prevent more elaborate timing attacks relying on intermediate operations. (This is a prophylactic measure since no such attack has been published yet.) Since this contermeasure has very low overhead, it is recommended to always provide a non-NULL f_rng parameter when using secret inputs.

Definition at line 1345 of file ecp.c.

References ecp_add(), ecp_add_mixed(), ecp_copy(), ecp_double_jac(), ecp_point_free(), ecp_point_init(), ecp_precompute(), ecp_randomize_coordinates(), ecp_set_zero(), ecp_sub(), ecp_w_naf_fixed(), ecp_group::G, MAX_NAF_LEN, mpi_add_int(), MPI_CHK, mpi_cmp_int(), mpi_cmp_mpi(), mpi_copy(), mpi_free(), mpi_get_bit(), mpi_init(), mpi_msb(), ecp_group::nbits, POLARSSL_ECP_WINDOW_SIZE, POLARSSL_ERR_ECP_BAD_INPUT_DATA, POLARSSL_ERR_ECP_MALLOC_FAILED, polarssl_free, polarssl_malloc, S, ecp_group::T, ecp_group::T_size, ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecdh_compute_shared(), ecdsa_verify(), ecp_gen_keypair(), ecp_self_test(), pk_parse_key_sec1_der(), test_suite_ecp_small_mul(), and test_suite_ecp_test_vect().

void ecp_point_free ( ecp_point pt  ) 
void ecp_point_init ( ecp_point pt  ) 
int ecp_point_read_binary ( const ecp_group grp,
ecp_point P,
const unsigned char *  buf,
size_t  ilen 
)

Import a point from unsigned binary data.

Parameters:
grp Group to which the point should belong
P Point to import
buf Input buffer
ilen Actual length of input
Returns:
0 if successful, POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
Note:
This function does NOT check that the point actually belongs to the given group, see ecp_check_pubkey() for that.

Definition at line 368 of file ecp.c.

References ecp_set_zero(), MPI_CHK, mpi_lset(), mpi_read_binary(), mpi_size(), ecp_group::P, plen, POLARSSL_ERR_ECP_BAD_INPUT_DATA, ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecp_tls_read_point(), pk_get_ecpubkey(), test_suite_ecp_read_binary(), and test_suite_pk_ec_test_vec().

int ecp_point_read_string ( ecp_point P,
int  radix,
const char *  x,
const char *  y 
)

Import a non-zero point from two ASCII strings.

Parameters:
P Destination point
radix Input numeric base
x First affine coordinate as a null-terminated string
y Second affine coordinate as a null-terminated string
Returns:
0 if successful, or a POLARSSL_ERR_MPI_XXX error code

Definition at line 296 of file ecp.c.

References MPI_CHK, mpi_lset(), mpi_read_string(), ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecp_group_read_string_gen(), test_suite_ecdsa_prim_test_vectors(), test_suite_ecp_small_add(), and test_suite_ecp_small_sub().

int ecp_point_write_binary ( const ecp_group grp,
const ecp_point P,
int  format,
size_t *  olen,
unsigned char *  buf,
size_t  buflen 
)

Export a point into unsigned binary data.

Parameters:
grp Group to which the point should belong
P Point to export
format Point format, should be a POLARSSL_ECP_PF_XXX macro
olen Length of the actual output
buf Output buffer
buflen Length of the output buffer
Returns:
0 if successful, or POLARSSL_ERR_ECP_BAD_INPUT_DATA or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL

Definition at line 312 of file ecp.c.

References MPI_CHK, mpi_cmp_int(), mpi_get_bit(), mpi_size(), mpi_write_binary(), ecp_group::P, plen, POLARSSL_ECP_PF_COMPRESSED, POLARSSL_ECP_PF_UNCOMPRESSED, POLARSSL_ERR_ECP_BAD_INPUT_DATA, POLARSSL_ERR_ECP_BUFFER_TOO_SMALL, ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecp_tls_write_point(), pk_write_ec_pubkey(), and test_suite_ecp_write_binary().

int ecp_self_test ( int  verbose  ) 
int ecp_set_zero ( ecp_point pt  ) 

Set a point to zero.

Parameters:
pt Destination point
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 273 of file ecp.c.

References MPI_CHK, mpi_lset(), ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecp_add_mixed(), ecp_mul(), ecp_point_read_binary(), test_suite_ecp_small_add(), test_suite_ecp_small_sub(), and test_suite_ecp_tls_write_read_point().

int ecp_sub ( const ecp_group grp,
ecp_point R,
const ecp_point P,
const ecp_point Q 
)

Subtraction: R = P - Q.

Parameters:
grp ECP group
R Destination point
P Left-hand point
Q Right-hand point
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 1167 of file ecp.c.

References ecp_add_mixed(), ecp_normalize(), and MPI_CHK.

Referenced by ecp_mul(), and test_suite_ecp_small_sub().

int ecp_tls_read_group ( ecp_group grp,
const unsigned char **  buf,
size_t  len 
)

Set a group from a TLS ECParameters record.

Parameters:
grp Destination group
buf &(Start of input buffer)
len Buffer length
Returns:
O if successful, POLARSSL_ERR_MPI_XXX if initialization failed POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid

Definition at line 738 of file ecp.c.

References ecp_curve_info_from_tls_id(), ecp_use_known_dp(), ecp_curve_info::grp_id, POLARSSL_ECP_TLS_NAMED_CURVE, POLARSSL_ERR_ECP_BAD_INPUT_DATA, and POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE.

Referenced by ecdh_read_params(), test_suite_ecp_tls_read_group(), and test_suite_ecp_tls_write_read_group().

int ecp_tls_read_point ( const ecp_group grp,
ecp_point pt,
const unsigned char **  buf,
size_t  len 
)

Import a point from a TLS ECPoint record.

Parameters:
grp ECP group used
pt Destination point
buf $(Start of input buffer)
len Buffer length
Returns:
O if successful, POLARSSL_ERR_MPI_XXX if initialization failed POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid

Definition at line 395 of file ecp.c.

References ecp_point_read_binary(), and POLARSSL_ERR_ECP_BAD_INPUT_DATA.

Referenced by ecdh_read_params(), ecdh_read_public(), test_suite_ecp_tls_read_point(), and test_suite_ecp_tls_write_read_point().

int ecp_tls_write_group ( const ecp_group grp,
size_t *  olen,
unsigned char *  buf,
size_t  blen 
)

Write the TLS ECParameters record for a group.

Parameters:
grp ECP group used
olen Number of bytes actually written
buf Buffer to write to
blen Buffer length
Returns:
0 if successful, or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL

Definition at line 771 of file ecp.c.

References ecp_curve_info_from_grp_id(), ecp_group::id, POLARSSL_ECP_TLS_NAMED_CURVE, POLARSSL_ERR_ECP_BAD_INPUT_DATA, POLARSSL_ERR_ECP_BUFFER_TOO_SMALL, and ecp_curve_info::tls_id.

Referenced by ecdh_make_params(), and test_suite_ecp_tls_write_read_group().

int ecp_tls_write_point ( const ecp_group grp,
const ecp_point pt,
int  format,
size_t *  olen,
unsigned char *  buf,
size_t  blen 
)

Export a point as a TLS ECPoint record.

Parameters:
grp ECP group used
pt Point to export
format Export format
olen length of data written
buf Buffer to write to
blen Buffer length
Returns:
0 if successful, or POLARSSL_ERR_ECP_BAD_INPUT_DATA or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL

Definition at line 426 of file ecp.c.

References ecp_point_write_binary(), and POLARSSL_ERR_ECP_BAD_INPUT_DATA.

Referenced by ecdh_make_params(), ecdh_make_public(), and test_suite_ecp_tls_write_read_point().

int ecp_use_known_dp ( ecp_group grp,
ecp_group_id  index 
)

Set a group using well-known domain parameters.

Parameters:
grp Destination group
index Index in the list of well-known domain parameters
Returns:
O if successful, POLARSSL_ERR_MPI_XXX if initialization failed POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups
Note:
Index should be a value of RFC 4492's enum NamdeCurve, possibly in the form of a POLARSSL_ECP_DP_XXX macro.

Definition at line 652 of file ecp.c.

References BP256R1_A, BP256R1_B, BP256R1_GX, BP256R1_GY, BP256R1_N, BP256R1_P, BP384R1_A, BP384R1_B, BP384R1_GX, BP384R1_GY, BP384R1_N, BP384R1_P, BP512R1_A, BP512R1_B, BP512R1_GX, BP512R1_GY, BP512R1_N, BP512R1_P, ecp_group_free(), ecp_group_read_string(), ecp_group_read_string_gen(), ecp_mod_p192(), ecp_mod_p224(), ecp_mod_p256(), ecp_mod_p384(), ecp_mod_p521(), ecp_group::id, ecp_group::modp, POLARSSL_ECP_DP_BP256R1, POLARSSL_ECP_DP_BP384R1, POLARSSL_ECP_DP_BP512R1, POLARSSL_ECP_DP_SECP192R1, POLARSSL_ECP_DP_SECP224R1, POLARSSL_ECP_DP_SECP256R1, POLARSSL_ECP_DP_SECP384R1, POLARSSL_ECP_DP_SECP521R1, POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE, SECP192R1_B, SECP192R1_GX, SECP192R1_GY, SECP192R1_N, SECP192R1_P, SECP224R1_B, SECP224R1_GX, SECP224R1_GY, SECP224R1_N, SECP224R1_P, SECP256R1_B, SECP256R1_GX, SECP256R1_GY, SECP256R1_N, SECP256R1_P, SECP384R1_B, SECP384R1_GX, SECP384R1_GY, SECP384R1_N, SECP384R1_P, SECP521R1_B, SECP521R1_GX, SECP521R1_GY, SECP521R1_N, and SECP521R1_P.

Referenced by ecdsa_genkey(), ecp_group_copy(), ecp_self_test(), ecp_tls_read_group(), pk_genkey(), pk_use_ecparams(), ssl_write_server_key_exchange(), test_suite_ecdh_exchange(), test_suite_ecdh_primitive_random(), test_suite_ecdh_primitive_testvec(), test_suite_ecdsa_prim_random(), test_suite_ecdsa_prim_test_vectors(), test_suite_ecp_check_privkey(), test_suite_ecp_fast_mod(), test_suite_ecp_gen_keypair(), test_suite_ecp_read_binary(), test_suite_ecp_test_vect(), test_suite_ecp_tls_read_point(), test_suite_ecp_tls_write_read_group(), test_suite_ecp_tls_write_read_point(), test_suite_ecp_write_binary(), and test_suite_pk_ec_test_vec().


Generated on 9 Apr 2014 for PolarSSL v1.3.2 by  doxygen 1.6.1