ecp.c File Reference

#include "polarssl/config.h"
#include "polarssl/ecp.h"
#include <limits.h>
#include <stdlib.h>
Include dependency graph for ecp.c:

Go to the source code of this file.

Defines

#define polarssl_malloc   malloc
#define polarssl_free   free
#define SECP192R1_P   "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"
#define SECP192R1_B   "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"
#define SECP192R1_GX   "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"
#define SECP192R1_GY   "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"
#define SECP192R1_N   "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"
#define SECP224R1_P   "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"
#define SECP224R1_B   "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"
#define SECP224R1_GX   "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"
#define SECP224R1_GY   "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"
#define SECP224R1_N   "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"
#define SECP256R1_P   "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"
#define SECP256R1_B   "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"
#define SECP256R1_GX   "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"
#define SECP256R1_GY   "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"
#define SECP256R1_N   "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"
#define SECP384R1_P
#define SECP384R1_B
#define SECP384R1_GX
#define SECP384R1_GY
#define SECP384R1_N
#define SECP521R1_P
#define SECP521R1_B
#define SECP521R1_GX
#define SECP521R1_GY
#define SECP521R1_N
#define BP256R1_P   "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377"
#define BP256R1_A   "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9"
#define BP256R1_B   "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6"
#define BP256R1_GX   "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262"
#define BP256R1_GY   "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997"
#define BP256R1_N   "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7"
#define BP384R1_P
#define BP384R1_A
#define BP384R1_B
#define BP384R1_GX
#define BP384R1_GY
#define BP384R1_N
#define BP512R1_P
#define BP512R1_A
#define BP512R1_B
#define BP512R1_GX
#define BP512R1_GY
#define BP512R1_N
#define MOD_MUL(N)   MPI_CHK( ecp_modp( &N, grp ) )
#define MOD_SUB(N)
#define MOD_ADD(N)
#define MAX_PRE_LEN   ( 1 << (POLARSSL_ECP_WINDOW_SIZE - 1) )
#define MAX_NAF_LEN   ( POLARSSL_ECP_MAX_BITS / 2 + 1 )
#define WIDTH   8 / sizeof( t_uint )
#define A(i)   N->p + i * WIDTH
#define ADD(i)   add64( p, A( i ), &c )
#define NEXT   p += WIDTH; carry64( p, &c )
#define LAST   p += WIDTH; *p = c; while( ++p < end ) *p = 0
#define LOAD32   cur = A( i );
#define MAX32   N->n
#define A(j)   N->p[j]
#define STORE32   N->p[i] = cur;
#define ADD(j)   add32( &cur, A( j ), &c );
#define SUB(j)   sub32( &cur, A( j ), &c );
#define INIT(b)
#define NEXT
#define LAST
#define P521_WIDTH   ( 521 / 8 / sizeof( t_uint ) + 1 )
#define P521_MASK   0x01FF

Functions

const ecp_curve_infoecp_curve_list (void)
 Return the list of supported curves with associated info.
const ecp_curve_infoecp_curve_info_from_grp_id (ecp_group_id grp_id)
 Get curve information from an internal group identifier.
const ecp_curve_infoecp_curve_info_from_tls_id (uint16_t tls_id)
 Get curve information from a TLS NamedCurve value.
void ecp_point_init (ecp_point *pt)
 Initialize a point (as zero).
void ecp_group_init (ecp_group *grp)
 Initialize a group (to something meaningless).
void ecp_keypair_init (ecp_keypair *key)
 Initialize a key pair (as an invalid one).
void ecp_point_free (ecp_point *pt)
 Free the components of a point.
void ecp_group_free (ecp_group *grp)
 Free the components of an ECP group.
void ecp_keypair_free (ecp_keypair *key)
 Free the components of a key pair.
int ecp_copy (ecp_point *P, const ecp_point *Q)
 Copy the contents of point Q into P.
int ecp_group_copy (ecp_group *dst, const ecp_group *src)
 Copy the contents of a group object.
int ecp_set_zero (ecp_point *pt)
 Set a point to zero.
int ecp_is_zero (ecp_point *pt)
 Tell if a point is zero.
int ecp_point_read_string (ecp_point *P, int radix, const char *x, const char *y)
 Import a non-zero point from two ASCII strings.
int ecp_point_write_binary (const ecp_group *grp, const ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen)
 Export a point into unsigned binary data.
int ecp_point_read_binary (const ecp_group *grp, ecp_point *pt, const unsigned char *buf, size_t ilen)
 Import a point from unsigned binary data.
int ecp_tls_read_point (const ecp_group *grp, ecp_point *pt, const unsigned char **buf, size_t buf_len)
 Import a point from a TLS ECPoint record.
int ecp_tls_write_point (const ecp_group *grp, const ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen)
 Export a point as a TLS ECPoint record.
static int ecp_group_read_string_gen (ecp_group *grp, int radix, const char *p, const char *a, const char *b, const char *gx, const char *gy, const char *n)
int ecp_group_read_string (ecp_group *grp, int radix, const char *p, const char *b, const char *gx, const char *gy, const char *n)
 Import an ECP group from null-terminated ASCII strings.
static int ecp_mod_p192 (mpi *)
static int ecp_mod_p224 (mpi *)
static int ecp_mod_p256 (mpi *)
static int ecp_mod_p384 (mpi *)
static int ecp_mod_p521 (mpi *)
int ecp_use_known_dp (ecp_group *grp, ecp_group_id id)
 Set a group using well-known domain parameters.
int ecp_tls_read_group (ecp_group *grp, const unsigned char **buf, size_t len)
 Set a group from a TLS ECParameters record.
int ecp_tls_write_group (const ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen)
 Write the TLS ECParameters record for a group.
static int ecp_modp (mpi *N, const ecp_group *grp)
static int ecp_normalize (const ecp_group *grp, ecp_point *pt)
static int ecp_normalize_many (const ecp_group *grp, ecp_point T[], size_t t_len)
static int ecp_double_jac (const ecp_group *grp, ecp_point *R, const ecp_point *P)
static int ecp_add_mixed (const ecp_group *grp, ecp_point *R, const ecp_point *P, const ecp_point *Q, signed char sign)
int ecp_add (const ecp_group *grp, ecp_point *R, const ecp_point *P, const ecp_point *Q)
 Addition: R = P + Q.
int ecp_sub (const ecp_group *grp, ecp_point *R, const ecp_point *P, const ecp_point *Q)
 Subtraction: R = P - Q.
static int ecp_w_naf_fixed (signed char x[], size_t k, unsigned char w, const mpi *m)
static int ecp_precompute (const ecp_group *grp, ecp_point T[], size_t t_len, const ecp_point *P)
static int ecp_randomize_coordinates (const ecp_group *grp, ecp_point *pt, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
int ecp_mul (ecp_group *grp, ecp_point *R, const mpi *m, const ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Multiplication by an integer: R = m * P (Not thread-safe to use same group in multiple threads).
int ecp_check_pubkey (const ecp_group *grp, const ecp_point *pt)
 Check that a point is a valid public key on this curve.
int ecp_check_privkey (const ecp_group *grp, const mpi *d)
 Check that an mpi is a valid private key for this curve.
int ecp_gen_keypair (ecp_group *grp, mpi *d, ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Generate a keypair.
static void add64 (t_uint *dst, t_uint *src, t_uint *carry)
static void carry64 (t_uint *dst, t_uint *carry)
static void add32 (uint32_t *dst, uint32_t src, signed char *carry)
static void sub32 (uint32_t *dst, uint32_t src, signed char *carry)
static int fix_negative (mpi *N, signed char c, mpi *C, size_t bits)
int ecp_self_test (int verbose)
 Checkup routine.

Variables

unsigned long add_count
unsigned long dbl_count
const ecp_curve_info ecp_supported_curves []

Define Documentation

#define A (  )     N->p[j]

Definition at line 1718 of file ecp.c.

#define A (  )     N->p + i * WIDTH
#define ADD (  )     add32( &cur, A( j ), &c );

Definition at line 1751 of file ecp.c.

#define ADD (  )     add64( p, A( i ), &c )

Definition at line 1751 of file ecp.c.

Referenced by ecp_mod_p192(), ecp_mod_p224(), ecp_mod_p256(), and ecp_mod_p384().

#define BP256R1_A   "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9"

Definition at line 585 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP256R1_B   "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6"

Definition at line 587 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP256R1_GX   "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262"

Definition at line 589 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP256R1_GY   "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997"

Definition at line 591 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP256R1_N   "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7"

Definition at line 593 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP256R1_P   "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377"

Definition at line 583 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP384R1_A
Value:
"7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F9" \
    "0F8AA5814A503AD4EB04A8C7DD22CE2826"

Definition at line 602 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP384R1_B
Value:
"04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62" \
    "D57CB4390295DBC9943AB78696FA504C11"

Definition at line 605 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP384R1_GX
Value:
"1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10" \
    "E8E826E03436D646AAEF87B2E247D4AF1E"

Definition at line 608 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP384R1_GY
Value:
"8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129" \
    "280E4646217791811142820341263C5315"

Definition at line 611 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP384R1_N
Value:
"8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425" \
    "A7CF3AB6AF6B7FC3103B883202E9046565"

Definition at line 614 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP384R1_P
Value:
"8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB711" \
    "23ACD3A729901D1A71874700133107EC53"

Definition at line 599 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP512R1_A
Value:
"7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863" \
    "BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA"

Definition at line 624 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP512R1_B
Value:
"3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117" \
    "A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723"

Definition at line 627 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP512R1_GX
Value:
"81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D009" \
    "8EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822"

Definition at line 630 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP512R1_GY
Value:
"7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F81" \
    "11B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892"

Definition at line 633 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP512R1_N
Value:
"AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308" \
    "70553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069"

Definition at line 636 of file ecp.c.

Referenced by ecp_use_known_dp().

#define BP512R1_P
Value:
"AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308" \
    "717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3"

Definition at line 621 of file ecp.c.

Referenced by ecp_use_known_dp().

#define INIT (  ) 
Value:
int ret;                                                \
    signed char c = 0, cc;                                  \
    uint32_t cur;                                           \
    size_t i = 0, bits = b;                                 \
    mpi C;                                                  \
    t_uint Cp[ b / 8 / sizeof( t_uint) + 1 ];               \
                                                            \
    C.s = 1;                                                \
    C.n = b / 8 / sizeof( t_uint) + 1;                      \
    C.p = Cp;                                               \
    memset( Cp, 0, C.n * sizeof( t_uint ) );                \
                                                            \
    MPI_CHK( mpi_grow( N, b * 2 / 8 / sizeof( t_uint ) ) ); \
    LOAD32;

Definition at line 1758 of file ecp.c.

Referenced by ecp_mod_p224(), ecp_mod_p256(), and ecp_mod_p384().

#define LAST
Value:
STORE32; i++;                               \
    cur = c > 0 ? c : 0; STORE32;               \
    cur = 0; while( ++i < MAX32 ) { STORE32; }  \
    if( c < 0 ) fix_negative( N, c, &C, bits );

Definition at line 1782 of file ecp.c.

#define LAST   p += WIDTH; *p = c; while( ++p < end ) *p = 0

Definition at line 1782 of file ecp.c.

Referenced by ecp_mod_p192(), ecp_mod_p224(), ecp_mod_p256(), and ecp_mod_p384().

#define LOAD32   cur = A( i );

Definition at line 1694 of file ecp.c.

#define MAX32   N->n

Definition at line 1717 of file ecp.c.

#define MAX_NAF_LEN   ( POLARSSL_ECP_MAX_BITS / 2 + 1 )

Definition at line 1330 of file ecp.c.

Referenced by ecp_mul().

#define MAX_PRE_LEN   ( 1 << (POLARSSL_ECP_WINDOW_SIZE - 1) )

Definition at line 1323 of file ecp.c.

#define MOD_ADD (  ) 
Value:
while( mpi_cmp_mpi( &N, &grp->P ) >= 0 )        \
        MPI_CHK( mpi_sub_abs( &N, &N, &grp->P ) )

Definition at line 862 of file ecp.c.

Referenced by ecp_add_mixed(), ecp_check_pubkey(), and ecp_double_jac().

#define MOD_MUL (  )     MPI_CHK( ecp_modp( &N, grp ) )
#define MOD_SUB (  ) 
Value:
while( N.s < 0 && mpi_cmp_int( &N, 0 ) != 0 )   \
        MPI_CHK( mpi_add_mpi( &N, &N, &grp->P ) )

Definition at line 853 of file ecp.c.

Referenced by ecp_add_mixed(), and ecp_double_jac().

#define NEXT
Value:
STORE32; i++; LOAD32;       \
    cc = c; c = 0;              \
    if( cc < 0 )                \
        sub32( &cur, -cc, &c ); \
    else                        \
        add32( &cur, cc, &c );  \

Definition at line 1774 of file ecp.c.

#define NEXT   p += WIDTH; carry64( p, &c )

Definition at line 1774 of file ecp.c.

Referenced by ecp_mod_p192(), ecp_mod_p224(), ecp_mod_p256(), and ecp_mod_p384().

#define P521_MASK   0x01FF

Definition at line 1947 of file ecp.c.

Referenced by ecp_mod_p521().

#define P521_WIDTH   ( 521 / 8 / sizeof( t_uint ) + 1 )

Definition at line 1941 of file ecp.c.

Referenced by ecp_mod_p521().

#define polarssl_free   free

Definition at line 56 of file ecp.c.

#define polarssl_malloc   malloc

Definition at line 55 of file ecp.c.

#define SECP192R1_B   "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"

Definition at line 500 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP192R1_GX   "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"

Definition at line 502 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP192R1_GY   "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"

Definition at line 504 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP192R1_N   "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"

Definition at line 506 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP192R1_P   "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"

Definition at line 498 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP224R1_B   "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"

Definition at line 514 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP224R1_GX   "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"

Definition at line 516 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP224R1_GY   "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"

Definition at line 518 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP224R1_N   "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"

Definition at line 520 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP224R1_P   "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"

Definition at line 512 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP256R1_B   "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"

Definition at line 528 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP256R1_GX   "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"

Definition at line 530 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP256R1_GY   "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"

Definition at line 532 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP256R1_N   "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"

Definition at line 534 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP256R1_P   "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"

Definition at line 526 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP384R1_B
Value:
"B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE814112" \
    "0314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"

Definition at line 543 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP384R1_GX
Value:
"AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B98" \
    "59F741E082542A385502F25DBF55296C3A545E3872760AB7"

Definition at line 546 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP384R1_GY
Value:
"3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147C" \
    "E9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"

Definition at line 549 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP384R1_N
Value:
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
    "C7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"

Definition at line 552 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP384R1_P
Value:
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
    "FFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"

Definition at line 540 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP521R1_B
Value:
"00000051953EB9618E1C9A1F929A21A0B68540EEA2DA725B" \
    "99B315F3B8B489918EF109E156193951EC7E937B1652C0BD" \
    "3BB1BF073573DF883D2C34F1EF451FD46B503F00"

Definition at line 563 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP521R1_GX
Value:
"000000C6858E06B70404E9CD9E3ECB662395B4429C648139" \
    "053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127" \
    "A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66"

Definition at line 567 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP521R1_GY
Value:
"0000011839296A789A3BC0045C8A5FB42C7D1BD998F54449" \
    "579B446817AFBD17273E662C97EE72995EF42640C550B901" \
    "3FAD0761353C7086A272C24088BE94769FD16650"

Definition at line 571 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP521R1_N
Value:
"000001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
    "FFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148" \
    "F709A5D03BB5C9B8899C47AEBB6FB71E91386409"

Definition at line 575 of file ecp.c.

Referenced by ecp_use_known_dp().

#define SECP521R1_P
Value:
"000001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
    "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" \
    "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"

Definition at line 559 of file ecp.c.

Referenced by ecp_use_known_dp().

#define STORE32   N->p[i] = cur;

Definition at line 1719 of file ecp.c.

#define SUB (  )     sub32( &cur, A( j ), &c );

Definition at line 1752 of file ecp.c.

Referenced by ecp_mod_p224(), ecp_mod_p256(), and ecp_mod_p384().

#define WIDTH   8 / sizeof( t_uint )

Definition at line 1639 of file ecp.c.

Referenced by ecp_mod_p192().


Function Documentation

static void add32 ( uint32_t *  dst,
uint32_t  src,
signed char *  carry 
) [inline, static]

Definition at line 1739 of file ecp.c.

static void add64 ( t_uint dst,
t_uint src,
t_uint carry 
) [inline, static]

Definition at line 1616 of file ecp.c.

static void carry64 ( t_uint dst,
t_uint carry 
) [inline, static]

Definition at line 1629 of file ecp.c.

int ecp_add ( const ecp_group grp,
ecp_point R,
const ecp_point P,
const ecp_point Q 
)

Addition: R = P + Q.

Parameters:
grp ECP group
R Destination point
P Left-hand point
Q Right-hand point
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 1152 of file ecp.c.

References ecp_add_mixed(), ecp_normalize(), and MPI_CHK.

Referenced by ecdsa_verify(), ecp_mul(), ecp_precompute(), and test_suite_ecp_small_add().

static int ecp_add_mixed ( const ecp_group grp,
ecp_point R,
const ecp_point P,
const ecp_point Q,
signed char  sign 
) [static]
int ecp_check_privkey ( const ecp_group grp,
const mpi d 
)

Check that an mpi is a valid private key for this curve.

Parameters:
grp Group used
d Integer to check
Returns:
0 if point is a valid private key, POLARSSL_ERR_ECP_INVALID_KEY otherwise.
Note:
Uses bare components rather than an ecp_keypair structure in order to ease use with other structures such as ecdh_context of ecdsa_context.

Definition at line 1554 of file ecp.c.

References mpi_cmp_int(), mpi_cmp_mpi(), ecp_group::N, and POLARSSL_ERR_ECP_INVALID_KEY.

Referenced by pk_parse_key_sec1_der(), test_suite_ecp_check_privkey(), test_suite_ecp_gen_keypair(), and test_suite_pk_parse_keyfile_ec().

int ecp_check_pubkey ( const ecp_group grp,
const ecp_point pt 
)

Check that a point is a valid public key on this curve.

Parameters:
grp Curve/group the point should belong to
pt Point to check
Returns:
0 if point is a valid public key, POLARSSL_ERR_ECP_INVALID_KEY otherwise.
Note:
This function only checks the point is non-zero, has valid coordinates and lies on the curve, but not that it is indeed a multiple of G. This is additional check is more expensive, isn't required by standards, and shouldn't be necessary if the group used has a small cofactor. In particular, it is useless for the NIST groups which all have a cofactor of 1.
Uses bare components rather than an ecp_keypair structure in order to ease use with other structures such as ecdh_context of ecdsa_context.

Definition at line 1509 of file ecp.c.

References ecp_group::A, ecp_group::B, MOD_ADD, MOD_MUL, mpi_add_mpi(), MPI_CHK, mpi_cmp_int(), mpi_cmp_mpi(), mpi_free(), mpi_init(), mpi_mul_mpi(), ecp_group::P, POLARSSL_ERR_ECP_INVALID_KEY, ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecdh_compute_shared(), ecdsa_verify(), pk_get_ecpubkey(), test_suite_ecp_gen_keypair(), test_suite_ecp_small_check_pub(), test_suite_ecp_test_vect(), and test_suite_pk_parse_public_keyfile_ec().

int ecp_copy ( ecp_point P,
const ecp_point Q 
)

Copy the contents of point Q into P.

Parameters:
P Destination point
Q Source point
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 250 of file ecp.c.

References MPI_CHK, mpi_copy(), ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecdsa_from_keypair(), ecp_add_mixed(), ecp_mul(), and ecp_precompute().

const ecp_curve_info* ecp_curve_info_from_grp_id ( ecp_group_id  grp_id  ) 

Get curve information from an internal group identifier.

Parameters:
grp_id A POLARSSL_ECP_DP_XXX value
Returns:
The associated curve information or NULL

Definition at line 125 of file ecp.c.

References ecp_curve_list(), ecp_curve_info::grp_id, and POLARSSL_ECP_DP_NONE.

Referenced by ecp_tls_write_group().

const ecp_curve_info* ecp_curve_info_from_tls_id ( uint16_t  tls_id  ) 

Get curve information from a TLS NamedCurve value.

Parameters:
grp_id A POLARSSL_ECP_DP_XXX value
Returns:
The associated curve information or NULL

Definition at line 143 of file ecp.c.

References ecp_curve_list(), ecp_curve_info::grp_id, POLARSSL_ECP_DP_NONE, and ecp_curve_info::tls_id.

Referenced by ecp_tls_read_group(), and ssl_parse_supported_elliptic_curves().

const ecp_curve_info* ecp_curve_list ( void   ) 

Return the list of supported curves with associated info.

Returns:
A statically allocated array, the last entry is 0.

Definition at line 117 of file ecp.c.

Referenced by ecp_curve_info_from_grp_id(), ecp_curve_info_from_tls_id(), ecp_self_test(), and ssl_write_supported_elliptic_curves_ext().

static int ecp_double_jac ( const ecp_group grp,
ecp_point R,
const ecp_point P 
) [static]
int ecp_gen_keypair ( ecp_group grp,
mpi d,
ecp_point Q,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Generate a keypair.

Parameters:
grp ECP group
d Destination MPI (secret part)
Q Destination point (public part)
f_rng RNG function
p_rng RNG parameter
Returns:
0 if successful, or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
Note:
Uses bare components rather than an ecp_keypair structure in order to ease use with other structures such as ecdh_context of ecdsa_context.

Definition at line 1566 of file ecp.c.

References ecp_mul(), ecp_group::G, mpi_cmp_int(), mpi_cmp_mpi(), mpi_fill_random(), mpi_shift_r(), ecp_group::N, ecp_group::nbits, and POLARSSL_ERR_ECP_RANDOM_FAILED.

Referenced by ecdh_gen_public(), ecdsa_genkey(), ecdsa_sign(), pk_genkey(), test_suite_ecdsa_prim_random(), and test_suite_ecp_gen_keypair().

int ecp_group_copy ( ecp_group dst,
const ecp_group src 
)

Copy the contents of a group object.

Parameters:
dst Destination group
src Source group
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 265 of file ecp.c.

References ecp_use_known_dp(), and ecp_group::id.

Referenced by ecdsa_from_keypair().

void ecp_group_free ( ecp_group grp  ) 
void ecp_group_init ( ecp_group grp  ) 
int ecp_group_read_string ( ecp_group grp,
int  radix,
const char *  p,
const char *  b,
const char *  gx,
const char *  gy,
const char *  n 
)

Import an ECP group from null-terminated ASCII strings.

Parameters:
grp Destination group
radix Input numeric base
p Prime modulus of the base field
b Constant term in the equation
gx The generator's X coordinate
gy The generator's Y coordinate
n The generator's order
Returns:
0 if successful, or a POLARSSL_ERR_MPI_XXX error code
Note:
Sets all fields except modp.

Definition at line 479 of file ecp.c.

References ecp_group::A, ecp_group_free(), ecp_group_read_string_gen(), mpi_add_int(), MPI_CHK, and ecp_group::P.

Referenced by ecp_use_known_dp(), test_suite_ecp_small_add(), test_suite_ecp_small_check_pub(), test_suite_ecp_small_mul(), and test_suite_ecp_small_sub().

static int ecp_group_read_string_gen ( ecp_group grp,
int  radix,
const char *  p,
const char *  a,
const char *  b,
const char *  gx,
const char *  gy,
const char *  n 
) [static]
int ecp_is_zero ( ecp_point pt  ) 

Tell if a point is zero.

Parameters:
pt Point to test
Returns:
1 if point is zero, 0 otherwise

Definition at line 288 of file ecp.c.

References mpi_cmp_int(), and ecp_point::Z.

Referenced by ecdh_compute_shared(), ecdsa_verify(), test_suite_ecdh_primitive_testvec(), and test_suite_ecp_tls_write_read_point().

void ecp_keypair_free ( ecp_keypair key  ) 

Free the components of a key pair.

Definition at line 237 of file ecp.c.

References ecp_keypair::d, ecp_group_free(), ecp_point_free(), ecp_keypair::grp, mpi_free(), and ecp_keypair::Q.

Referenced by eckey_free_wrap(), pk_get_ecpubkey(), and pk_parse_key_sec1_der().

void ecp_keypair_init ( ecp_keypair key  ) 

Initialize a key pair (as an invalid one).

Definition at line 185 of file ecp.c.

References ecp_keypair::d, ecp_group_init(), ecp_point_init(), ecp_keypair::grp, mpi_init(), and ecp_keypair::Q.

Referenced by eckey_alloc_wrap().

static int ecp_mod_p192 ( mpi N  )  [static]

Definition at line 1648 of file ecp.c.

References ADD, LAST, MPI_CHK, mpi_grow(), mpi::n, NEXT, mpi::p, and WIDTH.

Referenced by ecp_use_known_dp().

static int ecp_mod_p224 ( mpi N  )  [static]

Definition at line 1819 of file ecp.c.

References ADD, INIT, LAST, NEXT, and SUB.

Referenced by ecp_use_known_dp().

static int ecp_mod_p256 ( mpi N  )  [static]

Definition at line 1840 of file ecp.c.

References ADD, INIT, LAST, NEXT, and SUB.

Referenced by ecp_use_known_dp().

static int ecp_mod_p384 ( mpi N  )  [static]

Definition at line 1877 of file ecp.c.

References ADD, INIT, LAST, NEXT, and SUB.

Referenced by ecp_use_known_dp().

static int ecp_mod_p521 ( mpi N  )  [static]

Definition at line 1954 of file ecp.c.

References mpi_add_abs(), MPI_CHK, mpi_shift_r(), mpi::n, mpi::p, P521_MASK, P521_WIDTH, and mpi::s.

Referenced by ecp_use_known_dp().

static int ecp_modp ( mpi N,
const ecp_group grp 
) [static]
int ecp_mul ( ecp_group grp,
ecp_point R,
const mpi m,
const ecp_point P,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Multiplication by an integer: R = m * P (Not thread-safe to use same group in multiple threads).

Parameters:
grp ECP group
R Destination point
m Integer by which to multiply
P Point to multiply
f_rng RNG function (see notes)
p_rng RNG parameter
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed POLARSSL_ERR_ECP_BAD_INPUT_DATA if m < 0 of m has greater bit length than N, the number of points in the group.
Note:
In order to prevent simple timing attacks, this function executes a constant number of operations (that is, point doubling and addition of distinct points) for random m in the allowed range.
If f_rng is not NULL, it is used to randomize projective coordinates of indermediate results, in order to prevent more elaborate timing attacks relying on intermediate operations. (This is a prophylactic measure since no such attack has been published yet.) Since this contermeasure has very low overhead, it is recommended to always provide a non-NULL f_rng parameter when using secret inputs.

Definition at line 1345 of file ecp.c.

References ecp_add(), ecp_add_mixed(), ecp_copy(), ecp_double_jac(), ecp_point_free(), ecp_point_init(), ecp_precompute(), ecp_randomize_coordinates(), ecp_set_zero(), ecp_sub(), ecp_w_naf_fixed(), ecp_group::G, MAX_NAF_LEN, mpi_add_int(), MPI_CHK, mpi_cmp_int(), mpi_cmp_mpi(), mpi_copy(), mpi_free(), mpi_get_bit(), mpi_init(), mpi_msb(), ecp_group::nbits, POLARSSL_ECP_WINDOW_SIZE, POLARSSL_ERR_ECP_BAD_INPUT_DATA, POLARSSL_ERR_ECP_MALLOC_FAILED, polarssl_free, polarssl_malloc, S, ecp_group::T, ecp_group::T_size, ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecdh_compute_shared(), ecdsa_verify(), ecp_gen_keypair(), ecp_self_test(), pk_parse_key_sec1_der(), test_suite_ecp_small_mul(), and test_suite_ecp_test_vect().

static int ecp_normalize ( const ecp_group grp,
ecp_point pt 
) [static]
static int ecp_normalize_many ( const ecp_group grp,
ecp_point  T[],
size_t  t_len 
) [static]
void ecp_point_free ( ecp_point pt  ) 
void ecp_point_init ( ecp_point pt  ) 
int ecp_point_read_binary ( const ecp_group grp,
ecp_point P,
const unsigned char *  buf,
size_t  ilen 
)

Import a point from unsigned binary data.

Parameters:
grp Group to which the point should belong
P Point to import
buf Input buffer
ilen Actual length of input
Returns:
0 if successful, POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
Note:
This function does NOT check that the point actually belongs to the given group, see ecp_check_pubkey() for that.

Definition at line 368 of file ecp.c.

References ecp_set_zero(), MPI_CHK, mpi_lset(), mpi_read_binary(), mpi_size(), ecp_group::P, plen, POLARSSL_ERR_ECP_BAD_INPUT_DATA, ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecp_tls_read_point(), pk_get_ecpubkey(), test_suite_ecp_read_binary(), and test_suite_pk_ec_test_vec().

int ecp_point_read_string ( ecp_point P,
int  radix,
const char *  x,
const char *  y 
)

Import a non-zero point from two ASCII strings.

Parameters:
P Destination point
radix Input numeric base
x First affine coordinate as a null-terminated string
y Second affine coordinate as a null-terminated string
Returns:
0 if successful, or a POLARSSL_ERR_MPI_XXX error code

Definition at line 296 of file ecp.c.

References MPI_CHK, mpi_lset(), mpi_read_string(), ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecp_group_read_string_gen(), test_suite_ecdsa_prim_test_vectors(), test_suite_ecp_small_add(), and test_suite_ecp_small_sub().

int ecp_point_write_binary ( const ecp_group grp,
const ecp_point P,
int  format,
size_t *  olen,
unsigned char *  buf,
size_t  buflen 
)

Export a point into unsigned binary data.

Parameters:
grp Group to which the point should belong
P Point to export
format Point format, should be a POLARSSL_ECP_PF_XXX macro
olen Length of the actual output
buf Output buffer
buflen Length of the output buffer
Returns:
0 if successful, or POLARSSL_ERR_ECP_BAD_INPUT_DATA or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL

Definition at line 312 of file ecp.c.

References MPI_CHK, mpi_cmp_int(), mpi_get_bit(), mpi_size(), mpi_write_binary(), ecp_group::P, plen, POLARSSL_ECP_PF_COMPRESSED, POLARSSL_ECP_PF_UNCOMPRESSED, POLARSSL_ERR_ECP_BAD_INPUT_DATA, POLARSSL_ERR_ECP_BUFFER_TOO_SMALL, ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecp_tls_write_point(), pk_write_ec_pubkey(), and test_suite_ecp_write_binary().

static int ecp_precompute ( const ecp_group grp,
ecp_point  T[],
size_t  t_len,
const ecp_point P 
) [static]

Definition at line 1246 of file ecp.c.

References ecp_add(), ecp_add_mixed(), ecp_copy(), ecp_normalize_many(), ecp_point_free(), ecp_point_init(), and MPI_CHK.

Referenced by ecp_mul().

static int ecp_randomize_coordinates ( const ecp_group grp,
ecp_point pt,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
) [static]
int ecp_self_test ( int  verbose  ) 
int ecp_set_zero ( ecp_point pt  ) 

Set a point to zero.

Parameters:
pt Destination point
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 273 of file ecp.c.

References MPI_CHK, mpi_lset(), ecp_point::X, ecp_point::Y, and ecp_point::Z.

Referenced by ecp_add_mixed(), ecp_mul(), ecp_point_read_binary(), test_suite_ecp_small_add(), test_suite_ecp_small_sub(), and test_suite_ecp_tls_write_read_point().

int ecp_sub ( const ecp_group grp,
ecp_point R,
const ecp_point P,
const ecp_point Q 
)

Subtraction: R = P - Q.

Parameters:
grp ECP group
R Destination point
P Left-hand point
Q Right-hand point
Returns:
0 if successful, POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed

Definition at line 1167 of file ecp.c.

References ecp_add_mixed(), ecp_normalize(), and MPI_CHK.

Referenced by ecp_mul(), and test_suite_ecp_small_sub().

int ecp_tls_read_group ( ecp_group grp,
const unsigned char **  buf,
size_t  len 
)

Set a group from a TLS ECParameters record.

Parameters:
grp Destination group
buf &(Start of input buffer)
len Buffer length
Returns:
O if successful, POLARSSL_ERR_MPI_XXX if initialization failed POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid

Definition at line 738 of file ecp.c.

References ecp_curve_info_from_tls_id(), ecp_use_known_dp(), ecp_curve_info::grp_id, POLARSSL_ECP_TLS_NAMED_CURVE, POLARSSL_ERR_ECP_BAD_INPUT_DATA, and POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE.

Referenced by ecdh_read_params(), test_suite_ecp_tls_read_group(), and test_suite_ecp_tls_write_read_group().

int ecp_tls_read_point ( const ecp_group grp,
ecp_point pt,
const unsigned char **  buf,
size_t  len 
)

Import a point from a TLS ECPoint record.

Parameters:
grp ECP group used
pt Destination point
buf $(Start of input buffer)
len Buffer length
Returns:
O if successful, POLARSSL_ERR_MPI_XXX if initialization failed POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid

Definition at line 395 of file ecp.c.

References ecp_point_read_binary(), and POLARSSL_ERR_ECP_BAD_INPUT_DATA.

Referenced by ecdh_read_params(), ecdh_read_public(), test_suite_ecp_tls_read_point(), and test_suite_ecp_tls_write_read_point().

int ecp_tls_write_group ( const ecp_group grp,
size_t *  olen,
unsigned char *  buf,
size_t  blen 
)

Write the TLS ECParameters record for a group.

Parameters:
grp ECP group used
olen Number of bytes actually written
buf Buffer to write to
blen Buffer length
Returns:
0 if successful, or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL

Definition at line 771 of file ecp.c.

References ecp_curve_info_from_grp_id(), ecp_group::id, POLARSSL_ECP_TLS_NAMED_CURVE, POLARSSL_ERR_ECP_BAD_INPUT_DATA, POLARSSL_ERR_ECP_BUFFER_TOO_SMALL, and ecp_curve_info::tls_id.

Referenced by ecdh_make_params(), and test_suite_ecp_tls_write_read_group().

int ecp_tls_write_point ( const ecp_group grp,
const ecp_point pt,
int  format,
size_t *  olen,
unsigned char *  buf,
size_t  blen 
)

Export a point as a TLS ECPoint record.

Parameters:
grp ECP group used
pt Point to export
format Export format
olen length of data written
buf Buffer to write to
blen Buffer length
Returns:
0 if successful, or POLARSSL_ERR_ECP_BAD_INPUT_DATA or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL

Definition at line 426 of file ecp.c.

References ecp_point_write_binary(), and POLARSSL_ERR_ECP_BAD_INPUT_DATA.

Referenced by ecdh_make_params(), ecdh_make_public(), and test_suite_ecp_tls_write_read_point().

int ecp_use_known_dp ( ecp_group grp,
ecp_group_id  index 
)

Set a group using well-known domain parameters.

Parameters:
grp Destination group
index Index in the list of well-known domain parameters
Returns:
O if successful, POLARSSL_ERR_MPI_XXX if initialization failed POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups
Note:
Index should be a value of RFC 4492's enum NamdeCurve, possibly in the form of a POLARSSL_ECP_DP_XXX macro.

Definition at line 652 of file ecp.c.

References BP256R1_A, BP256R1_B, BP256R1_GX, BP256R1_GY, BP256R1_N, BP256R1_P, BP384R1_A, BP384R1_B, BP384R1_GX, BP384R1_GY, BP384R1_N, BP384R1_P, BP512R1_A, BP512R1_B, BP512R1_GX, BP512R1_GY, BP512R1_N, BP512R1_P, ecp_group_free(), ecp_group_read_string(), ecp_group_read_string_gen(), ecp_mod_p192(), ecp_mod_p224(), ecp_mod_p256(), ecp_mod_p384(), ecp_mod_p521(), ecp_group::id, ecp_group::modp, POLARSSL_ECP_DP_BP256R1, POLARSSL_ECP_DP_BP384R1, POLARSSL_ECP_DP_BP512R1, POLARSSL_ECP_DP_SECP192R1, POLARSSL_ECP_DP_SECP224R1, POLARSSL_ECP_DP_SECP256R1, POLARSSL_ECP_DP_SECP384R1, POLARSSL_ECP_DP_SECP521R1, POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE, SECP192R1_B, SECP192R1_GX, SECP192R1_GY, SECP192R1_N, SECP192R1_P, SECP224R1_B, SECP224R1_GX, SECP224R1_GY, SECP224R1_N, SECP224R1_P, SECP256R1_B, SECP256R1_GX, SECP256R1_GY, SECP256R1_N, SECP256R1_P, SECP384R1_B, SECP384R1_GX, SECP384R1_GY, SECP384R1_N, SECP384R1_P, SECP521R1_B, SECP521R1_GX, SECP521R1_GY, SECP521R1_N, and SECP521R1_P.

Referenced by ecdsa_genkey(), ecp_group_copy(), ecp_self_test(), ecp_tls_read_group(), pk_genkey(), pk_use_ecparams(), ssl_write_server_key_exchange(), test_suite_ecdh_exchange(), test_suite_ecdh_primitive_random(), test_suite_ecdh_primitive_testvec(), test_suite_ecdsa_prim_random(), test_suite_ecdsa_prim_test_vectors(), test_suite_ecp_check_privkey(), test_suite_ecp_fast_mod(), test_suite_ecp_gen_keypair(), test_suite_ecp_read_binary(), test_suite_ecp_test_vect(), test_suite_ecp_tls_read_point(), test_suite_ecp_tls_write_read_group(), test_suite_ecp_tls_write_read_point(), test_suite_ecp_write_binary(), and test_suite_pk_ec_test_vec().

static int ecp_w_naf_fixed ( signed char  x[],
size_t  k,
unsigned char  w,
const mpi m 
) [static]
static int fix_negative ( mpi N,
signed char  c,
mpi C,
size_t  bits 
) [inline, static]

Definition at line 1792 of file ecp.c.

References MPI_CHK, mpi_sub_abs(), mpi::n, mpi::p, and mpi::s.

static void sub32 ( uint32_t *  dst,
uint32_t  src,
signed char *  carry 
) [inline, static]

Definition at line 1745 of file ecp.c.


Variable Documentation

unsigned long add_count

Definition at line 75 of file ecp.c.

Referenced by ecp_add_mixed(), and ecp_self_test().

unsigned long dbl_count

Definition at line 75 of file ecp.c.

Referenced by ecp_double_jac(), and ecp_self_test().

Initial value:
{

    { POLARSSL_ECP_DP_BP512R1,      28,     512,    "brainpool512r1"    },


    { POLARSSL_ECP_DP_BP384R1,      27,     384,    "brainpool384r1"    },


    { POLARSSL_ECP_DP_BP256R1,      26,     256,    "brainpool256r1"    },


    { POLARSSL_ECP_DP_SECP521R1,    25,     521,    "secp521r1"         },


    { POLARSSL_ECP_DP_SECP384R1,    24,     384,    "secp384r1"         },


    { POLARSSL_ECP_DP_SECP256R1,    23,     256,    "secp256r1"         },


    { POLARSSL_ECP_DP_SECP224R1,    21,     224,    "secp224r1"         },


    { POLARSSL_ECP_DP_SECP192R1,    19,     192,    "secp192r1"         },

    { POLARSSL_ECP_DP_NONE,          0,     0,      NULL                },
}

Definition at line 85 of file ecp.c.


Generated on 9 Apr 2014 for PolarSSL v1.3.2 by  doxygen 1.6.1