Lines Matching refs:grp
257 static inline ecp_curve_type ecp_get_type( const mbedtls_ecp_group *grp ) in ecp_get_type() argument
259 if( grp->G.X.p == NULL ) in ecp_get_type()
262 if( grp->G.Y.p == NULL ) in ecp_get_type()
284 void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ) in mbedtls_ecp_group_init() argument
286 if( grp == NULL ) in mbedtls_ecp_group_init()
289 memset( grp, 0, sizeof( mbedtls_ecp_group ) ); in mbedtls_ecp_group_init()
300 mbedtls_ecp_group_init( &key->grp ); in mbedtls_ecp_keypair_init()
321 void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ) in mbedtls_ecp_group_free() argument
325 if( grp == NULL ) in mbedtls_ecp_group_free()
328 if( grp->h != 1 ) in mbedtls_ecp_group_free()
330 mbedtls_mpi_free( &grp->P ); in mbedtls_ecp_group_free()
331 mbedtls_mpi_free( &grp->A ); in mbedtls_ecp_group_free()
332 mbedtls_mpi_free( &grp->B ); in mbedtls_ecp_group_free()
333 mbedtls_ecp_point_free( &grp->G ); in mbedtls_ecp_group_free()
334 mbedtls_mpi_free( &grp->N ); in mbedtls_ecp_group_free()
337 if( grp->T != NULL ) in mbedtls_ecp_group_free()
339 for( i = 0; i < grp->T_size; i++ ) in mbedtls_ecp_group_free()
340 mbedtls_ecp_point_free( &grp->T[i] ); in mbedtls_ecp_group_free()
341 mbedtls_free( grp->T ); in mbedtls_ecp_group_free()
344 mbedtls_zeroize( grp, sizeof( mbedtls_ecp_group ) ); in mbedtls_ecp_group_free()
355 mbedtls_ecp_group_free( &key->grp ); in mbedtls_ecp_keypair_free()
441 int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, in mbedtls_ecp_point_write_binary() argument
466 plen = mbedtls_mpi_size( &grp->P ); in mbedtls_ecp_point_write_binary()
497 int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, in mbedtls_ecp_point_read_binary() argument
514 plen = mbedtls_mpi_size( &grp->P ); in mbedtls_ecp_point_read_binary()
536 int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, in mbedtls_ecp_tls_read_point() argument
558 return mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len ); in mbedtls_ecp_tls_read_point()
567 int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, in mbedtls_ecp_tls_write_point() argument
579 if( ( ret = mbedtls_ecp_point_write_binary( grp, pt, format, in mbedtls_ecp_tls_write_point()
595 int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len ) in mbedtls_ecp_tls_read_group() argument
622 return mbedtls_ecp_group_load( grp, curve_info->grp_id ); in mbedtls_ecp_tls_read_group()
628 int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, in mbedtls_ecp_tls_write_group() argument
633 if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( grp->id ) ) == NULL ) in mbedtls_ecp_tls_write_group()
663 static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp ) in ecp_modp() argument
667 if( grp->modp == NULL ) in ecp_modp()
668 return( mbedtls_mpi_mod_mpi( N, N, &grp->P ) ); in ecp_modp()
672 mbedtls_mpi_bitlen( N ) > 2 * grp->pbits ) in ecp_modp()
677 MBEDTLS_MPI_CHK( grp->modp( N ) ); in ecp_modp()
681 MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &grp->P ) ); in ecp_modp()
683 while( mbedtls_mpi_cmp_mpi( N, &grp->P ) >= 0 ) in ecp_modp()
685 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, N, &grp->P ) ); in ecp_modp()
710 #define MOD_MUL( N ) do { MBEDTLS_MPI_CHK( ecp_modp( &N, grp ) ); INC_MUL_COUNT } \
719 MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &N, &N, &grp->P ) )
727 while( mbedtls_mpi_cmp_mpi( &N, &grp->P ) >= 0 ) \
728 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &N, &N, &grp->P ) )
743 static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt ) in ecp_normalize_jac() argument
756 MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &Zi, &pt->Z, &grp->P ) ); in ecp_normalize_jac()
789 static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, in ecp_normalize_jac_many() argument
797 return( ecp_normalize_jac( grp, *T ) ); in ecp_normalize_jac_many()
817 MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[t_len-1], &grp->P ) ); in ecp_normalize_jac_many()
848 MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->X, grp->P.n ) ); in ecp_normalize_jac_many()
849 MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->Y, grp->P.n ) ); in ecp_normalize_jac_many()
870 static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp, in ecp_safe_invert_jac() argument
881 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mQY, &grp->P, &Q->Y ) ); in ecp_safe_invert_jac()
905 static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, in ecp_double_jac() argument
918 if( grp->A.p == NULL ) in ecp_double_jac()
934 if( mbedtls_mpi_cmp_int( &grp->A, 0 ) != 0 ) in ecp_double_jac()
939 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &T, &grp->A ) ); MOD_MUL( S ); in ecp_double_jac()
996 static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, in ecp_add_mixed() argument
1036 ret = ecp_double_jac( grp, R, P ); in ecp_add_mixed()
1078 static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, in ecp_randomize_jac() argument
1083 size_t p_size = ( grp->pbits + 7 ) / 8; in ecp_randomize_jac()
1093 while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 ) in ecp_randomize_jac()
1191 static int ecp_precompute_comb( const mbedtls_ecp_group *grp, in ecp_precompute_comb() argument
1212 MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) ); in ecp_precompute_comb()
1217 MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); in ecp_precompute_comb()
1229 MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) ); in ecp_precompute_comb()
1234 MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); in ecp_precompute_comb()
1243 static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, in ecp_select_comb() argument
1261 MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, i >> 7 ) ); in ecp_select_comb()
1273 static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, in ecp_mul_comb_core() argument
1287 MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, t_len, x[i] ) ); in ecp_mul_comb_core()
1290 MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); in ecp_mul_comb_core()
1294 MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) ); in ecp_mul_comb_core()
1295 MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, t_len, x[i] ) ); in ecp_mul_comb_core()
1296 MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) ); in ecp_mul_comb_core()
1309 static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, in ecp_mul_comb() argument
1325 if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 ) in ecp_mul_comb()
1333 w = grp->nbits >= 384 ? 5 : 4; in ecp_mul_comb()
1341 p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && in ecp_mul_comb()
1342 mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); in ecp_mul_comb()
1355 if( w >= grp->nbits ) in ecp_mul_comb()
1360 d = ( grp->nbits + w - 1 ) / w; in ecp_mul_comb()
1366 T = p_eq_g ? grp->T : NULL; in ecp_mul_comb()
1377 MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d ) ); in ecp_mul_comb()
1381 grp->T = T; in ecp_mul_comb()
1382 grp->T_size = pre_len; in ecp_mul_comb()
1392 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) ); in ecp_mul_comb()
1399 MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, R, T, pre_len, k, d, f_rng, p_rng ) ); in ecp_mul_comb()
1404 MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, ! m_is_odd ) ); in ecp_mul_comb()
1405 MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) ); in ecp_mul_comb()
1440 static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P ) in ecp_normalize_mxz() argument
1444 MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) ); in ecp_normalize_mxz()
1460 static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, in ecp_randomize_mxz() argument
1465 size_t p_size = ( grp->pbits + 7 ) / 8; in ecp_randomize_mxz()
1475 while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 ) in ecp_randomize_mxz()
1507 static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, in ecp_double_add_mxz() argument
1534 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->Z, &grp->A, &E ) ); MOD_MUL( R->Z ); in ecp_double_add_mxz()
1550 static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, in ecp_mul_mxz() argument
1577 MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); in ecp_mul_mxz()
1593 MBEDTLS_MPI_CHK( ecp_double_add_mxz( grp, R, &RP, R, &RP, &PX ) ); in ecp_mul_mxz()
1598 MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) ); in ecp_mul_mxz()
1611 int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, in mbedtls_ecp_mul() argument
1621 if( ( ret = mbedtls_ecp_check_privkey( grp, m ) ) != 0 || in mbedtls_ecp_mul()
1622 ( ret = mbedtls_ecp_check_pubkey( grp, P ) ) != 0 ) in mbedtls_ecp_mul()
1626 if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) in mbedtls_ecp_mul()
1627 return( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) ); in mbedtls_ecp_mul()
1630 if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) in mbedtls_ecp_mul()
1631 return( ecp_mul_comb( grp, R, m, P, f_rng, p_rng ) ); in mbedtls_ecp_mul()
1641 static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) in ecp_check_pubkey_sw() argument
1649 mbedtls_mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 || in ecp_check_pubkey_sw()
1650 mbedtls_mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 ) in ecp_check_pubkey_sw()
1663 if( grp->A.p == NULL ) in ecp_check_pubkey_sw()
1669 MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &RHS, &RHS, &grp->A ) ); MOD_ADD( RHS ); in ecp_check_pubkey_sw()
1673 MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS ); in ecp_check_pubkey_sw()
1690 static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, in mbedtls_ecp_mul_shortcuts() argument
1705 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &R->Y, &grp->P, &R->Y ) ); in mbedtls_ecp_mul_shortcuts()
1709 MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) ); in mbedtls_ecp_mul_shortcuts()
1720 int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, in mbedtls_ecp_muladd() argument
1727 if( ecp_get_type( grp ) != ECP_TYPE_SHORT_WEIERSTRASS ) in mbedtls_ecp_muladd()
1732 MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, &mP, m, P ) ); in mbedtls_ecp_muladd()
1733 MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, R, n, Q ) ); in mbedtls_ecp_muladd()
1735 MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, &mP, R ) ); in mbedtls_ecp_muladd()
1736 MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) ); in mbedtls_ecp_muladd()
1749 static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) in ecp_check_pubkey_mx() argument
1752 if( mbedtls_mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 ) in ecp_check_pubkey_mx()
1762 int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) in mbedtls_ecp_check_pubkey() argument
1769 if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) in mbedtls_ecp_check_pubkey()
1770 return( ecp_check_pubkey_mx( grp, pt ) ); in mbedtls_ecp_check_pubkey()
1773 if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) in mbedtls_ecp_check_pubkey()
1774 return( ecp_check_pubkey_sw( grp, pt ) ); in mbedtls_ecp_check_pubkey()
1782 int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d ) in mbedtls_ecp_check_privkey() argument
1785 if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) in mbedtls_ecp_check_privkey()
1791 mbedtls_mpi_bitlen( d ) - 1 != grp->nbits ) /* mbedtls_mpi_bitlen is one-based! */ in mbedtls_ecp_check_privkey()
1798 if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) in mbedtls_ecp_check_privkey()
1802 mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) in mbedtls_ecp_check_privkey()
1815 int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, in mbedtls_ecp_gen_keypair_base() argument
1822 size_t n_size = ( grp->nbits + 7 ) / 8; in mbedtls_ecp_gen_keypair_base()
1825 if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) in mbedtls_ecp_gen_keypair_base()
1836 if( b > grp->nbits ) in mbedtls_ecp_gen_keypair_base()
1837 MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - grp->nbits ) ); in mbedtls_ecp_gen_keypair_base()
1839 MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, grp->nbits, 1 ) ); in mbedtls_ecp_gen_keypair_base()
1849 if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) in mbedtls_ecp_gen_keypair_base()
1866 MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) ); in mbedtls_ecp_gen_keypair_base()
1881 mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ); in mbedtls_ecp_gen_keypair_base()
1891 return( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) ); in mbedtls_ecp_gen_keypair_base()
1897 int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, in mbedtls_ecp_gen_keypair() argument
1902 return( mbedtls_ecp_gen_keypair_base( grp, &grp->G, d, Q, f_rng, p_rng ) ); in mbedtls_ecp_gen_keypair()
1913 if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 ) in mbedtls_ecp_gen_key()
1916 return( mbedtls_ecp_gen_keypair( &key->grp, &key->d, &key->Q, f_rng, p_rng ) ); in mbedtls_ecp_gen_key()
1926 mbedtls_ecp_group grp; in mbedtls_ecp_check_pub_priv() local
1928 if( pub->grp.id == MBEDTLS_ECP_DP_NONE || in mbedtls_ecp_check_pub_priv()
1929 pub->grp.id != prv->grp.id || in mbedtls_ecp_check_pub_priv()
1938 mbedtls_ecp_group_init( &grp ); in mbedtls_ecp_check_pub_priv()
1941 mbedtls_ecp_group_copy( &grp, &prv->grp ); in mbedtls_ecp_check_pub_priv()
1944 MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) ); in mbedtls_ecp_check_pub_priv()
1956 mbedtls_ecp_group_free( &grp ); in mbedtls_ecp_check_pub_priv()
1970 mbedtls_ecp_group grp; in mbedtls_ecp_self_test() local
1985 mbedtls_ecp_group_init( &grp ); in mbedtls_ecp_self_test()
1992 MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP192R1 ) ); in mbedtls_ecp_self_test()
1994 MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, mbedtls_ecp_curve_list()->grp_id ) ); in mbedtls_ecp_self_test()
2002 MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) ); in mbedtls_ecp_self_test()
2008 MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) ); in mbedtls_ecp_self_test()
2020 MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) ); in mbedtls_ecp_self_test()
2045 MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &P, NULL, NULL ) ); in mbedtls_ecp_self_test()
2057 MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &P, NULL, NULL ) ); in mbedtls_ecp_self_test()
2079 mbedtls_ecp_group_free( &grp ); in mbedtls_ecp_self_test()