67 		     unsigned bits_size, uECC_Curve curve)  in bits2int()  argument
69 	unsigned num_n_bytes = BITS_TO_BYTES(curve->num_n_bits);  in bits2int()
70 	unsigned num_n_words = BITS_TO_WORDS(curve->num_n_bits);  in bits2int()
81 	if (bits_size * 8 <= (unsigned)curve->num_n_bits) {  in bits2int()
84 	shift = bits_size * 8 - curve->num_n_bits;  in bits2int()
94 	if (uECC_vli_cmp_unsafe(curve->n, native, num_n_words) != 1) {  in bits2int()
95 		uECC_vli_sub(native, native, curve->n, num_n_words);  in bits2int()
101 		     uECC_Curve curve)  in uECC_sign_with_k()  argument
109 	wordcount_t num_words = curve->num_words;  in uECC_sign_with_k()
110 	wordcount_t num_n_words = BITS_TO_WORDS(curve->num_n_bits);  in uECC_sign_with_k()
111 	bitcount_t num_n_bits = curve->num_n_bits;  in uECC_sign_with_k()
115 	    uECC_vli_cmp(curve->n, k, num_n_words) != 1) {  in uECC_sign_with_k()
119 	carry = regularize_k(k, tmp, s, curve);  in uECC_sign_with_k()
120 	EccPoint_mult(p, curve->G, k2[!carry], 0, num_n_bits + 1, curve);  in uECC_sign_with_k()
131 	else if (!uECC_generate_random_int(tmp, curve->n, num_n_words)) {  in uECC_sign_with_k()
137 	uECC_vli_modMult(k, k, tmp, curve->n, num_n_words); /* k' = rand * k */  in uECC_sign_with_k()
138 	uECC_vli_modInv(k, k, curve->n, num_n_words);       /* k = 1 / k' */  in uECC_sign_with_k()
139 	uECC_vli_modMult(k, k, tmp, curve->n, num_n_words); /* k = 1 / k */  in uECC_sign_with_k()
141 	uECC_vli_nativeToBytes(signature, curve->num_bytes, p); /* store r */  in uECC_sign_with_k()
144 	uECC_vli_bytesToNative(tmp, private_key, BITS_TO_BYTES(curve->num_n_bits));  in uECC_sign_with_k()
148 	uECC_vli_modMult(s, tmp, s, curve->n, num_n_words); /* s = r*d */  in uECC_sign_with_k()
150 	bits2int(tmp, message_hash, hash_size, curve);  in uECC_sign_with_k()
151 	uECC_vli_modAdd(s, tmp, s, curve->n, num_n_words); /* s = e + r*d */  in uECC_sign_with_k()
152 	uECC_vli_modMult(s, s, k, curve->n, num_n_words);  /* s = (e + r*d) / k */  in uECC_sign_with_k()
153 	if (uECC_vli_numBits(s, num_n_words) > (bitcount_t)curve->num_bytes * 8) {  in uECC_sign_with_k()
157 	uECC_vli_nativeToBytes(signature + curve->num_bytes, curve->num_bytes, s);  in uECC_sign_with_k()
162 	      unsigned hash_size, uint8_t *signature, uECC_Curve curve)  in uECC_sign()  argument
177 		uECC_vli_mmod(k, _random, curve->n, BITS_TO_WORDS(curve->num_n_bits));  in uECC_sign()
180 		    curve)) {  in uECC_sign()
194 	        uECC_Curve curve)  in uECC_verify()  argument
212 	wordcount_t num_words = curve->num_words;  in uECC_verify()
213 	wordcount_t num_n_words = BITS_TO_WORDS(curve->num_n_bits);  in uECC_verify()
219 	uECC_vli_bytesToNative(_public, public_key, curve->num_bytes);  in uECC_verify()
220 	uECC_vli_bytesToNative(_public + num_words, public_key + curve->num_bytes,  in uECC_verify()
221 			       curve->num_bytes);  in uECC_verify()
222 	uECC_vli_bytesToNative(r, signature, curve->num_bytes);  in uECC_verify()
223 	uECC_vli_bytesToNative(s, signature + curve->num_bytes, curve->num_bytes);  in uECC_verify()
231 	if (uECC_vli_cmp_unsafe(curve->n, r, num_n_words) != 1 ||  in uECC_verify()
232 	    uECC_vli_cmp_unsafe(curve->n, s, num_n_words) != 1) {  in uECC_verify()
237 	uECC_vli_modInv(z, s, curve->n, num_n_words); /* z = 1/s */  in uECC_verify()
239 	bits2int(u1, message_hash, hash_size, curve);  in uECC_verify()
240 	uECC_vli_modMult(u1, u1, z, curve->n, num_n_words); /* u1 = e/s */  in uECC_verify()
241 	uECC_vli_modMult(u2, r, z, curve->n, num_n_words); /* u2 = r/s */  in uECC_verify()
246 	uECC_vli_set(tx, curve->G, num_words);  in uECC_verify()
247 	uECC_vli_set(ty, curve->G + num_words, num_words);  in uECC_verify()
248 	uECC_vli_modSub(z, sum, tx, curve->p, num_words); /* z = x2 - x1 */  in uECC_verify()
249 	XYcZ_add(tx, ty, sum, sum + num_words, curve);  in uECC_verify()
250 	uECC_vli_modInv(z, z, curve->p, num_words); /* z = 1/z */  in uECC_verify()
251 	apply_z(sum, sum + num_words, z, curve);  in uECC_verify()
255 	points[1] = curve->G;  in uECC_verify()
270 		curve->double_jacobian(rx, ry, z, curve);  in uECC_verify()
277 			apply_z(tx, ty, z, curve);  in uECC_verify()
278 			uECC_vli_modSub(tz, rx, tx, curve->p, num_words); /* Z = x2 - x1 */  in uECC_verify()
279 			XYcZ_add(tx, ty, rx, ry, curve);  in uECC_verify()
280 			uECC_vli_modMult_fast(z, z, tz, curve);  in uECC_verify()
284 	uECC_vli_modInv(z, z, curve->p, num_words); /* Z = 1/Z */  in uECC_verify()
285 	apply_z(rx, ry, z, curve);  in uECC_verify()
288 	if (uECC_vli_cmp_unsafe(curve->n, rx, num_n_words) != 1) {  in uECC_verify()
289 		uECC_vli_sub(rx, rx, curve->n, num_n_words);  in uECC_verify()