lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Add ecp_check_prvkey, with test

Browse Source 
Also group key checking and generation functions in ecp.h and ecp.c.
This commit is contained in:
Manuel Pégourié-Gonnard
2013-07-01 14:06:13 +02:00
parent b8c6e0e3e9
commit c8dc295e83
4 changed files with 126 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
library/ecp.c
View File

@ -727,51 +727,6 @@ int ecp_tls_write_group( const ecp_group *grp, size_t *olen,
while( mpi_cmp_mpi( &N, &grp->P ) >= 0 ) \
MPI_CHK( mpi_sub_mpi( &N, &N, &grp->P ) )
/*
* Check that a point is valid as a public key (SEC1 3.2.3.1)
*/
int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt )
{
int ret;
mpi YY, RHS;
if( mpi_cmp_int( &pt->Z, 0 ) == 0 )
return( POLARSSL_ERR_ECP_GENERIC );
/*
* pt coordinates must be normalized for our checks
*/
if( mpi_cmp_int( &pt->Z, 1 ) != 0 )
return( POLARSSL_ERR_ECP_GENERIC );
if( mpi_cmp_int( &pt->X, 0 ) < 0 ||
mpi_cmp_int( &pt->Y, 0 ) < 0 ||
mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
return( POLARSSL_ERR_ECP_GENERIC );
mpi_init( &YY ); mpi_init( &RHS );
/*
* YY = Y^2
* RHS = X (X^2 - 3) + B = X^3 - 3X + B
*/
MPI_CHK( mpi_mul_mpi( &YY, &pt->Y, &pt->Y ) ); MOD_MUL( YY );
MPI_CHK( mpi_mul_mpi( &RHS, &pt->X, &pt->X ) ); MOD_MUL( RHS );
MPI_CHK( mpi_sub_int( &RHS, &RHS, 3 ) ); MOD_SUB( RHS );
MPI_CHK( mpi_mul_mpi( &RHS, &RHS, &pt->X ) ); MOD_MUL( RHS );
MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS );
if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
ret = POLARSSL_ERR_ECP_GENERIC;
cleanup:
mpi_free( &YY ); mpi_free( &RHS );
return( ret );
}
/*
* Normalize jacobian coordinates so that Z == 0 || Z == 1 (GECC 3.2.1)
*/
@ -1305,6 +1260,63 @@ cleanup:
return( ret );
}
/*
* Check that a point is valid as a public key (SEC1 3.2.3.1)
*/
int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt )
{
int ret;
mpi YY, RHS;
if( mpi_cmp_int( &pt->Z, 0 ) == 0 )
return( POLARSSL_ERR_ECP_GENERIC );
/*
* pt coordinates must be normalized for our checks
*/
if( mpi_cmp_int( &pt->Z, 1 ) != 0 )
return( POLARSSL_ERR_ECP_GENERIC );
if( mpi_cmp_int( &pt->X, 0 ) < 0 ||
mpi_cmp_int( &pt->Y, 0 ) < 0 ||
mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
return( POLARSSL_ERR_ECP_GENERIC );
mpi_init( &YY ); mpi_init( &RHS );
/*
* YY = Y^2
* RHS = X (X^2 - 3) + B = X^3 - 3X + B
*/
MPI_CHK( mpi_mul_mpi( &YY, &pt->Y, &pt->Y ) ); MOD_MUL( YY );
MPI_CHK( mpi_mul_mpi( &RHS, &pt->X, &pt->X ) ); MOD_MUL( RHS );
MPI_CHK( mpi_sub_int( &RHS, &RHS, 3 ) ); MOD_SUB( RHS );
MPI_CHK( mpi_mul_mpi( &RHS, &RHS, &pt->X ) ); MOD_MUL( RHS );
MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS );
if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
ret = POLARSSL_ERR_ECP_GENERIC;
cleanup:
mpi_free( &YY ); mpi_free( &RHS );
return( ret );
}
/*
* Check that an mpi is valid as a private key (SEC1 3.2)
*/
int ecp_check_prvkey( const ecp_group *grp, const mpi *d )
{
/* We want 1 <= d <= N-1 */
if ( mpi_cmp_int( d, 1 ) < 0 || mpi_cmp_mpi( d, &grp->N ) >= 0 )
return( POLARSSL_ERR_ECP_GENERIC );
return( 0 );
}
/*
* Generate a keypair (SEC1 3.2.1)
*/