45  * Derive a suitable integer for group grp from a buffer of length len
48 static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x,  in derive_mpi()  argument
52     size_t n_size = ( grp->nbits + 7 ) / 8;  in derive_mpi()
56     if( use_size * 8 > grp->nbits )  in derive_mpi()
57         MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( x, use_size * 8 - grp->nbits ) );  in derive_mpi()
60     if( mbedtls_mpi_cmp_mpi( x, &grp->N ) >= 0 )  in derive_mpi()
61         MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( x, x, &grp->N ) );  in derive_mpi()
71 int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,  in mbedtls_ecdsa_sign()  argument
80     if( grp->N.p == NULL )  in mbedtls_ecdsa_sign()
96             MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) );  in mbedtls_ecdsa_sign()
97             MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( r, &R.X, &grp->N ) );  in mbedtls_ecdsa_sign()
110         MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );  in mbedtls_ecdsa_sign()
119             size_t n_size = ( grp->nbits + 7 ) / 8;  in mbedtls_ecdsa_sign()
121             MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &t, 8 * n_size - grp->nbits ) );  in mbedtls_ecdsa_sign()
128                mbedtls_mpi_cmp_mpi( &t, &grp->N ) >= 0 );  in mbedtls_ecdsa_sign()
137         MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, &k, &grp->N ) );  in mbedtls_ecdsa_sign()
139         MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );  in mbedtls_ecdsa_sign()
160 int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,  in mbedtls_ecdsa_sign_det()  argument
167     size_t grp_len = ( grp->nbits + 7 ) / 8;  in mbedtls_ecdsa_sign_det()
179     MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) );  in mbedtls_ecdsa_sign_det()
183     ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,  in mbedtls_ecdsa_sign_det()
198 int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,  in mbedtls_ecdsa_verify()  argument
210     if( grp->N.p == NULL )  in mbedtls_ecdsa_verify()
216     if( mbedtls_mpi_cmp_int( r, 1 ) < 0 || mbedtls_mpi_cmp_mpi( r, &grp->N ) >= 0 ||  in mbedtls_ecdsa_verify()
217         mbedtls_mpi_cmp_int( s, 1 ) < 0 || mbedtls_mpi_cmp_mpi( s, &grp->N ) >= 0 )  in mbedtls_ecdsa_verify()
226     MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );  in mbedtls_ecdsa_verify()
231     MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );  in mbedtls_ecdsa_verify()
236     MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) );  in mbedtls_ecdsa_verify()
239     MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u1, &u1, &grp->N ) );  in mbedtls_ecdsa_verify()
242     MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u2, &u2, &grp->N ) );  in mbedtls_ecdsa_verify()
250     MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, &R, &u1, &grp->G, &u2, Q ) );  in mbedtls_ecdsa_verify()
262     MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &R.X, &R.X, &grp->N ) );  in mbedtls_ecdsa_verify()
323     MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d,  in mbedtls_ecdsa_write_signature()
328     MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,  in mbedtls_ecdsa_write_signature()
390     if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,  in mbedtls_ecdsa_read_signature()
410     return( mbedtls_ecp_group_load( &ctx->grp, gid ) ||  in mbedtls_ecdsa_genkey()
411             mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );  in mbedtls_ecdsa_genkey()
421     if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ||  in mbedtls_ecdsa_from_keypair()
468 	mbedtls_ecp_group grp;
475 	mbedtls_ecp_group_init(&grp);
478 	mbedtls_ecp_group_load(&grp, ec_key->curve);
480 	MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(grp, &r, &s, d, hash, hash_len, rnd_std_rand, NULL));
487 	mbedtls_ecp_group_free(&grp);
496 	mbedtls_ecp_group grp;  in rk_ecdsa_sign()  local
500 	mbedtls_ecp_group_init( &grp );  in rk_ecdsa_sign()
505 	MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, key->curve ) );  in rk_ecdsa_sign()
508     if(mbedtls_ecp_check_privkey( &grp, &pri_key) != 0)  in rk_ecdsa_sign()
514 	MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&grp, &r, &s, &pri_key, hash, hash_len, rnd_std_rand, NULL));  in rk_ecdsa_sign()
519 	mbedtls_ecp_group_free( &grp );  in rk_ecdsa_sign()
528 	mbedtls_ecp_group grp;  in rk_ecdsa_verify()  local
535 	mbedtls_ecp_group_init( &grp );  in rk_ecdsa_verify()
540 	MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, key->curve ) );  in rk_ecdsa_verify()
545     if(mbedtls_ecp_check_pubkey( &grp, &pub_key) != 0)  in rk_ecdsa_verify()
572 	if( ( ret = mbedtls_ecdsa_verify( &grp, hash, hash_len, &pub_key, &r, &s ) ) != 0 )  in rk_ecdsa_verify()
581 	mbedtls_ecp_group_free( &grp );  in rk_ecdsa_verify()
590 	mbedtls_ecp_group grp;  in rk_ecdsa_sign2()  local
594 	mbedtls_ecp_group_init( &grp );  in rk_ecdsa_sign2()
599 	MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, key->curve ) );  in rk_ecdsa_sign2()
602     if(mbedtls_ecp_check_privkey( &grp, &pri_key) != 0)  in rk_ecdsa_sign2()
608 	MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&grp, &r, &s, &pri_key, hash, hash_len, rnd_std_rand, NULL));  in rk_ecdsa_sign2()
618 	mbedtls_ecp_group_free( &grp );  in rk_ecdsa_sign2()
627 	mbedtls_ecp_group grp;  in rk_ecdsa_verify2()  local
631 	mbedtls_ecp_group_init( &grp );  in rk_ecdsa_verify2()
639 	MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, key->curve ) );  in rk_ecdsa_verify2()
644     if(mbedtls_ecp_check_pubkey( &grp, &pub_key) != 0)  in rk_ecdsa_verify2()
650 	if( ( ret = mbedtls_ecdsa_verify( &grp, hash, hash_len, &pub_key, &r, &s ) ) != 0 )  in rk_ecdsa_verify2()
657 	mbedtls_ecp_group_free( &grp );  in rk_ecdsa_verify2()