Lines Matching +full:- +full:t
1 // SPDX-License-Identifier: BSD-2-Clause
3 * Copyright (c) 2019-2021 Huawei Technologies Co., Ltd
7 #include <crypto/sm2-kdf.h>
18 #include "sm2-pke.h"
34 mres = mbedtls_mpi_read_binary(&p->X, ptr, SM2_INT_SIZE_BYTES); in sm2_uncompressed_bytes_to_point()
40 mres = mbedtls_mpi_read_binary(&p->Y, ptr, SM2_INT_SIZE_BYTES); in sm2_uncompressed_bytes_to_point()
44 mres = mbedtls_mpi_lset(&p->Z, 1); in sm2_uncompressed_bytes_to_point()
58 * GM/T 0003.1‒2012 Part 1 Section 4.2.9
83 max_size - 1, consumed); in sm2_bytes_to_point()
107 * GM/T 0003.1‒2012 Part 4 Section 7.1
122 uint8_t *t = NULL; in sm2_mbedtls_pke_decrypt() local
131 * - C1 represents a point (should be on the curve) in sm2_mbedtls_pke_decrypt()
132 * - C2 is the encrypted message in sm2_mbedtls_pke_decrypt()
133 * - C3 is a SM3 hash in sm2_mbedtls_pke_decrypt()
160 mres = mbedtls_ecp_mul(&grp, &x2y2p, (mbedtls_mpi *)key->d, &C1, in sm2_mbedtls_pke_decrypt()
185 /* Step B4: t = KDF(x2 || y2, klen) */ in sm2_mbedtls_pke_decrypt()
193 C2_len = src_len - C1_len - TEE_SM3_HASH_SIZE; in sm2_mbedtls_pke_decrypt()
195 t = calloc(1, C2_len); in sm2_mbedtls_pke_decrypt()
196 if (!t) { in sm2_mbedtls_pke_decrypt()
201 res = sm2_kdf(x2y2, sizeof(x2y2), t, C2_len); in sm2_mbedtls_pke_decrypt()
205 if (is_zero(t, C2_len)) { in sm2_mbedtls_pke_decrypt()
210 /* Step B5: get C2 from C and compute Mprime = C2 (+) t */ in sm2_mbedtls_pke_decrypt()
214 dst[i] = src[C1_len + i] ^ t[i]; in sm2_mbedtls_pke_decrypt()
217 eom = calloc(1, C2_len - out_len); in sm2_mbedtls_pke_decrypt()
223 eom[i - out_len] = src[C1_len + i] ^ t[i]; in sm2_mbedtls_pke_decrypt()
241 res = crypto_hash_update(ctx, eom, C2_len - out_len); in sm2_mbedtls_pke_decrypt()
259 free(t); in sm2_mbedtls_pke_decrypt()
268 * GM/T 0003.1‒2012 Part 1 Section 4.2.8
274 size_t xsize = mbedtls_mpi_size(&p->X); in sm2_point_to_bytes()
275 size_t ysize = mbedtls_mpi_size(&p->Y); in sm2_point_to_bytes()
285 mres = mbedtls_mpi_write_binary(&p->X, buf + 1, SM2_INT_SIZE_BYTES); in sm2_point_to_bytes()
288 mres = mbedtls_mpi_write_binary(&p->Y, buf + 1 + SM2_INT_SIZE_BYTES, in sm2_point_to_bytes()
299 * GM/T 0003.1‒2012 Part 4 Section 6.1
312 uint8_t *t = NULL; in sm2_mbedtls_pke_encrypt() local
353 mbedtls_mpi_copy(&PB.X, (mbedtls_mpi *)key->x); in sm2_mbedtls_pke_encrypt()
354 mbedtls_mpi_copy(&PB.Y, (mbedtls_mpi *)key->y); in sm2_mbedtls_pke_encrypt()
381 /* Step A5: compute t = KDF(x2 || y2, klen) */ in sm2_mbedtls_pke_encrypt()
383 t = calloc(1, src_len); in sm2_mbedtls_pke_encrypt()
384 if (!t) { in sm2_mbedtls_pke_encrypt()
389 res = sm2_kdf(x2y2, sizeof(x2y2), t, src_len); in sm2_mbedtls_pke_encrypt()
393 if (is_zero(t, src_len)) { in sm2_mbedtls_pke_encrypt()
400 * Compute C2 = M (+) t in sm2_mbedtls_pke_encrypt()
419 dst[i + C1_len] = src[i] ^ t[i]; in sm2_mbedtls_pke_encrypt()
445 free(t); in sm2_mbedtls_pke_encrypt()