53#if !defined(MBEDTLS_CONFIG_FILE)
56#include MBEDTLS_CONFIG_FILE
59#if defined(MBEDTLS_ECDSA_C)
66#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
70#if defined(MBEDTLS_PLATFORM_C)
74#define mbedtls_calloc calloc
75#define mbedtls_free free
81#define ECDSA_VALIDATE_RET( cond ) \
82 MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
83#define ECDSA_VALIDATE( cond ) \
84 MBEDTLS_INTERNAL_VALIDATE( cond )
86#if defined(MBEDTLS_ECP_RESTARTABLE)
91struct mbedtls_ecdsa_restart_ver
103static void ecdsa_restart_ver_init( mbedtls_ecdsa_restart_ver_ctx *
ctx )
107 ctx->state = ecdsa_ver_init;
113static void ecdsa_restart_ver_free( mbedtls_ecdsa_restart_ver_ctx *
ctx )
121 ecdsa_restart_ver_init(
ctx );
127struct mbedtls_ecdsa_restart_sig
143static void ecdsa_restart_sig_init( mbedtls_ecdsa_restart_sig_ctx *
ctx )
149 ctx->state = ecdsa_sig_init;
155static void ecdsa_restart_sig_free( mbedtls_ecdsa_restart_sig_ctx *
ctx )
164#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
168struct mbedtls_ecdsa_restart_det
180static void ecdsa_restart_det_init( mbedtls_ecdsa_restart_det_ctx *
ctx )
183 ctx->state = ecdsa_det_init;
189static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *
ctx )
196 ecdsa_restart_det_init(
ctx );
200#define ECDSA_RS_ECP ( rs_ctx == NULL ? NULL : &rs_ctx->ecp )
203#define ECDSA_BUDGET( ops ) \
204 MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, ECDSA_RS_ECP, ops ) );
207#define ECDSA_RS_ENTER( SUB ) do { \
209 if( rs_ctx != NULL && rs_ctx->ecp.depth++ == 0 ) \
210 rs_ctx->ecp.ops_done = 0; \
213 if( mbedtls_ecp_restart_is_enabled() && \
214 rs_ctx != NULL && rs_ctx->SUB == NULL ) \
216 rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \
217 if( rs_ctx->SUB == NULL ) \
218 return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \
220 ecdsa_restart_## SUB ##_init( rs_ctx->SUB ); \
225#define ECDSA_RS_LEAVE( SUB ) do { \
227 if( rs_ctx != NULL && rs_ctx->SUB != NULL && \
228 ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \
230 ecdsa_restart_## SUB ##_free( rs_ctx->SUB ); \
231 mbedtls_free( rs_ctx->SUB ); \
232 rs_ctx->SUB = NULL; \
235 if( rs_ctx != NULL ) \
236 rs_ctx->ecp.depth--; \
241#define ECDSA_RS_ECP NULL
243#define ECDSA_BUDGET( ops )
245#define ECDSA_RS_ENTER( SUB ) (void) rs_ctx
246#define ECDSA_RS_LEAVE( SUB ) (void) rs_ctx
250#if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \
251 !defined(MBEDTLS_ECDSA_SIGN_ALT) || \
252 !defined(MBEDTLS_ECDSA_VERIFY_ALT)
258 const unsigned char *
buf,
size_t blen )
261 size_t n_size = ( grp->
nbits + 7 ) / 8;
262 size_t use_size = blen > n_size ? n_size : blen;
265 if( use_size * 8 > grp->
nbits )
277#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
285 int (*f_rng)(
void *,
unsigned char *,
size_t),
void *p_rng,
286 int (*f_rng_blind)(
void *,
unsigned char *,
size_t),
290 int ret, key_tries, sign_tries;
291 int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries;
307 ECDSA_RS_ENTER( sig );
309#if defined(MBEDTLS_ECP_RESTARTABLE)
310 if( rs_ctx !=
NULL && rs_ctx->sig !=
NULL )
313 p_sign_tries = &rs_ctx->sig->sign_tries;
314 p_key_tries = &rs_ctx->sig->key_tries;
315 pk = &rs_ctx->sig->k;
316 pr = &rs_ctx->sig->r;
319 if( rs_ctx->sig->state == ecdsa_sig_mul )
321 if( rs_ctx->sig->state == ecdsa_sig_modn )
329 if( (*p_sign_tries)++ > 10 )
342 if( (*p_key_tries)++ > 10 )
350#if defined(MBEDTLS_ECP_RESTARTABLE)
351 if( rs_ctx !=
NULL && rs_ctx->sig !=
NULL )
352 rs_ctx->sig->state = ecdsa_sig_mul;
364#if defined(MBEDTLS_ECP_RESTARTABLE)
365 if( rs_ctx !=
NULL && rs_ctx->sig !=
NULL )
366 rs_ctx->sig->state = ecdsa_sig_modn;
374 ECDSA_BUDGET( MBEDTLS_ECP_OPS_INV + 4 );
402#if defined(MBEDTLS_ECP_RESTARTABLE)
403 if( rs_ctx !=
NULL && rs_ctx->sig !=
NULL )
411 ECDSA_RS_LEAVE( sig );
421 int (*f_rng)(
void *,
unsigned char *,
size_t),
void *p_rng )
423 ECDSA_VALIDATE_RET( grp !=
NULL );
424 ECDSA_VALIDATE_RET(
r !=
NULL );
425 ECDSA_VALIDATE_RET(
s !=
NULL );
426 ECDSA_VALIDATE_RET(
d !=
NULL );
427 ECDSA_VALIDATE_RET( f_rng !=
NULL );
428 ECDSA_VALIDATE_RET(
buf !=
NULL || blen == 0 );
431 return( ecdsa_sign_restartable( grp,
r,
s,
d,
buf, blen,
432 f_rng, p_rng, f_rng, p_rng,
NULL ) );
436#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
444 int (*f_rng_blind)(
void *,
unsigned char *,
size_t),
452 size_t grp_len = ( grp->
nbits + 7 ) / 8;
462 ECDSA_RS_ENTER( det );
464#if defined(MBEDTLS_ECP_RESTARTABLE)
465 if( rs_ctx !=
NULL && rs_ctx->det !=
NULL )
468 p_rng = &rs_ctx->det->rng_ctx;
471 if( rs_ctx->det->state == ecdsa_det_sign )
482#if defined(MBEDTLS_ECP_RESTARTABLE)
483 if( rs_ctx !=
NULL && rs_ctx->det !=
NULL )
484 rs_ctx->det->state = ecdsa_det_sign;
488#if defined(MBEDTLS_ECDSA_SIGN_ALT)
492 if( f_rng_blind !=
NULL )
493 ret = ecdsa_sign_restartable( grp,
r,
s,
d,
buf, blen,
495 f_rng_blind, p_rng_blind, rs_ctx );
500#if !defined(MBEDTLS_ECP_RESTARTABLE)
507 const char* blind_label =
"BLINDING CONTEXT";
511 p_rng_blind_det = &rng_ctx_blind;
516 (
const unsigned char*) blind_label,
537 p_rng_blind_det = p_rng;
547 ret = ecdsa_sign_restartable( grp,
r,
s,
d,
buf, blen,
552#if !defined(MBEDTLS_ECP_RESTARTABLE)
562 ECDSA_RS_LEAVE( det );
572 const unsigned char *
buf,
size_t blen,
575 ECDSA_VALIDATE_RET( grp !=
NULL );
576 ECDSA_VALIDATE_RET(
r !=
NULL );
577 ECDSA_VALIDATE_RET(
s !=
NULL );
578 ECDSA_VALIDATE_RET(
d !=
NULL );
579 ECDSA_VALIDATE_RET(
buf !=
NULL || blen == 0 );
581 return( ecdsa_sign_det_restartable( grp,
r,
s,
d,
buf, blen, md_alg,
587 const unsigned char *
buf,
size_t blen,
589 int (*f_rng_blind)(
void *,
unsigned char *,
593 ECDSA_VALIDATE_RET( grp !=
NULL );
594 ECDSA_VALIDATE_RET(
r !=
NULL );
595 ECDSA_VALIDATE_RET(
s !=
NULL );
596 ECDSA_VALIDATE_RET(
d !=
NULL );
597 ECDSA_VALIDATE_RET(
buf !=
NULL || blen == 0 );
598 ECDSA_VALIDATE_RET( f_rng_blind !=
NULL );
600 return( ecdsa_sign_det_restartable( grp,
r,
s,
d,
buf, blen, md_alg,
601 f_rng_blind, p_rng_blind,
NULL ) );
605#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
611 const unsigned char *
buf,
size_t blen,
629 ECDSA_RS_ENTER( ver );
631#if defined(MBEDTLS_ECP_RESTARTABLE)
632 if( rs_ctx !=
NULL && rs_ctx->ver !=
NULL )
635 pu1 = &rs_ctx->ver->u1;
636 pu2 = &rs_ctx->ver->u2;
639 if( rs_ctx->ver->state == ecdsa_ver_muladd )
662 ECDSA_BUDGET( MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2 );
672#if defined(MBEDTLS_ECP_RESTARTABLE)
673 if( rs_ctx !=
NULL && rs_ctx->ver !=
NULL )
674 rs_ctx->ver->state = ecdsa_ver_muladd;
682 &
R, pu1, &grp->
G, pu2, Q, ECDSA_RS_ECP ) );
710 ECDSA_RS_LEAVE( ver );
719 const unsigned char *
buf,
size_t blen,
724 ECDSA_VALIDATE_RET( grp !=
NULL );
725 ECDSA_VALIDATE_RET( Q !=
NULL );
726 ECDSA_VALIDATE_RET(
r !=
NULL );
727 ECDSA_VALIDATE_RET(
s !=
NULL );
728 ECDSA_VALIDATE_RET(
buf !=
NULL || blen == 0 );
730 return( ecdsa_verify_restartable( grp,
buf, blen, Q,
r,
s,
NULL ) );
738 unsigned char *sig,
size_t *slen )
742 unsigned char *
p =
buf +
sizeof(
buf );
763 const unsigned char *
hash,
size_t hlen,
764 unsigned char *sig,
size_t *slen,
765 int (*f_rng)(
void *,
unsigned char *,
size_t),
771 ECDSA_VALIDATE_RET(
ctx !=
NULL );
773 ECDSA_VALIDATE_RET( sig !=
NULL );
774 ECDSA_VALIDATE_RET( slen !=
NULL );
779#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
781 hash, hlen, md_alg, f_rng,
786#if defined(MBEDTLS_ECDSA_SIGN_ALT)
790 hash, hlen, f_rng, p_rng ) );
794 hash, hlen, f_rng, p_rng, f_rng,
813 const unsigned char *
hash,
size_t hlen,
814 unsigned char *sig,
size_t *slen,
815 int (*f_rng)(
void *,
unsigned char *,
size_t),
818 ECDSA_VALIDATE_RET(
ctx !=
NULL );
820 ECDSA_VALIDATE_RET( sig !=
NULL );
821 ECDSA_VALIDATE_RET( slen !=
NULL );
823 ctx, md_alg,
hash, hlen, sig, slen, f_rng, p_rng,
NULL ) );
826#if !defined(MBEDTLS_DEPRECATED_REMOVED) && \
827 defined(MBEDTLS_ECDSA_DETERMINISTIC)
829 const unsigned char *
hash,
size_t hlen,
830 unsigned char *sig,
size_t *slen,
833 ECDSA_VALIDATE_RET(
ctx !=
NULL );
835 ECDSA_VALIDATE_RET( sig !=
NULL );
836 ECDSA_VALIDATE_RET( slen !=
NULL );
846 const unsigned char *
hash,
size_t hlen,
847 const unsigned char *sig,
size_t slen )
849 ECDSA_VALIDATE_RET(
ctx !=
NULL );
851 ECDSA_VALIDATE_RET( sig !=
NULL );
860 const unsigned char *
hash,
size_t hlen,
861 const unsigned char *sig,
size_t slen,
865 unsigned char *
p = (
unsigned char *) sig;
866 const unsigned char *
end = sig + slen;
869 ECDSA_VALIDATE_RET(
ctx !=
NULL );
871 ECDSA_VALIDATE_RET( sig !=
NULL );
896#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
900 &
ctx->Q, &
r, &
s ) ) != 0 )
903 if( (
ret = ecdsa_verify_restartable( &
ctx->grp,
hash, hlen,
904 &
ctx->Q, &
r, &
s, rs_ctx ) ) != 0 )
921#if !defined(MBEDTLS_ECDSA_GENKEY_ALT)
926 int (*f_rng)(
void *,
unsigned char *,
size_t),
void *p_rng )
929 ECDSA_VALIDATE_RET(
ctx !=
NULL );
930 ECDSA_VALIDATE_RET( f_rng !=
NULL );
937 &
ctx->Q, f_rng, p_rng ) );
947 ECDSA_VALIDATE_RET(
ctx !=
NULL );
948 ECDSA_VALIDATE_RET(
key !=
NULL );
981#if defined(MBEDTLS_ECP_RESTARTABLE)
989 mbedtls_ecp_restart_init( &
ctx->ecp );
993#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
1006 mbedtls_ecp_restart_free( &
ctx->ecp );
1008 ecdsa_restart_ver_free(
ctx->ver );
1012 ecdsa_restart_sig_free(
ctx->sig );
1016#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
1017 ecdsa_restart_det_free(
ctx->det );
ACPI_SIZE strlen(const char *String)
ASN.1 buffer writing functionality.
int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start, unsigned char tag)
Write an ASN.1 tag in ASN.1 format.
#define MBEDTLS_ASN1_CHK_ADD(g, f)
int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start, size_t len)
Write a length field in ASN.1 format.
int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start, const mbedtls_mpi *X)
Write a arbitrary-precision number (MBEDTLS_ASN1_INTEGER) in ASN.1 format.
int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a signed subtraction of MPIs: X = A - B.
int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y)
Make a copy of an MPI.
int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a signed addition of MPIs: X = A + B.
int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buflen)
Import an MPI from unsigned big endian binary data.
int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y)
Compare two MPIs.
int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a modular reduction. R = A mod B.
void mbedtls_mpi_init(mbedtls_mpi *X)
Initialize an MPI context.
int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a multiplication of two MPIs: X = A * B.
#define MBEDTLS_MPI_CHK(f)
int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N)
Compute the modular inverse: X = A^-1 mod N.
void mbedtls_mpi_free(mbedtls_mpi *X)
This function frees the components of an MPI context.
int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf, size_t buflen)
Export an MPI into unsigned big endian binary data of fixed size.
int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z)
Compare an MPI with an integer.
int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count)
Perform a right-shift on an MPI: X >>= count.
static void cleanup(void)
This file contains ECDSA definitions and functions.
int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecdsa_restart_ctx *rs_ctx)
This function computes the ECDSA signature and writes it to a buffer, in a restartable way.
int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, const unsigned char *buf, size_t blen, const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
This function verifies the ECDSA signature of a previously-hashed message.
int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg, int(*f_rng_blind)(void *, unsigned char *, size_t), void *p_rng_blind)
This function computes the ECDSA signature of a previously-hashed message, deterministic version.
void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx)
This function frees an ECDSA context.
int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg)
This function computes the ECDSA signature of a previously-hashed message, deterministic version.
int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED
This function computes an ECDSA signature and writes it to a buffer, serialized as defined in RFC-449...
int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key)
This function sets up an ECDSA context from an EC key pair.
int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function computes the ECDSA signature and writes it to a buffer, serialized as defined in RFC-44...
int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen, mbedtls_ecdsa_restart_ctx *rs_ctx)
This function reads and verifies an ECDSA signature, in a restartable way.
int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen)
This function reads and verifies an ECDSA signature.
int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates an ECDSA keypair on the given curve.
void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx)
This function initializes an ECDSA context.
#define MBEDTLS_ECDSA_MAX_LEN
int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function computes the ECDSA signature of a previously-hashed message.
GLint GLint GLint GLint GLint x
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
GLdouble GLdouble GLdouble r
GLenum GLuint GLenum GLsizei const GLchar * buf
GLfloat GLfloat GLfloat GLfloat h
int mbedtls_asn1_get_mpi(unsigned char **p, const unsigned char *end, mbedtls_mpi *X)
Retrieve a MPI value from an integer ASN.1 tag. Updates the pointer to immediately behind the full ta...
#define MBEDTLS_ASN1_SEQUENCE
#define MBEDTLS_ASN1_CONSTRUCTED
#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
int mbedtls_asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag)
Get the tag and length of the tag. Check for the requested tag. Updates the pointer to immediately be...
The HMAC_DRBG pseudorandom generator.
void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx)
HMAC_DRBG context initialization.
void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx)
This function resets HMAC_DRBG context to the state immediately after initial call of mbedtls_hmac_dr...
int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, const unsigned char *data, size_t data_len)
Initilisation of simpified HMAC_DRBG (never reseeds).
int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
This function uses HMAC_DRBG to generate random data.
int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the HMAC_DRBG context.
mbedtls_md_type_t
Supported message digests.
#define memcpy(s1, s2, n)
#define mbedtls_md_info_from_type
Configuration options (set of defines)
void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key)
This function frees the components of a key pair.
int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt)
This function checks if a point is the point at infinity.
#define MBEDTLS_ERR_ECP_INVALID_KEY
int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, const mbedtls_ecp_group *src)
This function copies the contents of group src into group dst.
#define MBEDTLS_ERR_ECP_VERIFY_FAILED
#define MBEDTLS_ERR_ECP_RANDOM_FAILED
#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH
int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx)
This function performs multiplication of a point by an integer: R = m * P in a restartable way.
int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id)
This function sets up an ECP group context from a standardized set of domain parameters.
void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key)
This function initializes a key pair as an invalid one.
void mbedtls_ecp_point_free(mbedtls_ecp_point *pt)
This function frees the components of a point.
int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
This function copies the contents of point Q into point P.
int mbedtls_ecp_muladd_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q, mbedtls_ecp_restart_ctx *rs_ctx)
This function performs multiplication and addition of two points by integers: R = m * P + n * Q in a ...
int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, mbedtls_mpi *d, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates a private key.
int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates an ECP keypair.
#define MBEDTLS_ECP_MAX_BYTES
#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA
void mbedtls_ecp_point_init(mbedtls_ecp_point *pt)
This function initializes a point as zero.
The ECP key-pair structure.
The ECP point structure, in Jacobian coordinates.