ReactOS  0.4.15-dev-509-g96a357b
ecp.h
Go to the documentation of this file.
1 
6 /*
7  * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
8  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9  *
10  * This file is provided under the Apache License 2.0, or the
11  * GNU General Public License v2.0 or later.
12  *
13  * **********
14  * Apache License 2.0:
15  *
16  * Licensed under the Apache License, Version 2.0 (the "License"); you may
17  * not use this file except in compliance with the License.
18  * You may obtain a copy of the License at
19  *
20  * http://www.apache.org/licenses/LICENSE-2.0
21  *
22  * Unless required by applicable law or agreed to in writing, software
23  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
24  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
25  * See the License for the specific language governing permissions and
26  * limitations under the License.
27  *
28  * **********
29  *
30  * **********
31  * GNU General Public License v2.0 or later:
32  *
33  * This program is free software; you can redistribute it and/or modify
34  * it under the terms of the GNU General Public License as published by
35  * the Free Software Foundation; either version 2 of the License, or
36  * (at your option) any later version.
37  *
38  * This program is distributed in the hope that it will be useful,
39  * but WITHOUT ANY WARRANTY; without even the implied warranty of
40  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
41  * GNU General Public License for more details.
42  *
43  * You should have received a copy of the GNU General Public License along
44  * with this program; if not, write to the Free Software Foundation, Inc.,
45  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
46  *
47  * **********
48  *
49  * This file is part of mbed TLS (https://tls.mbed.org)
50  */
51 #ifndef MBEDTLS_ECP_H
52 #define MBEDTLS_ECP_H
53 
54 #if !defined(MBEDTLS_CONFIG_FILE)
55 #include "config.h"
56 #else
57 #include MBEDTLS_CONFIG_FILE
58 #endif
59 
60 #include "bignum.h"
61 
62 /*
63  * ECP error codes
64  */
65 #define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80
66 #define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00
67 #define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80
68 #define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00
69 #define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80
70 #define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00
71 #define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80
72 #define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00
73 #define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80
75 #if !defined(MBEDTLS_ECP_ALT)
76 /*
77  * default mbed TLS elliptic curve arithmetic implementation
78  *
79  * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an
80  * alternative implementation for the whole module and it will replace this
81  * one.)
82  */
83 
84 #ifdef __cplusplus
85 extern "C" {
86 #endif
87 
97 typedef enum
98 {
113 
119 #define MBEDTLS_ECP_DP_MAX 12
120 
124 typedef struct
125 {
129  const char *name;
131 
141 typedef struct
142 {
146 }
148 
173 typedef struct
174 {
181  size_t pbits;
182  size_t nbits;
183  unsigned int h;
184  int (*modp)(mbedtls_mpi *);
185  int (*t_pre)(mbedtls_ecp_point *, void *);
186  int (*t_post)(mbedtls_ecp_point *, void *);
187  void *t_data;
189  size_t T_size;
190 }
192 
200 typedef struct
201 {
205 }
207 
216 #if !defined(MBEDTLS_ECP_MAX_BITS)
217 
220 #define MBEDTLS_ECP_MAX_BITS 521
221 #endif
222 
223 #define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
224 #define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
225 
226 #if !defined(MBEDTLS_ECP_WINDOW_SIZE)
227 /*
228  * Maximum "window" size used for point multiplication.
229  * Default: 6.
230  * Minimum value: 2. Maximum value: 7.
231  *
232  * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
233  * points used for point multiplication. This value is directly tied to EC
234  * peak memory usage, so decreasing it by one should roughly cut memory usage
235  * by two (if large curves are in use).
236  *
237  * Reduction in size may reduce speed, but larger curves are impacted first.
238  * Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
239  * w-size: 6 5 4 3 2
240  * 521 145 141 135 120 97
241  * 384 214 209 198 177 146
242  * 256 320 320 303 262 226
243 
244  * 224 475 475 453 398 342
245  * 192 640 640 633 587 476
246  */
247 #define MBEDTLS_ECP_WINDOW_SIZE 6
248 #endif /* MBEDTLS_ECP_WINDOW_SIZE */
249 
250 #if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
251 /*
252  * Trade memory for speed on fixed-point multiplication.
253  *
254  * This speeds up repeated multiplication of the generator (that is, the
255  * multiplication in ECDSA signatures, and half of the multiplications in
256  * ECDSA verification and ECDHE) by a factor roughly 3 to 4.
257  *
258  * The cost is increasing EC peak memory usage by a factor roughly 2.
259  *
260  * Change this value to 0 to reduce peak memory usage.
261  */
262 #define MBEDTLS_ECP_FIXED_POINT_OPTIM 1
263 #endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
264 
265 /* \} name SECTION: Module settings */
266 
267 /*
268  * Point formats, from RFC 4492's enum ECPointFormat
269  */
270 #define MBEDTLS_ECP_PF_UNCOMPRESSED 0
271 #define MBEDTLS_ECP_PF_COMPRESSED 1
273 /*
274  * Some other constants from RFC 4492
275  */
276 #define MBEDTLS_ECP_TLS_NAMED_CURVE 3
284 const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
285 
294 
303 
312 
321 
326 
331 
336 
341 
346 
351 
362 
373 
383 
392 
406  const mbedtls_ecp_point *Q );
407 
419  const char *x, const char *y );
420 
436  int format, size_t *olen,
437  unsigned char *buf, size_t buflen );
438 
458  const unsigned char *buf, size_t ilen );
459 
475  const unsigned char **buf, size_t len );
476 
492  int format, size_t *olen,
493  unsigned char *buf, size_t blen );
494 
509 
523 int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len );
524 
536 int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen,
537  unsigned char *buf, size_t blen );
538 
569  const mbedtls_mpi *m, const mbedtls_ecp_point *P,
570  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
571 
593  const mbedtls_mpi *m, const mbedtls_ecp_point *P,
594  const mbedtls_mpi *n, const mbedtls_ecp_point *Q );
595 
618 
632 int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d );
633 
646  mbedtls_mpi *d,
647  int (*f_rng)(void *, unsigned char *, size_t),
648  void *p_rng );
649 
668  const mbedtls_ecp_point *G,
670  int (*f_rng)(void *, unsigned char *, size_t),
671  void *p_rng );
672 
690  int (*f_rng)(void *, unsigned char *, size_t),
691  void *p_rng );
692 
705  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
706 
718 
719 #if defined(MBEDTLS_SELF_TEST)
720 
726 int mbedtls_ecp_self_test( int verbose );
727 
728 #endif /* MBEDTLS_SELF_TEST */
729 
730 #ifdef __cplusplus
731 }
732 #endif
733 
734 #else /* MBEDTLS_ECP_ALT */
735 #include "ecp_alt.h"
736 #endif /* MBEDTLS_ECP_ALT */
737 
738 #endif /* ecp.h */
uint16_t tls_id
Definition: ecp.h:127
#define G(r, i, a, b, c, d)
Definition: blake2b-ref.c:117
int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt)
Tell if a point is zero.
mbedtls_mpi N
Definition: ecp.h:180
#define R(b, x)
Definition: sha2.c:134
mbedtls_mpi Z
Definition: ecp.h:145
int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q)
Multiplication and addition of two points by integers: R = m * P + n * Q (Not thread-safe to use same...
int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv)
Check a public-private key pair.
int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, const unsigned char *buf, size_t ilen)
Import a point from unsigned binary data.
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
#define pt(x, y)
Definition: drawing.c:79
mbedtls_mpi Y
Definition: ecp.h:144
mbedtls_ecp_group grp
Definition: ecp.h:202
ECP key pair structure.
Definition: ecp.h:200
GLdouble n
Definition: glext.h:7729
int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt)
Set a point to zero.
GLint GLint GLint GLint GLint x
Definition: gl.h:1548
int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
Copy the contents of point Q into P.
const mbedtls_ecp_group_id * mbedtls_ecp_grp_id_list(void)
Get the list of supported curves in order of preferrence (grp_id only)
int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, const mbedtls_ecp_group *src)
Copy the contents of a group object.
unsigned short int uint16_t
Definition: acefiex.h:54
size_t nbits
Definition: ecp.h:182
int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate a keypair.
const GLfloat * m
Definition: glext.h:10848
GLint GLint GLsizei GLsizei GLsizei GLint GLenum format
Definition: gl.h:1546
void mbedtls_ecp_point_free(mbedtls_ecp_point *pt)
Free the components of a point.
int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, mbedtls_mpi *d, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate a private key.
void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key)
Initialize a key pair (as an invalid one)
#define verbose
Definition: rosglue.h:36
size_t pbits
Definition: ecp.h:181
mbedtls_mpi X
Definition: ecp.h:143
Multi-precision integer library.
int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate a keypair.
ECP group structure.
Definition: ecp.h:173
int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp, const mbedtls_mpi *d)
Check that an mbedtls_mpi is a valid private key for this curve.
mbedtls_ecp_group_id id
Definition: ecp.h:175
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id)
Get curve information from an internal group identifier.
int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen)
Write the TLS ECParameters record for a group.
void mbedtls_ecp_group_free(mbedtls_ecp_group *grp)
Free the components of an ECP group.
int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Multiplication by an integer: R = m * P (Not thread-safe to use same group in multiple threads)
int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt)
Check that a point is a valid public key on this curve.
mbedtls_mpi A
Definition: ecp.h:177
mbedtls_mpi P
Definition: ecp.h:176
void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key)
Free the components of a key pair.
#define d
Definition: ke_i.h:81
int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp, const unsigned char **buf, size_t len)
Set a group from a TLS ECParameters record.
mbedtls_ecp_point Q
Definition: ecp.h:204
void * t_data
Definition: ecp.h:187
void mbedtls_ecp_point_init(mbedtls_ecp_point *pt)
Initialize a point (as zero)
mbedtls_ecp_group_id
Definition: ecp.h:97
int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix, const char *x, const char *y)
Import a non-zero point from two ASCII strings.
int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen)
Export a point into unsigned binary data.
GLenum GLsizei len
Definition: glext.h:6722
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
Get curve information from a TLS NamedCurve value.
int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, const unsigned char **buf, size_t len)
Import a point from a TLS ECPoint record.
GLenum src
Definition: glext.h:6340
mbedtls_ecp_group_id grp_id
Definition: ecp.h:126
int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp, const mbedtls_ecp_point *G, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate a keypair with configurable base point.
#define P(row, col)
mbedtls_mpi d
Definition: ecp.h:203
unsigned int h
Definition: ecp.h:183
int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
Compare two points.
int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen)
Export a point as a TLS ECPoint record.
size_t T_size
Definition: ecp.h:189
mbedtls_ecp_point * T
Definition: ecp.h:188
mbedtls_ecp_point G
Definition: ecp.h:179
MPI structure.
Definition: bignum.h:207
GLenum GLenum dst
Definition: glext.h:6340
GLint GLint GLint GLint GLint GLint y
Definition: gl.h:1548
ECP point structure (jacobian coordinates)
Definition: ecp.h:141
Definition: name.c:38
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_name(const char *name)
Get curve information from a human-readable name.
const char * name
Definition: ecp.h:129
int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id)
Set a group using well-known domain parameters.
uint16_t bit_size
Definition: ecp.h:128
mbedtls_mpi B
Definition: ecp.h:178
Definition: path.c:41
void mbedtls_ecp_group_init(mbedtls_ecp_group *grp)
Initialize a group (to something meaningless)
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31