Mbed TLS v3.5.0
ecp.h
Go to the documentation of this file.
1 
17 /*
18  * Copyright The Mbed TLS Contributors
19  * SPDX-License-Identifier: Apache-2.0
20  *
21  * Licensed under the Apache License, Version 2.0 (the "License"); you may
22  * not use this file except in compliance with the License.
23  * You may obtain a copy of the License at
24  *
25  * http://www.apache.org/licenses/LICENSE-2.0
26  *
27  * Unless required by applicable law or agreed to in writing, software
28  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
29  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
30  * See the License for the specific language governing permissions and
31  * limitations under the License.
32  */
33 
34 #ifndef MBEDTLS_ECP_H
35 #define MBEDTLS_ECP_H
36 #include "mbedtls/private_access.h"
37 
38 #include "mbedtls/build_info.h"
39 
40 #include "mbedtls/bignum.h"
41 
42 /*
43  * ECP error codes
44  */
46 #define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80
48 #define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00
50 #define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80
52 #define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00
54 #define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80
56 #define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00
58 #define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80
60 #define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00
62 #define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00
63 
64 /* Flags indicating whether to include code that is specific to certain
65  * types of curves. These flags are for internal library use only. */
66 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
67  defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
68  defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
69  defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
70  defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
71  defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
72  defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
73  defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \
74  defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
75  defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
76  defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
77 #define MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED
78 #endif
79 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
80  defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
81 #define MBEDTLS_ECP_MONTGOMERY_ENABLED
82 #endif
83 
84 #ifdef __cplusplus
85 extern "C" {
86 #endif
87 
97 /* Note: when adding a new curve:
98  * - Add it at the end of this enum, otherwise you'll break the ABI by
99  * changing the numerical value for existing curves.
100  * - Increment MBEDTLS_ECP_DP_MAX below if needed.
101  * - Update the calculation of MBEDTLS_ECP_MAX_BITS below.
102  * - Add the corresponding MBEDTLS_ECP_DP_xxx_ENABLED macro definition to
103  * mbedtls_config.h.
104  * - List the curve as a dependency of MBEDTLS_ECP_C and
105  * MBEDTLS_ECDSA_C if supported in check_config.h.
106  * - Add the curve to the appropriate curve type macro
107  * MBEDTLS_ECP_yyy_ENABLED above.
108  * - Add the necessary definitions to ecp_curves.c.
109  * - Add the curve to the ecp_supported_curves array in ecp.c.
110  * - Add the curve to applicable profiles in x509_crt.c.
111  * - Add the curve to applicable presets in ssl_tls.c.
112  */
113 typedef enum {
129 
133 #define MBEDTLS_ECP_DP_MAX 14
134 
135 /*
136  * Curve types
137  */
138 typedef enum {
140  MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */
141  MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */
143 
151 typedef struct mbedtls_ecp_curve_info {
153  uint16_t tls_id;
154  uint16_t bit_size;
155  const char *name;
157 
169 typedef struct mbedtls_ecp_point {
173 }
175 
176 #if !defined(MBEDTLS_ECP_ALT)
177 /*
178  * default Mbed TLS elliptic curve arithmetic implementation
179  *
180  * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an
181  * alternative implementation for the whole module and it will replace this
182  * one.)
183  */
184 
244 typedef struct mbedtls_ecp_group {
256  size_t pbits;
257  size_t nbits;
260  /* End of public fields */
261 
262  unsigned int MBEDTLS_PRIVATE(h);
263  int(*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *);
265  int(*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *);
266  int(*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *);
267  void *MBEDTLS_PRIVATE(t_data);
269  size_t MBEDTLS_PRIVATE(T_size);
270 }
272 
281 #if !defined(MBEDTLS_ECP_WINDOW_SIZE)
282 /*
283  * Maximum "window" size used for point multiplication.
284  * Default: a point where higher memory usage yields diminishing performance
285  * returns.
286  * Minimum value: 2. Maximum value: 7.
287  *
288  * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
289  * points used for point multiplication. This value is directly tied to EC
290  * peak memory usage, so decreasing it by one should roughly cut memory usage
291  * by two (if large curves are in use).
292  *
293  * Reduction in size may reduce speed, but larger curves are impacted first.
294  * Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
295  * w-size: 6 5 4 3 2
296  * 521 145 141 135 120 97
297  * 384 214 209 198 177 146
298  * 256 320 320 303 262 226
299  * 224 475 475 453 398 342
300  * 192 640 640 633 587 476
301  */
302 #define MBEDTLS_ECP_WINDOW_SIZE 4
303 #endif /* MBEDTLS_ECP_WINDOW_SIZE */
304 
305 #if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
306 /*
307  * Trade code size for speed on fixed-point multiplication.
308  *
309  * This speeds up repeated multiplication of the generator (that is, the
310  * multiplication in ECDSA signatures, and half of the multiplications in
311  * ECDSA verification and ECDHE) by a factor roughly 3 to 4.
312  *
313  * For each n-bit Short Weierstrass curve that is enabled, this adds 4n bytes
314  * of code size if n < 384 and 8n otherwise.
315  *
316  * Change this value to 0 to reduce code size.
317  */
318 #define MBEDTLS_ECP_FIXED_POINT_OPTIM 1
319 #endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
320 
323 #else /* MBEDTLS_ECP_ALT */
324 #include "ecp_alt.h"
325 #endif /* MBEDTLS_ECP_ALT */
326 
330 #if !defined(MBEDTLS_ECP_LIGHT)
331 /* Dummy definition to help code that has optional ECP support and
332  * defines an MBEDTLS_ECP_MAX_BYTES-sized array unconditionally. */
333 #define MBEDTLS_ECP_MAX_BITS 1
334 /* Note: the curves must be listed in DECREASING size! */
335 #elif defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
336 #define MBEDTLS_ECP_MAX_BITS 521
337 #elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
338 #define MBEDTLS_ECP_MAX_BITS 512
339 #elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
340 #define MBEDTLS_ECP_MAX_BITS 448
341 #elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
342 #define MBEDTLS_ECP_MAX_BITS 384
343 #elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
344 #define MBEDTLS_ECP_MAX_BITS 384
345 #elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
346 #define MBEDTLS_ECP_MAX_BITS 256
347 #elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
348 #define MBEDTLS_ECP_MAX_BITS 256
349 #elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
350 #define MBEDTLS_ECP_MAX_BITS 256
351 #elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
352 #define MBEDTLS_ECP_MAX_BITS 255
353 #elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
354 #define MBEDTLS_ECP_MAX_BITS 225 // n is slightly above 2^224
355 #elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
356 #define MBEDTLS_ECP_MAX_BITS 224
357 #elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
358 #define MBEDTLS_ECP_MAX_BITS 192
359 #elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
360 #define MBEDTLS_ECP_MAX_BITS 192
361 #else /* !MBEDTLS_ECP_LIGHT */
362 #error "Missing definition of MBEDTLS_ECP_MAX_BITS"
363 #endif /* !MBEDTLS_ECP_LIGHT */
364 
365 #define MBEDTLS_ECP_MAX_BYTES ((MBEDTLS_ECP_MAX_BITS + 7) / 8)
366 #define MBEDTLS_ECP_MAX_PT_LEN (2 * MBEDTLS_ECP_MAX_BYTES + 1)
367 
368 #if defined(MBEDTLS_ECP_RESTARTABLE)
369 
375 typedef struct mbedtls_ecp_restart_mul mbedtls_ecp_restart_mul_ctx;
376 
382 typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx;
383 
387 typedef struct {
388  unsigned MBEDTLS_PRIVATE(ops_done);
389  unsigned MBEDTLS_PRIVATE(depth);
390  mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm);
391  mbedtls_ecp_restart_muladd_ctx *MBEDTLS_PRIVATE(ma);
393 
394 /*
395  * Operation counts for restartable functions
396  */
397 #define MBEDTLS_ECP_OPS_CHK 3
398 #define MBEDTLS_ECP_OPS_DBL 8
399 #define MBEDTLS_ECP_OPS_ADD 11
400 #define MBEDTLS_ECP_OPS_INV 120
413 int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp,
414  mbedtls_ecp_restart_ctx *rs_ctx,
415  unsigned ops);
416 
417 /* Utility macro for checking and updating ops budget */
418 #define MBEDTLS_ECP_BUDGET(ops) \
419  MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \
420  (unsigned) (ops)));
421 
422 #else /* MBEDTLS_ECP_RESTARTABLE */
423 
424 #define MBEDTLS_ECP_BUDGET(ops) /* no-op; for compatibility */
425 
426 /* We want to declare restartable versions of existing functions anyway */
428 
429 #endif /* MBEDTLS_ECP_RESTARTABLE */
430 
439 typedef struct mbedtls_ecp_keypair {
443 }
445 
450 #define MBEDTLS_ECP_PF_UNCOMPRESSED 0
461 #define MBEDTLS_ECP_PF_COMPRESSED 1
462 
463 /*
464  * Some other constants from RFC 4492
465  */
466 #define MBEDTLS_ECP_TLS_NAMED_CURVE 3
468 #if defined(MBEDTLS_ECP_RESTARTABLE)
532 void mbedtls_ecp_set_max_ops(unsigned max_ops);
533 
540 int mbedtls_ecp_restart_is_enabled(void);
541 #endif /* MBEDTLS_ECP_RESTARTABLE */
542 
543 /*
544  * Get the type of a curve
545  */
547 
561 
577 
588 
599 
610 
617 
628 
635 
642 
651 
660 
661 #if defined(MBEDTLS_ECP_RESTARTABLE)
668 void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx);
669 
677 void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx);
678 #endif /* MBEDTLS_ECP_RESTARTABLE */
679 
692 
705  const mbedtls_ecp_group *src);
706 
717 
728 
742  const mbedtls_ecp_point *Q);
743 
757  const char *x, const char *y);
758 
785  const mbedtls_ecp_point *P,
786  int format, size_t *olen,
787  unsigned char *buf, size_t buflen);
788 
816  const unsigned char *buf, size_t ilen);
817 
837  mbedtls_ecp_point *pt,
838  const unsigned char **buf, size_t len);
839 
863  const mbedtls_ecp_point *pt,
864  int format, size_t *olen,
865  unsigned char *buf, size_t blen);
866 
885 
904  const unsigned char **buf, size_t len);
905 
925  const unsigned char **buf,
926  size_t len);
946  size_t *olen,
947  unsigned char *buf, size_t blen);
948 
979  const mbedtls_mpi *m, const mbedtls_ecp_point *P,
980  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
981 
1013  const mbedtls_mpi *m, const mbedtls_ecp_point *P,
1014  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
1015  mbedtls_ecp_restart_ctx *rs_ctx);
1016 
1017 #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
1034 {
1035  return grp->A.MBEDTLS_PRIVATE(p) == NULL;
1036 }
1037 
1074  const mbedtls_mpi *m, const mbedtls_ecp_point *P,
1075  const mbedtls_mpi *n, const mbedtls_ecp_point *Q);
1076 
1119  const mbedtls_mpi *m, const mbedtls_ecp_point *P,
1120  const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
1121  mbedtls_ecp_restart_ctx *rs_ctx);
1122 #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
1123 
1152  const mbedtls_ecp_point *pt);
1153 
1174  const mbedtls_mpi *d);
1175 
1192  mbedtls_mpi *d,
1193  int (*f_rng)(void *, unsigned char *, size_t),
1194  void *p_rng);
1195 
1224  const mbedtls_ecp_point *G,
1226  int (*f_rng)(void *, unsigned char *, size_t),
1227  void *p_rng);
1228 
1253  mbedtls_ecp_point *Q,
1254  int (*f_rng)(void *, unsigned char *, size_t),
1255  void *p_rng);
1256 
1271  int (*f_rng)(void *, unsigned char *, size_t),
1272  void *p_rng);
1273 
1293  const unsigned char *buf, size_t buflen);
1294 
1312  unsigned char *buf, size_t buflen);
1313 
1335  const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
1336  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
1337 
1357 
1358 #if defined(MBEDTLS_SELF_TEST)
1359 
1366 int mbedtls_ecp_self_test(int verbose);
1367 
1368 #endif /* MBEDTLS_SELF_TEST */
1369 
1370 #ifdef __cplusplus
1371 }
1372 #endif
1373 
1374 #endif /* ecp.h */
Multi-precision integer library.
void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key)
This function frees the components of a key pair.
int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, const unsigned char *buf, size_t ilen)
This function imports a point from unsigned binary data.
int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q)
This function performs multiplication and addition of two points by integers: R = m * P + n * Q.
int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates an ECP key.
int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt)
This function checks if a point is the point at infinity.
int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key, unsigned char *buf, size_t buflen)
This function exports an elliptic curve private key.
int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen)
This function exports an elliptic curve as a TLS ECParameters record as defined in RFC 4492,...
int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, const mbedtls_ecp_group *src)
This function copies the contents of group src into group dst.
mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp)
void mbedtls_ecp_restart_ctx
Definition: ecp.h:427
int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q)
This function exports generic key-pair parameters.
int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function performs a scalar multiplication of a point by an integer: R = m * P.
mbedtls_ecp_curve_type
Definition: ecp.h:138
@ MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS
Definition: ecp.h:140
@ MBEDTLS_ECP_TYPE_NONE
Definition: ecp.h:139
@ MBEDTLS_ECP_TYPE_MONTGOMERY
Definition: ecp.h:141
void mbedtls_ecp_group_init(mbedtls_ecp_group *grp)
This function initializes an ECP group context without loading any domain parameters.
int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp, const mbedtls_ecp_point *G, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates a keypair with a configurable base point.
struct mbedtls_ecp_group mbedtls_ecp_group
The ECP group structure.
struct mbedtls_ecp_keypair mbedtls_ecp_keypair
The ECP key-pair structure.
int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx)
This function performs multiplication of a point by an integer: R = m * P in a restartable way.
int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
This function compares two points.
int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp, const mbedtls_mpi *d)
This function checks that an mbedtls_mpi is a valid private key for this curve.
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id)
This function retrieves curve information from an internal group identifier.
int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix, const char *x, const char *y)
This function imports a non-zero point from two ASCII strings.
int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id)
This function sets up an ECP group context from a standardized set of domain parameters.
void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key)
This function initializes a key pair as an invalid one.
int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp, const unsigned char **buf, size_t len)
This function extracts an elliptic curve group ID from a TLS ECParameters record as defined in RFC 44...
const mbedtls_ecp_group_id * mbedtls_ecp_grp_id_list(void)
This function retrieves the list of internal group identifiers of all supported curves in the order o...
void mbedtls_ecp_point_free(mbedtls_ecp_point *pt)
This function frees the components of a point.
int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, const unsigned char **buf, size_t len)
This function imports a point from a TLS ECPoint record.
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_name(const char *name)
This function retrieves curve information from a human-readable name.
int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, const unsigned char *buf, size_t buflen)
This function reads an elliptic curve private key.
void mbedtls_ecp_group_free(mbedtls_ecp_group *grp)
This function frees the components of an ECP group.
int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
This function copies the contents of point Q into point P.
int mbedtls_ecp_muladd_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q, mbedtls_ecp_restart_ctx *rs_ctx)
This function performs multiplication and addition of two points by integers: R = m * P + n * Q in a ...
int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, mbedtls_mpi *d, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates a private key.
int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates an ECP keypair.
int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function checks that the keypair objects pub and prv have the same group and the same public poi...
int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen)
This function exports a point as a TLS ECPoint record defined in RFC 4492, Section 5....
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
This function retrieves curve information from a TLS NamedCurve value.
int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt)
This function sets a point to the point at infinity.
struct mbedtls_ecp_curve_info mbedtls_ecp_curve_info
struct mbedtls_ecp_point mbedtls_ecp_point
The ECP point structure, in Jacobian coordinates.
int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp, const unsigned char **buf, size_t len)
This function sets up an ECP group context from a TLS ECParameters record as defined in RFC 4492,...
void mbedtls_ecp_point_init(mbedtls_ecp_point *pt)
This function initializes a point as zero.
int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt)
This function checks that a point is a valid public key on this curve.
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_list(void)
This function retrieves the information defined in mbedtls_ecp_curve_info() for all supported curves.
mbedtls_ecp_group_id
Definition: ecp.h:113
@ MBEDTLS_ECP_DP_SECP192K1
Definition: ecp.h:124
@ MBEDTLS_ECP_DP_SECP384R1
Definition: ecp.h:118
@ MBEDTLS_ECP_DP_CURVE448
Definition: ecp.h:127
@ MBEDTLS_ECP_DP_CURVE25519
Definition: ecp.h:123
@ MBEDTLS_ECP_DP_NONE
Definition: ecp.h:114
@ MBEDTLS_ECP_DP_SECP256K1
Definition: ecp.h:126
@ MBEDTLS_ECP_DP_BP512R1
Definition: ecp.h:122
@ MBEDTLS_ECP_DP_SECP224R1
Definition: ecp.h:116
@ MBEDTLS_ECP_DP_SECP521R1
Definition: ecp.h:119
@ MBEDTLS_ECP_DP_BP384R1
Definition: ecp.h:121
@ MBEDTLS_ECP_DP_SECP224K1
Definition: ecp.h:125
@ MBEDTLS_ECP_DP_BP256R1
Definition: ecp.h:120
@ MBEDTLS_ECP_DP_SECP192R1
Definition: ecp.h:115
@ MBEDTLS_ECP_DP_SECP256R1
Definition: ecp.h:117
int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen)
This function exports a point into unsigned binary data.
int mbedtls_ecp_self_test(int verbose)
The ECP checkup routine.
static int mbedtls_ecp_group_a_is_minus_3(const mbedtls_ecp_group *grp)
This function checks if domain parameter A of the curve is -3.
Definition: ecp.h:1033
Build-time configuration info.
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
const char * name
Definition: ecp.h:155
mbedtls_ecp_group_id grp_id
Definition: ecp.h:152
uint16_t bit_size
Definition: ecp.h:154
uint16_t tls_id
Definition: ecp.h:153
The ECP group structure.
Definition: ecp.h:244
size_t pbits
Definition: ecp.h:256
mbedtls_ecp_group_id id
Definition: ecp.h:245
mbedtls_mpi N
Definition: ecp.h:255
mbedtls_ecp_point G
Definition: ecp.h:254
mbedtls_mpi B
Definition: ecp.h:252
mbedtls_mpi P
Definition: ecp.h:246
size_t nbits
Definition: ecp.h:257
mbedtls_mpi A
Definition: ecp.h:247
The ECP key-pair structure.
Definition: ecp.h:439
The ECP point structure, in Jacobian coordinates.
Definition: ecp.h:169
MPI structure.
Definition: bignum.h:219