Mbed TLS v3.6.0
Loading...
Searching...
No Matches
ecp.h
Go to the documentation of this file.
1
17/*
18 * Copyright The Mbed TLS Contributors
19 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
20 */
21
22#ifndef MBEDTLS_ECP_H
23#define MBEDTLS_ECP_H
25
26#include "mbedtls/build_info.h"
28
29#include "mbedtls/bignum.h"
30
31/*
32 * ECP error codes
33 */
35#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80
37#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00
39#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80
41#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00
43#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80
45#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00
47#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80
49#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00
51#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00
52
53/* Flags indicating whether to include code that is specific to certain
54 * types of curves. These flags are for internal library use only. */
55#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
56 defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
57 defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
58 defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
59 defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
60 defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
61 defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
62 defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \
63 defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
64 defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
65 defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
66#define MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED
67#endif
68#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \
69 defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
70#define MBEDTLS_ECP_MONTGOMERY_ENABLED
71#endif
72
73#ifdef __cplusplus
74extern "C" {
75#endif
76
86/* Note: when adding a new curve:
87 * - Add it at the end of this enum, otherwise you'll break the ABI by
88 * changing the numerical value for existing curves.
89 * - Increment MBEDTLS_ECP_DP_MAX below if needed.
90 * - Update the calculation of MBEDTLS_ECP_MAX_BITS below.
91 * - Add the corresponding MBEDTLS_ECP_DP_xxx_ENABLED macro definition to
92 * mbedtls_config.h.
93 * - List the curve as a dependency of MBEDTLS_ECP_C and
94 * MBEDTLS_ECDSA_C if supported in check_config.h.
95 * - Add the curve to the appropriate curve type macro
96 * MBEDTLS_ECP_yyy_ENABLED above.
97 * - Add the necessary definitions to ecp_curves.c.
98 * - Add the curve to the ecp_supported_curves array in ecp.c.
99 * - Add the curve to applicable profiles in x509_crt.c.
100 * - Add the curve to applicable presets in ssl_tls.c.
101 */
102typedef enum {
118
122#define MBEDTLS_ECP_DP_MAX 14
123
124/*
125 * Curve types
126 */
127typedef enum {
129 MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */
130 MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */
132
142 uint16_t tls_id;
143 uint16_t bit_size;
144 const char *name;
146
158typedef struct mbedtls_ecp_point {
162}
164
165#if !defined(MBEDTLS_ECP_ALT)
166/*
167 * default Mbed TLS elliptic curve arithmetic implementation
168 *
169 * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an
170 * alternative implementation for the whole module and it will replace this
171 * one.)
172 */
173
233typedef struct mbedtls_ecp_group {
245 size_t pbits;
246 size_t nbits;
249 /* End of public fields */
250
251 unsigned int MBEDTLS_PRIVATE(h);
254 int(*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *);
255 int(*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *);
256 void *MBEDTLS_PRIVATE(t_data);
258 size_t MBEDTLS_PRIVATE(T_size);
259}
261
270#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
271/*
272 * Maximum "window" size used for point multiplication.
273 * Default: a point where higher memory usage yields diminishing performance
274 * returns.
275 * Minimum value: 2. Maximum value: 7.
276 *
277 * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
278 * points used for point multiplication. This value is directly tied to EC
279 * peak memory usage, so decreasing it by one should roughly cut memory usage
280 * by two (if large curves are in use).
281 *
282 * Reduction in size may reduce speed, but larger curves are impacted first.
283 * Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
284 * w-size: 6 5 4 3 2
285 * 521 145 141 135 120 97
286 * 384 214 209 198 177 146
287 * 256 320 320 303 262 226
288 * 224 475 475 453 398 342
289 * 192 640 640 633 587 476
290 */
291#define MBEDTLS_ECP_WINDOW_SIZE 4
292#endif /* MBEDTLS_ECP_WINDOW_SIZE */
293
294#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
295/*
296 * Trade code size for speed on fixed-point multiplication.
297 *
298 * This speeds up repeated multiplication of the generator (that is, the
299 * multiplication in ECDSA signatures, and half of the multiplications in
300 * ECDSA verification and ECDHE) by a factor roughly 3 to 4.
301 *
302 * For each n-bit Short Weierstrass curve that is enabled, this adds 4n bytes
303 * of code size if n < 384 and 8n otherwise.
304 *
305 * Change this value to 0 to reduce code size.
306 */
307#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1
308#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
309
312#else /* MBEDTLS_ECP_ALT */
313#include "ecp_alt.h"
314#endif /* MBEDTLS_ECP_ALT */
315
319#if !defined(MBEDTLS_ECP_LIGHT)
320/* Dummy definition to help code that has optional ECP support and
321 * defines an MBEDTLS_ECP_MAX_BYTES-sized array unconditionally. */
322#define MBEDTLS_ECP_MAX_BITS 1
323/* Note: the curves must be listed in DECREASING size! */
324#elif defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
325#define MBEDTLS_ECP_MAX_BITS 521
326#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
327#define MBEDTLS_ECP_MAX_BITS 512
328#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
329#define MBEDTLS_ECP_MAX_BITS 448
330#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
331#define MBEDTLS_ECP_MAX_BITS 384
332#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
333#define MBEDTLS_ECP_MAX_BITS 384
334#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
335#define MBEDTLS_ECP_MAX_BITS 256
336#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
337#define MBEDTLS_ECP_MAX_BITS 256
338#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
339#define MBEDTLS_ECP_MAX_BITS 256
340#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
341#define MBEDTLS_ECP_MAX_BITS 255
342#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
343#define MBEDTLS_ECP_MAX_BITS 225 // n is slightly above 2^224
344#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
345#define MBEDTLS_ECP_MAX_BITS 224
346#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
347#define MBEDTLS_ECP_MAX_BITS 192
348#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
349#define MBEDTLS_ECP_MAX_BITS 192
350#else /* !MBEDTLS_ECP_LIGHT */
351#error "Missing definition of MBEDTLS_ECP_MAX_BITS"
352#endif /* !MBEDTLS_ECP_LIGHT */
353
354#define MBEDTLS_ECP_MAX_BYTES ((MBEDTLS_ECP_MAX_BITS + 7) / 8)
355#define MBEDTLS_ECP_MAX_PT_LEN (2 * MBEDTLS_ECP_MAX_BYTES + 1)
356
357#if defined(MBEDTLS_ECP_RESTARTABLE)
358
364typedef struct mbedtls_ecp_restart_mul mbedtls_ecp_restart_mul_ctx;
365
371typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx;
372
376typedef struct {
377 unsigned MBEDTLS_PRIVATE(ops_done);
378 unsigned MBEDTLS_PRIVATE(depth);
379 mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm);
380 mbedtls_ecp_restart_muladd_ctx *MBEDTLS_PRIVATE(ma);
382
383/*
384 * Operation counts for restartable functions
385 */
386#define MBEDTLS_ECP_OPS_CHK 3
387#define MBEDTLS_ECP_OPS_DBL 8
388#define MBEDTLS_ECP_OPS_ADD 11
389#define MBEDTLS_ECP_OPS_INV 120
402int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp,
404 unsigned ops);
405
406/* Utility macro for checking and updating ops budget */
407#define MBEDTLS_ECP_BUDGET(ops) \
408 MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \
409 (unsigned) (ops)));
410
411#else /* MBEDTLS_ECP_RESTARTABLE */
412
413#define MBEDTLS_ECP_BUDGET(ops) /* no-op; for compatibility */
414
415/* We want to declare restartable versions of existing functions anyway */
417
418#endif /* MBEDTLS_ECP_RESTARTABLE */
419
428typedef struct mbedtls_ecp_keypair {
432}
434
439#define MBEDTLS_ECP_PF_UNCOMPRESSED 0
450#define MBEDTLS_ECP_PF_COMPRESSED 1
451
452/*
453 * Some other constants from RFC 4492
454 */
455#define MBEDTLS_ECP_TLS_NAMED_CURVE 3
457#if defined(MBEDTLS_ECP_RESTARTABLE)
521void mbedtls_ecp_set_max_ops(unsigned max_ops);
522
529int mbedtls_ecp_restart_is_enabled(void);
530#endif /* MBEDTLS_ECP_RESTARTABLE */
531
532/*
533 * Get the type of a curve
534 */
536
550
566
577
588
599
606
617
624
631
640
649
650#if defined(MBEDTLS_ECP_RESTARTABLE)
657void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx);
658
666void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx);
667#endif /* MBEDTLS_ECP_RESTARTABLE */
668
681
694 const mbedtls_ecp_group *src);
695
706
717
731 const mbedtls_ecp_point *Q);
732
746 const char *x, const char *y);
747
774 const mbedtls_ecp_point *P,
775 int format, size_t *olen,
776 unsigned char *buf, size_t buflen);
777
805 const unsigned char *buf, size_t ilen);
806
827 const unsigned char **buf, size_t len);
828
852 const mbedtls_ecp_point *pt,
853 int format, size_t *olen,
854 unsigned char *buf, size_t blen);
855
874
893 const unsigned char **buf, size_t len);
894
914 const unsigned char **buf,
915 size_t len);
935 size_t *olen,
936 unsigned char *buf, size_t blen);
937
968 const mbedtls_mpi *m, const mbedtls_ecp_point *P,
969 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
970
1002 const mbedtls_mpi *m, const mbedtls_ecp_point *P,
1003 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
1004 mbedtls_ecp_restart_ctx *rs_ctx);
1005
1006#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
1023{
1024 return grp->A.MBEDTLS_PRIVATE(p) == NULL;
1025}
1026
1063 const mbedtls_mpi *m, const mbedtls_ecp_point *P,
1064 const mbedtls_mpi *n, const mbedtls_ecp_point *Q);
1065
1108 const mbedtls_mpi *m, const mbedtls_ecp_point *P,
1109 const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
1110 mbedtls_ecp_restart_ctx *rs_ctx);
1111#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
1112
1141 const mbedtls_ecp_point *pt);
1142
1163 const mbedtls_mpi *d);
1164
1181 mbedtls_mpi *d,
1182 int (*f_rng)(void *, unsigned char *, size_t),
1183 void *p_rng);
1184
1213 const mbedtls_ecp_point *G,
1215 int (*f_rng)(void *, unsigned char *, size_t),
1216 void *p_rng);
1217
1243 int (*f_rng)(void *, unsigned char *, size_t),
1244 void *p_rng);
1245
1260 int (*f_rng)(void *, unsigned char *, size_t),
1261 void *p_rng);
1262
1293 const mbedtls_ecp_point *Q);
1294
1329 const unsigned char *buf, size_t buflen);
1330
1331#if !defined(MBEDTLS_DEPRECATED_REMOVED)
1377 unsigned char *buf, size_t buflen);
1378#endif /* MBEDTLS_DEPRECATED_REMOVED */
1379
1400 size_t *olen, unsigned char *buf, size_t buflen);
1401
1429 int format, size_t *olen,
1430 unsigned char *buf, size_t buflen);
1431
1453 const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
1454 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
1455
1471 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
1472
1483 const mbedtls_ecp_keypair *key);
1484
1511
1512#if defined(MBEDTLS_SELF_TEST)
1513
1520int mbedtls_ecp_self_test(int verbose);
1521
1522#endif /* MBEDTLS_SELF_TEST */
1523
1524#ifdef __cplusplus
1525}
1526#endif
1527
1528#endif /* ecp.h */
Multi-precision integer library.
void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key)
This function frees the components of a key pair.
int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, const unsigned char *buf, size_t ilen)
This function imports a point from unsigned binary data.
int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q)
This function performs multiplication and addition of two points by integers: R = m * P + n * Q.
int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates an ECP key.
int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt)
This function checks if a point is the point at infinity.
int mbedtls_ecp_write_public_key(const mbedtls_ecp_keypair *key, int format, size_t *olen, unsigned char *buf, size_t buflen)
This function exports an elliptic curve public key.
mbedtls_ecp_group_id mbedtls_ecp_keypair_get_group_id(const mbedtls_ecp_keypair *key)
Query the group that a key pair belongs to.
int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen)
This function exports an elliptic curve as a TLS ECParameters record as defined in RFC 4492,...
int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, const mbedtls_ecp_group *src)
This function copies the contents of group src into group dst.
mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp)
void mbedtls_ecp_restart_ctx
Definition ecp.h:416
int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q)
This function exports generic key-pair parameters.
int mbedtls_ecp_keypair_calc_public(mbedtls_ecp_keypair *key, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Calculate the public key from a private key in a key pair.
int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function performs a scalar multiplication of a point by an integer: R = m * P.
mbedtls_ecp_curve_type
Definition ecp.h:127
@ MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS
Definition ecp.h:129
@ MBEDTLS_ECP_TYPE_NONE
Definition ecp.h:128
@ MBEDTLS_ECP_TYPE_MONTGOMERY
Definition ecp.h:130
const mbedtls_ecp_group_id * mbedtls_ecp_grp_id_list(void)
This function retrieves the list of internal group identifiers of all supported curves in the order o...
void mbedtls_ecp_group_init(mbedtls_ecp_group *grp)
This function initializes an ECP group context without loading any domain parameters.
int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp, const mbedtls_ecp_point *G, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates a keypair with a configurable base point.
struct mbedtls_ecp_group mbedtls_ecp_group
The ECP group structure.
int MBEDTLS_DEPRECATED mbedtls_ecp_write_key(mbedtls_ecp_keypair *key, unsigned char *buf, size_t buflen)
This function exports an elliptic curve private key.
int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_ecp_restart_ctx *rs_ctx)
This function performs multiplication of a point by an integer: R = m * P in a restartable way.
int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
This function compares two points.
int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp, const mbedtls_mpi *d)
This function checks that an mbedtls_mpi is a valid private key for this curve.
int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix, const char *x, const char *y)
This function imports a non-zero point from two ASCII strings.
int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id)
This function sets up an ECP group context from a standardized set of domain parameters.
void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key)
This function initializes a key pair as an invalid one.
int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp, const unsigned char **buf, size_t len)
This function extracts an elliptic curve group ID from a TLS ECParameters record as defined in RFC 44...
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_name(const char *name)
This function retrieves curve information from a human-readable name.
void mbedtls_ecp_point_free(mbedtls_ecp_point *pt)
This function frees the components of a point.
int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, const unsigned char **buf, size_t len)
This function imports a point from a TLS ECPoint record.
int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, const unsigned char *buf, size_t buflen)
This function reads an elliptic curve private key.
void mbedtls_ecp_group_free(mbedtls_ecp_group *grp)
This function frees the components of an ECP group.
int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
This function copies the contents of point Q into point P.
int mbedtls_ecp_muladd_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q, mbedtls_ecp_restart_ctx *rs_ctx)
This function performs multiplication and addition of two points by integers: R = m * P + n * Q in a ...
int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, mbedtls_mpi *d, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates a private key.
int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates an ECP keypair.
int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function checks that the keypair objects pub and prv have the same group and the same public poi...
int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen)
This function exports a point as a TLS ECPoint record defined in RFC 4492, Section 5....
int mbedtls_ecp_write_key_ext(const mbedtls_ecp_keypair *key, size_t *olen, unsigned char *buf, size_t buflen)
This function exports an elliptic curve private key.
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id)
This function retrieves curve information from an internal group identifier.
int mbedtls_ecp_set_public_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, const mbedtls_ecp_point *Q)
Set the public key in a key pair object.
int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt)
This function sets a point to the point at infinity.
int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp, const unsigned char **buf, size_t len)
This function sets up an ECP group context from a TLS ECParameters record as defined in RFC 4492,...
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_list(void)
This function retrieves the information defined in mbedtls_ecp_curve_info() for all supported curves.
void mbedtls_ecp_point_init(mbedtls_ecp_point *pt)
This function initializes a point as zero.
int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt)
This function checks that a point is a valid public key on this curve.
mbedtls_ecp_group_id
Definition ecp.h:102
@ MBEDTLS_ECP_DP_SECP192K1
Definition ecp.h:113
@ MBEDTLS_ECP_DP_SECP384R1
Definition ecp.h:107
@ MBEDTLS_ECP_DP_CURVE448
Definition ecp.h:116
@ MBEDTLS_ECP_DP_CURVE25519
Definition ecp.h:112
@ MBEDTLS_ECP_DP_NONE
Definition ecp.h:103
@ MBEDTLS_ECP_DP_SECP256K1
Definition ecp.h:115
@ MBEDTLS_ECP_DP_BP512R1
Definition ecp.h:111
@ MBEDTLS_ECP_DP_SECP224R1
Definition ecp.h:105
@ MBEDTLS_ECP_DP_SECP521R1
Definition ecp.h:108
@ MBEDTLS_ECP_DP_BP384R1
Definition ecp.h:110
@ MBEDTLS_ECP_DP_SECP224K1
Definition ecp.h:114
@ MBEDTLS_ECP_DP_BP256R1
Definition ecp.h:109
@ MBEDTLS_ECP_DP_SECP192R1
Definition ecp.h:104
@ MBEDTLS_ECP_DP_SECP256R1
Definition ecp.h:106
int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen)
This function exports a point into unsigned binary data.
const mbedtls_ecp_curve_info * mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id)
This function retrieves curve information from a TLS NamedCurve value.
int mbedtls_ecp_self_test(int verbose)
The ECP checkup routine.
static int mbedtls_ecp_group_a_is_minus_3(const mbedtls_ecp_group *grp)
This function checks if domain parameter A of the curve is -3.
Definition ecp.h:1022
Build-time configuration info.
Common and shared functions used by multiple modules in the Mbed TLS library.
#define MBEDTLS_DEPRECATED
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
const char * name
Definition ecp.h:144
mbedtls_ecp_group_id grp_id
Definition ecp.h:141
uint16_t bit_size
Definition ecp.h:143
uint16_t tls_id
Definition ecp.h:142
The ECP group structure.
Definition ecp.h:233
size_t pbits
Definition ecp.h:245
mbedtls_ecp_group_id id
Definition ecp.h:234
mbedtls_mpi N
Definition ecp.h:244
mbedtls_ecp_point G
Definition ecp.h:243
mbedtls_mpi B
Definition ecp.h:241
mbedtls_mpi P
Definition ecp.h:235
size_t nbits
Definition ecp.h:246
mbedtls_mpi A
Definition ecp.h:236
The ECP key-pair structure.
Definition ecp.h:428
The ECP point structure, in Jacobian coordinates.
Definition ecp.h:158
MPI structure.
Definition bignum.h:207